Bump docker/scout-action from 1.18.2 to 1.20.1

[dependabot]

Bumps docker/scout-action from 1.18.2 to 1.20.1.

Commits

• 75ec1d4 Merge pull request #96 from docker/release/v1.20.1
• 9baba47 remove node_modules
• b7d2477 [BOT] Update assets for v1.20.1 release
• 07724ea Merge pull request #95 from docker/remove-binaries-from-repo
• 233e05b remove binaries from repo
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[github-actions]

🔍 Vulnerabilities of renzof93/github-actions-secrets-mgmt:latest

📦 Image Reference renzof93/github-actions-secrets-mgmt:latest

digest	sha256:6ec9d5d6065d4c09ca57c1f6f8ae23c2abc5ae2c35b1b22b7ae729330ae77336
vulnerabilities
platform	linux/amd64
size	104 MB
packages	63

📦 Base Image python:3-alpine3.20

also known as	3.13-alpine3.20 3.13.3-alpine3.20 alpine3.20
digest	sha256:68834522e73344a5337150a62e87a75be9046c0e39b9bab925be078d953e54e1
vulnerabilities

requests 2.32.3 (pypi) pkg:pypi/requests@2.32.3 Insufficiently Protected Credentials Affected range <2.32.4 Fixed version 2.32.4 CVSS Score 5.3 CVSS Vector CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:N/A:N EPSS Score 0.154% EPSS Percentile 36th percentile Description Impact Due to a URL parsing issue, Requests releases prior to 2.32.4 may leak .netrc credentials to third parties for specific maliciously-crafted URLs. Workarounds For older versions of Requests, use of the .netrc file can be disabled with trust_env=False on your Requests Session (docs). References psf/requests#6965 https://seclists.org/fulldisclosure/2025/Jun/2

pynacl 1.5.0 (pypi) pkg:pypi/pynacl@1.5.0 Incomplete List of Disallowed Inputs Affected range <1.6.2 Fixed version 1.6.2 CVSS Score 4.5 CVSS Vector CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:C/C:L/I:L/A:N EPSS Score 0.007% EPSS Percentile 1st percentile Description libsodium before ad3004e, in atypical use cases involving certain custom cryptography or untrusted data to crypto_core_ed25519_is_valid_point, mishandles checks for whether an elliptic curve point is valid because it sometimes allows points that aren't in the main cryptographic group. This advisoory lists packages in the GitHub Advisory Database's supported ecosystems that are affected by this vulnerability due to a vulnerable dependency.

[github-actions]

Recommended fixes for image renzof93/github-actions-secrets-mgmt:latest

Base image is python:3-alpine3.20

Name	3.13.3-alpine3.20
Digest	sha256:68834522e73344a5337150a62e87a75be9046c0e39b9bab925be078d953e54e1
Vulnerabilities
Pushed	10 months ago
Size	16 MB
Packages	41
Flavor	alpine
OS	3.20
Runtime	3.13.3

Refresh base image

Rebuild the image using a newer base image version. Updating this may result in breaking changes.

✅ This image version is up to date.

Change base image

Tag	Details	Pushed	Vulnerabilities
3-alpine Tag is preferred tag Also known as: alpine alpine3.23 3.14.3-alpine 3.14.3-alpine3.23 3.14-alpine 3.14-alpine3.23 3-alpine3.23	Benefits: Same OS detected Minor runtime version update Minor OS version update Tag is preferred tag Tag was pushed more recently Image has similar size Image introduces no new vulnerability but removes 18 Image contains equal number of packages 3-alpine was pulled 51K times last month Image details: Size: 18 MB Flavor: alpine OS: 3.23 Runtime: 3.14.3	1 month ago
3.13-alpine Minor runtime version update Also known as: 3.13.12-alpine 3.13.12-alpine3.23 3.13-alpine3.23	Benefits: Same OS detected Minor runtime version update Minor OS version update Image contains 2 fewer packages Tag was pushed more recently Image has similar size Image introduces no new vulnerability but removes 18 Image details: Size: 17 MB Flavor: alpine OS: 3.23 Runtime: 3.13.12	1 month ago
3.13-alpine3.22 Minor runtime version update Also known as: 3.13.12-alpine3.22	Benefits: Same OS detected Minor runtime version update Minor OS version update Image contains 2 fewer packages Tag was pushed more recently Image has similar size Image introduces no new vulnerability but removes 19 Image details: Size: 17 MB Flavor: alpine OS: 3.22 Runtime: 3.13.12	1 month ago
3-alpine3.22 Minor runtime version update Also known as: alpine3.22 3.14.3-alpine3.22 3.14-alpine3.22	Benefits: Same OS detected Minor runtime version update Minor OS version update Tag was pushed more recently Image has similar size Image introduces no new vulnerability but removes 19 Image contains equal number of packages Image details: Size: 18 MB Flavor: alpine OS: 3.22 Runtime: 3.14.3	1 month ago