Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

⬆️ Update Update aquasec/trivy Docker tag to v0.58.1 #3049

Open
wants to merge 1 commit into
base: master
Choose a base branch
from

Conversation

renovate[bot]
Copy link
Contributor

@renovate renovate bot commented Dec 4, 2024

This PR contains the following updates:

Package Update Change
aquasec/trivy (source) minor 0.57.1 -> 0.58.1

Release Notes

aquasecurity/trivy (aquasec/trivy)

v0.58.1

Compare Source

Changelog

  • 7326db1 release: v0.58.1 [release/v0.58] (#​8120)
  • 03160e4 fix(sbom): attach nested packages to Application [backport: release/v0.58] (#​8168)
  • 8b93081 fix(python): skip dev group's deps for poetry [backport: release/v0.58] (#​8158)
  • 18cd1a5 fix(sbom): use root package for unknown dependencies (if exists) [backport: release/v0.58] (#​8156)
  • 1bde3df chore(deps): bump golang.org/x/net from v0.32.0 to v0.33.0 [backport: release/v0.58] (#​8142)
  • 90f9e88 chore(deps): bump github.com/CycloneDX/cyclonedx-go from v0.9.1 to v0.9.2 [backport: release/v0.58] (#​8136)
  • 33818e1 fix(redhat): correct rewriting of recommendations for the same vulnerability [backport: release/v0.58] (#​8135)
  • 89b341f fix(oracle): add architectures support for advisories [backport: release/v0.58] (#​8125)
  • f842fe1 fix(sbom): fix wrong overwriting of applications obtained from different sbom files but having same app type [backport: release/v0.58] (#​8124)
  • d52542f chore(deps): bump golang.org/x/crypto from 0.30.0 to 0.31.0 [backport: release/v0.58] (#​8122)
  • 9a56e7c fix: handle BLOW_UNKNOWN error to download DBs [backport: release/v0.58] (#​8121)
  • 4278a09 fix(java): correctly overwrite version from depManagement if dependency uses project.* props [backport: release/v0.58] (#​8119)

v0.58.0

Compare Source

Features
Bug Fixes
  • alpine: add UID for removed packages (#​7887) (07915da)
  • aws: change CPU and Memory type of ContainerDefinition to a string (#​7995) (aeeba70)
  • cli: Handle empty ignore files more gracefully (#​7962) (4cfb2a9)
  • debian: infinite loop (#​7928) (d982e6a)
  • fs: add missing defered Cleanup() call to post analyzer fs (#​7882) (ab32297)
  • Improve version comparisons when build identifiers are present (#​7873) (eda4d76)
  • k8s: check all results for vulnerabilities (#​7946) (797b36f)
  • misconf: do not erase variable type for child modules (#​7941) (de3b7ea)
  • misconf: handle null properties in CloudFormation templates (#​7813) (99b2db3)
  • misconf: load full Terraform module (#​7925) (fbc42a0)
  • misconf: properly resolve local Terraform cache (#​7983) (fe3a897)
  • misconf: Update trivy-checks default repo to mirror.gcr.io (#​7953) (9988147)
  • misconf: wrap AWS EnvVar to iac types (#​7407) (54130dc)
  • redhat: don't return error if root/buildinfo/content_manifests/ contains files that are not contentSets files (#​7912) (38775a5)
  • report: handle git@github.com schema for misconfigs in sarif report (#​7898) (19aea4b)
  • sbom: Fixes for Programming Language Vulnerabilities and SBOM Package Maintainer Details (#​7871) (461a68a)
  • terraform: set null value as fallback for missing variables (#​7669) (611558e)

Configuration

📅 Schedule: Branch creation - "after 11pm every weekday,before 7am every weekday,every weekend" in timezone Europe/Brussels, Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.


  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate bot requested a review from a team December 4, 2024 01:16
@renovate renovate bot force-pushed the renovate/aquasec-trivy-0.x branch from 60aa288 to 5e3a887 Compare December 24, 2024 11:08
@renovate renovate bot changed the title ⬆️ Update Update aquasec/trivy Docker tag to v0.58.0 ⬆️ Update Update aquasec/trivy Docker tag to v0.58.1 Dec 24, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

0 participants