chore(deps): Update trivy to v0.43.1 (#243)

* chore(deps): Update trivy to v0.43.1

* fix tests

Signed-off-by: Simar <simar@linux.com>

---------

Signed-off-by: Simar <simar@linux.com>
pull/247/head
simar7 10 months ago committed by GitHub
parent 41f05d9ecf
commit 3dd517d8c9
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

@ -1,7 +1,7 @@
name: "build"
on: [push, pull_request]
env:
TRIVY_VERSION: 0.42.1
TRIVY_VERSION: 0.43.1
BATS_LIB_PATH: '/usr/lib/'
jobs:
build:

@ -1,4 +1,4 @@
FROM ghcr.io/aquasecurity/trivy:0.42.1
FROM ghcr.io/aquasecurity/trivy:0.43.1
COPY entrypoint.sh /
RUN apk --no-cache add bash curl npm
RUN chmod +x /entrypoint.sh

@ -64,7 +64,7 @@
}
}
],
"version": "0.42.1"
"version": "0.43.1"
}
},
"results": [

@ -37,7 +37,7 @@
}
}
],
"version": "0.42.1"
"version": "0.43.1"
}
},
"results": [

@ -75,15 +75,12 @@ Total: 19 (CRITICAL: 19)
rust-app/Cargo.lock (cargo)
===========================
Total: 2 (CRITICAL: 2)
Total: 1 (CRITICAL: 1)
┌──────────┬────────────────┬──────────┬───────────────────┬───────────────┬─────────────────────────────────────────────────────────────┐
│ Library │ Vulnerability │ Severity │ Installed Version │ Fixed Version │ Title │
├──────────┼────────────────┼──────────┼───────────────────┼───────────────┼─────────────────────────────────────────────────────────────┤
│ openssl │ CVE-2018-20997 │ CRITICAL │ 0.8.3 │ 0.10.9 │ Use after free in openssl │
│ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2018-20997 │
├──────────┼────────────────┤ ├───────────────────┼───────────────┼─────────────────────────────────────────────────────────────┤
│ smallvec │ CVE-2021-25900 │ │ 0.6.9 │ 1.6.1, 0.6.14 │ An issue was discovered in the smallvec crate before 0.6.14 │
│ smallvec │ CVE-2021-25900 │ CRITICAL │ 0.6.9 │ 1.6.1, 0.6.14 │ An issue was discovered in the smallvec crate before 0.6.14 │
│ │ │ │ │ │ and 1.x... │
│ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2021-25900 │
└──────────┴────────────────┴──────────┴───────────────────┴───────────────┴─────────────────────────────────────────────────────────────┘

@ -75,15 +75,12 @@ Total: 19 (CRITICAL: 19)
rust-app/Cargo.lock (cargo)
===========================
Total: 5 (CRITICAL: 5)
Total: 4 (CRITICAL: 4)
┌───────────┬────────────────┬──────────┬───────────────────┬───────────────┬─────────────────────────────────────────────────────────────┐
│ Library │ Vulnerability │ Severity │ Installed Version │ Fixed Version │ Title │
├───────────┼────────────────┼──────────┼───────────────────┼───────────────┼─────────────────────────────────────────────────────────────┤
│ openssl │ CVE-2018-20997 │ CRITICAL │ 0.8.3 │ 0.10.9 │ Use after free in openssl │
│ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2018-20997 │
├───────────┼────────────────┤ ├───────────────────┼───────────────┼─────────────────────────────────────────────────────────────┤
│ rand_core │ CVE-2020-25576 │ │ 0.4.0 │ 0.3.1, 0.4.2 │ An issue was discovered in the rand_core crate before 0.4.2 │
│ rand_core │ CVE-2020-25576 │ CRITICAL │ 0.4.0 │ 0.3.1, 0.4.2 │ An issue was discovered in the rand_core crate before 0.4.2 │
│ │ │ │ │ │ for Rust.... │
│ │ │ │ │ │ https://avd.aquasec.com/nvd/cve-2020-25576 │
├───────────┼────────────────┤ ├───────────────────┼───────────────┼─────────────────────────────────────────────────────────────┤

Loading…
Cancel
Save