From 17eadf47eeda1a9e059542e2c069e928f7a08b00 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 27 Nov 2023 15:52:51 +0000 Subject: [PATCH] Bump docker/scout-action from 1.1.0 to 1.2.0 (#90) Bumps [docker/scout-action](https://github.com/docker/scout-action) from 1.1.0 to 1.2.0. - [Release notes](https://github.com/docker/scout-action/releases) - [Commits](https://github.com/docker/scout-action/compare/704685e6e6dc4462258fb11d36d3a14ca7bda1e6...7c61653c2736d21969dd4593fde76c670d4a86cb) --- updated-dependencies: - dependency-name: docker/scout-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- .github/workflows/ci.yml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 7d35f01..fe9b49b 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -153,7 +153,7 @@ jobs: # Docker-Scout - Create SBOM - name: Create SBOM - uses: docker/scout-action@704685e6e6dc4462258fb11d36d3a14ca7bda1e6 + uses: docker/scout-action@7c61653c2736d21969dd4593fde76c670d4a86cb id: docker-scout-sbom continue-on-error: true if: env.CONTAINER_PUSH == 'true' && vars.DOCKERHUB_USERNAME != '' @@ -165,7 +165,7 @@ jobs: # vulnerability scan the image for main branch and upload the results as a SARIF file - name: Analyze for critical and high CVEs - uses: docker/scout-action@704685e6e6dc4462258fb11d36d3a14ca7bda1e6 + uses: docker/scout-action@7c61653c2736d21969dd4593fde76c670d4a86cb id: docker-scout-cves continue-on-error: true if: env.CONTAINER_PUSH == 'true' && github.ref_name == 'main' @@ -184,7 +184,7 @@ jobs: # vulnerability scanning to verify PRs - name: Docker Scout compare - uses: docker/scout-action@704685e6e6dc4462258fb11d36d3a14ca7bda1e6 + uses: docker/scout-action@7c61653c2736d21969dd4593fde76c670d4a86cb id: pr-compare if: github.event_name == 'pull_request' && vars.DOCKERHUB_USERNAME != '' with: