Bump Trivy from v0.67.2 to v0.69.2 (#39)

dc-larsen · web-flow · commit 78947405c242 · 2026-03-02T14:00:55.000-05:00
Trivy suffered a security incident on March 1 where an attacker deleted all GitHub Releases from v0.27.0 through v0.69.1. The install script finds the git tag but the binary assets are gone, causing the Docker build to fail with exit code 1. v0.69.2 is the only version with restored release assets. Ref: https://github.com/aquasecurity/trivy/discussions/10265
diff --git a/Dockerfile b/Dockerfile
@@ -19,7 +19,7 @@ RUN curl -fsSL https://deb.nodesource.com/setup_22.x | bash - && \
 RUN npm install -g socket
 
 # Install Trivy
-ARG TRIVY_VERSION=v0.67.2
+ARG TRIVY_VERSION=v0.69.2
 RUN curl -sfL https://raw.githubusercontent.com/aquasecurity/trivy/main/contrib/install.sh | sh -s -- -b /usr/local/bin "${TRIVY_VERSION}"
 
 # Install Trufflehog
