Skip to content

chore: fix vulnerabilities inside indirect deps#2962

Draft
afdesk wants to merge 6 commits into
aquasecurity:mainfrom
afdesk:fix/vulns-2026-05-14
Draft

chore: fix vulnerabilities inside indirect deps#2962
afdesk wants to merge 6 commits into
aquasecurity:mainfrom
afdesk:fix/vulns-2026-05-14

Conversation

@afdesk
Copy link
Copy Markdown
Contributor

@afdesk afdesk commented May 14, 2026
edited
Loading

Description

This PR depends on #2953 and updates indirect dependencies to fix vulnerabilities inside them.

Before:

% trivy i -q aquasec/trivy-operator:0.30.1

Report Summary

┌───────────────────────────────────────────────┬──────────┬─────────────────┬─────────┐
│                    Target                     │   Type   │ Vulnerabilities │ Secrets │
├───────────────────────────────────────────────┼──────────┼─────────────────┼─────────┤
│ aquasec/trivy-operator:0.30.1 (alpine 3.23.3) │  alpine  │       18        │    -    │
├───────────────────────────────────────────────┼──────────┼─────────────────┼─────────┤
│ usr/local/bin/trivy-operator                  │ gobinary │       34        │    -    │
└───────────────────────────────────────────────┴──────────┴─────────────────┴─────────┘
...

aquasec/trivy-operator:0.30.1 (alpine 3.23.3)

Total: 18 (UNKNOWN: 0, LOW: 0, MEDIUM: 6, HIGH: 10, CRITICAL: 2)
...

usr/local/bin/trivy-operator (gobinary)

Total: 34 (UNKNOWN: 0, LOW: 1, MEDIUM: 15, HIGH: 17, CRITICAL: 1)

After:

 % trivy i -q  docker.io/afdesk/trivy-operator:vulns-2026-05-14

Report Summary

┌──────────────────────────────────────────────────────────────────┬──────────┬─────────────────┬─────────┐
│                              Target                              │   Type   │ Vulnerabilities │ Secrets │
├──────────────────────────────────────────────────────────────────┼──────────┼─────────────────┼─────────┤
│ docker.io/afdesk/trivy-operator:vulns-2026-05-14 (alpine 3.23.3) │  alpine  │        0        │    -    │
├──────────────────────────────────────────────────────────────────┼──────────┼─────────────────┼─────────┤
│ usr/local/bin/trivy-operator                                     │ gobinary │        0        │    -    │
└──────────────────────────────────────────────────────────────────┴──────────┴─────────────────┴─────────┘

Checklist

  • I've read the guidelines for contributing to this repository.
  • I've added tests that prove my fix is effective or that my feature works.
  • I've updated the documentation with the relevant information (if needed).
  • I've added usage information (if the PR introduces new options)
  • I've included a "before" and "after" example to the description (if the PR is a user interface change).

@afdesk afdesk changed the title Fix/vulns 2026 05 14 chore: fix vulnerabilities inside inderect deps May 14, 2026
@afdesk afdesk changed the title chore: fix vulnerabilities inside inderect deps chore: fix vulnerabilities inside indirect deps May 14, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@eyalke eyalke Awaiting requested review from eyalke eyalke will be requested when the pull request is marked ready for review eyalke is a code owner

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@afdesk