Skip to content

Commit

Permalink
Bump docker/scout-action from 1.1.0 to 1.2.0 (#90)
Browse files Browse the repository at this point in the history 
Bumps [docker/scout-action](https://github.com/docker/scout-action) from 1.1.0 to 1.2.0.
- [Release notes](https://github.com/docker/scout-action/releases)
- [Commits](docker/scout-action@704685e...7c61653)

---
updated-dependencies:
- dependency-name: docker/scout-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
  • Loading branch information
@dependabot
dependabot[bot] authored Nov 27, 2023
1 parent 489c9eb commit 17eadf4
Showing 1 changed file with 3 additions and 3 deletions.
6 changes: 3 additions & 3 deletions .github/workflows/ci.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -153,7 +153,7 @@ jobs:

# Docker-Scout - Create SBOM
- name: Create SBOM
uses: docker/scout-action@704685e6e6dc4462258fb11d36d3a14ca7bda1e6
uses: docker/scout-action@7c61653c2736d21969dd4593fde76c670d4a86cb
id: docker-scout-sbom
continue-on-error: true
if: env.CONTAINER_PUSH == 'true' && vars.DOCKERHUB_USERNAME != ''
Expand All @@ -165,7 +165,7 @@ jobs:

# vulnerability scan the image for main branch and upload the results as a SARIF file
- name: Analyze for critical and high CVEs
uses: docker/scout-action@704685e6e6dc4462258fb11d36d3a14ca7bda1e6
uses: docker/scout-action@7c61653c2736d21969dd4593fde76c670d4a86cb
id: docker-scout-cves
continue-on-error: true
if: env.CONTAINER_PUSH == 'true' && github.ref_name == 'main'
Expand All @@ -184,7 +184,7 @@ jobs:

# vulnerability scanning to verify PRs
- name: Docker Scout compare
uses: docker/scout-action@704685e6e6dc4462258fb11d36d3a14ca7bda1e6
uses: docker/scout-action@7c61653c2736d21969dd4593fde76c670d4a86cb
id: pr-compare
if: github.event_name == 'pull_request' && vars.DOCKERHUB_USERNAME != ''
with:
Expand Down

0 comments on commit 17eadf4

Please sign in to comment.