chore: bump github.com/aquasecurity/trivy from 0.67.2 to 0.69.2

[dependabot]

Bumps github.com/aquasecurity/trivy from 0.67.2 to 0.69.2.

Release notes

Sourced from github.com/aquasecurity/trivy's releases.

v0.69.2

Changelog

• cfa322ed23f2e33ef1632ae3a5a8c7172f06a5c3 release: v0.69.2 [release/v0.69] (#10266)
• 86debce0f4897e9501368fe0611c5ae472a141eb fix(deps): bump go.opentelemetry.io/otel/sdk from 1.39.0 to 1.40.0 [backport: release/v0.69] (#10267)
• cf3d4cd6a8bdf5b5b1d701f591bd8aaabd2c7c27 fix(deps): bump github.com/cloudflare/circl from 1.6.1 to 1.6.3 [backport: release/v0.69] (#10264)
• 6dfd3b078b95d30e812e04f13fd1cac7e08f9b4e ci: remove apidiff workflow

Changelog

Sourced from github.com/aquasecurity/trivy's changelog.

0.69.2 (2026-03-01)

Bug Fixes

• deps: bump github.com/cloudflare/circl from 1.6.1 to 1.6.3 [backport: release/v0.69] (#10264) (cf3d4cd)
• deps: bump go.opentelemetry.io/otel/sdk from 1.39.0 to 1.40.0 [backport: release/v0.69] (#10267) (86debce)

0.69.1 (2026-02-05)

Bug Fixes

• misconf: apply check aliases when filtering results via .trivyignore [backport: release/v0.69] (#10143) (3b30cc7)

0.69.0 (2026-01-30)

⚠ BREAKING CHANGES

• misconf: use ID instead of AVDID for providers mapping (#9752)

Features

• activestate: add support ActiveState images (#10081) (676709d)
• add AnalyzedBy field to track which analyzer detected packages (#10059) (1953824)
• cloudformation: add support for Fn::ForEach (#9508) (d65b504)
• debian: detect third-party packages using maintainer list (#9917) (effc1c0)
• flag: add JSON Schema for trivy.yaml configuration file (#9971) (4caf731)
• helm: add sslCertDir parameter (#9697) (879e4fc)
• julia: enable vulnerability scanning for the Julia language ecosystem (#9800) (c2f82ad)
• misconf: add action block to Terraform schema (#10035) (b06ef6d)
• misconf: initial ansible scanning support (#9332) (9275e15)
• misconf: support for ARM resources defined as an object (#9959) (92d3465)
• misconf: support for azurerm_*_web_app (#9944) (37b5da8)
• misconf: Update Azure Database schema (#9811) (48dfede)
• misconf: use Terraform plan configuration to partially restore schema (#9623) (5fced3a)
• nodejs: parse licenses from package-lock.json file (#9983) (b64d5ad)
• php: add support for dev dependencies in Composer (#9910) (56b59e8)
• report: add Trivy version to JSON output (#10065) (fe7d20a)
• rocky: enable modular package vulnerability detection (#10069) (31c4780)
• rootio: Update trivy db to support usage of Severity from root.io feed (#9930) (d3096e7)
• sbom: exclude PEP 770 SBOMs in .dist-info/sboms/ (#10033) (07ff788)
• secret: add detection for Symfony default secret key (#9892) (34baef2)
• vex: support per-repo tls configuration (#10030) (f809066)
• vuln: skip vulnerability scanning for third-party packages in Debian/Ubuntu (#9932) (74819bf)

Bug Fixes

... (truncated)

Commits

• cfa322e release: v0.69.2 [release/v0.69] (#10266)
• 86debce fix(deps): bump go.opentelemetry.io/otel/sdk from 1.39.0 to 1.40.0 [backport:...
• cf3d4cd fix(deps): bump github.com/cloudflare/circl from 1.6.1 to 1.6.3 [backport: re...
• 6dfd3b0 ci: remove apidiff workflow
• 123888b release: v0.69.1 [release/v0.69] (#10145)
• 29d3b06 ci: add composite action for Go setup [backport: release/v0.69] (#10150)
• 3b30cc7 fix(misconf): apply check aliases when filtering results via .trivyignore [ba...
• a8e279b chore(deps): bump to alpine:3.23.3 and go-1.25.6 to fix CVEs [backport: relea...
• 8fb9191 release: v0.69.0 [main] (#9886)
• ba9feb6 chore: bump trivy-checks to v2 (#9875)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)