Filesystem

  1. NAME:
  2. trivy filesystem - scan local filesystem
  3. USAGE:
  4. trivy filesystem [command options] dir
  5. OPTIONS:
  6. --template value, -t value output template [$TRIVY_TEMPLATE]
  7. --format value, -f value format (table, json, template) (default: "table") [$TRIVY_FORMAT]
  8. --input value, -i value input file path instead of image name [$TRIVY_INPUT]
  9. --severity value, -s value severities of vulnerabilities to be displayed (comma separated) (default: "UNKNOWN,LOW,MEDIUM,HIGH,CRITICAL") [$TRIVY_SEVERITY]
  10. --output value, -o value output file name [$TRIVY_OUTPUT]
  11. --exit-code value Exit code when vulnerabilities were found (default: 0) [$TRIVY_EXIT_CODE]
  12. --skip-update skip db update (default: false) [$TRIVY_SKIP_UPDATE]
  13. --clear-cache, -c clear image caches without scanning (default: false) [$TRIVY_CLEAR_CACHE]
  14. --ignore-unfixed display only fixed vulnerabilities (default: false) [$TRIVY_IGNORE_UNFIXED]
  15. --removed-pkgs detect vulnerabilities of removed packages (only for Alpine) (default: false) [$TRIVY_REMOVED_PKGS]
  16. --vuln-type value comma-separated list of vulnerability types (os,library) (default: "os,library") [$TRIVY_VULN_TYPE]
  17. --ignorefile value specify .trivyignore file (default: ".trivyignore") [$TRIVY_IGNOREFILE]
  18. --cache-backend value cache backend (e.g. redis://localhost:6379) (default: "fs") [$TRIVY_CACHE_BACKEND]
  19. --timeout value timeout (default: 2m0s) [$TRIVY_TIMEOUT]
  20. --no-progress suppress progress bar (default: false) [$TRIVY_NO_PROGRESS]
  21. --ignore-policy value specify the Rego file to evaluate each vulnerability [$TRIVY_IGNORE_POLICY]
  22. --list-all-pkgs enabling the option will output all packages regardless of vulnerability (default: false) [$TRIVY_LIST_ALL_PKGS]
  23. --skip-files value specify the file path to skip traversal [$TRIVY_SKIP_FILES]
  24. --skip-dirs value specify the directory where the traversal is skipped [$TRIVY_SKIP_DIRS]
  25. --help, -h show help (default: false)