feat(misconfig): Load misconfiguration specs from bundles #7138
Assignees
Labels
kind/feature
Categorizes issue or PR as related to a new feature.
scan/misconfiguration
Issues relating to misconfiguration scanning
Milestone
Comments
simar7
added
kind/feature
6 tasks
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Today we load misconfiguration specs via the trivy-checks dependency as described here.
Since now specs are shipped along with the Trivy checks bundle, we can improve this experience by loading them from the bundle first. In case of any errors, we can fall back to the existing mechanism of loading from the trivy-checks library. This experience will be similar to the one we have with checks today.
The benefit of this approach being that we will be able to decouple the distribution of specs from the release of Trivy, just as how we have done with misconfiguration checks.
The text was updated successfully, but these errors were encountered: