Thursday, January 18, 2024

Trivy Code Vulnerability report

Trivy provides Third party library vulnerability report along with security key exposure in your code.

The tool also provides the version in which the vulnerability is fixed.

You can use the below steps to get a report by checkout the code from your repo:

Go to https://github.com/aquasecurity/trivy/releases/download/v0.48.3/trivy_0.48.3_windows-64bit.zip

Download the zip

Extract the folder

Goto <Extracted Folder>\trivy_0.48.3_windows-64bit

Open command line from above folder

run the below command

trivy fs <codebase path in local m/c > <app_name_>sec_rpt.txt

Further reading:

https://trivy.dev/


-
Labels:

2 comments:

Anonymous said...

Informative. Thanks for sharing.

January 18, 2024 at 5:36 PM
Koushik said...

Great Post!! Super useful

January 18, 2024 at 5:38 PM

Post a Comment

Subscribe to: Post Comments (Atom)

Map to List Using Guava

Suppose, we have a list of Employee objects where we want to create a Map from the list with employee id as Key. You can do that with Java S...