chore(deps): update dependency trivy to v0.69.3

[renovate]

This PR contains the following updates:

Package	Update	New value	References	Sourcegraph
trivy	minor	0.69.3	source

Test plan: CI should pass with updated dependencies. No review required: this is an automated dependency update PR.

---

Release Notes

aquasecurity/trivy (trivy)

v0.69.3

Compare Source

Changelog

• 6fb20c8 release: v0.69.3 [release/v0.69] (#​10293)
• dabefec fix(deps): bump github.com/go-git/go-git/v5 from 5.16.4 to 5.16.5 [backport: release/v0.69] (#​10291)

v0.69.2

Compare Source

Changelog

• cfa322e release: v0.69.2 [release/v0.69] (#​10266)
• 86debce fix(deps): bump go.opentelemetry.io/otel/sdk from 1.39.0 to 1.40.0 [backport: release/v0.69] (#​10267)
• cf3d4cd fix(deps): bump github.com/cloudflare/circl from 1.6.1 to 1.6.3 [backport: release/v0.69] (#​10264)
• 6dfd3b0 ci: remove apidiff workflow

v0.26.0

Compare Source

Changelog

• a0047a7 feat(alpine): warn mixing versions (#​2000)
• d786655 Update ASFF template (#​1914)
• a02cf65 chore(deps): replace containerd/containerd version to fix CVE-2022-23648 (#​1994)
• 613e38c chore(deps): bump alpine from 3.15.3 to 3.15.4 (#​1993)
• 3b6d65b test(go): add integration tests for gomod (#​1989)
• 22f5b93 fix(python): fixed panic when scan .egg archive (#​1992)
• 485637c fix(go): set correct go modules type (#​1990)
• 6fdb554 feat(alpine): support apk repositories (#​1987)
• d9bddb9 docs: add CBL-Mariner (#​1982)
• 1cf1873 docs(go): fix version (#​1986)
• d77dbe8 feat(go): support go.mod in Go 1.17+ (#​1985)
• 32bd1e4 ci: fix URLs in the PR template (#​1972)
• 94a5a18 ci: add semantic pull requests check (#​1968)
• 72d94b2 docs(issue): added docs for wrong detection issues (#​1961)

v0.25.4

Compare Source

Changelog

• b4a7d6a docs: move CONTRIBUTING.md to docs (#​1971)
• 0127c1d refactor(table): use file name instead package path (#​1966)
• a92da72 fix(sbom): add --db-repository (#​1964)
• b0f3864 feat(table): add PkgPath in table result (#​1960)
• 0b1d32c fix(pom): merge multiple pom imports in a good manner (#​1959)

v0.25.3

Compare Source

Changelog

• d4e3df8 fix(downloadDB): add dbRepositoryFlag to repository and rootfs commands (#​1956)
• 7e48cc1 fix(misconf): update BurntSushi/toml for fix runtime error (#​1948)
• c9efa8c fix(misconf): Update fanal/defsec to resolve missing metadata issues (#​1947)
• 52b7154 feat(jar): allow setting Maven Central URL using environment variable (#​1939)
• 21f7a41 chore(chart): update Trivy version in HelmChart to 0.25.0 (#​1931)
• ff2b3d1 chore(chart): remove version comments (#​1933)

v0.25.2

Compare Source

Changelog

• 9c19298 fix(downloadDB): add flag to server command (#​1942)

v0.25.1

Compare Source

Changelog

• aa3d696 fix(misconf): update defsec to resolve panics (#​1935)
• 31e7669 chore(deps): bump github.com/docker/docker (#​1924)
• 4ca35b2 docs: restructure the documentation (#​1887)
• 8da4548 chore(deps): bump github.com/urfave/cli/v2 from 2.3.0 to 2.4.0 (#​1923)
• 76e9d7e chore(deps): bump actions/cache from 2 to 3.0.1 (#​1920)
• 2b217a3 chore(deps): bump actions/checkout from 2 to 3 (#​1916)
• 902aa8c chore(deps): bump github.com/open-policy-agent/opa from 0.37.2 to 0.39.0 (#​1921)
• 60b19e5 chore(deps): bump sigstore/cosign-installer from 2.0.0 to 2.1.0 (#​1919)
• 58aab67 chore(deps): bump helm/chart-testing-action from 2.2.0 to 2.2.1 (#​1918)
• 209b9cc chore(deps): bump golang from 1.17 to 1.18.0 (#​1915)
• bfb931d Add trivy horizontal logo (#​1932)
• ae86a5b chore(deps): bump alpine from 3.15.0 to 3.15.3 (#​1917)
• 1a23039 chore(deps): bump github.com/go-redis/redis/v8 from 8.11.4 to 8.11.5 (#​1925)
• 56498ca chore(deps): bump github.com/stretchr/testify from 1.7.0 to 1.7.1 (#​1927)
• 0210567 feat(db): Add dbRepository flag to get advisory database from OCI registry (#​1873)

v0.25.0

Compare Source

Changelog

• 4470a18 docs(filter vulnerabilities): fix link (#​1880)
• cb171ea feat(template) Add misconfigurations to gitlab codequality report (#​1756)
• 36e24b1 fix(rpc): add PkgPath field to client / server mode (#​1643)
• 8831174 fix(vulnerabilities): fixed trivy-db vulns (#​1883)
• 9154b81 feat(cache): remove temporary cache after filesystem scanning (#​1868)
• f36d9b6 feat(sbom): add a dedicated sbom command (#​1799)
• 7a14808 feat(cyclonedx): add vulnerabilities (#​1832)
• df80fd3 fix(option): hide false warning about remote options (#​1865)
• 88ebc07 chore: bump up Go to 1.18 (#​1862)
• d6418cf feat(filesystem): scan in client/server mode (#​1829)
• 12d0317 refactor(template): remove unused test (#​1861)
• c3aca15 fix(cli): json format for trivy version (#​1854)
• b2b6895 docs: change URL for tfsec-checks (#​1857)

v0.24.4

Compare Source

Changelog

• 06659f1 fix(docker): Getting images without a tag (#​1852)
• a91cc50 docs(gitlab-ci): Use environment variables TRIVY_CACHE_DIR and TRIVY_NO_PROGRESS (#​1801)

v0.24.3

Compare Source

Changelog

• 4b8bf87 chore(issue labels): added new labels (#​1839)
• 5040cae refactor: clarify db update warning messages (#​1808)
• 28cd5a5 chore(ci): change trivy vulnerability scan for every day (#​1838)
• b2f554e feat(helm): make Trivy service name configurable (#​1825)
• 7a44a7a chore(deps): updated sprig to version v3.2.2. (#​1814)
• 18842fb chore(deps): updated testcontainers-go to version v0.12.0 (#​1822)
• 12ca3ca docs: add packages.config for .NET (#​1823)
• 728a3db build: sign container image (#​1668)
• 4e7b5ca chore(deps): bump github.com/CycloneDX/cyclonedx-go from 0.4.0 to 0.5.0 (#​1778)
• 0fca2cd docs: fix Installation documentation (#​1804)
• e50839b fix(report): ensure json report got a final new line (#​1797)
• f95a0f0 fix(terraform): resolve panics in defsec (#​1811)
• e5bf3d1 feat(docker): Label images based on OCI image spec (#​1793)
• 2193fb3 fix(helm): indentation for ServiceAccount annotations (#​1795)
• bbccb5a fix(hcl): fix panic in hcl2json (#​1791)
• a625455 chore(helm): remove psp from helm manifest (#​1315)
• 7e69f48 build: Replace make protoc with for loop to return an error (#​1655)
• f6c986b fix: ASFF template to match ASFF schema (#​1685)
• aab6f0b feat(helm): Add support for server token (#​1734)

v0.24.2

Compare Source

Changelog

eebf9c8 fix(pom): keep an order of dependencies (#​1784)
971092b chore: bump up Go to 1.17 (#​1781)
2f2d822 chore(deps): bump actions/setup-python from 2 to 3 (#​1776)
a2afd6e chore(deps): bump golangci/golangci-lint-action from 2 to 3.1.0 (#​1777)

Docker images

• docker pull aquasec/trivy:0.24.2
• docker pull ghcr.io/aquasecurity/trivy:0.24.2
• docker pull public.ecr.aws/aquasecurity/trivy:0.24.2

v0.24.1

Compare Source

Changelog

a423b99 fix(python): correct handling pip package names with a hyphen (#​1771)
a069ad7 doc(docker): fix command to run trivy with docker on linux (#​1761)
015055e feat(helm): Add support for custom labels (#​1767)
cbaa363 chore(helm): bump chart to trivy 0.24.0 (#​1762)
bec02f0 docs: remove erroneous command (#​1763)

Docker images

• docker pull aquasec/trivy:0.24.1
• docker pull ghcr.io/aquasecurity/trivy:0.24.1
• docker pull public.ecr.aws/aquasecurity/trivy:0.24.1

v0.24.0

Compare Source

Changelog

d7f8b92 chore(deps): bump github.com/spf13/afero from 1.6.0 to 1.8.1 (#​1708)
59ea0d5 fix(option): warn list-all-pkgs only with the table format (#​1755)
c788676 feat(option): warn "--list-all-pkgs" with "--format table" (#​1632)
58ade46 feat(report): add support for CycloneDX (#​1081)
77cab6e chore(deps): update the defsec and tfsec versions (#​1747)
2ede15d fix(scanner): fix skip of language-specific files when scanning rootf… (#​1751)
d266c74 chore(deps): bump github.com/google/wire from 0.4.0 to 0.5.0 (#​1712)
4423396 feat(report): considering App.Writer when printing results (#​1722)
356ae30 chore(deps): replace satori version and skipping examples folder (#​1745)
477dc7d build: add s390x container images (#​1726)
89b8d7f feat(template) Add misconfigurations to junit report (#​1724)
219b71b chore(deps): bump github.com/twitchtv/twirp (#​1709)
aa6e1eb feat(client): configure TLS InsecureSkipVerify for server connection (#​1287)
de6c3cb fix(rpc): Supports RPC calls for new identifier CustomResource (#​1605)
b7d4d1e chore(deps): bump go.uber.org/zap from 1.20.0 to 1.21.0 (#​1705)
e6c029d chore(deps): bump github.com/caarlos0/env/v6 from 6.0.0 to 6.9.1 (#​1707)
ec6cb1a feat(helm): Parameterise ServiceAccount annotations (#​1677)
7dfc16c chore(deps): bump github.com/hashicorp/go-getter from 1.5.2 to 1.5.11 (#​1710)
42d8fd6 chore(deps): bump github.com/cheggaaa/pb/v3 from 3.0.3 to 3.0.8 (#​1704)
c3ef203 chore(deps): bump github.com/open-policy-agent/opa from 0.36.1 to 0.37.2 (#​1711)
274103e chore(dependabot): enable gomod monthly (#​1699)
e618d83 fix(gitlab tpl): escape double quote (#​1635)
3b0b2ed build: Make make protoc be consistent (#​1682)
5c8d098 feat(purl): add generate purl package utilities (#​1574)
11f4f81 refactor: move result structs under types (#​1696)
6db2092 feat(mariner): add support for CBL-Mariner 2.0 (#​1694)
8898bb0 docs(gitlab-ci): fix Script in GitLab CI Example #​1688
33d0833 chore: Upgrade helm chart version (#​1683)
13874d8 chore(mod): update Go dependencies (#​1681)
f26a06b docs: fix typos in markdown docs (#​1674)
e2821a4 docs: update documentation for image scanning of tar files to use a tag present on Docker Hub (#​1671)
ef8a1af fix(repo): --no-progress suppresses git output (#​1669)

Docker images

• docker pull aquasec/trivy:0.24.0
• docker pull ghcr.io/aquasecurity/trivy:0.24.0
• docker pull public.ecr.aws/aquasecurity/trivy:0.24.0

v0.23.0

Compare Source

Changelog

449add2 docs: add ACR navigator (#​1651)
cb9afc8 fix: update example Rego files and docs (#​1628)
78b2b89 feat(option): show a link to GitHub Discussions for --light deprecation (#​1650)
52fd3c2 fix(sarif): fix the warning message (#​1647)
8d5882b refactor: migrate to prefixed buckets (#​1644)
84dd33f feat(mariner): add support for CBL-Mariner (#​1640)
9e903a1 docs: commercial use available (#​1641)
f4c746a feat: support azure acr (#​1611)
420f8ab feat(os-pkg): add data sources (#​1636)
d2827cb feat(redhat): support build info in RHEL (#​807)
ce703ce fix: change links in pull_request_template to static URLs (#​1634)
50bb938 feat(lang-pkg): add data sources (#​1625)
a31ddbe feat(detector): support custom detector (#​1615)
3a4e18a docs(contribution): change role who should resolve comments (#​1618)
8ba6836 docs: add PR template (#​1602)
f5c5573 feat(rocky): support Rocky Linux (#​1570)
eab2b42 Add the ability to set dockerhub credentials in the helm chart (#​1569)
cabd18d feat(cache): redis TLS support (#​1297)
02c3c36 feat(java): add support for PAR files (#​1599)
4f7b768 refactor(rust): move rust-advisory-db to OSV (#​1591)
d754cb8 feat: log ignored vulnerabilities on debug (#​1378)
a936e67 chore(mod): hcl2json deps update (#​1585)
af116d3 fix(rpm): do not ignore installed files via third-party rpm (#​1594)
b507360 feat(fs): allow scanning a single file (#​1578)
7fcbf44 refactor(python): drop Safety DB (#​1580)
478d279 feat: added insecure tls skip to scan git repo (#​1528)
33bd41b Supress git clone output (#​1590)
39a1008 fix(alma): skip modular package because MODULARITYLABEL is not set (#​1588)
37abd61 feat(photon os): added EOL dates check (#​1587)
78de33e docs: update supported os (#​1586)
2205462 BREAKING: remove root command (#​1579)
28ddcf1 docs: add Rust to Language-specific Packages Table (#​1577)
df134c7 docs: update int doc for gitlab ci (#​1575)
8da20c8 BREAKING: migrate the sarif template to Go code (#​1437)
714b5ca refactor: remove unused field (#​1567)
51e152b chore(deps): bump helm/chart-testing-action from 2.1.0 to 2.2.0 (#​1554)
884daff docs: gitlab integration (#​1381)
2a8336b feat(alma): support AlmaLinux (#​1238)
1e171af docs: added note about default template path when Trivy installed using rpm (#​1551)
e65274e BREAKING: Trivy DB from GHCR (#​1539)
db35450 feat(cli): Do not set default commands when a plugin is being run (#​1549)
24254d1 fix: add fingerprint field to codequality template (#​1541)
2ee0745 fix(image): correct handling of uncompressed layers (#​1544)
0aef82c chore: helm chart app version 0.22.0 (#​1535)
8b2a799 test(integration): use fixtures (#​1532)

Docker images

• docker pull aquasec/trivy:0.23.0
• docker pull ghcr.io/aquasecurity/trivy:0.23.0
• docker pull public.ecr.aws/aquasecurity/trivy:0.23.0

v0.22.0

Compare Source

Changelog

42f795f fix(java/pom): ignore unsupported requirements (#​1514)
8f737cc feat(cli): warning for root command (#​1516)
76249bd BREAKING: disable JAR detection in fs/repo scanning (#​1512)
59957d4 feat(scan): support --offline-scan option (#​1511)
da8b72d fix: improve memory usage (#​1509)
b713ad0 feat(java): support pom.xml (#​1501)
56115e9 docs: fixing rust link to security advisory (#​1504)
7f859af Add missing IacMetdata (#​1505)
628a796 feat(jar): add file path (#​1498)
82fba77 feat(rpm): support NDB (#​1497)
d5269da feat: added misconfiguration field for html.tpl (#​1444)

Docker images

• docker pull aquasec/trivy:0.22.0
• docker pull ghcr.io/aquasecurity/trivy:0.22.0
• docker pull public.ecr.aws/aquasecurity/trivy:0.22.0

v0.21.3

Compare Source

Changelog

8e57dee fix(docs): typo (#​1488)
8bfbc84 feat(plugin): Add option to update plugin (#​1462)
1e811de fix: fixed skipFiles/skipDirs flags for relative path (#​1482)
8b5796f feat (plugin): add list and info command for plugin (#​1452)
a2199bb fix: set up a vulnerability severity (#​1458)
279e76f chore: add arm64 deb package (#​1480)
5262590 Link to trivy tutorial on Semaphore (#​1449)
c275a84 refactor(helm): externalize env vars to configMap (#​1345)

Docker images

• docker pull aquasec/trivy:0.21.3
• docker pull ghcr.io/aquasecurity/trivy:0.21.3
• docker pull public.ecr.aws/aquasecurity/trivy:0.21.3

v0.21.2

Compare Source

Changelog

7beed30 docs: provide more information on scanning Google's GCR (#​1426)
f50e1f4 docs(misconfiguration): added instruction for misconfiguration detection (#​1428)
3ae4de5 Update git-repository.md (#​1430)
6e35b8f fix(hooks): exclude unrelated lib types from system files filtering (#​1431)
beb60b0 chore: run go fmt (#​1429)
582e7fd fix(sarif): change help field in the sarif template. (#​1423)
11bc290 Update fanal with cfsec version update (#​1425)
392f689 Replace deprecated option in goreleaser (#​1406)
101d576 feat(alpine): support 3.15 (#​1422)
bd3ba68 chore: test the helm chart in the PR and used the commit hash (#​1414)
3860d6e chore(deps): bump alpine from 3.14 to 3.15.0 (#​1417)
4f82673 chore(release): add ubuntu older versions to deploy script (#​1416)

Docker images

• docker pull aquasec/trivy:0.21.2
• docker pull ghcr.io/aquasecurity/trivy:0.21.2
• docker pull public.ecr.aws/aquasecurity/trivy:0.21.2

v0.21.1

Compare Source

Changelog

b9a51de chore(mod): tidy (#​1415)
7f24834 fix(rpc): fix nil layer transmit (#​1410)
af3eaef Lang advisory order (#​1409)
07c9200 chore: add support for s390x arch (#​1304)
8bc8a4a fix(chart): ingress helm manifest-update trivy image (#​1323)
9076a49 docs: Add comparison for cfsec (#​1388)
bb316d9 remove: delete unused functions in utils package (#​1379)

Docker images

• docker pull aquasec/trivy:0.21.1
• docker pull ghcr.io/aquasecurity/trivy:0.21.1
• docker pull public.ecr.aws/aquasecurity/trivy:0.21.1

v0.21.0

Compare Source

Changelog

efdb29d fix(sarif): fix validation errors (#​1376)
9bcf9e7 docs: add Bitbucket Pipelines (#​1374)
3147097 docs: add community integrations (#​1361)
33f74b3 Use a stable SARIF identifier (#​1230)
5915ffb fix(python): fix parsing of requirements.txt with hash checking mode available in pip since version 8.0
ae4c42b feat(iac): Add line information (#​1366)
19747d0 feat(cloudformation): Adding support for cfsec IaC scanning (#​1360)
da45061 chore: send debug and info logs to stdout in install.sh, not stderr. (#​1264)
cb1a4ed Update containerd to v1.5.7 and docker-cli to v20.10.9 (#​1356)
69dae54 chore: update SBOM generation (#​1349)

Docker images

• docker pull aquasec/trivy:0.21.0
• docker pull ghcr.io/aquasecurity/trivy:0.21.0
• docker pull public.ecr.aws/aquasecurity/trivy:0.21.0

v0.20.2

Compare Source

Changelog

5dc8cfe docs: update builtin.md (#​1335)
798b564 chore: fix issues with Homebrew formula (#​1329)
21bf5e5 chore: bump GoReleaser to v0.183.0 (#​1328)
e0f4ebd docs: update iac.md for a typo (#​1326)
23a9a5e docs: typo fix (#​1308)
1f5d17f Add new networking API features to Ingress (#​1262)

Docker images

• docker pull aquasec/trivy:0.20.2
• docker pull ghcr.io/aquasecurity/trivy:0.20.2
• docker pull public.ecr.aws/aquasecurity/trivy:0.20.2

v0.20.1

Compare Source

Changelog

bcfa028 chore(release): bump up GoReleaser to v0.182.1 (#​1299)
681ab1b fix(yarn): support quoted version (#​1298)
46051d5 feat(custom-forward): Forward the extended advisory data (#​1247)
d8d692b feat(javascript) : Initialize npm driver for javascript packages (#​1289)
cc344df fix(cli): fix incorrect comparision of DB metadata type. (#​1286)
0dec17f docs: add footer to readme (#​1281)

Docker images

• docker pull aquasec/trivy:0.20.1
• docker pull ghcr.io/aquasecurity/trivy:0.20.1
• docker pull public.ecr.aws/aquasecurity/trivy:0.20.1

---

Configuration

📅 Schedule: (in timezone America/Los_Angeles)

• Branch creation
  • "on the 1st through 7th day of the month"
• Automerge
  • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.