:seedling: Update Builder Image group

[syself-bot[bot]]

This PR contains the following updates:

Package	Type	Update	Change
docker.io/aquasec/trivy (source)	stage	minor	0.54.1 -> 0.56.2
docker.io/library/alpine	stage	patch	3.20.2 -> 3.20.3
docker.io/library/golang	final	digest	825f815 -> 3bc1984
golangci/golangci-lint		minor	v1.59.1 -> v1.61.0

---

Release Notes

aquasecurity/trivy (docker.io/aquasec/trivy)

### [`v0.56.2`](https://redirect.github.com/aquasecurity/trivy/releases/tag/v0.56.2) [Compare Source](https://redirect.github.com/aquasecurity/trivy/compare/v0.56.1...v0.56.2) #### Changelog - [`f2252c8`](https://redirect.github.com/aquasecurity/trivy/commit/f2252c833d4dee18546577f0c32ceb83c8bf20ae) release: v0.56.2 \[release/v0.56] ([#​7694](https://redirect.github.com/aquasecurity/trivy/issues/7694)) - [`f6700ec`](https://redirect.github.com/aquasecurity/trivy/commit/f6700ec10e819fb2fc0573782e87d2d31d2c50f1) fix(redhat): include arch in PURL qualifiers \[backport: release/v0.56] ([#​7702](https://redirect.github.com/aquasecurity/trivy/issues/7702)) - [`25d2540`](https://redirect.github.com/aquasecurity/trivy/commit/25d2540f12272603bf27eb67f4b3fba52b1ddab8) fix(sbom): add options for DBs in private registries \[backport: release/v0.56] ([#​7691](https://redirect.github.com/aquasecurity/trivy/issues/7691)) ### [`v0.56.1`](https://redirect.github.com/aquasecurity/trivy/releases/tag/v0.56.1) [Compare Source](https://redirect.github.com/aquasecurity/trivy/compare/v0.56.0...v0.56.1) #### Changelog - [`95dbf11`](https://redirect.github.com/aquasecurity/trivy/commit/95dbf1152b2049a6ae2ae90a507630df01798bf1) release: v0.56.1 \[release/v0.56] ([#​7648](https://redirect.github.com/aquasecurity/trivy/issues/7648)) - [`5dbdadf`](https://redirect.github.com/aquasecurity/trivy/commit/5dbdadfe4578288d5c3f2a5b625fff4a3580f8c5) fix(db): fix javadb downloading error handling \[backport: release/v0.56] ([#​7646](https://redirect.github.com/aquasecurity/trivy/issues/7646)) ### [`v0.56.0`](https://redirect.github.com/aquasecurity/trivy/blob/HEAD/CHANGELOG.md#0560-2024-10-03) [Compare Source](https://redirect.github.com/aquasecurity/trivy/compare/v0.55.2...v0.56.0) ##### Features - **java:** add empty versions if `pom.xml` dependency versions can't be detected ([#​7520](https://redirect.github.com/aquasecurity/trivy/issues/7520)) ([b836232](https://redirect.github.com/aquasecurity/trivy/commit/b8362321adb2af220830c5de31c29978423d47da)) - **license:** improve license normalization ([#​7131](https://redirect.github.com/aquasecurity/trivy/issues/7131)) ([6472e3c](https://redirect.github.com/aquasecurity/trivy/commit/6472e3c9da2a8e7ba41598a45c80df8f18e57d4c)) - **misconf:** add ability to disable checks by ID ([#​7536](https://redirect.github.com/aquasecurity/trivy/issues/7536)) ([ef0a27d](https://redirect.github.com/aquasecurity/trivy/commit/ef0a27d515ff80762bf1959d44a8bde017ae06ec)) - **misconf:** Register checks only when needed ([#​7435](https://redirect.github.com/aquasecurity/trivy/issues/7435)) ([f768d3a](https://redirect.github.com/aquasecurity/trivy/commit/f768d3a767a99a86b0372f19d9f49a2de35dbe59)) - **misconf:** Support `--skip-*` for all included modules ([#​7579](https://redirect.github.com/aquasecurity/trivy/issues/7579)) ([c0e8da3](https://redirect.github.com/aquasecurity/trivy/commit/c0e8da3828e9d3a0b30d1f6568037db8dc827765)) - **secret:** enhance secret scanning for python binary files ([#​7223](https://redirect.github.com/aquasecurity/trivy/issues/7223)) ([60725f8](https://redirect.github.com/aquasecurity/trivy/commit/60725f879ba014c5c57583db6afc290b78facae8)) - support multiple DB repositories for vulnerability and Java DB ([#​7605](https://redirect.github.com/aquasecurity/trivy/issues/7605)) ([3562529](https://redirect.github.com/aquasecurity/trivy/commit/3562529ddfb26d301311ed450c192e17011353df)) - support RPM archives ([#​7628](https://redirect.github.com/aquasecurity/trivy/issues/7628)) ([69bf7e0](https://redirect.github.com/aquasecurity/trivy/commit/69bf7e00ea5ab483692db830fdded26a31f03183)) - **suse:** added SUSE Linux Enterprise Micro support ([#​7294](https://redirect.github.com/aquasecurity/trivy/issues/7294)) ([efdb68d](https://redirect.github.com/aquasecurity/trivy/commit/efdb68d3b9ddf9dfaf45ea5855b31c43a4366bab)) ##### Bug Fixes - allow access to '..' in mapfs ([#​7575](https://redirect.github.com/aquasecurity/trivy/issues/7575)) ([a8fbe46](https://redirect.github.com/aquasecurity/trivy/commit/a8fbe46119adbd89f827a75c75b9e97d392f1842)) - **db:** check `DownloadedAt` for `trivy-java-db` ([#​7592](https://redirect.github.com/aquasecurity/trivy/issues/7592)) ([13ef3e7](https://redirect.github.com/aquasecurity/trivy/commit/13ef3e7d62ba2bcb3a04d7b44f79b1299674b480)) - **java:** use `dependencyManagement` from root/child pom's for dependencies from parents ([#​7497](https://redirect.github.com/aquasecurity/trivy/issues/7497)) ([5442949](https://redirect.github.com/aquasecurity/trivy/commit/54429497e7d6a87eac236771d4efb8a5a7faaac5)) - **license:** stop spliting a long license text ([#​7336](https://redirect.github.com/aquasecurity/trivy/issues/7336)) ([4926da7](https://redirect.github.com/aquasecurity/trivy/commit/4926da79de901fba73819d71845ec0355b68ae0f)) - **misconf:** Disable deprecated checks by default ([#​7632](https://redirect.github.com/aquasecurity/trivy/issues/7632)) ([82e2adc](https://redirect.github.com/aquasecurity/trivy/commit/82e2adc6f8e68d0cc0021031170c2adb60d213ba)) - **misconf:** disable DS016 check for image history analyzer ([#​7540](https://redirect.github.com/aquasecurity/trivy/issues/7540)) ([de40df9](https://redirect.github.com/aquasecurity/trivy/commit/de40df9408d6d856a3ad384ec9f086edce3aa382)) - **misconf:** escape all special sequences ([#​7558](https://redirect.github.com/aquasecurity/trivy/issues/7558)) ([ea0cf03](https://redirect.github.com/aquasecurity/trivy/commit/ea0cf0379aff0348fde87356dab37947800fc1b6)) - **misconf:** Fix logging typo ([#​7473](https://redirect.github.com/aquasecurity/trivy/issues/7473)) ([56db43c](https://redirect.github.com/aquasecurity/trivy/commit/56db43c24f4f6be92891be85faaf9492cad516ac)) - **misconf:** Fixed scope for China Cloud ([#​7560](https://redirect.github.com/aquasecurity/trivy/issues/7560)) ([37d549e](https://redirect.github.com/aquasecurity/trivy/commit/37d549e5b86a1c5dce6710fbfd2310aec9abe949)) - **misconf:** not to warn about missing selectors of libraries ([#​7638](https://redirect.github.com/aquasecurity/trivy/issues/7638)) ([fcaea74](https://redirect.github.com/aquasecurity/trivy/commit/fcaea740808d5784c120e5c5d65f5f94e1d931d4)) - **oracle:** Update EOL date for Oracle 7 ([#​7480](https://redirect.github.com/aquasecurity/trivy/issues/7480)) ([dd0a64a](https://redirect.github.com/aquasecurity/trivy/commit/dd0a64a1cf0cd76e6f81e3ff55fa6ccb95ce3c3d)) - **report:** change a receiver of MarshalJSON ([#​7483](https://redirect.github.com/aquasecurity/trivy/issues/7483)) ([927c6e0](https://redirect.github.com/aquasecurity/trivy/commit/927c6e0c9d4d4a3f1be00f0f661c1d18325d9440)) - **report:** fix error with unmarshal of `ExperimentalModifiedFindings` ([#​7463](https://redirect.github.com/aquasecurity/trivy/issues/7463)) ([7ff9aff](https://redirect.github.com/aquasecurity/trivy/commit/7ff9aff2739b2eee4a98175b98914795e4077060)) - **sbom:** export bom-ref when converting a package to a component ([#​7340](https://redirect.github.com/aquasecurity/trivy/issues/7340)) ([5dd94eb](https://redirect.github.com/aquasecurity/trivy/commit/5dd94ebc1ffe3f1df511dee6381f92a5daefadf2)) - **sbom:** parse type `framework` as `library` when unmarshalling `CycloneDX` files ([#​7527](https://redirect.github.com/aquasecurity/trivy/issues/7527)) ([aeb7039](https://redirect.github.com/aquasecurity/trivy/commit/aeb7039d7ce090e243d29f0bf16c9e4e24252a01)) - **secret:** change grafana token regex to find them without unquoted ([#​7627](https://redirect.github.com/aquasecurity/trivy/issues/7627)) ([3e1fa21](https://redirect.github.com/aquasecurity/trivy/commit/3e1fa2100074e840bacdd65947425b08750b7d9a)) ##### Performance Improvements - **misconf:** use port ranges instead of enumeration ([#​7549](https://redirect.github.com/aquasecurity/trivy/issues/7549)) ([1f9fc13](https://redirect.github.com/aquasecurity/trivy/commit/1f9fc13da4a1e7c76c978e4f8e119bfd61a0480e)) ##### Reverts - **java:** stop supporting of `test` scope for `pom.xml` files ([#​7488](https://redirect.github.com/aquasecurity/trivy/issues/7488)) ([b0222fe](https://redirect.github.com/aquasecurity/trivy/commit/b0222feeb586ec59904bb321fda8f3f22496d07b)) ### [`v0.55.2`](https://redirect.github.com/aquasecurity/trivy/releases/tag/v0.55.2) [Compare Source](https://redirect.github.com/aquasecurity/trivy/compare/v0.55.1...v0.55.2) #### Changelog - [`928c7c0`](https://redirect.github.com/aquasecurity/trivy/commit/928c7c0f1a5c9432a2ba2daa5268dae53dc8eb7b) release: v0.55.2 \[release/v0.55] ([#​7523](https://redirect.github.com/aquasecurity/trivy/issues/7523)) - [`14a058f`](https://redirect.github.com/aquasecurity/trivy/commit/14a058f608be403a53019775c8308f4f5718afd7) fix(java): use `dependencyManagement` from root/child pom's for dependencies from parents \[backport: release/v0.55] ([#​7521](https://redirect.github.com/aquasecurity/trivy/issues/7521)) - [`990bc4e`](https://redirect.github.com/aquasecurity/trivy/commit/990bc4e8287889a18ebb59332b40db3e4586fed4) chore(deps): bump alpine from 3.20.0 to 3.20.3 \[backport: release/v0.55] ([#​7516](https://redirect.github.com/aquasecurity/trivy/issues/7516)) ### [`v0.55.1`](https://redirect.github.com/aquasecurity/trivy/releases/tag/v0.55.1) [Compare Source](https://redirect.github.com/aquasecurity/trivy/compare/v0.55.0...v0.55.1) #### ⚡Release highlights and summary⚡ 👉[https://github.com/aquasecurity/trivy/discussions/7494](https://redirect.github.com/aquasecurity/trivy/discussions/7494) #### Changelog https://github.com/aquasecurity/trivy/blob/release/v0.55/CHANGELOG.md#0551-2024-09-12 ### [`v0.55.0`](https://redirect.github.com/aquasecurity/trivy/blob/HEAD/CHANGELOG.md#0550-2024-09-03) [Compare Source](https://redirect.github.com/aquasecurity/trivy/compare/v0.54.1...v0.55.0) ##### ⚠ BREAKING CHANGES - **cli:** delete deprecated SBOM flags ([#​7266](https://redirect.github.com/aquasecurity/trivy/issues/7266)) ##### Features - **cli:** delete deprecated SBOM flags ([#​7266](https://redirect.github.com/aquasecurity/trivy/issues/7266)) ([7024572](https://redirect.github.com/aquasecurity/trivy/commit/70245721372720027b7089bd61c693df48add865)) - **go:** use `toolchain` as `stdlib` version for `go.mod` files ([#​7163](https://redirect.github.com/aquasecurity/trivy/issues/7163)) ([2d80769](https://redirect.github.com/aquasecurity/trivy/commit/2d80769c34b118851640411fff9dac0b3e353e82)) - **java:** add `test` scope support for `pom.xml` files ([#​7414](https://redirect.github.com/aquasecurity/trivy/issues/7414)) ([2d97700](https://redirect.github.com/aquasecurity/trivy/commit/2d97700d10665142d2f66d7910202bec82116209)) - **misconf:** Add support for using spec from on-disk bundle ([#​7179](https://redirect.github.com/aquasecurity/trivy/issues/7179)) ([be86126](https://redirect.github.com/aquasecurity/trivy/commit/be861265cafc89787fda09c59b2ef175e3d04204)) - **misconf:** ignore duplicate checks ([#​7317](https://redirect.github.com/aquasecurity/trivy/issues/7317)) ([9ef05fc](https://redirect.github.com/aquasecurity/trivy/commit/9ef05fc6b171a264516a025b0b0bcbbc8cff10bc)) - **misconf:** iterator argument support for dynamic blocks ([#​7236](https://redirect.github.com/aquasecurity/trivy/issues/7236)) ([fe92072](https://redirect.github.com/aquasecurity/trivy/commit/fe9207255a4f7f984ec1447f8a9219ae60e560c4)) - **misconf:** port and protocol support for EC2 networks ([#​7146](https://redirect.github.com/aquasecurity/trivy/issues/7146)) ([98e136e](https://redirect.github.com/aquasecurity/trivy/commit/98e136eb7baa2b66f4233d96875c1490144e1594)) - **misconf:** scanning support for YAML and JSON ([#​7311](https://redirect.github.com/aquasecurity/trivy/issues/7311)) ([efdbd8f](https://redirect.github.com/aquasecurity/trivy/commit/efdbd8f19ab0ab0c3b48293d43e51c81b7b03b89)) - **misconf:** support for ignore by nested attributes ([#​7205](https://redirect.github.com/aquasecurity/trivy/issues/7205)) ([44e4686](https://redirect.github.com/aquasecurity/trivy/commit/44e468603d44b077cc4606327fb3e7d7ca435e05)) - **misconf:** support for policy and bucket grants ([#​7284](https://redirect.github.com/aquasecurity/trivy/issues/7284)) ([a817fae](https://redirect.github.com/aquasecurity/trivy/commit/a817fae85b7272b391b737ec86673a7cab722bae)) - **misconf:** variable support for Terraform Plan ([#​7228](https://redirect.github.com/aquasecurity/trivy/issues/7228)) ([db2c955](https://redirect.github.com/aquasecurity/trivy/commit/db2c95598da098ca610825089eb4ab63b789b215)) - **python:** use minimum version for pip packages ([#​7348](https://redirect.github.com/aquasecurity/trivy/issues/7348)) ([e9b43f8](https://redirect.github.com/aquasecurity/trivy/commit/e9b43f81e67789b067352fcb6aa55bc9478bc518)) - **report:** export modified findings in JSON ([#​7383](https://redirect.github.com/aquasecurity/trivy/issues/7383)) ([7aea79d](https://redirect.github.com/aquasecurity/trivy/commit/7aea79dd93cfb61453766dbbb2e3fc0fbd317852)) - **sbom:** set User-Agent header on requests to Rekor ([#​7396](https://redirect.github.com/aquasecurity/trivy/issues/7396)) ([af1d257](https://redirect.github.com/aquasecurity/trivy/commit/af1d257730422d238871beb674767f8f83c5d06a)) - **server:** add internal `--path-prefix` flag for client/server mode ([#​7321](https://redirect.github.com/aquasecurity/trivy/issues/7321)) ([24a4563](https://redirect.github.com/aquasecurity/trivy/commit/24a45636867b893ff54c5ce07197f3b5c6db1d9b)) - **server:** Make Trivy Server Multiplexer Exported ([#​7389](https://redirect.github.com/aquasecurity/trivy/issues/7389)) ([4c6e8ca](https://redirect.github.com/aquasecurity/trivy/commit/4c6e8ca9cc9591799907cc73075f2d740e303b8f)) - **vm:** Support direct filesystem ([#​7058](https://redirect.github.com/aquasecurity/trivy/issues/7058)) ([45b3f34](https://redirect.github.com/aquasecurity/trivy/commit/45b3f344042bcd90ca63ab696b69bff0e9ab4e36)) - **vm:** support the Ext2/Ext3 filesystems ([#​6983](https://redirect.github.com/aquasecurity/trivy/issues/6983)) ([35c60f0](https://redirect.github.com/aquasecurity/trivy/commit/35c60f030fa48de8d8e57958e5ba379814126831)) - **vuln:** Add `--detection-priority` flag for accuracy tuning ([#​7288](https://redirect.github.com/aquasecurity/trivy/issues/7288)) ([fd8348d](https://redirect.github.com/aquasecurity/trivy/commit/fd8348d610f20c6c33da81cd7b0e7d5504ce26be)) ##### Bug Fixes - **aws:** handle ECR repositories in different regions ([#​6217](https://redirect.github.com/aquasecurity/trivy/issues/6217)) ([feaef96](https://redirect.github.com/aquasecurity/trivy/commit/feaef9699df5d8ca399770e701a59d7c0ff979a3)) - **flag:** incorrect behavior for deprected flag `--clear-cache` ([#​7281](https://redirect.github.com/aquasecurity/trivy/issues/7281)) ([2a0e529](https://redirect.github.com/aquasecurity/trivy/commit/2a0e529c36057b572119815af59c28e4790034ca)) - **helm:** explicitly define `kind` and `apiVersion` of `volumeClaimTemplate` element ([#​7362](https://redirect.github.com/aquasecurity/trivy/issues/7362)) ([da4ebfa](https://redirect.github.com/aquasecurity/trivy/commit/da4ebfa1a741f3f8b0b43289b4028afe763f7d43)) - **java:** Return error when trying to find a remote pom to avoid segfault ([#​7275](https://redirect.github.com/aquasecurity/trivy/issues/7275)) ([49d5270](https://redirect.github.com/aquasecurity/trivy/commit/49d5270163e305f88fedcf50412973736e69dc69)) - **license:** add license handling to JUnit template ([#​7409](https://redirect.github.com/aquasecurity/trivy/issues/7409)) ([f80183c](https://redirect.github.com/aquasecurity/trivy/commit/f80183c1139b21bb95bc64e216358f4a76001a65)) - logger initialization before flags parsing ([#​7372](https://redirect.github.com/aquasecurity/trivy/issues/7372)) ([c929290](https://redirect.github.com/aquasecurity/trivy/commit/c929290c3c0e4e91337264d69e75ccb60522bc65)) - **misconf:** change default TLS values for the Azure storage account ([#​7345](https://redirect.github.com/aquasecurity/trivy/issues/7345)) ([aadb090](https://redirect.github.com/aquasecurity/trivy/commit/aadb09078843250c66087f46db9a2aa48094a118)) - **misconf:** do not filter Terraform plan JSON by name ([#​7406](https://redirect.github.com/aquasecurity/trivy/issues/7406)) ([9d7264a](https://redirect.github.com/aquasecurity/trivy/commit/9d7264af8e85bcc0dba600b8366d0470d455251c)) - **misconf:** do not recreate filesystem map ([#​7416](https://redirect.github.com/aquasecurity/trivy/issues/7416)) ([3a5d091](https://redirect.github.com/aquasecurity/trivy/commit/3a5d091759564496992a83fb2015a21c84a22213)) - **misconf:** do not register Rego libs in checks registry ([#​7420](https://redirect.github.com/aquasecurity/trivy/issues/7420)) ([a5aa63e](https://redirect.github.com/aquasecurity/trivy/commit/a5aa63eff7e229744090f9ad300c1bec3259397e)) - **misconf:** do not set default value for default_cache_behavior ([#​7234](https://redirect.github.com/aquasecurity/trivy/issues/7234)) ([f0ed5e4](https://redirect.github.com/aquasecurity/trivy/commit/f0ed5e4ced7e60af35c88d5d084aa4b7237f4973)) - **misconf:** fix infer type for null value ([#​7424](https://redirect.github.com/aquasecurity/trivy/issues/7424)) ([0cac3ac](https://redirect.github.com/aquasecurity/trivy/commit/0cac3ac7075017628a21a7990941df04cbc16dbe)) - **misconf:** init frameworks before updating them ([#​7376](https://redirect.github.com/aquasecurity/trivy/issues/7376)) ([b65b32d](https://redirect.github.com/aquasecurity/trivy/commit/b65b32ddfa6fc62ac81ad9fa580e1f5a327864f5)) - **misconf:** load only submodule if it is specified in source ([#​7112](https://redirect.github.com/aquasecurity/trivy/issues/7112)) ([a4180bd](https://redirect.github.com/aquasecurity/trivy/commit/a4180bddd43d86e479edf0afe0c362021d071482)) - **misconf:** support deprecating for Go checks ([#​7377](https://redirect.github.com/aquasecurity/trivy/issues/7377)) ([2a6c7ab](https://redirect.github.com/aquasecurity/trivy/commit/2a6c7ab3b338ce4a8f99d6ac3508c2531dcbe812)) - **misconf:** use module to log when metadata retrieval fails ([#​7405](https://redirect.github.com/aquasecurity/trivy/issues/7405)) ([0799770](https://redirect.github.com/aquasecurity/trivy/commit/0799770b8827a8276ad0d6d9ac7e0381c286757c)) - **misconf:** wrap Azure PortRange in iac types ([#​7357](https://redirect.github.com/aquasecurity/trivy/issues/7357)) ([c5c62d5](https://redirect.github.com/aquasecurity/trivy/commit/c5c62d5ff05420321f9cdbfb93e2591e0866a342)) - **nodejs:** check all `importers` to detect dev deps from pnpm-lock.yaml file ([#​7387](https://redirect.github.com/aquasecurity/trivy/issues/7387)) ([fd9ed3a](https://redirect.github.com/aquasecurity/trivy/commit/fd9ed3a330bc66e229bcbdc262dc296a3bf01f54)) - **plugin:** do not call GitHub content API for releases and tags ([#​7274](https://redirect.github.com/aquasecurity/trivy/issues/7274)) ([b3ee6da](https://redirect.github.com/aquasecurity/trivy/commit/b3ee6dac269bd7847674f3ce985a5ff7f8f0ba38)) - **report:** escape `Message` field in `asff.tpl` template ([#​7401](https://redirect.github.com/aquasecurity/trivy/issues/7401)) ([dd9733e](https://redirect.github.com/aquasecurity/trivy/commit/dd9733e950d3127aa2ac90c45ec7e2b88a2b47ca)) - safely check if the directory exists ([#​7353](https://redirect.github.com/aquasecurity/trivy/issues/7353)) ([05a8297](https://redirect.github.com/aquasecurity/trivy/commit/05a829715f99cd90b122c64cd2f40157854e467b)) - **sbom:** use `NOASSERTION` for licenses fields in SPDX formats ([#​7403](https://redirect.github.com/aquasecurity/trivy/issues/7403)) ([c96dcdd](https://redirect.github.com/aquasecurity/trivy/commit/c96dcdd440a14cdd1b01ac473b2c15e4698e387b)) - **secret:** use `.eyJ` keyword for JWT secret ([#​7410](https://redirect.github.com/aquasecurity/trivy/issues/7410)) ([bf64003](https://redirect.github.com/aquasecurity/trivy/commit/bf64003ac8b209f34b88f228918a96d4f9dac5e0)) - **secret:** use only line with secret for long secret lines ([#​7412](https://redirect.github.com/aquasecurity/trivy/issues/7412)) ([391448a](https://redirect.github.com/aquasecurity/trivy/commit/391448aba9fcb0a4138225e5ab305e4e6707c603)) - **terraform:** add aws_region name to presets ([#​7184](https://redirect.github.com/aquasecurity/trivy/issues/7184)) ([bb2e26a](https://redirect.github.com/aquasecurity/trivy/commit/bb2e26a0ab707b718f6a890cbc87e2492298b6e5)) ##### Performance Improvements - **misconf:** do not convert contents of a YAML file to string ([#​7292](https://redirect.github.com/aquasecurity/trivy/issues/7292)) ([85dadf5](https://redirect.github.com/aquasecurity/trivy/commit/85dadf56265647c000191561db10b08a4948c140)) - **misconf:** optimize work with context ([#​6968](https://redirect.github.com/aquasecurity/trivy/issues/6968)) ([2b6d8d9](https://redirect.github.com/aquasecurity/trivy/commit/2b6d8d9227fb6ecc9386a14333964c23c0370a52)) - **misconf:** use json.Valid to check validity of JSON ([#​7308](https://redirect.github.com/aquasecurity/trivy/issues/7308)) ([c766831](https://redirect.github.com/aquasecurity/trivy/commit/c766831069e188226efafeec184e41498685ed85))

golangci/golangci-lint (golangci/golangci-lint)

### [`v1.61.0`](https://redirect.github.com/golangci/golangci-lint/blob/HEAD/CHANGELOG.md#v1610) [Compare Source](https://redirect.github.com/golangci/golangci-lint/compare/v1.60.3...v1.61.0) 1. Enhancements - Add `junit-xml-extended` format - Exclude Swagger Codegen files by default 2. Updated linters - `dupword`: from 0.0.14 to 0.1.1 - `fatcontext`: from 0.4.0 to 0.5.2 - `gci`: from 0.13.4 to 0.13.5 (new option `no-lex-order`) - `go-ruleguard`: from 0.4.2 to [`0fe6f58`](https://redirect.github.com/golangci/golangci-lint/commit/0fe6f58b47b1) (fix panic with custom linters) - `godot`: from 1.4.16 to 1.4.17 - `gomodguard`: from 1.3.3 to 1.3.5 - `gosec`: disable temporarily `G407` - `gosec`: from [`ab3f6c1`](https://redirect.github.com/golangci/golangci-lint/commit/ab3f6c1c83a0) to 2.21.2 (partially fix `G115`) - `intrange`: from 0.1.2 to 0.2.0 - `nolintlint`: remove the empty line in the directive replacement 3. Misc. - Improve runtime version parsing 4. Documentation - Add additional info about `typecheck` ### [`v1.60.3`](https://redirect.github.com/golangci/golangci-lint/blob/HEAD/CHANGELOG.md#v1603) [Compare Source](https://redirect.github.com/golangci/golangci-lint/compare/v1.60.2...v1.60.3) 1. Updated linters - `gosec`: from [`81cda2f`](https://redirect.github.com/golangci/golangci-lint/commit/81cda2f91fbe) to [`ab3f6c1`](https://redirect.github.com/golangci/golangci-lint/commit/ab3f6c1c83a0) (fix `G115` false positives) 2. Misc. - Check that the Go version use to build is greater or equals to the Go version of the project ### [`v1.60.2`](https://redirect.github.com/golangci/golangci-lint/blob/HEAD/CHANGELOG.md#v1602) [Compare Source](https://redirect.github.com/golangci/golangci-lint/compare/v1.60.1...v1.60.2) 1. Updated linters - `gofmt`: update to HEAD (go1.22) - `gofumpt`: from 0.6.0 to 0.7.0 - `gosec`: fix G602 analyzer - `gosec`: from [`5f0084e`](https://redirect.github.com/golangci/golangci-lint/commit/5f0084eb01a9) to [`81cda2f`](https://redirect.github.com/golangci/golangci-lint/commit/81cda2f91fbe) (adds `G115`, `G405`, `G406`, `G506`, `G507`) - `staticcheck`: from 0.5.0 to 0.5.1 - `staticcheck`: propagate Go version - `wrapcheck`: from 2.8.3 to 2.9.0 - ⚠️ `exportloopref`: deprecation ### [`v1.60.1`](https://redirect.github.com/golangci/golangci-lint/blob/HEAD/CHANGELOG.md#v1601) [Compare Source](https://redirect.github.com/golangci/golangci-lint/compare/v1.60.0...v1.60.1) 1. Updated linters - `errorlint`: from 1.5.2 to 1.6.0 - `exhaustruct`: from 3.2.0 to 3.3.0 (recognize custom error values in return) - `fatcontext`: from 0.2.2 to 0.4.0 (fix false positives for context stored in structs) - `gocognit`: from 1.1.2 to 1.1.3 - `gomodguard`: from 1.3.2 to 1.3.3 - `govet` (`printf`): report non-constant format, no args - `lll`: advertise max line length instead of just reporting failure - `revive`: from 1.3.7 to 1.3.9 (new rule: `comments-density`) - `sloglint`: from 0.7.1 to 0.7.2 - `spancheck`: from 0.6.1 to 0.6.2 - `staticcheck`: from 0.4.7 to 0.5.0 - `tenv`: from 1.7.1 to 1.10.0 (remove reports on fuzzing) - `testifylint`: from 1.3.1 to 1.4.3 (new options: `formatter`, `suite-broken-parallel`, `suite-subtest-run`) - `tparallel`: from 0.3.1 to 0.3.2 - `usestdlibvars`: from 1.26.0 to 1.27.0 (fix false-positive with number used inside a mathematical operations) - `wsl`: from 4.2.1 to 4.4.1 - ️⚠️ `unused`: remove `exported-is-used` option 2. Fixes - SARIF: sanitize level property - ️⚠️ `typecheck` issues should never be ignored 3. Documentation - Add link on linter without configuration - Remove 'trusted by' page - `wsl` update documentation of the configuration 4. misc. - 🎉 go1.23 support ### [`v1.60.0`](https://redirect.github.com/golangci/golangci-lint/blob/HEAD/CHANGELOG.md#v1600) [Compare Source](https://redirect.github.com/golangci/golangci-lint/compare/v1.59.1...v1.60.0) Cancelled due to a CI problem.

---

Configuration

📅 Schedule: Branch creation - "on the first day of the month" in timezone Europe/Berlin, Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• [ ] If you want to rebase/retry this PR, check this box