Skip to content

Commit

Permalink
fix(deps): update all non-major dependencies
Browse files Browse the repository at this point in the history
  • Loading branch information
we-renovate[bot] authored and stempler committed Oct 24, 2024
1 parent 20cbdce commit 56654b2
Show file tree
Hide file tree
Showing 6 changed files with 13 additions and 13 deletions.
4 changes: 2 additions & 2 deletions .github/workflows/dockerfile.yml
Original file line number Diff line number Diff line change
Expand Up @@ -30,7 +30,7 @@ jobs:
run:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2

- name: Docker meta
id: meta
Expand All @@ -56,7 +56,7 @@ jobs:
labels: ${{ steps.meta.outputs.labels }}

- name: Vulnerability check
uses: wetransform/gha-trivy@e06eaae60c4781e82886b303499cf0ea1a0639a4 # v2.2.1
uses: wetransform/gha-trivy@ea088b75341e15242000952b7b8c079ea9d85bc6 # v2.3.0
with:
image-ref: "${{ inputs.image }}:${{ inputs.tag }}"
create-test-report: true
Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/gradle-library.yml
Original file line number Diff line number Diff line change
Expand Up @@ -99,7 +99,7 @@ jobs:

steps:
- name: Checkout
uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1
uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
ref: ${{ inputs.checkout-ref }}
submodules: ${{ inputs.submodules }}
Expand Down Expand Up @@ -197,7 +197,7 @@ jobs:

- name: Vulnerability scan
if: ${{ !inputs.skip-scan }}
uses: wetransform/gha-trivy@e06eaae60c4781e82886b303499cf0ea1a0639a4 # v2.2.1
uses: wetransform/gha-trivy@ea088b75341e15242000952b7b8c079ea9d85bc6 # v2.3.0
with:
junit-test-output: "${{ inputs.multi-module && 'trivy-gha-scan/build/test-results/trivy.xml' || 'build/test-results/trivy.xml' }}" # added to unit test report
report-retention-days: 30
Expand Down
8 changes: 4 additions & 4 deletions .github/workflows/gradle-service.yml
Original file line number Diff line number Diff line change
Expand Up @@ -95,7 +95,7 @@ jobs:
release-version: ${{ steps.gradle-release.outputs.release-version }}

steps:
- uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
with:
ref: ${{ inputs.checkout-ref }}
submodules: ${{ inputs.submodules }}
Expand Down Expand Up @@ -217,15 +217,15 @@ jobs:

- name: Vulnerability scan
if: ${{ !inputs.skip-scan }}
uses: wetransform/gha-trivy@e06eaae60c4781e82886b303499cf0ea1a0639a4 # v2.2.1
uses: wetransform/gha-trivy@ea088b75341e15242000952b7b8c079ea9d85bc6 # v2.3.0
with:
image-ref: 'docker.io/${{ inputs.image-tag }}'
junit-test-output: "${{ inputs.multi-module && 'trivy-gha-scan/build/test-results/trivy.xml' || 'build/test-results/trivy.xml' }}" # added to unit test report
report-retention-days: 30
report-tag: ${{ inputs.image-tag }}

- name: Vulnerability scan (Image 2)
uses: wetransform/gha-trivy@e06eaae60c4781e82886b303499cf0ea1a0639a4 # v2.2.1
uses: wetransform/gha-trivy@ea088b75341e15242000952b7b8c079ea9d85bc6 # v2.3.0
if: ${{ !inputs.skip-scan && inputs.image-tag-2 != '' }}
with:
image-ref: 'docker.io/${{ inputs.image-tag-2 }}'
Expand All @@ -234,7 +234,7 @@ jobs:
report-tag: ${{ inputs.image-tag-2 }}

- name: Vulnerability scan (Image 3)
uses: wetransform/gha-trivy@e06eaae60c4781e82886b303499cf0ea1a0639a4 # v2.2.1
uses: wetransform/gha-trivy@ea088b75341e15242000952b7b8c079ea9d85bc6 # v2.3.0
if: ${{ !inputs.skip-scan && inputs.image-tag-3 != '' }}
with:
image-ref: 'docker.io/${{ inputs.image-tag-3 }}'
Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/play-service.yml
Original file line number Diff line number Diff line change
Expand Up @@ -49,7 +49,7 @@ jobs:
runs-on: ubuntu-latest

steps:
- uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2

- uses: actions/setup-java@b36c23c0d998641eff861008f374ee103c25ac73 # v4.4.0
with:
Expand Down Expand Up @@ -98,7 +98,7 @@ jobs:
run: mkdir -p ${{ inputs.junit-test-folder }}

- name: Vulnerability scan
uses: wetransform/gha-trivy@e06eaae60c4781e82886b303499cf0ea1a0639a4 # v2.2.1
uses: wetransform/gha-trivy@ea088b75341e15242000952b7b8c079ea9d85bc6 # v2.3.0
with:
image-ref: 'docker.io/${{ inputs.image-tag }}'
junit-test-output: "${{ inputs.junit-test-folder }}/trivy.xml" # added to unit test report
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/sbt-library.yml
Original file line number Diff line number Diff line change
Expand Up @@ -35,7 +35,7 @@ jobs:
runs-on: ubuntu-latest

steps:
- uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1
- uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2

- uses: actions/setup-java@b36c23c0d998641eff861008f374ee103c25ac73 # v4.4.0
with:
Expand Down
4 changes: 2 additions & 2 deletions .github/workflows/scan-images.yml
Original file line number Diff line number Diff line change
Expand Up @@ -86,7 +86,7 @@ jobs:
docker pull ${{ matrix.image }}
- name: Vulnerability scan
uses: wetransform/gha-trivy@e06eaae60c4781e82886b303499cf0ea1a0639a4 # v2.2.1
uses: wetransform/gha-trivy@ea088b75341e15242000952b7b8c079ea9d85bc6 # v2.3.0
with:
image-ref: ${{ matrix.image }}
create-test-report: ${{ inputs.create-test-report }}
Expand Down Expand Up @@ -176,7 +176,7 @@ jobs:
# Scan merged SBOM for an overview, but trivy fails for mixed OS dependencies, so disabled by default
- name: Scan merged SBOM
if: ${{ inputs.merge-sboms && inputs.scan-merged-sbom }}
uses: wetransform/gha-trivy@e06eaae60c4781e82886b303499cf0ea1a0639a4 # v2.2.1
uses: wetransform/gha-trivy@ea088b75341e15242000952b7b8c079ea9d85bc6 # v2.3.0
with:
scan-ref: merged/sbom.json
create-test-report: false
Expand Down

0 comments on commit 56654b2

Please sign in to comment.