@@ -178,7 +178,8 @@ jobs:
178178 if : ${{ steps.check_languages.outputs.uses_poetry == 'true' }}
179179 with :
180180 scan-type : " fs"
181- scan-ref : " poetry.lock"
181+ skip-files : " **/package-lock.json,**/go.sum,**/pom.xml"
182+ scan-ref : " ."
182183 severity : " CRITICAL,HIGH"
183184 scanners : " license"
184185 format : " table"
@@ -191,7 +192,8 @@ jobs:
191192 if : ${{ steps.check_languages.outputs.uses_node == 'true' }}
192193 with :
193194 scan-type : " fs"
194- scan-ref : " package-lock.json"
195+ skip-files : " **/poetry.lock,**/go.sum,**/pom.xml"
196+ scan-ref : " ."
195197 severity : " CRITICAL,HIGH"
196198 scanners : " license"
197199 format : " table"
@@ -204,7 +206,8 @@ jobs:
204206 if : ${{ steps.check_languages.outputs.uses_go == 'true' }}
205207 with :
206208 scan-type : " fs"
207- scan-ref : " src/go.mod"
209+ skip-files : " **/poetry.lock,**/package-lock.json,**/pom.xml"
210+ scan-ref : " ."
208211 severity : " CRITICAL,HIGH"
209212 scanners : " license"
210213 format : " table"
@@ -217,7 +220,8 @@ jobs:
217220 if : ${{ steps.check_languages.outputs.uses_java == 'true' }}
218221 with :
219222 scan-type : " fs"
220- scan-ref : " pom.xml"
223+ skip-files : " **/poetry.lock,**/package-lock.json,**/go.sum"
224+ scan-ref : " ."
221225 severity : " CRITICAL,HIGH"
222226 scanners : " license"
223227 format : " table"
@@ -264,7 +268,8 @@ jobs:
264268 uses : aquasecurity/trivy-action@b6643a29fecd7f34b3597bc6acb0a98b03d33ff8
265269 with :
266270 scan-type : " fs"
267- scan-ref : " poetry.lock"
271+ skip-files : " **/package-lock.json,**/go.sum,**/pom.xml"
272+ scan-ref : " ."
268273 severity : " CRITICAL,HIGH"
269274 scanners : " vuln"
270275 format : " table"
@@ -276,30 +281,33 @@ jobs:
276281 uses : aquasecurity/trivy-action@b6643a29fecd7f34b3597bc6acb0a98b03d33ff8
277282 with :
278283 scan-type : " fs"
279- scan-ref : " package-lock.json"
284+ skip-files : " **/poetry.lock,**/go.sum,**/pom.xml"
285+ scan-ref : " ."
280286 severity : " CRITICAL,HIGH"
281287 scanners : " vuln"
282288 format : " table"
283289 output : " dependency_results_node.txt"
284290 exit-code : " 1"
285291 trivy-config : trivy.yaml
286- - name : Generate and check java SBOMs
292+ - name : Generate and check go SBOMs
287293 if : ${{ steps.check_languages.outputs.uses_java == 'true' }}
288294 uses : aquasecurity/trivy-action@b6643a29fecd7f34b3597bc6acb0a98b03d33ff8
289295 with :
290296 scan-type : " fs"
291- scan-ref : " pom.xml"
297+ skip-files : " **/poetry.lock,**/package-lock.json,**/pom.xml"
298+ scan-ref : " ."
292299 severity : " CRITICAL,HIGH"
293300 scanners : " vuln"
294301 format : " table"
295- output : " dependency_results_java .txt"
302+ output : " dependency_results_go .txt"
296303 exit-code : " 1"
297- - name : Generate and check golang SBOMs
304+ - name : Generate and check java SBOMs
298305 if : ${{ steps.check_languages.outputs.uses_go == 'true' }}
299306 uses : aquasecurity/trivy-action@b6643a29fecd7f34b3597bc6acb0a98b03d33ff8
300307 with :
301308 scan-type : " fs"
302- scan-ref : " src/go.mod"
309+ skip-files : " **/poetry.lock,**/package-lock.json,**/go.sum"
310+ scan-ref : " ."
303311 severity : " CRITICAL,HIGH"
304312 scanners : " vuln"
305313 format : " table"
0 commit comments