chore(deps): Bump aquasecurity/trivy-action from 0.33.1 to 0.34.0#3
chore(deps): Bump aquasecurity/trivy-action from 0.33.1 to 0.34.0#3dependabot[bot] wants to merge 3 commits intomainfrom
Conversation
Bumps [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) from 0.33.1 to 0.34.0. - [Release notes](https://github.com/aquasecurity/trivy-action/releases) - [Commits](aquasecurity/trivy-action@0.33.1...0.34.0) --- updated-dependencies: - dependency-name: aquasecurity/trivy-action dependency-version: 0.34.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot
bot
added
dependencies
![github-advanced-security[bot]](https://avatars.githubusercontent.com/in/57789?s=60&v=4){kind=small}
| - name: Trivy scan (php image) | ||
| if: github.event_name != 'pull_request' | ||
| uses: aquasecurity/trivy-action@0.33.1 | ||
| uses: aquasecurity/trivy-action@0.34.0 |
Check warning
Code scanning / CodeQL
Unpinned tag for a non-immutable Action in workflow Medium
| - name: Trivy scan (nginx image) | ||
| if: github.event_name != 'pull_request' | ||
| uses: aquasecurity/trivy-action@0.33.1 | ||
| uses: aquasecurity/trivy-action@0.34.0 |
Check warning
Code scanning / CodeQL
Unpinned tag for a non-immutable Action in workflow Medium
|
OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting If you change your mind, just re-open this PR and I'll resolve any conflicts on it. |
dependabot
bot
deleted the
dependabot/github_actions/aquasecurity/trivy-action-0.34.0
branch
1 participant
Bumps aquasecurity/trivy-action from 0.33.1 to 0.34.0.
Release notes
Sourced from aquasecurity/trivy-action's releases.
Commits
c1824fdchore(deps): Update trivy to v0.69.1 (#506)bc61dc5Merge commit from fork5eb7ef2ci: use checks bundle v2 in sync workflow (#505)22438a4Merge pull request #496 from aquasecurity/bump-trivy-17654310740024b3fchore(deps): Update trivy to v0.68.183690f7ci: install trivy in bump-trivy workflow and update tests (#495)df65449chore: update README (#493)0317097ci: use setup-bats in bump-trivy workflow (#494)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)