fix: Correctly check for semver versions for trivy version check (#8948)

pkg/notification/notice.go

@@ -10,6 +10,7 @@ import (
 	"strings"
 	"time"
 
+	"github.com/aquasecurity/go-version/pkg/semver"
 	"github.com/aquasecurity/trivy/pkg/log"
 	"github.com/aquasecurity/trivy/pkg/version/app"
 )
@@ -140,8 +141,18 @@ func (v *VersionChecker) PrintNotices(output io.Writer) {
 		}
 	}
 
-	if v.currentVersion != v.LatestVersion() {
-		notices = append(notices, fmt.Sprintf("Version %s of Trivy is now available, current version is %s", v.latestVersion.Trivy.LatestVersion, v.currentVersion))
+	cv, err := semver.Parse(strings.TrimPrefix(v.currentVersion, "v"))
+	if err != nil {
+		return
+	}
+
+	lv, err := semver.Parse(strings.TrimPrefix(v.LatestVersion(), "v"))
+	if err != nil {
+		return
+	}
+
+	if cv.LessThan(lv) {
+		notices = append(notices, fmt.Sprintf("Version %s of Trivy is now available, current version is %s", lv, cv))
 	}
 
 	if len(notices) > 0 {

pkg/notification/notice_test.go

@@ -29,6 +29,13 @@ func TestPrintNotices(t *testing.T) {
 			responseExpected: true,
 			expectedOutput:   "\n📣 \x1b[34mNotices:\x1b[0m\n  - Version 0.60.0 of Trivy is now available, current version is 0.58.0\n\nTo suppress version checks, run Trivy scans with the --skip-version-check flag\n\n",
 		},
+		{
+			name:             "New version available but includes a prefixed version number",
+			options:          []Option{WithCurrentVersion("0.58.0")},
+			latestVersion:    "v0.60.0",
+			responseExpected: true,
+			expectedOutput:   "\n📣 \x1b[34mNotices:\x1b[0m\n  - Version 0.60.0 of Trivy is now available, current version is 0.58.0\n\nTo suppress version checks, run Trivy scans with the --skip-version-check flag\n\n",
+		},
 		{
 			name: "new version available but --quiet mode enabled",
 			options: []Option{