Set trivy and grype to medium too

greenbone · Nov 5, 2024 · 8d160a6 · 8d160a6
1 parent 4cb94ac
commit 8d160a6
Showing 1 changed file with 2 additions and 2 deletions.
diff --git a/.github/workflows/research-vuln-scan.yml b/.github/workflows/research-vuln-scan.yml
@@ -33,7 +33,7 @@ jobs:
           format: 'template'
           template: '@/contrib/sarif.tpl'
           output: 'trivy-results.sarif'
-          severity: 'UNKNOWN,LOW,MEDIUM,HIGH,CRITICAL'
+          severity: 'MEDIUM,HIGH,CRITICAL'
           github-pat: ${{ secrets.GITHUB_TOKEN }} # or ${{ secrets.github_pat_name }} if you're using a PAT
 
       - name: Upload Trivy scan results to GitHub Security tab
@@ -63,7 +63,7 @@ jobs:
         with:
           image: "greenbone/opensight-postgres:${{ github.sha }}"
           fail-build: false
-          severity-cutoff: low
+          severity-cutoff: medium
 
       - name: Upload grype vulnerability report
         uses: github/codeql-action/upload-sarif@v3