build(deps): bump the any group with 2 updates (#273)

This commit is contained in:
dependabot[bot] 2024-04-02 05:49:17 +00:00 committed by GitHub
parent add7da3fe1
commit 70847336ff
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 2 additions and 2 deletions

View File

@ -12,7 +12,7 @@ jobs:
runs-on: ubuntu-latest runs-on: ubuntu-latest
if: ${{ github.actor == 'dependabot[bot]' }} if: ${{ github.actor == 'dependabot[bot]' }}
steps: steps:
- uses: dependabot/fetch-metadata@v1 - uses: dependabot/fetch-metadata@v2
id: metadata id: metadata
with: {github-token: "${{ secrets.GITHUB_TOKEN }}"} with: {github-token: "${{ secrets.GITHUB_TOKEN }}"}

View File

@ -193,7 +193,7 @@ jobs: # Docs: <https://git.io/JvxXE>
name: docker-image name: docker-image
path: .artifact path: .artifact
- uses: aquasecurity/trivy-action@0.18.0 # action page: <https://github.com/aquasecurity/trivy-action> - uses: aquasecurity/trivy-action@0.19.0 # action page: <https://github.com/aquasecurity/trivy-action>
with: with:
input: .artifact/docker-image.tar input: .artifact/docker-image.tar
format: sarif format: sarif