Upgrade trivy and harbor-scanner-trivy for harbor v2.11.1 #3932
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Issue #, if available:
#2401
Description of changes:
This PR does the following:
aquasecurity/trivy
to v0.56.2 instead of harbor dependency v0.54.1 as the latest trivy version includes #7600 which fixes the go.mod dependencies to remove the broken replace directivesgithub.aaakk.us.kg/mitchellh/osext
module in #7249 as part of v0.54.0 releaseaquasecurity/harbor-scanner-trivy
to v0.31.4Upstream source of truth:
https://github.com/goharbor/harbor/blob/v2.11.1/Makefile#L107-L108
Changelog:
Trivy: https://github.com/aquasecurity/trivy/blob/main/CHANGELOG.md
Harbor-scanner-trivy: https://github.com/aquasecurity/harbor-scanner-trivy/releases/tag/v0.31.4
By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.