aquasecurity/trivy

Prefer upstream unless you specifically need this exact older snapshot. The fork adds nothing yet and mainly inherits the risk of missing recent fixes and maintenance updates.

Choose this fork if you need Trivy with AccuKnox-controlled release and publishing workflows. Stick with upstream if you want the broadest maintained scanner feature set and standard release channels.

Adopt this fork only if the staging-deploy-after-API-diff workflow is specifically valuable to you; otherwise upstream Trivy is the safer default because this fork is minimally differentiated and materially behind.

Choose this fork if you specifically need the temp-directory uniqueness fix and want the smallest possible deviation from upstream. Stick with upstream if you do not need that bugfix, because this fork does not add broader capabilities.

Choose this fork if you want upstream Trivy plus extra GitHub Actions security workflows. Do not choose it if you are looking for scanner capabilities, runtime features, or platform support beyond upstream.

Prefer this fork only if you explicitly want a reduced Trivy variant and are comfortable losing several upstream capabilities. For most adopters, upstream Trivy is the safer choice.

Prefer this fork only if you need its VM-scanning and workflow changes now and are willing to manage upstream lag. For most users, upstream Trivy is the better default because it is newer, broader, and more actively aligned with the main project.

Choose this fork if you want a maintained Trivy 0.67-style branch with backported fixes and stability. Choose upstream if you need the newest Trivy features and fixes.

Choose this fork only if you want Trivy essentially as upstream, with no visible custom features. For most adopters, the upstream repository is the better default because this fork is already behind by 5 commits and adds nothing new.