Skip to content

Commit

Permalink
Merge branch 'main' into renovate/element-hq-synapse-1.x
Browse files Browse the repository at this point in the history
  • Loading branch information
amandahla authored Oct 30, 2024
2 parents 6cd4474 + 87fe659 commit fd146a5
Show file tree
Hide file tree
Showing 4 changed files with 50 additions and 3 deletions.
2 changes: 0 additions & 2 deletions .github/workflows/integration_test.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -14,5 +14,3 @@ jobs:
juju-channel: 3.4/stable
channel: 1.28-strict/stable
modules: '["test_charm", "test_nginx", "test_s3", "test_scaling"]'
self-hosted-runner: false
self-hosted-runner-label: "edge"
47 changes: 47 additions & 0 deletions .trivyignore
Original file line number Diff line number Diff line change
@@ -0,0 +1,47 @@
# Vulnerabilites related to: Pebble, Node.JS and gosu
CVE-2021-39293

Check notice on line 2 in .trivyignore

View workflow job for this annotation

GitHub Actions / integration-tests / Scan Image (ghcr.io-canonical-synapse-789c6ae3cf171ea890d97b48fcf43dd83bf4933d-_2.0_amd64.tar)

CVE-2021-39293 not present anymore, can be safely removed.
CVE-2021-41771

Check notice on line 3 in .trivyignore

View workflow job for this annotation

GitHub Actions / integration-tests / Scan Image (ghcr.io-canonical-synapse-789c6ae3cf171ea890d97b48fcf43dd83bf4933d-_2.0_amd64.tar)

CVE-2021-41771 not present anymore, can be safely removed.
CVE-2021-41772

Check notice on line 4 in .trivyignore

View workflow job for this annotation

GitHub Actions / integration-tests / Scan Image (ghcr.io-canonical-synapse-789c6ae3cf171ea890d97b48fcf43dd83bf4933d-_2.0_amd64.tar)

CVE-2021-41772 not present anymore, can be safely removed.
CVE-2021-44716

Check notice on line 5 in .trivyignore

View workflow job for this annotation

GitHub Actions / integration-tests / Scan Image (ghcr.io-canonical-synapse-789c6ae3cf171ea890d97b48fcf43dd83bf4933d-_2.0_amd64.tar)

CVE-2021-44716 not present anymore, can be safely removed.
CVE-2022-23772

Check notice on line 6 in .trivyignore

View workflow job for this annotation

GitHub Actions / integration-tests / Scan Image (ghcr.io-canonical-synapse-789c6ae3cf171ea890d97b48fcf43dd83bf4933d-_2.0_amd64.tar)

CVE-2022-23772 not present anymore, can be safely removed.
CVE-2022-23806

Check notice on line 7 in .trivyignore

View workflow job for this annotation

GitHub Actions / integration-tests / Scan Image (ghcr.io-canonical-synapse-789c6ae3cf171ea890d97b48fcf43dd83bf4933d-_2.0_amd64.tar)

CVE-2022-23806 not present anymore, can be safely removed.
CVE-2022-24675

Check notice on line 8 in .trivyignore

View workflow job for this annotation

GitHub Actions / integration-tests / Scan Image (ghcr.io-canonical-synapse-789c6ae3cf171ea890d97b48fcf43dd83bf4933d-_2.0_amd64.tar)

CVE-2022-24675 not present anymore, can be safely removed.
CVE-2022-24921

Check notice on line 9 in .trivyignore

View workflow job for this annotation

GitHub Actions / integration-tests / Scan Image (ghcr.io-canonical-synapse-789c6ae3cf171ea890d97b48fcf43dd83bf4933d-_2.0_amd64.tar)

CVE-2022-24921 not present anymore, can be safely removed.
CVE-2022-25883

Check notice on line 10 in .trivyignore

View workflow job for this annotation

GitHub Actions / integration-tests / Scan Image (ghcr.io-canonical-synapse-789c6ae3cf171ea890d97b48fcf43dd83bf4933d-_2.0_amd64.tar)

CVE-2022-25883 not present anymore, can be safely removed.
CVE-2022-27664

Check notice on line 11 in .trivyignore

View workflow job for this annotation

GitHub Actions / integration-tests / Scan Image (ghcr.io-canonical-synapse-789c6ae3cf171ea890d97b48fcf43dd83bf4933d-_2.0_amd64.tar)

CVE-2022-27664 not present anymore, can be safely removed.
CVE-2022-28131
CVE-2022-28327
CVE-2022-2879
CVE-2022-2880
CVE-2022-29804
CVE-2022-30580
CVE-2022-30630
CVE-2022-30631
CVE-2022-30632
CVE-2022-30633
CVE-2022-30634
CVE-2022-30635
CVE-2022-32189
CVE-2022-41715
CVE-2022-41716
CVE-2022-41720
CVE-2022-41722
CVE-2022-41723
CVE-2022-41724
CVE-2022-41725
CVE-2022-46175
CVE-2023-24534
CVE-2023-24536
CVE-2023-24537
CVE-2023-24538
CVE-2023-24539
CVE-2023-24540
CVE-2023-29400
CVE-2023-29403
CVE-2023-39325
CVE-2023-45283
CVE-2023-45287
CVE-2023-45288
CVE-2024-24790
CVE-2024-29415
CVE-2024-34156
2 changes: 1 addition & 1 deletion requirements.txt
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
boto3 ==1.35.48
boto3 ==1.35.49
cosl ==0.0.42
deepdiff ==8.0.1
jinja2 ==3.1.4
Expand Down
2 changes: 2 additions & 0 deletions trivy.yaml
Original file line number Diff line number Diff line change
@@ -1,3 +1,5 @@
timeout: 20m
scan:
offline-scan: true
db:
repository: ghcr.io/aquasecurity/trivy-db,public.ecr.aws/aquasecurity/trivy-db

0 comments on commit fd146a5

Please sign in to comment.