From a5a70d7f6828f964801c61a4746af74905472cf8 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 5 Jul 2024 13:56:10 +0200 Subject: [PATCH] chore(deps): bump the dependencies group across 1 directory with 7 updates (#7) Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/chart-test.yml | 8 ++++---- .github/workflows/codeql.yml | 6 +++--- .../credential-expiry-app-docker.yml | 6 +++--- .github/workflows/kics.yml | 4 ++-- .github/workflows/lint-pull-request.yml | 2 +- .github/workflows/migrations-docker.yml | 6 +++--- .github/workflows/owasp-zap.yml | 8 ++++---- .github/workflows/processes-worker-docker.yml | 6 +++--- .github/workflows/release.yml | 6 +++--- .github/workflows/release_candidate.yml | 6 +++--- .github/workflows/service-docker.yml | 6 +++--- .github/workflows/trivy-main.yml | 20 +++++++++---------- .github/workflows/trivy.yml | 20 +++++++++---------- 13 files changed, 52 insertions(+), 52 deletions(-) diff --git a/.github/workflows/chart-test.yml b/.github/workflows/chart-test.yml index 5ef60cac..09f8f99b 100644 --- a/.github/workflows/chart-test.yml +++ b/.github/workflows/chart-test.yml @@ -62,7 +62,7 @@ jobs: - name: Build migration image id: build-migration-image - uses: docker/build-push-action@v3 + uses: docker/build-push-action@v6 with: context: . file: ./docker/Dockerfile-credential-issuer-migrations @@ -71,7 +71,7 @@ jobs: - name: Build service image id: build-service-image - uses: docker/build-push-action@v3 + uses: docker/build-push-action@v6 with: context: . file: ./docker/Dockerfile-credential-issuer-service @@ -80,7 +80,7 @@ jobs: - name: Build expiry app id: build-expiry-app-image - uses: docker/build-push-action@v3 + uses: docker/build-push-action@v6 with: context: . file: ./docker/Dockerfile-credential-expiry-app @@ -89,7 +89,7 @@ jobs: - name: Build processes worker id: build-processes-worker-image - uses: docker/build-push-action@v3 + uses: docker/build-push-action@v6 with: context: . file: ./docker/Dockerfile-credential-issuer-processes-worker diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index a9e0de09..36271a3c 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -73,7 +73,7 @@ jobs: # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@23acc5c183826b7a8a97bce3cecc52db901f8251 # v2.227 + uses: github/codeql-action/init@b611370bb5703a7efb587f9d136a52ea24c5c38c # v2.227 with: languages: ${{ matrix.language }} # If you wish to specify custom queries, you can do so here or in a config file. @@ -87,7 +87,7 @@ jobs: # Automates dependency installation for Python, Ruby, and JavaScript, optimizing the CodeQL analysis setup. # If this step fails, then you should remove it and run the build manually (see below) - name: Autobuild - uses: github/codeql-action/autobuild@23acc5c183826b7a8a97bce3cecc52db901f8251 # v2.227 + uses: github/codeql-action/autobuild@b611370bb5703a7efb587f9d136a52ea24c5c38c # v2.227 # ℹī¸ Command-line programs to run using the OS shell. # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun @@ -100,6 +100,6 @@ jobs: # ./location_of_script_within_repo/buildscript.sh - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@23acc5c183826b7a8a97bce3cecc52db901f8251 # v2.227 + uses: github/codeql-action/analyze@b611370bb5703a7efb587f9d136a52ea24c5c38c # v2.227 with: category: "/language:${{matrix.language}}" diff --git a/.github/workflows/credential-expiry-app-docker.yml b/.github/workflows/credential-expiry-app-docker.yml index 21a32f2e..8429029d 100644 --- a/.github/workflows/credential-expiry-app-docker.yml +++ b/.github/workflows/credential-expiry-app-docker.yml @@ -55,10 +55,10 @@ jobs: password: ${{ secrets.DOCKER_HUB_TOKEN }} - name: Set up Docker Buildx - uses: docker/setup-buildx-action@d70bba72b1f3fd22344832f00baa16ece964efeb # v3.3.0 + uses: docker/setup-buildx-action@4fd812986e6c8c2a69e18311145f9371337f27d4 # v3.4.0 - name: Set up QEMU - uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3 # v3.0.0 + uses: docker/setup-qemu-action@5927c834f5b4fdf503fca6f4c7eccda82949e1ee # v3.1.0 - name: Docker meta id: meta @@ -70,7 +70,7 @@ jobs: type=raw,value=${{ github.sha }} - name: Build and push Docker image - uses: docker/build-push-action@4a13e500e55cf31b7a5d59a38ab2040ab0f42f56 # v5.1.0 + uses: docker/build-push-action@1a162644f9a7e87d8f4b053101d1d9a712edc18c # v6.3.0 with: context: . file: ./docker/Dockerfile-credential-expiry-app diff --git a/.github/workflows/kics.yml b/.github/workflows/kics.yml index 327fd628..eee43618 100644 --- a/.github/workflows/kics.yml +++ b/.github/workflows/kics.yml @@ -45,7 +45,7 @@ jobs: - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - name: KICS scan - uses: checkmarx/kics-github-action@aacf8e81cd48e227259c937c215b352e02ad447a # v2.1.0 + uses: checkmarx/kics-github-action@252e73959bd4809a14863cbfbb42d7a90d5a4860 # v2.1.1 with: # Scanning directory . path: "." @@ -69,7 +69,7 @@ jobs: # Upload findings to GitHub Advanced Security Dashboard - name: Upload SARIF file for GitHub Advanced Security Dashboard if: always() - uses: github/codeql-action/upload-sarif@23acc5c183826b7a8a97bce3cecc52db901f8251 # v3.25.10 + uses: github/codeql-action/upload-sarif@b611370bb5703a7efb587f9d136a52ea24c5c38c # v3.25.11 with: sarif_file: kicsResults/results.sarif diff --git a/.github/workflows/lint-pull-request.yml b/.github/workflows/lint-pull-request.yml index 0100ec1c..011dafef 100644 --- a/.github/workflows/lint-pull-request.yml +++ b/.github/workflows/lint-pull-request.yml @@ -31,7 +31,7 @@ jobs: name: Validate PR title runs-on: ubuntu-latest steps: - - uses: amannn/action-semantic-pull-request@cfb60706e18bc85e8aec535e3c577abe8f70378e # v5.5.2 + - uses: amannn/action-semantic-pull-request@0723387faaf9b38adef4775cd42cfd5155ed6017 # v5.5.3 id: lint_pr_title env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} diff --git a/.github/workflows/migrations-docker.yml b/.github/workflows/migrations-docker.yml index f077eb38..03228c92 100644 --- a/.github/workflows/migrations-docker.yml +++ b/.github/workflows/migrations-docker.yml @@ -56,10 +56,10 @@ jobs: password: ${{ secrets.DOCKER_HUB_TOKEN }} - name: Set up Docker Buildx - uses: docker/setup-buildx-action@d70bba72b1f3fd22344832f00baa16ece964efeb # v3.3.0 + uses: docker/setup-buildx-action@4fd812986e6c8c2a69e18311145f9371337f27d4 # v3.4.0 - name: Set up QEMU - uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3 # v3.0.0 + uses: docker/setup-qemu-action@5927c834f5b4fdf503fca6f4c7eccda82949e1ee # v3.1.0 - name: Docker meta id: meta @@ -71,7 +71,7 @@ jobs: type=raw,value=${{ github.sha }} - name: Build and push Docker image - uses: docker/build-push-action@4a13e500e55cf31b7a5d59a38ab2040ab0f42f56 # v5.1.0 + uses: docker/build-push-action@1a162644f9a7e87d8f4b053101d1d9a712edc18c # v6.3.0 with: context: . file: ./docker/Dockerfile-credential-issuer-migrations diff --git a/.github/workflows/owasp-zap.yml b/.github/workflows/owasp-zap.yml index 9c8fb41f..0060f76e 100644 --- a/.github/workflows/owasp-zap.yml +++ b/.github/workflows/owasp-zap.yml @@ -62,7 +62,7 @@ jobs: - name: Build migration image id: build-migration-image - uses: docker/build-push-action@4a13e500e55cf31b7a5d59a38ab2040ab0f42f56 # v5.1.0 + uses: docker/build-push-action@1a162644f9a7e87d8f4b053101d1d9a712edc18c # v6.3.0 with: context: . file: ./docker/Dockerfile-credential-issuer-migrations @@ -71,7 +71,7 @@ jobs: - name: Build service image id: build-service-image - uses: docker/build-push-action@4a13e500e55cf31b7a5d59a38ab2040ab0f42f56 # v5.1.0 + uses: docker/build-push-action@1a162644f9a7e87d8f4b053101d1d9a712edc18c # v6.3.0 with: context: . file: ./docker/Dockerfile-credential-issuer-service @@ -80,7 +80,7 @@ jobs: - name: Build Worker image id: build-worker-image - uses: docker/build-push-action@4a13e500e55cf31b7a5d59a38ab2040ab0f42f56 # v5.1.0 + uses: docker/build-push-action@1a162644f9a7e87d8f4b053101d1d9a712edc18c # v6.3.0 with: context: . file: ./docker/Dockerfile-credential-issuer-processes-worker @@ -89,7 +89,7 @@ jobs: - name: Build Expiry image id: build-expiry-image - uses: docker/build-push-action@4a13e500e55cf31b7a5d59a38ab2040ab0f42f56 # v5.1.0 + uses: docker/build-push-action@1a162644f9a7e87d8f4b053101d1d9a712edc18c # v6.3.0 with: context: . file: ./docker/Dockerfile-credential-expiry-app diff --git a/.github/workflows/processes-worker-docker.yml b/.github/workflows/processes-worker-docker.yml index ca438417..0b9ddc3d 100644 --- a/.github/workflows/processes-worker-docker.yml +++ b/.github/workflows/processes-worker-docker.yml @@ -55,10 +55,10 @@ jobs: password: ${{ secrets.DOCKER_HUB_TOKEN }} - name: Set up Docker Buildx - uses: docker/setup-buildx-action@d70bba72b1f3fd22344832f00baa16ece964efeb # v3.3.0 + uses: docker/setup-buildx-action@4fd812986e6c8c2a69e18311145f9371337f27d4 # v3.4.0 - name: Set up QEMU - uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3 # v3.0.0 + uses: docker/setup-qemu-action@5927c834f5b4fdf503fca6f4c7eccda82949e1ee # v3.1.0 - name: Docker meta id: meta @@ -70,7 +70,7 @@ jobs: type=raw,value=${{ github.sha }} - name: Build and push Docker image - uses: docker/build-push-action@4a13e500e55cf31b7a5d59a38ab2040ab0f42f56 # v5.1.0 + uses: docker/build-push-action@1a162644f9a7e87d8f4b053101d1d9a712edc18c # v6.3.0 with: context: . file: ./docker/Dockerfile-credential-issuer-processes-worker diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 885635cf..36c10111 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -119,10 +119,10 @@ jobs: password: ${{ secrets.DOCKER_HUB_TOKEN }} - name: Set up Docker Buildx - uses: docker/setup-buildx-action@d70bba72b1f3fd22344832f00baa16ece964efeb # v3.3.0 + uses: docker/setup-buildx-action@4fd812986e6c8c2a69e18311145f9371337f27d4 # v3.4.0 - name: Set up QEMU - uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3 # v3.0.0 + uses: docker/setup-qemu-action@5927c834f5b4fdf503fca6f4c7eccda82949e1ee # v3.1.0 # Create SemVer or ref tags dependent of trigger event - name: Docker meta @@ -141,7 +141,7 @@ jobs: type=semver,pattern={{major}}.{{minor}},value=${{ needs.release-helm-chart.outputs.app-version }} - name: Build and push Docker images - uses: docker/build-push-action@2cdde995de11925a030ce8070c3d77a52ffcf1c0 # v5.3.0 + uses: docker/build-push-action@1a162644f9a7e87d8f4b053101d1d9a712edc18c # v6.3.0 with: context: . file: ${{ matrix.dockerfile }} diff --git a/.github/workflows/release_candidate.yml b/.github/workflows/release_candidate.yml index d43e7fd7..9ae48124 100644 --- a/.github/workflows/release_candidate.yml +++ b/.github/workflows/release_candidate.yml @@ -59,10 +59,10 @@ jobs: password: ${{ secrets.DOCKER_HUB_TOKEN }} - name: Set up Docker Buildx - uses: docker/setup-buildx-action@d70bba72b1f3fd22344832f00baa16ece964efeb # v3.3.0 + uses: docker/setup-buildx-action@4fd812986e6c8c2a69e18311145f9371337f27d4 # v3.4.0 - name: Set up QEMU - uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3 # v3.0.0 + uses: docker/setup-qemu-action@5927c834f5b4fdf503fca6f4c7eccda82949e1ee # v3.1.0 - name: Docker meta id: meta @@ -74,7 +74,7 @@ jobs: type=raw,value=${{ github.sha }} - name: Build and push Docker images - uses: docker/build-push-action@2cdde995de11925a030ce8070c3d77a52ffcf1c0 # v5.3.0 + uses: docker/build-push-action@1a162644f9a7e87d8f4b053101d1d9a712edc18c # v6.3.0 with: context: . file: ${{ matrix.dockerfile }} diff --git a/.github/workflows/service-docker.yml b/.github/workflows/service-docker.yml index 596b547f..37c85c35 100644 --- a/.github/workflows/service-docker.yml +++ b/.github/workflows/service-docker.yml @@ -55,10 +55,10 @@ jobs: password: ${{ secrets.DOCKER_HUB_TOKEN }} - name: Set up Docker Buildx - uses: docker/setup-buildx-action@d70bba72b1f3fd22344832f00baa16ece964efeb # v3.3.0 + uses: docker/setup-buildx-action@4fd812986e6c8c2a69e18311145f9371337f27d4 # v3.4.0 - name: Set up QEMU - uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3 # v3.0.0 + uses: docker/setup-qemu-action@5927c834f5b4fdf503fca6f4c7eccda82949e1ee # v3.1.0 - name: Docker meta id: meta @@ -70,7 +70,7 @@ jobs: type=raw,value=${{ github.sha }} - name: Build and push Docker image - uses: docker/build-push-action@4a13e500e55cf31b7a5d59a38ab2040ab0f42f56 # v5.1.0 + uses: docker/build-push-action@1a162644f9a7e87d8f4b053101d1d9a712edc18c # v6.3.0 with: context: . file: ./docker/Dockerfile-credential-issuer-service diff --git a/.github/workflows/trivy-main.yml b/.github/workflows/trivy-main.yml index 350092c3..addc9c5f 100644 --- a/.github/workflows/trivy-main.yml +++ b/.github/workflows/trivy-main.yml @@ -53,7 +53,7 @@ jobs: uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - name: Run Trivy vulnerability scanner in repo mode - uses: aquasecurity/trivy-action@595be6a0f6560a0a8fc419ddf630567fc623531d # v0.22.0 + uses: aquasecurity/trivy-action@7c2007bcb556501da015201bcba5aa14069b74e2 # v0.23.0 with: scan-type: "config" hide-progress: false @@ -63,7 +63,7 @@ jobs: timeout: "3600s" - name: Upload Trivy scan results to GitHub Security tab - uses: github/codeql-action/upload-sarif@23acc5c183826b7a8a97bce3cecc52db901f8251 # v3.25.10 + uses: github/codeql-action/upload-sarif@b611370bb5703a7efb587f9d136a52ea24c5c38c # v3.25.11 if: always() with: sarif_file: "trivy-results1.sarif" @@ -86,7 +86,7 @@ jobs: # For public images, no ENV vars must be set. - name: Run Trivy vulnerability scanner if: always() - uses: aquasecurity/trivy-action@595be6a0f6560a0a8fc419ddf630567fc623531d # v0.22.0 + uses: aquasecurity/trivy-action@7c2007bcb556501da015201bcba5aa14069b74e2 # v0.23.0 with: # Path to Docker image image-ref: "${{ env.IMAGE_NAMESPACE }}/ssi-credential-issuer-service:main" @@ -96,7 +96,7 @@ jobs: - name: Upload Trivy scan results to GitHub Security tab if: always() - uses: github/codeql-action/upload-sarif@23acc5c183826b7a8a97bce3cecc52db901f8251 # v3.25.10 + uses: github/codeql-action/upload-sarif@b611370bb5703a7efb587f9d136a52ea24c5c38c # v3.25.11 with: sarif_file: "trivy-results2.sarif" @@ -118,7 +118,7 @@ jobs: # For public images, no ENV vars must be set. - name: Run Trivy vulnerability scanner if: always() - uses: aquasecurity/trivy-action@595be6a0f6560a0a8fc419ddf630567fc623531d # v0.22.0 + uses: aquasecurity/trivy-action@7c2007bcb556501da015201bcba5aa14069b74e2 # v0.23.0 with: # Path to Docker image image-ref: "${{ env.IMAGE_NAMESPACE }}/ssi-credential-issuer-migrations:main" @@ -129,7 +129,7 @@ jobs: - name: Upload Trivy scan results to GitHub Security tab if: always() - uses: github/codeql-action/upload-sarif@23acc5c183826b7a8a97bce3cecc52db901f8251 # v3.25.10 + uses: github/codeql-action/upload-sarif@b611370bb5703a7efb587f9d136a52ea24c5c38c # v3.25.11 with: sarif_file: "trivy-results3.sarif" @@ -151,7 +151,7 @@ jobs: # For public images, no ENV vars must be set. - name: Run Trivy vulnerability scanner if: always() - uses: aquasecurity/trivy-action@595be6a0f6560a0a8fc419ddf630567fc623531d # v0.22.0 + uses: aquasecurity/trivy-action@7c2007bcb556501da015201bcba5aa14069b74e2 # v0.23.0 with: # Path to Docker image image-ref: "${{ env.IMAGE_NAMESPACE }}/ssi-credential-expiry-app:main" @@ -162,7 +162,7 @@ jobs: - name: Upload Trivy scan results to GitHub Security tab if: always() - uses: github/codeql-action/upload-sarif@23acc5c183826b7a8a97bce3cecc52db901f8251 # v3.25.10 + uses: github/codeql-action/upload-sarif@b611370bb5703a7efb587f9d136a52ea24c5c38c # v3.25.11 with: sarif_file: "trivy-results4.sarif" @@ -184,7 +184,7 @@ jobs: # For public images, no ENV vars must be set. - name: Run Trivy vulnerability scanner if: always() - uses: aquasecurity/trivy-action@595be6a0f6560a0a8fc419ddf630567fc623531d # v0.22.0 + uses: aquasecurity/trivy-action@7c2007bcb556501da015201bcba5aa14069b74e2 # v0.23.0 with: # Path to Docker image image-ref: "${{ env.IMAGE_NAMESPACE }}/ssi-credential-issuer-processes-worker:main" @@ -195,6 +195,6 @@ jobs: - name: Upload Trivy scan results to GitHub Security tab if: always() - uses: github/codeql-action/upload-sarif@23acc5c183826b7a8a97bce3cecc52db901f8251 # v3.25.10 + uses: github/codeql-action/upload-sarif@b611370bb5703a7efb587f9d136a52ea24c5c38c # v3.25.11 with: sarif_file: "trivy-results5.sarif" diff --git a/.github/workflows/trivy.yml b/.github/workflows/trivy.yml index 543e2a3a..250e3ee6 100644 --- a/.github/workflows/trivy.yml +++ b/.github/workflows/trivy.yml @@ -53,7 +53,7 @@ jobs: uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1 - name: Run Trivy vulnerability scanner in repo mode - uses: aquasecurity/trivy-action@595be6a0f6560a0a8fc419ddf630567fc623531d # v0.22.0 + uses: aquasecurity/trivy-action@7c2007bcb556501da015201bcba5aa14069b74e2 # v0.23.0 with: scan-type: "config" hide-progress: false @@ -64,7 +64,7 @@ jobs: timeout: "3600s" - name: Upload Trivy scan results to GitHub Security tab - uses: github/codeql-action/upload-sarif@23acc5c183826b7a8a97bce3cecc52db901f8251 # v3.25.10 + uses: github/codeql-action/upload-sarif@b611370bb5703a7efb587f9d136a52ea24c5c38c # v3.25.11 if: always() with: sarif_file: "trivy-results1.sarif" @@ -87,7 +87,7 @@ jobs: # For public images, no ENV vars must be set. - name: Run Trivy vulnerability scanner if: always() - uses: aquasecurity/trivy-action@595be6a0f6560a0a8fc419ddf630567fc623531d # v0.22.0 + uses: aquasecurity/trivy-action@7c2007bcb556501da015201bcba5aa14069b74e2 # v0.23.0 with: # Path to Docker image image-ref: "${{ env.IMAGE_NAMESPACE }}/ssi-credential-issuer-service:latest" @@ -97,7 +97,7 @@ jobs: - name: Upload Trivy scan results to GitHub Security tab if: always() - uses: github/codeql-action/upload-sarif@23acc5c183826b7a8a97bce3cecc52db901f8251 # v3.25.10 + uses: github/codeql-action/upload-sarif@b611370bb5703a7efb587f9d136a52ea24c5c38c # v3.25.11 with: sarif_file: "trivy-results2.sarif" @@ -119,7 +119,7 @@ jobs: # For public images, no ENV vars must be set. - name: Run Trivy vulnerability scanner if: always() - uses: aquasecurity/trivy-action@595be6a0f6560a0a8fc419ddf630567fc623531d # v0.22.0 + uses: aquasecurity/trivy-action@7c2007bcb556501da015201bcba5aa14069b74e2 # v0.23.0 with: # Path to Docker image image-ref: "${{ env.IMAGE_NAMESPACE }}/ssi-credential-issuer-migrations:latest" @@ -129,7 +129,7 @@ jobs: - name: Upload Trivy scan results to GitHub Security tab if: always() - uses: github/codeql-action/upload-sarif@23acc5c183826b7a8a97bce3cecc52db901f8251 # v3.25.10 + uses: github/codeql-action/upload-sarif@b611370bb5703a7efb587f9d136a52ea24c5c38c # v3.25.11 with: sarif_file: "trivy-results3.sarif" @@ -151,7 +151,7 @@ jobs: # For public images, no ENV vars must be set. - name: Run Trivy vulnerability scanner if: always() - uses: aquasecurity/trivy-action@595be6a0f6560a0a8fc419ddf630567fc623531d # v0.22.0 + uses: aquasecurity/trivy-action@7c2007bcb556501da015201bcba5aa14069b74e2 # v0.23.0 with: # Path to Docker image image-ref: "${{ env.IMAGE_NAMESPACE }}/ssi-credential-expiry-app:latest" @@ -161,7 +161,7 @@ jobs: - name: Upload Trivy scan results to GitHub Security tab if: always() - uses: github/codeql-action/upload-sarif@23acc5c183826b7a8a97bce3cecc52db901f8251 # v3.25.10 + uses: github/codeql-action/upload-sarif@b611370bb5703a7efb587f9d136a52ea24c5c38c # v3.25.11 with: sarif_file: "trivy-results4.sarif" @@ -183,7 +183,7 @@ jobs: # For public images, no ENV vars must be set. - name: Run Trivy vulnerability scanner if: always() - uses: aquasecurity/trivy-action@595be6a0f6560a0a8fc419ddf630567fc623531d # v0.22.0 + uses: aquasecurity/trivy-action@7c2007bcb556501da015201bcba5aa14069b74e2 # v0.23.0 with: # Path to Docker image image-ref: "${{ env.IMAGE_NAMESPACE }}/ssi-credential-issuer-processes-worker:latest" @@ -193,6 +193,6 @@ jobs: - name: Upload Trivy scan results to GitHub Security tab if: always() - uses: github/codeql-action/upload-sarif@23acc5c183826b7a8a97bce3cecc52db901f8251 # v3.25.10 + uses: github/codeql-action/upload-sarif@b611370bb5703a7efb587f9d136a52ea24c5c38c # v3.25.11 with: sarif_file: "trivy-results5.sarif"