This is not a big project. It focused mainly on how i could integrate trivy in a CI/CD pipeline, where the subject to be scanned is the program from the repo. I encountered loads of errors in regard to standard library dependeincies, which made a lot of "noise" in my focused trials.
Another repo will try to recreate the same process but with an image from a source which known CVE's are found.