From 572138a10815556e62dad03c44d87df7c76205f8 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 10 Jun 2024 06:41:21 +0000 Subject: [PATCH 1/2] Bump ubuntu/ubuntu from `4eef301` to `4f5ca1c` (#86) --- Dockerfile | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Dockerfile b/Dockerfile index b82f172..b2dafec 100644 --- a/Dockerfile +++ b/Dockerfile @@ -1,4 +1,4 @@ -FROM public.ecr.aws/ubuntu/ubuntu@sha256:4eef301bd53e72f08185a0d2692653f7773c712158d0923ba1942f7125ddd003 +FROM public.ecr.aws/ubuntu/ubuntu@sha256:4f5ca1c8b7abe2bd1162e629cafbd824c303b98954b1a168526aca6021f8affe LABEL org.opencontainers.image.vendor="Ministry of Justice" \ org.opencontainers.image.authors="Analytical Platform (analytical-platform@digital.justice.gov.uk)" \ From d2c72292085f6323bd0d01fe3b78a7985d321ba5 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 10 Jun 2024 06:41:33 +0000 Subject: [PATCH 2/2] Bump aquasecurity/trivy-action from 0.21.0 to 0.22.0 (#87) --- .github/workflows/scan-image.yml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/scan-image.yml b/.github/workflows/scan-image.yml index 691276b..f3cfad0 100644 --- a/.github/workflows/scan-image.yml +++ b/.github/workflows/scan-image.yml @@ -30,7 +30,7 @@ jobs: - name: Scan Image id: scan_image - uses: aquasecurity/trivy-action@fd25fed6972e341ff0007ddb61f77e88103953c2 # v0.21.0 + uses: aquasecurity/trivy-action@595be6a0f6560a0a8fc419ddf630567fc623531d # v0.22.0 with: image-ref: visual-studio-code exit-code: 1 @@ -42,7 +42,7 @@ jobs: - name: Scan Image (On SARIF Scan Failure) if: failure() && steps.scan_image.outcome == 'failure' id: scan_image_on_failure - uses: aquasecurity/trivy-action@fd25fed6972e341ff0007ddb61f77e88103953c2 # v0.21.0 + uses: aquasecurity/trivy-action@595be6a0f6560a0a8fc419ddf630567fc623531d # v0.22.0 with: image-ref: visual-studio-code exit-code: 1