Skip to content

Commit 1c666f7

Browse files
authored
Merge branch 'development' into renovate/anchore-syft-1.x
2 parents f52bc38 + 2007c14 commit 1c666f7

9 files changed

Lines changed: 57 additions & 54 deletions

File tree

.github/skills/security-scan-docker-image-scripts/run.sh

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -35,7 +35,7 @@ fi
3535
# Check Grype
3636
if ! command -v grype >/dev/null 2>&1; then
3737
log_error "Grype not found - install from: https://github.com/anchore/grype"
38-
log_error "Installation: curl -sSfL https://raw.githubusercontent.com/anchore/grype/main/install.sh | sh -s -- -b /usr/local/bin v0.114.0"
38+
log_error "Installation: curl -sSfL https://raw.githubusercontent.com/anchore/grype/main/install.sh | sh -s -- -b /usr/local/bin v0.115.0"
3939
error_exit "Grype is required for vulnerability scanning" 2
4040
fi
4141

@@ -52,6 +52,8 @@ GRYPE_INSTALLED_VERSION=$(grype version | grep -oP 'Version:\s*\Kv?[0-9]+\.[0-9]
5252
# Set defaults matching CI workflow
5353
set_default_env "SYFT_VERSION" "v1.46.0"
5454
set_default_env "GRYPE_VERSION" "v0.114.0"
55+
set_default_env "SYFT_VERSION" "v1.45.1"
56+
set_default_env "GRYPE_VERSION" "v0.115.0"
5557
set_default_env "IMAGE_TAG" "charon:local"
5658
set_default_env "FAIL_ON_SEVERITY" "Critical,High"
5759

.github/workflows/e2e-tests-split.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -158,7 +158,7 @@ jobs:
158158

159159
- name: Cache npm dependencies
160160
if: steps.resolve-image.outputs.image_source == 'build'
161-
uses: actions/cache@2c8a9bd7457de244a408f35966fab2fb45fda9c8 # v6
161+
uses: actions/cache@55cc8345863c7cc4c66a329aec7e433d2d1c52a9 # v6
162162
with:
163163
path: ~/.npm
164164
key: npm-${{ hashFiles('package-lock.json') }}

.github/workflows/supply-chain-pr.yml

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -288,7 +288,7 @@ jobs:
288288
- name: Install Grype
289289
if: steps.set-target.outputs.image_name != ''
290290
run: |
291-
curl -sSfL https://raw.githubusercontent.com/anchore/grype/main/install.sh | sh -s -- -b /usr/local/bin v0.114.0
291+
curl -sSfL https://raw.githubusercontent.com/anchore/grype/main/install.sh | sh -s -- -b /usr/local/bin v0.115.0
292292
293293
- name: Scan for vulnerabilities
294294
if: steps.set-target.outputs.image_name != ''

backend/go.mod

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -90,7 +90,7 @@ require (
9090
golang.org/x/arch v0.28.0 // indirect
9191
golang.org/x/sys v0.46.0 // indirect
9292
google.golang.org/protobuf v1.36.11 // indirect
93-
modernc.org/libc v1.73.4 // indirect
93+
modernc.org/libc v1.73.5 // indirect
9494
modernc.org/mathutil v1.7.1 // indirect
9595
modernc.org/memory v1.11.0 // indirect
9696
modernc.org/sqlite v1.53.0 // indirect

backend/go.sum

Lines changed: 12 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -187,8 +187,8 @@ golang.org/x/arch v0.28.0 h1:wVwVdqsTuUbJvhYVCspQYwZXHNYeLSoZnmHD+ggddpQ=
187187
golang.org/x/arch v0.28.0/go.mod h1:0X+GdSIP+kL5wPmpK7sdkEVTt2XoYP0cSjQSbZBwOi8=
188188
golang.org/x/crypto v0.53.0 h1:QZ4Muo8THX6CizN2vPPd5fBGHyogrdK9fG4wLPFUsto=
189189
golang.org/x/crypto v0.53.0/go.mod h1:DNLU434OwVakk9PzuwV8w62mAJpRJL3vsgcfp4Qnsio=
190-
golang.org/x/mod v0.36.0 h1:JJjpVx6myfUsUdAzZuOSTTmRE0PfZeNWzzvKrP7amb4=
191-
golang.org/x/mod v0.36.0/go.mod h1:moc6ELqsWcOw5Ef3xVprK5ul/MvtVvkIXLziUOICjUQ=
190+
golang.org/x/mod v0.37.0 h1:vF1DjpVEshcIqoEaauuHebaLk1O1forxjxBaVn884JQ=
191+
golang.org/x/mod v0.37.0/go.mod h1:m8S8VeM9r4dzDwjrKO0a1sZP3YjeMamRRlD+fmR2Q/0=
192192
golang.org/x/net v0.56.0 h1:Rw8j/hFzGvJUZwNBXnAtf5sVDVt+65SK2C7IxCxZt5o=
193193
golang.org/x/net v0.56.0/go.mod h1:D3Ku6r+V6JROoZK144D2XfMHFcMq/0zSfLelVTCFKec=
194194
golang.org/x/sync v0.21.0 h1:HLII4xRRTtCRkxYp4HNFF0Js/Og6q2i++KXbg0gHCwM=
@@ -199,8 +199,8 @@ golang.org/x/text v0.38.0 h1:sXmwo9DwP3OK9EZ7PqAdaooSGozfl/3a6/xJcbzPRhE=
199199
golang.org/x/text v0.38.0/go.mod h1:YXZt3QhHUKYT53r2lLKFIVi6Ao1jdzrTR/KQ09qyxF4=
200200
golang.org/x/time v0.15.0 h1:bbrp8t3bGUeFOx08pvsMYRTCVSMk89u4tKbNOZbp88U=
201201
golang.org/x/time v0.15.0/go.mod h1:Y4YMaQmXwGQZoFaVFk4YpCt4FLQMYKZe9oeV/f4MSno=
202-
golang.org/x/tools v0.45.0 h1:18qN3FAooORvApf5XjCXgsuayZOEtXf6JK18I3+ONa8=
203-
golang.org/x/tools v0.45.0/go.mod h1:LuUGqqaXcXMEFEruIVJVm5mgDD8vww/z/SR1gQ4uE/0=
202+
golang.org/x/tools v0.46.0 h1:7jTurBkPZu4moS/Uy4OQT1M+QBlsj3wejyZwsT8Z7rk=
203+
golang.org/x/tools v0.46.0/go.mod h1:FrD85F8l+NWL+9XWBSyVSHO6Ne4jutsfIFba7AWQ5Ys=
204204
google.golang.org/protobuf v1.36.11 h1:fV6ZwhNocDyBLK0dj+fg8ektcVegBBuEolpbTQyBNVE=
205205
google.golang.org/protobuf v1.36.11/go.mod h1:HTf+CrKn2C3g5S8VImy6tdcUvCska2kB7j23XfzDpco=
206206
gopkg.in/check.v1 v0.0.0-20161208181325-20d25e280405/go.mod h1:Co6ibVJAznAaIkqp8huTwlJQCZ016jof/cbN4VW5Yz0=
@@ -217,20 +217,20 @@ gorm.io/gorm v1.31.2 h1:3o8FXNo9v9S858gil+3LlZA1LkCOzgb4g5BL64FgaCo=
217217
gorm.io/gorm v1.31.2/go.mod h1:XyQVbO2k6YkOis7C2437jSit3SsDK72s7n7rsSHd+Gs=
218218
gotest.tools/v3 v3.5.2 h1:7koQfIKdy+I8UTetycgUqXWSDwpgv193Ka+qRsmBY8Q=
219219
gotest.tools/v3 v3.5.2/go.mod h1:LtdLGcnqToBH83WByAAi/wiwSFCArdFIUV/xxN4pcjA=
220-
modernc.org/cc/v4 v4.28.4 h1:Hd/4Es+MBj+/7hSdZaisNyu6bv3V0Dp2MdllyfqaH+c=
221-
modernc.org/cc/v4 v4.28.4/go.mod h1:OnovgIhbbMXMu1aISnJ0wvVD1KnW+cAUJkIrAWh+kVI=
222-
modernc.org/ccgo/v4 v4.34.4 h1:OVnSOWQjVKOYkFxoHYB+qQmSHK5gqMqARM+K9DpR/Ws=
223-
modernc.org/ccgo/v4 v4.34.4/go.mod h1:qdKqE8FNIYyysougB1RX9MxCzp5oJOcQXSobANJ4TuE=
220+
modernc.org/cc/v4 v4.29.0 h1:CXgwL8cvxmyzBQZzbSl/6xFtMCryb6u8IOqDci39cgc=
221+
modernc.org/cc/v4 v4.29.0/go.mod h1:OnovgIhbbMXMu1aISnJ0wvVD1KnW+cAUJkIrAWh+kVI=
222+
modernc.org/ccgo/v4 v4.34.5 h1:hcwnthv2/LBl+mRLOYwnQA/LuW44Oln1NQlWppNaS1Q=
223+
modernc.org/ccgo/v4 v4.34.5/go.mod h1:aow0HNkO30OSA/2NrtDXkis92ff8ZFiDOmDOPhqhF8U=
224224
modernc.org/fileutil v1.4.0 h1:j6ZzNTftVS054gi281TyLjHPp6CPHr2KCxEXjEbD6SM=
225225
modernc.org/fileutil v1.4.0/go.mod h1:EqdKFDxiByqxLk8ozOxObDSfcVOv/54xDs/DUHdvCUU=
226226
modernc.org/gc/v2 v2.6.5 h1:nyqdV8q46KvTpZlsw66kWqwXRHdjIlJOhG6kxiV/9xI=
227227
modernc.org/gc/v2 v2.6.5/go.mod h1:YgIahr1ypgfe7chRuJi2gD7DBQiKSLMPgBQe9oIiito=
228-
modernc.org/gc/v3 v3.1.3 h1:6QAplYyVO+KdPW3pGnqmJDUxtkec8ooEWvks/hhU3lc=
229-
modernc.org/gc/v3 v3.1.3/go.mod h1:HFK/6AGESC7Ex+EZJhJ2Gni6cTaYpSMmU/cT9RmlfYY=
228+
modernc.org/gc/v3 v3.1.4 h1:2g65LGVSmFQrXeITAw97x7hCRvZFcyE1uDP+7Vng7JI=
229+
modernc.org/gc/v3 v3.1.4/go.mod h1:HFK/6AGESC7Ex+EZJhJ2Gni6cTaYpSMmU/cT9RmlfYY=
230230
modernc.org/goabi0 v0.2.0 h1:HvEowk7LxcPd0eq6mVOAEMai46V+i7Jrj13t4AzuNks=
231231
modernc.org/goabi0 v0.2.0/go.mod h1:CEFRnnJhKvWT1c1JTI3Avm+tgOWbkOu5oPA8eH8LnMI=
232-
modernc.org/libc v1.73.4 h1:+ra4Ui8ngyt8HDcO1FTDPWlkAh6yOdaO2yAoh8MddQA=
233-
modernc.org/libc v1.73.4/go.mod h1:DXZ3eO8qMCNn2SnmTNCiC71nJ9Rcq3PsnpU6Vc4rWK8=
232+
modernc.org/libc v1.73.5 h1:G34rN/cRqL+zOUnrbz9uPq/+OxJ8/vzQ2CQwTJ42Wmw=
233+
modernc.org/libc v1.73.5/go.mod h1:+Aoyx4M0etg6GikzCrip1VtvAtUlMlo2Aq+GHwQSqOA=
234234
modernc.org/mathutil v1.7.1 h1:GCZVGXdaN8gTqB1Mf/usp1Y/hSqgI2vAGGP4jZMCxOU=
235235
modernc.org/mathutil v1.7.1/go.mod h1:4p5IwJITfppl0G4sUEDtCr4DthTaT47/N3aT6MhfgJg=
236236
modernc.org/memory v1.11.0 h1:o4QC8aMQzmcwCK3t3Ux/ZHmwFPzE6hf2Y5LbkRs+hbI=

frontend/package-lock.json

Lines changed: 22 additions & 21 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

frontend/package.json

Lines changed: 4 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -40,7 +40,7 @@
4040
"class-variance-authority": "^0.7.1",
4141
"clsx": "^2.1.1",
4242
"date-fns": "^4.4.0",
43-
"i18next": "^26.3.2",
43+
"i18next": "^26.3.3",
4444
"i18next-browser-languagedetector": "^8.2.1",
4545
"lucide-react": "^1.21.0",
4646
"react": "^19.2.7",
@@ -75,7 +75,7 @@
7575
"@vitest/coverage-v8": "^4.1.9",
7676
"@vitest/eslint-plugin": "^1.6.20",
7777
"@vitest/ui": "^4.1.9",
78-
"eslint": "^10.5.0",
78+
"eslint": "^10.6.0",
7979
"eslint-formatter-compact": "^9.0.1",
8080
"eslint-import-resolver-typescript": "^4.4.5",
8181
"eslint-plugin-import-x": "^4.17.0",
@@ -90,7 +90,7 @@
9090
"eslint-plugin-unicorn": "^69.0.0",
9191
"eslint-plugin-unused-imports": "^4.4.1",
9292
"jsdom": "29.1.1",
93-
"knip": "^6.20.0",
93+
"knip": "^6.21.0",
9494
"postcss": "^8.5.15",
9595
"tailwindcss": "^4.3.1",
9696
"typescript": "^6.0.3",
@@ -102,7 +102,7 @@
102102
"overrides": {
103103
"typescript": "^6.0.3",
104104
"eslint-plugin-react-hooks": {
105-
"eslint": "^10.5.0"
105+
"eslint": "^10.6.0"
106106
},
107107
"eslint-plugin-jsx-a11y": {
108108
"eslint": "^10.5.0"

package-lock.json

Lines changed: 11 additions & 11 deletions
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.

package.json

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -10,7 +10,7 @@
1010
"lint:md:fix": "markdownlint-cli2 --fix '**/*.md' '#node_modules/**' '#.venv/**' '#test-results/**' '#codeql-db/**' '#codeql-agent-results/**'"
1111
},
1212
"dependencies": {
13-
"@typescript/analyze-trace": "^0.11.0",
13+
"@typescript/analyze-trace": "^0.11.1",
1414
"tldts": "^7.4.4",
1515
"type-check": "^0.4.0"
1616
},
@@ -27,7 +27,7 @@
2727
"@types/node": "^26.0.1",
2828
"dotenv": "^17.4.2",
2929
"markdownlint-cli2": "^0.22.1",
30-
"prettier": "^3.8.4",
30+
"prettier": "^3.8.5",
3131
"prettier-plugin-tailwindcss": "^0.8.0",
3232
"tar": "^7.5.17",
3333
"typescript": "^6.0.3",

0 commit comments

Comments
 (0)