Only warn on critical issues for trivy (#253)

This is just a testing tool, we don't wanna be carrying weird vulns on testing code, but this also isn't shipped anywhere. Signed-off-by: Juan Antonio Osorio <[email protected]>
mindersec · Dec 20, 2024 · 0b1a76d · 0b1a76d
1 parent 1e61ca0
commit 0b1a76d
Showing 1 changed file with 1 addition and 0 deletions.
diff --git a/.github/workflows/trivy.yml b/.github/workflows/trivy.yml
@@ -17,6 +17,7 @@ jobs:
           scanners: vuln,secret
           exit-code: 1
           ignore-unfixed: true
+          severity: 'CRITICAL'
         env:
           TRIVY_DB_REPOSITORY: ghcr.io/aquasecurity/trivy-db,public.ecr.aws/aquasecurity/trivy-db
           TRIVY_USERNAME: ${{ github.actor }}