queue
queue copied to clipboard
adrianbrad
build(deps): bump anchore/scan-action from 3 to 4
Bumps anchore/scan-action from 3 to 4.
Release notes
Sourced from anchore/scan-action's releases.
v4.0.0
New in scan-action v4.0.0
- Update Grype to v0.79.2 (#338) [anchore-actions-token-generator]
- Download Grype on Windows (#336) [willmurphyscode] (#315) [kzantow]
- Bump Node to v20 (#295) [ViacheslavKudinov]
v3.6.4
New in scan-action v3.6.4
- Update Grype to v0.74.4 (#279) [anchore-actions-token-generator]
v3.6.3
New in scan-action v3.6.3
v3.6.2
New in scan-action v3.6.2
- chore(deps): update Grype to v0.74.3 (#275) [anchore-actions-token-generator]
v3.6.1
New in scan-action v3.6.1
- chore(deps): update Grype to v0.74.2 (#272) [anchore-actions-token-generator]
- chore(deps-dev): bump prettier from 3.2.2 to 3.2.4 (#270) [dependabot]
v3.6.0
New in scan-action v3.6.0
- chore(deps): update Grype to v0.74.1 (#271) [anchore-actions-token-generator]
- chore(deps-dev): bump prettier from 3.1.1 to 3.2.2 (#268) [dependabot]
v3.5.0
New in scan-action v3.5.0
- chore(deps): update Grype to v0.74.0 (#267) [anchore-actions-token-generator]
- chore(deps): bump
@actions/corefrom 1.10.0 to 1.10.1 (#262) [dependabot]v3.4.0
New in scan-action v3.4.0
- chore(deps-dev): bump tslib from 2.5.0 to 2.6.2 (#258) [dependabot]
- chore(deps-dev): bump
@vercel/nccfrom 0.36.1 to 0.38.1 (#261) [dependabot]- chore(deps): update Grype to v0.73.5 (#264) [anchore-actions-token-generator]
- Add support for the
--vexflag (#254) [ferozsalam]v3.3.8
New in scan-action v3.3.8
... (truncated)
Changelog
Sourced from anchore/scan-action's changelog.
Release Notes
Version 2.0.2 - 2020-11-11
- Update
actions/coreto use version1.2.6[(Issue #71)](anchore/scan-action#71)Version 2.0.1 - 2020-02-11
Fixes:
- Removes unnecessary constraint in deduplication for SARIF reporting
- Allows defining and referencing the location of the SARIF report file
- Fixes multiple instances where undefined items in the reporting would break scanning
Commits
04b73ecchore(deps): update Grype to v0.79.2 (#338)69a534ffix: download Grype directly on Windows (#336)d09e278chore(deps-dev): bump prettier from 3.2.5 to 3.3.0 (#323)51f3c1cchore(deps): update Grype to v0.78.0 (#322)63b2dc4chore(deps): update Grype to v0.77.4 (#317)b4a7247fix: Windows runners (#315)30b718achore(deps): bump actions/checkout from 4.1.5 to 4.1.6 (#314)04171b1chore(deps): bump actions/checkout from 4.1.4 to 4.1.5 (#310)666b3dcchore(deps): update Grype to v0.77.3 (#311)8c83d2cchore(deps): update Grype to v0.77.2 (#290)- Additional commits viewable in compare view
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
![dependabot[bot] avatar](https://avatars.githubusercontent.com/in/29110?v=4 "Published by a pub.dev verified publisher"){kind=small}