Is this an issue we need to worry about on Dockhand’s use of trivy?
Found some more useful info that might help others troublshoot.
See what trivy images you have downloaded:
journalctl -u docker | grep -i trivy
Check Docker’s scnaner logs:
docker logs <dockhand container name> | grep -i trivy
In both look for trivy: hopefully it’s just the good version and not (0.69.4)
Also Dockhand’s security workflow is focused on the container image artifact itself rather than the deployment configuration files.