557305db5d
Some checks failed
ci/woodpecker/push/integration Pipeline failed
ci/woodpecker/push/main Pipeline failed
CI/CD Pipeline / Go Tests (push) Has been cancelled
CI/CD Pipeline / Python Tests (push) Has been cancelled
CI/CD Pipeline / Website Tests (push) Has been cancelled
CI/CD Pipeline / Linting (push) Has been cancelled
CI/CD Pipeline / Security Scan (push) Has been cancelled
CI/CD Pipeline / Docker Build & Push (push) Has been cancelled
CI/CD Pipeline / Integration Tests (push) Has been cancelled
CI/CD Pipeline / Deploy to Staging (push) Has been cancelled
CI/CD Pipeline / Deploy to Production (push) Has been cancelled
CI/CD Pipeline / CI Summary (push) Has been cancelled
Security Scanning / Secret Scanning (push) Has been cancelled
Security Scanning / Dependency Vulnerability Scan (push) Has been cancelled
Security Scanning / Go Security Scan (push) Has been cancelled
Security Scanning / Python Security Scan (push) Has been cancelled
Security Scanning / Node.js Security Scan (push) Has been cancelled
Security Scanning / Docker Image Security (push) Has been cancelled
Security Scanning / Security Summary (push) Has been cancelled
Tests / Go Tests (push) Has been cancelled
Tests / Python Tests (push) Has been cancelled
Tests / Integration Tests (push) Has been cancelled
Tests / Go Lint (push) Has been cancelled
Tests / Python Lint (push) Has been cancelled
Tests / Security Scan (push) Has been cancelled
Tests / All Checks Passed (push) Has been cancelled
- Academy, Whistleblower, Incidents frontend pages with API proxies and types - Vendor compliance API proxy route - Go backend handlers and models for all new SDK modules - Investor pitch-deck app with interactive slides - Blog section with DSGVO, AI Act, NIS2, glossary articles - MkDocs documentation site - CI/CD pipelines (Woodpecker, GitHub Actions), security scanning config - Planning and implementation documentation Co-Authored-By: Claude Opus 4.6 <noreply@anthropic.com>
67 lines
1.1 KiB
YAML
67 lines
1.1 KiB
YAML
# Trivy Configuration for BreakPilot
|
|
# https://trivy.dev/
|
|
#
|
|
# Run: trivy image breakpilot-pwa-backend:latest
|
|
# Run filesystem: trivy fs .
|
|
# Run config: trivy config .
|
|
|
|
# Scan settings
|
|
scan:
|
|
# Security checks to perform
|
|
security-checks:
|
|
- vuln # Vulnerabilities
|
|
- config # Misconfigurations
|
|
- secret # Secrets in files
|
|
|
|
# Vulnerability settings
|
|
vulnerability:
|
|
# Vulnerability types to scan for
|
|
type:
|
|
- os # OS packages
|
|
- library # Application dependencies
|
|
|
|
# Ignore unfixed vulnerabilities
|
|
ignore-unfixed: false
|
|
|
|
# Severity settings
|
|
severity:
|
|
- CRITICAL
|
|
- HIGH
|
|
- MEDIUM
|
|
# - LOW # Uncomment to include low severity
|
|
|
|
# Output format
|
|
format: table
|
|
|
|
# Exit code on findings
|
|
exit-code: 1
|
|
|
|
# Timeout
|
|
timeout: 10m
|
|
|
|
# Cache directory
|
|
cache-dir: /tmp/trivy-cache
|
|
|
|
# Skip files/directories
|
|
skip-dirs:
|
|
- node_modules
|
|
- venv
|
|
- .venv
|
|
- __pycache__
|
|
- .git
|
|
- .idea
|
|
- .vscode
|
|
|
|
skip-files:
|
|
- "*.md"
|
|
- "*.txt"
|
|
- "*.log"
|
|
|
|
# Ignore specific vulnerabilities (add after review)
|
|
ignorefile: .trivyignore
|
|
|
|
# SBOM generation
|
|
sbom:
|
|
format: cyclonedx
|
|
output: sbom.json
|