fix(trivy): Bump up Trivy adapter to v0.11.0

This commit bumps up Trivy to resolve the following issues reported in the aquasecurity/harbor-scanner-trivy repository: - https://github.com/aquasecurity/harbor-scanner-trivy/issues/114 - https://github.com/aquasecurity/harbor-scanner-trivy/issues/108 Note that this adapter vendors in Trivy v0.9.0 which has changed the algorithm for qualifying severities. Previous versions of Trivy preferred NVD scores, whereas this version will use vendor score whenever it's possible. We believe it's more suitable approach for qualifying severities. Even though this change might impact vulnerability summaries in some cases, the total number of vulnerabilities should stay the same. Signed-off-by: Daniel Pacak <pacak.daniel@gmail.com>
2020-06-05 10:35:56 +02:00 · 2020-06-05 10:35:56 +02:00 · dfcee80ae5
parent c261555b59
commit dfcee80ae5
1 changed files with 2 additions and 2 deletions
--- a/4
+++ b/4
@ -103,8 +103,8 @@ NOTARYVERSION=v0.6.1
 CLAIRVERSION=v2.1.3
 NOTARYMIGRATEVERSION=v3.5.4
 CLAIRADAPTERVERSION=v1.0.2
-TRIVYVERSION=v0.7.0
-TRIVYADAPTERVERSION=v0.10.0
+TRIVYVERSION=v0.9.0
+TRIVYADAPTERVERSION=v0.11.0

 # version of chartmuseum
 CHARTMUSEUMVERSION=v0.12.0