Skip to content

chore: migrate from Trivy to Grype for vulnerability scanning#4288

Merged
JAORMX merged 1 commit intomainfrom
chore/migrate-trivy-to-grype
Mar 23, 2026
Merged

chore: migrate from Trivy to Grype for vulnerability scanning#4288
JAORMX merged 1 commit intomainfrom
chore/migrate-trivy-to-grype

Conversation

@JAORMX
Copy link
Collaborator

@JAORMX JAORMX commented Mar 20, 2026

Summary

  • Replace aquasecurity/trivy-action with anchore/scan-action (Grype) v7.3.2 for vulnerability scanning
  • Remove config scanning job (not supported by Grype)
  • Preserve govulncheck job unchanged

Test plan

  • Verify Grype scan runs successfully in CI
  • Check that SARIF results appear in Security tab

🤖 Generated with Claude Code

@github-actions github-actions bot added the size/XS Extra small PR: < 100 lines changed label Mar 20, 2026
@github-advanced-security
Copy link
Contributor

github-advanced-security bot commented Mar 20, 2026

You are seeing this message because GitHub Code Scanning has recently been set up for this repository, or this pull request contains the workflow file for the Code Scanning tool.

What Enabling Code Scanning Means:

  • The 'Security' tab will display more code scanning analysis results (e.g., for the default branch).
  • Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results.
  • You will be able to see the analysis results for the pull request's branch on this overview once the scans have completed and the checks have passed.

For more information about GitHub Code Scanning, check out the documentation.

@codecov
Copy link

codecov bot commented Mar 20, 2026
edited
Loading

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 68.94%. Comparing base (4d4fbe2) to head (db8ce03).
⚠️ Report is 10 commits behind head on main.

Additional details and impacted files 
@@            Coverage Diff             @@
##             main    #4288      +/-   ##
==========================================
- Coverage   68.95%   68.94%   -0.02%     
==========================================
  Files         473      473              
  Lines       47854    47854              
==========================================
- Hits        33000    32993       -7     
- Misses      12266    12270       +4     
- Partials     2588     2591       +3

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.

@JAORMX @claude
chore: migrate from Trivy to Grype for vulnerability scanning
db8ce03 
Replace aquasecurity/trivy-action with anchore/scan-action (Grype) v7.3.2.
Remove config scanning job (not supported by Grype).

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
@JAORMX JAORMX force-pushed the chore/migrate-trivy-to-grype branch from 038d57c to db8ce03 Compare March 20, 2026 09:19
@github-actions github-actions bot added size/XS Extra small PR: < 100 lines changed and removed size/XS Extra small PR: < 100 lines changed labels Mar 20, 2026
@JAORMX JAORMX merged commit cd139df into main Mar 23, 2026
64 of 65 checks passed
@JAORMX JAORMX deleted the chore/migrate-trivy-to-grype branch March 23, 2026 06:38
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@peppescg peppescg peppescg approved these changes

Assignees

No one assigned

Labels

size/XS Extra small PR: < 100 lines changed

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@JAORMX @peppescg