Replies: 1 comment
-
Hello @sparrowt Created #8160 Regards, Dmitriy |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
Description
When using only the
vuln
scanner, for some reason trivy still outputs a whole bunch of log spam about "license acquired" like this:I would expect the
license
scanner to be disabled (and indeed the full license output is not shown) so why is there all this spam about licenses during the vulnerability scan?Interestingly on a subsequent run this is not repeated, but it reproduces again after
trivy clean --scan-cache
.I realise it's possible to pass
--quiet
but I'd like to see the other INFO lines for example "Detected OS" rather than hiding everything.Desired Behavior
Not to have 38 lines of license-related spam output to the console when I am only interested in vuln/secret scanners.
Actual Behavior
Received 38 lines of undesirable spam as above.
Reproduction Steps
1. Build a docker image with a bunch of python packages installed inside Amazon Linux 2023 2. Scan it with `trivy image --severity LOW,MEDIUM,HIGH,CRITICAL --exit-code 1 myimage:mytag` 3. Observe the spam as above
Target
Container Image
Scanner
Vulnerability
Output Format
Table
Mode
Standalone
Debug Output
Operating System
Ubuntu 22.04 in WSL2
Version
Checklist
trivy clean --all
Beta Was this translation helpful? Give feedback.
All reactions