From 98fffed0d4f627944ba95a62ee986d62c34f3bad Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 17 Aug 2022 04:06:05 +0000 Subject: [PATCH] build(deps): bump aquasecurity/trivy-action from 0.6.1 to 0.7.0 Bumps [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) from 0.6.1 to 0.7.0. - [Release notes](https://github.com/aquasecurity/trivy-action/releases) - [Commits](https://github.com/aquasecurity/trivy-action/compare/0.6.1...0.7.0) --- updated-dependencies: - dependency-name: aquasecurity/trivy-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- .github/workflows/artifacts.yaml | 2 +- .github/workflows/docker.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/artifacts.yaml b/.github/workflows/artifacts.yaml index 6ed0097e..dc4e8ecc 100644 --- a/.github/workflows/artifacts.yaml +++ b/.github/workflows/artifacts.yaml @@ -83,7 +83,7 @@ jobs: labels: ${{ steps.meta.outputs.labels }} - name: Run Trivy vulnerability scanner - uses: aquasecurity/trivy-action@0.6.1 + uses: aquasecurity/trivy-action@0.7.0 with: image-ref: "ghcr.io/dexidp/dex:${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.version'] }}" format: "sarif" diff --git a/.github/workflows/docker.yaml b/.github/workflows/docker.yaml index 64e28e51..fd5c1f6a 100644 --- a/.github/workflows/docker.yaml +++ b/.github/workflows/docker.yaml @@ -96,7 +96,7 @@ jobs: org.opencontainers.image.documentation=https://dexidp.io/docs/ - name: Run Trivy vulnerability scanner - uses: aquasecurity/trivy-action@0.6.1 + uses: aquasecurity/trivy-action@0.7.0 with: image-ref: "ghcr.io/dexidp/dex:${{ steps.tags.outputs.version }}" format: "template"