Mercurial > p > roundup > code

changeset 8336:1357dfcb81eb

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
chore: update actions to current versions.
author John Rouillard <rouilj@ieee.org>
date Thu, 19 Jun 2025 16:14:01 -0400
parents cf757cd416dc
children 234ea17b8463
files .github/workflows/anchore.yml
diffstat 1 files changed, 3 insertions(+), 3 deletions(-) [+]
line wrap: on
line diff
--- a/.github/workflows/anchore.yml	Thu Jun 19 16:05:22 2025 -0400
+++ b/.github/workflows/anchore.yml	Thu Jun 19 16:14:01 2025 -0400
@@ -37,20 +37,20 @@
     runs-on: ubuntu-latest
     steps:
     - name: Checkout the code
-      uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
+      uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
     - name: Build the Docker image
       run: docker pull python:3-alpine; docker build . --file scripts/Docker/Dockerfile --tag localbuild/testimage:latest
     - name: List the Docker image
       run: docker image ls
     - name: Run the Anchore scan action itself with GitHub Advanced Security code scanning integration enabled
-      uses: anchore/scan-action@c35e932c2a7c572bfdb1c3dbcdadb2d4fc62418d # 3.6.1
+      uses: anchore/scan-action@be7a22da4f22dde446c4c4c099887ff5b256526c # 6.3.0
       id: scan
       with:
         image: "localbuild/testimage:latest"
         fail-build: true
     - name: Upload Anchore Scan Report
       if: always()
-      uses: github/codeql-action/upload-sarif@65c74964a9ed8c44ed9f19d4bbc5757a6a8e9ab9 # v2.16.1
+      uses: github/codeql-action/upload-sarif@b1e4dc3db58c9601794e22a9f6d28d45461b9dbf # v2.22.0
       with:
         sarif_file: ${{ steps.scan.outputs.sarif }}
     - name: Inspect action SARIF report
Roundup Issue Tracker: http://roundup-tracker.org/