Closed mhamzahkhan closed 1 year ago
Thank you for creating PR!
I checked for library updates.
spf13/viper
contains updates for golang.org/x/text
.
Some library versions are coordinated by me.
v1.2.5 released 🎉
PS C:\Users\YUKIMOCHI\Downloads\trivy> .\trivy.exe image yukimochi/activity-relay:v1.2.5
2023-01-12T22:08:59.414+0900 INFO Vulnerability scanning is enabled
2023-01-12T22:08:59.414+0900 INFO Secret scanning is enabled
2023-01-12T22:08:59.414+0900 INFO If your scanning is slow, please try '--security-checks vuln' to disable secret scanning
2023-01-12T22:08:59.414+0900 INFO Please see also https://aquasecurity.github.io/trivy/v0.36/docs/secret/scanning/#recommendation for faster secret detection
2023-01-12T22:09:07.085+0900 INFO Detected OS: alpine
2023-01-12T22:09:07.085+0900 INFO Detecting Alpine vulnerabilities...
2023-01-12T22:09:07.086+0900 INFO Number of language-specific files: 1
2023-01-12T22:09:07.086+0900 INFO Detecting gobinary vulnerabilities...
yukimochi/activity-relay:v1.2.5 (alpine 3.17.1)
===============================================
Total: 0 (UNKNOWN: 0, LOW: 0, MEDIUM: 0, HIGH: 0, CRITICAL: 0)
I was just auditing the docker images running on my K8S cluster using Trivy and noticed that the activity-relay image has some easily fixable issues that are flagged.
I'm not sure if these issues actually affect Activity-Relay, but I figured it would be worth making a PR anyway.