From 56f5b8ce87b32a66b344f6fb31a3b13e0be907f2 Mon Sep 17 00:00:00 2001 From: Martin Kemp Date: Wed, 20 Dec 2023 10:31:15 +0000 Subject: [PATCH 1/2] Update Trivy to 0.48.1 Signed-off-by: Martin Kemp --- .github/workflows/build.yaml | 2 +- Dockerfile | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml index 46e63a8..817eb41 100644 --- a/.github/workflows/build.yaml +++ b/.github/workflows/build.yaml @@ -1,7 +1,7 @@ name: "build" on: [push, pull_request] env: - TRIVY_VERSION: 0.48.0 + TRIVY_VERSION: 0.48.1 BATS_LIB_PATH: '/usr/lib/' jobs: build: diff --git a/Dockerfile b/Dockerfile index ebbe6bd..f9fae01 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,4 @@ -FROM ghcr.io/aquasecurity/trivy:0.48.0 +FROM ghcr.io/aquasecurity/trivy:0.48.1 COPY entrypoint.sh / RUN apk --no-cache add bash curl npm RUN chmod +x /entrypoint.sh From 1fdaee60b103bafaa587e5ec09c8dec79fa95051 Mon Sep 17 00:00:00 2001 From: Simar Date: Tue, 2 Jan 2024 16:28:08 -0700 Subject: [PATCH 2/2] update tests --- test/data/config-sarif.test | 4 ++-- test/data/config.test | 2 +- test/data/fs-scheck.test | 2 +- test/data/repo.test | 2 +- test/data/tfvars.test | 2 +- test/data/yamlconfig.test | 6 +++--- 6 files changed, 9 insertions(+), 9 deletions(-) diff --git a/test/data/config-sarif.test b/test/data/config-sarif.test index 5269f31..3189a57 100644 --- a/test/data/config-sarif.test +++ b/test/data/config-sarif.test @@ -307,7 +307,7 @@ } } ], - "version": "0.48.0" + "version": "0.48.1" } }, "results": [ @@ -612,7 +612,7 @@ "columnKind": "utf16CodeUnits", "originalUriBaseIds": { "ROOTPATH": { - "uri": "file:///Users/simarpreetsingh/repos/trivy-action/" + "uri": "file:///home/runner/work/trivy-action/trivy-action/" } } } diff --git a/test/data/config.test b/test/data/config.test index df498d2..5a3b830 100644 --- a/test/data/config.test +++ b/test/data/config.test @@ -1,6 +1,6 @@ { "SchemaVersion": 2, - "CreatedAt": "2023-12-08T11:02:54.295987-07:00", + "CreatedAt": "2024-01-02T23:40:12.036390742Z", "ArtifactName": ".", "ArtifactType": "filesystem", "Metadata": { diff --git a/test/data/fs-scheck.test b/test/data/fs-scheck.test index 30474a4..da0a280 100644 --- a/test/data/fs-scheck.test +++ b/test/data/fs-scheck.test @@ -1,6 +1,6 @@ { "SchemaVersion": 2, - "CreatedAt": "2023-12-08T11:02:56.571535-07:00", + "CreatedAt": "2024-01-02T23:40:15.166517221Z", "ArtifactName": ".", "ArtifactType": "filesystem", "Metadata": { diff --git a/test/data/repo.test b/test/data/repo.test index f39a664..2c483fd 100644 --- a/test/data/repo.test +++ b/test/data/repo.test @@ -1,6 +1,6 @@ { "SchemaVersion": 2, - "CreatedAt": "2023-12-08T11:02:50.045151-07:00", + "CreatedAt": "2024-01-02T23:40:04.647712097Z", "ArtifactName": "https://github.com/krol3/demo-trivy/", "ArtifactType": "repository", "Metadata": { diff --git a/test/data/tfvars.test b/test/data/tfvars.test index 1eaecaa..c2d09b8 100644 --- a/test/data/tfvars.test +++ b/test/data/tfvars.test @@ -1,6 +1,6 @@ { "SchemaVersion": 2, - "CreatedAt": "2023-12-08T11:03:02.76948-07:00", + "CreatedAt": "2024-01-02T16:27:32.841193-07:00", "ArtifactName": "test/data", "ArtifactType": "filesystem", "Metadata": { diff --git a/test/data/yamlconfig.test b/test/data/yamlconfig.test index 498bb77..0edc477 100644 --- a/test/data/yamlconfig.test +++ b/test/data/yamlconfig.test @@ -1,6 +1,6 @@ { "SchemaVersion": 2, - "CreatedAt": "2023-12-08T11:03:01.877209-07:00", + "CreatedAt": "2024-01-02T23:40:21.039454971Z", "ArtifactName": "alpine:3.10", "ArtifactType": "container_image", "Metadata": { @@ -106,8 +106,8 @@ "https://nvd.nist.gov/vuln/detail/CVE-2021-36159", "https://www.cve.org/CVERecord?id=CVE-2021-36159" ], - "PublishedDate": "2021-08-03T14:15:00Z", - "LastModifiedDate": "2023-11-07T03:36:00Z" + "PublishedDate": "2021-08-03T14:15:08.233Z", + "LastModifiedDate": "2023-11-07T03:36:43.337Z" } ] }