From 131a821501a6140f9726fa75beb7e18f2c5f5d6f Mon Sep 17 00:00:00 2001
From: Timothy Stone <gitlab@petmystone.com>
Date: Fri, 27 Dec 2024 19:49:37 -0500
Subject: [PATCH] fix: use --pkg-types instead of deprecated --vuln-type

Trivy is deprecating the --vuln-type CLI option. The new option is --pkg-types; also TRIVY_PKG_TYPES
for environment configuration.
---
 README.md                         | 2 +-
 kicker.json                       | 2 +-
 templates/gitlab-ci-maven-jib.yml | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/README.md b/README.md
index 40f61f6..8548b64 100644
--- a/README.md
+++ b/README.md
@@ -483,7 +483,7 @@ The template uses GitLab registries and authentication defaults. See the Docker
 | `sbom-image` / `MAVEN_SBOM_IMAGE` | The image used to perform and complete the Security Bill of Materials | `registry.hub.docker.com/anchore/syft:debug` |
 | `sbom-opts` / `MAVEN_SBOM_OPTS` | SBOM options to complete the Security Bill of Materials  | `--override-default-catalogers rpm-db-cataloger,alpm-db-cataloger,apk-db-cataloger,dpkg-db-cataloger,portage-cataloger,nix-store-cataloger,java`          |
 | `trivy-image` / `MAVEN_TRIVY_IMAGE` | The image to perform container security scanning  | `registry.hub.docker.com/aquasec/trivy:latest` |
-| `trivy-args` / `MAVEN_TRIVY_ARGS` | Additional [`trivy image` options](https://aquasecurity.github.io/trivy/latest/docs/references/configuration/cli/trivy_image/#options) | `--ignore-unfixed --vuln-type os` |
+| `trivy-args` / `MAVEN_TRIVY_ARGS` | Additional [`trivy image` options](https://aquasecurity.github.io/trivy/latest/docs/references/configuration/cli/trivy_image/#options) | `--ignore-unfixed --pkg-types os` |
 
 Other Trivy parameters shall be configured using [Trivy environment variables](https://aquasecurity.github.io/trivy/latest/docs/references/configuration/cli/trivy_image/#options).
 Examples:
diff --git a/kicker.json b/kicker.json
index 4713054..7772b67 100644
--- a/kicker.json
+++ b/kicker.json
@@ -229,7 +229,7 @@
             {
               "name": "MAVEN_TRIVY_ARGS",
               "description": "Additional [`trivy image` options](https://aquasecurity.github.io/trivy/latest/docs/references/configuration/cli/trivy_image/#options)",
-              "default": "--ignore-unfixed --vuln-type os",
+              "default": "--ignore-unfixed --pkg-types os",
               "advanced": true
             }
           ]
diff --git a/templates/gitlab-ci-maven-jib.yml b/templates/gitlab-ci-maven-jib.yml
index 65f3e0b..d9ab4e0 100644
--- a/templates/gitlab-ci-maven-jib.yml
+++ b/templates/gitlab-ci-maven-jib.yml
@@ -34,7 +34,7 @@ spec:
       default: registry.hub.docker.com/aquasec/trivy:latest
     trivy-args:
       description: Additional [`trivy image` options](https://aquasecurity.github.io/trivy/latest/docs/references/configuration/cli/trivy_image/#options)
-      default: --ignore-unfixed --vuln-type os
+      default: --ignore-unfixed --pkg-types os
     sbom-image:
       default: registry.hub.docker.com/anchore/syft:debug
     sbom-opts:
-- 
GitLab