From 50ca72a2da5bff41c6da75805dcfa41d15823060 Mon Sep 17 00:00:00 2001
From: andyzhangx <xiazhang@microsoft.com>
Date: Sat, 10 Jan 2026 09:30:14 +0000
Subject: [PATCH] chore: upgrade azcopy to v10.31.1 to fix CVEs

chore: remove .trivyignore

fix
---
 .trivyignore                   | 14 --------------
 pkg/azurefileplugin/Dockerfile |  2 +-
 test/sanity/run-test.sh        |  2 +-
 3 files changed, 2 insertions(+), 16 deletions(-)

diff --git a/.trivyignore b/.trivyignore
index 1f35dc8948..07f017324e 100644
--- a/.trivyignore
+++ b/.trivyignore
@@ -1,15 +1 @@
 CVE-2024-3744
-CVE-2025-47912
-CVE-2025-58183
-CVE-2025-58185
-CVE-2025-58186
-CVE-2025-58187
-CVE-2025-58188
-CVE-2025-58189
-CVE-2025-61723
-CVE-2025-61724
-CVE-2025-61725
-CVE-2025-47914
-CVE-2025-58181
-CVE-2025-61727
-CVE-2025-61729
diff --git a/pkg/azurefileplugin/Dockerfile b/pkg/azurefileplugin/Dockerfile
index a043a7927a..f6c6ca97c9 100644
--- a/pkg/azurefileplugin/Dockerfile
+++ b/pkg/azurefileplugin/Dockerfile
@@ -23,7 +23,7 @@ ARG ARCH
 RUN apt update \
     && apt install -y curl \
     && curl -Lso /tmp/packages-microsoft-prod-22.04.deb https://packages.microsoft.com/config/ubuntu/22.04/packages-microsoft-prod.deb \
-    && curl -Ls https://github.com/Azure/azure-storage-azcopy/releases/download/v10.31.0/azcopy_linux_${ARCH}_10.31.0.tar.gz \
+    && curl -Ls https://github.com/Azure/azure-storage-azcopy/releases/download/v10.31.1/azcopy_linux_${ARCH}_10.31.1.tar.gz \
         | tar xvzf - --strip-components=1 -C /usr/local/bin/ --wildcards "*/azcopy"
 
 FROM base
diff --git a/test/sanity/run-test.sh b/test/sanity/run-test.sh
index d12d9a6c71..5c3416ac13 100755
--- a/test/sanity/run-test.sh
+++ b/test/sanity/run-test.sh
@@ -40,7 +40,7 @@ azcopyPath="/usr/local/bin/azcopy"
 if [ ! -f "$azcopyPath" ]; then
   azcopyTarFile="azcopy.tar.gz"
   echo 'Downloading azcopy...'
-  wget -O $azcopyTarFile https://github.com/Azure/azure-storage-azcopy/releases/download/v10.31.0/azcopy_linux_amd64_10.31.0.tar.gz
+  wget -O $azcopyTarFile https://github.com/Azure/azure-storage-azcopy/releases/download/v10.31.1/azcopy_linux_amd64_10.31.1.tar.gz
   tar -zxvf $azcopyTarFile
   mv ./azcopy*/azcopy /usr/local/bin/azcopy
   rm -rf ./$azcopyTarFile