Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

chore: improve message output sbom with gh #145

Merged
merged 2 commits into from Aug 2, 2022

Conversation

krol3
Copy link
Contributor

@krol3 krol3 commented Jul 19, 2022

  • Improve the output with sbom and gh to show error in case of missing the github-pat.

Screen Shot 2022-07-19 at 17 10 05

@krol3 krol3 requested a review from simar7 July 19, 2022 20:11
Comment on lines 1052 to 1053
"text": "Vulnerability CVE-2016-5385\nSeverity: HIGH\nPackage: guzzlehttp/guzzle\nFixed Version: 5.3.1, 6.2.1, 4.2.4\nLink: [CVE-2016-5385](https://avd.aquasec.com/nvd/cve-2016-5385)\nPHP through 7.0.8 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, as demonstrated by (1) an application that makes a getenv('HTTP_PROXY') call or (2) a CGI configuration of PHP, aka an \"httpoxy\" issue.",
"markdown": "**Vulnerability CVE-2016-5385**\n| Severity | Package | Fixed Version | Link |\n| --- | --- | --- | --- |\n|HIGH|guzzlehttp/guzzle|5.3.1, 6.2.1, 4.2.4|[CVE-2016-5385](https://avd.aquasec.com/nvd/cve-2016-5385)|\n\nPHP through 7.0.8 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, as demonstrated by (1) an application that makes a getenv('HTTP_PROXY') call or (2) a CGI configuration of PHP, aka an \"httpoxy\" issue."
"text": "Vulnerability CVE-2016-5385\nSeverity: HIGH\nPackage: guzzlehttp/guzzle\nFixed Version: 4.2.4, 5.3.1, 6.2.1\nLink: [CVE-2016-5385](https://avd.aquasec.com/nvd/cve-2016-5385)\nPHP through 7.0.8 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, as demonstrated by (1) an application that makes a getenv('HTTP_PROXY') call or (2) a CGI configuration of PHP, aka an \"httpoxy\" issue.",
"markdown": "**Vulnerability CVE-2016-5385**\n| Severity | Package | Fixed Version | Link |\n| --- | --- | --- | --- |\n|HIGH|guzzlehttp/guzzle|4.2.4, 5.3.1, 6.2.1|[CVE-2016-5385](https://avd.aquasec.com/nvd/cve-2016-5385)|\n\nPHP through 7.0.8 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, as demonstrated by (1) an application that makes a getenv('HTTP_PROXY') call or (2) a CGI configuration of PHP, aka an \"httpoxy\" issue."
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think we need to find a better solution here. SARIF outputs (and JSON based outputs in general) have no ordering and as a result keep changing over time, resulting in unnecessary test failures.

Could you look into maybe changing the test target to not be something with lots of vulnerabilities (like what we have today with knqyf263/vuln-image:1.2.3) but rather something that does not have a lot (or any vulnerabilities)? Could be a small repo/fs golden test directory we could test against.

In this we don't actually care for what is in the output (content/vulnerabilities), but rather we care about the structure of the output (SARIF test should produce a SARIF, etc.)

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

One idea I have for this is to use images that are no longer actively supported in terms of security updates, like alpine:3.10. They aren't failsafe in terms of the above problem but are an easier target to move to rather than creating the golden artifacts from scratch.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@simar7 done!

@krol3 krol3 requested a review from simar7 July 27, 2022 19:15
entrypoint.sh Outdated
Comment on lines 164 to 174
trivyConfig=$(echo $trivyConfig | tr -d '\r')
if [ $trivyConfig ]; then
echo "Running Trivy with trivy.yaml config from: " $trivyConfig
trivy --config $trivyConfig ${scanType} $ARGS ${artifactRef}
returnCode=$?
else
echo "Running trivy with options: trivy ${scanType} ${ARGS}" "${artifactRef}"
echo "Global options: " "${GLOBAL_ARGS}"
trivy $GLOBAL_ARGS ${scanType} $ARGS ${artifactRef}
returnCode=$?
fi
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Not sure what happened here but this wasn't rebased correctly. See current master branch for details. https://github.com/aquasecurity/trivy-action/blob/master/entrypoint.sh#L167

@krol3 krol3 requested a review from simar7 July 30, 2022 22:50
@simar7 simar7 merged commit 0d7cf2d into aquasecurity:master Aug 2, 2022
@krol3 krol3 deleted the sbom-gh branch August 2, 2022 22:59
juanjjaramillo pushed a commit to newrelic/helm-charts that referenced this pull request Jan 22, 2024
[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Type | Update | Change |
|---|---|---|---|
|
[aquasecurity/trivy-action](https://togithub.com/aquasecurity/trivy-action)
| action | minor | `0.3.0` -> `0.16.1` |
|
[aquasecurity/trivy-action](https://togithub.com/aquasecurity/trivy-action)
| action | minor | `0.6.2` -> `0.16.1` |

---

### Release Notes

<details>
<summary>aquasecurity/trivy-action (aquasecurity/trivy-action)</summary>

###
[`v0.16.1`](https://togithub.com/aquasecurity/trivy-action/releases/tag/0.16.1)

[Compare
Source](https://togithub.com/aquasecurity/trivy-action/compare/0.16.0...0.16.1)

#### What's Changed

- Update Trivy to 0.48.1 by
[@&#8203;MartiUK](https://togithub.com/MartiUK) in
[aquasecurity/trivy-action#291
- docs: fix typo in README.md by
[@&#8203;hairmare](https://togithub.com/hairmare) in
[aquasecurity/trivy-action#293

#### New Contributors

- [@&#8203;MartiUK](https://togithub.com/MartiUK) made their first
contribution in
[aquasecurity/trivy-action#291
- [@&#8203;hairmare](https://togithub.com/hairmare) made their first
contribution in
[aquasecurity/trivy-action#293

**Full Changelog**:
aquasecurity/trivy-action@0.16.0...0.16.1

###
[`v0.16.0`](https://togithub.com/aquasecurity/trivy-action/releases/tag/0.16.0)

[Compare
Source](https://togithub.com/aquasecurity/trivy-action/compare/0.15.0...0.16.0)

##### What's Changed

- Update to trivy version 0.48.0 by
[@&#8203;pragmaticivan](https://togithub.com/pragmaticivan) in
[aquasecurity/trivy-action#289

##### New Contributors

- [@&#8203;pragmaticivan](https://togithub.com/pragmaticivan) made their
first contribution in
[aquasecurity/trivy-action#289

**Full Changelog**:
aquasecurity/trivy-action@0.15.0...0.16.0

###
[`v0.15.0`](https://togithub.com/aquasecurity/trivy-action/releases/tag/0.15.0)

[Compare
Source](https://togithub.com/aquasecurity/trivy-action/compare/0.14.0...0.15.0)

##### What's Changed

- feature(config): add terraform variable files by
[@&#8203;kderck](https://togithub.com/kderck) in
[aquasecurity/trivy-action#285

**Full Changelog**:
aquasecurity/trivy-action@0.14.0...0.15.0

###
[`v0.14.0`](https://togithub.com/aquasecurity/trivy-action/releases/tag/0.14.0)

[Compare
Source](https://togithub.com/aquasecurity/trivy-action/compare/0.13.1...0.14.0)

#### What's Changed

- fix: set return code after each Trivy call by
[@&#8203;LiamMacP](https://togithub.com/LiamMacP) in
[aquasecurity/trivy-action#247
- Update to `trivy` version `0.47.0` in Dockerfile by
[@&#8203;MPV](https://togithub.com/MPV) in
[aquasecurity/trivy-action#280
- feature: add filesystem alias by
[@&#8203;kderck](https://togithub.com/kderck) in
[aquasecurity/trivy-action#269

#### New Contributors

- [@&#8203;LiamMacP](https://togithub.com/LiamMacP) made their first
contribution in
[aquasecurity/trivy-action#247
- [@&#8203;MPV](https://togithub.com/MPV) made their first contribution
in
[aquasecurity/trivy-action#280
- [@&#8203;kderck](https://togithub.com/kderck) made their first
contribution in
[aquasecurity/trivy-action#269

**Full Changelog**:
aquasecurity/trivy-action@0.13.1...0.14.0

###
[`v0.13.1`](https://togithub.com/aquasecurity/trivy-action/releases/tag/0.13.1)

[Compare
Source](https://togithub.com/aquasecurity/trivy-action/compare/0.13.0...0.13.1)

#### What's Changed

- Update Dockerfile to 0.46.1 by
[@&#8203;witoldsleczkowski](https://togithub.com/witoldsleczkowski) in
[aquasecurity/trivy-action#277

#### New Contributors

- [@&#8203;witoldsleczkowski](https://togithub.com/witoldsleczkowski)
made their first contribution in
[aquasecurity/trivy-action#277

**Full Changelog**:
aquasecurity/trivy-action@0.13.0...0.13.1

###
[`v0.13.0`](https://togithub.com/aquasecurity/trivy-action/releases/tag/0.13.0)

[Compare
Source](https://togithub.com/aquasecurity/trivy-action/compare/0.12.0...0.13.0)

#### What's Changed

- fix: mark image-ref attribute optional by
[@&#8203;arxeiss](https://togithub.com/arxeiss) in
[aquasecurity/trivy-action#261
- Update Dockerfile to 0.46.0 by
[@&#8203;Cr0n1c](https://togithub.com/Cr0n1c) in
[aquasecurity/trivy-action#274

#### New Contributors

- [@&#8203;arxeiss](https://togithub.com/arxeiss) made their first
contribution in
[aquasecurity/trivy-action#261
- [@&#8203;Cr0n1c](https://togithub.com/Cr0n1c) made their first
contribution in
[aquasecurity/trivy-action#274

**Full Changelog**:
aquasecurity/trivy-action@0.12.0...0.13.0

###
[`v0.12.0`](https://togithub.com/aquasecurity/trivy-action/releases/tag/0.12.0)

[Compare
Source](https://togithub.com/aquasecurity/trivy-action/compare/0.11.2...0.12.0)

##### What's Changed

- chore(deps): Update trivy to v0.43.1 by
[@&#8203;simar7](https://togithub.com/simar7) in
[aquasecurity/trivy-action#243
- ci: add workflow to bump trivy by
[@&#8203;nikpivkin](https://togithub.com/nikpivkin) in
[aquasecurity/trivy-action#245
- Update README.md to change the example to the new default brach name …
by [@&#8203;jdsmithit](https://togithub.com/jdsmithit) in
[aquasecurity/trivy-action#234
- feat(trivy): Bump to v0.45.0 by
[@&#8203;simar7](https://togithub.com/simar7) in
[aquasecurity/trivy-action#256

##### New Contributors

- [@&#8203;nikpivkin](https://togithub.com/nikpivkin) made their first
contribution in
[aquasecurity/trivy-action#245
- [@&#8203;jdsmithit](https://togithub.com/jdsmithit) made their first
contribution in
[aquasecurity/trivy-action#234

**Full Changelog**:
aquasecurity/trivy-action@0.11.2...0.12.0

###
[`v0.11.2`](https://togithub.com/aquasecurity/trivy-action/releases/tag/0.11.2)

[Compare
Source](https://togithub.com/aquasecurity/trivy-action/compare/0.11.1...0.11.2)

**Full Changelog**:
aquasecurity/trivy-action@0.11.1...0.11.2

###
[`v0.11.1`](https://togithub.com/aquasecurity/trivy-action/releases/tag/0.11.1)

[Compare
Source](https://togithub.com/aquasecurity/trivy-action/compare/0.11.0...0.11.1)

#### What's Changed

- bump trivy to v0.42.1 by
[@&#8203;danielchabr](https://togithub.com/danielchabr) in
[aquasecurity/trivy-action#240

**Full Changelog**:
aquasecurity/trivy-action@0.11.0...0.11.1

###
[`v0.11.0`](https://togithub.com/aquasecurity/trivy-action/releases/tag/0.11.0)

[Compare
Source](https://togithub.com/aquasecurity/trivy-action/compare/0.10.0...0.11.0)

#### What's Changed

- Include args when using trivy config file by
[@&#8203;hermanwh](https://togithub.com/hermanwh) in
[aquasecurity/trivy-action#231
- bump trivy to v0.42.0 by
[@&#8203;danielchabr](https://togithub.com/danielchabr) in
[aquasecurity/trivy-action#237
- Enhance GitHub Dependency Snapshot upload by
[@&#8203;abriko](https://togithub.com/abriko) in
[aquasecurity/trivy-action#233
- feat: add exit-code parameter to sarif format by
[@&#8203;rogercoll](https://togithub.com/rogercoll) in
[aquasecurity/trivy-action#213

#### New Contributors

- [@&#8203;hermanwh](https://togithub.com/hermanwh) made their first
contribution in
[aquasecurity/trivy-action#231
- [@&#8203;danielchabr](https://togithub.com/danielchabr) made their
first contribution in
[aquasecurity/trivy-action#237
- [@&#8203;abriko](https://togithub.com/abriko) made their first
contribution in
[aquasecurity/trivy-action#233
- [@&#8203;rogercoll](https://togithub.com/rogercoll) made their first
contribution in
[aquasecurity/trivy-action#213

**Full Changelog**:
aquasecurity/trivy-action@0.10.0...0.11.0

###
[`v0.10.0`](https://togithub.com/aquasecurity/trivy-action/releases/tag/0.10.0)

[Compare
Source](https://togithub.com/aquasecurity/trivy-action/compare/0.9.2...0.10.0)

#### What's Changed

- docs: improve SBOM documentation by
[@&#8203;saerosV](https://togithub.com/saerosV) in
[aquasecurity/trivy-action#208
- chore: Update Trivy to 0.40.0 by
[@&#8203;PerfectSlayer](https://togithub.com/PerfectSlayer) in
[aquasecurity/trivy-action#223

#### New Contributors

- [@&#8203;saerosV](https://togithub.com/saerosV) made their first
contribution in
[aquasecurity/trivy-action#208
- [@&#8203;PerfectSlayer](https://togithub.com/PerfectSlayer) made their
first contribution in
[aquasecurity/trivy-action#223

**Full Changelog**:
aquasecurity/trivy-action@0.9.2...0.10.0

###
[`v0.9.2`](https://togithub.com/aquasecurity/trivy-action/releases/tag/0.9.2)

[Compare
Source](https://togithub.com/aquasecurity/trivy-action/compare/0.9.1...0.9.2)

#### What's Changed

- chore(deps): bump trivy to v0.38.1 by
[@&#8203;DmitriyLewen](https://togithub.com/DmitriyLewen) in
[aquasecurity/trivy-action#215
- Rename security-checks to scanners by
[@&#8203;sadovnikov](https://togithub.com/sadovnikov) in
[aquasecurity/trivy-action#211

#### New Contributors

- [@&#8203;DmitriyLewen](https://togithub.com/DmitriyLewen) made their
first contribution in
[aquasecurity/trivy-action#215
- [@&#8203;sadovnikov](https://togithub.com/sadovnikov) made their first
contribution in
[aquasecurity/trivy-action#211

**Full Changelog**:
aquasecurity/trivy-action@0.9.1...0.9.2

###
[`v0.9.1`](https://togithub.com/aquasecurity/trivy-action/releases/tag/0.9.1)

[Compare
Source](https://togithub.com/aquasecurity/trivy-action/compare/0.9.0...0.9.1)

#### What's Changed

- ⬆️ bump trivy action by
[@&#8203;flaxel](https://togithub.com/flaxel) in
[aquasecurity/trivy-action#203

#### New Contributors

- [@&#8203;flaxel](https://togithub.com/flaxel) made their first
contribution in
[aquasecurity/trivy-action#203

**Full Changelog**:
aquasecurity/trivy-action@0.9.0...0.9.1

###
[`v0.9.0`](https://togithub.com/aquasecurity/trivy-action/releases/tag/0.9.0)

[Compare
Source](https://togithub.com/aquasecurity/trivy-action/compare/0.8.0...0.9.0)

#### What's Changed

- fix(sarif): Add option to limit severities for sarif
([#&#8203;192](https://togithub.com/aquasecurity/trivy-action/issues/192))
by [@&#8203;AndreyLevchenko](https://togithub.com/AndreyLevchenko) in
[aquasecurity/trivy-action#198
- docs: add trivy-config to table by
[@&#8203;omarsilva1](https://togithub.com/omarsilva1) in
[aquasecurity/trivy-action#195
- Update README.md by [@&#8203;mcantu](https://togithub.com/mcantu) in
[aquasecurity/trivy-action#186
- feat(trivy): Bump Trivy to v0.37.1 by
[@&#8203;simar7](https://togithub.com/simar7) in
[aquasecurity/trivy-action#199

#### New Contributors

- [@&#8203;AndreyLevchenko](https://togithub.com/AndreyLevchenko) made
their first contribution in
[aquasecurity/trivy-action#198
- [@&#8203;omarsilva1](https://togithub.com/omarsilva1) made their first
contribution in
[aquasecurity/trivy-action#195
- [@&#8203;mcantu](https://togithub.com/mcantu) made their first
contribution in
[aquasecurity/trivy-action#186

**Full Changelog**:
aquasecurity/trivy-action@0.8.0...0.9.0

###
[`v0.8.0`](https://togithub.com/aquasecurity/trivy-action/releases/tag/0.8.0)

[Compare
Source](https://togithub.com/aquasecurity/trivy-action/compare/0.7.1...0.8.0)

#### What's Changed

- Add npm to action Dockerfile by
[@&#8203;VaismanLior](https://togithub.com/VaismanLior) in
[aquasecurity/trivy-action#176
- Add 0.34.0 release by
[@&#8203;L1ghtman2k](https://togithub.com/L1ghtman2k) in
[aquasecurity/trivy-action#177

#### New Contributors

- [@&#8203;VaismanLior](https://togithub.com/VaismanLior) made their
first contribution in
[aquasecurity/trivy-action#176
- [@&#8203;L1ghtman2k](https://togithub.com/L1ghtman2k) made their first
contribution in
[aquasecurity/trivy-action#177

**Full Changelog**:
aquasecurity/trivy-action@0.7.1...0.8.0

###
[`v0.7.1`](https://togithub.com/aquasecurity/trivy-action/releases/tag/0.7.1)

[Compare
Source](https://togithub.com/aquasecurity/trivy-action/compare/0.7.0...0.7.1)

#### What's Changed

- Fix github dependency submission API call by
[@&#8203;chejn](https://togithub.com/chejn) in
[aquasecurity/trivy-action#162

#### New Contributors

- [@&#8203;chejn](https://togithub.com/chejn) made their first
contribution in
[aquasecurity/trivy-action#162

**Full Changelog**:
aquasecurity/trivy-action@0.7.0...0.7.1

###
[`v0.7.0`](https://togithub.com/aquasecurity/trivy-action/releases/tag/0.7.0)

[Compare
Source](https://togithub.com/aquasecurity/trivy-action/compare/0.6.2...0.7.0)

#### What's Changed

- docs: correct format and add output on config scan with sarif by
[@&#8203;dirien](https://togithub.com/dirien) in
[aquasecurity/trivy-action#159
- feat(trivy): Bump Trivy to v0.31.2 by
[@&#8203;simar7](https://togithub.com/simar7) in
[aquasecurity/trivy-action#165

#### New Contributors

- [@&#8203;dirien](https://togithub.com/dirien) made their first
contribution in
[aquasecurity/trivy-action#159

**Full Changelog**:
aquasecurity/trivy-action@0.6.2...0.7.0

###
[`v0.6.2`](https://togithub.com/aquasecurity/trivy-action/releases/tag/0.6.2)

[Compare
Source](https://togithub.com/aquasecurity/trivy-action/compare/0.6.1...0.6.2)

#### What's Changed

- fix(config): Drop mixing of options with yaml config. by
[@&#8203;simar7](https://togithub.com/simar7) in
[aquasecurity/trivy-action#148
- chore: improve message output sbom with gh by
[@&#8203;krol3](https://togithub.com/krol3) in
[aquasecurity/trivy-action#145
- fix(sarif): Add timeout and security-checks for sarif by
[@&#8203;simar7](https://togithub.com/simar7) in
[aquasecurity/trivy-action#156

**Full Changelog**:
aquasecurity/trivy-action@0.6.1...0.6.2

###
[`v0.6.1`](https://togithub.com/aquasecurity/trivy-action/releases/tag/0.6.1)

[Compare
Source](https://togithub.com/aquasecurity/trivy-action/compare/0.6.0...0.6.1)

#### What's Changed

- chore(deps): Update trivy version by
[@&#8203;simar7](https://togithub.com/simar7) in
[aquasecurity/trivy-action#152

**Full Changelog**:
aquasecurity/trivy-action@0.6.0...0.6.1

###
[`v0.6.0`](https://togithub.com/aquasecurity/trivy-action/releases/tag/0.6.0)

[Compare
Source](https://togithub.com/aquasecurity/trivy-action/compare/0.5.1...0.6.0)

#### What's Changed 🔥

- feat(yaml): Add support for trivy.yaml by
[@&#8203;simar7](https://togithub.com/simar7) in
[aquasecurity/trivy-action#143
-   Updated to use Trivy v0.30.2

**Full Changelog**:
aquasecurity/trivy-action@0.5.1...0.6.0

###
[`v0.5.1`](https://togithub.com/aquasecurity/trivy-action/releases/tag/0.5.1)

[Compare
Source](https://togithub.com/aquasecurity/trivy-action/compare/0.5.0...0.5.1)

#### What's Changed

- fix(tests): Update test golden files for Trivy v0.29.2 by
[@&#8203;simar7](https://togithub.com/simar7) in
[aquasecurity/trivy-action#136
- docs(trivy): Add instructions to scan tarballs. by
[@&#8203;simar7](https://togithub.com/simar7) in
[aquasecurity/trivy-action#134

**Full Changelog**:
aquasecurity/trivy-action@0.5.0...0.5.1

###
[`v0.5.0`](https://togithub.com/aquasecurity/trivy-action/releases/tag/0.5.0)

[Compare
Source](https://togithub.com/aquasecurity/trivy-action/compare/0.4.1...0.5.0)

#### What's Changed ✨

- docs: added missing HTML template and removed deprecated SARIF
template by
[@&#8203;nleconte-csgroup](https://togithub.com/nleconte-csgroup) in
[aquasecurity/trivy-action#132
- feat(SBOM): Support SBOM generation by
[@&#8203;simar7](https://togithub.com/simar7) in
[aquasecurity/trivy-action#129

#### New Contributors ❤️

- [@&#8203;nleconte-csgroup](https://togithub.com/nleconte-csgroup) made
their first contribution in
[aquasecurity/trivy-action#132

**Full Changelog**:
aquasecurity/trivy-action@0.4.1...0.5.0

###
[`v0.4.1`](https://togithub.com/aquasecurity/trivy-action/releases/tag/0.4.1)

[Compare
Source](https://togithub.com/aquasecurity/trivy-action/compare/0.4.0...0.4.1)

#### What's Changed

- feat: update codeql-action/upload-sarif to v2 by
[@&#8203;dotdc](https://togithub.com/dotdc) in
[aquasecurity/trivy-action#124
- Add missing option to README. by
[@&#8203;achton](https://togithub.com/achton) in
[aquasecurity/trivy-action#127
- chore: pinning 0.29.0 trivy by
[@&#8203;krol3](https://togithub.com/krol3) in
[aquasecurity/trivy-action#128

#### New Contributors

- [@&#8203;dotdc](https://togithub.com/dotdc) made their first
contribution in
[aquasecurity/trivy-action#124

**Full Changelog**:
aquasecurity/trivy-action@0.4.0...0.4.1

###
[`v0.4.0`](https://togithub.com/aquasecurity/trivy-action/releases/tag/0.4.0)

[Compare
Source](https://togithub.com/aquasecurity/trivy-action/compare/0.3.0...0.4.0)

#### What's Changed ✨

- Enable security checks option for image type by
[@&#8203;tanguy-platsec](https://togithub.com/tanguy-platsec) in
[aquasecurity/trivy-action#112
- Update Trivy Version in Dockerfile by
[@&#8203;b34rd-tek](https://togithub.com/b34rd-tek) in
[aquasecurity/trivy-action#117
- Use AWS public ECR instead of rate-limiting dockerhub by
[@&#8203;tanguy-platsec](https://togithub.com/tanguy-platsec) in
[aquasecurity/trivy-action#118
- Add support for --ignorefile option (.trivyignore) by
[@&#8203;achton](https://togithub.com/achton) in
[aquasecurity/trivy-action#122
- Update tests for 0.28.1 and convert to JSON by
[@&#8203;achton](https://togithub.com/achton) in
[aquasecurity/trivy-action#126

#### New Contributors ❤️

- [@&#8203;tanguy-platsec](https://togithub.com/tanguy-platsec) made
their first contribution in
[aquasecurity/trivy-action#112
- [@&#8203;b34rd-tek](https://togithub.com/b34rd-tek) made their first
contribution in
[aquasecurity/trivy-action#117
- [@&#8203;achton](https://togithub.com/achton) made their first
contribution in
[aquasecurity/trivy-action#122

**Full Changelog**:
aquasecurity/trivy-action@0.3.0...0.4.0

</details>

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined),
Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about these
updates again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View
repository job log
[here](https://developer.mend.io/github/newrelic/helm-charts).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4xMzUuMCIsInVwZGF0ZWRJblZlciI6IjM3LjEzNS4wIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIn0=-->

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

None yet

2 participants