From e08e70a8ab2a6fcea20b425463878944eb784f1d Mon Sep 17 00:00:00 2001 From: David Larsen Date: Mon, 2 Mar 2026 13:38:54 -0500 Subject: [PATCH] Bump Trivy from v0.67.2 to v0.69.2 Trivy suffered a security incident on March 1 where an attacker deleted all GitHub Releases from v0.27.0 through v0.69.1. The install script finds the git tag but the binary assets are gone, causing the Docker build to fail with exit code 1. v0.69.2 is the only version with restored release assets. Ref: https://github.com/aquasecurity/trivy/discussions/10265 --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index cccf517..b360adb 100644 --- a/Dockerfile +++ b/Dockerfile @@ -19,7 +19,7 @@ RUN curl -fsSL https://deb.nodesource.com/setup_22.x | bash - && \ RUN npm install -g socket # Install Trivy -ARG TRIVY_VERSION=v0.67.2 +ARG TRIVY_VERSION=v0.69.2 RUN curl -sfL https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b /usr/local/bin "${TRIVY_VERSION}" # Install Trufflehog