Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Trivy scan detects multiple misconfigurations related to Dockerfile #349

Open
aayani opened this issue Mar 6, 2024 · 3 comments
Open

Trivy scan detects multiple misconfigurations related to Dockerfile #349

aayani opened this issue Mar 6, 2024 · 3 comments

Comments

@aayani
Copy link

aayani commented Mar 6, 2024

trivy
@helloKaiDing
Copy link

helloKaiDing commented Mar 6, 2024 via email

@aayani
Copy link
Author

aayani commented Mar 6, 2024

您的来件已收到!

where do you mean?

@toor1245
Copy link
Contributor

toor1245 commented Mar 6, 2024

@aayani, If I'm not mistaken, these files are not intended for the end user, so possible option to resolve this issue is ignore these files https://aquasecurity.github.io/trivy/v0.49/docs/configuration/skipping/

Also, in the screenshot I see that these files are used by https://github.com/mscdex/cpu-features library in node_modules, so maybe it can be ignored using npmignore, https://www.npmjs.com/package/npmignore

@Mizux, correct me if I'm wrong.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@helloKaiDing @aayani @toor1245