Upgrade trivy and harbor-scanner-trivy for harbor v2.11.1

aws · Oct 16, 2024 · 053ab77 · 053ab77
1 parent 5af30d9
commit 053ab77
Show file tree

Hide file tree

Showing 4 changed files with 3 additions and 41 deletions.
diff --git a/UPSTREAM_PROJECTS.yaml b/UPSTREAM_PROJECTS.yaml
@@ -29,7 +29,7 @@ projects:
             go_version: "1.21"
       - name: trivy
         versions:
-          - tag: v0.51.2
+          - tag: v0.54.1
             go_version: "1.22"
   - org: aws
     repos:

diff --git a/projects/aquasecurity/trivy/GIT_TAG b/projects/aquasecurity/trivy/GIT_TAG
@@ -1 +1 @@
-v0.51.2
+v0.54.1
diff --git a/projects/aquasecurity/trivy/README.md b/projects/aquasecurity/trivy/README.md
@@ -1,5 +1,5 @@
 ## **trivy**
-![Version](https://img.shields.io/badge/version-v0.51.2-blue)
+![Version](https://img.shields.io/badge/version-v0.54.1-blue)
 ![Build Status](https://codebuild.us-west-2.amazonaws.com/badges?uuid=eyJlbmNyeXB0ZWREYXRhIjoiMVBvZE5FTEtYaVpuWUJ3eGd2Tis1dHAxT0ZKcXBuWkNVUmpjL0pRVnduRUl2Qm1XZ29xbHBENU5wVGM3TzVTTXhFTS83VUtrWGdCVU9lVkVxSmFhUnBFPSIsIml2UGFyYW1ldGVyU3BlYyI6IkQzTU9tSEd0YWZDc0NVYkIiLCJtYXRlcmlhbFNldFNlcmlhbCI6MX0%3D&branch=main)
 
 [Trivy](https://github.com/aquasecurity/trivy/) is a simple and comprehensive scanner for vulnerabilities in container images, file systems, and Git repositories, as well as for configuration issues. Trivy detects vulnerabilities of OS packages (Alpine, RHEL, CentOS, etc.) and language-specific packages (Bundler, Composer, npm, yarn, etc.). In addition, Trivy scans Infrastructure as Code (IaC) files such as Terraform, Dockerfile and Kubernetes, to detect potential configuration issues that expose your deployments to the risk of attack. Trivy also scans hardcoded secrets like passwords, API keys and tokens.

diff --git a/...quasecurity/trivy/patches/0001-Replace-mitchellh-os-ext-with-kardianos-os-ext-modul.patch b/...quasecurity/trivy/patches/0001-Replace-mitchellh-os-ext-with-kardianos-os-ext-modul.patch