Skip to content

Use --offline-scan for trivy scans to avoid calling external API

Alan (Maciej) Paruszewski requested to merge 351548-scan-dependencies-with-offline-scan into master

Why is this change being made?

We're adding new default flag to trivy scan to perform offline scans without calling external API to determine dependencies for Maven.

Related to gitlab-org/gitlab#351548 (closed)

Merge request reports