diff --git a/.gitpod/Dockerfile b/.gitpod/Dockerfile index 679258fbcd..b95af8c66f 100644 --- a/.gitpod/Dockerfile +++ b/.gitpod/Dockerfile @@ -1,7 +1,7 @@ FROM gitpod/workspace-postgres -RUN wget https://github.com/aquasecurity/trivy/releases/download/v0.50.1/trivy_0.50.1_Linux-64bit.deb \ - && sudo dpkg -i trivy_0.50.1_Linux-64bit.deb +RUN wget https://github.com/aquasecurity/trivy/releases/download/v0.56.1/trivy_0.56.1_Linux-64bit.deb \ + && sudo dpkg -i trivy_0.56.1_Linux-64bit.deb RUN sudo wget https://github.com/operator-framework/operator-registry/releases/download/v1.39.0/linux-amd64-opm -O /usr/local/bin/opm \ && sudo chmod +x /usr/local/bin/opm RUN wget https://storage.googleapis.com/tensorflow/libtensorflow/libtensorflow-cpu-linux-x86_64-2.11.0.tar.gz \ diff --git a/charts/artifact-hub/Chart.yaml b/charts/artifact-hub/Chart.yaml index f7a6bac8ce..37e5d2ed0d 100644 --- a/charts/artifact-hub/Chart.yaml +++ b/charts/artifact-hub/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: artifact-hub description: Artifact Hub is a web-based application that enables finding, installing, and publishing Cloud Native packages. type: application -version: 1.19.1-2 +version: 1.19.1-3 appVersion: 1.19.0 kubeVersion: ">= 1.19.0-0" home: https://artifacthub.io @@ -90,7 +90,7 @@ annotations: - name: scanner image: artifacthub/scanner:v1.19.0 - name: trivy - image: aquasec/trivy:0.50.1 + image: aquasec/trivy:0.56.1 artifacthub.io/links: | - name: source url: https://github.com/artifacthub/hub diff --git a/charts/artifact-hub/values.schema.json b/charts/artifact-hub/values.schema.json index 099f3814f0..d38172754b 100644 --- a/charts/artifact-hub/values.schema.json +++ b/charts/artifact-hub/values.schema.json @@ -1236,7 +1236,7 @@ "image": { "title": "Trivy container image", "type": "string", - "default": "aquasec/trivy:0.50.1" + "default": "aquasec/trivy:0.56.1" }, "nodeSelector": { "title": "Trivy pod node selector", diff --git a/cmd/scanner/Dockerfile b/cmd/scanner/Dockerfile index 93480d2169..9da31f3c76 100644 --- a/cmd/scanner/Dockerfile +++ b/cmd/scanner/Dockerfile @@ -10,7 +10,7 @@ RUN CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -o /scanner . # Trivy installer FROM alpine:3.20.3 AS trivy-installer RUN apk --no-cache add curl -RUN curl -sfL https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b /usr/local/bin v0.50.1 +RUN curl -sfL https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b /usr/local/bin v0.56.1 # Final stage FROM alpine:3.20.3 diff --git a/docs/security_report.md b/docs/security_report.md index b2759931e6..17345a4a2a 100644 --- a/docs/security_report.md +++ b/docs/security_report.md @@ -28,7 +28,7 @@ Images used by these kinds of packages can be listed using the `containersImages ## Application dependencies -Trivy also scans [applications dependencies](https://aquasecurity.github.io/trivy/v0.50/docs/scanner/vulnerability/#language-specific-packages) for vulnerabilities. To do that, it inspects the files that contain the applications dependencies and the versions used. Please see the [language-specific packages](https://aquasecurity.github.io/trivy/v0.50/docs/scanner/vulnerability/#language-specific-packages) section in the Trivy documentation (image column) for a full list of the applications dependencies supported. +Trivy also scans [applications dependencies](https://aquasecurity.github.io/trivy/v0.56/docs/scanner/vulnerability/#language-specific-packages) for vulnerabilities. To do that, it inspects the files that contain the applications dependencies and the versions used. Please see the [language-specific packages](https://aquasecurity.github.io/trivy/v0.56/docs/scanner/vulnerability/#language-specific-packages) section in the Trivy documentation (image column) for a full list of the applications dependencies supported. If you want your application dependencies scanned, please make sure the relevant files are included in your final images. The security report will include a target for each of them.