The "Results" section is not included in output JSON for langpkg scans if no vulnerabilities are found #6080
IntegralProgrammer
started this conversation in
Ideas
Replies: 1 comment 1 reply
-
See #6081 for a fix. |
Beta Was this translation helpful? Give feedback.
1 reply
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
Description
When running
trivy fs ~/project --format json
, the"Results"
section is missing if no vulnerabilities are detected.This is inconsistent from the behavior of
trivy image alpine:3.19 --format json
which always includes the"Results"
section even if no vulnerabilities are found.Desired Behavior
Running
trivy fs ~/TESTYARN/ --format json
should show something like:Actual Behavior
Instead running
trivy fs ~/TESTYARN/ --format json
shows:This behavior is different when scanning container images. Running
trivy image alpine:3.19 --format json
returned the following:Note that the
"Results"
section is still present even though no vulnerabilities are detected.Reproduction Steps
Target
Filesystem
Scanner
Vulnerability
Output Format
JSON
Mode
Standalone
Debug Output
Operating System
Debian 11
Version
Checklist
trivy image --reset
Beta Was this translation helpful? Give feedback.
All reactions