Skip to content

🌱 [release-1.8] Add CVEs to Trivy ignore file #12183

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 1 commit into
base: release-1.8
Choose a base branch
from
Open

🌱 [release-1.8] Add CVEs to Trivy ignore file #12183

wants to merge 1 commit into from

Conversation

cprivitere
Copy link
Member

What this PR does / why we need it:

  • Add two CVEs to the .trivyignore file, as according to govulncheck our code does not call
    these vulnerabilities and we don't want to bump the go.mod go version.
  • Ignores CVE-2025-22869 and CVE-2025-22872 in the weekly security scan on this branch.

https://github.com/kubernetes-sigs/cluster-api/actions/runs/14835970794

Ref: #12173 is where we decided to ignore these.

/area ci
/area security

@k8s-ci-robot k8s-ci-robot added this to the v1.8 milestone May 9, 2025
@k8s-ci-robot k8s-ci-robot added area/ci Issues or PRs related to ci area/security Issues or PRs related to security cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. labels May 9, 2025
@k8s-ci-robot
Copy link
Contributor

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by:
Once this PR has been reviewed and has the lgtm label, please assign chrischdi for approval. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@k8s-ci-robot k8s-ci-robot added the size/XS Denotes a PR that changes 0-9 lines, ignoring generated files. label May 9, 2025
mboersma
mboersma approved these changes May 9, 2025
View reviewed changes
Copy link
Contributor

@mboersma mboersma left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

/lgtm

@k8s-ci-robot k8s-ci-robot added the lgtm "Looks good to me", indicates that a PR is ready to be merged. label May 9, 2025
@k8s-ci-robot
Copy link
Contributor

LGTM label has been added.

Git tree hash: 1f89fb1446e84a08c1cb353d01d6c4365900ca10

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@mboersma mboersma mboersma approved these changes

@JoelSpeed JoelSpeed Awaiting requested review from JoelSpeed

@sbueringer sbueringer Awaiting requested review from sbueringer

Assignees

@mboersma mboersma

Labels
area/ci Issues or PRs related to ci area/security Issues or PRs related to security cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. lgtm "Looks good to me", indicates that a PR is ready to be merged. size/XS Denotes a PR that changes 0-9 lines, ignoring generated files.
Projects
None yet
Milestone
v1.8
Development

Successfully merging this pull request may close these issues.
3 participants
@cprivitere @k8s-ci-robot @mboersma