Skip to content

trivy: 0.71.1 -> 0.71.2#533289

Merged
NickCao merged 1 commit into
NixOS:masterfrom
r-ryantm:auto-update/trivy
Jun 22, 2026
Merged

trivy: 0.71.1 -> 0.71.2#533289
NickCao merged 1 commit into
NixOS:masterfrom
r-ryantm:auto-update/trivy

Conversation

@r-ryantm

Copy link
Copy Markdown
Contributor

Automatic update generated by nixpkgs-update tools. This update was made based on information from https://github.com/aquasecurity/trivy/releases.

meta.description for trivy is: Simple and comprehensive vulnerability scanner for containers, suitable for CI

meta.homepage for trivy is: https://github.com/aquasecurity/trivy

meta.changelog for trivy is: https://github.com/aquasecurity/trivy/releases/tag/v0.71.2

Updates performed
  • Golang update
To inspect upstream changes
Impact

Checks done


  • built on NixOS
  • The tests defined in passthru.tests, if any, passed
  • found 0.71.2 with grep in /nix/store/i72gfmw10zzf5gnpnphzcagdz4fqk9la-trivy-0.71.2
  • found 0.71.2 in filename of file in /nix/store/i72gfmw10zzf5gnpnphzcagdz4fqk9la-trivy-0.71.2

Rebuild report (if merged into master) (click to expand)
3 total rebuild path(s)

3 package rebuild(s)

First fifty rebuilds by attrpath

lazytrivy
trivy
Instructions to test this update (click to expand)

Either download from the cache:

nix-store -r /nix/store/i72gfmw10zzf5gnpnphzcagdz4fqk9la-trivy-0.71.2 \
  --option binary-caches 'https://cache.nixos.org/ https://nixpkgs-update-cache.nix-community.org/' \
  --option trusted-public-keys '
  nixpkgs-update-cache.nix-community.org-1:U8d6wiQecHUPJFSqHN9GSSmNkmdiFW7GW7WNAnHW0SM=
  cache.nixos.org-1:6NCHdD59X431o0gWypbMrAURkbJ16ZPMQFGspcDShjY=
  '

(The nixpkgs-update cache is only trusted for this store-path realization.)
For the cached download to work, your user must be in the trusted-users list or you can use sudo since root is effectively trusted.

Or, build yourself:

nix-build -A trivy https://github.com/r-ryantm/nixpkgs/archive/92e3bed1d49fd401b70c38943246e69f70854eb5.tar.gz

Or:

nix build github:r-ryantm/nixpkgs/92e3bed1d49fd401b70c38943246e69f70854eb5#trivy

After you've downloaded or built it, look at the files and if there are any, run the binaries:

ls -la /nix/store/i72gfmw10zzf5gnpnphzcagdz4fqk9la-trivy-0.71.2
ls -la /nix/store/i72gfmw10zzf5gnpnphzcagdz4fqk9la-trivy-0.71.2/bin


Pre-merge build results

We have automatically built all packages that will get rebuilt due to
this change.

This gives evidence on whether the upgrade will break dependent packages.
Note sometimes packages show up as failed to build independent of the
change, simply because they are already broken on the target branch.

nixpkgs-review result

Generated using nixpkgs-review.

Command: nixpkgs-review --extra-nixpkgs-config '{ allowBroken = false; }'
Commit: 92e3bed1d49fd401b70c38943246e69f70854eb5


x86_64-linux

✅ 2 packages built:
  • lazytrivy
  • trivy

Maintainer pings

cc @fabaff @06kellyjac for testing.

Tip

As a maintainer, if your package is located under pkgs/by-name/*, you can comment @NixOS/nixpkgs-merge-bot merge to automatically merge this update using the nixpkgs-merge-bot.

@nixpkgs-ci nixpkgs-ci Bot requested review from 06kellyjac and fabaff June 19, 2026 13:11
@nixpkgs-ci nixpkgs-ci Bot added 8.has: package (update) This PR updates a package to a newer version 10.rebuild-linux: 1-10 This PR causes between 1 and 10 packages to rebuild on Linux. 10.rebuild-darwin: 1-10 This PR causes between 1 and 10 packages to rebuild on Darwin. 2.status: merge-bot eligible This PR can be merged by commenting "@NixOS/nixpkgs-merge-bot merge". labels Jun 19, 2026
@NickCao NickCao added this pull request to the merge queue Jun 22, 2026
Merged via the queue into NixOS:master with commit 5be53ca Jun 22, 2026
31 checks passed
@r-ryantm r-ryantm deleted the auto-update/trivy branch June 23, 2026 01:03
@fabaff fabaff linked an issue Jun 26, 2026 that may be closed by this pull request
@nixpkgs-ci

nixpkgs-ci Bot commented Jun 26, 2026

Copy link
Copy Markdown
Contributor

Backport failed for release-25.11, because it was unable to cherry-pick the commit(s).

Please cherry-pick the changes locally and resolve any conflicts.

git fetch origin release-25.11
git worktree add -d .worktree/backport-533289-to-release-25.11 origin/release-25.11
cd .worktree/backport-533289-to-release-25.11
git switch --create backport-533289-to-release-25.11
git cherry-pick -x 92e3bed1d49fd401b70c38943246e69f70854eb5

1 similar comment
@nixpkgs-ci

nixpkgs-ci Bot commented Jun 26, 2026

Copy link
Copy Markdown
Contributor

Backport failed for release-25.11, because it was unable to cherry-pick the commit(s).

Please cherry-pick the changes locally and resolve any conflicts.

git fetch origin release-25.11
git worktree add -d .worktree/backport-533289-to-release-25.11 origin/release-25.11
cd .worktree/backport-533289-to-release-25.11
git switch --create backport-533289-to-release-25.11
git cherry-pick -x 92e3bed1d49fd401b70c38943246e69f70854eb5

@nixpkgs-ci

nixpkgs-ci Bot commented Jun 26, 2026

Copy link
Copy Markdown
Contributor

Backport failed for release-26.05, because it was unable to cherry-pick the commit(s).

Please cherry-pick the changes locally and resolve any conflicts.

git fetch origin release-26.05
git worktree add -d .worktree/backport-533289-to-release-26.05 origin/release-26.05
cd .worktree/backport-533289-to-release-26.05
git switch --create backport-533289-to-release-26.05
git cherry-pick -x 92e3bed1d49fd401b70c38943246e69f70854eb5

@nixpkgs-ci

nixpkgs-ci Bot commented Jun 26, 2026

Copy link
Copy Markdown
Contributor

Backport failed for release-26.05, because it was unable to cherry-pick the commit(s).

Please cherry-pick the changes locally and resolve any conflicts.

git fetch origin release-26.05
git worktree add -d .worktree/backport-533289-to-release-26.05 origin/release-26.05
cd .worktree/backport-533289-to-release-26.05
git switch --create backport-533289-to-release-26.05
git cherry-pick -x 92e3bed1d49fd401b70c38943246e69f70854eb5

@dotlambda dotlambda added 1.severity: security Issues which raise a security issue, or PRs that fix one and removed 1.severity: security Issues which raise a security issue, or PRs that fix one labels Jun 27, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

2.status: merge-bot eligible This PR can be merged by commenting "@NixOS/nixpkgs-merge-bot merge". 8.has: failed backport 8.has: package (update) This PR updates a package to a newer version 10.rebuild-darwin: 1-10 This PR causes between 1 and 10 packages to rebuild on Darwin. 10.rebuild-linux: 1-10 This PR causes between 1 and 10 packages to rebuild on Linux. backport release-26.05 Backport PR automatically

Projects

None yet

Development

Successfully merging this pull request may close these issues.

trivy: security issues < 0.71.1

4 participants