Merge pull request #2036 from k8s-infra-cherrypick-robot/cherry-pick-2032-to-release-1.23

andyzhangx · web-flow · commit ac06edae24c2 · 2025-06-15T09:15:02.000+03:00
[release-1.23] test: fix CVE-2025-4673 in trivy action
diff --git a/.github/workflows/trivy.yaml b/.github/workflows/trivy.yaml
@@ -12,7 +12,7 @@ jobs:
       - name: Set up Go 1.x
         uses: actions/setup-go@v4
         with:
-          go-version: 1.24.2
+          go-version: 1.24.4
         id: go
 
       - name: Checkout code
diff --git a/.trivyignore b/.trivyignore
@@ -0,0 +1,3 @@
+CVE-2025-22874
+CVE-2025-4673
+CVE-2025-0913
