diff --git a/UPSTREAM_PROJECTS.yaml b/UPSTREAM_PROJECTS.yaml index bf0546560f..7d1d3977a0 100644 --- a/UPSTREAM_PROJECTS.yaml +++ b/UPSTREAM_PROJECTS.yaml @@ -25,7 +25,7 @@ projects: repos: - name: trivy versions: - - tag: v0.56.2 + - tag: v0.58.0 go_version: "1.22" - org: aws repos: diff --git a/projects/aquasecurity/trivy/GIT_TAG b/projects/aquasecurity/trivy/GIT_TAG index df8473fbd1..0bf661714f 100644 --- a/projects/aquasecurity/trivy/GIT_TAG +++ b/projects/aquasecurity/trivy/GIT_TAG @@ -1 +1 @@ -v0.56.2 +v0.58.0 diff --git a/projects/aquasecurity/trivy/README.md b/projects/aquasecurity/trivy/README.md index 4dfdc99bf6..0073ab28dc 100644 --- a/projects/aquasecurity/trivy/README.md +++ b/projects/aquasecurity/trivy/README.md @@ -1,5 +1,5 @@ ## **trivy** -![Version](https://img.shields.io/badge/version-v0.56.2-blue) +![Version](https://img.shields.io/badge/version-v0.58.0-blue) ![Build Status](https://codebuild.us-west-2.amazonaws.com/badges?uuid=eyJlbmNyeXB0ZWREYXRhIjoiMVBvZE5FTEtYaVpuWUJ3eGd2Tis1dHAxT0ZKcXBuWkNVUmpjL0pRVnduRUl2Qm1XZ29xbHBENU5wVGM3TzVTTXhFTS83VUtrWGdCVU9lVkVxSmFhUnBFPSIsIml2UGFyYW1ldGVyU3BlYyI6IkQzTU9tSEd0YWZDc0NVYkIiLCJtYXRlcmlhbFNldFNlcmlhbCI6MX0%3D&branch=main) [Trivy](https://github.com/aquasecurity/trivy/) is a simple and comprehensive scanner for vulnerabilities in container images, file systems, and Git repositories, as well as for configuration issues. Trivy detects vulnerabilities of OS packages (Alpine, RHEL, CentOS, etc.) and language-specific packages (Bundler, Composer, npm, yarn, etc.). In addition, Trivy scans Infrastructure as Code (IaC) files such as Terraform, Dockerfile and Kubernetes, to detect potential configuration issues that expose your deployments to the risk of attack. Trivy also scans hardcoded secrets like passwords, API keys and tokens.