Skip to content

Commit

Permalink
github-actions(deps): bump anchore/scan-action
Browse files Browse the repository at this point in the history
Bumps [anchore/scan-action](https://github.com/anchore/scan-action) from 4.1.1 to 4.1.2.
- [Release notes](https://github.com/anchore/scan-action/releases)
- [Changelog](https://github.com/anchore/scan-action/blob/main/CHANGELOG.md)
- [Commits](anchore/scan-action@v4.1.1...v4.1.2)

---
updated-dependencies:
- dependency-name: anchore/scan-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
  • Loading branch information
dependabot[bot] authored Aug 21, 2024
1 parent a213265 commit 2186da6
Showing 1 changed file with 4 additions and 4 deletions.
8 changes: 4 additions & 4 deletions security-actions/scan-docker-image/action.yml
Original file line number Diff line number Diff line change
Expand Up @@ -123,7 +123,7 @@ runs:
fail: true

- name: Download Grype
uses: anchore/scan-action/[email protected].1
uses: anchore/scan-action/[email protected].2

# Check for any existing cache to reuse / update
- name: Cache Grype DB
Expand Down Expand Up @@ -196,7 +196,7 @@ runs:
# Grype is invoked first time ever
# Don't fail during report generation
- name: Vulnerability analysis of SBOM
uses: anchore/[email protected].1
uses: anchore/[email protected].2
id: grype_analysis_sarif
if: ${{ steps.sbom_report.outputs.files_exists == 'true' && steps.grype_db_check_updates.outputs.GRYPE_DB_UPDATE_STATUS == 0 }}
with:
Expand All @@ -211,7 +211,7 @@ runs:
# Don't fail during report generation
# JSON format will report any ignored rules
- name: Vulnerability analysis of SBOM
uses: anchore/[email protected].1
uses: anchore/[email protected].2
id: grype_analysis_json
if: ${{ steps.sbom_report.outputs.files_exists == 'true' && steps.grype_db_check_updates.outputs.GRYPE_DB_UPDATE_STATUS == 0 }}
with:
Expand Down Expand Up @@ -263,7 +263,7 @@ runs:
# Notify grype quick scan results in table format
# Table format will supress any specified ignore rules
- name: Inspect Vulnerability analysis of SBOM
uses: anchore/[email protected].1
uses: anchore/[email protected].2
if: ${{ steps.sbom_report.outputs.files_exists == 'true' && steps.grype_db_check_updates.outputs.GRYPE_DB_UPDATE_STATUS == 0 }}
with:
sbom: ${{ steps.meta.outputs.sbom_spdx_file }}
Expand Down

0 comments on commit 2186da6

Please sign in to comment.