Update dependency aquasecurity/trivy to v0.72.0#1210
Open
renovate[bot] wants to merge 1 commit into
Open
Conversation
3185ca4 to
4dcf10c
Compare
4dcf10c to
a2378ce
Compare
a2378ce to
90433b7
Compare
90433b7 to
ca2693f
Compare
ca2693f to
2cbd1be
Compare
2cbd1be to
364f17f
Compare
364f17f to
1300f26
Compare
1300f26 to
c2a6233
Compare
c2a6233 to
0f0ab4f
Compare
0f0ab4f to
2348b40
Compare
2348b40 to
6c069b1
Compare
6c069b1 to
1787c17
Compare
1787c17 to
e856b50
Compare
e856b50 to
2a555c1
Compare
70a7c65 to
3129d99
Compare
3129d99 to
b01ac15
Compare
b01ac15 to
3ef1818
Compare
3ef1818 to
bb1d6f5
Compare
bb1d6f5 to
fc30a85
Compare
fc30a85 to
8b25ec8
Compare
8b25ec8 to
aa76f19
Compare
aa76f19 to
dca145c
Compare
dca145c to
fda7523
Compare
fda7523 to
ad60976
Compare
ad60976 to
3287380
Compare
3287380 to
3ae9901
Compare
3ae9901 to
7d19516
Compare
4a6731e to
a496ba8
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
This PR contains the following updates:
v0.53.0→v0.72.0Release Notes
aquasecurity/trivy (aquasecurity/trivy)
v0.72.0Compare Source
Changelog
8a32853release: v0.72.0 [main] (#10782)4295ac0test: close plugin manager in tests cleanup (#10904)d4213d7Merge commit from fork246ee3cfeat(bottlerocket): add vulnerability matching for Bottlerocket OS (#10893)abb5174fix(misconf): support github_repository_vulnerability_alerts resource (#10680)b8a1ccdfeat(java): detect JAR licenses from packaged LICENSE files (#10856)a10291bfix(nodejs): parse project dependencies from multi-document pnpm-lock.yaml (#10861)a2777aefix(server): propagate package repository class in client/server mode (#10874)6e37acfchore(deps): bump github.com/containerd/containerd/v2 from 2.3.1 to 2.3.2 (#10888)dfd53cffix(vuln): fall back to UNKNOWN severity when vulnerability details are missing (#10795)0a166c3feat(java): detect JAR licenses from the embedded pom.xml (#10851)7a69b8fchore(deps): Upgrade github.com/cenkalti/backoff to v6 (#10863)1df6ca3ci(helm): bump Trivy version to 0.71.2 for Trivy Helm Chart 0.23.2 (#10873)49299dfchore(deps): bump alpine to 3.24.1 (#10868)13de603docs: fix article typo in plugin developer guide (#10860)a848925feat(misconf): Adds CloudFront standard logging v2 support to AVD-AWS-0010 (#10848)c1ad0e0docs: fix typos (#10857)0aff3fdfix(terraform): avoid data race on global getter.Getters in remote module resolver (#10843)e68f3d2feat(secret): support new stateless format for GitHub App installation tokens (#10826)859a933fix: correct format verbs in diagnostic messages (#10805)47b7ba4ci(helm): bump Trivy version to 0.71.1 for Trivy Helm Chart 0.23.1 (#10845)3960facrefactor: use ParseErrorsAllowlist instead of ParseErrorsWhitelist (#10830)469d4fbdocs: fix repository scan heading typo (#10828)39e0b13Merge commit from fork28d44d3fix: forward ospkg detector options through ospkg.NewScanner (#10811)5619ae1chore(deps): bump github.com/bufbuild/buf to v1.70.0 (#10801)1f56a34fix(vex): load VEX documents from within the repository directory (#10820)848d135ci!: migrate docker config to dockers_v2 (#10783)bd78842feat(dotnet): detect bundled runtime in self-contained deployments (#10786)65e5128feat(secret): add OpenAI secret detection rules (#10798)c613b5dci: expect GitHub App bot as backport PR author (#10813)3054b3bfix: surface the original analysis error instead of context cancellation (#10793)15bdd2cchore(deps): bump the github-actions group across 1 directory with 11 updates (#10803)576b093chore(deps): bump the common group with 4 updates (#10797)92b4a05chore(deps): bump the aws group with 4 updates (#10796)c8d1d0dfix: use random suffix for process temp directory instead of PID (#10431)3851371docs: update signature verification for deb and rpm packages (#10784)dccb128fix(image): lookup origin layer for custom resources in merged layers (#10788)9032dcbtest: fix flaky containerd integration test (#10760)f00ee41ci: bump GoReleaser to v2.16.0 (#10774)48af854docs: fix broken nixpkgs reference link in installation guide (#10776)b3d7be5test(java): force offline-scan for client/server integration tests (#10721)888911bfix(image): deterministic OS package deduplication for images with embedded SBOMs (#10777)c0654e1fix(spdx): guard against nil root component in SPDX marshaler (#10771)7ca5a6bci(helm): bump Trivy version to 0.71.0 for Trivy Helm Chart 0.23.0 (#10768)v0.71.2Compare Source
Changelog
055a5c8release: v0.71.2 [release/v0.71] (#10871)875328afix(deps): bump alpine to 3.24.1 [backport: release/v0.71] (#10870)998f7b3chore(deps): bump the common group with 4 updates [backport: release/v0.71] (#10867)v0.71.1Compare Source
Changelog
164b383release: v0.71.1 [release/v0.71] (#10818)a72d9a4fix(oci): validate artifact filename3dd9847fix: forward ospkg detector options through ospkg.NewScanner [backport: release/v0.71] (#10825)a62cbe4fix(vex): load VEX documents from within the repository directory [backport: release/v0.71] (#10821)43d1d26fix: surface the original analysis error instead of context cancellation [backport: release/v0.71] (#10812)ac7696cci: expect GitHub App bot as backport PR author [backport: release/v0.71] (#10815)v0.71.0Compare Source
⚡ Highlights ⚡
👉 https://redirect.github.com/aquasecurity/trivy/discussions/10767
Changelog
https://github.com/aquasecurity/trivy/blob/main/CHANGELOG.md#0710-2026-06-01
v0.70.0Compare Source
⚡ Highlights ⚡
👉 https://redirect.github.com/aquasecurity/trivy/discussions/10546
Changelog
https://github.com/aquasecurity/trivy/blob/main/CHANGELOG.md#0700-2026-04-16
v0.69.3Compare Source
Changelog
6fb20c8release: v0.69.3 [release/v0.69] (#10293)dabefecfix(deps): bump github.com/go-git/go-git/v5 from 5.16.4 to 5.16.5 [backport: release/v0.69] (#10291)Configuration
📅 Schedule: (UTC)
🚦 Automerge: Enabled.
♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR was generated by Mend Renovate. View the repository job log.