Skip to content

chore(ci): bump aquasecurity/trivy-action from 0.30.0 to 0.36.0 in the actions group across 1 directory#35

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/github_actions/actions-d884b4a175
Open

chore(ci): bump aquasecurity/trivy-action from 0.30.0 to 0.36.0 in the actions group across 1 directory#35
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/github_actions/actions-d884b4a175

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 24, 2026
edited
Loading

Copy link
Copy Markdown

Bumps the actions group with 1 update in the / directory: aquasecurity/trivy-action.

Updates aquasecurity/trivy-action from 0.30.0 to 0.36.0

Release notes

Sourced from aquasecurity/trivy-action's releases.

v0.36.0

What's Changed

New Contributors

Full Changelog: aquasecurity/trivy-action@v0.35.0...v0.36.0

Release: 0.35.0

What's Changed

Full Changelog: aquasecurity/trivy-action@0.34.2...0.35.0

Release: v0.35.0

This release is a duplicate of 0.35.0 which was not compromised.

As part of our response to the recent supply chain attack, we have migrated all tags to use the v prefix (e.g., v0.35.0 instead of 0.35.0). Going forward, all new releases will use the v prefix convention.

We have intentionally kept the 0.35.0 tag intact to avoid breaking existing workflows that depend on it.

If you are currently using 0.35.0, your workflows are safe — no action is required.

Release: v0.34.0

Full Changelog: aquasecurity/trivy-action@v0.33.1...v0.34.0

Release: v0.33.1

What's Changed

Full Changelog: aquasecurity/trivy-action@v0.33.0...v0.33.1

... (truncated)

Commits

@dependabot dependabot Bot added area/engprod CI/CD, Makefile, developer tooling dependencies Dependency updates labels Jun 24, 2026
Copilot AI review requested due to automatic review settings June 24, 2026 10:43
@dependabot dependabot Bot added area/engprod CI/CD, Makefile, developer tooling dependencies Dependency updates labels Jun 24, 2026
Copilot AI reviewed Jun 24, 2026

Copilot AI left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Copilot encountered an error and was unable to review this pull request. You can try again by re-requesting a review.

@github-actions

github-actions Bot commented Jun 24, 2026

Copy link
Copy Markdown

🎉 Welcome to the Kubeflow MCP Server! 🎉

Thanks for opening your first PR! We're happy to have you as part of our community 🚀

Here's what happens next:

  • If you haven't already, please check out our Contributing Guide for repo-specific guidelines and the Kubeflow Contributor Guide for general community standards
  • Our team will review your PR soon! cc @kubeflow/kubeflow-sdk-team

Join the community:

Feel free to ask questions in the comments if you need any help or clarification!
Thanks again for contributing to Kubeflow! 🙏

@abhijeet-dhumal

abhijeet-dhumal commented Jun 24, 2026

Copy link
Copy Markdown
Member

/lgtm
/approve

@google-oss-prow google-oss-prow Bot added lgtm Looks good to me — approved by a reviewer approved Approved by an approver in OWNERS labels Jun 24, 2026
@dependabot
chore(ci): bump aquasecurity/trivy-action
770054f 
Bumps the actions group with 1 update in the / directory: [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action).


Updates `aquasecurity/trivy-action` from 0.30.0 to 0.36.0
- [Release notes](https://github.com/aquasecurity/trivy-action/releases)
- [Commits](aquasecurity/trivy-action@0.30.0...v0.36.0)

---
updated-dependencies:
- dependency-name: aquasecurity/trivy-action
  dependency-version: 0.36.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: actions
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot changed the title chore(ci): bump aquasecurity/trivy-action from 0.30.0 to 0.36.0 in the actions group chore(ci): bump aquasecurity/trivy-action from 0.30.0 to 0.36.0 in the actions group across 1 directory Jun 29, 2026
@dependabot dependabot Bot force-pushed the dependabot/github_actions/actions-d884b4a175 branch from e4d5a1f to 770054f Compare June 29, 2026 14:46
@google-oss-prow google-oss-prow Bot removed the lgtm Looks good to me — approved by a reviewer label Jun 29, 2026
@google-oss-prow

google-oss-prow Bot commented Jun 29, 2026

Copy link
Copy Markdown

New changes are detected. LGTM label has been removed.

@abhijeet-dhumal

abhijeet-dhumal commented Jun 30, 2026

Copy link
Copy Markdown
Member

/approve

@google-oss-prow

google-oss-prow Bot commented Jun 30, 2026

Copy link
Copy Markdown

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: abhijeet-dhumal

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments
@Electronic-Waste Electronic-Waste Awaiting requested review from Electronic-Waste
@szaher szaher Awaiting requested review from szaher
+1 more reviewer
@abhijeet-dhumal abhijeet-dhumal abhijeet-dhumal approved these changes
Reviewers whose approvals may not affect merge requirements

Assignees

@abhijeet-dhumal abhijeet-dhumal

Labels

approved Approved by an approver in OWNERS area/engprod CI/CD, Makefile, developer tooling dependencies Dependency updates size/XS

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@abhijeet-dhumal