Improve Table Format Output to Include Vulnerability Path

[dogus49]

Description

The current table format output for Trivy only shows the vulnerability information. It does not include the path to the vulnerable package. This makes it difficult to determine the location of the vulnerability within the project.

For example, we are using Trivy for a project with multiple dependencies. When a vulnerability is found, we need to download the project's artifacts to manually check the path of the vulnerable package.

We would appreciate it if Trivy could include the path of the vulnerable package in the table output. This would greatly improve the usability of the tool.

Target

None

Scanner

None

[knqyf263]

For example, we are using Trivy for a project with multiple dependencies. When a vulnerability is found, we need to download the project's artifacts to manually check the path of the vulnerable package.

The JSON report (--format json) includes file paths. You can upload it somewhere and download it for investigation.

[fatihtokus]

Hi @dogus49 ,

I have good news for you. There is a trivy plugin out there and it addresses your requirement. If you are interested give it a try:

trivy plugin install scan2html
trivy scan2html fs --scanners vuln,secret,misconfig . interactive_report.html

[fatihtokus]

Have you tried scan2html, @dogus49 ?