Update dependency alpine_3_20/expat to v2.6.4-r0 (#380)

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: Simão Silva <37107350+simao-silva@users.noreply.github.com>
simao-silva · Nov 8, 2024 · 9e2bbc1 · 9e2bbc1
1 parent 80d6e46
commit 9e2bbc1
Show file tree

Hide file tree

Showing 4 changed files with 8 additions and 6 deletions.
diff --git a/.github/workflows/docker-build-push.yml b/.github/workflows/docker-build-push.yml
@@ -53,11 +53,12 @@ jobs:
 
       - name: Set up Trivy
         env:
-          TRIVY_DB_REPOSITORY: public.ecr.aws/aquasecurity/trivy-db
+          TRIVY_DB_REPOSITORY: public.ecr.aws/aquasecurity/trivy-db,aquasec/trivy-db,ghcr.io/aquasecurity/trivy-db
+          TRIVY_JAVA_DB_REPOSITORY: public.ecr.aws/aquasecurity/trivy-java-db,aquasec/trivy-java-db,ghcr.io/aquasecurity/trivy-java-db
         run: |
           docker run --rm aquasec/trivy --version
           docker volume create trivy-db
-          docker run --rm -v trivy-db:/root/.cache/ aquasec/trivy image --download-db-only
+          docker run --rm -e TRIVY_DB_REPOSITORY -e TRIVY_JAVA_DB_REPOSITORY -v trivy-db:/root/.cache/ aquasec/trivy image --download-db-only
 
       - name: Run Trivy vulnerability scanner for low severity cases
         run: |

diff --git a/.github/workflows/pr.yml b/.github/workflows/pr.yml
@@ -41,11 +41,12 @@ jobs:
 
       - name: Set up Trivy
         env:
-          TRIVY_DB_REPOSITORY: public.ecr.aws/aquasecurity/trivy-db
+          TRIVY_DB_REPOSITORY: public.ecr.aws/aquasecurity/trivy-db,aquasec/trivy-db,ghcr.io/aquasecurity/trivy-db
+          TRIVY_JAVA_DB_REPOSITORY: public.ecr.aws/aquasecurity/trivy-java-db,aquasec/trivy-java-db,ghcr.io/aquasecurity/trivy-java-db
         run: |
           docker run --rm aquasec/trivy --version
           docker volume create trivy-db
-          docker run --rm -v trivy-db:/root/.cache/ aquasec/trivy image --download-db-only
+          docker run --rm -e TRIVY_DB_REPOSITORY -e TRIVY_JAVA_DB_REPOSITORY -v trivy-db:/root/.cache/ aquasec/trivy image --download-db-only
 
       - name: Run Trivy vulnerability scanner for low severity cases
         run: |

diff --git a/.github/workflows/trivy.yml b/.github/workflows/trivy.yml
@@ -31,7 +31,7 @@ jobs:
           format: "sarif"
           output: "trivy-repository-scan.sarif"
         env:
-          TRIVY_DB_REPOSITORY: public.ecr.aws/aquasecurity/trivy-db
+          TRIVY_DB_REPOSITORY: public.ecr.aws/aquasecurity/trivy-db,aquasec/trivy-db,ghcr.io/aquasecurity/trivy-db
 
       - name: Upload Trivy scan results to GitHub Security
         uses: github/codeql-action/upload-sarif@v3.27.0

diff --git a/Dockerfile b/Dockerfile
@@ -44,7 +44,7 @@ ARG GECKODRIVER_VERSION="0.35.0-r0"
 ARG OPENSSL_VERSION="3.3.2-r1"
 
 # renovate: datasource=repology depName=alpine_3_20/expat versioning=loose
-ARG EXPAT_VERSION="2.6.3-r0"
+ARG EXPAT_VERSION="2.6.4-r0"
 
 RUN apk add --no-cache firefox="${FIREFOX_VERSION}" font-noto=="${FONT_MOTO_VERSION}" && \
     apk add --no-cache --repository=https://dl-cdn.alpinelinux.org/alpine/edge/community geckodriver="${GECKODRIVER_VERSION}" && \