Copa (Project Copacetic)

Copa Scanner Plugin Interface

Copa exposes a plugin interface that allows third-party vulnerability scanners to feed reports into the patcher. Out of the box, Copa supports Trivy JSON reports and provides documentation for adding new scanner plugins.

GitHub

Documentation

📖
Documentation
https://project-copacetic.github.io/copacetic/website/scanner-plugins/

Other Resources

🔗
Reference
https://github.com/project-copacetic/copacetic/tree/main/pkg/vex

API entry from apis.yml

apis.yml Raw ↑ 
aid: copa:scanner-plugins
name: Copa Scanner Plugin Interface
description: Copa exposes a plugin interface that allows third-party vulnerability scanners to feed reports
  into the patcher. Out of the box, Copa supports Trivy JSON reports and provides documentation for adding
  new scanner plugins.
humanURL: https://project-copacetic.github.io/copacetic/website/scanner-plugins/
baseURL: https://project-copacetic.github.io
tags:
- Plugins
- Scanners
- Trivy
properties:
- type: Documentation
  url: https://project-copacetic.github.io/copacetic/website/scanner-plugins/
- type: Reference
  url: https://github.com/project-copacetic/copacetic/tree/main/pkg/vex
x-features:
- Trivy JSON parser built in
- Pluggable interface for additional scanners
- Standardized intermediate representation of vulnerability reports
x-useCases:
- Integrating internal vulnerability scanners with Copa
- Using Grype, Snyk, or Anchore reports as Copa input