Trivy¶

Generate a Trivy filesystem report, then analyze it with ca9.

trivy fs --format json --output trivy.json .
ca9 check trivy.json --repo .

Recommended command¶

coverage run -m pytest
coverage json -o coverage.json
ca9 check trivy.json --repo . --coverage coverage.json --show-confidence

Automation outputs¶

ca9 check trivy.json --repo . -f json -o ca9-report.json
ca9 check trivy.json --repo . -f sarif -o ca9.sarif
ca9 check trivy.json --repo . -f vex -o openvex.json