Update mirror.gcr.io/aquasec/trivy Docker tag to v0.64.1 #812

renovate-bot · 2025-07-01T10:01:35Z

renovate-bot commented

2025-07-01 10:01:35 +00:00

This PR contains the following updates:

Package	Update	Change
mirror.gcr.io/aquasec/trivy (source)	minor	`0.63.0` -> `0.64.1`

Release Notes

aquasecurity/trivy (mirror.gcr.io/aquasec/trivy)

`v0.64.1`

Compare Source

Changelog

86ee3c1 release: v0.64.1 [release/v0.64] (#9122)
4e12722 fix(misconf): skip rewriting expr if attr is nil [backport: release/v0.64] (#9127)
9a7d384 fix(cli): Add more non-sensitive flags to telemetry [backport: release/v0.64] (#9124)
53adfba fix(rootio): check full version to detect root.io packages [backport: release/v0.64] (#9120)
8cf1bf9 fix(alma): parse epochs from rpmqa file [backport: release/v0.64] (#9119)

`v0.64.0`

Compare Source

Features

cli: add version constraints to annoucements (#9023) (19efa9f)
java: dereference all maven settings.xml env placeholders (#9024) (5aade69)
misconf: add OpenTofu file extension support (#8747) (57801d0)
misconf: normalize CreatedBy for buildah and legacy docker builder (#8953) (65e155f)
redhat: Add EOL date for RHEL 10. (#8910) (48258a7)
reject unsupported artifact types in remote image retrieval (#9052) (1e1e1b5)
sbom: add manufacturer field to CycloneDX tools metadata (#9019) (41d0f94)
terraform: add partial evaluation for policy templates (#8967) (a9f7dcd)
ubuntu: add end of life date for Ubuntu 25.04 (#9077) (367564a)
ubuntu: add eol date for 20.04-ESM (#8981) (87118a0)
vuln: add Root.io support for container image scanning (#9073) (3a0ec0f)

Bug Fixes

Add missing version check flags (#8951) (ef5f8de)
cli: add some values to the telemetry call (#9056) (fd2bc91)
Correctly check for semver versions for trivy version check (#8948) (b813527)
don't show corrupted trivy-db warning for first run (#8991) (4ed78e3)
misconf: .Config.User always takes precedence over USER in .History (#9050) (371b8cc)
misconf: correct Azure value-to-time conversion in AsTimeValue (#9015) (40d017b)
misconf: move disabled checks filtering after analyzer scan (#9002) (a58c36d)
misconf: reduce log noise on incompatible check (#9029) (99c5151)
nodejs: correctly parse packages array of bun.lock file (#8998) (875ec3a)
report: don't panic when report contains vulns, but doesn't contain packages for table format (#8549) (87fda76)
sbom: remove unnecessary OS detection check in SBOM decoding (#9034) (198789a)

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

If you want to rebase/retry this PR, check this box

This PR has been generated by Renovate Bot.

This PR contains the following updates: | Package | Update | Change | |---|---|---| | [mirror.gcr.io/aquasec/trivy](https://www.aquasec.com/products/trivy/) ([source](https://github.com/aquasecurity/trivy)) | minor | `0.63.0` -> `0.64.1` | --- ### Release Notes <details> <summary>aquasecurity/trivy (mirror.gcr.io/aquasec/trivy)</summary> ### [`v0.64.1`](https://github.com/aquasecurity/trivy/releases/tag/v0.64.1) [Compare Source](https://github.com/aquasecurity/trivy/compare/v0.64.0...v0.64.1) #### Changelog - [`86ee3c1`](https://github.com/aquasecurity/trivy/commit/86ee3c1176d4707536914dfa65ac8eca452e14cd) release: v0.64.1 \[release/v0.64] ([#9122](https://github.com/aquasecurity/trivy/issues/9122)) - [`4e12722`](https://github.com/aquasecurity/trivy/commit/4e1272283a643bfca2d7231d286006219715fada) fix(misconf): skip rewriting expr if attr is nil \[backport: release/v0.64] ([#9127](https://github.com/aquasecurity/trivy/issues/9127)) - [`9a7d384`](https://github.com/aquasecurity/trivy/commit/9a7d38432cf00f00970259e5ac3edd060e00ccff) fix(cli): Add more non-sensitive flags to telemetry \[backport: release/v0.64] ([#9124](https://github.com/aquasecurity/trivy/issues/9124)) - [`53adfba`](https://github.com/aquasecurity/trivy/commit/53adfba3c25664b01e3a36fdec334b39b53c07f1) fix(rootio): check full version to detect `root.io` packages \[backport: release/v0.64] ([#9120](https://github.com/aquasecurity/trivy/issues/9120)) - [`8cf1bf9`](https://github.com/aquasecurity/trivy/commit/8cf1bf9f6f86936ee7dcd29e0d1cd1ec106e28f6) fix(alma): parse epochs from rpmqa file \[backport: release/v0.64] ([#9119](https://github.com/aquasecurity/trivy/issues/9119)) ### [`v0.64.0`](https://github.com/aquasecurity/trivy/blob/HEAD/CHANGELOG.md#0640-2025-06-30) [Compare Source](https://github.com/aquasecurity/trivy/compare/v0.63.0...v0.64.0) ##### Features - **cli:** add version constraints to annoucements ([#9023](https://github.com/aquasecurity/trivy/issues/9023)) ([19efa9f](https://github.com/aquasecurity/trivy/commit/19efa9fd372242d2ec582a248e9e6573d2caef00)) - **java:** dereference all maven settings.xml env placeholders ([#9024](https://github.com/aquasecurity/trivy/issues/9024)) ([5aade69](https://github.com/aquasecurity/trivy/commit/5aade698c71450badf8db028be61e12ec85c6248)) - **misconf:** add OpenTofu file extension support ([#8747](https://github.com/aquasecurity/trivy/issues/8747)) ([57801d0](https://github.com/aquasecurity/trivy/commit/57801d0324384d990889ba39d856c881e5b8b070)) - **misconf:** normalize CreatedBy for buildah and legacy docker builder ([#8953](https://github.com/aquasecurity/trivy/issues/8953)) ([65e155f](https://github.com/aquasecurity/trivy/commit/65e155fdaf0ad02ec82f00a004427f126faf65ed)) - **redhat:** Add EOL date for RHEL 10. ([#8910](https://github.com/aquasecurity/trivy/issues/8910)) ([48258a7](https://github.com/aquasecurity/trivy/commit/48258a701a7adb210c433310de52f48568ccee19)) - reject unsupported artifact types in remote image retrieval ([#9052](https://github.com/aquasecurity/trivy/issues/9052)) ([1e1e1b5](https://github.com/aquasecurity/trivy/commit/1e1e1b5fa6a884da978fe1ed4c222d613d6eafbd)) - **sbom:** add manufacturer field to CycloneDX tools metadata ([#9019](https://github.com/aquasecurity/trivy/issues/9019)) ([41d0f94](https://github.com/aquasecurity/trivy/commit/41d0f949c874609641c08fa2620fa10bf4ceef78)) - **terraform:** add partial evaluation for policy templates ([#8967](https://github.com/aquasecurity/trivy/issues/8967)) ([a9f7dcd](https://github.com/aquasecurity/trivy/commit/a9f7dcdb9c5973746c3737f2bbc3306a74be5408)) - **ubuntu:** add end of life date for Ubuntu 25.04 ([#9077](https://github.com/aquasecurity/trivy/issues/9077)) ([367564a](https://github.com/aquasecurity/trivy/commit/367564a3bec0c202566c59598dcff087bf50a23d)) - **ubuntu:** add eol date for 20.04-ESM ([#8981](https://github.com/aquasecurity/trivy/issues/8981)) ([87118a0](https://github.com/aquasecurity/trivy/commit/87118a0ec4a6ae492523b7bac9834c2b93a14557)) - **vuln:** add Root.io support for container image scanning ([#9073](https://github.com/aquasecurity/trivy/issues/9073)) ([3a0ec0f](https://github.com/aquasecurity/trivy/commit/3a0ec0f2acff6a13ed6ab348b6b220d49e14a298)) ##### Bug Fixes - Add missing version check flags ([#8951](https://github.com/aquasecurity/trivy/issues/8951)) ([ef5f8de](https://github.com/aquasecurity/trivy/commit/ef5f8de8dadf5534a2c965aecca01c7067e5baca)) - **cli:** add some values to the telemetry call ([#9056](https://github.com/aquasecurity/trivy/issues/9056)) ([fd2bc91](https://github.com/aquasecurity/trivy/commit/fd2bc91e133f846bc9f0910c19ac3be3fbfe4009)) - Correctly check for semver versions for trivy version check ([#8948](https://github.com/aquasecurity/trivy/issues/8948)) ([b813527](https://github.com/aquasecurity/trivy/commit/b813527449c4604f5afad71ae82b13399bb48680)) - don't show corrupted trivy-db warning for first run ([#8991](https://github.com/aquasecurity/trivy/issues/8991)) ([4ed78e3](https://github.com/aquasecurity/trivy/commit/4ed78e39afe57e81c12482fef9102dc3f85d1493)) - **misconf:** .Config.User always takes precedence over USER in .History ([#9050](https://github.com/aquasecurity/trivy/issues/9050)) ([371b8cc](https://github.com/aquasecurity/trivy/commit/371b8cc02f2ffa3f42534a437ce8727519e7b9b9)) - **misconf:** correct Azure value-to-time conversion in AsTimeValue ([#9015](https://github.com/aquasecurity/trivy/issues/9015)) ([40d017b](https://github.com/aquasecurity/trivy/commit/40d017b67da38131734eab90c42ad945ac3b5013)) - **misconf:** move disabled checks filtering after analyzer scan ([#9002](https://github.com/aquasecurity/trivy/issues/9002)) ([a58c36d](https://github.com/aquasecurity/trivy/commit/a58c36de124cba7250e1a5ae0cc32d83018391fe)) - **misconf:** reduce log noise on incompatible check ([#9029](https://github.com/aquasecurity/trivy/issues/9029)) ([99c5151](https://github.com/aquasecurity/trivy/commit/99c5151d6ea1dabe85cce75ff9bb91166532b11f)) - **nodejs:** correctly parse `packages` array of `bun.lock` file ([#8998](https://github.com/aquasecurity/trivy/issues/8998)) ([875ec3a](https://github.com/aquasecurity/trivy/commit/875ec3a9d2568e15a6824c8f84ad6a59f03eb212)) - **report:** don't panic when report contains vulns, but doesn't contain packages for `table` format ([#8549](https://github.com/aquasecurity/trivy/issues/8549)) ([87fda76](https://github.com/aquasecurity/trivy/commit/87fda76f38a3a6939a87828c3df0c5ac2cf7fce3)) - **sbom:** remove unnecessary OS detection check in SBOM decoding ([#9034](https://github.com/aquasecurity/trivy/issues/9034)) ([198789a](https://github.com/aquasecurity/trivy/commit/198789a07b857b053c73f8fcd1f508902fac344d)) </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).

renovate-bot added the

image

label 2025-07-01 10:01:35 +00:00

renovate-bot added 1 commit 2025-07-01 10:01:35 +00:00

Update mirror.gcr.io/aquasec/trivy Docker tag to v0.64.0

lint-test-helm / helm-lint (pull_request) Successful in 10s

Details

65045d1948

renovate-bot force-pushed renovate/mirror.gcr.io-aquasec-trivy-0.x from 65045d1948 to 8d81f2644c

2025-07-01 18:03:31 +00:00

Compare

renovate-bot force-pushed renovate/mirror.gcr.io-aquasec-trivy-0.x from 8d81f2644c to c772b3cdff

2025-07-01 22:02:55 +00:00

Compare

renovate-bot force-pushed renovate/mirror.gcr.io-aquasec-trivy-0.x from c772b3cdff to 0f9c958f04

2025-07-02 03:03:22 +00:00

Compare

renovate-bot force-pushed renovate/mirror.gcr.io-aquasec-trivy-0.x from 0f9c958f04 to ca1809f6dd

2025-07-02 16:03:31 +00:00

Compare

renovate-bot force-pushed renovate/mirror.gcr.io-aquasec-trivy-0.x from ca1809f6dd to f15f93d838

2025-07-02 17:03:14 +00:00

Compare

renovate-bot force-pushed renovate/mirror.gcr.io-aquasec-trivy-0.x from f15f93d838 to 537abc811f

2025-07-03 00:04:00 +00:00

Compare

renovate-bot force-pushed renovate/mirror.gcr.io-aquasec-trivy-0.x from 537abc811f to 149673f3c2

2025-07-03 01:02:49 +00:00

Compare

renovate-bot force-pushed renovate/mirror.gcr.io-aquasec-trivy-0.x from 149673f3c2 to 1aea049e02

2025-07-03 08:04:07 +00:00

Compare

renovate-bot force-pushed renovate/mirror.gcr.io-aquasec-trivy-0.x from 1aea049e02 to a45b1bf417

2025-07-03 13:04:21 +00:00

Compare

renovate-bot force-pushed renovate/mirror.gcr.io-aquasec-trivy-0.x from a45b1bf417 to 9c15c530aa

2025-07-03 15:02:15 +00:00

Compare

renovate-bot changed title from ~~Update mirror.gcr.io/aquasec/trivy Docker tag to v0.64.0~~ to Update mirror.gcr.io/aquasec/trivy Docker tag to v0.64.1

2025-07-03 15:02:16 +00:00

renovate-bot force-pushed renovate/mirror.gcr.io-aquasec-trivy-0.x from 9c15c530aa to d44ac1af85

2025-07-03 15:03:48 +00:00

Compare

renovate-bot force-pushed renovate/mirror.gcr.io-aquasec-trivy-0.x from d44ac1af85 to e56c427373

2025-07-03 16:03:20 +00:00

Compare

renovate-bot force-pushed renovate/mirror.gcr.io-aquasec-trivy-0.x from e56c427373 to 9da4804026

2025-07-03 18:03:20 +00:00

Compare

renovate-bot force-pushed renovate/mirror.gcr.io-aquasec-trivy-0.x from 9da4804026 to dae2834e25

2025-07-03 19:03:10 +00:00

Compare

renovate-bot force-pushed renovate/mirror.gcr.io-aquasec-trivy-0.x from dae2834e25 to bc641de2d3

2025-07-04 09:03:43 +00:00

Compare

renovate-bot force-pushed renovate/mirror.gcr.io-aquasec-trivy-0.x from bc641de2d3 to 3dc30270d4

2025-07-04 10:03:01 +00:00

Compare

renovate-bot force-pushed renovate/mirror.gcr.io-aquasec-trivy-0.x from 3dc30270d4 to b6ef4a6590

2025-07-04 11:02:42 +00:00

Compare

renovate-bot force-pushed renovate/mirror.gcr.io-aquasec-trivy-0.x from b6ef4a6590 to aa1fb50b4f

2025-07-04 13:02:46 +00:00

Compare

renovate-bot force-pushed renovate/mirror.gcr.io-aquasec-trivy-0.x from aa1fb50b4f to e57d263044

2025-07-04 15:03:31 +00:00

Compare

renovate-bot force-pushed renovate/mirror.gcr.io-aquasec-trivy-0.x from e57d263044 to 373d4164a1

2025-07-04 19:03:04 +00:00

Compare

renovate-bot force-pushed renovate/mirror.gcr.io-aquasec-trivy-0.x from 373d4164a1 to a28852b98e

2025-07-04 20:02:44 +00:00

Compare

renovate-bot force-pushed renovate/mirror.gcr.io-aquasec-trivy-0.x from a28852b98e to ea81f2a826

2025-07-05 00:03:36 +00:00

Compare

renovate-bot force-pushed renovate/mirror.gcr.io-aquasec-trivy-0.x from ea81f2a826 to 5e5ada73e4

2025-07-05 03:03:52 +00:00

Compare

alexlebens merged commit 12831ad36e into main

2025-07-05 04:54:51 +00:00

alexlebens deleted branch renovate/mirror.gcr.io-aquasec-trivy-0.x

2025-07-05 04:54:51 +00:00

alexlebens referenced this issue from a commit

2025-07-05 04:54:55 +00:00

Update mirror.gcr.io/aquasec/trivy Docker tag to v0.64.1 (#812)

Sign in to join this conversation.

1 Participants

Notifications

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: alexlebens/infrastructure#812