From b0b5aad9921d68a2ff7235bdaf2ba1b7eb8483fa Mon Sep 17 00:00:00 2001
From: andyzhangx <xiazhang@microsoft.com>
Date: Sat, 14 Jun 2025 01:50:11 +0000
Subject: [PATCH 1/2] test: fix CVE-2025-4673 in trivy action

---
 .github/workflows/trivy.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/trivy.yaml b/.github/workflows/trivy.yaml
index 23b087308..c2fd1e259 100644
--- a/.github/workflows/trivy.yaml
+++ b/.github/workflows/trivy.yaml
@@ -12,7 +12,7 @@ jobs:
       - name: Set up Go 1.x
         uses: actions/setup-go@v5
         with:
-          go-version: 1.24.2
+          go-version: 1.24.4
         id: go
 
       - name: Checkout code

From f21401d0fde4eb7ee144a59fcde5b517aa508da8 Mon Sep 17 00:00:00 2001
From: andyzhangx <xiazhang@microsoft.com>
Date: Sat, 14 Jun 2025 02:05:07 +0000
Subject: [PATCH 2/2] test: ignore CVE error in azcopy

---
 .trivyignore | 3 +++
 1 file changed, 3 insertions(+)
 create mode 100644 .trivyignore

diff --git a/.trivyignore b/.trivyignore
new file mode 100644
index 000000000..ffb1fe532
--- /dev/null
+++ b/.trivyignore
@@ -0,0 +1,3 @@
+CVE-2025-22874
+CVE-2025-4673
+CVE-2025-0913