Closed dependabot[bot] closed 1 month ago
Compare the results from v0.25.4 and this PR binaries for gobinary and war (cf. integration/int-config.toml)
No significant chages are found.
Go binary:
% diff pr1938.json v0.25.4.json L
19c19
< "scannedAt": "2024-05-29T16:02:56.925629946+09:00",
---
> "scannedAt": "2024-05-29T16:04:09.37816666+09:00",
22c22
< "scannedRevision": "build-20240529_144521_09df7ba",
---
> "scannedRevision": "build-20240522_141523_878c25b",
29c29
< "reportedAt": "2024-05-29T16:02:59.322143918+09:00",
---
> "reportedAt": "2024-05-29T16:04:13.62755145+09:00",
31c31
< "reportedRevision": "build-20240529_144521_09df7ba",
---
> "reportedRevision": "build-20240522_141523_878c25b",
war:
% diff war-pr1938.json war-v0.25.4.json L
19c19
< "scannedAt": "2024-05-29T16:34:32.201881289+09:00",
---
> "scannedAt": "2024-05-29T16:36:24.395367335+09:00",
22c22
< "scannedRevision": "build-20240529_144521_09df7ba",
---
> "scannedRevision": "build-20240522_141523_878c25b",
29c29
< "reportedAt": "2024-05-29T16:34:45.598907903+09:00",
---
> "reportedAt": "2024-05-29T16:36:28.987870932+09:00",
31c31
< "reportedRevision": "build-20240529_144521_09df7ba",
---
> "reportedRevision": "build-20240522_141523_878c25b",
Bumps github.com/aquasecurity/trivy from 0.51.2 to 0.51.4.
Release notes
Sourced from github.com/aquasecurity/trivy's releases.
Commits
c06f467
chore: downgrade trivy-checks and trivy-awsdf4f760
build: use main package instead of main.go (#6766)bf7a8ed
chore(deps): bump the common group across 1 directory with 29 updates (#6756)acb22c6
chore(deps): bump the aws group with 8 updates (#6738)9a3510f
chore(deps): bump the docker group with 2 updates (#6739)7806b37
ci: addgeneric
dir to deb deploy script (#6636)Most Recent Ignore Conditions Applied to This Pull Request
| Dependency Name | Ignore Conditions | | --- | --- | | github.com/aquasecurity/trivy | [>= 0.50.2.a, < 0.50.3] | | github.com/aquasecurity/trivy | [< 0.51, > 0.50.1] |Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase
.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show