Discofork
Repository brief

aquasecurity/trivy

Read the upstream summary on the left, browse the cached forks below it, and load each fork comparison into the right-hand panel.

Cached analysis
cached 2026-03-31T09:44:18.425Z
1mo ago

aquasecurity/trivy

Trivy is a widely used, actively maintained Go security scanner for containers and related infrastructure. It scans container images, filesystems, remote Git repositories, VM images, and Kubernetes for vulnerabilities, misconfigurations, secrets, SBOM data, and licenses. The repo is very active and substantial, with 34k+ stars, 220 forks, and recent commits through 2026-03-30.

GitHub
Loading tags...
Stars34,246
Forks220
Default branchmain
Last pushed2026-03-30T17:16:41Z
Recommended shortcuts

Jump straight into Discofork's strongest cached fork picks, or open a compare view in one click.

Forks

Choose a fork to inspect

10 of 10 fork briefs
Selected

Prefer upstream unless you specifically need this exact snapshot for local experimentation or version pinning. For ongoing use, this fork currently adds nothing and is already behind active upstream fixes.

Prefer upstream unless you specifically need this exact older snapshot. The fork adds nothing yet and mainly inherits the risk of missing recent fixes and maintenance updates.

Choose this fork if you need Trivy with AccuKnox-controlled release and publishing workflows. Stick with upstream if you want the broadest maintained scanner feature set and standard release channels.

Adopt this fork only if the staging-deploy-after-API-diff workflow is specifically valuable to you; otherwise upstream Trivy is the safer default because this fork is minimally differentiated and materially behind.

Choose this fork if you specifically need the temp-directory uniqueness fix and want the smallest possible deviation from upstream. Stick with upstream if you do not need that bugfix, because this fork does not add broader capabilities.

Choose this fork if you want upstream Trivy plus extra GitHub Actions security workflows. Do not choose it if you are looking for scanner capabilities, runtime features, or platform support beyond upstream.

Prefer this fork only if you explicitly want a reduced Trivy variant and are comfortable losing several upstream capabilities. For most adopters, upstream Trivy is the safer choice.

Prefer this fork only if you need its VM-scanning and workflow changes now and are willing to manage upstream lag. For most users, upstream Trivy is the better default because it is newer, broader, and more actively aligned with the main project.

Choose this fork if you want a maintained Trivy 0.67-style branch with backported fixes and stability. Choose upstream if you need the newest Trivy features and fixes.

Choose this fork only if you want Trivy essentially as upstream, with no visible custom features. For most adopters, the upstream repository is the better default because this fork is already behind by 5 commits and adds nothing new.