From 40bcbe062589d7b03273eb762e89265e95beef9b Mon Sep 17 00:00:00 2001 From: chenk Date: Mon, 20 May 2024 11:54:41 +0300 Subject: [PATCH] chore: bump trivy 0.51.2 (#2081) Signed-off-by: chenk --- deploy/helm/README.md | 2 +- deploy/helm/values.yaml | 2 +- deploy/static/trivy-operator.yaml | 2 +- docs/docs/crds/clustervulnerability-report.md | 2 +- docs/docs/crds/sbom-report.md | 2 +- go.mod | 2 +- go.sum | 4 ++-- pkg/plugins/trivy/config_test.go | 2 +- pkg/plugins/trivy/jobspec_test.go | 2 +- pkg/plugins/trivy/plugin.go | 2 +- pkg/plugins/trivy/testdata/fixture/alpine_sbom.json | 2 +- pkg/vulnerabilityreport/controller/testdata/sbom.json | 2 +- tests/e2e/sbom-client-server/workload/00-sbom-pod.yaml | 2 +- tests/e2e/sbom-fs/workload/00-sbom-pod.yaml | 2 +- tests/e2e/sbom-standalone/workload/00-sbom-pod.yaml | 2 +- 15 files changed, 16 insertions(+), 16 deletions(-) diff --git a/deploy/helm/README.md b/deploy/helm/README.md index 794783fcf..de1a215c5 100644 --- a/deploy/helm/README.md +++ b/deploy/helm/README.md @@ -139,7 +139,7 @@ Keeps security report resources updated | trivy.image.pullPolicy | string | `"IfNotPresent"` | pullPolicy is the imge pull policy used for trivy image , valid values are (Always, Never, IfNotPresent) | | trivy.image.registry | string | `"ghcr.io"` | registry of the Trivy image | | trivy.image.repository | string | `"aquasecurity/trivy"` | repository of the Trivy image | -| trivy.image.tag | string | `"0.51.1"` | tag version of the Trivy image | +| trivy.image.tag | string | `"0.51.2"` | tag version of the Trivy image | | trivy.imageScanCacheDir | string | `"/tmp/trivy/.cache"` | imageScanCacheDir the flag to set custom path for trivy image scan `cache-dir` parameter. Only applicable in image scan mode. | | trivy.includeDevDeps | bool | `false` | includeDevDeps include development dependencies in the report (supported: npm, yarn) (default: false) note: this flag is only applicable when trivy.command is set to filesystem | | trivy.insecureRegistries | object | `{}` | The registry to which insecure connections are allowed. There can be multiple registries with different keys. | diff --git a/deploy/helm/values.yaml b/deploy/helm/values.yaml index a9ab30db3..a5760e8c4 100644 --- a/deploy/helm/values.yaml +++ b/deploy/helm/values.yaml @@ -330,7 +330,7 @@ trivy: # -- repository of the Trivy image repository: aquasecurity/trivy # -- tag version of the Trivy image - tag: 0.51.1 + tag: 0.51.2 # -- imagePullSecret is the secret name to be used when pulling trivy image from private registries example : reg-secret # It is the user responsibility to create the secret for the private registry in `trivy-operator` namespace imagePullSecret: ~ diff --git a/deploy/static/trivy-operator.yaml b/deploy/static/trivy-operator.yaml index b7a55ce1c..4a1f99c33 100644 --- a/deploy/static/trivy-operator.yaml +++ b/deploy/static/trivy-operator.yaml @@ -3025,7 +3025,7 @@ metadata: app.kubernetes.io/managed-by: kubectl data: trivy.repository: "ghcr.io/aquasecurity/trivy" - trivy.tag: "0.51.1" + trivy.tag: "0.51.2" trivy.imagePullPolicy: "IfNotPresent" trivy.additionalVulnerabilityReportFields: "" trivy.severity: "UNKNOWN,LOW,MEDIUM,HIGH,CRITICAL" diff --git a/docs/docs/crds/clustervulnerability-report.md b/docs/docs/crds/clustervulnerability-report.md index 87b2414d7..a0b5fae16 100644 --- a/docs/docs/crds/clustervulnerability-report.md +++ b/docs/docs/crds/clustervulnerability-report.md @@ -44,7 +44,7 @@ report: scanner: name: Trivy vendor: Aqua Security - version: 0.51.1 + version: 0.51.2 summary: criticalCount: 0 highCount: 4 diff --git a/docs/docs/crds/sbom-report.md b/docs/docs/crds/sbom-report.md index ec6ea4fe2..6651edf90 100644 --- a/docs/docs/crds/sbom-report.md +++ b/docs/docs/crds/sbom-report.md @@ -162,7 +162,7 @@ report: scanner: name: Trivy vendor: Aqua Security - version: 0.51.1 + version: 0.51.2 summary: componentsCount: 5 dependenciesCount: 5 diff --git a/go.mod b/go.mod index 25ccc7183..6e89f64f2 100644 --- a/go.mod +++ b/go.mod @@ -4,7 +4,7 @@ go 1.22.3 require ( github.com/CycloneDX/cyclonedx-go v0.8.0 - github.com/aquasecurity/trivy v0.51.2-0.20240511000140-a126e1075a44 + github.com/aquasecurity/trivy v0.51.2 github.com/aquasecurity/trivy-kubernetes v0.6.7-0.20240516083642-d65248d04515 github.com/bluele/gcache v0.0.2 github.com/caarlos0/env/v6 v6.10.1 diff --git a/go.sum b/go.sum index 6df82926f..57b394f34 100644 --- a/go.sum +++ b/go.sum @@ -302,8 +302,8 @@ github.com/aquasecurity/testdocker v0.0.0-20240419073403-90bd43849334 h1:MgvbLyL github.com/aquasecurity/testdocker v0.0.0-20240419073403-90bd43849334/go.mod h1:TKXn7bPfMM52ETP4sjjwkTKCZ18CqCs+I/vtFePSdBc= github.com/aquasecurity/tml v0.6.1 h1:y2ZlGSfrhnn7t4ZJ/0rotuH+v5Jgv6BDDO5jB6A9gwo= github.com/aquasecurity/tml v0.6.1/go.mod h1:OnYMWY5lvI9ejU7yH9LCberWaaTBW7hBFsITiIMY2yY= -github.com/aquasecurity/trivy v0.51.2-0.20240511000140-a126e1075a44 h1:ZIQrS9hSm/MvBUt9ivT5dkoatLbdTNBX0EIm7Yc1GHU= -github.com/aquasecurity/trivy v0.51.2-0.20240511000140-a126e1075a44/go.mod h1:+en2+Lc04HLB5AOl+fBgQ34vR1aqtKVUL8rh7gb3bwI= +github.com/aquasecurity/trivy v0.51.2 h1:C5rb5TsEiwGEKQzKc4f2qsJVd5uG+C2aMx+zF+7KOWY= +github.com/aquasecurity/trivy v0.51.2/go.mod h1:/O2z/ySpHOiVOpiPGwZny3EFs/7Jis6et0nn6mlf6n4= github.com/aquasecurity/trivy-checks v0.10.5-0.20240430045208-6cc735de6b9e h1:s0P4VeCqb7tWw06/L1cZ5/42AWy6VZFuLZ96THPJmmM= github.com/aquasecurity/trivy-checks v0.10.5-0.20240430045208-6cc735de6b9e/go.mod h1:UIFQxYlKcL7EGhNVicFmZ6XxZ2UpFZU7bNKEv/Y/6XM= github.com/aquasecurity/trivy-db v0.0.0-20231020043206-3770774790ce h1:53T1cV67meZOWb/AepAHRGrUH7ZwhulLIXravz0lFp4= diff --git a/pkg/plugins/trivy/config_test.go b/pkg/plugins/trivy/config_test.go index e7037563e..6031beb87 100644 --- a/pkg/plugins/trivy/config_test.go +++ b/pkg/plugins/trivy/config_test.go @@ -725,7 +725,7 @@ func TestPlugin_Init(t *testing.T) { }, Data: map[string]string{ "trivy.repository": DefaultImageRepository, - "trivy.tag": "0.51.1", + "trivy.tag": "0.51.2", "trivy.severity": DefaultSeverity, "trivy.slow": "true", "trivy.mode": string(Standalone), diff --git a/pkg/plugins/trivy/jobspec_test.go b/pkg/plugins/trivy/jobspec_test.go index 5670e6837..27a1b70ec 100644 --- a/pkg/plugins/trivy/jobspec_test.go +++ b/pkg/plugins/trivy/jobspec_test.go @@ -28,7 +28,7 @@ func TestCreateSbomDataSecret(t *testing.T) { ObjectMeta: metav1.ObjectMeta{ Name: "validName", }, - Data: map[string][]byte{"bom": []byte(`{"bomFormat":"CycloneDX","specVersion":"1.5","serialNumber":"urn:uuid:9ba1d0c6-b4e3-4bc0-b8f4-2d3d21c7cfc5","version":1,"metadata":{"timestamp":"2023-11-09T23:34:52+00:00","tools":{"components":[{"type":"application","name":"trivy","group":"aquasecurity","version":"0.51.1","supplier":{}}]},"component":{"bom-ref":"pkg:oci/alpine@sha256%3Aeece025e432126ce23f223450a0326fbebde39cdf496a85d8c016293fc851978?arch=amd64\u0026repository_url=index.docker.io%2Flibrary%2Falpine","type":"container","name":"alpine:3.18","purl":"pkg:oci/alpine@sha256%3Aeece025e432126ce23f223450a0326fbebde39cdf496a85d8c016293fc851978?arch=amd64\u0026repository_url=index.docker.io%2Flibrary%2Falpine","supplier":{},"properties":[{"name":"aquasecurity:trivy:DiffID","value":"sha256:cc2447e1835a40530975ab80bb1f872fbab0f2a0faecf2ab16fbbb89b3589438"},{"name":"aquasecurity:trivy:ImageID","value":"sha256:8ca4688f4f356596b5ae539337c9941abc78eda10021d35cbc52659c74d9b443"},{"name":"aquasecurity:trivy:RepoDigest","value":"alpine@sha256:eece025e432126ce23f223450a0326fbebde39cdf496a85d8c016293fc851978"},{"name":"aquasecurity:trivy:RepoTag","value":"alpine:3.18"},{"name":"aquasecurity:trivy:SchemaVersion","value":"2"}]}},"components":[{"bom-ref":"3329179b-b954-4543-87dc-4fd2e651bdec","type":"operating-system","name":"alpine","version":"3.18.4","supplier":{},"properties":[{"name":"aquasecurity:trivy:Class","value":"os-pkgs"},{"name":"aquasecurity:trivy:Type","value":"alpine"}]},{"bom-ref":"pkg:apk/alpine/alpine-baselayout-data@3.4.3-r1?arch=x86_64\u0026distro=3.18.4","type":"library","name":"alpine-baselayout-data","version":"3.4.3-r1","purl":"pkg:apk/alpine/alpine-baselayout-data@3.4.3-r1?arch=x86_64\u0026distro=3.18.4","supplier":{},"hashes":[{"alg":"SHA-1","content":"602007ee374ed96f35e9bf39b1487d67c6afe027"}],"licenses":[{"license":{"name":"GPL-2.0"}}],"properties":[{"name":"aquasecurity:trivy:LayerDiffID","value":"sha256:cc2447e1835a40530975ab80bb1f872fbab0f2a0faecf2ab16fbbb89b3589438"},{"name":"aquasecurity:trivy:LayerDigest","value":"sha256:96526aa774ef0126ad0fe9e9a95764c5fc37f409ab9e97021e7b4775d82bf6fa"},{"name":"aquasecurity:trivy:PkgID","value":"alpine-baselayout-data@3.4.3-r1"},{"name":"aquasecurity:trivy:PkgType","value":"alpine"},{"name":"aquasecurity:trivy:SrcName","value":"alpine-baselayout"},{"name":"aquasecurity:trivy:SrcVersion","value":"3.4.3-r1"}]},{"bom-ref":"pkg:apk/alpine/alpine-baselayout@3.4.3-r1?arch=x86_64\u0026distro=3.18.4","type":"library","name":"alpine-baselayout","version":"3.4.3-r1","purl":"pkg:apk/alpine/alpine-baselayout@3.4.3-r1?arch=x86_64\u0026distro=3.18.4","supplier":{},"hashes":[{"alg":"SHA-1","content":"cf0bca32762cd5be9974f4c127467b0f93f78f20"}],"licenses":[{"license":{"name":"GPL-2.0"}}],"properties":[{"name":"aquasecurity:trivy:LayerDiffID","value":"sha256:cc2447e1835a40530975ab80bb1f872fbab0f2a0faecf2ab16fbbb89b3589438"},{"name":"aquasecurity:trivy:LayerDigest","value":"sha256:96526aa774ef0126ad0fe9e9a95764c5fc37f409ab9e97021e7b4775d82bf6fa"},{"name":"aquasecurity:trivy:PkgID","value":"alpine-baselayout@3.4.3-r1"},{"name":"aquasecurity:trivy:PkgType","value":"alpine"},{"name":"aquasecurity:trivy:SrcName","value":"alpine-baselayout"},{"name":"aquasecurity:trivy:SrcVersion","value":"3.4.3-r1"}]},{"bom-ref":"pkg:apk/alpine/alpine-keys@2.4-r1?arch=x86_64\u0026distro=3.18.4","type":"library","name":"alpine-keys","version":"2.4-r1","purl":"pkg:apk/alpine/alpine-keys@2.4-r1?arch=x86_64\u0026distro=3.18.4","supplier":{},"hashes":[{"alg":"SHA-1","content":"ec3a3d5ef4c7a168d09516097bb3219ca77c1534"}],"licenses":[{"license":{"name":"MIT"}}],"properties":[{"name":"aquasecurity:trivy:LayerDiffID","value":"sha256:cc2447e1835a40530975ab80bb1f872fbab0f2a0faecf2ab16fbbb89b3589438"},{"name":"aquasecurity:trivy:LayerDigest","value":"sha256:96526aa774ef0126ad0fe9e9a95764c5fc37f409ab9e97021e7b4775d82bf6fa"},{"name":"aquasecurity:trivy:PkgID","value":"alpine-keys@2.4-r1"},{"name":"aquasecurity:trivy:PkgType","value":"alpine"},{"name":"aquasecurity:trivy:SrcName","value":"alpine-keys"},{"name":"aquasecurity:trivy:SrcVersion","value":"2.4-r1"}]},{"bom-ref":"pkg:apk/alpine/apk-tools@2.14.0-r2?arch=x86_64\u0026distro=3.18.4","type":"library","name":"apk-tools","version":"2.14.0-r2","purl":"pkg:apk/alpine/apk-tools@2.14.0-r2?arch=x86_64\u0026distro=3.18.4","supplier":{},"hashes":[{"alg":"SHA-1","content":"8cde25f239ebf691cd135a3954e5193c1ac2ae13"}],"licenses":[{"license":{"name":"GPL-2.0"}}],"properties":[{"name":"aquasecurity:trivy:LayerDiffID","value":"sha256:cc2447e1835a40530975ab80bb1f872fbab0f2a0faecf2ab16fbbb89b3589438"},{"name":"aquasecurity:trivy:LayerDigest","value":"sha256:96526aa774ef0126ad0fe9e9a95764c5fc37f409ab9e97021e7b4775d82bf6fa"},{"name":"aquasecurity:trivy:PkgID","value":"apk-tools@2.14.0-r2"},{"name":"aquasecurity:trivy:PkgType","value":"alpine"},{"name":"aquasecurity:trivy:SrcName","value":"apk-tools"},{"name":"aquasecurity:trivy:SrcVersion","value":"2.14.0-r2"}]},{"bom-ref":"pkg:apk/alpine/busybox-binsh@1.36.1-r2?arch=x86_64\u0026distro=3.18.4","type":"library","name":"busybox-binsh","version":"1.36.1-r2","purl":"pkg:apk/alpine/busybox-binsh@1.36.1-r2?arch=x86_64\u0026distro=3.18.4","supplier":{},"hashes":[{"alg":"SHA-1","content":"9e0f4ae337ae0115b922df25796870c68af47114"}],"licenses":[{"license":{"name":"GPL-2.0"}}],"properties":[{"name":"aquasecurity:trivy:LayerDiffID","value":"sha256:cc2447e1835a40530975ab80bb1f872fbab0f2a0faecf2ab16fbbb89b3589438"},{"name":"aquasecurity:trivy:LayerDigest","value":"sha256:96526aa774ef0126ad0fe9e9a95764c5fc37f409ab9e97021e7b4775d82bf6fa"},{"name":"aquasecurity:trivy:PkgID","value":"busybox-binsh@1.36.1-r2"},{"name":"aquasecurity:trivy:PkgType","value":"alpine"},{"name":"aquasecurity:trivy:SrcName","value":"busybox"},{"name":"aquasecurity:trivy:SrcVersion","value":"1.36.1-r2"}]},{"bom-ref":"pkg:apk/alpine/busybox@1.36.1-r2?arch=x86_64\u0026distro=3.18.4","type":"library","name":"busybox","version":"1.36.1-r2","purl":"pkg:apk/alpine/busybox@1.36.1-r2?arch=x86_64\u0026distro=3.18.4","supplier":{},"hashes":[{"alg":"SHA-1","content":"810fcbdd40674a382415610741a524503b9ba9d2"}],"licenses":[{"license":{"name":"GPL-2.0"}}],"properties":[{"name":"aquasecurity:trivy:LayerDiffID","value":"sha256:cc2447e1835a40530975ab80bb1f872fbab0f2a0faecf2ab16fbbb89b3589438"},{"name":"aquasecurity:trivy:LayerDigest","value":"sha256:96526aa774ef0126ad0fe9e9a95764c5fc37f409ab9e97021e7b4775d82bf6fa"},{"name":"aquasecurity:trivy:PkgID","value":"busybox@1.36.1-r2"},{"name":"aquasecurity:trivy:PkgType","value":"alpine"},{"name":"aquasecurity:trivy:SrcName","value":"busybox"},{"name":"aquasecurity:trivy:SrcVersion","value":"1.36.1-r2"}]},{"bom-ref":"pkg:apk/alpine/ca-certificates-bundle@20230506-r0?arch=x86_64\u0026distro=3.18.4","type":"library","name":"ca-certificates-bundle","version":"20230506-r0","purl":"pkg:apk/alpine/ca-certificates-bundle@20230506-r0?arch=x86_64\u0026distro=3.18.4","supplier":{},"hashes":[{"alg":"SHA-1","content":"47f485d08670a9eb21ebf10e70ae65dc43ab6c3d"}],"licenses":[{"license":{"name":"MPL-2.0"}},{"license":{"name":"MIT"}}],"properties":[{"name":"aquasecurity:trivy:LayerDiffID","value":"sha256:cc2447e1835a40530975ab80bb1f872fbab0f2a0faecf2ab16fbbb89b3589438"},{"name":"aquasecurity:trivy:LayerDigest","value":"sha256:96526aa774ef0126ad0fe9e9a95764c5fc37f409ab9e97021e7b4775d82bf6fa"},{"name":"aquasecurity:trivy:PkgID","value":"ca-certificates-bundle@20230506-r0"},{"name":"aquasecurity:trivy:PkgType","value":"alpine"},{"name":"aquasecurity:trivy:SrcName","value":"ca-certificates"},{"name":"aquasecurity:trivy:SrcVersion","value":"20230506-r0"}]},{"bom-ref":"pkg:apk/alpine/libc-utils@0.7.2-r5?arch=x86_64\u0026distro=3.18.4","type":"library","name":"libc-utils","version":"0.7.2-r5","purl":"pkg:apk/alpine/libc-utils@0.7.2-r5?arch=x86_64\u0026distro=3.18.4","supplier":{},"hashes":[{"alg":"SHA-1","content":"2e59dafeb8bca0786540846c686f121ae8348a42"}],"licenses":[{"license":{"name":"BSD-2-Clause"}},{"license":{"name":"BSD-3-Clause"}}],"properties":[{"name":"aquasecurity:trivy:LayerDiffID","value":"sha256:cc2447e1835a40530975ab80bb1f872fbab0f2a0faecf2ab16fbbb89b3589438"},{"name":"aquasecurity:trivy:LayerDigest","value":"sha256:96526aa774ef0126ad0fe9e9a95764c5fc37f409ab9e97021e7b4775d82bf6fa"},{"name":"aquasecurity:trivy:PkgID","value":"libc-utils@0.7.2-r5"},{"name":"aquasecurity:trivy:PkgType","value":"alpine"},{"name":"aquasecurity:trivy:SrcName","value":"libc-dev"},{"name":"aquasecurity:trivy:SrcVersion","value":"0.7.2-r5"}]},{"bom-ref":"pkg:apk/alpine/libcrypto3@3.1.3-r0?arch=x86_64\u0026distro=3.18.4","type":"library","name":"libcrypto3","version":"3.1.3-r0","purl":"pkg:apk/alpine/libcrypto3@3.1.3-r0?arch=x86_64\u0026distro=3.18.4","supplier":{},"hashes":[{"alg":"SHA-1","content":"fa12c7857510118cad0c71e2695361574e3ddd3b"}],"licenses":[{"license":{"name":"Apache-2.0"}}],"properties":[{"name":"aquasecurity:trivy:LayerDiffID","value":"sha256:cc2447e1835a40530975ab80bb1f872fbab0f2a0faecf2ab16fbbb89b3589438"},{"name":"aquasecurity:trivy:LayerDigest","value":"sha256:96526aa774ef0126ad0fe9e9a95764c5fc37f409ab9e97021e7b4775d82bf6fa"},{"name":"aquasecurity:trivy:PkgID","value":"libcrypto3@3.1.3-r0"},{"name":"aquasecurity:trivy:PkgType","value":"alpine"},{"name":"aquasecurity:trivy:SrcName","value":"openssl"},{"name":"aquasecurity:trivy:SrcVersion","value":"3.1.3-r0"}]},{"bom-ref":"pkg:apk/alpine/libssl3@3.1.3-r0?arch=x86_64\u0026distro=3.18.4","type":"library","name":"libssl3","version":"3.1.3-r0","purl":"pkg:apk/alpine/libssl3@3.1.3-r0?arch=x86_64\u0026distro=3.18.4","supplier":{},"hashes":[{"alg":"SHA-1","content":"ceb37221d0f02272791d42e583b952031bcb7957"}],"licenses":[{"license":{"name":"Apache-2.0"}}],"properties":[{"name":"aquasecurity:trivy:LayerDiffID","value":"sha256:cc2447e1835a40530975ab80bb1f872fbab0f2a0faecf2ab16fbbb89b3589438"},{"name":"aquasecurity:trivy:LayerDigest","value":"sha256:96526aa774ef0126ad0fe9e9a95764c5fc37f409ab9e97021e7b4775d82bf6fa"},{"name":"aquasecurity:trivy:PkgID","value":"libssl3@3.1.3-r0"},{"name":"aquasecurity:trivy:PkgType","value":"alpine"},{"name":"aquasecurity:trivy:SrcName","value":"openssl"},{"name":"aquasecurity:trivy:SrcVersion","value":"3.1.3-r0"}]},{"bom-ref":"pkg:apk/alpine/musl-utils@1.2.4-r1?arch=x86_64\u0026distro=3.18.4","type":"library","name":"musl-utils","version":"1.2.4-r1","purl":"pkg:apk/alpine/musl-utils@1.2.4-r1?arch=x86_64\u0026distro=3.18.4","supplier":{},"hashes":[{"alg":"SHA-1","content":"c78b141d78d68d4cd83f914fbc92f51d60632f53"}],"licenses":[{"license":{"name":"MIT"}},{"license":{"name":"BSD-2-Clause"}},{"license":{"name":"GPL-2.0"}}],"properties":[{"name":"aquasecurity:trivy:LayerDiffID","value":"sha256:cc2447e1835a40530975ab80bb1f872fbab0f2a0faecf2ab16fbbb89b3589438"},{"name":"aquasecurity:trivy:LayerDigest","value":"sha256:96526aa774ef0126ad0fe9e9a95764c5fc37f409ab9e97021e7b4775d82bf6fa"},{"name":"aquasecurity:trivy:PkgID","value":"musl-utils@1.2.4-r1"},{"name":"aquasecurity:trivy:PkgType","value":"alpine"},{"name":"aquasecurity:trivy:SrcName","value":"musl"},{"name":"aquasecurity:trivy:SrcVersion","value":"1.2.4-r1"}]},{"bom-ref":"pkg:apk/alpine/musl@1.2.4-r1?arch=x86_64\u0026distro=3.18.4","type":"library","name":"musl","version":"1.2.4-r1","purl":"pkg:apk/alpine/musl@1.2.4-r1?arch=x86_64\u0026distro=3.18.4","supplier":{},"hashes":[{"alg":"SHA-1","content":"daa1cb11a76eed0a41bb3f241c1e440c5de6281e"}],"licenses":[{"license":{"name":"MIT"}}],"properties":[{"name":"aquasecurity:trivy:LayerDiffID","value":"sha256:cc2447e1835a40530975ab80bb1f872fbab0f2a0faecf2ab16fbbb89b3589438"},{"name":"aquasecurity:trivy:LayerDigest","value":"sha256:96526aa774ef0126ad0fe9e9a95764c5fc37f409ab9e97021e7b4775d82bf6fa"},{"name":"aquasecurity:trivy:PkgID","value":"musl@1.2.4-r1"},{"name":"aquasecurity:trivy:PkgType","value":"alpine"},{"name":"aquasecurity:trivy:SrcName","value":"musl"},{"name":"aquasecurity:trivy:SrcVersion","value":"1.2.4-r1"}]},{"bom-ref":"pkg:apk/alpine/scanelf@1.3.7-r1?arch=x86_64\u0026distro=3.18.4","type":"library","name":"scanelf","version":"1.3.7-r1","purl":"pkg:apk/alpine/scanelf@1.3.7-r1?arch=x86_64\u0026distro=3.18.4","supplier":{},"hashes":[{"alg":"SHA-1","content":"e27abda38faea3635a2db4d50d007751ea280b43"}],"licenses":[{"license":{"name":"GPL-2.0"}}],"properties":[{"name":"aquasecurity:trivy:LayerDiffID","value":"sha256:cc2447e1835a40530975ab80bb1f872fbab0f2a0faecf2ab16fbbb89b3589438"},{"name":"aquasecurity:trivy:LayerDigest","value":"sha256:96526aa774ef0126ad0fe9e9a95764c5fc37f409ab9e97021e7b4775d82bf6fa"},{"name":"aquasecurity:trivy:PkgID","value":"scanelf@1.3.7-r1"},{"name":"aquasecurity:trivy:PkgType","value":"alpine"},{"name":"aquasecurity:trivy:SrcName","value":"pax-utils"},{"name":"aquasecurity:trivy:SrcVersion","value":"1.3.7-r1"}]},{"bom-ref":"pkg:apk/alpine/ssl_client@1.36.1-r2?arch=x86_64\u0026distro=3.18.4","type":"library","name":"ssl_client","version":"1.36.1-r2","purl":"pkg:apk/alpine/ssl_client@1.36.1-r2?arch=x86_64\u0026distro=3.18.4","supplier":{},"hashes":[{"alg":"SHA-1","content":"8fa2c75a96af9a716da588f34241fb6a948854e7"}],"licenses":[{"license":{"name":"GPL-2.0"}}],"properties":[{"name":"aquasecurity:trivy:LayerDiffID","value":"sha256:cc2447e1835a40530975ab80bb1f872fbab0f2a0faecf2ab16fbbb89b3589438"},{"name":"aquasecurity:trivy:LayerDigest","value":"sha256:96526aa774ef0126ad0fe9e9a95764c5fc37f409ab9e97021e7b4775d82bf6fa"},{"name":"aquasecurity:trivy:PkgID","value":"ssl_client@1.36.1-r2"},{"name":"aquasecurity:trivy:PkgType","value":"alpine"},{"name":"aquasecurity:trivy:SrcName","value":"busybox"},{"name":"aquasecurity:trivy:SrcVersion","value":"1.36.1-r2"}]},{"bom-ref":"pkg:apk/alpine/zlib@1.2.13-r1?arch=x86_64\u0026distro=3.18.4","type":"library","name":"zlib","version":"1.2.13-r1","purl":"pkg:apk/alpine/zlib@1.2.13-r1?arch=x86_64\u0026distro=3.18.4","supplier":{},"hashes":[{"alg":"SHA-1","content":"2656e848992b378aa40dca24af8cde9e97161174"}],"licenses":[{"license":{"name":"Zlib"}}],"properties":[{"name":"aquasecurity:trivy:LayerDiffID","value":"sha256:cc2447e1835a40530975ab80bb1f872fbab0f2a0faecf2ab16fbbb89b3589438"},{"name":"aquasecurity:trivy:LayerDigest","value":"sha256:96526aa774ef0126ad0fe9e9a95764c5fc37f409ab9e97021e7b4775d82bf6fa"},{"name":"aquasecurity:trivy:PkgID","value":"zlib@1.2.13-r1"},{"name":"aquasecurity:trivy:PkgType","value":"alpine"},{"name":"aquasecurity:trivy:SrcName","value":"zlib"},{"name":"aquasecurity:trivy:SrcVersion","value":"1.2.13-r1"}]}],"dependencies":[{"ref":"3329179b-b954-4543-87dc-4fd2e651bdec","dependsOn":["pkg:apk/alpine/alpine-baselayout-data@3.4.3-r1?arch=x86_64\u0026distro=3.18.4","pkg:apk/alpine/alpine-baselayout@3.4.3-r1?arch=x86_64\u0026distro=3.18.4","pkg:apk/alpine/alpine-keys@2.4-r1?arch=x86_64\u0026distro=3.18.4","pkg:apk/alpine/apk-tools@2.14.0-r2?arch=x86_64\u0026distro=3.18.4","pkg:apk/alpine/busybox-binsh@1.36.1-r2?arch=x86_64\u0026distro=3.18.4","pkg:apk/alpine/busybox@1.36.1-r2?arch=x86_64\u0026distro=3.18.4","pkg:apk/alpine/ca-certificates-bundle@20230506-r0?arch=x86_64\u0026distro=3.18.4","pkg:apk/alpine/libc-utils@0.7.2-r5?arch=x86_64\u0026distro=3.18.4","pkg:apk/alpine/libcrypto3@3.1.3-r0?arch=x86_64\u0026distro=3.18.4","pkg:apk/alpine/libssl3@3.1.3-r0?arch=x86_64\u0026distro=3.18.4","pkg:apk/alpine/musl-utils@1.2.4-r1?arch=x86_64\u0026distro=3.18.4","pkg:apk/alpine/musl@1.2.4-r1?arch=x86_64\u0026distro=3.18.4","pkg:apk/alpine/scanelf@1.3.7-r1?arch=x86_64\u0026distro=3.18.4","pkg:apk/alpine/ssl_client@1.36.1-r2?arch=x86_64\u0026distro=3.18.4","pkg:apk/alpine/zlib@1.2.13-r1?arch=x86_64\u0026distro=3.18.4"]},{"ref":"pkg:apk/alpine/alpine-baselayout-data@3.4.3-r1?arch=x86_64\u0026distro=3.18.4","dependsOn":[]},{"ref":"pkg:apk/alpine/alpine-baselayout@3.4.3-r1?arch=x86_64\u0026distro=3.18.4","dependsOn":["pkg:apk/alpine/alpine-baselayout-data@3.4.3-r1?arch=x86_64\u0026distro=3.18.4","pkg:apk/alpine/busybox-binsh@1.36.1-r2?arch=x86_64\u0026distro=3.18.4"]},{"ref":"pkg:apk/alpine/alpine-keys@2.4-r1?arch=x86_64\u0026distro=3.18.4","dependsOn":[]},{"ref":"pkg:apk/alpine/apk-tools@2.14.0-r2?arch=x86_64\u0026distro=3.18.4","dependsOn":["pkg:apk/alpine/ca-certificates-bundle@20230506-r0?arch=x86_64\u0026distro=3.18.4","pkg:apk/alpine/libcrypto3@3.1.3-r0?arch=x86_64\u0026distro=3.18.4","pkg:apk/alpine/libssl3@3.1.3-r0?arch=x86_64\u0026distro=3.18.4","pkg:apk/alpine/musl@1.2.4-r1?arch=x86_64\u0026distro=3.18.4","pkg:apk/alpine/zlib@1.2.13-r1?arch=x86_64\u0026distro=3.18.4"]},{"ref":"pkg:apk/alpine/busybox-binsh@1.36.1-r2?arch=x86_64\u0026distro=3.18.4","dependsOn":["pkg:apk/alpine/busybox@1.36.1-r2?arch=x86_64\u0026distro=3.18.4"]},{"ref":"pkg:apk/alpine/busybox@1.36.1-r2?arch=x86_64\u0026distro=3.18.4","dependsOn":["pkg:apk/alpine/musl@1.2.4-r1?arch=x86_64\u0026distro=3.18.4"]},{"ref":"pkg:apk/alpine/ca-certificates-bundle@20230506-r0?arch=x86_64\u0026distro=3.18.4","dependsOn":[]},{"ref":"pkg:apk/alpine/libc-utils@0.7.2-r5?arch=x86_64\u0026distro=3.18.4","dependsOn":["pkg:apk/alpine/musl-utils@1.2.4-r1?arch=x86_64\u0026distro=3.18.4"]},{"ref":"pkg:apk/alpine/libcrypto3@3.1.3-r0?arch=x86_64\u0026distro=3.18.4","dependsOn":["pkg:apk/alpine/musl@1.2.4-r1?arch=x86_64\u0026distro=3.18.4"]},{"ref":"pkg:apk/alpine/libssl3@3.1.3-r0?arch=x86_64\u0026distro=3.18.4","dependsOn":["pkg:apk/alpine/libcrypto3@3.1.3-r0?arch=x86_64\u0026distro=3.18.4","pkg:apk/alpine/musl@1.2.4-r1?arch=x86_64\u0026distro=3.18.4"]},{"ref":"pkg:apk/alpine/musl-utils@1.2.4-r1?arch=x86_64\u0026distro=3.18.4","dependsOn":["pkg:apk/alpine/musl@1.2.4-r1?arch=x86_64\u0026distro=3.18.4","pkg:apk/alpine/scanelf@1.3.7-r1?arch=x86_64\u0026distro=3.18.4"]},{"ref":"pkg:apk/alpine/musl@1.2.4-r1?arch=x86_64\u0026distro=3.18.4","dependsOn":[]},{"ref":"pkg:apk/alpine/scanelf@1.3.7-r1?arch=x86_64\u0026distro=3.18.4","dependsOn":["pkg:apk/alpine/musl@1.2.4-r1?arch=x86_64\u0026distro=3.18.4"]},{"ref":"pkg:apk/alpine/ssl_client@1.36.1-r2?arch=x86_64\u0026distro=3.18.4","dependsOn":["pkg:apk/alpine/libcrypto3@3.1.3-r0?arch=x86_64\u0026distro=3.18.4","pkg:apk/alpine/libssl3@3.1.3-r0?arch=x86_64\u0026distro=3.18.4","pkg:apk/alpine/musl@1.2.4-r1?arch=x86_64\u0026distro=3.18.4"]},{"ref":"pkg:apk/alpine/zlib@1.2.13-r1?arch=x86_64\u0026distro=3.18.4","dependsOn":["pkg:apk/alpine/musl@1.2.4-r1?arch=x86_64\u0026distro=3.18.4"]},{"ref":"pkg:oci/alpine@sha256%3Aeece025e432126ce23f223450a0326fbebde39cdf496a85d8c016293fc851978?arch=amd64\u0026repository_url=index.docker.io%2Flibrary%2Falpine","dependsOn":["3329179b-b954-4543-87dc-4fd2e651bdec"]}]}`)}, + Data: map[string][]byte{"bom": []byte(`{"bomFormat":"CycloneDX","specVersion":"1.5","serialNumber":"urn:uuid:9ba1d0c6-b4e3-4bc0-b8f4-2d3d21c7cfc5","version":1,"metadata":{"timestamp":"2023-11-09T23:34:52+00:00","tools":{"components":[{"type":"application","name":"trivy","group":"aquasecurity","version":"0.51.2","supplier":{}}]},"component":{"bom-ref":"pkg:oci/alpine@sha256%3Aeece025e432126ce23f223450a0326fbebde39cdf496a85d8c016293fc851978?arch=amd64\u0026repository_url=index.docker.io%2Flibrary%2Falpine","type":"container","name":"alpine:3.18","purl":"pkg:oci/alpine@sha256%3Aeece025e432126ce23f223450a0326fbebde39cdf496a85d8c016293fc851978?arch=amd64\u0026repository_url=index.docker.io%2Flibrary%2Falpine","supplier":{},"properties":[{"name":"aquasecurity:trivy:DiffID","value":"sha256:cc2447e1835a40530975ab80bb1f872fbab0f2a0faecf2ab16fbbb89b3589438"},{"name":"aquasecurity:trivy:ImageID","value":"sha256:8ca4688f4f356596b5ae539337c9941abc78eda10021d35cbc52659c74d9b443"},{"name":"aquasecurity:trivy:RepoDigest","value":"alpine@sha256:eece025e432126ce23f223450a0326fbebde39cdf496a85d8c016293fc851978"},{"name":"aquasecurity:trivy:RepoTag","value":"alpine:3.18"},{"name":"aquasecurity:trivy:SchemaVersion","value":"2"}]}},"components":[{"bom-ref":"3329179b-b954-4543-87dc-4fd2e651bdec","type":"operating-system","name":"alpine","version":"3.18.4","supplier":{},"properties":[{"name":"aquasecurity:trivy:Class","value":"os-pkgs"},{"name":"aquasecurity:trivy:Type","value":"alpine"}]},{"bom-ref":"pkg:apk/alpine/alpine-baselayout-data@3.4.3-r1?arch=x86_64\u0026distro=3.18.4","type":"library","name":"alpine-baselayout-data","version":"3.4.3-r1","purl":"pkg:apk/alpine/alpine-baselayout-data@3.4.3-r1?arch=x86_64\u0026distro=3.18.4","supplier":{},"hashes":[{"alg":"SHA-1","content":"602007ee374ed96f35e9bf39b1487d67c6afe027"}],"licenses":[{"license":{"name":"GPL-2.0"}}],"properties":[{"name":"aquasecurity:trivy:LayerDiffID","value":"sha256:cc2447e1835a40530975ab80bb1f872fbab0f2a0faecf2ab16fbbb89b3589438"},{"name":"aquasecurity:trivy:LayerDigest","value":"sha256:96526aa774ef0126ad0fe9e9a95764c5fc37f409ab9e97021e7b4775d82bf6fa"},{"name":"aquasecurity:trivy:PkgID","value":"alpine-baselayout-data@3.4.3-r1"},{"name":"aquasecurity:trivy:PkgType","value":"alpine"},{"name":"aquasecurity:trivy:SrcName","value":"alpine-baselayout"},{"name":"aquasecurity:trivy:SrcVersion","value":"3.4.3-r1"}]},{"bom-ref":"pkg:apk/alpine/alpine-baselayout@3.4.3-r1?arch=x86_64\u0026distro=3.18.4","type":"library","name":"alpine-baselayout","version":"3.4.3-r1","purl":"pkg:apk/alpine/alpine-baselayout@3.4.3-r1?arch=x86_64\u0026distro=3.18.4","supplier":{},"hashes":[{"alg":"SHA-1","content":"cf0bca32762cd5be9974f4c127467b0f93f78f20"}],"licenses":[{"license":{"name":"GPL-2.0"}}],"properties":[{"name":"aquasecurity:trivy:LayerDiffID","value":"sha256:cc2447e1835a40530975ab80bb1f872fbab0f2a0faecf2ab16fbbb89b3589438"},{"name":"aquasecurity:trivy:LayerDigest","value":"sha256:96526aa774ef0126ad0fe9e9a95764c5fc37f409ab9e97021e7b4775d82bf6fa"},{"name":"aquasecurity:trivy:PkgID","value":"alpine-baselayout@3.4.3-r1"},{"name":"aquasecurity:trivy:PkgType","value":"alpine"},{"name":"aquasecurity:trivy:SrcName","value":"alpine-baselayout"},{"name":"aquasecurity:trivy:SrcVersion","value":"3.4.3-r1"}]},{"bom-ref":"pkg:apk/alpine/alpine-keys@2.4-r1?arch=x86_64\u0026distro=3.18.4","type":"library","name":"alpine-keys","version":"2.4-r1","purl":"pkg:apk/alpine/alpine-keys@2.4-r1?arch=x86_64\u0026distro=3.18.4","supplier":{},"hashes":[{"alg":"SHA-1","content":"ec3a3d5ef4c7a168d09516097bb3219ca77c1534"}],"licenses":[{"license":{"name":"MIT"}}],"properties":[{"name":"aquasecurity:trivy:LayerDiffID","value":"sha256:cc2447e1835a40530975ab80bb1f872fbab0f2a0faecf2ab16fbbb89b3589438"},{"name":"aquasecurity:trivy:LayerDigest","value":"sha256:96526aa774ef0126ad0fe9e9a95764c5fc37f409ab9e97021e7b4775d82bf6fa"},{"name":"aquasecurity:trivy:PkgID","value":"alpine-keys@2.4-r1"},{"name":"aquasecurity:trivy:PkgType","value":"alpine"},{"name":"aquasecurity:trivy:SrcName","value":"alpine-keys"},{"name":"aquasecurity:trivy:SrcVersion","value":"2.4-r1"}]},{"bom-ref":"pkg:apk/alpine/apk-tools@2.14.0-r2?arch=x86_64\u0026distro=3.18.4","type":"library","name":"apk-tools","version":"2.14.0-r2","purl":"pkg:apk/alpine/apk-tools@2.14.0-r2?arch=x86_64\u0026distro=3.18.4","supplier":{},"hashes":[{"alg":"SHA-1","content":"8cde25f239ebf691cd135a3954e5193c1ac2ae13"}],"licenses":[{"license":{"name":"GPL-2.0"}}],"properties":[{"name":"aquasecurity:trivy:LayerDiffID","value":"sha256:cc2447e1835a40530975ab80bb1f872fbab0f2a0faecf2ab16fbbb89b3589438"},{"name":"aquasecurity:trivy:LayerDigest","value":"sha256:96526aa774ef0126ad0fe9e9a95764c5fc37f409ab9e97021e7b4775d82bf6fa"},{"name":"aquasecurity:trivy:PkgID","value":"apk-tools@2.14.0-r2"},{"name":"aquasecurity:trivy:PkgType","value":"alpine"},{"name":"aquasecurity:trivy:SrcName","value":"apk-tools"},{"name":"aquasecurity:trivy:SrcVersion","value":"2.14.0-r2"}]},{"bom-ref":"pkg:apk/alpine/busybox-binsh@1.36.1-r2?arch=x86_64\u0026distro=3.18.4","type":"library","name":"busybox-binsh","version":"1.36.1-r2","purl":"pkg:apk/alpine/busybox-binsh@1.36.1-r2?arch=x86_64\u0026distro=3.18.4","supplier":{},"hashes":[{"alg":"SHA-1","content":"9e0f4ae337ae0115b922df25796870c68af47114"}],"licenses":[{"license":{"name":"GPL-2.0"}}],"properties":[{"name":"aquasecurity:trivy:LayerDiffID","value":"sha256:cc2447e1835a40530975ab80bb1f872fbab0f2a0faecf2ab16fbbb89b3589438"},{"name":"aquasecurity:trivy:LayerDigest","value":"sha256:96526aa774ef0126ad0fe9e9a95764c5fc37f409ab9e97021e7b4775d82bf6fa"},{"name":"aquasecurity:trivy:PkgID","value":"busybox-binsh@1.36.1-r2"},{"name":"aquasecurity:trivy:PkgType","value":"alpine"},{"name":"aquasecurity:trivy:SrcName","value":"busybox"},{"name":"aquasecurity:trivy:SrcVersion","value":"1.36.1-r2"}]},{"bom-ref":"pkg:apk/alpine/busybox@1.36.1-r2?arch=x86_64\u0026distro=3.18.4","type":"library","name":"busybox","version":"1.36.1-r2","purl":"pkg:apk/alpine/busybox@1.36.1-r2?arch=x86_64\u0026distro=3.18.4","supplier":{},"hashes":[{"alg":"SHA-1","content":"810fcbdd40674a382415610741a524503b9ba9d2"}],"licenses":[{"license":{"name":"GPL-2.0"}}],"properties":[{"name":"aquasecurity:trivy:LayerDiffID","value":"sha256:cc2447e1835a40530975ab80bb1f872fbab0f2a0faecf2ab16fbbb89b3589438"},{"name":"aquasecurity:trivy:LayerDigest","value":"sha256:96526aa774ef0126ad0fe9e9a95764c5fc37f409ab9e97021e7b4775d82bf6fa"},{"name":"aquasecurity:trivy:PkgID","value":"busybox@1.36.1-r2"},{"name":"aquasecurity:trivy:PkgType","value":"alpine"},{"name":"aquasecurity:trivy:SrcName","value":"busybox"},{"name":"aquasecurity:trivy:SrcVersion","value":"1.36.1-r2"}]},{"bom-ref":"pkg:apk/alpine/ca-certificates-bundle@20230506-r0?arch=x86_64\u0026distro=3.18.4","type":"library","name":"ca-certificates-bundle","version":"20230506-r0","purl":"pkg:apk/alpine/ca-certificates-bundle@20230506-r0?arch=x86_64\u0026distro=3.18.4","supplier":{},"hashes":[{"alg":"SHA-1","content":"47f485d08670a9eb21ebf10e70ae65dc43ab6c3d"}],"licenses":[{"license":{"name":"MPL-2.0"}},{"license":{"name":"MIT"}}],"properties":[{"name":"aquasecurity:trivy:LayerDiffID","value":"sha256:cc2447e1835a40530975ab80bb1f872fbab0f2a0faecf2ab16fbbb89b3589438"},{"name":"aquasecurity:trivy:LayerDigest","value":"sha256:96526aa774ef0126ad0fe9e9a95764c5fc37f409ab9e97021e7b4775d82bf6fa"},{"name":"aquasecurity:trivy:PkgID","value":"ca-certificates-bundle@20230506-r0"},{"name":"aquasecurity:trivy:PkgType","value":"alpine"},{"name":"aquasecurity:trivy:SrcName","value":"ca-certificates"},{"name":"aquasecurity:trivy:SrcVersion","value":"20230506-r0"}]},{"bom-ref":"pkg:apk/alpine/libc-utils@0.7.2-r5?arch=x86_64\u0026distro=3.18.4","type":"library","name":"libc-utils","version":"0.7.2-r5","purl":"pkg:apk/alpine/libc-utils@0.7.2-r5?arch=x86_64\u0026distro=3.18.4","supplier":{},"hashes":[{"alg":"SHA-1","content":"2e59dafeb8bca0786540846c686f121ae8348a42"}],"licenses":[{"license":{"name":"BSD-2-Clause"}},{"license":{"name":"BSD-3-Clause"}}],"properties":[{"name":"aquasecurity:trivy:LayerDiffID","value":"sha256:cc2447e1835a40530975ab80bb1f872fbab0f2a0faecf2ab16fbbb89b3589438"},{"name":"aquasecurity:trivy:LayerDigest","value":"sha256:96526aa774ef0126ad0fe9e9a95764c5fc37f409ab9e97021e7b4775d82bf6fa"},{"name":"aquasecurity:trivy:PkgID","value":"libc-utils@0.7.2-r5"},{"name":"aquasecurity:trivy:PkgType","value":"alpine"},{"name":"aquasecurity:trivy:SrcName","value":"libc-dev"},{"name":"aquasecurity:trivy:SrcVersion","value":"0.7.2-r5"}]},{"bom-ref":"pkg:apk/alpine/libcrypto3@3.1.3-r0?arch=x86_64\u0026distro=3.18.4","type":"library","name":"libcrypto3","version":"3.1.3-r0","purl":"pkg:apk/alpine/libcrypto3@3.1.3-r0?arch=x86_64\u0026distro=3.18.4","supplier":{},"hashes":[{"alg":"SHA-1","content":"fa12c7857510118cad0c71e2695361574e3ddd3b"}],"licenses":[{"license":{"name":"Apache-2.0"}}],"properties":[{"name":"aquasecurity:trivy:LayerDiffID","value":"sha256:cc2447e1835a40530975ab80bb1f872fbab0f2a0faecf2ab16fbbb89b3589438"},{"name":"aquasecurity:trivy:LayerDigest","value":"sha256:96526aa774ef0126ad0fe9e9a95764c5fc37f409ab9e97021e7b4775d82bf6fa"},{"name":"aquasecurity:trivy:PkgID","value":"libcrypto3@3.1.3-r0"},{"name":"aquasecurity:trivy:PkgType","value":"alpine"},{"name":"aquasecurity:trivy:SrcName","value":"openssl"},{"name":"aquasecurity:trivy:SrcVersion","value":"3.1.3-r0"}]},{"bom-ref":"pkg:apk/alpine/libssl3@3.1.3-r0?arch=x86_64\u0026distro=3.18.4","type":"library","name":"libssl3","version":"3.1.3-r0","purl":"pkg:apk/alpine/libssl3@3.1.3-r0?arch=x86_64\u0026distro=3.18.4","supplier":{},"hashes":[{"alg":"SHA-1","content":"ceb37221d0f02272791d42e583b952031bcb7957"}],"licenses":[{"license":{"name":"Apache-2.0"}}],"properties":[{"name":"aquasecurity:trivy:LayerDiffID","value":"sha256:cc2447e1835a40530975ab80bb1f872fbab0f2a0faecf2ab16fbbb89b3589438"},{"name":"aquasecurity:trivy:LayerDigest","value":"sha256:96526aa774ef0126ad0fe9e9a95764c5fc37f409ab9e97021e7b4775d82bf6fa"},{"name":"aquasecurity:trivy:PkgID","value":"libssl3@3.1.3-r0"},{"name":"aquasecurity:trivy:PkgType","value":"alpine"},{"name":"aquasecurity:trivy:SrcName","value":"openssl"},{"name":"aquasecurity:trivy:SrcVersion","value":"3.1.3-r0"}]},{"bom-ref":"pkg:apk/alpine/musl-utils@1.2.4-r1?arch=x86_64\u0026distro=3.18.4","type":"library","name":"musl-utils","version":"1.2.4-r1","purl":"pkg:apk/alpine/musl-utils@1.2.4-r1?arch=x86_64\u0026distro=3.18.4","supplier":{},"hashes":[{"alg":"SHA-1","content":"c78b141d78d68d4cd83f914fbc92f51d60632f53"}],"licenses":[{"license":{"name":"MIT"}},{"license":{"name":"BSD-2-Clause"}},{"license":{"name":"GPL-2.0"}}],"properties":[{"name":"aquasecurity:trivy:LayerDiffID","value":"sha256:cc2447e1835a40530975ab80bb1f872fbab0f2a0faecf2ab16fbbb89b3589438"},{"name":"aquasecurity:trivy:LayerDigest","value":"sha256:96526aa774ef0126ad0fe9e9a95764c5fc37f409ab9e97021e7b4775d82bf6fa"},{"name":"aquasecurity:trivy:PkgID","value":"musl-utils@1.2.4-r1"},{"name":"aquasecurity:trivy:PkgType","value":"alpine"},{"name":"aquasecurity:trivy:SrcName","value":"musl"},{"name":"aquasecurity:trivy:SrcVersion","value":"1.2.4-r1"}]},{"bom-ref":"pkg:apk/alpine/musl@1.2.4-r1?arch=x86_64\u0026distro=3.18.4","type":"library","name":"musl","version":"1.2.4-r1","purl":"pkg:apk/alpine/musl@1.2.4-r1?arch=x86_64\u0026distro=3.18.4","supplier":{},"hashes":[{"alg":"SHA-1","content":"daa1cb11a76eed0a41bb3f241c1e440c5de6281e"}],"licenses":[{"license":{"name":"MIT"}}],"properties":[{"name":"aquasecurity:trivy:LayerDiffID","value":"sha256:cc2447e1835a40530975ab80bb1f872fbab0f2a0faecf2ab16fbbb89b3589438"},{"name":"aquasecurity:trivy:LayerDigest","value":"sha256:96526aa774ef0126ad0fe9e9a95764c5fc37f409ab9e97021e7b4775d82bf6fa"},{"name":"aquasecurity:trivy:PkgID","value":"musl@1.2.4-r1"},{"name":"aquasecurity:trivy:PkgType","value":"alpine"},{"name":"aquasecurity:trivy:SrcName","value":"musl"},{"name":"aquasecurity:trivy:SrcVersion","value":"1.2.4-r1"}]},{"bom-ref":"pkg:apk/alpine/scanelf@1.3.7-r1?arch=x86_64\u0026distro=3.18.4","type":"library","name":"scanelf","version":"1.3.7-r1","purl":"pkg:apk/alpine/scanelf@1.3.7-r1?arch=x86_64\u0026distro=3.18.4","supplier":{},"hashes":[{"alg":"SHA-1","content":"e27abda38faea3635a2db4d50d007751ea280b43"}],"licenses":[{"license":{"name":"GPL-2.0"}}],"properties":[{"name":"aquasecurity:trivy:LayerDiffID","value":"sha256:cc2447e1835a40530975ab80bb1f872fbab0f2a0faecf2ab16fbbb89b3589438"},{"name":"aquasecurity:trivy:LayerDigest","value":"sha256:96526aa774ef0126ad0fe9e9a95764c5fc37f409ab9e97021e7b4775d82bf6fa"},{"name":"aquasecurity:trivy:PkgID","value":"scanelf@1.3.7-r1"},{"name":"aquasecurity:trivy:PkgType","value":"alpine"},{"name":"aquasecurity:trivy:SrcName","value":"pax-utils"},{"name":"aquasecurity:trivy:SrcVersion","value":"1.3.7-r1"}]},{"bom-ref":"pkg:apk/alpine/ssl_client@1.36.1-r2?arch=x86_64\u0026distro=3.18.4","type":"library","name":"ssl_client","version":"1.36.1-r2","purl":"pkg:apk/alpine/ssl_client@1.36.1-r2?arch=x86_64\u0026distro=3.18.4","supplier":{},"hashes":[{"alg":"SHA-1","content":"8fa2c75a96af9a716da588f34241fb6a948854e7"}],"licenses":[{"license":{"name":"GPL-2.0"}}],"properties":[{"name":"aquasecurity:trivy:LayerDiffID","value":"sha256:cc2447e1835a40530975ab80bb1f872fbab0f2a0faecf2ab16fbbb89b3589438"},{"name":"aquasecurity:trivy:LayerDigest","value":"sha256:96526aa774ef0126ad0fe9e9a95764c5fc37f409ab9e97021e7b4775d82bf6fa"},{"name":"aquasecurity:trivy:PkgID","value":"ssl_client@1.36.1-r2"},{"name":"aquasecurity:trivy:PkgType","value":"alpine"},{"name":"aquasecurity:trivy:SrcName","value":"busybox"},{"name":"aquasecurity:trivy:SrcVersion","value":"1.36.1-r2"}]},{"bom-ref":"pkg:apk/alpine/zlib@1.2.13-r1?arch=x86_64\u0026distro=3.18.4","type":"library","name":"zlib","version":"1.2.13-r1","purl":"pkg:apk/alpine/zlib@1.2.13-r1?arch=x86_64\u0026distro=3.18.4","supplier":{},"hashes":[{"alg":"SHA-1","content":"2656e848992b378aa40dca24af8cde9e97161174"}],"licenses":[{"license":{"name":"Zlib"}}],"properties":[{"name":"aquasecurity:trivy:LayerDiffID","value":"sha256:cc2447e1835a40530975ab80bb1f872fbab0f2a0faecf2ab16fbbb89b3589438"},{"name":"aquasecurity:trivy:LayerDigest","value":"sha256:96526aa774ef0126ad0fe9e9a95764c5fc37f409ab9e97021e7b4775d82bf6fa"},{"name":"aquasecurity:trivy:PkgID","value":"zlib@1.2.13-r1"},{"name":"aquasecurity:trivy:PkgType","value":"alpine"},{"name":"aquasecurity:trivy:SrcName","value":"zlib"},{"name":"aquasecurity:trivy:SrcVersion","value":"1.2.13-r1"}]}],"dependencies":[{"ref":"3329179b-b954-4543-87dc-4fd2e651bdec","dependsOn":["pkg:apk/alpine/alpine-baselayout-data@3.4.3-r1?arch=x86_64\u0026distro=3.18.4","pkg:apk/alpine/alpine-baselayout@3.4.3-r1?arch=x86_64\u0026distro=3.18.4","pkg:apk/alpine/alpine-keys@2.4-r1?arch=x86_64\u0026distro=3.18.4","pkg:apk/alpine/apk-tools@2.14.0-r2?arch=x86_64\u0026distro=3.18.4","pkg:apk/alpine/busybox-binsh@1.36.1-r2?arch=x86_64\u0026distro=3.18.4","pkg:apk/alpine/busybox@1.36.1-r2?arch=x86_64\u0026distro=3.18.4","pkg:apk/alpine/ca-certificates-bundle@20230506-r0?arch=x86_64\u0026distro=3.18.4","pkg:apk/alpine/libc-utils@0.7.2-r5?arch=x86_64\u0026distro=3.18.4","pkg:apk/alpine/libcrypto3@3.1.3-r0?arch=x86_64\u0026distro=3.18.4","pkg:apk/alpine/libssl3@3.1.3-r0?arch=x86_64\u0026distro=3.18.4","pkg:apk/alpine/musl-utils@1.2.4-r1?arch=x86_64\u0026distro=3.18.4","pkg:apk/alpine/musl@1.2.4-r1?arch=x86_64\u0026distro=3.18.4","pkg:apk/alpine/scanelf@1.3.7-r1?arch=x86_64\u0026distro=3.18.4","pkg:apk/alpine/ssl_client@1.36.1-r2?arch=x86_64\u0026distro=3.18.4","pkg:apk/alpine/zlib@1.2.13-r1?arch=x86_64\u0026distro=3.18.4"]},{"ref":"pkg:apk/alpine/alpine-baselayout-data@3.4.3-r1?arch=x86_64\u0026distro=3.18.4","dependsOn":[]},{"ref":"pkg:apk/alpine/alpine-baselayout@3.4.3-r1?arch=x86_64\u0026distro=3.18.4","dependsOn":["pkg:apk/alpine/alpine-baselayout-data@3.4.3-r1?arch=x86_64\u0026distro=3.18.4","pkg:apk/alpine/busybox-binsh@1.36.1-r2?arch=x86_64\u0026distro=3.18.4"]},{"ref":"pkg:apk/alpine/alpine-keys@2.4-r1?arch=x86_64\u0026distro=3.18.4","dependsOn":[]},{"ref":"pkg:apk/alpine/apk-tools@2.14.0-r2?arch=x86_64\u0026distro=3.18.4","dependsOn":["pkg:apk/alpine/ca-certificates-bundle@20230506-r0?arch=x86_64\u0026distro=3.18.4","pkg:apk/alpine/libcrypto3@3.1.3-r0?arch=x86_64\u0026distro=3.18.4","pkg:apk/alpine/libssl3@3.1.3-r0?arch=x86_64\u0026distro=3.18.4","pkg:apk/alpine/musl@1.2.4-r1?arch=x86_64\u0026distro=3.18.4","pkg:apk/alpine/zlib@1.2.13-r1?arch=x86_64\u0026distro=3.18.4"]},{"ref":"pkg:apk/alpine/busybox-binsh@1.36.1-r2?arch=x86_64\u0026distro=3.18.4","dependsOn":["pkg:apk/alpine/busybox@1.36.1-r2?arch=x86_64\u0026distro=3.18.4"]},{"ref":"pkg:apk/alpine/busybox@1.36.1-r2?arch=x86_64\u0026distro=3.18.4","dependsOn":["pkg:apk/alpine/musl@1.2.4-r1?arch=x86_64\u0026distro=3.18.4"]},{"ref":"pkg:apk/alpine/ca-certificates-bundle@20230506-r0?arch=x86_64\u0026distro=3.18.4","dependsOn":[]},{"ref":"pkg:apk/alpine/libc-utils@0.7.2-r5?arch=x86_64\u0026distro=3.18.4","dependsOn":["pkg:apk/alpine/musl-utils@1.2.4-r1?arch=x86_64\u0026distro=3.18.4"]},{"ref":"pkg:apk/alpine/libcrypto3@3.1.3-r0?arch=x86_64\u0026distro=3.18.4","dependsOn":["pkg:apk/alpine/musl@1.2.4-r1?arch=x86_64\u0026distro=3.18.4"]},{"ref":"pkg:apk/alpine/libssl3@3.1.3-r0?arch=x86_64\u0026distro=3.18.4","dependsOn":["pkg:apk/alpine/libcrypto3@3.1.3-r0?arch=x86_64\u0026distro=3.18.4","pkg:apk/alpine/musl@1.2.4-r1?arch=x86_64\u0026distro=3.18.4"]},{"ref":"pkg:apk/alpine/musl-utils@1.2.4-r1?arch=x86_64\u0026distro=3.18.4","dependsOn":["pkg:apk/alpine/musl@1.2.4-r1?arch=x86_64\u0026distro=3.18.4","pkg:apk/alpine/scanelf@1.3.7-r1?arch=x86_64\u0026distro=3.18.4"]},{"ref":"pkg:apk/alpine/musl@1.2.4-r1?arch=x86_64\u0026distro=3.18.4","dependsOn":[]},{"ref":"pkg:apk/alpine/scanelf@1.3.7-r1?arch=x86_64\u0026distro=3.18.4","dependsOn":["pkg:apk/alpine/musl@1.2.4-r1?arch=x86_64\u0026distro=3.18.4"]},{"ref":"pkg:apk/alpine/ssl_client@1.36.1-r2?arch=x86_64\u0026distro=3.18.4","dependsOn":["pkg:apk/alpine/libcrypto3@3.1.3-r0?arch=x86_64\u0026distro=3.18.4","pkg:apk/alpine/libssl3@3.1.3-r0?arch=x86_64\u0026distro=3.18.4","pkg:apk/alpine/musl@1.2.4-r1?arch=x86_64\u0026distro=3.18.4"]},{"ref":"pkg:apk/alpine/zlib@1.2.13-r1?arch=x86_64\u0026distro=3.18.4","dependsOn":["pkg:apk/alpine/musl@1.2.4-r1?arch=x86_64\u0026distro=3.18.4"]},{"ref":"pkg:oci/alpine@sha256%3Aeece025e432126ce23f223450a0326fbebde39cdf496a85d8c016293fc851978?arch=amd64\u0026repository_url=index.docker.io%2Flibrary%2Falpine","dependsOn":["3329179b-b954-4543-87dc-4fd2e651bdec"]}]}`)}, }, err: nil, }, diff --git a/pkg/plugins/trivy/plugin.go b/pkg/plugins/trivy/plugin.go index 90c446e0e..809043014 100644 --- a/pkg/plugins/trivy/plugin.go +++ b/pkg/plugins/trivy/plugin.go @@ -81,7 +81,7 @@ func (p *plugin) Init(ctx trivyoperator.PluginContext) error { return ctx.EnsureConfig(trivyoperator.PluginConfig{ Data: map[string]string{ keyTrivyImageRepository: DefaultImageRepository, - keyTrivyImageTag: "0.51.1", + keyTrivyImageTag: "0.51.2", KeyTrivySeverity: DefaultSeverity, keyTrivySlow: "true", keyTrivyMode: string(Standalone), diff --git a/pkg/plugins/trivy/testdata/fixture/alpine_sbom.json b/pkg/plugins/trivy/testdata/fixture/alpine_sbom.json index 7da13d240..b3a8c396b 100644 --- a/pkg/plugins/trivy/testdata/fixture/alpine_sbom.json +++ b/pkg/plugins/trivy/testdata/fixture/alpine_sbom.json @@ -12,7 +12,7 @@ "type": "application", "group": "aquasecurity", "name": "trivy", - "version": "0.51.1" + "version": "0.51.2" } ] }, diff --git a/pkg/vulnerabilityreport/controller/testdata/sbom.json b/pkg/vulnerabilityreport/controller/testdata/sbom.json index c8a4317b7..d45ae8961 100644 --- a/pkg/vulnerabilityreport/controller/testdata/sbom.json +++ b/pkg/vulnerabilityreport/controller/testdata/sbom.json @@ -246,7 +246,7 @@ "scanner": { "name": "Trivy", "vendor": "Aqua Security", - "version": "0.51.1" + "version": "0.51.2" }, "summary": { "componentsCount": 5, diff --git a/tests/e2e/sbom-client-server/workload/00-sbom-pod.yaml b/tests/e2e/sbom-client-server/workload/00-sbom-pod.yaml index 1faf4eac8..606e2606e 100644 --- a/tests/e2e/sbom-client-server/workload/00-sbom-pod.yaml +++ b/tests/e2e/sbom-client-server/workload/00-sbom-pod.yaml @@ -3526,7 +3526,7 @@ report: scanner: name: Trivy vendor: Aqua Security - version: 0.51.1 + version: 0.51.2 summary: componentsCount: 110 dependenciesCount: 110 diff --git a/tests/e2e/sbom-fs/workload/00-sbom-pod.yaml b/tests/e2e/sbom-fs/workload/00-sbom-pod.yaml index 1faf4eac8..606e2606e 100644 --- a/tests/e2e/sbom-fs/workload/00-sbom-pod.yaml +++ b/tests/e2e/sbom-fs/workload/00-sbom-pod.yaml @@ -3526,7 +3526,7 @@ report: scanner: name: Trivy vendor: Aqua Security - version: 0.51.1 + version: 0.51.2 summary: componentsCount: 110 dependenciesCount: 110 diff --git a/tests/e2e/sbom-standalone/workload/00-sbom-pod.yaml b/tests/e2e/sbom-standalone/workload/00-sbom-pod.yaml index 1faf4eac8..606e2606e 100644 --- a/tests/e2e/sbom-standalone/workload/00-sbom-pod.yaml +++ b/tests/e2e/sbom-standalone/workload/00-sbom-pod.yaml @@ -3526,7 +3526,7 @@ report: scanner: name: Trivy vendor: Aqua Security - version: 0.51.1 + version: 0.51.2 summary: componentsCount: 110 dependenciesCount: 110