diff --git a/README.md b/README.md index 5da75e93f2ede67d3f1537b149d874c7ed23d6c7..5d7a06eb4eb5caf345dcf6828efaeddb9f6f407e 100644 --- a/README.md +++ b/README.md @@ -246,7 +246,7 @@ It is bound to the `test` stage, and uses the following variables: | ---------------- | ----------------------------------------------------------------------- | ----------------- | | `trivy-disabled` / `PYTHON_TRIVY_DISABLED` | Set to `true` to disable Trivy job | _none_ (enabled) | | `trivy-dist-url` / `PYTHON_TRIVY_DIST_URL` | Url to the `tar.gz` package for `linux_amd64` of Trivy to use (ex: `https://github.com/aquasecurity/trivy/releases/download/v0.51.1/trivy_0.51.1_Linux-64bit.tar.gz`)<br/>_When unset, the latest version will be used_ | _none_ | -| `trivy-args` / `PYTHON_TRIVY_ARGS` | Additional [Trivy CLI options](https://aquasecurity.github.io/trivy/v0.21.1/getting-started/cli/fs/) | `--vuln-type library` | +| `trivy-args` / `PYTHON_TRIVY_ARGS` | Additional [Trivy CLI options](https://aquasecurity.github.io/trivy/v0.21.1/getting-started/cli/fs/) | `--pkg-types library` | In addition to a textual report in the console, this job produces the following reports, kept for one day: diff --git a/kicker.json b/kicker.json index bccbcb08e6e04d8178a287d267d1051174478df2..cec169c890b44ce3ddd4d9652a55fdcc5d5d1715 100644 --- a/kicker.json +++ b/kicker.json @@ -145,7 +145,7 @@ { "name": "PYTHON_TRIVY_ARGS", "description": "Additional [Trivy CLI options](https://aquasecurity.github.io/trivy/v0.21.1/getting-started/cli/fs/)", - "default": "--vuln-type library", + "default": "--pkg-types library", "advanced": true } ] diff --git a/templates/gitlab-ci-python.yml b/templates/gitlab-ci-python.yml index 8686b0c15a9abc40213977aab731f7882b183e8a..dfa8684eaf55f915d70a2f807f3b2755c35f57b6 100644 --- a/templates/gitlab-ci-python.yml +++ b/templates/gitlab-ci-python.yml @@ -108,7 +108,7 @@ spec: default: '' trivy-args: description: Additional [Trivy CLI options](https://aquasecurity.github.io/trivy/v0.21.1/getting-started/cli/fs/) - default: --vuln-type library + default: --pkg-types library sbom-disabled: description: Disable Software Bill of Materials type: boolean