9393 org.opencontainers.image.documentation=https://todo.docs
9494
9595 - name : Login to GitHub Container Registry
96- uses : docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6 .0
96+ uses : docker/login-action@c94ce9fb468520275223c153574b00df6fe4bcc9 # v3.7 .0
9797 with :
9898 registry : ghcr.io
9999 username : ${{ github.actor }}
@@ -102,7 +102,7 @@ jobs:
102102
103103 - name : Build and push image
104104 id : build
105- uses : docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 # v6.18.0
105+ uses : docker/build-push-action@10e90e3645eae34f1e60eeb005ba3a3d33f178e8 # v6.19.2
106106 with :
107107 context : .
108108 platforms : linux/amd64,linux/arm64
@@ -150,7 +150,7 @@ jobs:
150150 tar -xf image.tar -C image
151151
152152 - name : Run Trivy vulnerability scanner
153- uses : aquasecurity/trivy-action@b6643a29fecd7f34b3597bc6acb0a98b03d33ff8 # 0.33.1
153+ uses : aquasecurity/trivy-action@c1824fd6edce30d7ab345a9989de00bbd46ef284 # 0.34.0
154154 env :
155155 TRIVY_DB_REPOSITORY : public.ecr.aws/aquasecurity/trivy-db:2
156156 TRIVY_JAVA_DB_REPOSITORY : public.ecr.aws/aquasecurity/trivy-java-db:1
@@ -236,7 +236,7 @@ jobs:
236236 path : ${{ steps.build.outputs.package }}
237237
238238 - name : Login to GitHub Container Registry
239- uses : docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6 .0
239+ uses : docker/login-action@c94ce9fb468520275223c153574b00df6fe4bcc9 # v3.7 .0
240240 with :
241241 registry : ghcr.io
242242 username : ${{ github.actor }}
@@ -269,7 +269,7 @@ jobs:
269269 --certificate-oidc-issuer "https://token.actions.githubusercontent.com" | jq
270270
271271 - name : Run Trivy vulnerability scanner
272- uses : aquasecurity/trivy-action@b6643a29fecd7f34b3597bc6acb0a98b03d33ff8 # 0.33.1
272+ uses : aquasecurity/trivy-action@c1824fd6edce30d7ab345a9989de00bbd46ef284 # 0.34.0
273273 env :
274274 TRIVY_DB_REPOSITORY : public.ecr.aws/aquasecurity/trivy-db:2
275275 TRIVY_JAVA_DB_REPOSITORY : public.ecr.aws/aquasecurity/trivy-java-db:1
0 commit comments