docs: add Trivy scan badges (8c977d9d) · Commits · to be continuous... / Node.js

README.md

+2 −2

Original line number	Diff line number	Diff line
		@@ -46,7 +46,7 @@ The Node.js template uses some global configuration used throughout all jobs.

		\| Input / Variable \| Description \| Default value \|
		\| ------------------------------------------------------------ \| ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- \| ------------------------------------------------- \|
		\| `image` / `NODE_IMAGE` \| The Docker image used to run Node.js <br/>:warning: set the version required by your project \| `registry.hub.docker.com/library/node:lts-alpine` \|
		\| `image` / `NODE_IMAGE` \| The Docker image used to run Node.js <br/>:warning: set the version required by your project \| `registry.hub.docker.com/library/node:lts-alpine` <br/>[![Trivy Badge](https://to-be-continuous.gitlab.io/doc/secu/trivy-badge-NODE_IMAGE.svg)](https://to-be-continuous.gitlab.io/doc/secu/trivy-NODE_IMAGE) \|
		\| `manager` / `NODE_MANAGER` \| The package manager used by your project (one of `npm`, `yarn` or `pnpm`)<br/>If undefined, automatic detection \| _none_ (auto) \|
		\| `config-registry` / `NODE_CONFIG_REGISTRY` \| Main npm [registry](https://docs.npmjs.com/cli/v8/using-npm/registry) to use \| _none_ \|
		\| `config-scoped-registries` / `NODE_CONFIG_SCOPED_REGISTRIES` \| Space separated list of npm [scoped registries](https://docs.npmjs.com/cli/v8/using-npm/scope#associating-a-scope-with-a-registry) (formatted as `@somescope:https://some.npm.registry/some/repo @anotherscope:https://another.npm.registry/another/repo`) \| _none_ \|
		@@ -383,7 +383,7 @@ It is bound to the `test` stage, and uses the following variables:
		\| Input / Variable \| Description \| Default value \|
		\| ------------------------------------------------------------------------ \| ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ \| ------------------------------------------------------------ \|
		\| `semgrep-disabled` / `NODE_SEMGREP_DISABLED` \| Set to `true` to disable this job \| _none_ \|
		\| `semgrep-image` / `NODE_SEMGREP_IMAGE` \| The Docker image used to run [Semgrep](https://semgrep.dev/docs/) \| `registry.hub.docker.com/semgrep/semgrep:latest` \|
		\| `semgrep-image` / `NODE_SEMGREP_IMAGE` \| The Docker image used to run [Semgrep](https://semgrep.dev/docs/) \| `registry.hub.docker.com/semgrep/semgrep:latest` <br/>[![Trivy Badge](https://to-be-continuous.gitlab.io/doc/secu/trivy-badge-NODE_SEMGREP_IMAGE.svg)](https://to-be-continuous.gitlab.io/doc/secu/trivy-NODE_SEMGREP_IMAGE) \|
		\| `semgrep-args` / `NODE_SEMGREP_ARGS` \| Semgrep [scan options](https://semgrep.dev/docs/cli-reference#semgrep-scan-command-options) \| `--metrics off --disable-version-check --no-suppress-errors` \|
		\| `semgrep-rules` / `NODE_SEMGREP_RULES` \| Space-separated list of [Semgrep rules](https://semgrep.dev/docs/running-rules).<br/>Can be both local YAML files or remote rules from the [Semgrep Registry](https://semgrep.dev/explore) (denoted by the `p/` prefix). \| `p/javascript p/eslint p/gitlab-eslint` \|
		\| `semgrep-registry-base-url` / `NODE_SEMGREP_REGISTRY_BASE_URL` \| The Semgrep Registry base URL that is used to download the rules. No trailing slash. \| `https://semgrep.dev/c` \|

Original line number	Diff line number	Diff line
		@@ -46,7 +46,7 @@ The Node.js template uses some global configuration used throughout all jobs.

		\| Input / Variable \| Description \| Default value \|
		\| ------------------------------------------------------------ \| ---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- \| ------------------------------------------------- \|
		\| `image` / `NODE_IMAGE` \| The Docker image used to run Node.js <br/>:warning: set the version required by your project \| `registry.hub.docker.com/library/node:lts-alpine` \|
		\| `image` / `NODE_IMAGE` \| The Docker image used to run Node.js <br/>:warning: set the version required by your project \| `registry.hub.docker.com/library/node:lts-alpine` <br/>[![Trivy Badge](https://to-be-continuous.gitlab.io/doc/secu/trivy-badge-NODE_IMAGE.svg)](https://to-be-continuous.gitlab.io/doc/secu/trivy-NODE_IMAGE) \|
		\| `manager` / `NODE_MANAGER` \| The package manager used by your project (one of `npm`, `yarn` or `pnpm`)<br/>If undefined, automatic detection \| _none_ (auto) \|
		\| `config-registry` / `NODE_CONFIG_REGISTRY` \| Main npm [registry](https://docs.npmjs.com/cli/v8/using-npm/registry) to use \| _none_ \|
		\| `config-scoped-registries` / `NODE_CONFIG_SCOPED_REGISTRIES` \| Space separated list of npm [scoped registries](https://docs.npmjs.com/cli/v8/using-npm/scope#associating-a-scope-with-a-registry) (formatted as `@somescope:https://some.npm.registry/some/repo @anotherscope:https://another.npm.registry/another/repo`) \| _none_ \|
		@@ -383,7 +383,7 @@ It is bound to the `test` stage, and uses the following variables:
		\| Input / Variable \| Description \| Default value \|
		\| ------------------------------------------------------------------------ \| ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------ \| ------------------------------------------------------------ \|
		\| `semgrep-disabled` / `NODE_SEMGREP_DISABLED` \| Set to `true` to disable this job \| _none_ \|
		\| `semgrep-image` / `NODE_SEMGREP_IMAGE` \| The Docker image used to run [Semgrep](https://semgrep.dev/docs/) \| `registry.hub.docker.com/semgrep/semgrep:latest` \|
		\| `semgrep-image` / `NODE_SEMGREP_IMAGE` \| The Docker image used to run [Semgrep](https://semgrep.dev/docs/) \| `registry.hub.docker.com/semgrep/semgrep:latest` <br/>[![Trivy Badge](https://to-be-continuous.gitlab.io/doc/secu/trivy-badge-NODE_SEMGREP_IMAGE.svg)](https://to-be-continuous.gitlab.io/doc/secu/trivy-NODE_SEMGREP_IMAGE) \|
		\| `semgrep-args` / `NODE_SEMGREP_ARGS` \| Semgrep [scan options](https://semgrep.dev/docs/cli-reference#semgrep-scan-command-options) \| `--metrics off --disable-version-check --no-suppress-errors` \|
		\| `semgrep-rules` / `NODE_SEMGREP_RULES` \| Space-separated list of [Semgrep rules](https://semgrep.dev/docs/running-rules).<br/>Can be both local YAML files or remote rules from the [Semgrep Registry](https://semgrep.dev/explore) (denoted by the `p/` prefix). \| `p/javascript p/eslint p/gitlab-eslint` \|
		\| `semgrep-registry-base-url` / `NODE_SEMGREP_REGISTRY_BASE_URL` \| The Semgrep Registry base URL that is used to download the rules. No trailing slash. \| `https://semgrep.dev/c` \|