Bump aquasecurity/trivy-action from 0.24.0 to 0.28.0 #8214
Conversation
![dependabot[bot]](https://avatars.githubusercontent.com/in/29110?s=60&v=4){kind=small}
dependabot
bot
added
dependencies
dependabot
bot
requested review from
a team,
DanielSass,
emyl3 and
mpbrown
and removed request for
a team
|
@dependabot rebase |
|
Looks like this PR has been edited by someone other than Dependabot. That means Dependabot can't rebase it - sorry! If you're happy for Dependabot to recreate it from scratch, overwriting any edits, you can request |
Bumps [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) from 0.24.0 to 0.28.0. - [Release notes](https://github.com/aquasecurity/trivy-action/releases) - [Commits](aquasecurity/trivy-action@0.24.0...0.28.0) --- updated-dependencies: - dependency-name: aquasecurity/trivy-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>
emyl3
force-pushed
the
dependabot/github_actions/aquasecurity/trivy-action-0.28.0
branch
from
f674728
to
1e5e662
Compare
| @@ -12,7 +12,7 @@ resource "azurerm_storage_account" "frontend" { | |||
| name = "simplereport${var.env}frontend" | |||
| resource_group_name = var.rg_name | |||
| enable_https_traffic_only = true | |||
| min_tls_version = TLS1_2 | |||
| min_tls_version = "TLS1_2" | |||
There was a problem hiding this comment.
|
@mpbrown @DanielSass @shanice-skylight (added shanice since I made a change to one of the terraform files) |
|
There was a problem hiding this comment.
Thanks for fixing this @emyl3. I reviewed the terraform plans for Prod and Staging and it LGTM.
emyl3
deleted the
dependabot/github_actions/aquasecurity/trivy-action-0.28.0
branch
Bumps aquasecurity/trivy-action from 0.24.0 to 0.28.0.
Release notes
Sourced from aquasecurity/trivy-action's releases.
Commits
915b19bchore(deps): bump setup-trivy to v0.2.1 (#411)5681af8fix: set envs only when passed (#405)8078967chore: update description for scanners and format inputs (#407)0fa0cdbci: usesetup-trivyto install Trivy (#406)a20de54feat: store artifacts in cache by default (#399)1b8b83ddocs: add usage info aboutaction/cachefor trivy databases (#397)f781ccefeat(trivy): Bump to support v0.56.1 (#387)54f21d8ci: sync trivy-checks version 1 (#398)89b14e5Upgrade GitHub actions (#374)97646fechore: use checks bundle snapshot from trivy-action (#388)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)