Skip to content

CCM-13343: Trivy Package and Library Scans Skip node Modules #191

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
sidnhs merged 4 commits into from
Dec 30, 2025
Merged

CCM-13343: Trivy Package and Library Scans Skip node Modules #191

sidnhs merged 4 commits into from
Dec 30, 2025

Conversation

@jamesthompson26-nhs
Copy link
Contributor

@jamesthompson26-nhs jamesthompson26-nhs commented Dec 22, 2025
edited
Loading

Description

Ignore node_modules subdirs when scanning package vulns. This is checked at the lock level.

Also tidying up scans in workflow to bring in line with other repos and bumping package version in go.mod in docs.

  • Refactoring (non-breaking change)
  • New feature (non-breaking change which adds functionality)
  • Breaking change (fix or feature that would change existing functionality)
  • Bug fix (non-breaking change which fixes an issue)

Checklist

  • I am familiar with the contributing guidelines
  • I have followed the code style of the project
  • I have added tests to cover my changes
  • I have updated the documentation accordingly
  • This PR is a result of pair or mob programming

Sensitive Information Declaration

To ensure the utmost confidentiality and protect your and others privacy, we kindly ask you to NOT including PII (Personal Identifiable Information) / PID (Personal Identifiable Data) or any other sensitive data in this PR (Pull Request) and the codebase changes. We will remove any PR that do contain any sensitive information. We really appreciate your cooperation in this matter.

  • I confirm that neither PII/PID nor sensitive data are included in this PR and the codebase changes.

@jamesthompson26-nhs jamesthompson26-nhs requested review from a team as code owners December 22, 2025 11:18
sidnhs
sidnhs previously approved these changes Dec 22, 2025
View reviewed changes
@jamesthompson26-nhs jamesthompson26-nhs changed the title CCM-13343: Trivy Package and Library Scans CCM-13343: Trivy Package and Library Scans Skip node Modules Dec 23, 2025
@sidnhs sidnhs merged commit 4f3f013 into main Dec 30, 2025
33 checks passed
@sidnhs sidnhs deleted the feature/CCM-13343_Trivy_Package_and_Library_Scans_node_modules_ignore branch December 30, 2025 15:40
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@timireland timireland timireland approved these changes

@sidnhs sidnhs sidnhs approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@jamesthompson26-nhs @timireland @sidnhs