github/zot
1
0
Fork 0
mirror of https://github.com/project-zot/zot.git synced 2026-06-16 20:38:08 +08:00
Code Issues Packages Projects Releases Wiki Activity

chore(go.mod): fix dependabot alerts (#1333)

Browse Source 
upgrade to github.com/aws/aws-sdk-go@v1.44.237
upgrade to github.com/aquasecurity/trivy@v0.38.3
upgrade to oras.land/oras-go@v1.2.3
upgrade to github.com/google/go-containerregistry@v0.14.0
upgrade to github.com/moby/buildkit@v0.11.4

Note we can't switch to trivy 0.39.0 as well as some other updates
because they would also require upgrade of cosign to v2 with
breaking api changes

Signed-off-by: Andrei Aaron <aaaron@luxoft.com>
This commit is contained in:
Andrei Aaron
2023-04-06 11:00:12 +03:00
committed by GitHub
parent d9173e3ad3
commit 06bd8a8252
4 changed files with 336 additions and 338 deletions
Download Patch File Download Diff File Expand all files Collapse all files
pkg/extensions/search/cve/trivy/scanner.go
+2 -2
View File
@@ -34,8 +34,8 @@ func getNewScanOptions(dir, dbRepository string) *flag.Options {
CacheDir: dir,
},
ScanOptions: flag.ScanOptions{
SecurityChecks: []string{types.SecurityCheckVulnerability},
OfflineScan: true,
Scanners: types.Scanners{types.VulnerabilityScanner},
OfflineScan: true,
},
VulnerabilityOptions: flag.VulnerabilityOptions{
VulnType: []string{types.VulnTypeOS, types.VulnTypeLibrary},