diff --git a/.gitpod/Dockerfile b/.gitpod/Dockerfile index 2ef92b355..1090ff5e7 100644 --- a/.gitpod/Dockerfile +++ b/.gitpod/Dockerfile @@ -1,7 +1,7 @@ FROM gitpod/workspace-postgres -RUN wget https://github.com/aquasecurity/trivy/releases/download/v0.44.1/trivy_0.44.1_Linux-64bit.deb \ - && sudo dpkg -i trivy_0.44.1_Linux-64bit.deb +RUN wget https://github.com/aquasecurity/trivy/releases/download/v0.50.1/trivy_0.50.1_Linux-64bit.deb \ + && sudo dpkg -i trivy_0.50.1_Linux-64bit.deb RUN sudo wget https://github.com/operator-framework/operator-registry/releases/download/v1.27.0/linux-amd64-opm -O /usr/local/bin/opm \ && sudo chmod +x /usr/local/bin/opm RUN wget https://storage.googleapis.com/tensorflow/libtensorflow/libtensorflow-cpu-linux-x86_64-2.11.0.tar.gz \ diff --git a/charts/artifact-hub/Chart.yaml b/charts/artifact-hub/Chart.yaml index 08e7e6ceb..4c10a792b 100644 --- a/charts/artifact-hub/Chart.yaml +++ b/charts/artifact-hub/Chart.yaml @@ -2,7 +2,7 @@ apiVersion: v2 name: artifact-hub description: Artifact Hub is a web-based application that enables finding, installing, and publishing Cloud Native packages. type: application -version: 1.17.1-3 +version: 1.17.1-4 appVersion: 1.17.0 kubeVersion: ">= 1.19.0-0" home: https://artifacthub.io @@ -88,7 +88,7 @@ annotations: - name: scanner image: artifacthub/scanner:v1.17.0 - name: trivy - image: aquasec/trivy:0.44.1 + image: aquasec/trivy:0.50.1 artifacthub.io/links: | - name: source url: https://github.com/artifacthub/hub diff --git a/charts/artifact-hub/values.schema.json b/charts/artifact-hub/values.schema.json index 88d43094b..b820c03c1 100644 --- a/charts/artifact-hub/values.schema.json +++ b/charts/artifact-hub/values.schema.json @@ -1230,7 +1230,7 @@ "image": { "title": "Trivy container image", "type": "string", - "default": "aquasec/trivy:0.44.1" + "default": "aquasec/trivy:0.50.1" }, "nodeSelector": { "title": "Trivy pod node selector", diff --git a/cmd/scanner/Dockerfile b/cmd/scanner/Dockerfile index 2e2f5e702..7071b9c3e 100644 --- a/cmd/scanner/Dockerfile +++ b/cmd/scanner/Dockerfile @@ -10,7 +10,7 @@ RUN CGO_ENABLED=0 GOOS=linux GOARCH=amd64 go build -o /scanner . # Trivy installer FROM alpine:3.19.1 AS trivy-installer RUN apk --no-cache add curl -RUN curl -sfL https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b /usr/local/bin v0.44.1 +RUN curl -sfL https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b /usr/local/bin v0.50.1 # Final stage FROM alpine:3.19.1 diff --git a/docs/security_report.md b/docs/security_report.md index f37b0711b..b2759931e 100644 --- a/docs/security_report.md +++ b/docs/security_report.md @@ -28,7 +28,7 @@ Images used by these kinds of packages can be listed using the `containersImages ## Application dependencies -Trivy also scans [applications dependencies](https://aquasecurity.github.io/trivy/v0.44/docs/scanner/vulnerability/language/) for vulnerabilities. To do that, it inspects the files that contain the applications dependencies and the versions used. Please see the [language-specific packages](https://aquasecurity.github.io/trivy/v0.44/docs/scanner/vulnerability/language/) section in the Trivy documentation (image column) for a full list of the applications dependencies supported. +Trivy also scans [applications dependencies](https://aquasecurity.github.io/trivy/v0.50/docs/scanner/vulnerability/#language-specific-packages) for vulnerabilities. To do that, it inspects the files that contain the applications dependencies and the versions used. Please see the [language-specific packages](https://aquasecurity.github.io/trivy/v0.50/docs/scanner/vulnerability/#language-specific-packages) section in the Trivy documentation (image column) for a full list of the applications dependencies supported. If you want your application dependencies scanned, please make sure the relevant files are included in your final images. The security report will include a target for each of them.