upgrade-to-8.3.13 (#82)

Endava · Nov 4, 2024 · 16af839 · 16af839
1 parent f9e11d0
commit 16af839
Show file tree

Hide file tree

Showing 2 changed files with 10 additions and 4 deletions.
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -125,7 +125,9 @@ jobs:
             DOCKER_REGISTRY_IMAGE: "temporary-build-image-linux-amd64"
 
       -   name: Run Alpine Trivy vulnerability scanner
-          uses: aquasecurity/trivy-action@master
+          uses: aquasecurity/trivy-action@0.24.0
+          env:
+            TRIVY_DB_REPOSITORY: public.ecr.aws/aquasecurity/trivy-db:2
           with:
             image-ref: php-${{ env.PHP_VERSION }}
             format: 'table'
@@ -136,7 +138,9 @@ jobs:
 
       -   if: contains(github.ref, 'refs/heads/release/')
           name: Run Alpine Trivy vulnerability scanner and upload to github security tab
-          uses: aquasecurity/trivy-action@master
+          uses: aquasecurity/trivy-action@0.24.0
+          env:
+            TRIVY_DB_REPOSITORY: public.ecr.aws/aquasecurity/trivy-db:2
           with:
             image-ref: php-${{ env.PHP_VERSION }}
             format: 'sarif'
@@ -150,7 +154,9 @@ jobs:
 #
       -   if: contains(github.ref, 'refs/heads/release/')
           name: Run Trivy in GitHub SBOM mode and submit results to Dependency Snapshots
-          uses: aquasecurity/trivy-action@master
+          uses: aquasecurity/trivy-action@0.24.0
+          env:
+            TRIVY_DB_REPOSITORY: public.ecr.aws/aquasecurity/trivy-db:2
           with:
             format: 'github'
             output: 'dependency-results.sbom.json'

diff --git a/Dockerfile b/Dockerfile
@@ -1,6 +1,6 @@
 FROM alpine:3.20.3
 
-ARG PHP_VERSION="8.3.10"
+ARG PHP_VERSION="8.3.13"
 ARG PHP_PACKAGE_BASENAME="php83"
 ARG PHP_FPM_BINARY_PATH="/usr/sbin/php-fpm83"
 ARG UNIT_VERSION="1.32.1"