Trivy scan detects multiple misconfigurations related to Dockerfile
aayani opened this issue · 3 comments
aayani commented
helloKaiDing commented
您的来件已收到!
aayani commented
您的来件已收到!
where do you mean?
toor1245 commented
@aayani, If I'm not mistaken, these files are not intended for the end user, so possible option to resolve this issue is ignore these files https://aquasecurity.github.io/trivy/v0.49/docs/configuration/skipping/
Also, in the screenshot I see that these files are used by https://github.com/mscdex/cpu-features library in node_modules, so maybe it can be ignored using npmignore
, https://www.npmjs.com/package/npmignore
@Mizux, correct me if I'm wrong.