Specify the paths of the file or packages that has vulnerabilities #16017
Assignees
Labels
Comments
|
This issue is being marked stale due to a period of inactivity. If this issue is still relevant, please comment or remove the stale label. Otherwise, this issue will close in 30 days. |
This was referenced Aug 3, 2023
|
Related issues in trivy-adapter: aquasecurity/harbor-scanner-trivy#257, aquasecurity/harbor-scanner-trivy#357 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Is your feature request related to a problem? Please describe.
Feature request
Describe the solution you'd like
After a vuln scanning by Trivy or Anchore, it has a report.
The report shows the vulnerabilities, but it does not specify the exact path/application programs or OS package has vulnerabilities.
Take NodeJS as an example, some packages are from OS and some are from the application (npm). It is good if Harbor could display more info about it. So that we could find out where to fix it.
The text was updated successfully, but these errors were encountered: