From c13023343bcb7ffde5c0a657e40c7bfb977d8d31 Mon Sep 17 00:00:00 2001
From: andyzhangx <xiazhang@microsoft.com>
Date: Sat, 14 Jun 2025 01:50:11 +0000
Subject: [PATCH 1/2] test: fix CVE-2025-4673 in trivy action

---
 .github/workflows/trivy.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/trivy.yaml b/.github/workflows/trivy.yaml
index 23b087308..c2fd1e259 100644
--- a/.github/workflows/trivy.yaml
+++ b/.github/workflows/trivy.yaml
@@ -12,7 +12,7 @@ jobs:
       - name: Set up Go 1.x
         uses: actions/setup-go@v5
         with:
-          go-version: 1.24.2
+          go-version: 1.24.4
         id: go
 
       - name: Checkout code

From 66ac5ccbb3d5009ff322a2bf61d59e83a88a8e6b Mon Sep 17 00:00:00 2001
From: andyzhangx <xiazhang@microsoft.com>
Date: Sat, 14 Jun 2025 02:05:07 +0000
Subject: [PATCH 2/2] test: ignore CVE error in azcopy

---
 .trivyignore | 3 +++
 1 file changed, 3 insertions(+)
 create mode 100644 .trivyignore

diff --git a/.trivyignore b/.trivyignore
new file mode 100644
index 000000000..ffb1fe532
--- /dev/null
+++ b/.trivyignore
@@ -0,0 +1,3 @@
+CVE-2025-22874
+CVE-2025-4673
+CVE-2025-0913