For detected misconfigurations.

For detected packages and vulnerabilities in language-specific packages.

For detected package licenses.

For detected licenses in files.

For detected packages and vulnerabilities in OS packages.

For detected secrets.

VEX.

VEX.

Trivy.

VEX.

VEX.

Trivy.

LicenseScanner is the scanner of licenses.

MisconfigScanner is the scanner of misconfigurations.

MisconfStatusException Passed represents the status of exception.

MisconfStatusFailure represents failure status.

MisconfStatusPassed represents successful status.

NoneScanner is the scanner of none.

PkgTypeLibrary is a package type of programming language dependencies.

PkgTypeOS is a package type of OS packages.

PkgTypeUnknown is a package type of unknown.

RBACScanner is the scanner of rbac assessment.

SBOMScanner is the virtual scanner of SBOM, which cannot be enabled by the user.

SecretScanner is the scanner of secrets.

UnknownScanner is the scanner of unknown.

VulnerabilityScanner is the scanner of vulnerabilities.

AllImageConfigScanners has a list of available scanners on container image config.

DetectedMisconfiguration holds detected misconfigurations.

DetectedVulnerability holds the information of detected vulnerabilities.

Library holds the attribute of a package library.

Metadata represents a metadata of artifact.

ModifiedFinding represents a security finding that has been modified by an external source, such as .trivyignore and VEX.

Report represents a scan result.

Result holds a target and detected vulnerabilities.

ScanOptions holds the attributes for scanning vulnerabilities.

ScanTarget holds the attributes for scanning.

BySeverity implements sort.Interface based on the Severity field.

MisconfStatus represents a status of misconfiguration.

PkgType represents package type.

Results to hold list of Result.

Scanner represents the type of security scanning.

Scanners is a slice of scanners.