Skip to content

chore(deps): Update trivy to v0.65.0#481

Merged
nikpivkin merged 6 commits intomasterfrom
bump-trivy-1755898251
Aug 27, 2025
Merged

chore(deps): Update trivy to v0.65.0#481
nikpivkin merged 6 commits intomasterfrom
bump-trivy-1755898251

Conversation

@aqua-bot
Copy link
Contributor

@aqua-bot aqua-bot commented Aug 22, 2025

Automated changes by create-pull-request GitHub action

@simar7 simar7 force-pushed the bump-trivy-1755898251 branch from 6389d65 to 636fd3c Compare August 27, 2025 01:12
@simar7
Copy link
Member

simar7 commented Aug 27, 2025

Tests are red as we need to sync the DBs. Depends on #482

@simar7 simar7 requested a review from Copilot August 27, 2025 01:19
Copilot AI reviewed Aug 27, 2025
View reviewed changes
Copy link

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull Request Overview

This PR updates Trivy to version v0.65.0 across all configuration files and test data. This is a dependency update that ensures the project uses the latest version of the Trivy security scanner.

Key changes:

  • Updates default Trivy version from v0.64.1 to v0.65.0 in action configuration
  • Updates test data files to reflect output format changes from the new Trivy version
  • Updates documentation to reference the new version

Reviewed Changes

Copilot reviewed 6 out of 6 changed files in this pull request and generated no comments.

Show a summary per file
File Description
action.yaml Updates default Trivy version parameter from v0.64.1 to v0.65.0
README.md Updates documentation examples and version references to v0.65.0
.github/workflows/test.yaml Updates TRIVY_VERSION environment variable to 0.65.0
test/data/with-trivy-yaml-cfg/report.json Updates test data to reflect new Trivy output format (PURL encoding and timestamp changes)
test/data/with-ignore-files/report Updates test data with modified CVE description formatting
test/data/image-scan/report Updates test data with modified CVE description formatting

Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.

@simar7 simar7 requested a review from nikpivkin August 27, 2025 01:19
@nikpivkin
test: update golden files
bf330b1 
Signed-off-by: Nikita Pivkin <[email protected]>
@nikpivkin
dev: add update-golden goal
71f6a8f 
Signed-off-by: Nikita Pivkin <[email protected]>
@nikpivkin
Copy link
Contributor

nikpivkin commented Aug 27, 2025

@simar7 I added a goal for updating golden files 71f6a8f (#481)

simar7
simar7 reviewed Aug 27, 2025
View reviewed changes
Makefile
Comment on lines +23 to +26
.PHONY: update-golden
update-golden:
mkdir -p .cache
UPDATE_GOLDEN=1 $(BATS_ENV) bats $(BATS_FLAGS)
Copy link
Member

@simar7 simar7 Aug 27, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

That's nice, should we add this target to the action that upgrades the trivy version? We would always review the PR it will create prior to merge, thereby avoiding us to run the target ourselves manually.

Copy link
Contributor

@nikpivkin nikpivkin Aug 27, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Done a169870 (#481)

@nikpivkin
Copy link
Contributor

nikpivkin commented Aug 27, 2025

Tests are red as we need to sync the DBs. Depends on #482

In general, we don't need to update the databases unless we upgrade Trivy to a version that uses new database schemas. This minimizes updates to golden files.

@nikpivkin nikpivkin merged commit f9424c1 into master Aug 27, 2025
3 checks passed
@nikpivkin nikpivkin deleted the bump-trivy-1755898251 branch August 27, 2025 07:19
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@simar7 simar7 simar7 left review comments

Copilot code review Copilot Copilot left review comments

@nikpivkin nikpivkin nikpivkin approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@aqua-bot @simar7 @nikpivkin