Skip to content

Bump Trivy to 0.69.2 Zed#2190

Merged
priteau merged 1 commit intostackhpc/zedfrom
bump-trivy-zed
Mar 2, 2026
Merged

Bump Trivy to 0.69.2 Zed#2190
priteau merged 1 commit intostackhpc/zedfrom
bump-trivy-zed

Conversation

@seunghun1ee
Copy link
Member

@seunghun1ee seunghun1ee commented Mar 2, 2026

Trivy had security incident on 1st March 2026 [1], resulting losing all GitHub Releases between 0.27.0-0.69.1.
They then restored the latest as 0.69.2

[1] aquasecurity/trivy#10265

(cherry picked from commit 9144c9f)

@seunghun1ee
Bump Trivy to 0.69.2
fc3a510 
Trivy had security incident on 1st March 2026 [1], resulting losing all
GitHub Releases between 0.27.0-0.69.1.
They then restored the latest as 0.69.2

[1] aquasecurity/trivy#10265

(cherry picked from commit 9144c9f)
@seunghun1ee seunghun1ee self-assigned this Mar 2, 2026
@seunghun1ee seunghun1ee requested a review from a team as a code owner March 2, 2026 11:37
@seunghun1ee seunghun1ee added the zed Targets the Zed OpenStack release label Mar 2, 2026
@seunghun1ee seunghun1ee changed the title Bump Trivy to 0.69.2 Bump Trivy to 0.69.2 Zed Mar 2, 2026
gemini-code-assist[bot]
gemini-code-assist bot reviewed Mar 2, 2026
View reviewed changes
Copy link
Contributor

@gemini-code-assist gemini-code-assist bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code Review

This pull request bumps the Trivy version to 0.69.2 in the scan-images.sh script. The change itself is correct and aligns with the pull request's goal. However, I've identified an opportunity to make the script more robust and maintainable. My feedback focuses on improving the version check to ensure the correct version of Trivy is used, not just that it's installed, and also recommends using a variable for the version number. These changes would prevent the script from accidentally using an outdated scanner version in the future.

@priteau priteau merged commit 9bf7ba4 into stackhpc/zed Mar 2, 2026
9 of 12 checks passed
@priteau priteau deleted the bump-trivy-zed branch March 2, 2026 12:05
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@priteau priteau priteau approved these changes

+1 more reviewer

@gemini-code-assist gemini-code-assist[bot] gemini-code-assist[bot] left review comments

Reviewers whose approvals may not affect merge requirements

Assignees

@seunghun1ee seunghun1ee

Labels

zed Targets the Zed OpenStack release

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@seunghun1ee @priteau