Update mirror.gcr.io/aquasec/trivy Docker tag to v0.67.0 #1622

Merged

alexlebens merged 1 commits from renovate/mirror.gcr.io-aquasec-trivy-0.x into main 2025-09-30 20:00:42 +00:00

Conversation 0 Commits 1 Files Changed 1 +1 -1

renovate-bot commented 2025-09-30 09:02:56 +00:00

Collaborator

Copy Link

This PR contains the following updates:

Package	Update	Change
mirror.gcr.io/aquasec/trivy (source)	minor	0.66.0 -> 0.67.0

---

Release Notes

aquasecurity/trivy (mirror.gcr.io/aquasec/trivy)

v0.67.0

Compare Source

Features

• add documentation URL for database lock errors (#​9531) (eba48af)
• cli: change --list-all-pkgs default to true (#​9510) (7b663d8)
• cloudformation: support default values and list results in Fn::FindInMap (#​9515) (42b3bf3)
• cyclonedx: preserve SBOM structure when scanning SBOM files with vulnerability updates (#​9439) (aff03eb)
• redhat: add os-release detection for RHEL-based images (#​9458) (cb25a07)
• sbom: added support for CoreOS (#​9448) (6d562a3)
• seal: add seal support (#​9370) (e4af279)

Bug Fixes

• aws: use BuildableClient insead of xhttp.Client (#​9436) (fa6f1bf)
• close file descriptors and pipes on error paths (#​9536) (a4cbd6a)
• db: Dowload database when missing but metadata still exists (#​9393) (92ebc7e)
• k8s: disable parallel traversal with fs cache for k8s images (#​9534) (c0c7a6b)
• misconf: handle tofu files in module detection (#​9486) (bfd2f6b)
• misconf: strip build metadata suffixes from image history (#​9498) (c938806)
• misconf: unmark cty values before access (#​9495) (8e40d27)
• misconf: wrap legacy ENV values in quotes to preserve spaces (#​9497) (267a970)
• nodejs: parse workspaces as objects for package-lock.json files (#​9518) (404abb3)
• nodejs: use snapshot string as Package.ID for pnpm packages (#​9330) (4517e8c)
• vex: don't suppress vulns for packages with infinity loop (#​9465) (78f0d4a)
• vuln: compare nuget package names in lower case (#​9456) (1ff9ac7)

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Renovate Bot.

This PR contains the following updates: | Package | Update | Change | |---|---|---| | [mirror.gcr.io/aquasec/trivy](https://www.aquasec.com/products/trivy/) ([source](https://github.com/aquasecurity/trivy)) | minor | `0.66.0` -> `0.67.0` | --- ### Release Notes <details> <summary>aquasecurity/trivy (mirror.gcr.io/aquasec/trivy)</summary> ### [`v0.67.0`](https://github.com/aquasecurity/trivy/blob/HEAD/CHANGELOG.md#0670-2025-09-30) [Compare Source](https://github.com/aquasecurity/trivy/compare/v0.66.0...v0.67.0) ##### Features - add documentation URL for database lock errors ([#&#8203;9531](https://github.com/aquasecurity/trivy/issues/9531)) ([eba48af](https://github.com/aquasecurity/trivy/commit/eba48afd583391cef346e45a176aa5a6d77b704f)) - **cli:** change --list-all-pkgs default to true ([#&#8203;9510](https://github.com/aquasecurity/trivy/issues/9510)) ([7b663d8](https://github.com/aquasecurity/trivy/commit/7b663d86ca65ee3eb332c857b77bfa18e6da56c4)) - **cloudformation:** support default values and list results in Fn::FindInMap ([#&#8203;9515](https://github.com/aquasecurity/trivy/issues/9515)) ([42b3bf3](https://github.com/aquasecurity/trivy/commit/42b3bf37bb7d39139911843297c8b8ab3551c31a)) - **cyclonedx:** preserve SBOM structure when scanning SBOM files with vulnerability updates ([#&#8203;9439](https://github.com/aquasecurity/trivy/issues/9439)) ([aff03eb](https://github.com/aquasecurity/trivy/commit/aff03ebab2e7874dd997e20b4ec9962a41eae7bb)) - **redhat:** add os-release detection for RHEL-based images ([#&#8203;9458](https://github.com/aquasecurity/trivy/issues/9458)) ([cb25a07](https://github.com/aquasecurity/trivy/commit/cb25a074501c5cf48050fdf6a0ae7c85c4f385ea)) - **sbom:** added support for CoreOS ([#&#8203;9448](https://github.com/aquasecurity/trivy/issues/9448)) ([6d562a3](https://github.com/aquasecurity/trivy/commit/6d562a3b48926b6efd508e067e1059564173b270)) - **seal:** add seal support ([#&#8203;9370](https://github.com/aquasecurity/trivy/issues/9370)) ([e4af279](https://github.com/aquasecurity/trivy/commit/e4af279b29ed5b77ed1d62e31b232b1f9b92ef4f)) ##### Bug Fixes - **aws:** use `BuildableClient` insead of `xhttp.Client` ([#&#8203;9436](https://github.com/aquasecurity/trivy/issues/9436)) ([fa6f1bf](https://github.com/aquasecurity/trivy/commit/fa6f1bfecfb68c29ad4684a6fb5d86948c7d6887)) - close file descriptors and pipes on error paths ([#&#8203;9536](https://github.com/aquasecurity/trivy/issues/9536)) ([a4cbd6a](https://github.com/aquasecurity/trivy/commit/a4cbd6a1380b7b4dc650a312ec4e5bc47501f674)) - **db:** Dowload database when missing but metadata still exists ([#&#8203;9393](https://github.com/aquasecurity/trivy/issues/9393)) ([92ebc7e](https://github.com/aquasecurity/trivy/commit/92ebc7e4d72424c17d93c54e5f24891710c85a60)) - **k8s:** disable parallel traversal with fs cache for k8s images ([#&#8203;9534](https://github.com/aquasecurity/trivy/issues/9534)) ([c0c7a6b](https://github.com/aquasecurity/trivy/commit/c0c7a6bf1b92c868ed44172b3cd15c51667b8a6e)) - **misconf:** handle tofu files in module detection ([#&#8203;9486](https://github.com/aquasecurity/trivy/issues/9486)) ([bfd2f6b](https://github.com/aquasecurity/trivy/commit/bfd2f6ba697c223d60a7378283293d8e1fc8a8fe)) - **misconf:** strip build metadata suffixes from image history ([#&#8203;9498](https://github.com/aquasecurity/trivy/issues/9498)) ([c938806](https://github.com/aquasecurity/trivy/commit/c9388069a4325a9f8bc53bc8a82ff46d84d06847)) - **misconf:** unmark cty values before access ([#&#8203;9495](https://github.com/aquasecurity/trivy/issues/9495)) ([8e40d27](https://github.com/aquasecurity/trivy/commit/8e40d27a43ecb96795a8a7d4a2444241fc7fce9a)) - **misconf:** wrap legacy ENV values in quotes to preserve spaces ([#&#8203;9497](https://github.com/aquasecurity/trivy/issues/9497)) ([267a970](https://github.com/aquasecurity/trivy/commit/267a9700fa233abe1a04eada8f3ea513f3ebacb3)) - **nodejs:** parse workspaces as objects for package-lock.json files ([#&#8203;9518](https://github.com/aquasecurity/trivy/issues/9518)) ([404abb3](https://github.com/aquasecurity/trivy/commit/404abb3d91cb3b1c1ee027169de5a40e32ba8b8a)) - **nodejs:** use snapshot string as `Package.ID` for pnpm packages ([#&#8203;9330](https://github.com/aquasecurity/trivy/issues/9330)) ([4517e8c](https://github.com/aquasecurity/trivy/commit/4517e8c0ef5e942b8e2e498729257374634ffbf8)) - **vex:** don't suppress vulns for packages with infinity loop ([#&#8203;9465](https://github.com/aquasecurity/trivy/issues/9465)) ([78f0d4a](https://github.com/aquasecurity/trivy/commit/78f0d4ae0378f81940a5faa6497e6905cb5d034a)) - **vuln:** compare `nuget` package names in lower case ([#&#8203;9456](https://github.com/aquasecurity/trivy/issues/9456)) ([1ff9ac7](https://github.com/aquasecurity/trivy/commit/1ff9ac79488e0d4deab4226f1a969676a9851cdb)) </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0MS4xMTYuNiIsInVwZGF0ZWRJblZlciI6IjQxLjExNi42IiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJpbWFnZSJdfQ==-->

renovate-bot added the

image

label 2025-09-30 09:02:56 +00:00

renovate-bot added 1 commit 2025-09-30 09:02:56 +00:00

Update mirror.gcr.io/aquasec/trivy Docker tag to v0.67.0 dd9a121cc9

renovate-bot added 2 commits 2025-09-30 15:04:26 +00:00

Update mirror.gcr.io/aquasec/trivy Docker tag to v0.67.0 dd9a121cc9

Update mirror.gcr.io/aquasec/trivy Docker tag to v0.67.0 f973c8adfd

renovate-bot added 2 commits 2025-09-30 19:04:20 +00:00

Update mirror.gcr.io/aquasec/trivy Docker tag to v0.67.0 f973c8adfd

Update mirror.gcr.io/aquasec/trivy Docker tag to v0.67.0 60137ffb52

alexlebens merged commit c62e888737 into main 2025-09-30 20:00:42 +00:00

alexlebens deleted branch renovate/mirror.gcr.io-aquasec-trivy-0.x 2025-09-30 20:00:43 +00:00

alexlebens referenced this issue from a commit 2025-09-30 20:00:44 +00:00

Update mirror.gcr.io/aquasec/trivy Docker tag to v0.67.0 (#1622)

Sign in to join this conversation.

Reviewers

No Reviewers

Labels

Clear labels

Renovate

Issue generated by Renovate.

automerge

This PR will be automerged by Renovate.

chart

Chart update generated by Renovate.

image

Image update generated by Renovate.

stale

PR or Issue that has not been updated recently.

No Label

image

Milestone

No items

No Milestone

Assignees

Clear assignees

gitea-bot renovate-bot alexlebens

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: alexlebens/infrastructure#1622

No description provided.