Skip to content

bug(java): Trivy downloads trivy-java-db multiple times in one run #5441

New issue
New issue
Closed
#5442
aquasecurity/trivy-action
#277
Closed
bug(java): Trivy downloads trivy-java-db multiple times in one run#5441
#5442
aquasecurity/trivy-action
#277
Assignees
DmitriyLewen
Labels
kind/bugCategorizes issue or PR as related to a bug.scan/vulnerabilityIssues relating to vulnerability scanning
@DmitriyLewen

Description

@DmitriyLewen
DmitriyLewen
opened on Oct 25, 2023

Description

Trivy downloads trivy-java-db multiple times in one run:

➜  trivy image tomcat                                                             
2023-10-25T09:25:14.383+0600	INFO	Need to update DB
2023-10-25T09:25:14.383+0600	INFO	DB Repository: ghcr.io/aquasecurity/trivy-db
2023-10-25T09:25:14.383+0600	INFO	Downloading DB...
40.64 MiB / 40.64 MiB [-----------------------------------------------------------------------------------------------------] 100.00% 17.98 MiB p/s 2.5s
2023-10-25T09:25:18.340+0600	INFO	Vulnerability scanning is enabled
2023-10-25T09:25:18.340+0600	INFO	Secret scanning is enabled
2023-10-25T09:25:18.340+0600	INFO	If your scanning is slow, please try '--scanners vuln' to disable secret scanning
2023-10-25T09:25:18.340+0600	INFO	Please see also https://aquasecurity.github.io/trivy/v0.46/docs/scanner/secret/#recommendation for faster secret detection
2023-10-25T09:25:25.819+0600	INFO	JAR files found
2023-10-25T09:25:25.819+0600	INFO	Java DB Repository: ghcr.io/aquasecurity/trivy-java-db:1
2023-10-25T09:25:25.819+0600	INFO	Downloading the Java DB...
2.83 MiB / 473.79 MiB [>__________________________________________________________________________________________________] 0.60% 2.08 MiB p/s ETA 3m46s2023-10-25T09:25:29.013+0600	INFO	JAR files found
2023-10-25T09:25:29.013+0600	INFO	Java DB Repository: ghcr.io/aquasecurity/trivy-java-db:1
2023-10-25T09:25:29.013+0600	INFO	Downloading the Java DB...
369.34 MiB / 473.79 MiB [--------------------------------------------------------------------------->_____________________] 77.96% 1.51 MiB p/s ETA 1m

Metadata

Metadata

Assignees

Labels

kind/bugCategorizes issue or PR as related to a bug.scan/vulnerabilityIssues relating to vulnerability scanning

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions