Bump the all group with 5 updates (#11611)

Bumps the all group with 5 updates: | Package | From | To | | --- | --- | --- | | [actions/setup-go](https://github.com/actions/setup-go) | `5.0.1` | `5.0.2` | | [actions/setup-python](https://github.com/actions/setup-python) | `5.1.0` | `5.1.1` | | [actions/dependency-review-action](https://github.com/actions/dependency-review-action) | `4.3.3` | `4.3.4` | | [github/codeql-action](https://github.com/github/codeql-action) | `3.25.11` | `3.25.12` | | [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) | `0.23.0` | `0.24.0` | Updates `actions/setup-go` from 5.0.1 to 5.0.2 - [Release notes](https://github.com/actions/setup-go/releases) - [Commits](cdcb360436...0a12ed9d6a) Updates `actions/setup-python` from 5.1.0 to 5.1.1 - [Release notes](https://github.com/actions/setup-python/releases) - [Commits](82c7e631bb...39cd14951b) Updates `actions/dependency-review-action` from 4.3.3 to 4.3.4 - [Release notes](https://github.com/actions/dependency-review-action/releases) - [Commits](72eb03d02c...5a2ce3f5b9) Updates `github/codeql-action` from 3.25.11 to 3.25.12 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](b611370bb5...4fa2a79536) Updates `aquasecurity/trivy-action` from 0.23.0 to 0.24.0 - [Release notes](https://github.com/aquasecurity/trivy-action/releases) - [Commits](7c2007bcb5...6e7b7d1fd3) --- updated-dependencies: - dependency-name: actions/setup-go dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all - dependency-name: actions/setup-python dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all - dependency-name: actions/dependency-review-action dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all - dependency-name: aquasecurity/trivy-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-07-15 07:39:11 -07:00 · 2024-07-15 07:39:11 -07:00 · 125ffd47b1
commit 125ffd47b1
parent 60bb8b351c
7 changed files with 11 additions and 11 deletions
--- a/.github/workflows/vulnerability-scans.yaml
+++ b/.github/workflows/vulnerability-scans.yaml
@ -60,7 +60,7 @@ jobs:

      - name: Scan image with AquaSec/Trivy
        id: scan
-        uses: aquasecurity/trivy-action@7c2007bcb556501da015201bcba5aa14069b74e2 # v0.23.0
+        uses: aquasecurity/trivy-action@6e7b7d1fd3e4fef0c5fa8cce1229c54b2c9bd0d8 # v0.24.0
        with:
          image-ref: registry.k8s.io/ingress-nginx/controller:${{ matrix.versions }}
          format: 'sarif'
@ -75,7 +75,7 @@ jobs:

      # This step checks out a copy of your repository.
      - name: Upload SARIF file
-        uses: github/codeql-action/upload-sarif@b611370bb5703a7efb587f9d136a52ea24c5c38c # v3.25.11
+        uses: github/codeql-action/upload-sarif@4fa2a7953630fd2f3fb380f21be14ede0169dd4f # v3.25.12
        with:
          token: ${{ github.token }}
          # Path to SARIF file relative to the root of the repository