From 2588e64a02de23c35717f6101904efb279617397 Mon Sep 17 00:00:00 2001
From: Sascha Schwarze <schwarzs@de.ibm.com>
Date: Sat, 13 Sep 2025 16:33:07 +0200
Subject: [PATCH] Run trivy with --disable-telemetry and --skip-version-check

Signed-off-by: Sascha Schwarze <schwarzs@de.ibm.com>
---
 pkg/image/vulnerability_scan.go | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pkg/image/vulnerability_scan.go b/pkg/image/vulnerability_scan.go
index bdc5649d88..11c7971b0f 100644
--- a/pkg/image/vulnerability_scan.go
+++ b/pkg/image/vulnerability_scan.go
@@ -30,7 +30,7 @@ type TrivyResult struct {
 
 func RunVulnerabilityScan(ctx context.Context, imagePath string, settings buildapi.VulnerabilityScanOptions, auth *authn.AuthConfig, insecure bool, imageInDir bool, vulnCountLimit int) ([]buildapi.Vulnerability, error) {
 
-	trivyArgs := []string{"image", "--quiet", "--format", "json"}
+	trivyArgs := []string{"image", "--quiet", "--disable-telemetry", "--skip-version-check", "--format", "json"}
 	if imageInDir {
 		trivyArgs = append(trivyArgs, "--input", imagePath)
 	} else {