docker run --rm \
-v /var/run/docker.sock:/var/run/docker.sock \
-v /tmp/trivycache:/root/.cache/ \
aquasec/trivy image alpine:latest --timeout 10mScan the jar files in using gradle.lockfile
docker run --rm \
-v /tmp/trivycache:/root/.cache/ \
-v $(pwd)/gradle.lockfile:/root/gradle.lockfile \
aquasec/trivy fs /root/gradle.lockfileScan the maven cache for vulnerabilities
docker run --rm \
-v /var/run/docker.sock:/var/run/docker.sock \
-v /tmp/trivycache:/root/.cache/ \
-v $HOME/.m2:/root/.m2/ \
aquasec/trivy rootfs /root/.m2/docker run --rm \
-v /var/run/docker.sock:/var/run/docker.sock \
-v /tmp/trivycache:/root/.cache/ \
-v $HOME/.m2:/root/.m2/ \
aquasec/trivy rootfs /root/.m2/repository/org/iq80/snappy/snappy/0.4/snappy-0.4.jar