Enhancement Request: Add option to emit software bill-of-materials (SBoM) in CycloneDX format · Issue #140 · aquasecurity/trivy
Trivy seems like an awesome product. However, one place where it falls short is that the vulnerability check is only done one time and that is at the time of the scan (e.g. in the CI/CD pipeline). ...