sourcery-ai[bot]
commented
1 week ago Reviewer's Guide by Sourcery
This PR updates the aquasecurity/trivy-action GitHub Action from version 0.28.0 to 0.29.0 in the workflow files. The update includes several improvements such as the ability to skip setup, fixes for the ORAS command, and a bump in the underlying Trivy version to v0.57.1.
No diagrams generated as the changes look simple and do not need a visual representation.
File-Level Changes
| Change | Details | Files |
|---|---|---|
| Update Trivy action version in GitHub workflow files |
|
.github/workflows/main.yml.github/workflows/release.yml |
Possibly linked issues
- #1: The PR updates aquasecurity/trivy-action, which is listed in the issue's dependency dashboard.
sonarcloud[bot]
This PR contains the following updates:
0.28.0->0.29.0Release Notes
aquasecurity/trivy-action (aquasecurity/trivy-action)
### [`v0.29.0`](https://redirect.github.com/aquasecurity/trivy-action/releases/tag/0.29.0) [Compare Source](https://redirect.github.com/aquasecurity/trivy-action/compare/0.28.0...0.29.0) ##### What's Changed - feat: Allow skipping setup by [@rvesse](https://redirect.github.com/rvesse) in [https://github.com/aquasecurity/trivy-action/pull/414](https://redirect.github.com/aquasecurity/trivy-action/pull/414) - Fix oras command not found in "Update Trivy Cache" action by [@Tiryoh](https://redirect.github.com/Tiryoh) in [https://github.com/aquasecurity/trivy-action/pull/413](https://redirect.github.com/aquasecurity/trivy-action/pull/413) - Update README.md by [@simar7](https://redirect.github.com/simar7) in [https://github.com/aquasecurity/trivy-action/pull/420](https://redirect.github.com/aquasecurity/trivy-action/pull/420) - feat: add token for `setup-trivy` by [@DmitriyLewen](https://redirect.github.com/DmitriyLewen) in [https://github.com/aquasecurity/trivy-action/pull/421](https://redirect.github.com/aquasecurity/trivy-action/pull/421) - fix: bump `setup-trivy` and add new `contrib` directory path info by [@DmitriyLewen](https://redirect.github.com/DmitriyLewen) in [https://github.com/aquasecurity/trivy-action/pull/424](https://redirect.github.com/aquasecurity/trivy-action/pull/424) - docs: remove ignore-unfixed from IaC scan example by [@nikpivkin](https://redirect.github.com/nikpivkin) in [https://github.com/aquasecurity/trivy-action/pull/429](https://redirect.github.com/aquasecurity/trivy-action/pull/429) - chore(deps): Bump trivy to v0.57.1 by [@simar7](https://redirect.github.com/simar7) in [https://github.com/aquasecurity/trivy-action/pull/434](https://redirect.github.com/aquasecurity/trivy-action/pull/434) ##### New Contributors - [@rvesse](https://redirect.github.com/rvesse) made their first contribution in [https://github.com/aquasecurity/trivy-action/pull/414](https://redirect.github.com/aquasecurity/trivy-action/pull/414) - [@Tiryoh](https://redirect.github.com/Tiryoh) made their first contribution in [https://github.com/aquasecurity/trivy-action/pull/413](https://redirect.github.com/aquasecurity/trivy-action/pull/413) **Full Changelog**: https://github.com/aquasecurity/trivy-action/compare/0.28.0...0.29.0Configuration
📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by Renovate Bot.