v4.6.0

4.6.0 (2026-03-20)

• feat: disable vulnerability scanning in workflow (f774ace)
  Comment out vulnerability scan steps in workflow.
  due to https://www.stepsecurity.io/blog/trivy-compromised-a-second-time---malicious-v0-69-4-release
• chore(deps): bump aquasecurity/trivy-action from 0.33.1 to 0.34.0 (d890fa8)
  Bumps aquasecurity/trivy-action from 0.33.1 to 0.34.0.

• Release notes
• Commits

• chore(deps): bump aquasecurity/trivy-action from 0.33.1 to 0.34.0 (#141) (416bcf0), closes #141
  Bumps
  aquasecurity/trivy-action
  from 0.33.1 to 0.34.0.

Release notes

Sourced from aquasecurity/trivy-action's releases.

v0.34.0

What's Changed

• ci: use setup-bats in bump-trivy workflow by @​nikpivkin in aquasecurity/trivy-action#494
• chore: update README by @​nikpivkin in aquasecurity/trivy-action#493
• ci: install trivy in bump-trivy workflow and update tests by @​nikpivkin in aquasecurity/trivy-action#495
• chore(deps): Update trivy to v0.68.1 by @​aqua-bot in aquasecurity/trivy-action#496
• ci: use checks bundle v2 in sync workflow by @​nikpivkin in aquasecurity/trivy-action#505
• chore(deps): Update trivy to v0.69.1 by @​aqua-bot in aquasecurity/trivy-action#506

Full Changelog: aquasecurity/trivy-action@0.33.1...0.34.0

Commits

• c1824fd chore(deps): Update trivy to v0.69.1 (#506)
• bc61dc5 Merge commit from fork
• 5eb7ef2 ci: use checks bundle v2 in sync workflow (#505)
• 22438a4 Merge pull request #496 from aquasecurity/bump-trivy-1765431074
• 0024b3f chore(deps): Update trivy to v0.68.1
• 83690f7 ci: install trivy in bump-trivy workflow and update tests (#495)
• df65449 chore: update README (#493)
• 0317097 ci: use setup-bats in bump-trivy workflow (#494)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.

• chore(deps): bump aquasecurity/trivy-action from 0.34.0 to 0.34.1 (90172fa)
  Bumps aquasecurity/trivy-action from 0.34.0 to 0.34.1.

• Release notes
• Commits

• chore(deps): bump aquasecurity/trivy-action from 0.34.0 to 0.34.1 (#143) (05e0a44), closes #143
  Bumps
  aquasecurity/trivy-action
  from 0.34.0 to 0.34.1.

Release notes

Sourced from aquasecurity/trivy-action's releases.

v0.34.1

What's Changed

• ci(test): add zizmor security linter for GitHub Actions by @​DmitriyLewen in aquasecurity/trivy-action#502

Full Changelog: aquasecurity/trivy-action@0.34.0...0.34.1

Commits

• e368e32 ci(test): add zizmor security linter for GitHub Actions (#502)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.

• chore(deps): bump aquasecurity/trivy-action from 0.34.1 to 0.34.2 (353a74d)
  Bumps aquasecurity/trivy-action from 0.34.1 to 0.34.2.

• Release notes
• Commits

• chore(deps): bump aquasecurity/trivy-action from 0.34.1 to 0.34.2 (#144) (8526146), closes #144
  Bumps
  aquasecurity/trivy-action
  from 0.34.1 to 0.34.2.

Release notes

Sourced from aquasecurity/trivy-action's releases.

v0.34.2

What's Changed

• feat: add YAML support for trivyignores by @​nikpivkin in aquasecurity/trivy-action#508
• chore: bump default Trivy version to v0.69.2 by @​nick-the-nuke in aquasecurity/trivy-action#513
• chore: bump Trivy version to v0.69.2 in test workflow and README by @​DmitriyLewen in aquasecurity/trivy-action#515

New Contributors

• @​nick-the-nuke

v4.5.0

4.5.0 (2025-10-31)

• added npm setup (dd7ddca)
  feat: added npm setup
• added npm setup (#136) (c0a255b)

• Lagt til npm-token i secrets
• Satt opp nytt steg for NPM secrets

Ref. samtaler med @bateau84

v4.4.1

4.4.1 (2025-10-27)

• syntax error in description (31eab42)

v4.4.0

4.4.0 (2025-10-27)

• add secrets parameter to supply build-process with github-secrets (d988ac7)

v4.3.0

4.3.0 (2025-03-10)

• Add support for docker build-arg arguments (9c35f25)

• Add support for docker build-arg arguments. (#113) (99d5ed8)
  Adds support for passing dockre build-arg as argument. Will be used to
  pass version/commit hash as build-arg for the netbox build. See
  https://github.com/docker/build-push-action#:~:text=setup%2Dbuildx%20action)-,build%2Dargs,-List

Example of use:
nrkno/plattform-terraform-netbox-config#810

v4.2.0

4.2.0 (2025-02-13)

• enable exposing of SSH agent (57fbf97)

v4.1.1

4.1.1 (2024-11-26)

• use aws mirror for trivy db (fbe1634)
  Hitting a lot of rate limits all around right now.

v4.1.0

4.1.0 (2024-07-17)

• move registry-url to input (a892ff8)
  registry-url is not secret. move to input

secret registry-url is deprecated. use input registry-url instead

v4.0.1

4.0.1 (2023-09-13)

• Revert "chore(deps): bump docker/login-action from 2.2.0 to 3.0.0" (5ef3413)
  This reverts commit f7f8339.

v4.0.0

4.0.0 (2023-07-04)

• add input cache and cache-tag (53b8112)
  Allows for using the registry as a cache using cache-tag as the image
  tag for layer caching.
  Cache is enabled by default.
• remove superflous docker login step (0f27052)