Zach Stone
Zach Stone
:+1: This would be a cool enrichment to have. It could also potentially be done in a module. My modules knowledge is minimal so far but I think a module...
Is there any plan to do a 1.7.4/if so, would this potentially be a candidate for such a release?
>GA release due next week Nice! didn't realize it was so soon. We'll just wait for 1.8. Many thanks :slightly_smiling_face:
Exactly. As a frequent Trivy user I personally understand that `starboard/trivy-operator` is taking the vendor score here to determine the severity, and I agree with that decision. The confusion arises...
@chen-keinan ok I will look into it as time allows. I was wondering though -- how is the severitySource chosen? Is this documented somewhere? I think it would be very...
Is it intentional that only the severity is modified, and not the score?
That is a little bit confusing, no? Maybe in the the implementation for this issue, the behavior can be changed so the score matches the severity. Users will be able...
I think there is still a piece missing here, which is that the Score and Severity reported by default are still from two different sources. ``` score: 9.8 severity: MEDIUM
Wow looks like you were way ahead of me :smile: Is there something that the community can help with there? Or is it just a matter of waiting for a...
Thanks a lot! Yeah we simply added a `.nancy-ignore` to get unblocked for now. When trying to replace using the tag, `go mod tidy` is still unhappy: Using the base...