docling-studio/.github
Pier-Jean Malandrino a7fbdf7b1b fix(ci): wire .trivyignore.yaml into release-gate Trivy scans
The CRITICAL + HIGH Trivy steps in release-gate.yml were invoking
aquasecurity/trivy-action without the `trivyignores` input, so the
.trivyignore.yaml at the repo root (committed in #190 to mitigate
CVE-2026-40393 / Mesa) was silently ignored — the gate kept failing
on a CVE we explicitly chose to defer.

Pass `trivyignores: .trivyignore.yaml` to both Trivy steps so the file
takes effect. The HIGH step also gets it for consistency (it doesn't
fail the gate, but reporting a CVE we ignore as HIGH would be noise).

Refs #189
2026-04-29 14:00:00 +02:00
..
ISSUE_TEMPLATE Add issue templates, GitHub stars badge, fix health endpoint type hint 2026-04-07 11:57:29 +02:00
workflows fix(ci): wire .trivyignore.yaml into release-gate Trivy scans 2026-04-29 14:00:00 +02:00
PULL_REQUEST_TEMPLATE.md ci: add release-gate pipeline, fix CI duplication, add OSS playbook docs 2026-04-09 13:20:43 +02:00