From ab174cd9007929cf286f556ef4f6d551ce79ac61 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 22 May 2024 10:05:07 +0100 Subject: [PATCH 01/14] --- (#53) updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index c87ca51..aa31b80 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -18,7 +18,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout Repository - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4 + uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 - name: Get Alpine version id: alpine From 78b78f526f22c3fbd4339cf8a23a9b561e485c5b Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 22 May 2024 10:06:49 +0100 Subject: [PATCH 02/14] --- (#54) updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index aa31b80..5b2806d 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -83,7 +83,7 @@ jobs: add-cpes-if-none: true - name: Upload Anchore scan SARIF report - uses: github/codeql-action/upload-sarif@cdcdbb579706841c47f7063dda365e292e5cad7a # v2.13.4 + uses: github/codeql-action/upload-sarif@9fdb3e49720b44c48891d036bb502feb25684276 # v3.25.6 with: sarif_file: ${{ steps.scan.outputs.sarif }} From 4eb86cdaaecc39338f3a180a5828eaab1a024a90 Mon Sep 17 00:00:00 2001 From: Paul Abel <128620221+pdabelf5@users.noreply.github.com> Date: Mon, 10 Jun 2024 13:34:03 +0100 Subject: [PATCH 03/14] build multiple alpine images (#59) --- .github/workflows/ci.yml | 21 +++++++++++++-------- Dockerfile | 10 +++++++--- 2 files changed, 20 insertions(+), 11 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 5b2806d..08da9e5 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -16,14 +16,15 @@ env: jobs: build: runs-on: ubuntu-latest + strategy: + matrix: + image: ["3.17", "3.19", "3.20"] + openssl_version: ["3.0.9"] + fail-fast: false steps: - name: Checkout Repository uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 - - name: Get Alpine version - id: alpine - run: echo "version=$(grep -m1 'FROM alpine' > $GITHUB_OUTPUT - - name: Docker Buildx uses: docker/setup-buildx-action@d70bba72b1f3fd22344832f00baa16ece964efeb # v3.3.0 @@ -49,10 +50,10 @@ jobs: name=ghcr.io/nginxinc/alpine-fips tags: | type=edge - type=ref,event=pr + type=ref,event=pr,suffix=-alpine${{ matrix.image }} type=semver,pattern={{version}} type=semver,pattern={{major}}.{{minor}} - type=semver,pattern={{version}},suffix=-alpine${{ steps.alpine.outputs.version }} + type=semver,pattern={{version}},suffix=-alpine${{ matrix.image }} env: DOCKER_METADATA_ANNOTATIONS_LEVELS: manifest,index @@ -62,16 +63,20 @@ jobs: with: file: Dockerfile context: "." - cache-from: type=gha,scope=alpine - cache-to: type=gha,scope=alpine,mode=max + cache-from: type=gha,scope=alpine${{ matrix.image }} + cache-to: type=gha,scope=alpine${{ matrix.image }},mode=max tags: ${{ steps.meta.outputs.tags }} load: ${{ github.event_name == 'pull_request' }} push: ${{ github.event_name != 'pull_request' }} platforms: ${{ github.event_name != 'pull_request' && env.platforms || '' }} annotations: ${{ github.event_name != 'pull_request' && steps.meta.outputs.annotations || '' }} + target: alpine pull: true sbom: ${{ github.event_name != 'pull_request' }} provenance: ${{ github.event_name != 'pull_request' }} + build-args: | + BUILD_OS=alpine:${{ matrix.image }} + OPENSSL_VERSION=${{ matrix.openssl_version }} - name: Run Grype vulnerability scanner uses: anchore/scan-action@3343887d815d7b07465f6fdcd395bd66508d486a # v3.6.4 diff --git a/Dockerfile b/Dockerfile index a319296..ed7e063 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,7 +1,10 @@ -FROM alpine:3.19 - +# syntax=docker/dockerfile:1.6 +ARG BUILD_OS=alpine:3.19 ARG OPENSSL_VERSION=3.0.9 +FROM ${BUILD_OS} as alpine +ARG OPENSSL_VERSION + RUN apk add --no-cache --virtual .build-deps \ make gcc libgcc musl-dev linux-headers perl vim \ && wget https://www.openssl.org/source/openssl-${OPENSSL_VERSION}.tar.gz \ @@ -11,6 +14,7 @@ RUN apk add --no-cache --virtual .build-deps \ && make \ && make install_fips \ && apk del .build-deps \ - && cd .. && rm -rf openssl-${OPENSSL_VERSION}.tar.gz openssl-${OPENSSL_VERSION} + && cd .. && rm -rf openssl-${OPENSSL_VERSION}.tar.gz openssl-${OPENSSL_VERSION} \ + && apk upgrade --no-cache -U COPY openssl.cnf /etc/ssl/openssl.cnf From 951c62852d4ef15562a593978a5852d4933d1b92 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 10 Jun 2024 12:43:57 +0000 Subject: [PATCH 04/14] Bump docker/login-action from 3.1.0 to 3.2.0 (#58) Bumps [docker/login-action](https://github.com/docker/login-action) from 3.1.0 to 3.2.0. - [Release notes](https://github.com/docker/login-action/releases) - [Commits](https://github.com/docker/login-action/compare/e92390c5fb421da1463c202d546fed0ec5c39f20...0d4c9c5ea7693da7b068278f7b52bda2a190a446) --- updated-dependencies: - dependency-name: docker/login-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 08da9e5..e8ea1f7 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -35,7 +35,7 @@ jobs: if: github.event_name != 'pull_request' - name: Login to GitHub Container Registry - uses: docker/login-action@e92390c5fb421da1463c202d546fed0ec5c39f20 # v3.1.0 + uses: docker/login-action@0d4c9c5ea7693da7b068278f7b52bda2a190a446 # v3.2.0 with: registry: ghcr.io username: ${{ github.repository_owner }} From 51ad61575dec142749a749fd1c262df1150b98d6 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 10 Jun 2024 12:45:35 +0000 Subject: [PATCH 05/14] Bump github/codeql-action from 3.25.6 to 3.25.8 (#60) Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.25.6 to 3.25.8. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/9fdb3e49720b44c48891d036bb502feb25684276...2e230e8fe0ad3a14a340ad0815ddb96d599d2aff) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index e8ea1f7..9c3b579 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -88,7 +88,7 @@ jobs: add-cpes-if-none: true - name: Upload Anchore scan SARIF report - uses: github/codeql-action/upload-sarif@9fdb3e49720b44c48891d036bb502feb25684276 # v3.25.6 + uses: github/codeql-action/upload-sarif@2e230e8fe0ad3a14a340ad0815ddb96d599d2aff # v3.25.8 with: sarif_file: ${{ steps.scan.outputs.sarif }} From c9fabdc59a42ab6245488d06676a20514e7f2bbd Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 10 Jun 2024 12:47:05 +0000 Subject: [PATCH 06/14] Bump lucacome/draft-release from 1.0.4 to 1.1.0 (#56) Bumps [lucacome/draft-release](https://github.com/lucacome/draft-release) from 1.0.4 to 1.1.0. - [Release notes](https://github.com/lucacome/draft-release/releases) - [Commits](https://github.com/lucacome/draft-release/compare/e076259ceb036bc5f2c2a76559784c12cf8d2e74...8a63d32c79a171ae6048e614a8988f0ac3ed56d4) --- updated-dependencies: - dependency-name: lucacome/draft-release dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 9c3b579..f73ef07 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -93,7 +93,7 @@ jobs: sarif_file: ${{ steps.scan.outputs.sarif }} - name: Create/Update Draft - uses: lucacome/draft-release@e076259ceb036bc5f2c2a76559784c12cf8d2e74 # v1.0.4 + uses: lucacome/draft-release@8a63d32c79a171ae6048e614a8988f0ac3ed56d4 # v1.1.0 with: minor-label: "enhancement" major-label: "change" From 1d6ee0cb3869384f6ac3574da7e65cdf790e7952 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 11 Jun 2024 14:54:15 +0100 Subject: [PATCH 07/14] Bump docker/build-push-action from 5.3.0 to 5.4.0 (#61) Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 5.3.0 to 5.4.0. - [Release notes](https://github.com/docker/build-push-action/releases) - [Commits](https://github.com/docker/build-push-action/compare/2cdde995de11925a030ce8070c3d77a52ffcf1c0...ca052bb54ab0790a636c9b5f226502c73d547a25) --- updated-dependencies: - dependency-name: docker/build-push-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index f73ef07..2029ae3 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -58,7 +58,7 @@ jobs: DOCKER_METADATA_ANNOTATIONS_LEVELS: manifest,index - name: Build Docker image - uses: docker/build-push-action@2cdde995de11925a030ce8070c3d77a52ffcf1c0 # v5.3.0 + uses: docker/build-push-action@ca052bb54ab0790a636c9b5f226502c73d547a25 # v5.4.0 id: build-push with: file: Dockerfile From 1b604d384e6c1768a13c3699c515ee89907849ee Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 18 Jun 2024 06:51:13 -0700 Subject: [PATCH 08/14] Bump actions/checkout from 4.1.6 to 4.1.7 (#64) Bumps [actions/checkout](https://github.com/actions/checkout) from 4.1.6 to 4.1.7. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/a5ac7e51b41094c92402da3b24376905380afc29...692973e3d937129bcbf40652eb9f2f61becf3332) --- updated-dependencies: - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 2029ae3..22ca4c9 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -23,7 +23,7 @@ jobs: fail-fast: false steps: - name: Checkout Repository - uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6 + uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: Docker Buildx uses: docker/setup-buildx-action@d70bba72b1f3fd22344832f00baa16ece964efeb # v3.3.0 From 929802e081752a2ce59988703aa7cd904d0ffae2 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 18 Jun 2024 06:55:38 -0700 Subject: [PATCH 09/14] Bump docker/build-push-action from 5.4.0 to 6.0.0 (#63) Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 5.4.0 to 6.0.0. - [Release notes](https://github.com/docker/build-push-action/releases) - [Commits](https://github.com/docker/build-push-action/compare/ca052bb54ab0790a636c9b5f226502c73d547a25...c382f710d39a5bb4e430307530a720f50c2d3318) --- updated-dependencies: - dependency-name: docker/build-push-action dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 22ca4c9..a010086 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -58,7 +58,7 @@ jobs: DOCKER_METADATA_ANNOTATIONS_LEVELS: manifest,index - name: Build Docker image - uses: docker/build-push-action@ca052bb54ab0790a636c9b5f226502c73d547a25 # v5.4.0 + uses: docker/build-push-action@c382f710d39a5bb4e430307530a720f50c2d3318 # v6.0.0 id: build-push with: file: Dockerfile From 920ce38e7cb972d5ba70059c83876e5afb0f4483 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 19 Jun 2024 08:49:54 -0700 Subject: [PATCH 10/14] Bump github/codeql-action from 3.25.8 to 3.25.10 (#62) Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.25.8 to 3.25.10. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/2e230e8fe0ad3a14a340ad0815ddb96d599d2aff...23acc5c183826b7a8a97bce3cecc52db901f8251) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index a010086..46a4a94 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -88,7 +88,7 @@ jobs: add-cpes-if-none: true - name: Upload Anchore scan SARIF report - uses: github/codeql-action/upload-sarif@2e230e8fe0ad3a14a340ad0815ddb96d599d2aff # v3.25.8 + uses: github/codeql-action/upload-sarif@23acc5c183826b7a8a97bce3cecc52db901f8251 # v3.25.10 with: sarif_file: ${{ steps.scan.outputs.sarif }} From abb4a65013abca87bfd3cb54b7f48a63546ed46b Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 19 Jun 2024 15:51:22 +0000 Subject: [PATCH 11/14] Bump docker/build-push-action from 6.0.0 to 6.0.1 (#65) Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 6.0.0 to 6.0.1. - [Release notes](https://github.com/docker/build-push-action/releases) - [Commits](https://github.com/docker/build-push-action/compare/c382f710d39a5bb4e430307530a720f50c2d3318...94f8f8c2eec4bc3f1d78c1755580779804cb87b2) --- updated-dependencies: - dependency-name: docker/build-push-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 46a4a94..43c637f 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -58,7 +58,7 @@ jobs: DOCKER_METADATA_ANNOTATIONS_LEVELS: manifest,index - name: Build Docker image - uses: docker/build-push-action@c382f710d39a5bb4e430307530a720f50c2d3318 # v6.0.0 + uses: docker/build-push-action@94f8f8c2eec4bc3f1d78c1755580779804cb87b2 # v6.0.1 id: build-push with: file: Dockerfile From 6a7939107cf91aafa89e08a3ccc7bb514b75b46c Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 25 Jun 2024 02:49:34 -0700 Subject: [PATCH 12/14] Bump docker/build-push-action from 6.0.1 to 6.1.0 (#66) Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 6.0.1 to 6.1.0. - [Release notes](https://github.com/docker/build-push-action/releases) - [Commits](https://github.com/docker/build-push-action/compare/94f8f8c2eec4bc3f1d78c1755580779804cb87b2...31159d49c0d4756269a0940a750801a1ea5d7003) --- updated-dependencies: - dependency-name: docker/build-push-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 43c637f..3e0baa1 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -58,7 +58,7 @@ jobs: DOCKER_METADATA_ANNOTATIONS_LEVELS: manifest,index - name: Build Docker image - uses: docker/build-push-action@94f8f8c2eec4bc3f1d78c1755580779804cb87b2 # v6.0.1 + uses: docker/build-push-action@31159d49c0d4756269a0940a750801a1ea5d7003 # v6.1.0 id: build-push with: file: Dockerfile From c8e5ab29ce3656250865f4bcfe4f16c06fca8478 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 1 Jul 2024 13:22:00 -0700 Subject: [PATCH 13/14] Bump docker/build-push-action from 6.1.0 to 6.2.0 (#68) Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 6.1.0 to 6.2.0. - [Release notes](https://github.com/docker/build-push-action/releases) - [Commits](https://github.com/docker/build-push-action/compare/31159d49c0d4756269a0940a750801a1ea5d7003...15560696de535e4014efeff63c48f16952e52dd1) --- updated-dependencies: - dependency-name: docker/build-push-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 3e0baa1..3b43297 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -58,7 +58,7 @@ jobs: DOCKER_METADATA_ANNOTATIONS_LEVELS: manifest,index - name: Build Docker image - uses: docker/build-push-action@31159d49c0d4756269a0940a750801a1ea5d7003 # v6.1.0 + uses: docker/build-push-action@15560696de535e4014efeff63c48f16952e52dd1 # v6.2.0 id: build-push with: file: Dockerfile From eda2a2a3a556eeee8e98a374a568ba1e8cf7fc33 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 1 Jul 2024 13:31:20 -0700 Subject: [PATCH 14/14] Bump github/codeql-action from 3.25.10 to 3.25.11 (#67) Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.25.10 to 3.25.11. - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/23acc5c183826b7a8a97bce3cecc52db901f8251...b611370bb5703a7efb587f9d136a52ea24c5c38c) --- updated-dependencies: - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 3b43297..ddaddb5 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -88,7 +88,7 @@ jobs: add-cpes-if-none: true - name: Upload Anchore scan SARIF report - uses: github/codeql-action/upload-sarif@23acc5c183826b7a8a97bce3cecc52db901f8251 # v3.25.10 + uses: github/codeql-action/upload-sarif@b611370bb5703a7efb587f9d136a52ea24c5c38c # v3.25.11 with: sarif_file: ${{ steps.scan.outputs.sarif }}