chore: improve message output sbom with gh #145
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Contributor
krol3
commented
Jul 19, 2022
krol3
commented
- Improve the output with sbom and gh to show error in case of missing the github-pat.
simar7
reviewed
Jul 19, 2022
test/data/image-sarif.test
Outdated
Comment on lines
1052
to
1053
| "text": "Vulnerability CVE-2016-5385\nSeverity: HIGH\nPackage: guzzlehttp/guzzle\nFixed Version: 5.3.1, 6.2.1, 4.2.4\nLink: [CVE-2016-5385](https://avd.aquasec.com/nvd/cve-2016-5385)\nPHP through 7.0.8 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, as demonstrated by (1) an application that makes a getenv('HTTP_PROXY') call or (2) a CGI configuration of PHP, aka an \"httpoxy\" issue.", | ||
| "markdown": "**Vulnerability CVE-2016-5385**\n| Severity | Package | Fixed Version | Link |\n| --- | --- | --- | --- |\n|HIGH|guzzlehttp/guzzle|5.3.1, 6.2.1, 4.2.4|[CVE-2016-5385](https://avd.aquasec.com/nvd/cve-2016-5385)|\n\nPHP through 7.0.8 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, as demonstrated by (1) an application that makes a getenv('HTTP_PROXY') call or (2) a CGI configuration of PHP, aka an \"httpoxy\" issue." | ||
| "text": "Vulnerability CVE-2016-5385\nSeverity: HIGH\nPackage: guzzlehttp/guzzle\nFixed Version: 4.2.4, 5.3.1, 6.2.1\nLink: [CVE-2016-5385](https://avd.aquasec.com/nvd/cve-2016-5385)\nPHP through 7.0.8 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, as demonstrated by (1) an application that makes a getenv('HTTP_PROXY') call or (2) a CGI configuration of PHP, aka an \"httpoxy\" issue.", | ||
| "markdown": "**Vulnerability CVE-2016-5385**\n| Severity | Package | Fixed Version | Link |\n| --- | --- | --- | --- |\n|HIGH|guzzlehttp/guzzle|4.2.4, 5.3.1, 6.2.1|[CVE-2016-5385](https://avd.aquasec.com/nvd/cve-2016-5385)|\n\nPHP through 7.0.8 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, as demonstrated by (1) an application that makes a getenv('HTTP_PROXY') call or (2) a CGI configuration of PHP, aka an \"httpoxy\" issue." |
There was a problem hiding this comment.
I think we need to find a better solution here. SARIF outputs (and JSON based outputs in general) have no ordering and as a result keep changing over time, resulting in unnecessary test failures.
Could you look into maybe changing the test target to not be something with lots of vulnerabilities (like what we have today with knqyf263/vuln-image:1.2.3) but rather something that does not have a lot (or any vulnerabilities)? Could be a small repo/fs golden test directory we could test against.
In this we don't actually care for what is in the output (content/vulnerabilities), but rather we care about the structure of the output (SARIF test should produce a SARIF, etc.)
There was a problem hiding this comment.
One idea I have for this is to use images that are no longer actively supported in terms of security updates, like alpine:3.10. They aren't failsafe in terms of the above problem but are an easier target to move to rather than creating the golden artifacts from scratch.
simar7
reviewed
Jul 29, 2022
entrypoint.sh
Outdated
Comment on lines
164
to
174
| trivyConfig=$(echo $trivyConfig | tr -d '\r') | ||
| if [ $trivyConfig ]; then | ||
| echo "Running Trivy with trivy.yaml config from: " $trivyConfig | ||
| trivy --config $trivyConfig ${scanType} $ARGS ${artifactRef} | ||
| returnCode=$? | ||
| else | ||
| echo "Running trivy with options: trivy ${scanType} ${ARGS}" "${artifactRef}" | ||
| echo "Global options: " "${GLOBAL_ARGS}" | ||
| trivy $GLOBAL_ARGS ${scanType} $ARGS ${artifactRef} | ||
| returnCode=$? | ||
| fi |
There was a problem hiding this comment.
Not sure what happened here but this wasn't rebased correctly. See current master branch for details. https://github.com/aquasecurity/trivy-action/blob/master/entrypoint.sh#L167
simar7
approved these changes
Aug 2, 2022
juanjjaramillo
referenced
this pull request
in newrelic/helm-charts
Jan 22, 2024
[](https://renovatebot.com) This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [aquasecurity/trivy-action](https://togithub.com/aquasecurity/trivy-action) | action | minor | `0.3.0` -> `0.16.1` | | [aquasecurity/trivy-action](https://togithub.com/aquasecurity/trivy-action) | action | minor | `0.6.2` -> `0.16.1` | --- ### Release Notes <details> <summary>aquasecurity/trivy-action (aquasecurity/trivy-action)</summary> ### [`v0.16.1`](https://togithub.com/aquasecurity/trivy-action/releases/tag/0.16.1) [Compare Source](https://togithub.com/aquasecurity/trivy-action/compare/0.16.0...0.16.1) #### What's Changed - Update Trivy to 0.48.1 by [@​MartiUK](https://togithub.com/MartiUK) in [https://github.com/aquasecurity/trivy-action/pull/291](https://togithub.com/aquasecurity/trivy-action/pull/291) - docs: fix typo in README.md by [@​hairmare](https://togithub.com/hairmare) in [https://github.com/aquasecurity/trivy-action/pull/293](https://togithub.com/aquasecurity/trivy-action/pull/293) #### New Contributors - [@​MartiUK](https://togithub.com/MartiUK) made their first contribution in [https://github.com/aquasecurity/trivy-action/pull/291](https://togithub.com/aquasecurity/trivy-action/pull/291) - [@​hairmare](https://togithub.com/hairmare) made their first contribution in [https://github.com/aquasecurity/trivy-action/pull/293](https://togithub.com/aquasecurity/trivy-action/pull/293) **Full Changelog**: aquasecurity/trivy-action@0.16.0...0.16.1 ### [`v0.16.0`](https://togithub.com/aquasecurity/trivy-action/releases/tag/0.16.0) [Compare Source](https://togithub.com/aquasecurity/trivy-action/compare/0.15.0...0.16.0) ##### What's Changed - Update to trivy version 0.48.0 by [@​pragmaticivan](https://togithub.com/pragmaticivan) in [https://github.com/aquasecurity/trivy-action/pull/289](https://togithub.com/aquasecurity/trivy-action/pull/289) ##### New Contributors - [@​pragmaticivan](https://togithub.com/pragmaticivan) made their first contribution in [https://github.com/aquasecurity/trivy-action/pull/289](https://togithub.com/aquasecurity/trivy-action/pull/289) **Full Changelog**: aquasecurity/trivy-action@0.15.0...0.16.0 ### [`v0.15.0`](https://togithub.com/aquasecurity/trivy-action/releases/tag/0.15.0) [Compare Source](https://togithub.com/aquasecurity/trivy-action/compare/0.14.0...0.15.0) ##### What's Changed - feature(config): add terraform variable files by [@​kderck](https://togithub.com/kderck) in [https://github.com/aquasecurity/trivy-action/pull/285](https://togithub.com/aquasecurity/trivy-action/pull/285) **Full Changelog**: aquasecurity/trivy-action@0.14.0...0.15.0 ### [`v0.14.0`](https://togithub.com/aquasecurity/trivy-action/releases/tag/0.14.0) [Compare Source](https://togithub.com/aquasecurity/trivy-action/compare/0.13.1...0.14.0) #### What's Changed - fix: set return code after each Trivy call by [@​LiamMacP](https://togithub.com/LiamMacP) in [https://github.com/aquasecurity/trivy-action/pull/247](https://togithub.com/aquasecurity/trivy-action/pull/247) - Update to `trivy` version `0.47.0` in Dockerfile by [@​MPV](https://togithub.com/MPV) in [https://github.com/aquasecurity/trivy-action/pull/280](https://togithub.com/aquasecurity/trivy-action/pull/280) - feature: add filesystem alias by [@​kderck](https://togithub.com/kderck) in [https://github.com/aquasecurity/trivy-action/pull/269](https://togithub.com/aquasecurity/trivy-action/pull/269) #### New Contributors - [@​LiamMacP](https://togithub.com/LiamMacP) made their first contribution in [https://github.com/aquasecurity/trivy-action/pull/247](https://togithub.com/aquasecurity/trivy-action/pull/247) - [@​MPV](https://togithub.com/MPV) made their first contribution in [https://github.com/aquasecurity/trivy-action/pull/280](https://togithub.com/aquasecurity/trivy-action/pull/280) - [@​kderck](https://togithub.com/kderck) made their first contribution in [https://github.com/aquasecurity/trivy-action/pull/269](https://togithub.com/aquasecurity/trivy-action/pull/269) **Full Changelog**: aquasecurity/trivy-action@0.13.1...0.14.0 ### [`v0.13.1`](https://togithub.com/aquasecurity/trivy-action/releases/tag/0.13.1) [Compare Source](https://togithub.com/aquasecurity/trivy-action/compare/0.13.0...0.13.1) #### What's Changed - Update Dockerfile to 0.46.1 by [@​witoldsleczkowski](https://togithub.com/witoldsleczkowski) in [https://github.com/aquasecurity/trivy-action/pull/277](https://togithub.com/aquasecurity/trivy-action/pull/277) #### New Contributors - [@​witoldsleczkowski](https://togithub.com/witoldsleczkowski) made their first contribution in [https://github.com/aquasecurity/trivy-action/pull/277](https://togithub.com/aquasecurity/trivy-action/pull/277) **Full Changelog**: aquasecurity/trivy-action@0.13.0...0.13.1 ### [`v0.13.0`](https://togithub.com/aquasecurity/trivy-action/releases/tag/0.13.0) [Compare Source](https://togithub.com/aquasecurity/trivy-action/compare/0.12.0...0.13.0) #### What's Changed - fix: mark image-ref attribute optional by [@​arxeiss](https://togithub.com/arxeiss) in [https://github.com/aquasecurity/trivy-action/pull/261](https://togithub.com/aquasecurity/trivy-action/pull/261) - Update Dockerfile to 0.46.0 by [@​Cr0n1c](https://togithub.com/Cr0n1c) in [https://github.com/aquasecurity/trivy-action/pull/274](https://togithub.com/aquasecurity/trivy-action/pull/274) #### New Contributors - [@​arxeiss](https://togithub.com/arxeiss) made their first contribution in [https://github.com/aquasecurity/trivy-action/pull/261](https://togithub.com/aquasecurity/trivy-action/pull/261) - [@​Cr0n1c](https://togithub.com/Cr0n1c) made their first contribution in [https://github.com/aquasecurity/trivy-action/pull/274](https://togithub.com/aquasecurity/trivy-action/pull/274) **Full Changelog**: aquasecurity/trivy-action@0.12.0...0.13.0 ### [`v0.12.0`](https://togithub.com/aquasecurity/trivy-action/releases/tag/0.12.0) [Compare Source](https://togithub.com/aquasecurity/trivy-action/compare/0.11.2...0.12.0) ##### What's Changed - chore(deps): Update trivy to v0.43.1 by [@​simar7](https://togithub.com/simar7) in [https://github.com/aquasecurity/trivy-action/pull/243](https://togithub.com/aquasecurity/trivy-action/pull/243) - ci: add workflow to bump trivy by [@​nikpivkin](https://togithub.com/nikpivkin) in [https://github.com/aquasecurity/trivy-action/pull/245](https://togithub.com/aquasecurity/trivy-action/pull/245) - Update README.md to change the example to the new default brach name … by [@​jdsmithit](https://togithub.com/jdsmithit) in [https://github.com/aquasecurity/trivy-action/pull/234](https://togithub.com/aquasecurity/trivy-action/pull/234) - feat(trivy): Bump to v0.45.0 by [@​simar7](https://togithub.com/simar7) in [https://github.com/aquasecurity/trivy-action/pull/256](https://togithub.com/aquasecurity/trivy-action/pull/256) ##### New Contributors - [@​nikpivkin](https://togithub.com/nikpivkin) made their first contribution in [https://github.com/aquasecurity/trivy-action/pull/245](https://togithub.com/aquasecurity/trivy-action/pull/245) - [@​jdsmithit](https://togithub.com/jdsmithit) made their first contribution in [https://github.com/aquasecurity/trivy-action/pull/234](https://togithub.com/aquasecurity/trivy-action/pull/234) **Full Changelog**: aquasecurity/trivy-action@0.11.2...0.12.0 ### [`v0.11.2`](https://togithub.com/aquasecurity/trivy-action/releases/tag/0.11.2) [Compare Source](https://togithub.com/aquasecurity/trivy-action/compare/0.11.1...0.11.2) **Full Changelog**: aquasecurity/trivy-action@0.11.1...0.11.2 ### [`v0.11.1`](https://togithub.com/aquasecurity/trivy-action/releases/tag/0.11.1) [Compare Source](https://togithub.com/aquasecurity/trivy-action/compare/0.11.0...0.11.1) #### What's Changed - bump trivy to v0.42.1 by [@​danielchabr](https://togithub.com/danielchabr) in [https://github.com/aquasecurity/trivy-action/pull/240](https://togithub.com/aquasecurity/trivy-action/pull/240) **Full Changelog**: aquasecurity/trivy-action@0.11.0...0.11.1 ### [`v0.11.0`](https://togithub.com/aquasecurity/trivy-action/releases/tag/0.11.0) [Compare Source](https://togithub.com/aquasecurity/trivy-action/compare/0.10.0...0.11.0) #### What's Changed - Include args when using trivy config file by [@​hermanwh](https://togithub.com/hermanwh) in [https://github.com/aquasecurity/trivy-action/pull/231](https://togithub.com/aquasecurity/trivy-action/pull/231) - bump trivy to v0.42.0 by [@​danielchabr](https://togithub.com/danielchabr) in [https://github.com/aquasecurity/trivy-action/pull/237](https://togithub.com/aquasecurity/trivy-action/pull/237) - Enhance GitHub Dependency Snapshot upload by [@​abriko](https://togithub.com/abriko) in [https://github.com/aquasecurity/trivy-action/pull/233](https://togithub.com/aquasecurity/trivy-action/pull/233) - feat: add exit-code parameter to sarif format by [@​rogercoll](https://togithub.com/rogercoll) in [https://github.com/aquasecurity/trivy-action/pull/213](https://togithub.com/aquasecurity/trivy-action/pull/213) #### New Contributors - [@​hermanwh](https://togithub.com/hermanwh) made their first contribution in [https://github.com/aquasecurity/trivy-action/pull/231](https://togithub.com/aquasecurity/trivy-action/pull/231) - [@​danielchabr](https://togithub.com/danielchabr) made their first contribution in [https://github.com/aquasecurity/trivy-action/pull/237](https://togithub.com/aquasecurity/trivy-action/pull/237) - [@​abriko](https://togithub.com/abriko) made their first contribution in [https://github.com/aquasecurity/trivy-action/pull/233](https://togithub.com/aquasecurity/trivy-action/pull/233) - [@​rogercoll](https://togithub.com/rogercoll) made their first contribution in [https://github.com/aquasecurity/trivy-action/pull/213](https://togithub.com/aquasecurity/trivy-action/pull/213) **Full Changelog**: aquasecurity/trivy-action@0.10.0...0.11.0 ### [`v0.10.0`](https://togithub.com/aquasecurity/trivy-action/releases/tag/0.10.0) [Compare Source](https://togithub.com/aquasecurity/trivy-action/compare/0.9.2...0.10.0) #### What's Changed - docs: improve SBOM documentation by [@​saerosV](https://togithub.com/saerosV) in [https://github.com/aquasecurity/trivy-action/pull/208](https://togithub.com/aquasecurity/trivy-action/pull/208) - chore: Update Trivy to 0.40.0 by [@​PerfectSlayer](https://togithub.com/PerfectSlayer) in [https://github.com/aquasecurity/trivy-action/pull/223](https://togithub.com/aquasecurity/trivy-action/pull/223) #### New Contributors - [@​saerosV](https://togithub.com/saerosV) made their first contribution in [https://github.com/aquasecurity/trivy-action/pull/208](https://togithub.com/aquasecurity/trivy-action/pull/208) - [@​PerfectSlayer](https://togithub.com/PerfectSlayer) made their first contribution in [https://github.com/aquasecurity/trivy-action/pull/223](https://togithub.com/aquasecurity/trivy-action/pull/223) **Full Changelog**: aquasecurity/trivy-action@0.9.2...0.10.0 ### [`v0.9.2`](https://togithub.com/aquasecurity/trivy-action/releases/tag/0.9.2) [Compare Source](https://togithub.com/aquasecurity/trivy-action/compare/0.9.1...0.9.2) #### What's Changed - chore(deps): bump trivy to v0.38.1 by [@​DmitriyLewen](https://togithub.com/DmitriyLewen) in [https://github.com/aquasecurity/trivy-action/pull/215](https://togithub.com/aquasecurity/trivy-action/pull/215) - Rename security-checks to scanners by [@​sadovnikov](https://togithub.com/sadovnikov) in [https://github.com/aquasecurity/trivy-action/pull/211](https://togithub.com/aquasecurity/trivy-action/pull/211) #### New Contributors - [@​DmitriyLewen](https://togithub.com/DmitriyLewen) made their first contribution in [https://github.com/aquasecurity/trivy-action/pull/215](https://togithub.com/aquasecurity/trivy-action/pull/215) - [@​sadovnikov](https://togithub.com/sadovnikov) made their first contribution in [https://github.com/aquasecurity/trivy-action/pull/211](https://togithub.com/aquasecurity/trivy-action/pull/211) **Full Changelog**: aquasecurity/trivy-action@0.9.1...0.9.2 ### [`v0.9.1`](https://togithub.com/aquasecurity/trivy-action/releases/tag/0.9.1) [Compare Source](https://togithub.com/aquasecurity/trivy-action/compare/0.9.0...0.9.1) #### What's Changed - ⬆️ bump trivy action by [@​flaxel](https://togithub.com/flaxel) in [https://github.com/aquasecurity/trivy-action/pull/203](https://togithub.com/aquasecurity/trivy-action/pull/203) #### New Contributors - [@​flaxel](https://togithub.com/flaxel) made their first contribution in [https://github.com/aquasecurity/trivy-action/pull/203](https://togithub.com/aquasecurity/trivy-action/pull/203) **Full Changelog**: aquasecurity/trivy-action@0.9.0...0.9.1 ### [`v0.9.0`](https://togithub.com/aquasecurity/trivy-action/releases/tag/0.9.0) [Compare Source](https://togithub.com/aquasecurity/trivy-action/compare/0.8.0...0.9.0) #### What's Changed - fix(sarif): Add option to limit severities for sarif ([#​192](https://togithub.com/aquasecurity/trivy-action/issues/192)) by [@​AndreyLevchenko](https://togithub.com/AndreyLevchenko) in [https://github.com/aquasecurity/trivy-action/pull/198](https://togithub.com/aquasecurity/trivy-action/pull/198) - docs: add trivy-config to table by [@​omarsilva1](https://togithub.com/omarsilva1) in [https://github.com/aquasecurity/trivy-action/pull/195](https://togithub.com/aquasecurity/trivy-action/pull/195) - Update README.md by [@​mcantu](https://togithub.com/mcantu) in [https://github.com/aquasecurity/trivy-action/pull/186](https://togithub.com/aquasecurity/trivy-action/pull/186) - feat(trivy): Bump Trivy to v0.37.1 by [@​simar7](https://togithub.com/simar7) in [https://github.com/aquasecurity/trivy-action/pull/199](https://togithub.com/aquasecurity/trivy-action/pull/199) #### New Contributors - [@​AndreyLevchenko](https://togithub.com/AndreyLevchenko) made their first contribution in [https://github.com/aquasecurity/trivy-action/pull/198](https://togithub.com/aquasecurity/trivy-action/pull/198) - [@​omarsilva1](https://togithub.com/omarsilva1) made their first contribution in [https://github.com/aquasecurity/trivy-action/pull/195](https://togithub.com/aquasecurity/trivy-action/pull/195) - [@​mcantu](https://togithub.com/mcantu) made their first contribution in [https://github.com/aquasecurity/trivy-action/pull/186](https://togithub.com/aquasecurity/trivy-action/pull/186) **Full Changelog**: aquasecurity/trivy-action@0.8.0...0.9.0 ### [`v0.8.0`](https://togithub.com/aquasecurity/trivy-action/releases/tag/0.8.0) [Compare Source](https://togithub.com/aquasecurity/trivy-action/compare/0.7.1...0.8.0) #### What's Changed - Add npm to action Dockerfile by [@​VaismanLior](https://togithub.com/VaismanLior) in [https://github.com/aquasecurity/trivy-action/pull/176](https://togithub.com/aquasecurity/trivy-action/pull/176) - Add 0.34.0 release by [@​L1ghtman2k](https://togithub.com/L1ghtman2k) in [https://github.com/aquasecurity/trivy-action/pull/177](https://togithub.com/aquasecurity/trivy-action/pull/177) #### New Contributors - [@​VaismanLior](https://togithub.com/VaismanLior) made their first contribution in [https://github.com/aquasecurity/trivy-action/pull/176](https://togithub.com/aquasecurity/trivy-action/pull/176) - [@​L1ghtman2k](https://togithub.com/L1ghtman2k) made their first contribution in [https://github.com/aquasecurity/trivy-action/pull/177](https://togithub.com/aquasecurity/trivy-action/pull/177) **Full Changelog**: aquasecurity/trivy-action@0.7.1...0.8.0 ### [`v0.7.1`](https://togithub.com/aquasecurity/trivy-action/releases/tag/0.7.1) [Compare Source](https://togithub.com/aquasecurity/trivy-action/compare/0.7.0...0.7.1) #### What's Changed - Fix github dependency submission API call by [@​chejn](https://togithub.com/chejn) in [https://github.com/aquasecurity/trivy-action/pull/162](https://togithub.com/aquasecurity/trivy-action/pull/162) #### New Contributors - [@​chejn](https://togithub.com/chejn) made their first contribution in [https://github.com/aquasecurity/trivy-action/pull/162](https://togithub.com/aquasecurity/trivy-action/pull/162) **Full Changelog**: aquasecurity/trivy-action@0.7.0...0.7.1 ### [`v0.7.0`](https://togithub.com/aquasecurity/trivy-action/releases/tag/0.7.0) [Compare Source](https://togithub.com/aquasecurity/trivy-action/compare/0.6.2...0.7.0) #### What's Changed - docs: correct format and add output on config scan with sarif by [@​dirien](https://togithub.com/dirien) in [https://github.com/aquasecurity/trivy-action/pull/159](https://togithub.com/aquasecurity/trivy-action/pull/159) - feat(trivy): Bump Trivy to v0.31.2 by [@​simar7](https://togithub.com/simar7) in [https://github.com/aquasecurity/trivy-action/pull/165](https://togithub.com/aquasecurity/trivy-action/pull/165) #### New Contributors - [@​dirien](https://togithub.com/dirien) made their first contribution in [https://github.com/aquasecurity/trivy-action/pull/159](https://togithub.com/aquasecurity/trivy-action/pull/159) **Full Changelog**: aquasecurity/trivy-action@0.6.2...0.7.0 ### [`v0.6.2`](https://togithub.com/aquasecurity/trivy-action/releases/tag/0.6.2) [Compare Source](https://togithub.com/aquasecurity/trivy-action/compare/0.6.1...0.6.2) #### What's Changed - fix(config): Drop mixing of options with yaml config. by [@​simar7](https://togithub.com/simar7) in [https://github.com/aquasecurity/trivy-action/pull/148](https://togithub.com/aquasecurity/trivy-action/pull/148) - chore: improve message output sbom with gh by [@​krol3](https://togithub.com/krol3) in [https://github.com/aquasecurity/trivy-action/pull/145](https://togithub.com/aquasecurity/trivy-action/pull/145) - fix(sarif): Add timeout and security-checks for sarif by [@​simar7](https://togithub.com/simar7) in [https://github.com/aquasecurity/trivy-action/pull/156](https://togithub.com/aquasecurity/trivy-action/pull/156) **Full Changelog**: aquasecurity/trivy-action@0.6.1...0.6.2 ### [`v0.6.1`](https://togithub.com/aquasecurity/trivy-action/releases/tag/0.6.1) [Compare Source](https://togithub.com/aquasecurity/trivy-action/compare/0.6.0...0.6.1) #### What's Changed - chore(deps): Update trivy version by [@​simar7](https://togithub.com/simar7) in [https://github.com/aquasecurity/trivy-action/pull/152](https://togithub.com/aquasecurity/trivy-action/pull/152) **Full Changelog**: aquasecurity/trivy-action@0.6.0...0.6.1 ### [`v0.6.0`](https://togithub.com/aquasecurity/trivy-action/releases/tag/0.6.0) [Compare Source](https://togithub.com/aquasecurity/trivy-action/compare/0.5.1...0.6.0) #### What's Changed 🔥 - feat(yaml): Add support for trivy.yaml by [@​simar7](https://togithub.com/simar7) in [https://github.com/aquasecurity/trivy-action/pull/143](https://togithub.com/aquasecurity/trivy-action/pull/143) - Updated to use Trivy v0.30.2 **Full Changelog**: aquasecurity/trivy-action@0.5.1...0.6.0 ### [`v0.5.1`](https://togithub.com/aquasecurity/trivy-action/releases/tag/0.5.1) [Compare Source](https://togithub.com/aquasecurity/trivy-action/compare/0.5.0...0.5.1) #### What's Changed - fix(tests): Update test golden files for Trivy v0.29.2 by [@​simar7](https://togithub.com/simar7) in [https://github.com/aquasecurity/trivy-action/pull/136](https://togithub.com/aquasecurity/trivy-action/pull/136) - docs(trivy): Add instructions to scan tarballs. by [@​simar7](https://togithub.com/simar7) in [https://github.com/aquasecurity/trivy-action/pull/134](https://togithub.com/aquasecurity/trivy-action/pull/134) **Full Changelog**: aquasecurity/trivy-action@0.5.0...0.5.1 ### [`v0.5.0`](https://togithub.com/aquasecurity/trivy-action/releases/tag/0.5.0) [Compare Source](https://togithub.com/aquasecurity/trivy-action/compare/0.4.1...0.5.0) #### What's Changed ✨ - docs: added missing HTML template and removed deprecated SARIF template by [@​nleconte-csgroup](https://togithub.com/nleconte-csgroup) in [https://github.com/aquasecurity/trivy-action/pull/132](https://togithub.com/aquasecurity/trivy-action/pull/132) - feat(SBOM): Support SBOM generation by [@​simar7](https://togithub.com/simar7) in [https://github.com/aquasecurity/trivy-action/pull/129](https://togithub.com/aquasecurity/trivy-action/pull/129) #### New Contributors ❤️ - [@​nleconte-csgroup](https://togithub.com/nleconte-csgroup) made their first contribution in [https://github.com/aquasecurity/trivy-action/pull/132](https://togithub.com/aquasecurity/trivy-action/pull/132) **Full Changelog**: aquasecurity/trivy-action@0.4.1...0.5.0 ### [`v0.4.1`](https://togithub.com/aquasecurity/trivy-action/releases/tag/0.4.1) [Compare Source](https://togithub.com/aquasecurity/trivy-action/compare/0.4.0...0.4.1) #### What's Changed - feat: update codeql-action/upload-sarif to v2 by [@​dotdc](https://togithub.com/dotdc) in [https://github.com/aquasecurity/trivy-action/pull/124](https://togithub.com/aquasecurity/trivy-action/pull/124) - Add missing option to README. by [@​achton](https://togithub.com/achton) in [https://github.com/aquasecurity/trivy-action/pull/127](https://togithub.com/aquasecurity/trivy-action/pull/127) - chore: pinning 0.29.0 trivy by [@​krol3](https://togithub.com/krol3) in [https://github.com/aquasecurity/trivy-action/pull/128](https://togithub.com/aquasecurity/trivy-action/pull/128) #### New Contributors - [@​dotdc](https://togithub.com/dotdc) made their first contribution in [https://github.com/aquasecurity/trivy-action/pull/124](https://togithub.com/aquasecurity/trivy-action/pull/124) **Full Changelog**: aquasecurity/trivy-action@0.4.0...0.4.1 ### [`v0.4.0`](https://togithub.com/aquasecurity/trivy-action/releases/tag/0.4.0) [Compare Source](https://togithub.com/aquasecurity/trivy-action/compare/0.3.0...0.4.0) #### What's Changed ✨ - Enable security checks option for image type by [@​tanguy-platsec](https://togithub.com/tanguy-platsec) in [https://github.com/aquasecurity/trivy-action/pull/112](https://togithub.com/aquasecurity/trivy-action/pull/112) - Update Trivy Version in Dockerfile by [@​b34rd-tek](https://togithub.com/b34rd-tek) in [https://github.com/aquasecurity/trivy-action/pull/117](https://togithub.com/aquasecurity/trivy-action/pull/117) - Use AWS public ECR instead of rate-limiting dockerhub by [@​tanguy-platsec](https://togithub.com/tanguy-platsec) in [https://github.com/aquasecurity/trivy-action/pull/118](https://togithub.com/aquasecurity/trivy-action/pull/118) - Add support for --ignorefile option (.trivyignore) by [@​achton](https://togithub.com/achton) in [https://github.com/aquasecurity/trivy-action/pull/122](https://togithub.com/aquasecurity/trivy-action/pull/122) - Update tests for 0.28.1 and convert to JSON by [@​achton](https://togithub.com/achton) in [https://github.com/aquasecurity/trivy-action/pull/126](https://togithub.com/aquasecurity/trivy-action/pull/126) #### New Contributors ❤️ - [@​tanguy-platsec](https://togithub.com/tanguy-platsec) made their first contribution in [https://github.com/aquasecurity/trivy-action/pull/112](https://togithub.com/aquasecurity/trivy-action/pull/112) - [@​b34rd-tek](https://togithub.com/b34rd-tek) made their first contribution in [https://github.com/aquasecurity/trivy-action/pull/117](https://togithub.com/aquasecurity/trivy-action/pull/117) - [@​achton](https://togithub.com/achton) made their first contribution in [https://github.com/aquasecurity/trivy-action/pull/122](https://togithub.com/aquasecurity/trivy-action/pull/122) **Full Changelog**: aquasecurity/trivy-action@0.3.0...0.4.0 </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about these updates again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/newrelic/helm-charts). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4xMzUuMCIsInVwZGF0ZWRJblZlciI6IjM3LjEzNS4wIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIn0=--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
](https://renovatebot.com){kind=link}
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.