diff --git a/.github/workflows/pipeline.yml b/.github/workflows/pipeline.yml index aea8ea6..638271e 100644 --- a/.github/workflows/pipeline.yml +++ b/.github/workflows/pipeline.yml @@ -59,7 +59,7 @@ jobs: cache-to: type=gha,mode=max,scope=${{ matrix.image }} - uses: aquasecurity/trivy-action@ed142fd0673e97e23eac54620cfb913e5ce36c25 # v0.36.0 with: {image-ref: "ghcr.io/lightcode-team/${{ matrix.image }}:sha-${{ github.sha }}", vuln-type: "os,library", severity: "HIGH,CRITICAL", ignore-unfixed: true, exit-code: "1"} - - uses: anchore/sbom-action@df80a981bc6edbc4e220a492d3cbe9f5547a6e75 # v0.17.9 + - uses: anchore/sbom-action@e22c389904149dbc22b58101806040fa8d37a610 # v0.24.0 with: {image: "ghcr.io/lightcode-team/${{ matrix.image }}:sha-${{ github.sha }}", artifact-name: "${{ matrix.image }}-sbom.spdx.json"} promote: needs: publish