David Handermann created NIFI-15722:
---------------------------------------
Summary: Add Grype Configuration for Code Compliance Workflow
Key: NIFI-15722
URL: https://issues.apache.org/jira/browse/NIFI-15722
Project: Apache NiFi
Issue Type: Improvement
Components: Tools and Build
Reporter: David Handermann
Assignee: David Handermann
The code-compliance workflow includes the Anchore Scan Action, which uses Grype
to evaluate a generated SBOM for vulnerabilities. A custom Grype configuration
should be added to the project to support greater control over scanning
operations, including selectively ignoring specific vulnerable libraries all
other options have been exhausted.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
