chore(deps): update aquasecurity/trivy-action action to v0.16.1 (#1245) · newrelic/helm-charts@b682ee7

Commit

chore(deps): update aquasecurity/trivy-action action to v0.16.1 (#1245)

[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Type | Update | Change |
|---|---|---|---|
|
[aquasecurity/trivy-action](https://togithub.com/aquasecurity/trivy-action)
| action | minor | `0.3.0` -> `0.16.1` |
|
[aquasecurity/trivy-action](https://togithub.com/aquasecurity/trivy-action)
| action | minor | `0.6.2` -> `0.16.1` |

---

### Release Notes

<details>
<summary>aquasecurity/trivy-action (aquasecurity/trivy-action)</summary>

###
[`v0.16.1`](https://togithub.com/aquasecurity/trivy-action/releases/tag/0.16.1)

[Compare
Source](https://togithub.com/aquasecurity/trivy-action/compare/0.16.0...0.16.1)

#### What's Changed

- Update Trivy to 0.48.1 by
[@&#8203;MartiUK](https://togithub.com/MartiUK) in
[aquasecurity/trivy-action#291
- docs: fix typo in README.md by
[@&#8203;hairmare](https://togithub.com/hairmare) in
[aquasecurity/trivy-action#293

#### New Contributors

- [@&#8203;MartiUK](https://togithub.com/MartiUK) made their first
contribution in
[aquasecurity/trivy-action#291
- [@&#8203;hairmare](https://togithub.com/hairmare) made their first
contribution in
[aquasecurity/trivy-action#293

**Full Changelog**:
aquasecurity/trivy-action@0.16.0...0.16.1

###
[`v0.16.0`](https://togithub.com/aquasecurity/trivy-action/releases/tag/0.16.0)

[Compare
Source](https://togithub.com/aquasecurity/trivy-action/compare/0.15.0...0.16.0)

##### What's Changed

- Update to trivy version 0.48.0 by
[@&#8203;pragmaticivan](https://togithub.com/pragmaticivan) in
[aquasecurity/trivy-action#289

##### New Contributors

- [@&#8203;pragmaticivan](https://togithub.com/pragmaticivan) made their
first contribution in
[aquasecurity/trivy-action#289

**Full Changelog**:
aquasecurity/trivy-action@0.15.0...0.16.0

###
[`v0.15.0`](https://togithub.com/aquasecurity/trivy-action/releases/tag/0.15.0)

[Compare
Source](https://togithub.com/aquasecurity/trivy-action/compare/0.14.0...0.15.0)

##### What's Changed

- feature(config): add terraform variable files by
[@&#8203;kderck](https://togithub.com/kderck) in
[aquasecurity/trivy-action#285

**Full Changelog**:
aquasecurity/trivy-action@0.14.0...0.15.0

###
[`v0.14.0`](https://togithub.com/aquasecurity/trivy-action/releases/tag/0.14.0)

[Compare
Source](https://togithub.com/aquasecurity/trivy-action/compare/0.13.1...0.14.0)

#### What's Changed

- fix: set return code after each Trivy call by
[@&#8203;LiamMacP](https://togithub.com/LiamMacP) in
[aquasecurity/trivy-action#247
- Update to `trivy` version `0.47.0` in Dockerfile by
[@&#8203;MPV](https://togithub.com/MPV) in
[aquasecurity/trivy-action#280
- feature: add filesystem alias by
[@&#8203;kderck](https://togithub.com/kderck) in
[aquasecurity/trivy-action#269

#### New Contributors

- [@&#8203;LiamMacP](https://togithub.com/LiamMacP) made their first
contribution in
[aquasecurity/trivy-action#247
- [@&#8203;MPV](https://togithub.com/MPV) made their first contribution
in
[aquasecurity/trivy-action#280
- [@&#8203;kderck](https://togithub.com/kderck) made their first
contribution in
[aquasecurity/trivy-action#269

**Full Changelog**:
aquasecurity/trivy-action@0.13.1...0.14.0

###
[`v0.13.1`](https://togithub.com/aquasecurity/trivy-action/releases/tag/0.13.1)

[Compare
Source](https://togithub.com/aquasecurity/trivy-action/compare/0.13.0...0.13.1)

#### What's Changed

- Update Dockerfile to 0.46.1 by
[@&#8203;witoldsleczkowski](https://togithub.com/witoldsleczkowski) in
[aquasecurity/trivy-action#277

#### New Contributors

- [@&#8203;witoldsleczkowski](https://togithub.com/witoldsleczkowski)
made their first contribution in
[aquasecurity/trivy-action#277

**Full Changelog**:
aquasecurity/trivy-action@0.13.0...0.13.1

###
[`v0.13.0`](https://togithub.com/aquasecurity/trivy-action/releases/tag/0.13.0)

[Compare
Source](https://togithub.com/aquasecurity/trivy-action/compare/0.12.0...0.13.0)

#### What's Changed

- fix: mark image-ref attribute optional by
[@&#8203;arxeiss](https://togithub.com/arxeiss) in
[aquasecurity/trivy-action#261
- Update Dockerfile to 0.46.0 by
[@&#8203;Cr0n1c](https://togithub.com/Cr0n1c) in
[aquasecurity/trivy-action#274

#### New Contributors

- [@&#8203;arxeiss](https://togithub.com/arxeiss) made their first
contribution in
[aquasecurity/trivy-action#261
- [@&#8203;Cr0n1c](https://togithub.com/Cr0n1c) made their first
contribution in
[aquasecurity/trivy-action#274

**Full Changelog**:
aquasecurity/trivy-action@0.12.0...0.13.0

###
[`v0.12.0`](https://togithub.com/aquasecurity/trivy-action/releases/tag/0.12.0)

[Compare
Source](https://togithub.com/aquasecurity/trivy-action/compare/0.11.2...0.12.0)

##### What's Changed

- chore(deps): Update trivy to v0.43.1 by
[@&#8203;simar7](https://togithub.com/simar7) in
[aquasecurity/trivy-action#243
- ci: add workflow to bump trivy by
[@&#8203;nikpivkin](https://togithub.com/nikpivkin) in
[aquasecurity/trivy-action#245
- Update README.md to change the example to the new default brach name …
by [@&#8203;jdsmithit](https://togithub.com/jdsmithit) in
[aquasecurity/trivy-action#234
- feat(trivy): Bump to v0.45.0 by
[@&#8203;simar7](https://togithub.com/simar7) in
[aquasecurity/trivy-action#256

##### New Contributors

- [@&#8203;nikpivkin](https://togithub.com/nikpivkin) made their first
contribution in
[aquasecurity/trivy-action#245
- [@&#8203;jdsmithit](https://togithub.com/jdsmithit) made their first
contribution in
[aquasecurity/trivy-action#234

**Full Changelog**:
aquasecurity/trivy-action@0.11.2...0.12.0

###
[`v0.11.2`](https://togithub.com/aquasecurity/trivy-action/releases/tag/0.11.2)

[Compare
Source](https://togithub.com/aquasecurity/trivy-action/compare/0.11.1...0.11.2)

**Full Changelog**:
aquasecurity/trivy-action@0.11.1...0.11.2

###
[`v0.11.1`](https://togithub.com/aquasecurity/trivy-action/releases/tag/0.11.1)

[Compare
Source](https://togithub.com/aquasecurity/trivy-action/compare/0.11.0...0.11.1)

#### What's Changed

- bump trivy to v0.42.1 by
[@&#8203;danielchabr](https://togithub.com/danielchabr) in
[aquasecurity/trivy-action#240

**Full Changelog**:
aquasecurity/trivy-action@0.11.0...0.11.1

###
[`v0.11.0`](https://togithub.com/aquasecurity/trivy-action/releases/tag/0.11.0)

[Compare
Source](https://togithub.com/aquasecurity/trivy-action/compare/0.10.0...0.11.0)

#### What's Changed

- Include args when using trivy config file by
[@&#8203;hermanwh](https://togithub.com/hermanwh) in
[aquasecurity/trivy-action#231
- bump trivy to v0.42.0 by
[@&#8203;danielchabr](https://togithub.com/danielchabr) in
[aquasecurity/trivy-action#237
- Enhance GitHub Dependency Snapshot upload by
[@&#8203;abriko](https://togithub.com/abriko) in
[aquasecurity/trivy-action#233
- feat: add exit-code parameter to sarif format by
[@&#8203;rogercoll](https://togithub.com/rogercoll) in
[aquasecurity/trivy-action#213

#### New Contributors

- [@&#8203;hermanwh](https://togithub.com/hermanwh) made their first
contribution in
[aquasecurity/trivy-action#231
- [@&#8203;danielchabr](https://togithub.com/danielchabr) made their
first contribution in
[aquasecurity/trivy-action#237
- [@&#8203;abriko](https://togithub.com/abriko) made their first
contribution in
[aquasecurity/trivy-action#233
- [@&#8203;rogercoll](https://togithub.com/rogercoll) made their first
contribution in
[aquasecurity/trivy-action#213

**Full Changelog**:
aquasecurity/trivy-action@0.10.0...0.11.0

###
[`v0.10.0`](https://togithub.com/aquasecurity/trivy-action/releases/tag/0.10.0)

[Compare
Source](https://togithub.com/aquasecurity/trivy-action/compare/0.9.2...0.10.0)

#### What's Changed

- docs: improve SBOM documentation by
[@&#8203;saerosV](https://togithub.com/saerosV) in
[aquasecurity/trivy-action#208
- chore: Update Trivy to 0.40.0 by
[@&#8203;PerfectSlayer](https://togithub.com/PerfectSlayer) in
[aquasecurity/trivy-action#223

#### New Contributors

- [@&#8203;saerosV](https://togithub.com/saerosV) made their first
contribution in
[aquasecurity/trivy-action#208
- [@&#8203;PerfectSlayer](https://togithub.com/PerfectSlayer) made their
first contribution in
[aquasecurity/trivy-action#223

**Full Changelog**:
aquasecurity/trivy-action@0.9.2...0.10.0

###
[`v0.9.2`](https://togithub.com/aquasecurity/trivy-action/releases/tag/0.9.2)

[Compare
Source](https://togithub.com/aquasecurity/trivy-action/compare/0.9.1...0.9.2)

#### What's Changed

- chore(deps): bump trivy to v0.38.1 by
[@&#8203;DmitriyLewen](https://togithub.com/DmitriyLewen) in
[aquasecurity/trivy-action#215
- Rename security-checks to scanners by
[@&#8203;sadovnikov](https://togithub.com/sadovnikov) in
[aquasecurity/trivy-action#211

#### New Contributors

- [@&#8203;DmitriyLewen](https://togithub.com/DmitriyLewen) made their
first contribution in
[aquasecurity/trivy-action#215
- [@&#8203;sadovnikov](https://togithub.com/sadovnikov) made their first
contribution in
[aquasecurity/trivy-action#211

**Full Changelog**:
aquasecurity/trivy-action@0.9.1...0.9.2

###
[`v0.9.1`](https://togithub.com/aquasecurity/trivy-action/releases/tag/0.9.1)

[Compare
Source](https://togithub.com/aquasecurity/trivy-action/compare/0.9.0...0.9.1)

#### What's Changed

- ⬆️ bump trivy action by
[@&#8203;flaxel](https://togithub.com/flaxel) in
[aquasecurity/trivy-action#203

#### New Contributors

- [@&#8203;flaxel](https://togithub.com/flaxel) made their first
contribution in
[aquasecurity/trivy-action#203

**Full Changelog**:
aquasecurity/trivy-action@0.9.0...0.9.1

###
[`v0.9.0`](https://togithub.com/aquasecurity/trivy-action/releases/tag/0.9.0)

[Compare
Source](https://togithub.com/aquasecurity/trivy-action/compare/0.8.0...0.9.0)

#### What's Changed

- fix(sarif): Add option to limit severities for sarif
([#&#8203;192](https://togithub.com/aquasecurity/trivy-action/issues/192))
by [@&#8203;AndreyLevchenko](https://togithub.com/AndreyLevchenko) in
[aquasecurity/trivy-action#198
- docs: add trivy-config to table by
[@&#8203;omarsilva1](https://togithub.com/omarsilva1) in
[aquasecurity/trivy-action#195
- Update README.md by [@&#8203;mcantu](https://togithub.com/mcantu) in
[aquasecurity/trivy-action#186
- feat(trivy): Bump Trivy to v0.37.1 by
[@&#8203;simar7](https://togithub.com/simar7) in
[aquasecurity/trivy-action#199

#### New Contributors

- [@&#8203;AndreyLevchenko](https://togithub.com/AndreyLevchenko) made
their first contribution in
[aquasecurity/trivy-action#198
- [@&#8203;omarsilva1](https://togithub.com/omarsilva1) made their first
contribution in
[aquasecurity/trivy-action#195
- [@&#8203;mcantu](https://togithub.com/mcantu) made their first
contribution in
[aquasecurity/trivy-action#186

**Full Changelog**:
aquasecurity/trivy-action@0.8.0...0.9.0

###
[`v0.8.0`](https://togithub.com/aquasecurity/trivy-action/releases/tag/0.8.0)

[Compare
Source](https://togithub.com/aquasecurity/trivy-action/compare/0.7.1...0.8.0)

#### What's Changed

- Add npm to action Dockerfile by
[@&#8203;VaismanLior](https://togithub.com/VaismanLior) in
[aquasecurity/trivy-action#176
- Add 0.34.0 release by
[@&#8203;L1ghtman2k](https://togithub.com/L1ghtman2k) in
[aquasecurity/trivy-action#177

#### New Contributors

- [@&#8203;VaismanLior](https://togithub.com/VaismanLior) made their
first contribution in
[aquasecurity/trivy-action#176
- [@&#8203;L1ghtman2k](https://togithub.com/L1ghtman2k) made their first
contribution in
[aquasecurity/trivy-action#177

**Full Changelog**:
aquasecurity/trivy-action@0.7.1...0.8.0

###
[`v0.7.1`](https://togithub.com/aquasecurity/trivy-action/releases/tag/0.7.1)

[Compare
Source](https://togithub.com/aquasecurity/trivy-action/compare/0.7.0...0.7.1)

#### What's Changed

- Fix github dependency submission API call by
[@&#8203;chejn](https://togithub.com/chejn) in
[aquasecurity/trivy-action#162

#### New Contributors

- [@&#8203;chejn](https://togithub.com/chejn) made their first
contribution in
[aquasecurity/trivy-action#162

**Full Changelog**:
aquasecurity/trivy-action@0.7.0...0.7.1

###
[`v0.7.0`](https://togithub.com/aquasecurity/trivy-action/releases/tag/0.7.0)

[Compare
Source](https://togithub.com/aquasecurity/trivy-action/compare/0.6.2...0.7.0)

#### What's Changed

- docs: correct format and add output on config scan with sarif by
[@&#8203;dirien](https://togithub.com/dirien) in
[aquasecurity/trivy-action#159
- feat(trivy): Bump Trivy to v0.31.2 by
[@&#8203;simar7](https://togithub.com/simar7) in
[aquasecurity/trivy-action#165

#### New Contributors

- [@&#8203;dirien](https://togithub.com/dirien) made their first
contribution in
[aquasecurity/trivy-action#159

**Full Changelog**:
aquasecurity/trivy-action@0.6.2...0.7.0

###
[`v0.6.2`](https://togithub.com/aquasecurity/trivy-action/releases/tag/0.6.2)

[Compare
Source](https://togithub.com/aquasecurity/trivy-action/compare/0.6.1...0.6.2)

#### What's Changed

- fix(config): Drop mixing of options with yaml config. by
[@&#8203;simar7](https://togithub.com/simar7) in
[aquasecurity/trivy-action#148
- chore: improve message output sbom with gh by
[@&#8203;krol3](https://togithub.com/krol3) in
[aquasecurity/trivy-action#145
- fix(sarif): Add timeout and security-checks for sarif by
[@&#8203;simar7](https://togithub.com/simar7) in
[aquasecurity/trivy-action#156

**Full Changelog**:
aquasecurity/trivy-action@0.6.1...0.6.2

###
[`v0.6.1`](https://togithub.com/aquasecurity/trivy-action/releases/tag/0.6.1)

[Compare
Source](https://togithub.com/aquasecurity/trivy-action/compare/0.6.0...0.6.1)

#### What's Changed

- chore(deps): Update trivy version by
[@&#8203;simar7](https://togithub.com/simar7) in
[aquasecurity/trivy-action#152

**Full Changelog**:
aquasecurity/trivy-action@0.6.0...0.6.1

###
[`v0.6.0`](https://togithub.com/aquasecurity/trivy-action/releases/tag/0.6.0)

[Compare
Source](https://togithub.com/aquasecurity/trivy-action/compare/0.5.1...0.6.0)

#### What's Changed 🔥

- feat(yaml): Add support for trivy.yaml by
[@&#8203;simar7](https://togithub.com/simar7) in
[aquasecurity/trivy-action#143
-   Updated to use Trivy v0.30.2

**Full Changelog**:
aquasecurity/trivy-action@0.5.1...0.6.0

###
[`v0.5.1`](https://togithub.com/aquasecurity/trivy-action/releases/tag/0.5.1)

[Compare
Source](https://togithub.com/aquasecurity/trivy-action/compare/0.5.0...0.5.1)

#### What's Changed

- fix(tests): Update test golden files for Trivy v0.29.2 by
[@&#8203;simar7](https://togithub.com/simar7) in
[aquasecurity/trivy-action#136
- docs(trivy): Add instructions to scan tarballs. by
[@&#8203;simar7](https://togithub.com/simar7) in
[aquasecurity/trivy-action#134

**Full Changelog**:
aquasecurity/trivy-action@0.5.0...0.5.1

###
[`v0.5.0`](https://togithub.com/aquasecurity/trivy-action/releases/tag/0.5.0)

[Compare
Source](https://togithub.com/aquasecurity/trivy-action/compare/0.4.1...0.5.0)

#### What's Changed ✨

- docs: added missing HTML template and removed deprecated SARIF
template by
[@&#8203;nleconte-csgroup](https://togithub.com/nleconte-csgroup) in
[aquasecurity/trivy-action#132
- feat(SBOM): Support SBOM generation by
[@&#8203;simar7](https://togithub.com/simar7) in
[aquasecurity/trivy-action#129

#### New Contributors ❤️

- [@&#8203;nleconte-csgroup](https://togithub.com/nleconte-csgroup) made
their first contribution in
[aquasecurity/trivy-action#132

**Full Changelog**:
aquasecurity/trivy-action@0.4.1...0.5.0

###
[`v0.4.1`](https://togithub.com/aquasecurity/trivy-action/releases/tag/0.4.1)

[Compare
Source](https://togithub.com/aquasecurity/trivy-action/compare/0.4.0...0.4.1)

#### What's Changed

- feat: update codeql-action/upload-sarif to v2 by
[@&#8203;dotdc](https://togithub.com/dotdc) in
[aquasecurity/trivy-action#124
- Add missing option to README. by
[@&#8203;achton](https://togithub.com/achton) in
[aquasecurity/trivy-action#127
- chore: pinning 0.29.0 trivy by
[@&#8203;krol3](https://togithub.com/krol3) in
[aquasecurity/trivy-action#128

#### New Contributors

- [@&#8203;dotdc](https://togithub.com/dotdc) made their first
contribution in
[aquasecurity/trivy-action#124

**Full Changelog**:
aquasecurity/trivy-action@0.4.0...0.4.1

###
[`v0.4.0`](https://togithub.com/aquasecurity/trivy-action/releases/tag/0.4.0)

[Compare
Source](https://togithub.com/aquasecurity/trivy-action/compare/0.3.0...0.4.0)

#### What's Changed ✨

- Enable security checks option for image type by
[@&#8203;tanguy-platsec](https://togithub.com/tanguy-platsec) in
[aquasecurity/trivy-action#112
- Update Trivy Version in Dockerfile by
[@&#8203;b34rd-tek](https://togithub.com/b34rd-tek) in
[aquasecurity/trivy-action#117
- Use AWS public ECR instead of rate-limiting dockerhub by
[@&#8203;tanguy-platsec](https://togithub.com/tanguy-platsec) in
[aquasecurity/trivy-action#118
- Add support for --ignorefile option (.trivyignore) by
[@&#8203;achton](https://togithub.com/achton) in
[aquasecurity/trivy-action#122
- Update tests for 0.28.1 and convert to JSON by
[@&#8203;achton](https://togithub.com/achton) in
[aquasecurity/trivy-action#126

#### New Contributors ❤️

- [@&#8203;tanguy-platsec](https://togithub.com/tanguy-platsec) made
their first contribution in
[aquasecurity/trivy-action#112
- [@&#8203;b34rd-tek](https://togithub.com/b34rd-tek) made their first
contribution in
[aquasecurity/trivy-action#117
- [@&#8203;achton](https://togithub.com/achton) made their first
contribution in
[aquasecurity/trivy-action#122

**Full Changelog**:
aquasecurity/trivy-action@0.3.0...0.4.0

</details>

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined),
Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about these
updates again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View
repository job log
[here](https://developer.mend.io/github/newrelic/helm-charts).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4xMzUuMCIsInVwZGF0ZWRJblZlciI6IjM3LjEzNS4wIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIn0=-->

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

Loading branch information

renovate[bot] committed Jan 22, 2024

1 parent 203759a commit b682ee7

.github/workflows/security.yaml

            
                      Original file line number
                      Diff line number
                      Diff line change
                  
    @@ -14,7 +14,7 @@ jobs:
  
            uses: actions/checkout@v3

          - name: Run Trivy vulnerability scanner in repo mode

            uses: aquasecurity/trivy-action@0.6.2

            uses: aquasecurity/trivy-action@0.16.1

            if: ${{ ! github.event.schedule }}  # Do not run inline checks when running periodically

            with:

              scan-type: fs

    @@ -23,7 +23,7 @@ jobs:
  
              severity: 'HIGH,CRITICAL'

          - name: Run Trivy vulnerability scanner sarif output

            uses: aquasecurity/trivy-action@0.3.0

            uses: aquasecurity/trivy-action@0.16.1

            if: ${{ github.event.schedule }}  # Generate sarif when running periodically

            with:

              scan-type: fs

0 comments on commit `b682ee7`

Please sign in to comment.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Commit

There are no files selected for viewing

0 comments on commit `b682ee7`

Commit

There are no files selected for viewing

0 comments on commit b682ee7

0 comments on commit `b682ee7`