Skip to content

Commit 87a215d

Browse files
dependabot[bot]dependabot[bot]
authored
Upgrade: [dependabot] - Bump aquasecurity/trivy-action from 0.33.1 to 0.34.0 (#7)
Bumps [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) from 0.33.1 to 0.34.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/aquasecurity/trivy-action/releases">aquasecurity/trivy-action's releases</a>.</em></p> <blockquote> <h2>v0.34.0</h2> <h2>What's Changed</h2> <ul> <li>ci: use setup-bats in bump-trivy workflow by <a href="https://github.com/nikpivkin"><code>@​nikpivkin</code></a> in <a href="https://redirect.github.com/aquasecurity/trivy-action/pull/494">aquasecurity/trivy-action#494</a></li> <li>chore: update README by <a href="https://github.com/nikpivkin"><code>@​nikpivkin</code></a> in <a href="https://redirect.github.com/aquasecurity/trivy-action/pull/493">aquasecurity/trivy-action#493</a></li> <li>ci: install trivy in bump-trivy workflow and update tests by <a href="https://github.com/nikpivkin"><code>@​nikpivkin</code></a> in <a href="https://redirect.github.com/aquasecurity/trivy-action/pull/495">aquasecurity/trivy-action#495</a></li> <li>chore(deps): Update trivy to v0.68.1 by <a href="https://github.com/aqua-bot"><code>@​aqua-bot</code></a> in <a href="https://redirect.github.com/aquasecurity/trivy-action/pull/496">aquasecurity/trivy-action#496</a></li> <li>ci: use checks bundle v2 in sync workflow by <a href="https://github.com/nikpivkin"><code>@​nikpivkin</code></a> in <a href="https://redirect.github.com/aquasecurity/trivy-action/pull/505">aquasecurity/trivy-action#505</a></li> <li>chore(deps): Update trivy to v0.69.1 by <a href="https://github.com/aqua-bot"><code>@​aqua-bot</code></a> in <a href="https://redirect.github.com/aquasecurity/trivy-action/pull/506">aquasecurity/trivy-action#506</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/aquasecurity/trivy-action/compare/0.33.1...0.34.0">https://github.com/aquasecurity/trivy-action/compare/0.33.1...0.34.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/aquasecurity/trivy-action/commit/c1824fd6edce30d7ab345a9989de00bbd46ef284"><code>c1824fd</code></a> chore(deps): Update trivy to v0.69.1 (<a href="https://redirect.github.com/aquasecurity/trivy-action/issues/506">#506</a>)</li> <li><a href="https://github.com/aquasecurity/trivy-action/commit/bc61dc55704e2d5704760f3cdab0d09acf16e4ca"><code>bc61dc5</code></a> Merge commit from fork</li> <li><a href="https://github.com/aquasecurity/trivy-action/commit/5eb7ef2605dd123171cc50b6be71f3b1fefb6a13"><code>5eb7ef2</code></a> ci: use checks bundle v2 in sync workflow (<a href="https://redirect.github.com/aquasecurity/trivy-action/issues/505">#505</a>)</li> <li><a href="https://github.com/aquasecurity/trivy-action/commit/22438a435773de8c97dc0958cc0b823c45b064ac"><code>22438a4</code></a> Merge pull request <a href="https://redirect.github.com/aquasecurity/trivy-action/issues/496">#496</a> from aquasecurity/bump-trivy-1765431074</li> <li><a href="https://github.com/aquasecurity/trivy-action/commit/0024b3f39eb28238f271395b86ec43ee831aa97e"><code>0024b3f</code></a> chore(deps): Update trivy to v0.68.1</li> <li><a href="https://github.com/aquasecurity/trivy-action/commit/83690f7d38282f3c235caa2aac0043f2b4fe6134"><code>83690f7</code></a> ci: install trivy in bump-trivy workflow and update tests (<a href="https://redirect.github.com/aquasecurity/trivy-action/issues/495">#495</a>)</li> <li><a href="https://github.com/aquasecurity/trivy-action/commit/df65449f48b89ca7da6699b2d7620f4eaac2355b"><code>df65449</code></a> chore: update README (<a href="https://redirect.github.com/aquasecurity/trivy-action/issues/493">#493</a>)</li> <li><a href="https://github.com/aquasecurity/trivy-action/commit/0317097f59169a66937f3f5b95d7f8b7cee1b7eb"><code>0317097</code></a> ci: use setup-bats in bump-trivy workflow (<a href="https://redirect.github.com/aquasecurity/trivy-action/issues/494">#494</a>)</li> <li>See full diff in <a href="https://github.com/aquasecurity/trivy-action/compare/b6643a29fecd7f34b3597bc6acb0a98b03d33ff8...c1824fd6edce30d7ab345a9989de00bbd46ef284">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=aquasecurity/trivy-action&package-manager=github_actions&previous-version=0.33.1&new-version=0.34.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
1 parent 6c46f08 commit 87a215d

File tree

1 file changed

+2
-2
lines changed

1 file changed

+2
-2
lines changed

.github/workflows/build_multi_arch_image.yml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -88,7 +88,7 @@ jobs:
8888
IMAGE_TAG: ":${{ inputs.docker_tag }}-${{ matrix.arch }}"
8989
BASE_FOLDER: "${{ inputs.base_folder }}"
9090
- name: Check docker vulnerabilities - json output
91-
uses: aquasecurity/trivy-action@b6643a29fecd7f34b3597bc6acb0a98b03d33ff8
91+
uses: aquasecurity/trivy-action@c1824fd6edce30d7ab345a9989de00bbd46ef284
9292
with:
9393
scan-type: "image"
9494
image-ref: "ghcr.io/nhsdigital/eps-devcontainers/${{ inputs.container_name }}:${{ inputs.docker_tag }}-${{ matrix.arch }}"
@@ -105,7 +105,7 @@ jobs:
105105
name: "scan_results_docker_${{ inputs.container_name }}_${{ matrix.arch }}.json"
106106
path: scan_results_docker.json
107107
- name: Check docker vulnerabilities - table output
108-
uses: aquasecurity/trivy-action@b6643a29fecd7f34b3597bc6acb0a98b03d33ff8
108+
uses: aquasecurity/trivy-action@c1824fd6edce30d7ab345a9989de00bbd46ef284
109109
with:
110110
scan-type: "image"
111111
image-ref: "ghcr.io/nhsdigital/eps-devcontainers/${{ inputs.container_name }}:${{ inputs.docker_tag }}-${{ matrix.arch }}"

0 commit comments

Comments
 (0)