gitea-mirror/trivy
1
0
Fork 0
mirror of https://github.com/aquasecurity/trivy.git synced 2025-12-22 23:26:39 -08:00
Code Issues Packages Projects Releases Wiki Activity

feat(vuln): Add --detection-priority flag for accuracy tuning (#7288)

Browse Source 
Signed-off-by: knqyf263 <knqyf263@gmail.com>
This commit is contained in:
Teppei Fukuda
2024-08-02 14:41:56 +04:00
committed by GitHub
parent e95152f796
commit fd8348d610
30 changed files with 675 additions and 221 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
pkg/commands/artifact/run.go
View File

@@ -568,6 +568,10 @@ func (r *runner) initScannerConfig(opts flag.Options) (ScannerConfig, types.Scan
fileChecksum = true
}
// Disable the post handler for filtering system file when detection priority is comprehensive.
disabledHandlers := lo.Ternary(opts.DetectionPriority == ftypes.PriorityComprehensive,
[]ftypes.HandlerType{ftypes.SystemFileFilteringPostHandler}, nil)
return ScannerConfig{
Target: target,
CacheOptions: opts.CacheOpts(),
@@ -579,6 +583,7 @@ func (r *runner) initScannerConfig(opts flag.Options) (ScannerConfig, types.Scan
},
ArtifactOption: artifact.Option{
DisabledAnalyzers: disabledAnalyzers(opts),
DisabledHandlers: disabledHandlers,
FilePatterns: opts.FilePatterns,
Parallel: opts.Parallel,
Offline: opts.OfflineScan,
@@ -592,6 +597,7 @@ func (r *runner) initScannerConfig(opts flag.Options) (ScannerConfig, types.Scan
AWSRegion: opts.Region,
AWSEndpoint: opts.Endpoint,
FileChecksum: fileChecksum,
DetectionPriority: opts.DetectionPriority,
// For image scanning
ImageOption: ftypes.ImageOptions{