From c98646f004a79a1fd6723ec233000a0cf684d421 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 23 May 2022 04:07:04 +0000 Subject: [PATCH] build(deps): bump aquasecurity/trivy-action from 0.2.5 to 0.3.0 Bumps [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) from 0.2.5 to 0.3.0. - [Release notes](https://github.com/aquasecurity/trivy-action/releases) - [Commits](https://github.com/aquasecurity/trivy-action/compare/0.2.5...0.3.0) --- updated-dependencies: - dependency-name: aquasecurity/trivy-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- .github/workflows/artifacts.yaml | 2 +- .github/workflows/docker.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/artifacts.yaml b/.github/workflows/artifacts.yaml index 5f897afc..3d0f4491 100644 --- a/.github/workflows/artifacts.yaml +++ b/.github/workflows/artifacts.yaml @@ -83,7 +83,7 @@ jobs: labels: ${{ steps.meta.outputs.labels }} - name: Run Trivy vulnerability scanner - uses: aquasecurity/trivy-action@0.2.5 + uses: aquasecurity/trivy-action@0.3.0 with: image-ref: "ghcr.io/dexidp/dex:${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.version'] }}" format: "sarif" diff --git a/.github/workflows/docker.yaml b/.github/workflows/docker.yaml index 4f22d908..1bcefce5 100644 --- a/.github/workflows/docker.yaml +++ b/.github/workflows/docker.yaml @@ -96,7 +96,7 @@ jobs: org.opencontainers.image.documentation=https://dexidp.io/docs/ - name: Run Trivy vulnerability scanner - uses: aquasecurity/trivy-action@0.2.5 + uses: aquasecurity/trivy-action@0.3.0 with: image-ref: "ghcr.io/dexidp/dex:${{ steps.tags.outputs.version }}" format: "template"