docling-studio/.github/workflows
Pier-Jean Malandrino a7fbdf7b1b fix(ci): wire .trivyignore.yaml into release-gate Trivy scans
The CRITICAL + HIGH Trivy steps in release-gate.yml were invoking
aquasecurity/trivy-action without the `trivyignores` input, so the
.trivyignore.yaml at the repo root (committed in #190 to mitigate
CVE-2026-40393 / Mesa) was silently ignored — the gate kept failing
on a CVE we explicitly chose to defer.

Pass `trivyignores: .trivyignore.yaml` to both Trivy steps so the file
takes effect. The HIGH step also gets it for consistency (it doesn't
fail the gate, but reporting a CVE we ignore as HIGH would be noise).

Refs #189
2026-04-29 14:00:00 +02:00
..
auto-close-issues.yml ci: auto-close issues on merge into release/* branches 2026-04-08 10:18:49 +02:00
ci.yml fix(ci): install pytestarch in backend tests job (#177) 2026-04-29 14:00:00 +02:00
docling-compat.yml fix: resolve CI warnings (Node.js 20 deprecation + ESLint formatting) 2026-04-08 14:54:56 +02:00
docs.yml fix: resolve CI warnings (Node.js 20 deprecation + ESLint formatting) 2026-04-08 14:54:56 +02:00
release-gate.yml fix(ci): wire .trivyignore.yaml into release-gate Trivy scans 2026-04-29 14:00:00 +02:00
release.yml fix: resolve CI warnings (Node.js 20 deprecation + ESLint formatting) 2026-04-08 14:54:56 +02:00