From 248c58e5db5e15ed7b7bd4b14e00498c5ad874c7 Mon Sep 17 00:00:00 2001 From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com> Date: Fri, 21 Apr 2023 10:33:12 +0200 Subject: [PATCH] chore(deps): update aquasecurity/trivy-action action to v0.10.0 (#225) MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit [![Mend Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [aquasecurity/trivy-action](https://togithub.com/aquasecurity/trivy-action) | action | minor | `0.7.1` -> `0.10.0` | --- ### Release Notes
aquasecurity/trivy-action ### [`v0.10.0`](https://togithub.com/aquasecurity/trivy-action/releases/tag/0.10.0) [Compare Source](https://togithub.com/aquasecurity/trivy-action/compare/0.9.2...0.10.0) ##### What's Changed - docs: improve SBOM documentation by [@​saerosV](https://togithub.com/saerosV) in [https://github.com/aquasecurity/trivy-action/pull/208](https://togithub.com/aquasecurity/trivy-action/pull/208) - chore: Update Trivy to 0.40.0 by [@​PerfectSlayer](https://togithub.com/PerfectSlayer) in [https://github.com/aquasecurity/trivy-action/pull/223](https://togithub.com/aquasecurity/trivy-action/pull/223) ##### New Contributors - [@​saerosV](https://togithub.com/saerosV) made their first contribution in [https://github.com/aquasecurity/trivy-action/pull/208](https://togithub.com/aquasecurity/trivy-action/pull/208) - [@​PerfectSlayer](https://togithub.com/PerfectSlayer) made their first contribution in [https://github.com/aquasecurity/trivy-action/pull/223](https://togithub.com/aquasecurity/trivy-action/pull/223) **Full Changelog**: https://github.com/aquasecurity/trivy-action/compare/0.9.2...0.10.0 ### [`v0.9.2`](https://togithub.com/aquasecurity/trivy-action/releases/tag/0.9.2) [Compare Source](https://togithub.com/aquasecurity/trivy-action/compare/0.9.1...0.9.2) ##### What's Changed - chore(deps): bump trivy to v0.38.1 by [@​DmitriyLewen](https://togithub.com/DmitriyLewen) in [https://github.com/aquasecurity/trivy-action/pull/215](https://togithub.com/aquasecurity/trivy-action/pull/215) - Rename security-checks to scanners by [@​sadovnikov](https://togithub.com/sadovnikov) in [https://github.com/aquasecurity/trivy-action/pull/211](https://togithub.com/aquasecurity/trivy-action/pull/211) ##### New Contributors - [@​DmitriyLewen](https://togithub.com/DmitriyLewen) made their first contribution in [https://github.com/aquasecurity/trivy-action/pull/215](https://togithub.com/aquasecurity/trivy-action/pull/215) - [@​sadovnikov](https://togithub.com/sadovnikov) made their first contribution in [https://github.com/aquasecurity/trivy-action/pull/211](https://togithub.com/aquasecurity/trivy-action/pull/211) **Full Changelog**: https://github.com/aquasecurity/trivy-action/compare/0.9.1...0.9.2 ### [`v0.9.1`](https://togithub.com/aquasecurity/trivy-action/releases/tag/0.9.1) [Compare Source](https://togithub.com/aquasecurity/trivy-action/compare/0.9.0...0.9.1) ##### What's Changed - :arrow_up: bump trivy action by [@​flaxel](https://togithub.com/flaxel) in [https://github.com/aquasecurity/trivy-action/pull/203](https://togithub.com/aquasecurity/trivy-action/pull/203) ##### New Contributors - [@​flaxel](https://togithub.com/flaxel) made their first contribution in [https://github.com/aquasecurity/trivy-action/pull/203](https://togithub.com/aquasecurity/trivy-action/pull/203) **Full Changelog**: https://github.com/aquasecurity/trivy-action/compare/0.9.0...0.9.1 ### [`v0.9.0`](https://togithub.com/aquasecurity/trivy-action/releases/tag/0.9.0) [Compare Source](https://togithub.com/aquasecurity/trivy-action/compare/0.8.0...0.9.0) ##### What's Changed - fix(sarif): Add option to limit severities for sarif ([#​192](https://togithub.com/aquasecurity/trivy-action/issues/192)) by [@​AndreyLevchenko](https://togithub.com/AndreyLevchenko) in [https://github.com/aquasecurity/trivy-action/pull/198](https://togithub.com/aquasecurity/trivy-action/pull/198) - docs: add trivy-config to table by [@​omarsilva1](https://togithub.com/omarsilva1) in [https://github.com/aquasecurity/trivy-action/pull/195](https://togithub.com/aquasecurity/trivy-action/pull/195) - Update README.md by [@​mcantu](https://togithub.com/mcantu) in [https://github.com/aquasecurity/trivy-action/pull/186](https://togithub.com/aquasecurity/trivy-action/pull/186) - feat(trivy): Bump Trivy to v0.37.1 by [@​simar7](https://togithub.com/simar7) in [https://github.com/aquasecurity/trivy-action/pull/199](https://togithub.com/aquasecurity/trivy-action/pull/199) ##### New Contributors - [@​AndreyLevchenko](https://togithub.com/AndreyLevchenko) made their first contribution in [https://github.com/aquasecurity/trivy-action/pull/198](https://togithub.com/aquasecurity/trivy-action/pull/198) - [@​omarsilva1](https://togithub.com/omarsilva1) made their first contribution in [https://github.com/aquasecurity/trivy-action/pull/195](https://togithub.com/aquasecurity/trivy-action/pull/195) - [@​mcantu](https://togithub.com/mcantu) made their first contribution in [https://github.com/aquasecurity/trivy-action/pull/186](https://togithub.com/aquasecurity/trivy-action/pull/186) **Full Changelog**: https://github.com/aquasecurity/trivy-action/compare/0.8.0...0.9.0 ### [`v0.8.0`](https://togithub.com/aquasecurity/trivy-action/releases/tag/0.8.0) [Compare Source](https://togithub.com/aquasecurity/trivy-action/compare/0.7.1...0.8.0) ##### What's Changed - Add npm to action Dockerfile by [@​VaismanLior](https://togithub.com/VaismanLior) in [https://github.com/aquasecurity/trivy-action/pull/176](https://togithub.com/aquasecurity/trivy-action/pull/176) - Add 0.34.0 release by [@​L1ghtman2k](https://togithub.com/L1ghtman2k) in [https://github.com/aquasecurity/trivy-action/pull/177](https://togithub.com/aquasecurity/trivy-action/pull/177) ##### New Contributors - [@​VaismanLior](https://togithub.com/VaismanLior) made their first contribution in [https://github.com/aquasecurity/trivy-action/pull/176](https://togithub.com/aquasecurity/trivy-action/pull/176) - [@​L1ghtman2k](https://togithub.com/L1ghtman2k) made their first contribution in [https://github.com/aquasecurity/trivy-action/pull/177](https://togithub.com/aquasecurity/trivy-action/pull/177) **Full Changelog**: https://github.com/aquasecurity/trivy-action/compare/0.7.1...0.8.0
--- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://app.renovatebot.com/dashboard#github/newrelic/nri-kafka). Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> --- .github/workflows/security.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/security.yml b/.github/workflows/security.yml index 036c7adb..eff8ad6a 100644 --- a/.github/workflows/security.yml +++ b/.github/workflows/security.yml @@ -18,7 +18,7 @@ jobs: uses: actions/checkout@v3 - name: Run Trivy vulnerability scanner in repo mode - uses: aquasecurity/trivy-action@0.7.1 + uses: aquasecurity/trivy-action@0.10.0 if: ${{ ! github.event.schedule }} # Do not run inline checks when running periodically with: scan-type: fs @@ -28,7 +28,7 @@ jobs: skip-files: 'tests/integration/consumer-producer/pom.xml' - name: Run Trivy vulnerability scanner sarif output - uses: aquasecurity/trivy-action@0.7.1 + uses: aquasecurity/trivy-action@0.10.0 if: ${{ github.event.schedule }} # Generate sarif when running periodically with: scan-type: fs