Skip to content

Commit

Permalink
ci(deps): bump anchore/sbom-action from 0.17.8 to 0.17.9 in /.github/…
Browse files Browse the repository at this point in the history 
…workflows (#150)

Bumps [anchore/sbom-action](https://github.com/anchore/sbom-action) from
0.17.8 to 0.17.9.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/anchore/sbom-action/releases">anchore/sbom-action's
releases</a>.</em></p>
<blockquote>
<h2>v0.17.9</h2>
<h2>Changes in v0.17.9</h2>
<ul>
<li>chore(deps): update Syft to v1.18.1 (<a
href="https://redirect.github.com/anchore/sbom-action/issues/510">#510</a>)
[<a
href="https://github.com/anchore-actions-token-generator">anchore-actions-token-generator</a>]</li>
<li>chore(deps): update Syft to v1.18.0 (<a
href="https://redirect.github.com/anchore/sbom-action/issues/509">#509</a>)
[<a
href="https://github.com/anchore-actions-token-generator">anchore-actions-token-generator</a>]</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/anchore/sbom-action/commit/df80a981bc6edbc4e220a492d3cbe9f5547a6e75"><code>df80a98</code></a>
chore(deps): update Syft to v1.18.1 (<a
href="https://redirect.github.com/anchore/sbom-action/issues/510">#510</a>)</li>
<li><a
href="https://github.com/anchore/sbom-action/commit/33651ab40b3db0580a965d98214c067a2daa842c"><code>33651ab</code></a>
chore(deps): update Syft to v1.18.0 (<a
href="https://redirect.github.com/anchore/sbom-action/issues/509">#509</a>)</li>
<li><a
href="https://github.com/anchore/sbom-action/commit/a5bbe18b4dff7eb7cfcb7e761dab91654437ba13"><code>a5bbe18</code></a>
fix: github correlator name when run in matrix build (<a
href="https://redirect.github.com/anchore/sbom-action/issues/482">#482</a>)</li>
<li>See full diff in <a
href="https://github.com/anchore/sbom-action/compare/55dc4ee22412511ee8c3142cbea40418e6cec693...df80a981bc6edbc4e220a492d3cbe9f5547a6e75">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=anchore/sbom-action&package-manager=github_actions&previous-version=0.17.8&new-version=0.17.9)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

---------

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Dariusz Porowski <[email protected]>
  • Loading branch information
@dependabot @DariuszPorowski
dependabot[bot] and DariuszPorowski authored Dec 16, 2024
1 parent 03169de commit 98fc107
Show file tree
Hide file tree
Showing 2 changed files with 3 additions and 3 deletions.
4 changes: 2 additions & 2 deletions .devcontainer/devcontainer.json
View file
Original file line number Diff line number Diff line change
Expand Up @@ -36,13 +36,13 @@
// "ghcr.io/guiyomh/features/gomarkdoc:0": {},
// "ghcr.io/guiyomh/features/gotestsum:0": {},
"ghcr.io/devcontainers/features/terraform:1": {
"version": "1.10.0",
"version": "1.10.2",
"installSentinel": true,
"installTFsec": true,
"installTerraformDocs": true
},
"ghcr.io/robbert229/devcontainer-features/opentofu:1": {
"version": "1.8.6"
"version": "1.8.7"
},
"ghcr.io/devcontainers-contrib/features/pipx-package:1": {},
// "ghcr.io/devcontainers-contrib/features/mkdocs:2": {},
Expand Down
2 changes: 1 addition & 1 deletion .github/workflows/release.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -41,7 +41,7 @@ jobs:
passphrase: ${{ secrets.GPG_PRIVATE_KEY_PASSPHRASE }}

- name: 🚧 Setup Syft
uses: anchore/sbom-action/download-syft@55dc4ee22412511ee8c3142cbea40418e6cec693 # v0.17.8
uses: anchore/sbom-action/download-syft@df80a981bc6edbc4e220a492d3cbe9f5547a6e75 # v0.17.9

- name: 🚀 Run GoReleaser
uses: goreleaser/goreleaser-action@9ed2f89a662bf1735a48bc8557fd212fa902bebf # v6.1.0
Expand Down

0 comments on commit 98fc107

Please sign in to comment.