Skip to content

Commit d79cf40

Browse files
dependabot[bot]dependabot[bot]
authored
chore(deps): bump the trivy group with 2 updates (#2257)
Bumps the trivy group with 2 updates: [github.com/aquasecurity/trivy](https://github.com/aquasecurity/trivy) and [github.com/aquasecurity/trivy-db](https://github.com/aquasecurity/trivy-db). Updates `github.com/aquasecurity/trivy` from 0.63.0 to 0.64.0 - [Release notes](https://github.com/aquasecurity/trivy/releases) - [Changelog](https://github.com/aquasecurity/trivy/blob/main/CHANGELOG.md) - [Commits](aquasecurity/trivy@v0.63.0...v0.64.0) Updates `github.com/aquasecurity/trivy-db` from 0.0.0-20250529093513-a12dfc204b6e to 0.0.0-20250627124416-ca81c496a932 - [Release notes](https://github.com/aquasecurity/trivy-db/releases) - [Commits](https://github.com/aquasecurity/trivy-db/commits) --- updated-dependencies: - dependency-name: github.com/aquasecurity/trivy dependency-version: 0.64.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: trivy - dependency-name: github.com/aquasecurity/trivy-db dependency-version: 0.0.0-20250627124416-ca81c496a932 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: trivy ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
1 parent 7178e0f commit d79cf40

File tree

2 files changed

+116
-159
lines changed

2 files changed

+116
-159
lines changed

go.mod

Lines changed: 23 additions & 29 deletions
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,6 @@
11
module github.com/future-architect/vuls
22

3-
go 1.24.2
3+
go 1.24.4
44

55
require (
66
github.com/3th1nk/cidr v0.2.0
@@ -10,8 +10,8 @@ require (
1010
github.com/MaineK00n/vuls-data-update v0.0.0-20250612091020-1510dae2b184
1111
github.com/MaineK00n/vuls2 v0.0.1-alpha.0.20250523010213-9b211cf92398
1212
github.com/Ullaakut/nmap/v2 v2.2.2
13-
github.com/aquasecurity/trivy v0.63.0
14-
github.com/aquasecurity/trivy-db v0.0.0-20250529093513-a12dfc204b6e
13+
github.com/aquasecurity/trivy v0.64.0
14+
github.com/aquasecurity/trivy-db v0.0.0-20250627124416-ca81c496a932
1515
github.com/aquasecurity/trivy-java-db v0.0.0-20240109071736-184bd7481d48
1616
github.com/asaskevich/govalidator v0.0.0-20230301143203-a9d515a09cc2
1717
github.com/aws/aws-sdk-go-v2 v1.36.5
@@ -76,12 +76,11 @@ require (
7676
cloud.google.com/go/storage v1.50.0 // indirect
7777
dario.cat/mergo v1.0.1 // indirect
7878
filippo.io/edwards25519 v1.1.0 // indirect
79-
github.com/AdaLogics/go-fuzz-headers v0.0.0-20240806141605-e8a1dd7889d6 // indirect
8079
github.com/Azure/azure-sdk-for-go v68.0.0+incompatible // indirect
8180
github.com/Azure/azure-sdk-for-go/sdk/azcore v1.18.0 // indirect
82-
github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.10.0 // indirect
81+
github.com/Azure/azure-sdk-for-go/sdk/azidentity v1.10.1 // indirect
8382
github.com/Azure/azure-sdk-for-go/sdk/internal v1.11.1 // indirect
84-
github.com/Azure/go-ansiterm v0.0.0-20230124172434-306776ec8161 // indirect
83+
github.com/Azure/go-ansiterm v0.0.0-20250102033503-faa5f7b0171c // indirect
8584
github.com/Azure/go-autorest v14.2.0+incompatible // indirect
8685
github.com/Azure/go-autorest/autorest v0.11.29 // indirect
8786
github.com/Azure/go-autorest/autorest/adal v0.9.23 // indirect
@@ -115,15 +114,15 @@ require (
115114
github.com/aquasecurity/go-version v0.0.1 // indirect
116115
github.com/aquasecurity/iamgo v0.0.10 // indirect
117116
github.com/aquasecurity/jfather v0.0.8 // indirect
118-
github.com/aquasecurity/trivy-checks v1.11.2-0.20250529074512-7afea1b738c4 // indirect
117+
github.com/aquasecurity/trivy-checks v1.11.3-0.20250604022615-9a7efa7c9169 // indirect
119118
github.com/aws/aws-sdk-go v1.55.7 // indirect
120119
github.com/aws/aws-sdk-go-v2/aws/protocol/eventstream v1.6.11 // indirect
121120
github.com/aws/aws-sdk-go-v2/feature/ec2/imds v1.16.32 // indirect
122121
github.com/aws/aws-sdk-go-v2/internal/configsources v1.3.36 // indirect
123122
github.com/aws/aws-sdk-go-v2/internal/endpoints/v2 v2.6.36 // indirect
124123
github.com/aws/aws-sdk-go-v2/internal/ini v1.8.3 // indirect
125124
github.com/aws/aws-sdk-go-v2/internal/v4a v1.3.36 // indirect
126-
github.com/aws/aws-sdk-go-v2/service/ecr v1.44.0 // indirect
125+
github.com/aws/aws-sdk-go-v2/service/ecr v1.45.1 // indirect
127126
github.com/aws/aws-sdk-go-v2/service/internal/accept-encoding v1.12.4 // indirect
128127
github.com/aws/aws-sdk-go-v2/service/internal/checksum v1.7.4 // indirect
129128
github.com/aws/aws-sdk-go-v2/service/internal/presigned-url v1.12.17 // indirect
@@ -152,21 +151,17 @@ require (
152151
github.com/cyphar/filepath-securejoin v0.4.1 // indirect
153152
github.com/davecgh/go-spew v1.1.2-0.20180830191138-d8f796af33cc // indirect
154153
github.com/dgryski/go-rendezvous v0.0.0-20200823014737-9f7001d12a5f // indirect
155-
github.com/distribution/reference v0.6.0 // indirect
156154
github.com/dlclark/regexp2 v1.4.0 // indirect
157155
github.com/docker/cli v28.2.2+incompatible // indirect
158156
github.com/docker/distribution v2.8.3+incompatible // indirect
159-
github.com/docker/docker v28.2.2+incompatible // indirect
160157
github.com/docker/docker-credential-helpers v0.9.3 // indirect
161-
github.com/docker/go-connections v0.5.0 // indirect
162-
github.com/docker/go-metrics v0.0.1 // indirect
163158
github.com/docker/go-units v0.5.0 // indirect
164159
github.com/dustin/go-humanize v1.0.1 // indirect
165160
github.com/emicklei/go-restful/v3 v3.11.0 // indirect
166161
github.com/emirpasic/gods v1.18.1 // indirect
167162
github.com/envoyproxy/go-control-plane/envoy v1.32.4 // indirect
168163
github.com/envoyproxy/protoc-gen-validate v1.2.1 // indirect
169-
github.com/evanphx/json-patch v5.9.0+incompatible // indirect
164+
github.com/evanphx/json-patch v5.9.11+incompatible // indirect
170165
github.com/exponent-io/jsonpath v0.0.0-20210407135951-1de76d718b3f // indirect
171166
github.com/fatih/color v1.18.0 // indirect
172167
github.com/felixge/httpsnoop v1.0.4 // indirect
@@ -258,11 +253,10 @@ require (
258253
github.com/mitchellh/hashstructure/v2 v2.0.2 // indirect
259254
github.com/mitchellh/mapstructure v1.5.0 // indirect
260255
github.com/mitchellh/reflectwalk v1.0.2 // indirect
261-
github.com/moby/buildkit v0.21.1 // indirect
256+
github.com/moby/buildkit v0.23.1 // indirect
262257
github.com/moby/docker-image-spec v1.3.1 // indirect
263-
github.com/moby/locker v1.0.1 // indirect
264258
github.com/moby/spdystream v0.5.0 // indirect
265-
github.com/moby/term v0.5.0 // indirect
259+
github.com/moby/term v0.5.2 // indirect
266260
github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd // indirect
267261
github.com/modern-go/reflect2 v1.0.2 // indirect
268262
github.com/monochromegane/go-gitignore v0.0.0-20200626010858-205db1a8cc00 // indirect
@@ -271,10 +265,10 @@ require (
271265
github.com/mxk/go-flowrate v0.0.0-20140419014527-cca7078d478f // indirect
272266
github.com/ncruces/go-strftime v0.1.9 // indirect
273267
github.com/nsf/termbox-go v1.1.1 // indirect
274-
github.com/oklog/ulid/v2 v2.1.0 // indirect
268+
github.com/oklog/ulid/v2 v2.1.1 // indirect
275269
github.com/olekukonko/errors v0.0.0-20250405072817-4e6d85265da6 // indirect
276270
github.com/olekukonko/ll v0.0.8 // indirect
277-
github.com/open-policy-agent/opa v1.4.2 // indirect
271+
github.com/open-policy-agent/opa v1.5.1 // indirect
278272
github.com/opencontainers/go-digest v1.0.0 // indirect
279273
github.com/opencontainers/image-spec v1.1.1 // indirect
280274
github.com/owenrumney/squealer v1.2.11 // indirect
@@ -286,18 +280,18 @@ require (
286280
github.com/planetscale/vtprotobuf v0.6.1-0.20240319094008-0393e58bdf10 // indirect
287281
github.com/pmezard/go-difflib v1.0.1-0.20181226105442-5d4384ee4fb2 // indirect
288282
github.com/prometheus/client_golang v1.22.0 // indirect
289-
github.com/prometheus/client_model v0.6.1 // indirect
283+
github.com/prometheus/client_model v0.6.2 // indirect
290284
github.com/prometheus/common v0.62.0 // indirect
291285
github.com/prometheus/procfs v0.15.1 // indirect
292286
github.com/rcrowley/go-metrics v0.0.0-20201227073835-cf1acfcdf475 // indirect
293287
github.com/redis/rueidis v1.0.60 // indirect
294288
github.com/remyoudompheng/bigfft v0.0.0-20230129092748-24d4a6f8daec // indirect
295289
github.com/rivo/uniseg v0.4.7 // indirect
296-
github.com/rubenv/sql-migrate v1.7.1 // indirect
290+
github.com/rubenv/sql-migrate v1.8.0 // indirect
297291
github.com/russross/blackfriday/v2 v2.1.0 // indirect
298292
github.com/rust-secure-code/go-rustaudit v0.0.0-20250226111315-e20ec32e963c // indirect
299293
github.com/sagikazarmark/locafero v0.9.0 // indirect
300-
github.com/samber/oops v1.16.1 // indirect
294+
github.com/samber/oops v1.18.1 // indirect
301295
github.com/schollz/progressbar/v3 v3.18.0 // indirect
302296
github.com/sergi/go-diff v1.3.2-0.20230802210424-5b0b94c5c0d3 // indirect
303297
github.com/shopspring/decimal v1.4.0 // indirect
@@ -313,10 +307,11 @@ require (
313307
github.com/stretchr/testify v1.10.0 // indirect
314308
github.com/subosito/gotenv v1.6.0 // indirect
315309
github.com/tchap/go-patricia/v2 v2.3.2 // indirect
316-
github.com/tonistiigi/go-csvvalue v0.0.0-20240710180619-ddb21b71c0b4 // indirect
310+
github.com/tonistiigi/go-csvvalue v0.0.0-20240814133006-030d3b2625d0 // indirect
317311
github.com/twitchtv/twirp v8.1.3+incompatible // indirect
318312
github.com/ulikunitz/xz v0.5.12 // indirect
319313
github.com/vbatts/tar-split v0.12.1 // indirect
314+
github.com/vektah/gqlparser/v2 v2.5.26 // indirect
320315
github.com/vmihailenco/msgpack/v5 v5.4.1 // indirect
321316
github.com/vmihailenco/tagparser/v2 v2.0.0 // indirect
322317
github.com/x448/float16 v0.8.4 // indirect
@@ -351,7 +346,7 @@ require (
351346
google.golang.org/genproto v0.0.0-20250303144028-a0af3efb3deb // indirect
352347
google.golang.org/genproto/googleapis/api v0.0.0-20250303144028-a0af3efb3deb // indirect
353348
google.golang.org/genproto/googleapis/rpc v0.0.0-20250313205543-e70fdf4c4cb4 // indirect
354-
google.golang.org/grpc v1.72.0 // indirect
349+
google.golang.org/grpc v1.72.2 // indirect
355350
google.golang.org/protobuf v1.36.6 // indirect
356351
gopkg.in/evanphx/json-patch.v4 v4.12.0 // indirect
357352
gopkg.in/inf.v0 v0.9.1 // indirect
@@ -361,11 +356,11 @@ require (
361356
gorm.io/driver/postgres v1.6.0 // indirect
362357
gorm.io/gorm v1.30.0 // indirect
363358
gotest.tools/v3 v3.5.0 // indirect
364-
helm.sh/helm/v3 v3.17.3 // indirect
365-
k8s.io/api v0.33.1 // indirect
366-
k8s.io/apiextensions-apiserver v0.32.2 // indirect
367-
k8s.io/apimachinery v0.33.1 // indirect
368-
k8s.io/apiserver v0.32.3 // indirect
359+
helm.sh/helm/v3 v3.18.3 // indirect
360+
k8s.io/api v0.33.2 // indirect
361+
k8s.io/apiextensions-apiserver v0.33.1 // indirect
362+
k8s.io/apimachinery v0.33.2 // indirect
363+
k8s.io/apiserver v0.33.1 // indirect
369364
k8s.io/cli-runtime v0.33.1 // indirect
370365
k8s.io/client-go v0.33.1 // indirect
371366
k8s.io/component-base v0.33.1 // indirect
@@ -378,7 +373,6 @@ require (
378373
modernc.org/memory v1.11.0 // indirect
379374
modernc.org/sqlite v1.38.0 // indirect
380375
mvdan.cc/sh/v3 v3.11.0 // indirect
381-
oras.land/oras-go v1.2.5 // indirect
382376
oras.land/oras-go/v2 v2.6.0 // indirect
383377
sigs.k8s.io/json v0.0.0-20241010143419-9aa6b5e7a4b3 // indirect
384378
sigs.k8s.io/kustomize/api v0.19.0 // indirect

0 commit comments

Comments
 (0)