Skip to main content

Documentation Index

Fetch the complete documentation index at: https://trunk-4cab4936-sam-gutentag-flaky-tests-new-monitors.mintlify.app/llms.txt

Use this file to discover all available pages before exploring further.

OSV-Scanner is a linter for Security. You can enable the OSV-Scanner linter with: 
trunk check enable osv-scanner

Auto Enabling

OSV-Scanner will be auto-enabled if any Lockfile files are present.

Settings

OSV-Scanner supports the following config files:
  • osv-scanner.toml
You can move these files to .trunk/configs and trunk check will still find them. See Moving Linters for more info.
Moving osv-scanner.toml to .trunk/configs can cause issues because osv-scanner.toml is only applied to projects in the root folder by default. This can cause issues with any projects in subfolders, such as in a multi-module repository.
To properly configure OSV scanner if you decide to move its config file, you can specify the path to osv-scanner.toml using the --config flag.

Example override to add to trunk.yaml : 
commands:
  - name: scan
    run: |
      osv-scanner \
        --lockfile=${target} \
        --format json \
        --config=.trunk/configs/osv-scanner.toml