trivy
Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
Tool containers devsecops docker
Minimal
Install package
Latest min add trivy - Source archive SHA256
- 997f7b74…55ee
- Spec hash
- 63f7b224…e3b6
- Target
- amd64/linux
- Needs network
- Yes
- Closed source
- No
What is trivy?
Find vulnerabilities, misconfigurations, secrets, SBOM in containers, Kubernetes, code repositories, clouds and more
How to use this package
Quick install
Installs the package into the current environment for this session. Use --build or --runtime to persist it as a build-time or runtime dependency.
min add trivyDeclare as a task dependency in minimal.toml
Listing the package under tasks.<name>.packages makes it available inside that task’s sandbox.
[tasks.dev]
packages = ["trivy"]Build-time vs runtime
Choose build-time for tools needed during compilation, runtime for dynamic libraries loaded at runtime.
min add --build trivy
min add --runtime trivy