scanner
scanner copied to clipboard
stackrox
## Description Update the offline bundle workflow to use versioned offline definitions (create based on https://github.com/stackrox/stackrox/pull/12516/files) instead of release-based defintions. Also, from 4.6.x onward, versioned offline bundles are published by...
This PR contains the following updates: | Package | Change | Notes | |---|---|---| | quay.io/konflux-ci/tekton-catalog/task-build-image-index | `327d745` -> `4d5ab47` | | | quay.io/konflux-ci/tekton-catalog/task-buildah-oci-ta | `0.2` -> `0.4` | :warning:[migration](https://redirect.github.com/redhat-appstudio/build-definitions/blob/main/task/buildah-oci-ta/0.4/MIGRATION.md):warning:...
![red-hat-konflux[bot] avatar](https://avatars.githubusercontent.com/in/296509?v=4 "red-hat-konflux[bot] avatar"){kind=avatar}
This PR contains the following updates: | Package | Change | |---|---| | quay.io/konflux-ci/tekton-catalog/task-buildah-oci-ta | `cd7fba9` -> `ff54d82` | | quay.io/konflux-ci/tekton-catalog/task-buildah-remote-oci-ta | `aae811d` -> `57a4a8b` | | quay.io/konflux-ci/tekton-catalog/task-git-clone-oci-ta | `9709088`...
Bumps [github.com/containers/image/v5](https://github.com/containers/image) from 5.34.2 to 5.34.3. Release notes Sourced from github.com/containers/image/v5's releases. v5.34.3 What's Changed [release-5.34] Bump c/storage to v1.57.2, c/image to v5.34.2 by @TomSweeneyRedHat in containers/image#2765 [5.34] Correctly compute...
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "dependabot[bot] avatar"){kind=avatar}
Bumps [google.golang.org/api](https://github.com/googleapis/google-api-go-client) from 0.227.0 to 0.228.0. Release notes Sourced from google.golang.org/api's releases. v0.228.0 0.228.0 (2025-03-25) Features all: Auto-regenerate discovery clients (#3072) (1987dc9) all: Auto-regenerate discovery clients (#3076) (b041969) all: Auto-regenerate...
Bumps google.golang.org/protobuf from 1.36.5 to 1.36.6. [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a...
chore(deps): update quay.io/redhat-appstudio/build-trusted-artifacts:latest docker digest to 9b18077
This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | quay.io/redhat-appstudio/build-trusted-artifacts | tekton-step-image | digest | `62bb855` -> `9b18077` | --- ### Configuration...
How to reproduce the lockfile: https://spaces.redhat.com/display/StackRox/How+to+prefetch+RPMs+for+ACS+Konflux+builds Required changes: * cannot blanket `dnf upgrade`, because we need to specify which RPMs to prefetch. Target RPMs can be added to the `packages`...
This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | quay.io/rhacs-eng/konflux-tasks | tekton-bundle | digest | `bed93fb` -> `36e64af` | --- ### Configuration...
This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | quay.io/rhacs-eng/konflux-tasks | tekton-bundle | digest | `9492e28` -> `36e64af` | --- ### Configuration...