The vulnerability scan of package-lock.json fails due to a parsing issue #4060
Labels
scan/vulnerability
Issues relating to vulnerability scanning
triage/support
Indicates an issue that is a support question.
Description
The vulnerability scan of package-lock.json fails due to a parsing issue
What did you expect to happen?
The vulnerability scan to work on a valid package-lock.json :)
What happened instead?
It failed :(
Output of run with
-debug
:Output of
trivy -v
:Additional details (base image name, container registry info...):
you can recreate the issue on the following opensource repo https://github.com/OWASP/NodeGoat/tree/v1.4
Notice the tag v1.4 since it's not happening on the default branch.
The text was updated successfully, but these errors were encountered: