{
  "$schema": "http://json-schema.org/draft-07/schema#",
  "$id": "https://api-evangelist.github.io/trivy/json-schema/trivy-vulnerability-report-schema.json",
  "title": "Trivy Vulnerability Report",
  "description": "Schema for a Trivy vulnerability scan report containing detected CVEs and package vulnerabilities",
  "type": "object",
  "properties": {
    "SchemaVersion": {
      "type": "integer",
      "description": "Schema version of the report",
      "example": 2
    },
    "ArtifactName": {
      "type": "string",
      "description": "Name of the scanned artifact (container image, file path, repo URL)"
    },
    "ArtifactType": {
      "type": "string",
      "description": "Type of artifact scanned",
      "enum": ["container_image", "filesystem", "repository", "virtual-machine", "sbom"]
    },
    "Metadata": {
      "type": "object",
      "description": "Metadata about the scan target",
      "properties": {
        "OS": {
          "type": "object",
          "properties": {
            "Family": { "type": "string", "description": "OS family (alpine, debian, ubuntu, etc.)" },
            "Name": { "type": "string", "description": "OS name and version" }
          }
        },
        "ImageID": { "type": "string", "description": "Container image ID" },
        "DiffIDs": {
          "type": "array",
          "items": { "type": "string" }
        },
        "RepoTags": {
          "type": "array",
          "items": { "type": "string" }
        },
        "RepoDigests": {
          "type": "array",
          "items": { "type": "string" }
        }
      }
    },
    "Results": {
      "type": "array",
      "description": "Scan results per target layer or component",
      "items": {
        "$ref": "#/definitions/Result"
      }
    }
  },
  "definitions": {
    "Result": {
      "type": "object",
      "properties": {
        "Target": {
          "type": "string",
          "description": "Name of the scanned target (layer, file, or package)"
        },
        "Class": {
          "type": "string",
          "description": "Result class",
          "enum": ["os-pkgs", "lang-pkgs", "config", "secret", "license"]
        },
        "Type": {
          "type": "string",
          "description": "Package manager or format type"
        },
        "Vulnerabilities": {
          "type": "array",
          "description": "List of detected vulnerabilities",
          "items": {
            "$ref": "#/definitions/Vulnerability"
          }
        },
        "Misconfigurations": {
          "type": "array",
          "description": "Detected misconfigurations",
          "items": {
            "$ref": "#/definitions/Misconfiguration"
          }
        },
        "Secrets": {
          "type": "array",
          "description": "Detected secrets",
          "items": {
            "$ref": "#/definitions/Secret"
          }
        }
      }
    },
    "Vulnerability": {
      "type": "object",
      "required": ["VulnerabilityID", "Severity"],
      "properties": {
        "VulnerabilityID": {
          "type": "string",
          "description": "CVE or vulnerability identifier",
          "example": "CVE-2021-44228"
        },
        "PkgName": {
          "type": "string",
          "description": "Affected package name"
        },
        "PkgVersion": {
          "type": "string",
          "description": "Current package version"
        },
        "FixedVersion": {
          "type": "string",
          "description": "Version that fixes the vulnerability"
        },
        "Severity": {
          "type": "string",
          "description": "Vulnerability severity",
          "enum": ["CRITICAL", "HIGH", "MEDIUM", "LOW", "UNKNOWN"]
        },
        "Title": {
          "type": "string",
          "description": "Short title of the vulnerability"
        },
        "Description": {
          "type": "string",
          "description": "Detailed vulnerability description"
        },
        "CVSS": {
          "type": "object",
          "description": "CVSS scores from various sources"
        },
        "References": {
          "type": "array",
          "description": "Reference URLs for the vulnerability",
          "items": { "type": "string", "format": "uri" }
        },
        "PublishedDate": {
          "type": "string",
          "format": "date-time"
        },
        "LastModifiedDate": {
          "type": "string",
          "format": "date-time"
        }
      }
    },
    "Misconfiguration": {
      "type": "object",
      "properties": {
        "Type": { "type": "string", "description": "Misconfiguration type (e.g., Kubernetes, Dockerfile)" },
        "ID": { "type": "string", "description": "Rule identifier" },
        "Title": { "type": "string" },
        "Description": { "type": "string" },
        "Message": { "type": "string" },
        "Severity": {
          "type": "string",
          "enum": ["CRITICAL", "HIGH", "MEDIUM", "LOW", "UNKNOWN"]
        },
        "Status": {
          "type": "string",
          "enum": ["FAIL", "PASS", "WARN", "EXCEPTION"]
        }
      }
    },
    "Secret": {
      "type": "object",
      "properties": {
        "RuleID": { "type": "string", "description": "Secret detection rule ID" },
        "Category": { "type": "string", "description": "Secret category (e.g., aws-access-key)" },
        "Title": { "type": "string" },
        "Severity": {
          "type": "string",
          "enum": ["CRITICAL", "HIGH", "MEDIUM", "LOW", "UNKNOWN"]
        },
        "StartLine": { "type": "integer" },
        "EndLine": { "type": "integer" },
        "Code": {
          "type": "object",
          "description": "Code snippet context"
        }
      }
    }
  }
}