From 33483aa17984498df32cf8411103056d75371aa8 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 16 Jun 2022 04:06:00 +0000 Subject: [PATCH] build(deps): bump aquasecurity/trivy-action from 0.3.0 to 0.4.0 Bumps [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) from 0.3.0 to 0.4.0. - [Release notes](https://github.com/aquasecurity/trivy-action/releases) - [Commits](https://github.com/aquasecurity/trivy-action/compare/0.3.0...0.4.0) --- updated-dependencies: - dependency-name: aquasecurity/trivy-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- .github/workflows/artifacts.yaml | 2 +- .github/workflows/docker.yaml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/artifacts.yaml b/.github/workflows/artifacts.yaml index 3d0f4491..5da6f0d7 100644 --- a/.github/workflows/artifacts.yaml +++ b/.github/workflows/artifacts.yaml @@ -83,7 +83,7 @@ jobs: labels: ${{ steps.meta.outputs.labels }} - name: Run Trivy vulnerability scanner - uses: aquasecurity/trivy-action@0.3.0 + uses: aquasecurity/trivy-action@0.4.0 with: image-ref: "ghcr.io/dexidp/dex:${{ fromJSON(steps.meta.outputs.json).labels['org.opencontainers.image.version'] }}" format: "sarif" diff --git a/.github/workflows/docker.yaml b/.github/workflows/docker.yaml index 1bcefce5..f87015c7 100644 --- a/.github/workflows/docker.yaml +++ b/.github/workflows/docker.yaml @@ -96,7 +96,7 @@ jobs: org.opencontainers.image.documentation=https://dexidp.io/docs/ - name: Run Trivy vulnerability scanner - uses: aquasecurity/trivy-action@0.3.0 + uses: aquasecurity/trivy-action@0.4.0 with: image-ref: "ghcr.io/dexidp/dex:${{ steps.tags.outputs.version }}" format: "template"