From 32751ab230a670a25860c589f275e898c1dd0472 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 16 Sep 2024 22:07:06 +0000 Subject: [PATCH] build(deps): bump the dependencies group across 1 directory with 5 updates Bumps the dependencies group with 5 updates in the / directory: | Package | From | To | | --- | --- | --- | | [docker/build-push-action](https://github.com/docker/build-push-action) | `6.5.0` | `6.7.0` | | [github/codeql-action](https://github.com/github/codeql-action) | `3.25.15` | `3.26.7` | | [actions/setup-java](https://github.com/actions/setup-java) | `4.2.2` | `4.3.0` | | [actions/upload-artifact](https://github.com/actions/upload-artifact) | `4.3.5` | `4.4.0` | | [checkmarx/kics-github-action](https://github.com/checkmarx/kics-github-action) | `2.1.1` | `2.1.2` | Updates `docker/build-push-action` from 6.5.0 to 6.7.0 - [Release notes](https://github.com/docker/build-push-action/releases) - [Commits](https://github.com/docker/build-push-action/compare/5176d81f87c23d6fc96624dfdbcd9f3830bbe445...5cd11c3a4ced054e52742c5fd54dca954e0edd85) Updates `github/codeql-action` from 3.25.15 to 3.26.7 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/afb54ba388a7dca6ecae48f608c4ff05ff4cc77a...8214744c546c1e5c8f03dde8fab3a7353211988d) Updates `actions/setup-java` from 4.2.2 to 4.3.0 - [Release notes](https://github.com/actions/setup-java/releases) - [Commits](https://github.com/actions/setup-java/compare/6a0805fcefea3d4657a47ac4c165951e33482018...2dfa2011c5b2a0f1489bf9e433881c92c1631f88) Updates `actions/upload-artifact` from 4.3.5 to 4.4.0 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](https://github.com/actions/upload-artifact/compare/89ef406dd8d7e03cfd12d9e0a4a378f454709029...50769540e7f4bd5e21e526ee35c689e35e0d6874) Updates `checkmarx/kics-github-action` from 2.1.1 to 2.1.2 - [Release notes](https://github.com/checkmarx/kics-github-action/releases) - [Commits](https://github.com/checkmarx/kics-github-action/compare/252e73959bd4809a14863cbfbb42d7a90d5a4860...530ac1f8efe6202b0f12c9a6e952597ae707b755) --- updated-dependencies: - dependency-name: docker/build-push-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: actions/setup-java dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: actions/upload-artifact dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies - dependency-name: checkmarx/kics-github-action dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies ... Signed-off-by: dependabot[bot] --- .github/workflows/administration-service.yml | 2 +- .github/workflows/codeql.yml | 6 ++--- .github/workflows/dependencies.yaml | 4 ++-- .github/workflows/iam-seeding.yml | 2 +- .github/workflows/kics.yml | 4 ++-- .github/workflows/maintenance-service.yml | 2 +- .github/workflows/marketplace-app-service.yml | 2 +- .github/workflows/notification-service.yml | 2 +- .github/workflows/portal-migrations.yml | 2 +- .github/workflows/processes-worker.yml | 2 +- .github/workflows/provisioning-migrations.yml | 2 +- .github/workflows/registration-service.yml | 2 +- .github/workflows/release.yml | 2 +- .github/workflows/release_candidate.yml | 2 +- .github/workflows/release_iam-seeding.yml | 2 +- .../workflows/release_release_candidate.yml | 2 +- .github/workflows/services-service.yml | 2 +- .github/workflows/sonarcloud.yml | 2 +- .github/workflows/test-automation.yml | 10 ++++----- .github/workflows/trivy-main.yml | 22 +++++++++---------- .github/workflows/trivy.yml | 22 +++++++++---------- 21 files changed, 49 insertions(+), 49 deletions(-) diff --git a/.github/workflows/administration-service.yml b/.github/workflows/administration-service.yml index a559c74b1f..1baa2e6af3 100644 --- a/.github/workflows/administration-service.yml +++ b/.github/workflows/administration-service.yml @@ -78,7 +78,7 @@ jobs: type=raw,value=${{ github.sha }} - name: Build and push Docker image - uses: docker/build-push-action@5176d81f87c23d6fc96624dfdbcd9f3830bbe445 # v6.5.0 + uses: docker/build-push-action@5cd11c3a4ced054e52742c5fd54dca954e0edd85 # v6.7.0 with: context: . file: ./docker/Dockerfile-administration-service diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml index 985d336277..1591597b8b 100644 --- a/.github/workflows/codeql.yml +++ b/.github/workflows/codeql.yml @@ -73,7 +73,7 @@ jobs: # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@afb54ba388a7dca6ecae48f608c4ff05ff4cc77a # v2.227 + uses: github/codeql-action/init@8214744c546c1e5c8f03dde8fab3a7353211988d # v2.227 with: languages: ${{ matrix.language }} # If you wish to specify custom queries, you can do so here or in a config file. @@ -87,7 +87,7 @@ jobs: # Automates dependency installation for Python, Ruby, and JavaScript, optimizing the CodeQL analysis setup. # If this step fails, then you should remove it and run the build manually (see below) - name: Autobuild - uses: github/codeql-action/autobuild@afb54ba388a7dca6ecae48f608c4ff05ff4cc77a # v2.227 + uses: github/codeql-action/autobuild@8214744c546c1e5c8f03dde8fab3a7353211988d # v2.227 # ℹī¸ Command-line programs to run using the OS shell. # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun @@ -100,6 +100,6 @@ jobs: # ./location_of_script_within_repo/buildscript.sh - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@afb54ba388a7dca6ecae48f608c4ff05ff4cc77a # v2.227 + uses: github/codeql-action/analyze@8214744c546c1e5c8f03dde8fab3a7353211988d # v2.227 with: category: "/language:${{matrix.language}}" diff --git a/.github/workflows/dependencies.yaml b/.github/workflows/dependencies.yaml index 8997708784..350d8a5f95 100644 --- a/.github/workflows/dependencies.yaml +++ b/.github/workflows/dependencies.yaml @@ -38,7 +38,7 @@ jobs: steps: - name: Set up JDK 17 - uses: actions/setup-java@6a0805fcefea3d4657a47ac4c165951e33482018 # v4.2.2 + uses: actions/setup-java@2dfa2011c5b2a0f1489bf9e433881c92c1631f88 # v4.3.0 with: distribution: 'temurin' java-version: '17' @@ -84,7 +84,7 @@ jobs: if: steps.dependencies-changed.outputs.changed == 'true' - name: Upload DEPENDENCIES file - uses: actions/upload-artifact@89ef406dd8d7e03cfd12d9e0a4a378f454709029 # v4.3.5 + uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0 with: path: DEPENDENCIES if: steps.dependencies-changed.outputs.changed == 'true' diff --git a/.github/workflows/iam-seeding.yml b/.github/workflows/iam-seeding.yml index 801bca1596..1d0983c00f 100644 --- a/.github/workflows/iam-seeding.yml +++ b/.github/workflows/iam-seeding.yml @@ -68,7 +68,7 @@ jobs: type=raw,value=${{ github.sha }} - name: Build and push Docker image - uses: docker/build-push-action@5176d81f87c23d6fc96624dfdbcd9f3830bbe445 # v6.5.0 + uses: docker/build-push-action@5cd11c3a4ced054e52742c5fd54dca954e0edd85 # v6.7.0 with: context: . file: ./docker/Dockerfile-iam-seeding diff --git a/.github/workflows/kics.yml b/.github/workflows/kics.yml index 7292e13cea..b2a79a1abb 100644 --- a/.github/workflows/kics.yml +++ b/.github/workflows/kics.yml @@ -45,7 +45,7 @@ jobs: - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7 - name: KICS scan - uses: checkmarx/kics-github-action@252e73959bd4809a14863cbfbb42d7a90d5a4860 # v2.1.1 + uses: checkmarx/kics-github-action@530ac1f8efe6202b0f12c9a6e952597ae707b755 # v2.1.2 with: # Scanning directory . path: "." @@ -69,7 +69,7 @@ jobs: # Upload findings to GitHub Advanced Security Dashboard - name: Upload SARIF file for GitHub Advanced Security Dashboard if: always() - uses: github/codeql-action/upload-sarif@afb54ba388a7dca6ecae48f608c4ff05ff4cc77a # v3.25.15 + uses: github/codeql-action/upload-sarif@8214744c546c1e5c8f03dde8fab3a7353211988d # v3.26.7 with: sarif_file: kicsResults/results.sarif diff --git a/.github/workflows/maintenance-service.yml b/.github/workflows/maintenance-service.yml index f4fdb6f10f..ce7b507950 100644 --- a/.github/workflows/maintenance-service.yml +++ b/.github/workflows/maintenance-service.yml @@ -69,7 +69,7 @@ jobs: type=raw,value=${{ github.sha }} - name: Build and push Docker image - uses: docker/build-push-action@5176d81f87c23d6fc96624dfdbcd9f3830bbe445 # v6.5.0 + uses: docker/build-push-action@5cd11c3a4ced054e52742c5fd54dca954e0edd85 # v6.7.0 with: context: . file: ./docker/Dockerfile-maintenance-service diff --git a/.github/workflows/marketplace-app-service.yml b/.github/workflows/marketplace-app-service.yml index f6a0a0517d..223c60aa68 100644 --- a/.github/workflows/marketplace-app-service.yml +++ b/.github/workflows/marketplace-app-service.yml @@ -74,7 +74,7 @@ jobs: type=raw,value=${{ github.sha }} - name: Build and push Docker image - uses: docker/build-push-action@5176d81f87c23d6fc96624dfdbcd9f3830bbe445 # v6.5.0 + uses: docker/build-push-action@5cd11c3a4ced054e52742c5fd54dca954e0edd85 # v6.7.0 with: context: . file: ./docker/Dockerfile-marketplace-app-service diff --git a/.github/workflows/notification-service.yml b/.github/workflows/notification-service.yml index 19d9ac8fdd..a1e0a7385f 100644 --- a/.github/workflows/notification-service.yml +++ b/.github/workflows/notification-service.yml @@ -72,7 +72,7 @@ jobs: type=raw,value=${{ github.sha }} - name: Build and push Docker image - uses: docker/build-push-action@5176d81f87c23d6fc96624dfdbcd9f3830bbe445 # v6.5.0 + uses: docker/build-push-action@5cd11c3a4ced054e52742c5fd54dca954e0edd85 # v6.7.0 with: context: . file: ./docker/Dockerfile-notification-service diff --git a/.github/workflows/portal-migrations.yml b/.github/workflows/portal-migrations.yml index 7d80698c9e..8c8083fdca 100644 --- a/.github/workflows/portal-migrations.yml +++ b/.github/workflows/portal-migrations.yml @@ -69,7 +69,7 @@ jobs: type=raw,value=${{ github.sha }} - name: Build and push Docker image - uses: docker/build-push-action@5176d81f87c23d6fc96624dfdbcd9f3830bbe445 # v6.5.0 + uses: docker/build-push-action@5cd11c3a4ced054e52742c5fd54dca954e0edd85 # v6.7.0 with: context: . file: ./docker/Dockerfile-portal-migrations diff --git a/.github/workflows/processes-worker.yml b/.github/workflows/processes-worker.yml index f25b051767..424161e80c 100644 --- a/.github/workflows/processes-worker.yml +++ b/.github/workflows/processes-worker.yml @@ -76,7 +76,7 @@ jobs: type=raw,value=${{ github.sha }} - name: Build and push Docker image - uses: docker/build-push-action@5176d81f87c23d6fc96624dfdbcd9f3830bbe445 # v6.5.0 + uses: docker/build-push-action@5cd11c3a4ced054e52742c5fd54dca954e0edd85 # v6.7.0 with: context: . file: ./docker/Dockerfile-processes-worker diff --git a/.github/workflows/provisioning-migrations.yml b/.github/workflows/provisioning-migrations.yml index 8de8817e3f..eb7557c668 100644 --- a/.github/workflows/provisioning-migrations.yml +++ b/.github/workflows/provisioning-migrations.yml @@ -69,7 +69,7 @@ jobs: type=raw,value=${{ github.sha }} - name: Build and push Docker image - uses: docker/build-push-action@5176d81f87c23d6fc96624dfdbcd9f3830bbe445 # v6.5.0 + uses: docker/build-push-action@5cd11c3a4ced054e52742c5fd54dca954e0edd85 # v6.7.0 with: context: . file: ./docker/Dockerfile-provisioning-migrations diff --git a/.github/workflows/registration-service.yml b/.github/workflows/registration-service.yml index c28f5964d1..a79882f160 100644 --- a/.github/workflows/registration-service.yml +++ b/.github/workflows/registration-service.yml @@ -73,7 +73,7 @@ jobs: type=raw,value=${{ github.sha }} - name: Build and push Docker image - uses: docker/build-push-action@5176d81f87c23d6fc96624dfdbcd9f3830bbe445 # v6.5.0 + uses: docker/build-push-action@5cd11c3a4ced054e52742c5fd54dca954e0edd85 # v6.7.0 with: context: . file: ./docker/Dockerfile-registration-service diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 466b5c35ec..6061b4e62a 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -97,7 +97,7 @@ jobs: type=semver,pattern=v{{major}}.{{minor}} - name: Build and push Docker images - uses: docker/build-push-action@5176d81f87c23d6fc96624dfdbcd9f3830bbe445 # v6.5.0 + uses: docker/build-push-action@5cd11c3a4ced054e52742c5fd54dca954e0edd85 # v6.7.0 with: context: . file: ${{ matrix.dockerfile }} diff --git a/.github/workflows/release_candidate.yml b/.github/workflows/release_candidate.yml index ef1599814c..7f1b49d742 100644 --- a/.github/workflows/release_candidate.yml +++ b/.github/workflows/release_candidate.yml @@ -92,7 +92,7 @@ jobs: type=raw,value=${{ github.sha }} - name: Build and push Docker images - uses: docker/build-push-action@5176d81f87c23d6fc96624dfdbcd9f3830bbe445 # v6.5.0 + uses: docker/build-push-action@5cd11c3a4ced054e52742c5fd54dca954e0edd85 # v6.7.0 with: context: . file: ${{ matrix.dockerfile }} diff --git a/.github/workflows/release_iam-seeding.yml b/.github/workflows/release_iam-seeding.yml index 9998b834b5..0adc9f2b40 100644 --- a/.github/workflows/release_iam-seeding.yml +++ b/.github/workflows/release_iam-seeding.yml @@ -64,7 +64,7 @@ jobs: type=semver,pattern=v{{major}}.{{minor}} - name: Build and push Docker image - uses: docker/build-push-action@5176d81f87c23d6fc96624dfdbcd9f3830bbe445 # v6.5.0 + uses: docker/build-push-action@5cd11c3a4ced054e52742c5fd54dca954e0edd85 # v6.7.0 with: context: . file: ./docker/Dockerfile-iam-seeding diff --git a/.github/workflows/release_release_candidate.yml b/.github/workflows/release_release_candidate.yml index 203d625e04..752cb45025 100644 --- a/.github/workflows/release_release_candidate.yml +++ b/.github/workflows/release_release_candidate.yml @@ -96,7 +96,7 @@ jobs: type=semver,pattern=v{{major}}.{{minor}} - name: Build and push Docker images - uses: docker/build-push-action@5176d81f87c23d6fc96624dfdbcd9f3830bbe445 # v6.5.0 + uses: docker/build-push-action@5cd11c3a4ced054e52742c5fd54dca954e0edd85 # v6.7.0 with: context: . file: ${{ matrix.dockerfile }} diff --git a/.github/workflows/services-service.yml b/.github/workflows/services-service.yml index 2fc3484f20..695ab8f874 100644 --- a/.github/workflows/services-service.yml +++ b/.github/workflows/services-service.yml @@ -73,7 +73,7 @@ jobs: type=raw,value=${{ github.sha }} - name: Build and push Docker image - uses: docker/build-push-action@5176d81f87c23d6fc96624dfdbcd9f3830bbe445 # v6.5.0 + uses: docker/build-push-action@5cd11c3a4ced054e52742c5fd54dca954e0edd85 # v6.7.0 with: context: . file: ./docker/Dockerfile-services-service diff --git a/.github/workflows/sonarcloud.yml b/.github/workflows/sonarcloud.yml index 6c164c8d8c..6e75770656 100644 --- a/.github/workflows/sonarcloud.yml +++ b/.github/workflows/sonarcloud.yml @@ -42,7 +42,7 @@ jobs: steps: - name: Set up JDK 17 - uses: actions/setup-java@6a0805fcefea3d4657a47ac4c165951e33482018 # v4.2.2 + uses: actions/setup-java@2dfa2011c5b2a0f1489bf9e433881c92c1631f88 # v4.3.0 with: distribution: 'temurin' java-version: '17' diff --git a/.github/workflows/test-automation.yml b/.github/workflows/test-automation.yml index aee88d62bb..b930aba61e 100644 --- a/.github/workflows/test-automation.yml +++ b/.github/workflows/test-automation.yml @@ -95,7 +95,7 @@ jobs: run: dotnet test tests/endtoend --filter Category=InterfaceHC --no-restore --verbosity minimal --logger "html;logfilename=e2eInterfaceHealthCheckResults.html" - name: 'Upload Artifact' if: always() - uses: actions/upload-artifact@89ef406dd8d7e03cfd12d9e0a4a378f454709029 # v4.3.5 + uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0 with: name: e2e-test-report path: tests/endtoend/TestResults/e2eInterfaceHealthCheckResults.html @@ -113,7 +113,7 @@ jobs: run: dotnet test tests/endtoend --filter Category=PortalHC --no-restore --verbosity minimal --logger "html;logfilename=e2ePortalHealthCheckResults.html" - name: 'Upload Artifact' if: always() - uses: actions/upload-artifact@89ef406dd8d7e03cfd12d9e0a4a378f454709029 # v4.3.5 + uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0 with: name: e2e-test-report path: tests/endtoend/TestResults/e2ePortalHealthCheckResults.html @@ -132,7 +132,7 @@ jobs: run: dotnet test tests/endtoend --filter Category=Registration --no-restore --verbosity minimal --logger "html;logfilename=e2eRegistrationTestResults.html" - name: 'Upload Artifact' if: always() - uses: actions/upload-artifact@89ef406dd8d7e03cfd12d9e0a4a378f454709029 # v4.3.5 + uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0 with: name: e2e-test-report path: tests/endtoend/TestResults/e2eRegistrationTestResults.html @@ -152,7 +152,7 @@ jobs: run: dotnet test tests/endtoend --filter Category=Portal --no-restore --verbosity minimal --logger "html;logfilename=e2ePortalTestResults.html" - name: 'Upload Artifact' if: always() - uses: actions/upload-artifact@89ef406dd8d7e03cfd12d9e0a4a378f454709029 # v4.3.5 + uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0 with: name: e2e-test-report path: tests/endtoend/TestResults/e2ePortalTestResults.html @@ -181,7 +181,7 @@ jobs: run: dotnet test tests/endtoend --no-restore --verbosity minimal --logger "html;logfilename=e2eAllResults.html" - name: 'Upload Artifact' if: always() - uses: actions/upload-artifact@89ef406dd8d7e03cfd12d9e0a4a378f454709029 # v4.3.5 + uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0 with: name: e2e-test-report path: tests/endtoend/TestResults/e2eAllResults.html \ No newline at end of file diff --git a/.github/workflows/trivy-main.yml b/.github/workflows/trivy-main.yml index 2a9f8e3636..de67b72e0c 100644 --- a/.github/workflows/trivy-main.yml +++ b/.github/workflows/trivy-main.yml @@ -65,7 +65,7 @@ jobs: timeout: "3600s" - name: Upload Trivy scan results to GitHub Security tab - uses: github/codeql-action/upload-sarif@afb54ba388a7dca6ecae48f608c4ff05ff4cc77a # v3.25.15 + uses: github/codeql-action/upload-sarif@8214744c546c1e5c8f03dde8fab3a7353211988d # v3.26.7 if: always() with: sarif_file: "trivy-results1.sarif" @@ -98,7 +98,7 @@ jobs: - name: Upload Trivy scan results to GitHub Security tab if: always() - uses: github/codeql-action/upload-sarif@afb54ba388a7dca6ecae48f608c4ff05ff4cc77a # v3.25.15 + uses: github/codeql-action/upload-sarif@8214744c546c1e5c8f03dde8fab3a7353211988d # v3.26.7 with: sarif_file: "trivy-results3.sarif" @@ -130,7 +130,7 @@ jobs: - name: Upload Trivy scan results to GitHub Security tab if: always() - uses: github/codeql-action/upload-sarif@afb54ba388a7dca6ecae48f608c4ff05ff4cc77a # v3.25.15 + uses: github/codeql-action/upload-sarif@8214744c546c1e5c8f03dde8fab3a7353211988d # v3.26.7 with: sarif_file: "trivy-results4.sarif" @@ -162,7 +162,7 @@ jobs: - name: Upload Trivy scan results to GitHub Security tab if: always() - uses: github/codeql-action/upload-sarif@afb54ba388a7dca6ecae48f608c4ff05ff4cc77a # v3.25.15 + uses: github/codeql-action/upload-sarif@8214744c546c1e5c8f03dde8fab3a7353211988d # v3.26.7 with: sarif_file: "trivy-results5.sarif" @@ -194,7 +194,7 @@ jobs: - name: Upload Trivy scan results to GitHub Security tab if: always() - uses: github/codeql-action/upload-sarif@afb54ba388a7dca6ecae48f608c4ff05ff4cc77a # v3.25.15 + uses: github/codeql-action/upload-sarif@8214744c546c1e5c8f03dde8fab3a7353211988d # v3.26.7 with: sarif_file: "trivy-results6.sarif" @@ -226,7 +226,7 @@ jobs: - name: Upload Trivy scan results to GitHub Security tab if: always() - uses: github/codeql-action/upload-sarif@afb54ba388a7dca6ecae48f608c4ff05ff4cc77a # v3.25.15 + uses: github/codeql-action/upload-sarif@8214744c546c1e5c8f03dde8fab3a7353211988d # v3.26.7 with: sarif_file: "trivy-results7.sarif" @@ -258,7 +258,7 @@ jobs: - name: Upload Trivy scan results to GitHub Security tab if: always() - uses: github/codeql-action/upload-sarif@afb54ba388a7dca6ecae48f608c4ff05ff4cc77a # v3.25.15 + uses: github/codeql-action/upload-sarif@8214744c546c1e5c8f03dde8fab3a7353211988d # v3.26.7 with: sarif_file: "trivy-results8.sarif" @@ -290,7 +290,7 @@ jobs: - name: Upload Trivy scan results to GitHub Security tab if: always() - uses: github/codeql-action/upload-sarif@afb54ba388a7dca6ecae48f608c4ff05ff4cc77a # v3.25.15 + uses: github/codeql-action/upload-sarif@8214744c546c1e5c8f03dde8fab3a7353211988d # v3.26.7 with: sarif_file: "trivy-results9.sarif" @@ -322,7 +322,7 @@ jobs: - name: Upload Trivy scan results to GitHub Security tab if: always() - uses: github/codeql-action/upload-sarif@afb54ba388a7dca6ecae48f608c4ff05ff4cc77a # v3.25.15 + uses: github/codeql-action/upload-sarif@8214744c546c1e5c8f03dde8fab3a7353211988d # v3.26.7 with: sarif_file: "trivy-results10.sarif" @@ -354,7 +354,7 @@ jobs: - name: Upload Trivy scan results to GitHub Security tab if: always() - uses: github/codeql-action/upload-sarif@afb54ba388a7dca6ecae48f608c4ff05ff4cc77a # v3.25.15 + uses: github/codeql-action/upload-sarif@8214744c546c1e5c8f03dde8fab3a7353211988d # v3.26.7 with: sarif_file: "trivy-results11.sarif" @@ -386,6 +386,6 @@ jobs: - name: Upload Trivy scan results to GitHub Security tab if: always() - uses: github/codeql-action/upload-sarif@afb54ba388a7dca6ecae48f608c4ff05ff4cc77a # v3.25.15 + uses: github/codeql-action/upload-sarif@8214744c546c1e5c8f03dde8fab3a7353211988d # v3.26.7 with: sarif_file: "trivy-results12.sarif" diff --git a/.github/workflows/trivy.yml b/.github/workflows/trivy.yml index b0ecaca2e1..a22117d20d 100644 --- a/.github/workflows/trivy.yml +++ b/.github/workflows/trivy.yml @@ -65,7 +65,7 @@ jobs: timeout: "3600s" - name: Upload Trivy scan results to GitHub Security tab - uses: github/codeql-action/upload-sarif@afb54ba388a7dca6ecae48f608c4ff05ff4cc77a # v3.25.15 + uses: github/codeql-action/upload-sarif@8214744c546c1e5c8f03dde8fab3a7353211988d # v3.26.7 if: always() with: sarif_file: "trivy-results1.sarif" @@ -98,7 +98,7 @@ jobs: - name: Upload Trivy scan results to GitHub Security tab if: always() - uses: github/codeql-action/upload-sarif@afb54ba388a7dca6ecae48f608c4ff05ff4cc77a # v3.25.15 + uses: github/codeql-action/upload-sarif@8214744c546c1e5c8f03dde8fab3a7353211988d # v3.26.7 with: sarif_file: "trivy-results3.sarif" @@ -130,7 +130,7 @@ jobs: - name: Upload Trivy scan results to GitHub Security tab if: always() - uses: github/codeql-action/upload-sarif@afb54ba388a7dca6ecae48f608c4ff05ff4cc77a # v3.25.15 + uses: github/codeql-action/upload-sarif@8214744c546c1e5c8f03dde8fab3a7353211988d # v3.26.7 with: sarif_file: "trivy-results4.sarif" @@ -162,7 +162,7 @@ jobs: - name: Upload Trivy scan results to GitHub Security tab if: always() - uses: github/codeql-action/upload-sarif@afb54ba388a7dca6ecae48f608c4ff05ff4cc77a # v3.25.15 + uses: github/codeql-action/upload-sarif@8214744c546c1e5c8f03dde8fab3a7353211988d # v3.26.7 with: sarif_file: "trivy-results5.sarif" @@ -194,7 +194,7 @@ jobs: - name: Upload Trivy scan results to GitHub Security tab if: always() - uses: github/codeql-action/upload-sarif@afb54ba388a7dca6ecae48f608c4ff05ff4cc77a # v3.25.15 + uses: github/codeql-action/upload-sarif@8214744c546c1e5c8f03dde8fab3a7353211988d # v3.26.7 with: sarif_file: "trivy-results6.sarif" @@ -226,7 +226,7 @@ jobs: - name: Upload Trivy scan results to GitHub Security tab if: always() - uses: github/codeql-action/upload-sarif@afb54ba388a7dca6ecae48f608c4ff05ff4cc77a # v3.25.15 + uses: github/codeql-action/upload-sarif@8214744c546c1e5c8f03dde8fab3a7353211988d # v3.26.7 with: sarif_file: "trivy-results7.sarif" @@ -258,7 +258,7 @@ jobs: - name: Upload Trivy scan results to GitHub Security tab if: always() - uses: github/codeql-action/upload-sarif@afb54ba388a7dca6ecae48f608c4ff05ff4cc77a # v3.25.15 + uses: github/codeql-action/upload-sarif@8214744c546c1e5c8f03dde8fab3a7353211988d # v3.26.7 with: sarif_file: "trivy-results8.sarif" @@ -290,7 +290,7 @@ jobs: - name: Upload Trivy scan results to GitHub Security tab if: always() - uses: github/codeql-action/upload-sarif@afb54ba388a7dca6ecae48f608c4ff05ff4cc77a # v3.25.15 + uses: github/codeql-action/upload-sarif@8214744c546c1e5c8f03dde8fab3a7353211988d # v3.26.7 with: sarif_file: "trivy-results9.sarif" @@ -322,7 +322,7 @@ jobs: - name: Upload Trivy scan results to GitHub Security tab if: always() - uses: github/codeql-action/upload-sarif@afb54ba388a7dca6ecae48f608c4ff05ff4cc77a # v3.25.15 + uses: github/codeql-action/upload-sarif@8214744c546c1e5c8f03dde8fab3a7353211988d # v3.26.7 with: sarif_file: "trivy-results10.sarif" @@ -354,7 +354,7 @@ jobs: - name: Upload Trivy scan results to GitHub Security tab if: always() - uses: github/codeql-action/upload-sarif@afb54ba388a7dca6ecae48f608c4ff05ff4cc77a # v3.25.15 + uses: github/codeql-action/upload-sarif@8214744c546c1e5c8f03dde8fab3a7353211988d # v3.26.7 with: sarif_file: "trivy-results11.sarif" @@ -386,6 +386,6 @@ jobs: - name: Upload Trivy scan results to GitHub Security tab if: always() - uses: github/codeql-action/upload-sarif@afb54ba388a7dca6ecae48f608c4ff05ff4cc77a # v3.25.15 + uses: github/codeql-action/upload-sarif@8214744c546c1e5c8f03dde8fab3a7353211988d # v3.26.7 with: sarif_file: "trivy-results12.sarif"