Merge pull request #2500 from k8s-infra-cherrypick-robot/cherry-pick-2499-to-release-1.31

andyzhangx · web-flow · commit 595bb80eba2a · 2025-04-10T11:55:01.000+03:00
[release-1.31] test: fix CVE-2025-22871 in trivy action
diff --git a/.github/workflows/trivy.yaml b/.github/workflows/trivy.yaml
@@ -12,7 +12,7 @@ jobs:
       - name: Set up Go 1.x
         uses: actions/setup-go@v5
         with:
-          go-version: 1.23.6
+          go-version: 1.24.2
         id: go
 
       - name: Checkout code
diff --git a/.trivyignore b/.trivyignore
@@ -0,0 +1,2 @@
+CVE-2024-3744
+CVE-2025-22871
