diff --git a/.github/workflows/build-test-release.yaml b/.github/workflows/build-test-release.yaml index 97f532cb..561fa545 100644 --- a/.github/workflows/build-test-release.yaml +++ b/.github/workflows/build-test-release.yaml @@ -230,7 +230,7 @@ jobs: - name: "Security scan with Grype (SARIF)" # yamllint disable-line rule:line-length - uses: anchore/scan-action@62b74fb7bb810d2c45b1865f47a77655621862a5 # v7.2.3 + uses: anchore/scan-action@7037fa011853d5a11690026fb85feee79f4c946c # v7.3.2 id: grype-sarif # The first Grype audit should not be blocking and should never fail # That way we always get the required artefact; the second job will @@ -244,7 +244,7 @@ jobs: - name: "Security scan with Grype (Text/Table)" # yamllint disable-line rule:line-length - uses: anchore/scan-action@62b74fb7bb810d2c45b1865f47a77655621862a5 # v7.2.3 + uses: anchore/scan-action@7037fa011853d5a11690026fb85feee79f4c946c # v7.3.2 id: grype-table if: always() with: diff --git a/.github/workflows/build-test.yaml b/.github/workflows/build-test.yaml index 013ad823..41923be9 100644 --- a/.github/workflows/build-test.yaml +++ b/.github/workflows/build-test.yaml @@ -177,7 +177,7 @@ jobs: - name: "Security scan with Grype (SARIF)" # yamllint disable-line rule:line-length - uses: anchore/scan-action@62b74fb7bb810d2c45b1865f47a77655621862a5 # v7.2.3 + uses: anchore/scan-action@7037fa011853d5a11690026fb85feee79f4c946c # v7.3.2 id: grype-sarif with: sbom: "${{ steps.sbom.outputs.sbom_json_path }}" @@ -187,7 +187,7 @@ jobs: - name: "Security scan with Grype (Text/Table)" # yamllint disable-line rule:line-length - uses: anchore/scan-action@62b74fb7bb810d2c45b1865f47a77655621862a5 # v7.2.3 + uses: anchore/scan-action@7037fa011853d5a11690026fb85feee79f4c946c # v7.3.2 id: grype-table if: always() with: