From ffec99287b139851114ab688c92bbe0da45dbada Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 30 Jun 2022 04:09:00 +0000 Subject: [PATCH] build(deps): bump aquasecurity/trivy-action from 0.4.0 to 0.5.1 Bumps [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) from 0.4.0 to 0.5.1. - [Release notes](https://github.com/aquasecurity/trivy-action/releases) - [Commits](https://github.com/aquasecurity/trivy-action/compare/0.4.0...0.5.1) --- updated-dependencies: - dependency-name: aquasecurity/trivy-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- .github/workflows/artifacts.yaml | 2 +- .github/workflows/docker.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/artifacts.yaml b/.github/workflows/artifacts.yaml index 5da6f0d7..2e017322 100644 --- a/.github/workflows/artifacts.yaml +++ b/.github/workflows/artifacts.yaml @@ -83,7 +83,7 @@ jobs: labels: ${{ steps.meta.outputs.labels }} - name: Run Trivy vulnerability scanner - uses: aquasecurity/trivy-action@0.4.0 + uses: aquasecurity/trivy-action@0.5.1 with: image-ref: "ghcr.io/dexidp/dex:${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.version'] }}" format: "sarif" diff --git a/.github/workflows/docker.yaml b/.github/workflows/docker.yaml index f87015c7..8683a648 100644 --- a/.github/workflows/docker.yaml +++ b/.github/workflows/docker.yaml @@ -96,7 +96,7 @@ jobs: org.opencontainers.image.documentation=https://dexidp.io/docs/ - name: Run Trivy vulnerability scanner - uses: aquasecurity/trivy-action@0.4.0 + uses: aquasecurity/trivy-action@0.5.1 with: image-ref: "ghcr.io/dexidp/dex:${{ steps.tags.outputs.version }}" format: "template"