Bump puppeteer from 22.14.0 to 23.6.0 #2169

Workflow file for this run

	---
	# ------------------------------------------------------------------------------
	# https://github.com/aquasecurity/trivy
	# https://github.com/aquasecurity/trivy-action#inputs
	#
	name: OS Security
	on:
	pull_request:
	paths:
	- Dockerfile
	- Gemfile
	- Gemfile.lock
	- package.json
	- yarn.lock

	permissions:
	packages: write
	pull-requests: write

	env:
	DOCKER_IMAGE: ghcr.io/dfe-digital/early-years-foundation-recovery

	jobs:
	build:
	name: Build and validate Docker image
	runs-on: ubuntu-latest
	steps:
	# Checkout the repository to the GitHub Actions runner
	- name: Checkout Code
	uses: actions/checkout@v4
	with:
	ref: ${{ github.event.pull_request.head.sha }}

	# Create and boot Docker image builder
	- name: Set up Docker Buildx
	uses: docker/setup-buildx-action@v3
	with:
	version: v0.9.1

	# Login to the container registry
	- name: Login to Github Container Registry
	uses: docker/login-action@v3
	with:
	registry: ghcr.io
	username: ${{ github.repository_owner }}
	password: ${{ secrets.GITHUB_TOKEN }}

	# Build and push image
	- name: Build and push Docker image
	uses: docker/build-push-action@v6
	with:
	target: app
	context: .
	push: true
	build-args: \|
	BUILDKIT_INLINE_CACHE=1
	SHA=${{ github.event.pull_request.head.sha }}
	cache-from: \|
	${{ env.DOCKER_IMAGE }}:${{ github.event.pull_request.head.sha }}
	tags: \|
	${{ env.DOCKER_IMAGE }}:${{ github.event.pull_request.head.sha }}

	# Scan image
	-
	name: Run Trivy vulnerability scanner
	uses: aquasecurity/[email protected]
	with:
	image-ref: ${{ env.DOCKER_IMAGE }}:${{ github.event.pull_request.head.sha }}
	format: table
	exit-code: 1
	ignore-unfixed: true
	scanners: vuln
	vuln-type: os,library
	severity: CRITICAL,HIGH

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump puppeteer from 22.14.0 to 23.6.0 #2169

Workflow file

Bump puppeteer from 22.14.0 to 23.6.0 #2169

Jobs

Run details

Workflow file for this run