Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

chore(deps): Bump trivy-checks #8310

Merged
merged 4 commits into from
Jan 30, 2025
Merged

chore(deps): Bump trivy-checks #8310

merged 4 commits into from
Jan 30, 2025

Conversation

simar7
Copy link
Member

@simar7 simar7 commented Jan 30, 2025
edited by nikpivkin
Loading

Description

chore(deps): Bump trivy-checks to v1.6.0

Related PRs:

Checklist

  • I've read the guidelines for contributing to this repository.
  • I've followed the conventions in the PR title.
  • I've added tests that prove my fix is effective or that my feature works.
  • I've updated the documentation with the relevant information (if needed).
  • I've added usage information (if the PR introduces new options)
  • I've included a "before" and "after" example to the description (if the PR is a user interface change).

@simar7 simar7 requested a review from nikpivkin January 30, 2025 02:43
@simar7 simar7 marked this pull request as ready for review January 30, 2025 02:44
@simar7 simar7 requested a review from knqyf263 as a code owner January 30, 2025 02:44
@nikpivkin
test: update golden files
e9a5d20 
Signed-off-by: nikpivkin <[email protected]>
nikpivkin
nikpivkin reviewed Jan 30, 2025
View reviewed changes
integration/testdata/helm_testchart.json.golden
@@ -21,7 +21,7 @@
"Class": "config",
"Type": "helm",
"MisconfSummary": {
"Successes": 89,
"Successes": 90,
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

A new check has been added aquasecurity/trivy-checks#327. Same for other similar changes.

nikpivkin
nikpivkin reviewed Jan 30, 2025
View reviewed changes
integration/testdata/helm.json.golden
"Code": {
"Lines": null
"Lines": [
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The returned object containing the location has been fixed for some checks.

nikpivkin
nikpivkin reviewed Jan 30, 2025
View reviewed changes
integration/testdata/helm.json.golden
{
"Type": "Helm Security Check",
"ID": "KSV118",
"AVDID": "AVD-KSV-0118",
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This check was not entirely correct because it triggered only when securityContext was explicitly specified and empty. However, if securityContext was missing entirely, the rule did not trigger.. Fixed in aquasecurity/trivy-checks#315

@nikpivkin
Copy link
Contributor

@simar7 I opened PR so that the new check wouldn't apply to all inputs and create noise.

@nikpivkin nikpivkin added this pull request to the merge queue Jan 30, 2025
@simar7 simar7 mentioned this pull request Jan 30, 2025
Merged
Merged via the queue into aquasecurity:main with commit 0031a38 Jan 30, 2025
12 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@nikpivkin nikpivkin nikpivkin approved these changes

@knqyf263 knqyf263 Awaiting requested review from knqyf263 knqyf263 is a code owner

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@simar7 @nikpivkin