Skip to content

Commit 5e2afe2

Browse files
dependabot[bot]dependabot[bot]
authored
chore(deps): bump github.com/aquasecurity/trivy from 0.59.1 to 0.60.0
Bumps [github.com/aquasecurity/trivy](https://github.com/aquasecurity/trivy) from 0.59.1 to 0.60.0. - [Release notes](https://github.com/aquasecurity/trivy/releases) - [Changelog](https://github.com/aquasecurity/trivy/blob/main/CHANGELOG.md) - [Commits](aquasecurity/trivy@v0.59.1...v0.60.0) --- updated-dependencies: - dependency-name: github.com/aquasecurity/trivy dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>
1 parent 3b78d4f commit 5e2afe2

File tree

2 files changed

+165
-144
lines changed

2 files changed

+165
-144
lines changed

go.mod

Lines changed: 49 additions & 47 deletions
Original file line numberDiff line numberDiff line change
@@ -1,13 +1,12 @@
11
module github.com/codacy/codacy-trivy
22

33
go 1.23.5
4-
5-
toolchain go1.23.6
4+
toolchain go1.24.1
65

76
require (
87
github.com/CycloneDX/cyclonedx-go v0.9.2
9-
github.com/aquasecurity/trivy v0.59.1 // Also update .config.yml
10-
github.com/aquasecurity/trivy-db v0.0.0-20241209111357-8c398f13db0e
8+
github.com/aquasecurity/trivy v0.60.0 // Also update .config.yml
9+
github.com/aquasecurity/trivy-db v0.0.0-20250227071930-8bd8a9b89e2d
1110
github.com/codacy/codacy-engine-golang-seed/v6 v6.3.0
1211
github.com/google/go-cmp v0.7.0
1312
github.com/package-url/packageurl-go v0.1.3
@@ -20,8 +19,8 @@ require (
2019
require (
2120
cel.dev/expr v0.19.0 // indirect
2221
cloud.google.com/go v0.116.0 // indirect
23-
cloud.google.com/go/auth v0.13.0 // indirect
24-
cloud.google.com/go/auth/oauth2adapt v0.2.6 // indirect
22+
cloud.google.com/go/auth v0.14.0 // indirect
23+
cloud.google.com/go/auth/oauth2adapt v0.2.7 // indirect
2524
cloud.google.com/go/compute/metadata v0.6.0 // indirect
2625
cloud.google.com/go/iam v1.2.2 // indirect
2726
cloud.google.com/go/monitoring v1.21.2 // indirect
@@ -31,7 +30,7 @@ require (
3130
github.com/AdamKorcz/go-118-fuzz-build v0.0.0-20231105174938-2b5cbb29f3e2 // indirect
3231
github.com/Azure/azure-sdk-for-go v68.0.0+incompatible // indirect
3332
github.com/Azure/azure-sdk-for-go/sdk/azcore v1.17.0 // indirect
34-
github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.8.1 // indirect
33+
github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.8.2 // indirect
3534
github.com/Azure/azure-sdk-for-go/sdk/internal v1.10.0 // indirect
3635
github.com/Azure/go-ansiterm v0.0.0-20230124172434-306776ec8161 // indirect
3736
github.com/Azure/go-autorest v14.2.0+incompatible // indirect
@@ -40,7 +39,7 @@ require (
4039
github.com/Azure/go-autorest/autorest/date v0.3.0 // indirect
4140
github.com/Azure/go-autorest/logger v0.2.1 // indirect
4241
github.com/Azure/go-autorest/tracing v0.6.0 // indirect
43-
github.com/AzureAD/microsoft-authentication-library-for-go v1.3.2 // indirect
42+
github.com/AzureAD/microsoft-authentication-library-for-go v1.3.3 // indirect
4443
github.com/BurntSushi/toml v1.4.0 // indirect
4544
github.com/DataDog/zstd v1.5.5 // indirect
4645
github.com/GoogleCloudPlatform/docker-credential-gcr v2.0.5+incompatible // indirect
@@ -73,27 +72,27 @@ require (
7372
github.com/aquasecurity/jfather v0.0.8 // indirect
7473
github.com/aquasecurity/table v1.8.0 // indirect
7574
github.com/aquasecurity/tml v0.6.1 // indirect
76-
github.com/aquasecurity/trivy-checks v1.6.1 // indirect
75+
github.com/aquasecurity/trivy-checks v1.7.1 // indirect
7776
github.com/aquasecurity/trivy-java-db v0.0.0-20240109071736-184bd7481d48 // indirect
7877
github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2 // indirect
7978
github.com/aws/aws-sdk-go v1.55.6 // indirect
80-
github.com/aws/aws-sdk-go-v2 v1.34.0 // indirect
81-
github.com/aws/aws-sdk-go-v2/config v1.29.2 // indirect
82-
github.com/aws/aws-sdk-go-v2/credentials v1.17.55 // indirect
83-
github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.16.25 // indirect
84-
github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.29 // indirect
85-
github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.29 // indirect
86-
github.com/aws/aws-sdk-go-v2/internal/ini v1.8.2 // indirect
79+
github.com/aws/aws-sdk-go-v2 v1.36.3 // indirect
80+
github.com/aws/aws-sdk-go-v2/config v1.29.8 // indirect
81+
github.com/aws/aws-sdk-go-v2/credentials v1.17.61 // indirect
82+
github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.16.30 // indirect
83+
github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.34 // indirect
84+
github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.34 // indirect
85+
github.com/aws/aws-sdk-go-v2/internal/ini v1.8.3 // indirect
8786
github.com/aws/aws-sdk-go-v2/service/ebs v1.22.1 // indirect
88-
github.com/aws/aws-sdk-go-v2/service/ec2 v1.201.1 // indirect
89-
github.com/aws/aws-sdk-go-v2/service/ecr v1.38.7 // indirect
90-
github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.12.2 // indirect
91-
github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.12.10 // indirect
92-
github.com/aws/aws-sdk-go-v2/service/s3 v1.74.1 // indirect
93-
github.com/aws/aws-sdk-go-v2/service/sso v1.24.12 // indirect
94-
github.com/aws/aws-sdk-go-v2/service/ssooidc v1.28.11 // indirect
95-
github.com/aws/aws-sdk-go-v2/service/sts v1.33.10 // indirect
96-
github.com/aws/smithy-go v1.22.2 // indirect
87+
github.com/aws/aws-sdk-go-v2/service/ec2 v1.206.0 // indirect
88+
github.com/aws/aws-sdk-go-v2/service/ecr v1.42.0 // indirect
89+
github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.12.3 // indirect
90+
github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.12.15 // indirect
91+
github.com/aws/aws-sdk-go-v2/service/s3 v1.78.0 // indirect
92+
github.com/aws/aws-sdk-go-v2/service/sso v1.25.0 // indirect
93+
github.com/aws/aws-sdk-go-v2/service/ssooidc v1.29.0 // indirect
94+
github.com/aws/aws-sdk-go-v2/service/sts v1.33.16 // indirect
95+
github.com/aws/smithy-go v1.22.3 // indirect
9796
github.com/beorn7/perks v1.0.1 // indirect
9897
github.com/bgentry/go-netrc v0.0.0-20140422174119-9fd32a8b3d3d // indirect
9998
github.com/bitnami/go-version v0.0.0-20231130084017-bb00604d650c // indirect
@@ -156,6 +155,7 @@ require (
156155
github.com/go-gorp/gorp/v3 v3.1.0 // indirect
157156
github.com/go-ini/ini v1.67.0 // indirect
158157
github.com/go-jose/go-jose/v4 v4.0.5 // indirect
158+
github.com/go-json-experiment/json v0.0.0-20250211171154-1ae217ad3535 // indirect
159159
github.com/go-logr/logr v1.4.2 // indirect
160160
github.com/go-logr/stdr v1.2.2 // indirect
161161
github.com/go-openapi/analysis v0.23.0 // indirect
@@ -185,7 +185,7 @@ require (
185185
github.com/google/go-querystring v1.1.0 // indirect
186186
github.com/google/gofuzz v1.2.0 // indirect
187187
github.com/google/licenseclassifier/v2 v2.0.0 // indirect
188-
github.com/google/s2a-go v0.1.8 // indirect
188+
github.com/google/s2a-go v0.1.9 // indirect
189189
github.com/google/shlex v0.0.0-20191202100458-e7afc7fbc510 // indirect
190190
github.com/google/uuid v1.6.0 // indirect
191191
github.com/google/wire v0.6.0 // indirect
@@ -235,14 +235,13 @@ require (
235235
github.com/masahiro331/go-disk v0.0.0-20240625071113-56c933208fee // indirect
236236
github.com/masahiro331/go-ebs-file v0.0.0-20240917043618-e6d2bea5c32e // indirect
237237
github.com/masahiro331/go-ext4-filesystem v0.0.0-20240620024024-ca14e6327bbd // indirect
238-
github.com/masahiro331/go-mvn-version v0.0.0-20210429150710-d3157d602a08 // indirect
238+
github.com/masahiro331/go-mvn-version v0.0.0-20250131095131-f4974fa13b8a // indirect
239239
github.com/masahiro331/go-vmdk-parser v0.0.0-20221225061455-612096e4bbbd // indirect
240240
github.com/masahiro331/go-xfs-filesystem v0.0.0-20231205045356-1b22259a6c44 // indirect
241241
github.com/mattn/go-colorable v0.1.14 // indirect
242242
github.com/mattn/go-isatty v0.0.20 // indirect
243243
github.com/mattn/go-runewidth v0.0.16 // indirect
244244
github.com/mattn/go-shellwords v1.0.12 // indirect
245-
github.com/microsoft/go-rustaudit v0.0.0-20220808201409-204dfee52032 // indirect
246245
github.com/mitchellh/copystructure v1.2.0 // indirect
247246
github.com/mitchellh/go-homedir v1.1.0 // indirect
248247
github.com/mitchellh/go-testing-interface v1.14.1 // indirect
@@ -267,6 +266,7 @@ require (
267266
github.com/mxk/go-flowrate v0.0.0-20140419014527-cca7078d478f // indirect
268267
github.com/nozzle/throttler v0.0.0-20180817012639-2ea982251481 // indirect
269268
github.com/oklog/ulid v1.3.1 // indirect
269+
github.com/oklog/ulid/v2 v2.1.0 // indirect
270270
github.com/open-policy-agent/opa v1.1.0 // indirect
271271
github.com/opencontainers/go-digest v1.0.0 // indirect
272272
github.com/opencontainers/image-spec v1.1.0 // indirect
@@ -277,7 +277,7 @@ require (
277277
github.com/openvex/discovery v0.1.1-0.20240802171711-7c54efc57553 // indirect
278278
github.com/openvex/go-vex v0.2.5 // indirect
279279
github.com/owenrumney/go-sarif/v2 v2.3.3 // indirect
280-
github.com/owenrumney/squealer v1.2.6 // indirect
280+
github.com/owenrumney/squealer v1.2.11 // indirect
281281
github.com/pelletier/go-toml/v2 v2.2.3 // indirect
282282
github.com/peterbourgon/diskv v2.0.1+incompatible // indirect
283283
github.com/pjbgf/sha1cd v0.3.2 // indirect
@@ -293,8 +293,10 @@ require (
293293
github.com/rivo/uniseg v0.4.7 // indirect
294294
github.com/rubenv/sql-migrate v1.7.1 // indirect
295295
github.com/russross/blackfriday/v2 v2.1.0 // indirect
296+
github.com/rust-secure-code/go-rustaudit v0.0.0-20250226111315-e20ec32e963c // indirect
296297
github.com/sagikazarmark/locafero v0.6.0 // indirect
297298
github.com/sagikazarmark/slog-shim v0.1.0 // indirect
299+
github.com/samber/oops v1.15.0 // indirect
298300
github.com/santhosh-tekuri/jsonschema/v5 v5.3.1 // indirect
299301
github.com/sassoftware/go-rpmutils v0.4.0 // indirect
300302
github.com/sassoftware/relic v7.2.1+incompatible // indirect
@@ -303,7 +305,7 @@ require (
303305
github.com/shibumi/go-pathspec v1.3.0 // indirect
304306
github.com/shopspring/decimal v1.4.0 // indirect
305307
github.com/sigstore/cosign/v2 v2.2.4 // indirect
306-
github.com/sigstore/rekor v1.3.8 // indirect
308+
github.com/sigstore/rekor v1.3.9 // indirect
307309
github.com/sigstore/sigstore v1.8.12 // indirect
308310
github.com/sigstore/timestamp-authority v1.2.2 // indirect
309311
github.com/sirupsen/logrus v1.9.3 // indirect
@@ -312,15 +314,15 @@ require (
312314
github.com/spdx/tools-golang v0.5.5 // indirect
313315
github.com/spf13/afero v1.11.0 // indirect
314316
github.com/spf13/cast v1.7.1 // indirect
315-
github.com/spf13/cobra v1.8.1 // indirect
316-
github.com/spf13/pflag v1.0.5 // indirect
317+
github.com/spf13/cobra v1.9.1 // indirect
318+
github.com/spf13/pflag v1.0.6 // indirect
317319
github.com/spf13/viper v1.19.0 // indirect
318320
github.com/stretchr/objx v0.5.2 // indirect
319321
github.com/subosito/gotenv v1.6.0 // indirect
320322
github.com/syndtr/gocapability v0.0.0-20200815063812-42c35b437635 // indirect
321323
github.com/syndtr/goleveldb v1.0.1-0.20220721030215-126854af5e6d // indirect
322324
github.com/tchap/go-patricia/v2 v2.3.2 // indirect
323-
github.com/tetratelabs/wazero v1.8.2 // indirect
325+
github.com/tetratelabs/wazero v1.9.0 // indirect
324326
github.com/theupdateframework/go-tuf v0.7.0 // indirect
325327
github.com/titanous/rocacheck v0.0.0-20171023193734-afe73141d399 // indirect
326328
github.com/tonistiigi/go-csvvalue v0.0.0-20240710180619-ddb21b71c0b4 // indirect
@@ -340,7 +342,7 @@ require (
340342
github.com/yashtewari/glob-intersection v0.2.0 // indirect
341343
github.com/zclconf/go-cty v1.16.2 // indirect
342344
github.com/zclconf/go-cty-yaml v1.1.0 // indirect
343-
go.etcd.io/bbolt v1.3.11 // indirect
345+
go.etcd.io/bbolt v1.4.0 // indirect
344346
go.mongodb.org/mongo-driver v1.14.0 // indirect
345347
go.opencensus.io v0.24.0 // indirect
346348
go.opentelemetry.io/auto/sdk v1.1.0 // indirect
@@ -354,35 +356,35 @@ require (
354356
go.opentelemetry.io/otel/trace v1.34.0 // indirect
355357
go.uber.org/multierr v1.11.0 // indirect
356358
go.uber.org/zap v1.27.0 // indirect
357-
golang.org/x/crypto v0.32.0 // indirect
359+
golang.org/x/crypto v0.33.0 // indirect
358360
golang.org/x/exp v0.0.0-20250106191152-7588d65b2ba8 // indirect
359-
golang.org/x/net v0.34.0 // indirect
361+
golang.org/x/net v0.35.0 // indirect
360362
golang.org/x/oauth2 v0.25.0 // indirect
361-
golang.org/x/sync v0.10.0 // indirect
362-
golang.org/x/sys v0.29.0 // indirect
363-
golang.org/x/term v0.28.0 // indirect
364-
golang.org/x/text v0.21.0 // indirect
363+
golang.org/x/sync v0.11.0 // indirect
364+
golang.org/x/sys v0.30.0 // indirect
365+
golang.org/x/term v0.29.0 // indirect
366+
golang.org/x/text v0.22.0 // indirect
365367
golang.org/x/time v0.9.0 // indirect
366368
golang.org/x/tools v0.29.0 // indirect
367369
golang.org/x/xerrors v0.0.0-20240716161551-93cc26a95ae9 // indirect
368-
google.golang.org/api v0.216.0 // indirect
370+
google.golang.org/api v0.218.0 // indirect
369371
google.golang.org/genproto v0.0.0-20241118233622-e639e219e697 // indirect
370372
google.golang.org/genproto/googleapis/api v0.0.0-20250115164207-1a7da9e5054f // indirect
371373
google.golang.org/genproto/googleapis/rpc v0.0.0-20250115164207-1a7da9e5054f // indirect
372374
google.golang.org/grpc v1.70.0 // indirect
373-
google.golang.org/protobuf v1.36.4 // indirect
375+
google.golang.org/protobuf v1.36.5 // indirect
374376
gopkg.in/cheggaaa/pb.v1 v1.0.28 // indirect
375377
gopkg.in/evanphx/json-patch.v4 v4.12.0 // indirect
376378
gopkg.in/inf.v0 v0.9.1 // indirect
377379
gopkg.in/ini.v1 v1.67.0 // indirect
378380
gopkg.in/warnings.v0 v0.1.2 // indirect
379381
gopkg.in/yaml.v3 v3.0.1 // indirect
380382
gotest.tools/v3 v3.5.0 // indirect
381-
helm.sh/helm/v3 v3.17.0 // indirect
382-
k8s.io/api v0.32.1 // indirect
383-
k8s.io/apiextensions-apiserver v0.32.0 // indirect
384-
k8s.io/apimachinery v0.32.1 // indirect
385-
k8s.io/apiserver v0.32.0 // indirect
383+
helm.sh/helm/v3 v3.17.1 // indirect
384+
k8s.io/api v0.32.2 // indirect
385+
k8s.io/apiextensions-apiserver v0.32.1 // indirect
386+
k8s.io/apimachinery v0.32.2 // indirect
387+
k8s.io/apiserver v0.32.1 // indirect
386388
k8s.io/cli-runtime v0.32.1 // indirect
387389
k8s.io/client-go v0.32.1 // indirect
388390
k8s.io/component-base v0.32.1 // indirect

0 commit comments

Comments
 (0)