TehRiehlDeal/movieloop-frontend
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix(ci): bump Trivy to v0.70.0 (v0.58.1 was never released)
frontend-ci / lint (push) Successful in 15s
Details
frontend-ci / typecheck (push) Successful in 13s
Details
frontend-ci / secrets-scan (push) Successful in 4s
Details
frontend-ci / sast (push) Successful in 7s
Details
frontend-ci / fs-scan (push) Failing after 11s
Details
frontend-ci / build (push) Has been cancelled
Details
frontend-ci / image-scan (push) Has been cancelled
Details
frontend-ci / push (push) Has been cancelled
Details

Browse Source 
The previous pin to v0.58.1 returned a 404 — that tag doesn't exist in
the trivy releases. Latest is v0.70.0; pinning to that. Verified the
asset naming convention (trivy_X.Y.Z_Linux-64bit.tar.gz) is unchanged.
This commit is contained in:
Kevin Riehl
2026-05-08 18:05:58 -07:00
parent 4e133e71a7
commit 9a26b935a8
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files
.gitea/workflows/ci.yml
+2 -2
View File
@@ -60,7 +60,7 @@ jobs:
- uses: actions/checkout@v4 - uses: actions/checkout@v4
- name: Install and run Trivy (filesystem) - name: Install and run Trivy (filesystem)
run: | run: |
TRIVY_VERSION=0.58.1 TRIVY_VERSION=0.70.0
curl -sSL "https://github.com/aquasecurity/trivy/releases/download/v${TRIVY_VERSION}/trivy_${TRIVY_VERSION}_Linux-64bit.tar.gz" \ curl -sSL "https://github.com/aquasecurity/trivy/releases/download/v${TRIVY_VERSION}/trivy_${TRIVY_VERSION}_Linux-64bit.tar.gz" \
| tar xz -C /tmp trivy | tar xz -C /tmp trivy
/tmp/trivy fs --severity HIGH,CRITICAL --exit-code 1 --ignore-unfixed --no-progress . /tmp/trivy fs --severity HIGH,CRITICAL --exit-code 1 --ignore-unfixed --no-progress .
@@ -97,7 +97,7 @@ jobs:
cache-from: type=gha cache-from: type=gha
- name: Install and run Trivy (image) - name: Install and run Trivy (image)
run: | run: |
TRIVY_VERSION=0.58.1 TRIVY_VERSION=0.70.0
curl -sSL "https://github.com/aquasecurity/trivy/releases/download/v${TRIVY_VERSION}/trivy_${TRIVY_VERSION}_Linux-64bit.tar.gz" \ curl -sSL "https://github.com/aquasecurity/trivy/releases/download/v${TRIVY_VERSION}/trivy_${TRIVY_VERSION}_Linux-64bit.tar.gz" \
| tar xz -C /tmp trivy | tar xz -C /tmp trivy
/tmp/trivy image --severity HIGH,CRITICAL --exit-code 1 --ignore-unfixed --no-progress \ /tmp/trivy image --severity HIGH,CRITICAL --exit-code 1 --ignore-unfixed --no-progress \