chore(deps): Update trivy to v0.70.0 (#559)

Co-authored-by: GitHub Actions <actions@github.com>

README.md

@@ -215,7 +215,7 @@ jobs:
       uses: aquasecurity/setup-trivy@v0.2.0
       with:
         cache: true
-        version: v0.69.3
+        version: v0.70.0
 
     - name: Run Trivy vulnerability scanner in repo mode
       uses: aquasecurity/trivy-action@master
@@ -891,7 +891,7 @@ Following inputs can be used as `step.with` keys:
 | `github-pat`                 | String  |                                    | Authentication token to enable sending SBOM scan results to GitHub Dependency Graph. Can be either a GitHub Personal Access Token (PAT) or GITHUB_TOKEN          |
 | `limit-severities-for-sarif` | Boolean | false                              | By default *SARIF* format enforces output of all vulnerabilities regardless of configured severities. To override this behavior set this parameter to **true**   |
 | `docker-host`                | String  |                                    | By default it is set to `unix://var/run/docker.sock`, but can be updated to help with containerized infrastructure values (`unix:/` or other prefix is required) |
-| `version`                    | String  | `v0.69.3`                          | Trivy version to use, e.g. `latest` or `v0.69.3`                                                                                                                 |
+| `version`                    | String  | `v0.70.0`                          | Trivy version to use, e.g. `latest` or `v0.70.0`                                                                                                                 |
 | `skip-setup-trivy`           | Boolean | false                              | Skip calling the `setup-trivy` action to install `trivy`                                                                                                         |
 | `token-setup-trivy`          | Boolean |                                    | Overwrite `github.token` used by `setup-trivy` to checkout the `trivy` repository                                                                                |
 

action.yaml

@@ -98,7 +98,7 @@ inputs:
   version:
     description: 'Trivy version to use'
     required: false
-    default: 'v0.69.3'
+    default: 'v0.70.0'
   cache:
     description: 'Used to specify whether caching is needed. Set to false, if you would like to disable caching.'
     required: false

test/data/config-scan/report.json

@@ -1,7 +1,7 @@
 {
   "SchemaVersion": 2,
   "Trivy": {
-    "Version": "0.69.3"
+    "Version": "0.70.0"
   },
   "ArtifactName": "test/data/config-scan",
   "ArtifactType": "filesystem",

test/data/secret-scan/report.json

@@ -1,7 +1,7 @@
 {
   "SchemaVersion": 2,
   "Trivy": {
-    "Version": "0.69.3"
+    "Version": "0.70.0"
   },
   "ArtifactID": "sha256:79ce4c2f8371bef1ce2a321518d3136bc1bd8f3c307ed679944a38e7cbd76c14",
   "ArtifactName": "https://github.com/krol3/demo-trivy/",

test/data/with-tf-vars/report.json

@@ -1,7 +1,7 @@
 {
   "SchemaVersion": 2,
   "Trivy": {
-    "Version": "0.69.3"
+    "Version": "0.70.0"
   },
   "ArtifactName": "test/data/with-tf-vars/main.tf",
   "ArtifactType": "filesystem",

test/data/with-trivy-yaml-cfg/report.json

@@ -1,7 +1,7 @@
 {
   "SchemaVersion": 2,
   "Trivy": {
-    "Version": "0.69.3"
+    "Version": "0.70.0"
   },
   "ArtifactID": "sha256:aab05ff324c90bb728aa5177b75d7e39d363be13323873de70959d2251edcebc",
   "ArtifactName": "alpine:3.10",