gitea-mirror/trivy
1
0
Fork 0
mirror of https://github.com/aquasecurity/trivy.git synced 2025-12-23 07:29:00 -08:00
Code Issues Packages Projects Releases Wiki Activity

chore(deps): update Go to 1.24 and switch to go-version-file (#8388)

Browse Source 
Signed-off-by: knqyf263 <knqyf263@gmail.com>
This commit is contained in:
Teppei Fukuda
2025-03-05 10:40:42 +04:00
committed by GitHub
parent 453c66dd30
commit 57b08d62de
17 changed files with 37 additions and 44 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
.github/workflows/auto-update-labels.yaml vendored
View File

@@ -5,8 +5,6 @@ on:
- 'misc/triage/labels.yaml' - 'misc/triage/labels.yaml'
branches: branches:
- main - main
env:
GO_VERSION: '1.23'
jobs: jobs:
deploy: deploy:
name: Auto-update labels name: Auto-update labels
@@ -18,8 +16,7 @@ jobs:
- name: Set up Go - name: Set up Go
uses: actions/setup-go@v5 uses: actions/setup-go@v5
with: with:
# cf. https://github.com/aquasecurity/trivy/pull/6711 go-version-file: go.mod
go-version: ${{ env.GO_VERSION }}
cache: false cache: false
- name: Install aqua tools - name: Install aqua tools

3
.github/workflows/reusable-release.yaml vendored
View File

@@ -14,7 +14,6 @@ on:
env: env:
GH_USER: "aqua-bot" GH_USER: "aqua-bot"
GO_VERSION: '1.23'
jobs: jobs:
release: release:
@@ -68,7 +67,7 @@ jobs:
- name: Setup Go - name: Setup Go
uses: actions/setup-go@v5 uses: actions/setup-go@v5
with: with:
go-version: ${{ env.GO_VERSION }} go-version-file: go.mod
cache: false # Disable cache to avoid free space issues during `Post Setup Go` step. cache: false # Disable cache to avoid free space issues during `Post Setup Go` step.
- name: Generate SBOM - name: Generate SBOM

16
.github/workflows/test.yaml vendored
View File

@@ -11,8 +11,6 @@ on:
merge_group: merge_group:
workflow_dispatch: workflow_dispatch:
env:
GO_VERSION: '1.23'
jobs: jobs:
test: test:
name: Test name: Test
@@ -26,7 +24,7 @@ jobs:
- name: Set up Go - name: Set up Go
uses: actions/setup-go@v5 uses: actions/setup-go@v5
with: with:
go-version: ${{ env.GO_VERSION }} go-version-file: go.mod
cache: false cache: false
- name: go mod tidy - name: go mod tidy
@@ -42,7 +40,7 @@ jobs:
id: lint id: lint
uses: golangci/golangci-lint-action@v6.5.0 uses: golangci/golangci-lint-action@v6.5.0
with: with:
version: v1.61 version: v1.64
args: --verbose --out-format=line-number args: --verbose --out-format=line-number
if: matrix.operating-system == 'ubuntu-latest' if: matrix.operating-system == 'ubuntu-latest'
@@ -80,7 +78,7 @@ jobs:
- name: Set up Go - name: Set up Go
uses: actions/setup-go@v5 uses: actions/setup-go@v5
with: with:
go-version: ${{ env.GO_VERSION }} go-version-file: go.mod
cache: false cache: false
- name: Install tools - name: Install tools
@@ -117,7 +115,7 @@ jobs:
- name: Set up Go - name: Set up Go
uses: actions/setup-go@v5 uses: actions/setup-go@v5
with: with:
go-version: ${{ env.GO_VERSION }} go-version-file: go.mod
cache: false cache: false
- name: Install tools - name: Install tools
@@ -138,7 +136,7 @@ jobs:
- name: Set up Go - name: Set up Go
uses: actions/setup-go@v5 uses: actions/setup-go@v5
with: with:
go-version: ${{ env.GO_VERSION }} go-version-file: go.mod
cache: false cache: false
- name: Install tools - name: Install tools
@@ -177,7 +175,7 @@ jobs:
- name: Set up Go - name: Set up Go
uses: actions/setup-go@v5 uses: actions/setup-go@v5
with: with:
go-version: ${{ env.GO_VERSION }} go-version-file: go.mod
cache: false cache: false
- name: Install tools - name: Install tools
@@ -220,7 +218,7 @@ jobs:
- name: Set up Go - name: Set up Go
uses: actions/setup-go@v5 uses: actions/setup-go@v5
with: with:
go-version: ${{ env.GO_VERSION }} go-version-file: go.mod
cache: false cache: false
- name: Determine GoReleaser ID - name: Determine GoReleaser ID

2
.golangci.yaml
View File

@@ -122,7 +122,7 @@ linters:
- usestdlibvars - usestdlibvars
run: run:
go: '1.23' go: '1.24'
timeout: 30m timeout: 30m
issues: issues:

2
Dockerfile.protoc
View File

@@ -1,4 +1,4 @@
FROM --platform=linux/amd64 golang:1.23 FROM --platform=linux/amd64 golang:1.24
# Set environment variable for protoc # Set environment variable for protoc
ENV PROTOC_ZIP=protoc-3.19.4-linux-x86_64.zip ENV PROTOC_ZIP=protoc-3.19.4-linux-x86_64.zip

2
aqua.yaml
View File

@@ -5,6 +5,6 @@ registries:
- type: standard - type: standard
ref: v3.157.0 # renovate: depName=aquaproj/aqua-registry ref: v3.157.0 # renovate: depName=aquaproj/aqua-registry
packages: packages:
- name: tinygo-org/tinygo@v0.33.0 - name: tinygo-org/tinygo@v0.36.0
- name: WebAssembly/binaryen@version_112 - name: WebAssembly/binaryen@version_112
- name: magefile/mage@v1.14.0 - name: magefile/mage@v1.14.0

5
examples/module/spring4shell/spring4shell.go
View File

@@ -1,4 +1,4 @@
//go:generate tinygo build -o spring4shell.wasm -scheduler=none -target=wasi --no-debug spring4shell.go //go:generate tinygo build -o spring4shell.wasm -target=wasip1 --buildmode=c-shared spring4shell.go
//go:build tinygo.wasm //go:build tinygo.wasm
package main package main
@@ -29,8 +29,7 @@ var (
tomcatVersionRegex = regexp.MustCompile(`Apache Tomcat Version ([\d.]+)`) tomcatVersionRegex = regexp.MustCompile(`Apache Tomcat Version ([\d.]+)`)
) )
// main is required for TinyGo to compile to Wasm. func init() {
func main() {
wasm.RegisterModule(Spring4Shell{}) wasm.RegisterModule(Spring4Shell{})
} }

4
go.mod
View File

@@ -1,6 +1,6 @@
module github.com/aquasecurity/trivy module github.com/aquasecurity/trivy
go 1.23.5 go 1.24
require ( require (
github.com/Azure/azure-sdk-for-go v68.0.0+incompatible github.com/Azure/azure-sdk-for-go v68.0.0+incompatible
@@ -112,7 +112,7 @@ require (
github.com/stretchr/testify v1.10.0 github.com/stretchr/testify v1.10.0
github.com/testcontainers/testcontainers-go v0.35.0 github.com/testcontainers/testcontainers-go v0.35.0
github.com/testcontainers/testcontainers-go/modules/localstack v0.35.0 github.com/testcontainers/testcontainers-go/modules/localstack v0.35.0
github.com/tetratelabs/wazero v1.8.2 github.com/tetratelabs/wazero v1.9.0
github.com/twitchtv/twirp v8.1.3+incompatible github.com/twitchtv/twirp v8.1.3+incompatible
github.com/xeipuuv/gojsonschema v1.2.0 github.com/xeipuuv/gojsonschema v1.2.0
github.com/xlab/treeprint v1.2.0 github.com/xlab/treeprint v1.2.0

4
go.sum
View File

@@ -1887,8 +1887,8 @@ github.com/testcontainers/testcontainers-go v0.35.0 h1:uADsZpTKFAtp8SLK+hMwSaa+X
github.com/testcontainers/testcontainers-go v0.35.0/go.mod h1:oEVBj5zrfJTrgjwONs1SsRbnBtH9OKl+IGl3UMcr2B4= github.com/testcontainers/testcontainers-go v0.35.0/go.mod h1:oEVBj5zrfJTrgjwONs1SsRbnBtH9OKl+IGl3UMcr2B4=
github.com/testcontainers/testcontainers-go/modules/localstack v0.35.0 h1:0EbOXcy8XQkyDUs1Y9YPUHOUByNnlGsLi5B3ln8F/RU= github.com/testcontainers/testcontainers-go/modules/localstack v0.35.0 h1:0EbOXcy8XQkyDUs1Y9YPUHOUByNnlGsLi5B3ln8F/RU=
github.com/testcontainers/testcontainers-go/modules/localstack v0.35.0/go.mod h1:MlHuaWQimz+15dmQ6R2S1vpYxhGFEpmRZQsL2NVWNng= github.com/testcontainers/testcontainers-go/modules/localstack v0.35.0/go.mod h1:MlHuaWQimz+15dmQ6R2S1vpYxhGFEpmRZQsL2NVWNng=
github.com/tetratelabs/wazero v1.8.2 h1:yIgLR/b2bN31bjxwXHD8a3d+BogigR952csSDdLYEv4= github.com/tetratelabs/wazero v1.9.0 h1:IcZ56OuxrtaEz8UYNRHBrUa9bYeX9oVY93KspZZBf/I=
github.com/tetratelabs/wazero v1.8.2/go.mod h1:yAI0XTsMBhREkM/YDAK/zNou3GoiAce1P6+rp/wQhjs= github.com/tetratelabs/wazero v1.9.0/go.mod h1:TSbcXCfFP0L2FGkRPxHphadXPjo1T6W+CseNNY7EkjM=
github.com/thales-e-security/pool v0.0.2 h1:RAPs4q2EbWsTit6tpzuvTFlgFRJ3S8Evf5gtvVDbmPg= github.com/thales-e-security/pool v0.0.2 h1:RAPs4q2EbWsTit6tpzuvTFlgFRJ3S8Evf5gtvVDbmPg=
github.com/thales-e-security/pool v0.0.2/go.mod h1:qtpMm2+thHtqhLzTwgDBj/OuNnMpupY8mv0Phz0gjhU= github.com/thales-e-security/pool v0.0.2/go.mod h1:qtpMm2+thHtqhLzTwgDBj/OuNnMpupY8mv0Phz0gjhU=
github.com/theupdateframework/go-tuf v0.7.0 h1:CqbQFrWo1ae3/I0UCblSbczevCCbS31Qvs5LdxRWqRI= github.com/theupdateframework/go-tuf v0.7.0 h1:CqbQFrWo1ae3/I0UCblSbczevCCbS31Qvs5LdxRWqRI=

2
magefiles/magefile.go
View File

@@ -95,7 +95,7 @@ func (Tool) PipTools() error {
// GolangciLint installs golangci-lint // GolangciLint installs golangci-lint
func (t Tool) GolangciLint() error { func (t Tool) GolangciLint() error {
const version = "v1.61.0" const version = "v1.64.2"
bin := filepath.Join(GOBIN, "golangci-lint") bin := filepath.Join(GOBIN, "golangci-lint")
if exists(bin) && t.matchGolangciLintVersion(bin, version) { if exists(bin) && t.matchGolangciLintVersion(bin, version) {
return nil return nil

2
pkg/iac/scanners/terraform/parser/funcs/collection.go
View File

@@ -509,7 +509,7 @@ var SumFunc = function.New(&function.Spec{
ty := args[0].Type() ty := args[0].Type()
if !ty.IsListType() && !ty.IsSetType() && !ty.IsTupleType() { if !ty.IsListType() && !ty.IsSetType() && !ty.IsTupleType() {
return cty.NilVal, function.NewArgErrorf(0, fmt.Sprintf("argument must be list, set, or tuple. Received %s", ty.FriendlyName())) return cty.NilVal, function.NewArgErrorf(0, "argument must be list, set, or tuple. Received %s", ty.FriendlyName())
} }
if !args[0].IsWhollyKnown() { if !args[0].IsWhollyKnown() {

2
pkg/iac/scanners/terraform/parser/funcs/crypto.go
View File

@@ -175,7 +175,7 @@ var RsaDecryptFunc = function.New(&function.Spec{
default: default:
errStr = fmt.Sprintf("invalid private key: %s", e) errStr = fmt.Sprintf("invalid private key: %s", e)
} }
return cty.UnknownVal(cty.String), function.NewArgErrorf(1, errStr) return cty.UnknownVal(cty.String), function.NewArgError(1, errors.New(errStr))
} }
privateKey, ok := rawKey.(*rsa.PrivateKey) privateKey, ok := rawKey.(*rsa.PrivateKey)
if !ok { if !ok {

2
pkg/module/module.go
View File

@@ -280,7 +280,7 @@ type wasmModule struct {
func newWASMPlugin(ctx context.Context, ccache wazero.CompilationCache, code []byte) (*wasmModule, error) { func newWASMPlugin(ctx context.Context, ccache wazero.CompilationCache, code []byte) (*wasmModule, error) {
mf := &memFS{} mf := &memFS{}
config := wazero.NewModuleConfig().WithStdout(os.Stdout).WithFS(mf) config := wazero.NewModuleConfig().WithStdout(os.Stdout).WithFS(mf).WithStartFunctions("_initialize")
// Create an empty namespace so that multiple modules will not conflict // Create an empty namespace so that multiple modules will not conflict
r := wazero.NewRuntimeWithConfig(ctx, wazero.NewRuntimeConfig().WithCompilationCache(ccache)) r := wazero.NewRuntimeWithConfig(ctx, wazero.NewRuntimeConfig().WithCompilationCache(ccache))

4
pkg/module/testdata/analyzer/analyzer.go vendored
View File

@@ -1,4 +1,4 @@
//go:generate tinygo build -o analyzer.wasm -scheduler=none -target=wasi --no-debug analyzer.go //go:generate tinygo build -o analyzer.wasm -target=wasip1 --buildmode=c-shared analyzer.go
//go:build tinygo.wasm //go:build tinygo.wasm
package main package main
@@ -13,7 +13,7 @@ const (
moduleName = "analyzer" moduleName = "analyzer"
) )
func main() { func init() {
wasm.RegisterModule(AnalyzerModule{}) wasm.RegisterModule(AnalyzerModule{})
} }

4
pkg/module/testdata/happy/happy.go vendored
View File

@@ -1,4 +1,4 @@
//go:generate tinygo build -o happy.wasm -scheduler=none -target=wasi --no-debug happy.go //go:generate tinygo build -o happy.wasm -target=wasip1 --buildmode=c-shared happy.go
//go:build tinygo.wasm //go:build tinygo.wasm
package main package main
@@ -14,7 +14,7 @@ const (
moduleName = "happy" moduleName = "happy"
) )
func main() { func init() {
wasm.RegisterModule(HappyModule{}) wasm.RegisterModule(HappyModule{})
} }

4
pkg/module/testdata/scanner/scanner.go vendored
View File

@@ -1,4 +1,4 @@
//go:generate tinygo build -o scanner.wasm -scheduler=none -target=wasi --no-debug scanner.go //go:generate tinygo build -o scanner.wasm -target=wasip1 --buildmode=c-shared scanner.go
//go:build tinygo.wasm //go:build tinygo.wasm
package main package main
@@ -14,7 +14,7 @@ const (
moduleName = "scanner" moduleName = "scanner"
) )
func main() { func init() {
wasm.RegisterModule(PostScannerModule{}) wasm.RegisterModule(PostScannerModule{})
} }

18
pkg/module/wasm/sdk.go
View File

@@ -56,24 +56,24 @@ func RegisterModule(p api.Module) {
module = p module = p
} }
//export name //go:wasmexport name
func _name() uint64 { func _name() uint64 {
name := module.Name() name := module.Name()
ptr, size := stringToPtr(name) ptr, size := stringToPtr(name)
return (uint64(ptr) << uint64(32)) | uint64(size) return (uint64(ptr) << uint64(32)) | uint64(size)
} }
//export api_version //go:wasmexport api_version
func _apiVersion() uint32 { func _apiVersion() uint32 {
return api.Version return api.Version
} }
//export version //go:wasmexport version
func _version() uint32 { func _version() uint32 {
return uint32(module.Version()) return uint32(module.Version())
} }
//export is_analyzer //go:wasmexport is_analyzer
func _isAnalyzer() uint64 { func _isAnalyzer() uint64 {
if _, ok := module.(api.Analyzer); !ok { if _, ok := module.(api.Analyzer); !ok {
return 0 return 0
@@ -81,14 +81,14 @@ func _isAnalyzer() uint64 {
return 1 return 1
} }
//export required //go:wasmexport required
func _required() uint64 { func _required() uint64 {
files := module.(api.Analyzer).RequiredFiles() files := module.(api.Analyzer).RequiredFiles()
ss := serialize.StringSlice(files) ss := serialize.StringSlice(files)
return marshal(ss) return marshal(ss)
} }
//export analyze //go:wasmexport analyze
func _analyze(ptr, size uint32) uint64 { func _analyze(ptr, size uint32) uint64 {
filePath := ptrToString(ptr, size) filePath := ptrToString(ptr, size)
custom, err := module.(api.Analyzer).Analyze(filePath) custom, err := module.(api.Analyzer).Analyze(filePath)
@@ -99,7 +99,7 @@ func _analyze(ptr, size uint32) uint64 {
return marshal(custom) return marshal(custom)
} }
//export is_post_scanner //go:wasmexport is_post_scanner
func _isPostScanner() uint64 { func _isPostScanner() uint64 {
if _, ok := module.(api.PostScanner); !ok { if _, ok := module.(api.PostScanner); !ok {
return 0 return 0
@@ -107,12 +107,12 @@ func _isPostScanner() uint64 {
return 1 return 1
} }
//export post_scan_spec //go:wasmexport post_scan_spec
func _post_scan_spec() uint64 { func _post_scan_spec() uint64 {
return marshal(module.(api.PostScanner).PostScanSpec()) return marshal(module.(api.PostScanner).PostScanSpec())
} }
//export post_scan //go:wasmexport post_scan
func _post_scan(ptr, size uint32) uint64 { func _post_scan(ptr, size uint32) uint64 {
var results serialize.Results var results serialize.Results
if err := unmarshal(ptr, size, &results); err != nil { if err := unmarshal(ptr, size, &results); err != nil {