chore(deps): bump github.com/aquasecurity/trivy-policies from 0.8.0 to 0.9.0 #96

dependabot · 2024-02-12T12:55:17Z

Bumps github.com/aquasecurity/trivy-policies from 0.8.0 to 0.9.0.

Release notes

Sourced from github.com/aquasecurity/trivy-policies's releases.

v0.9.0

What's Changed

feat(aws): improve wildcard checking in policies by @nikpivkin in aquasecurity/trivy-policies#61

fix: Makefile: rules/ moved to checks/ by @candrews in aquasecurity/trivy-policies#59

fix: remove test-rego from Makefile by @candrews in aquasecurity/trivy-policies#58

chore(deps): bump github.com/aquasecurity/defsec from 0.93.2-0.20240112041815-f53aebc35cb9 to 0.94.1 by @dependabot in aquasecurity/trivy-policies#63

chore(deps): bump github.com/docker/docker from 24.0.7+incompatible to 25.0.0+incompatible by @dependabot in aquasecurity/trivy-policies#64

fix: add system authenticate bind protection policy by @chen-keinan in aquasecurity/trivy-policies#65

chore: add a command to run OPA with custom functions by @nikpivkin in aquasecurity/trivy-policies#69

fix(checks): handle file: and multi: in AVD-DS-005 by @candrews in aquasecurity/trivy-policies#60

fix(checks): handle file: and multi: in AVD-DS-0011 by @candrews in aquasecurity/trivy-policies#56

fix(checks): check the Seccomp of the controllers by @nikpivkin in aquasecurity/trivy-policies#71

fix: change system authenticate bind severity to low by @chen-keinan in aquasecurity/trivy-policies#74

feat(checks): Add check to detect Leaky Vessels exploit by @simar7 in aquasecurity/trivy-policies#72

chore: restore the OPA installation by @nikpivkin in aquasecurity/trivy-policies#73

chore(deps): bump github.com/docker/docker from 25.0.0+incompatible to 25.0.2+incompatible by @dependabot in aquasecurity/trivy-policies#68

New Contributors

@candrews made their first contribution in aquasecurity/trivy-policies#59

@chen-keinan made their first contribution in aquasecurity/trivy-policies#65

Full Changelog: aquasecurity/trivy-checks@v0.8.0...v0.9.0

Commits

c487b82 Merge pull request #68 from aquasecurity/dependabot/go_modules/github.com/doc...
ba100fa Merge pull request #73 from nikpivkin/opa-fmt
c72dfed Merge pull request #72 from aquasecurity/leaky-vessels
353bb87 Merge pull request #74 from chen-keinan/fix/change-system-authenticate-bind-s...
861f52a improve matching logic for partial match
7e41335 fix: change system authenticate bind severity to low
734bf86 chore: restore the OPA installation
c34404c Merge pull request #71 from nikpivkin/checks-ksv104
c962cb7 feat(checks): Add check to detect Leaky Vessels exploit
38c3895 Merge pull request #56 from candrews/patch-1
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [github.com/aquasecurity/trivy-policies](https://github.com/aquasecurity/trivy-policies) from 0.8.0 to 0.9.0. - [Release notes](https://github.com/aquasecurity/trivy-policies/releases) - [Commits](aquasecurity/trivy-checks@v0.8.0...v0.9.0) --- updated-dependencies: - dependency-name: github.com/aquasecurity/trivy-policies dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>

dependabot · 2024-03-04T12:43:33Z

Superseded by #103.

dependabot bot requested a review from simar7 as a code owner February 12, 2024 12:55

dependabot bot added dependencies Pull requests that update a dependency file go Pull requests that update Go code labels Feb 12, 2024

dependabot bot closed this Mar 4, 2024

dependabot bot deleted the dependabot/go_modules/github.com/aquasecurity/trivy-policies-0.9.0 branch March 4, 2024 12:43

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore(deps): bump github.com/aquasecurity/trivy-policies from 0.8.0 to 0.9.0 #96

chore(deps): bump github.com/aquasecurity/trivy-policies from 0.8.0 to 0.9.0 #96

dependabot bot commented on behalf of github Feb 12, 2024

dependabot bot commented on behalf of github Mar 4, 2024

chore(deps): bump github.com/aquasecurity/trivy-policies from 0.8.0 to 0.9.0 #96

chore(deps): bump github.com/aquasecurity/trivy-policies from 0.8.0 to 0.9.0 #96

Conversation

dependabot bot commented on behalf of github Feb 12, 2024

v0.9.0

What's Changed

New Contributors

dependabot bot commented on behalf of github Mar 4, 2024