⬆️ Update Update aquasec/trivy Docker tag to v0.58.1 #3049
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR contains the following updates:
0.57.1
->0.58.1
Release Notes
aquasecurity/trivy (aquasec/trivy)
v0.58.1
Compare Source
Changelog
7326db1
release: v0.58.1 [release/v0.58] (#8120)03160e4
fix(sbom): attach nested packages to Application [backport: release/v0.58] (#8168)8b93081
fix(python): skip dev group's deps for poetry [backport: release/v0.58] (#8158)18cd1a5
fix(sbom): use root package forunknown
dependencies (if exists) [backport: release/v0.58] (#8156)1bde3df
chore(deps): bumpgolang.org/x/net
fromv0.32.0
tov0.33.0
[backport: release/v0.58] (#8142)90f9e88
chore(deps): bumpgithub.com/CycloneDX/cyclonedx-go
fromv0.9.1
tov0.9.2
[backport: release/v0.58] (#8136)33818e1
fix(redhat): correct rewriting of recommendations for the same vulnerability [backport: release/v0.58] (#8135)89b341f
fix(oracle): add architectures support for advisories [backport: release/v0.58] (#8125)f842fe1
fix(sbom): fix wrong overwriting of applications obtained from different sbom files but having same app type [backport: release/v0.58] (#8124)d52542f
chore(deps): bump golang.org/x/crypto from 0.30.0 to 0.31.0 [backport: release/v0.58] (#8122)9a56e7c
fix: handleBLOW_UNKNOWN
error to download DBs [backport: release/v0.58] (#8121)4278a09
fix(java): correctly overwrite version from depManagement if dependency usesproject.*
props [backport: release/v0.58] (#8119)v0.58.0
Compare Source
Features
workspaceRelationship
(#7889) (d622ca2)go.mod
main module in the parser (#7977) (5448ba2)flavors
support (#7858) (b9b383e)Bug Fixes
UID
for removed packages (#7887) (07915da)mirror.gcr.io
(#7953) (9988147)root/buildinfo/content_manifests/
contains files that are notcontentSets
files (#7912) (38775a5)git@github.com
schema for misconfigs insarif
report (#7898) (19aea4b)Configuration
📅 Schedule: Branch creation - "after 11pm every weekday,before 7am every weekday,every weekend" in timezone Europe/Brussels, Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR was generated by Mend Renovate. View the repository job log.