Bitbucket Pipe Abandoned

[xelencin]

Description

I am looking to replace our current Dependency-Scan (OWASP Dependency-Check) and IaC Scan (KICS) pipes with the Trivy pipe but it appears this hasn't been maintained or updated in years.

I'll work around this by just running it as a regular pipeline step, but the pipe would provide a plug and play solution for running Trivy in Bitbucket Pipelines. Additionally adding code insights support to this would make the reports easily consumable in the web interface without having to review the pipeline logs.

This is listed by Trivy in Atlassians Pipes integration page.

• Bitbucket Pipe - Search for Trivy
• GitHub Repo
• Bitbucket Repo - This is what the pipe actually consumes

Target

None

Scanner

None