Add lockfile version verification to trivy-fs step
ci/woodpecker/push/woodpecker Pipeline failed
Details
ci/woodpecker/push/woodpecker Pipeline failed
Details
This commit is contained in:
parent
4f58b92a31
commit
5e6fbcad3d
SSH Key Fingerprint:
SHA256:nRPCQTeMFLdGytxRQmPVK9VXY3/ePKQ5lGRyJhT5DY8
|
|
@ -81,6 +81,9 @@ steps:
|
||||||
commands:
|
commands:
|
||||||
- echo "nameserver 1.1.1.1" > /etc/resolv.conf
|
- echo "nameserver 1.1.1.1" > /etc/resolv.conf
|
||||||
- echo "nameserver 1.0.0.1" >> /etc/resolv.conf
|
- echo "nameserver 1.0.0.1" >> /etc/resolv.conf
|
||||||
|
- echo "=== Verifying package-lock.json versions ==="
|
||||||
|
- grep -A2 '"node_modules/glob"' package-lock.json | head -5
|
||||||
|
- grep -A2 '"node_modules/mime"' package-lock.json | head -5
|
||||||
- trivy --version | cat
|
- trivy --version | cat
|
||||||
- trivy fs --scanners vuln,misconfig --severity HIGH,CRITICAL --exit-code 0 .
|
- trivy fs --scanners vuln,misconfig --severity HIGH,CRITICAL --exit-code 0 .
|
||||||
- trivy fs --scanners vuln,misconfig --severity HIGH,CRITICAL --exit-code 0 Dockerfile
|
- trivy fs --scanners vuln,misconfig --severity HIGH,CRITICAL --exit-code 0 Dockerfile
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue