mirror of
https://github.com/gogs/gogs.git
synced 2025-12-12 20:35:47 +01:00
chore: update Trivy scan config (#7934)
This commit is contained in:
Joe Chen
GitHub
1
.github/workflows/docker.yml
vendored
1
.github/workflows/docker.yml
vendored
@@ -5,6 +5,7 @@ on:
|
|||||||
- main
|
- main
|
||||||
pull_request:
|
pull_request:
|
||||||
paths:
|
paths:
|
||||||
|
- '.trivy.yaml'
|
||||||
- 'Dockerfile'
|
- 'Dockerfile'
|
||||||
- 'docker/**'
|
- 'docker/**'
|
||||||
- '.github/workflows/docker.yml'
|
- '.github/workflows/docker.yml'
|
||||||
|
|||||||
@@ -1,7 +1,7 @@
|
|||||||
scan:
|
scan:
|
||||||
skip-files:
|
skip-files:
|
||||||
# CVE patching of the following things is far behind and out of our control.
|
- "usr/sbin/gosu" # CVE patching is far behind and out of our control.
|
||||||
- "usr/sbin/gosu"
|
- "app/gogs/gogs" # False positives on main builds
|
||||||
|
|
||||||
severity:
|
severity:
|
||||||
- CRITICAL
|
- CRITICAL
|
||||||
|
|||||||
Reference in New Issue
Block a user