search

giantswarm / starboard-exporter

A standalone exporter for vulnerability reports and other CRs created by Trivy Operator (formerly Starboard).
Apache License 2.0
59 stars 23 forks source link

Bump github.com/aquasecurity/trivy-operator from 0.17.1 to 0.18.2 #295

Closed dependabot[bot] closed 10 months ago

dependabot[bot] commented 10 months ago

Bumps github.com/aquasecurity/trivy-operator from 0.17.1 to 0.18.2.

Release notes

Sourced from github.com/aquasecurity/trivy-operator's releases.

v0.18.2

Changelog

🐛 Notable Fixes 🐛

📝 Documentation 📝

  • 349fe7bc4d2decbc86d1c0e0349e0cbdbfca9810: docs: updated managed registries (#1766) (@​dferri)

🔧 Miscellaneous 🔧

👷 Other work 👷

  • f9fe007a0c9ab02dade90bec3dadb38687e2a6a1: build(deps): bump github.com/aquasecurity/trivy from 0.48.2 to 0.48.3 (#1771) (@​dependabot[bot])
  • 91e674fd7eda06f65132bb9933ca124613058579: build(deps): bump github.com/aws/aws-sdk-go from 1.49.21 to 1.49.22 (#1783) (@​dependabot[bot])
  • 118f945c4616d35a20aec83d0294d9ed7b164e16: build(deps): bump github.com/onsi/ginkgo/v2 from 2.13.2 to 2.15.0 (#1786) (@​dependabot[bot])
  • 162b5017e2f425b7a05237d8d16814ed15e94314: build(deps): bump golang.org/x/net from 0.19.0 to 0.20.0 (#1774) (@​dependabot[bot])

v0.18.1

Changelog

🐛 Notable Fixes 🐛

  • 7ab16c7438f6e7806a6794faab6319978aa94351: fix: sbom duplicate vol name (#1748) (@​chen-keinan)
  • f30e8615fcb5a55a4b45a68bf5f88f604511b9f5: fix: set audit config plugin trivy by default (#1746) (@​chen-keinan)

👮 Security updates👮

  • f79231b526bc647922ba501f2e547ffd4eebb8c5: sec: fix CVE GHSA-9763-4f94-gfch (#1759) (@​chen-keinan)

👷 Other work 👷

  • cebd1c049ce4cbe194d25cacfd86ad264878365e: Update trivy.yaml to support cve list (#1741) (@​gerbil)
  • 49a8be864784691850702c057f22c9fb464a2ae0: build(deps): bump github.com/aquasecurity/trivy from 0.48.1 to 0.48.2 (#1749) (@​dependabot[bot])
  • 8815129f3a9c463942ce09c5809bcdb68e188ad7: build(deps): bump github.com/aws/aws-sdk-go from 1.49.13 to 1.49.16 (#1750) (@​dependabot[bot])

v0.18.0

Changelog

✨ Notable Changes ✨

  • 1ecf6a07fc41b574929761251b3992d3b414cab3: feat: add dbRepositoryUsername and dbRepositoryPassword for dbReposit… (#1657) (@​juergen-fast)
  • 67e96c69741ee1e3cdab25b0def55db1d565b87a: feat: ingress resource on config-scan support (#1726) (@​chen-keinan)
  • e058b99405df4a6f82e994e01ae90cf7c58bb192: feat: retrieve sbom specified sources from oci registries (#1732) (@​chen-keinan)
  • 3c3cd0211f6cca0f0ee5b4834d41ce37e65196a9: feat: kbom and k8s core component scan (#1646) (@​chen-keinan)
  • 53e6b0d8b2ebc9473fbed46e1d6ee6a02c0c94fb: feat: trivy fs -include-dev-deps support (#1669) (@​chen-keinan)

🐛 Notable Fixes 🐛

  • 3f77e6ba9077b07512238b7a189b9f437ff5efb6: fix: service monitor cause operator to crash (#1729) (@​chen-keinan)
  • 8278eadeae9ed3d9c4de8cb4aa6b40b6276b8552: fix: hang node collector node shutdown (#1714) (@​chen-keinan)
  • 3911b5635070be32c34d60c1eafc248efff565b1: fix: kubelet checks via config resource (#1712) (@​chen-keinan)
  • b38cd493e4c3e0ebcaad2dead459c3695046fec4: fix: missing reports on via cluster sbom cache (#1713) (@​chen-keinan)
  • e4aba4514f39030bbd46d10852f79f6c7a43bf67: fix: remove duplicate entry in the CRDs list (#1684) (@​BenjaminHerbert)
  • 9fea2e71d6b3339aaa69da144f781c4d6735a611: fix: sbom secret size limit (#1683) (@​chen-keinan)

🔧 Miscellaneous 🔧

  • 42dfa7d2f3b9977bcb97e0a3af6ea32afbc1cfd6: chore: trivy 0.48.1 dep update (#1715) (@​chen-keinan)

👮 Security updates👮

👷 Other work 👷

  • 99d02b163d5382e2575021c8daf910e8da2142ff: build(deps): bump github.com/aws/aws-sdk-go from 1.49.9 to 1.49.13 (#1727) (@​dependabot[bot])
  • ee47e024e6d0e342d0e74e28099cf7160c6d81a1: build(deps): bump github.com/prometheus/client_golang (#1728) (@​dependabot[bot])
  • 551ffee226273346f6011eb520a058699f89acf3: Fix typo in nav (#1686) (@​evankanderson)

... (truncated)

Commits


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
dependabot[bot] commented 10 months ago

Superseded by #306.