Trivy

General Trivy security scanner.

Description

This composite action runs Trivy security scanner for vulnerability detection.

Usage

jobs:
  security-scan:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4

      - name: Run Trivy scan
        uses: NHSDigital/nhs-notify-shared-modules/.github/actions/trivy@v1.0.0

Details

• Tool: Trivy security scanner
• Scans: Multiple security aspects
• Detects: Vulnerabilities, misconfigurations, secrets
• Reports: Security findings

Related Actions

• Trivy IaC - Infrastructure as Code scanning
• Trivy Package - Package dependency scanning