aquasecurity/trivy-action
1
0
Fork 0
mirror of https://github.com/aquasecurity/trivy-action.git synced 2026-05-14 03:02:40 +00:00
Code Issues Packages Projects Releases Wiki Activity
219 Commits 7 Branches 75 Tags
1994662b5555670344cd84d29ed3cad4bd26f31c
Commit Graph

61 Commits

Author SHA1 Message Date
dependabot[bot] 1994662b55 chore(deps): bump the actions group with 5 updates (#558) 
* chore(deps): bump the actions group with 5 updates

Bumps the actions group with 5 updates:

| Package | From | To |
| --- | --- | --- |
| [aquasecurity/setup-trivy](https://github.com/aquasecurity/setup-trivy) | `e6c2c5e321ed9123bda567646e2f96565e34abe1` | `3fb12ec12f41e471780db15c232d5dd185dcb514` |
| [actions/cache](https://github.com/actions/cache) | `4.2.4` | `5.0.4` |
| [actions/checkout](https://github.com/actions/checkout) | `4.3.1` | `6.0.2` |
| [bats-core/bats-action](https://github.com/bats-core/bats-action) | `3.0.1` | `4.0.0` |
| [zizmorcore/zizmor-action](https://github.com/zizmorcore/zizmor-action) | `0.5.0` | `0.5.2` |


Updates `aquasecurity/setup-trivy` from e6c2c5e321ed9123bda567646e2f96565e34abe1 to 3fb12ec12f41e471780db15c232d5dd185dcb514
- [Release notes](https://github.com/aquasecurity/setup-trivy/releases)
- [Commits](https://github.com/aquasecurity/setup-trivy/compare/e6c2c5e321ed9123bda567646e2f96565e34abe1...3fb12ec12f41e471780db15c232d5dd185dcb514)

Updates `actions/cache` from 4.2.4 to 5.0.4
- [Release notes](https://github.com/actions/cache/releases)
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md)
- [Commits](https://github.com/actions/cache/compare/0400d5f644dc74513175e3cd8d07132dd4860809...27d5ce7f107fe9357f9df03efb73ab90386fccae)

Updates `actions/checkout` from 4.3.1 to 6.0.2
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/34e114876b0b11c390a56381ad16ebd13914f8d5...de0fac2e4500dabe0009e67214ff5f5447ce83dd)

Updates `bats-core/bats-action` from 3.0.1 to 4.0.0
- [Release notes](https://github.com/bats-core/bats-action/releases)
- [Commits](https://github.com/bats-core/bats-action/compare/42fcc8700f773c075a16a90eb11674c0318ad507...77d6fb60505b4d0d1d73e48bd035b55074bbfb43)

Updates `zizmorcore/zizmor-action` from 0.5.0 to 0.5.2
- [Release notes](https://github.com/zizmorcore/zizmor-action/releases)
- [Commits](https://github.com/zizmorcore/zizmor-action/compare/0dce2577a4760a2749d8cfb7a84b7d5585ebcb7d...b1d7e1fb5de872772f31590499237e7cce841e8e)

---
updated-dependencies:
- dependency-name: aquasecurity/setup-trivy
  dependency-version: 3fb12ec12f41e471780db15c232d5dd185dcb514
  dependency-type: direct:production
  dependency-group: actions
- dependency-name: actions/cache
  dependency-version: 5.0.4
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: actions
- dependency-name: actions/checkout
  dependency-version: 6.0.2
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: actions
- dependency-name: bats-core/bats-action
  dependency-version: 4.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: actions
- dependency-name: zizmorcore/zizmor-action
  dependency-version: 0.5.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: actions
...

Signed-off-by: dependabot[bot] <support@github.com>

* style: change setup-trivy version in comment

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: DmitriyLewen <dmitriy.lewen@smartforce.io>
 2026-04-15 15:22:02 +06:00
Nikita Pivkin 316aa5aebe ci: add dependabot config (#556) 2026-04-15 14:40:22 +06:00
Nikita Pivkin 264c9c5e18 test: use pinned digests for trivy-db, trivy-java-db and trivy-checks (#555) 2026-04-13 14:53:11 +06:00
Nikita Pivkin aeb13962e8 ci: replace peter-evans/create-pull-request with gh CLI (#550) 
* ci: replace peter-evans/create-pull-request with gh CLI

* chore: use ID+USERNAME pattern for GH actions bot

* chore: add specific files to git index

* chore: merge check outputs into create PR step
 2026-04-13 13:49:15 +06:00
Nikita Pivkin f685ba7215 ci: use action.yaml as single source of truth for Trivy version (#552) 
* ci: use action.yaml as single source of truth for Trivy version

* dev: add yq check and configurable Trivy install directory
 2026-04-10 17:29:15 +06:00
DmitriyLewen 34f2b232c5 chore(ci): update bump-trivy workflow (#546) 2026-04-10 14:17:09 +06:00
Aqua Security automated builds 57a97c7e78 chore(deps): Update trivy to v0.69.3 (#519) 
Co-authored-by: nikpivkin <nikpivkin@users.noreply.github.com>
 2026-03-04 13:13:53 +06:00
DmitriyLewen 97e0b3872f chore: bump Trivy version to v0.69.2 in test workflow and README (#515) 2026-03-02 09:22:29 +06:00
DmitriyLewen e368e32897 ci(test): add zizmor security linter for GitHub Actions (#502) 
* ci: add zizmor security linter for GitHub Actions

* ci: disable advanced-security for zizmor

* ci: pin all actions to commit hashes

* ci: fix zizmor linter errors in workflows

- Add explicit permissions blocks to all workflows
- Set persist-credentials: false for checkout actions
- Fix template injection by using env variables in run blocks

* fix: address zizmor template injection warnings in action.yaml

- Move inputs to env block to prevent template injection
- Add ignore comment for github-env false positive

* ci: fix remaining zizmor linter errors

- Add permissions and persist-credentials to test.yaml
- Fix ignore comment placement for github-env in action.yaml
 2026-02-20 15:24:24 -07:00
Aqua Security automated builds c1824fd6ed chore(deps): Update trivy to v0.69.1 (#506) 
Co-authored-by: simar7 <simar7@users.noreply.github.com>
 2026-02-12 12:51:05 -07:00
Nikita Pivkin 5eb7ef2605 ci: use checks bundle v2 in sync workflow (#505) 
* ci: use checks bundle v2 in sync workflow

Signed-off-by: Nikita Pivkin <nikita.pivkin@smartforce.io>

* test: update golden files

Signed-off-by: Nikita Pivkin <nikita.pivkin@smartforce.io>

---------

Signed-off-by: Nikita Pivkin <nikita.pivkin@smartforce.io>
 2026-02-12 12:37:57 -07:00
simar7 0024b3f39e chore(deps): Update trivy to v0.68.1 2025-12-11 05:31:14 +00:00
Nikita Pivkin 83690f7d38 ci: install trivy in bump-trivy workflow and update tests (#495) 
* ci: install trivy in bump-trivy workflow

Signed-off-by: Nikita Pivkin <nikita.pivkin@smartforce.io>

* test: diasble list-all-pkgs and remove ReportID

Signed-off-by: Nikita Pivkin <nikita.pivkin@smartforce.io>

* ci: run tests after updating golden files

Signed-off-by: Nikita Pivkin <nikita.pivkin@smartforce.io>

* fix BATS_LIB_PATH setting

Signed-off-by: Nikita Pivkin <nikita.pivkin@smartforce.io>

---------

Signed-off-by: Nikita Pivkin <nikita.pivkin@smartforce.io>
 2025-12-10 22:30:00 -07:00
Nikita Pivkin 0317097f59 ci: use setup-bats in bump-trivy workflow (#494) 
Signed-off-by: Nikita Pivkin <nikita.pivkin@smartforce.io>
 2025-12-08 17:02:32 -07:00
Nikita Pivkin f9424c10c3 Merge pull request #481 from aquasecurity/bump-trivy-1755898251 2025-08-27 13:19:48 +06:00
Nikita Pivkin a1698702b6 ci: update golden files on Trivy bump 
Signed-off-by: Nikita Pivkin <nikita.pivkin@smartforce.io>
 2025-08-27 12:33:47 +06:00
Nikita Pivkin 644762e8d4 Merge pull request #482 from aquasecurity/fix-gh-actions 2025-08-27 11:56:15 +06:00
Simar f2e28516ef chore(ci): Add oras to correctly setup sync jobs 2025-08-26 19:17:21 -06:00
simar7 7c0244b8c6 chore(deps): Update trivy to v0.65.0 2025-08-22 21:30:51 +00:00
Aqua Security automated builds dc5a429b52 chore(deps): Update trivy to v0.64.1 (#474) 
Co-authored-by: nikpivkin <nikpivkin@users.noreply.github.com>
 2025-07-04 00:18:35 -06:00
Aqua Security automated builds 76071ef0d7 chore(deps): Update trivy to v0.63.0 (#467) 
* chore(deps): Update trivy to v0.63.0

* update test data

---------

Co-authored-by: simar7 <simar7@users.noreply.github.com>
Co-authored-by: Simar <simar@linux.com>
 2025-06-03 13:38:46 +06:00
Nikita Pivkin 4844d823d3 ci: fix workflow to bump Trivy (#466) 
Signed-off-by: Nikita Pivkin <nikita.pivkin@smartforce.io>
 2025-06-02 21:30:59 -06:00
Maxim Masiutin b3dafe507f Bump Trivy version to fix GitHub actions (#460) 2025-05-12 14:16:37 -06:00
Nikita Pivkin 6c175e9c40 chore: bump trivy to v0.60.0 (#453) 
Signed-off-by: Nikita Pivkin <nikita.pivkin@smartforce.io>
 2025-03-13 20:58:00 -06:00
simar7 18f2510ee3 chore(deps): Bump trivy to v0.57.1 (#434) 
* chore(deps): Bump trivy to v0.57.1

* update tests

* use mirrors from mirror.gcr.io

* update workflow for tests

* Revert "use mirrors from mirror.gcr.io"

This reverts commit 529a941eed.
 2024-11-19 17:11:53 -07:00
Teppei Fukuda a20de5420d feat: store artifacts in cache by default (#399) 
* feat: migrate to a composite action

Signed-off-by: knqyf263 <knqyf263@gmail.com>

* Fix tests

Signed-off-by: knqyf263 <knqyf263@gmail.com>

* Delete an unused input

Signed-off-by: knqyf263 <knqyf263@gmail.com>

* test: expect status code 0

Signed-off-by: knqyf263 <knqyf263@gmail.com>

* test: not use run

https://bats-core.readthedocs.io/en/stable/writing-tests.html#when-not-to-use-run

Signed-off-by: knqyf263 <knqyf263@gmail.com>

* feat: add 'cache' input

Signed-off-by: knqyf263 <knqyf263@gmail.com>

* docs: update README

Signed-off-by: knqyf263 <knqyf263@gmail.com>

* feat: pin Trivy version

Signed-off-by: knqyf263 <knqyf263@gmail.com>

* fix: bump trivy version

Signed-off-by: knqyf263 <knqyf263@gmail.com>

* feat: use date for cache key

Signed-off-by: knqyf263 <knqyf263@gmail.com>

* chore: delete a comment

Signed-off-by: knqyf263 <knqyf263@gmail.com>

* docs: update README

Signed-off-by: knqyf263 <knqyf263@gmail.com>

* refactor: resolve conflicts and use envs

Signed-off-by: knqyf263 <knqyf263@gmail.com>

---------

Signed-off-by: knqyf263 <knqyf263@gmail.com>
 2024-10-08 14:20:38 -06:00
simar7 f781cce5aa feat(trivy): Bump to support v0.56.1 (#387) 
* feat(trivy): Bump to support v0.55.2

* fix tests

* update github workflow

* upgrade to v0.56.0

* bump to trivy v0.56.1

* update tests
 2024-10-07 14:14:19 -06:00
Nikita Pivkin 54f21d8382 ci: sync trivy-checks version 1 (#398) 
Signed-off-by: Nikita Pivkin <nikita.pivkin@smartforce.io>
 2024-10-07 12:23:44 -06:00
Oussama Bounaim 89b14e517d Upgrade GitHub actions (#374) 
* Upgrade Github checkout action

* Upgrade Github upload-sarif action

* Upgrade Github checkout action - Pipeline
 2024-10-02 14:41:43 -06:00
Vinayak S 6e7b7d1fd3 Upgrade trivy to v0.53.0 (#369) 
* Upgrade trivy to v0.53.0

* update tests

---------

Co-authored-by: Simar <simar@linux.com>
 2024-07-09 00:19:25 -06:00
Vinayak S 7c2007bcb5 Upgrade trivy to v0.52.2 (#367) 
* Upgrade trivy to v0.52.2

* Upgrade trivy to v0.52.2
 2024-06-17 16:53:33 -06:00
Francisco Javier Barón 595be6a0f6 Upgrade trivy to v0.52.0 (#364) 2024-06-06 17:41:36 -06:00
Vinayak S fd25fed697 bump trivy version to v0.51.2 (#360) 
* bump trivy version to v0.51.2

* bump trivy version to v0.51.2
 2024-05-21 16:33:02 -06:00
simar7 b2933f565d bump trivy version to v0.51.1 (#353) 
* bump trivy version to v0.51.1

* update tests
 2024-05-07 21:42:16 -06:00
simar7 b2cd5ff52c Update bump-trivy.yaml 2024-05-07 18:03:36 -06:00
Nikita Pivkin 6f8c23760b update tests (#334) 
* update tests

* rename trivy images

* rename workflow steps
 2024-05-06 23:18:53 -06:00
Pedro Freitas b5f4977b78 Bump trivy version to v0.50.2 (#341) 
Co-authored-by: pdefreitas <5927433+pdefreitas@users.noreply.github.com>
 2024-04-22 22:07:09 -06:00
simar7 d710430a67 bump trivy version to v0.50.1 (#324) 2024-03-27 16:22:09 -06:00
Kyle Davies 84384bd6e7 Upgraded Trivy from 0.48.1 to v0.49.0 (#304) 2024-02-05 18:54:03 -07:00
Martin Kemp 5f1841df8d Update Trivy to 0.48.1 (#291) 
* Update Trivy to 0.48.1

Signed-off-by: Martin Kemp <me@martinke.mp>

* update tests

---------

Signed-off-by: Martin Kemp <me@martinke.mp>
Co-authored-by: Simar <simar@linux.com>
 2024-01-02 17:51:04 -07:00
Ivan Santos 91713af97d Update to trivy version 0.48.0 (#289) 
* Update to trivy version 0.48.0

 

---------

Signed-off-by: Simar <simar@linux.com>
Co-authored-by: Simar <simar@linux.com>
 2023-12-08 11:08:35 -07:00
simar7 fbd16365eb feat(trivy): Bump to v0.45.0 (#256) 2023-09-01 11:44:50 -06:00
Nikita Pivkin e602665a11 ci: add workflow to bump trivy (#245) 
* ci: add workflow to bump trivy

* update trivy version in tests

* dispatch event workflow_dispatch

* use ORG_REPO_TOKEN secret
 2023-07-25 15:58:10 -06:00
simar7 3dd517d8c9 chore(deps): Update trivy to v0.43.1 (#243) 
* chore(deps): Update trivy to v0.43.1

* fix tests

Signed-off-by: Simar <simar@linux.com>

---------

Signed-off-by: Simar <simar@linux.com>
 2023-07-17 11:07:42 +03:00
Daniel Chabr 0cd397afbf bump trivy to v0.42.1 (#240) 
* bump trivy to v0.42.1

* revert formatting
 2023-06-09 12:01:09 -06:00
Daniel Chabr f96f79aa22 bump trivy to v0.42.0 (#237) 
* chore(deps): update trivy to v0.42.0

* revert formatting

* revert formatting again

* update sarif version in tests
 2023-06-05 11:08:24 -06:00
Bruce Bujon e5f43133f6 chore: Update Trivy to 0.40.0 (#223) 
* chore: Update trivy to 0.39.0

* chore: Update trivy to 0.40.0
 2023-04-18 17:44:36 -07:00
DmitriyLewen 43849adf01 bump trivy to v0.38.1 (#215) 2023-03-06 20:58:30 -08:00
Falk Puschner 8bd2f9fbda ⬆️ bump trivy action (#203) 2023-02-10 16:20:50 +09:00
simar7 cff3e9a7f6 feat(trivy): Bump Trivy to v0.37.1 (#199) 
Signed-off-by: Simar <simar@linux.com>
 2023-02-01 16:40:29 -08:00