Skip to content

Commit 6b27855

Browse files
appleboyappleboy
committed
ci: broaden Trivy scan to cover MEDIUM severity vulnerabilities
- Expand Trivy scan to include MEDIUM severity vulnerabilities in both Docker and source code workflows Signed-off-by: appleboy <[email protected]>
1 parent 02da747 commit 6b27855

File tree

2 files changed

+2
-2
lines changed

2 files changed

+2
-2
lines changed

.github/workflows/docker.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -80,7 +80,7 @@ jobs:
8080
ignore-unfixed: true
8181
format: "sarif"
8282
output: "trivy-docker-results.sarif"
83-
severity: "CRITICAL,HIGH"
83+
severity: "CRITICAL,HIGH,MEDIUM"
8484

8585
- name: Upload Trivy scan results to GitHub Security tab
8686
uses: github/codeql-action/upload-sarif@v3

.github/workflows/security.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -34,7 +34,7 @@ jobs:
3434
ignore-unfixed: true
3535
format: "sarif"
3636
output: "trivy-source-results.sarif"
37-
severity: "CRITICAL,HIGH"
37+
severity: "CRITICAL,HIGH,MEDIUM"
3838

3939
- name: Upload Trivy scan results to GitHub Security tab
4040
uses: github/codeql-action/upload-sarif@v3

0 commit comments

Comments
 (0)