fix: Fix security vulnerability (#27)

Co-authored-by: Andrei Tataranovich <[email protected]>
epam · Nov 14, 2024 · 8c3e5e2 · 8c3e5e2
1 parent 778a8ea
commit 8c3e5e2
Show file tree

Hide file tree

Showing 3 changed files with 15 additions and 2 deletions.
diff --git a/.github/workflows/pr.yml b/.github/workflows/pr.yml
@@ -6,5 +6,5 @@ on:
 
 jobs:
   run_tests:
-    uses: epam/ai-dial-ci/.github/workflows/java_pr.yml@1.6.1
+    uses: epam/ai-dial-ci/.github/workflows/java_pr.yml@1.9.4
     secrets: inherit
diff --git a/build.gradle b/build.gradle
@@ -50,7 +50,7 @@ dependencies {
         }
     }
 
-    implementation("org.springframework.boot:spring-boot-starter-web:3.2.3")
+    implementation("org.springframework.boot:spring-boot-starter-web:3.3.5")
 
     implementation("com.auth0:java-jwt:4.4.0")
     implementation("com.auth0:jwks-rsa:0.22.1")

diff --git a/trivy.yaml b/trivy.yaml
@@ -0,0 +1,13 @@
+# Trivy configuration file
+# https://aquasecurity.github.io/trivy/latest/docs/references/configuration/config-file/
+# Can be deleted after public ecr mirror will be added by default
+db:
+  no-progress: true
+  repository:
+    - ghcr.io/aquasecurity/trivy-db:2
+    - public.ecr.aws/aquasecurity/trivy-db:2
+  java-repository:
+    - ghcr.io/aquasecurity/trivy-java-db:1
+    - public.ecr.aws/aquasecurity/trivy-java-db:1
+misconfiguration:
+  checks-bundle-repository: public.ecr.aws/aquasecurity/trivy-checks