From d92cc0855c561c13ae7b2488fc14a409f5ac019a Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 4 Dec 2023 23:44:33 +0000 Subject: [PATCH] chore(deps): bump aquasecurity/trivy-action from 0.12.0 to 0.15.0 Bumps [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) from 0.12.0 to 0.15.0. - [Release notes](https://github.com/aquasecurity/trivy-action/releases) - [Commits](https://github.com/aquasecurity/trivy-action/compare/fbd16365eb88e12433951383f5e99bd901fc618f...22d2755f774d925b191a185b74e782a4b0638a41) --- updated-dependencies: - dependency-name: aquasecurity/trivy-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- .github/workflows/docker-build.yml | 2 +- .github/workflows/docker-publish.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/docker-build.yml b/.github/workflows/docker-build.yml index b40280e..498e28f 100644 --- a/.github/workflows/docker-build.yml +++ b/.github/workflows/docker-build.yml @@ -21,7 +21,7 @@ jobs: - name: ko build run: VERSION=${{ github.ref_name }} REPOSITORY=${GITHUB_REPOSITORY} make ko-build-all - name: Trivy Scan Image - uses: aquasecurity/trivy-action@fbd16365eb88e12433951383f5e99bd901fc618f # v0.12.0 + uses: aquasecurity/trivy-action@22d2755f774d925b191a185b74e782a4b0638a41 # v0.15.0 with: scan-type: 'fs' ignore-unfixed: true diff --git a/.github/workflows/docker-publish.yml b/.github/workflows/docker-publish.yml index 78feeb0..c27f32d 100644 --- a/.github/workflows/docker-publish.yml +++ b/.github/workflows/docker-publish.yml @@ -26,7 +26,7 @@ jobs: echo "Extracted version: $VERSION" echo "version=$VERSION" >> $GITHUB_OUTPUT - name: Run Trivy vulnerability (Repo) - uses: aquasecurity/trivy-action@fbd16365eb88e12433951383f5e99bd901fc618f # v0.12.0 + uses: aquasecurity/trivy-action@22d2755f774d925b191a185b74e782a4b0638a41 # v0.15.0 with: scan-type: 'fs' ignore-unfixed: true