Merge pull request kubernetes-sigs#2187 from kubernetes-sigs/dependab…

…ot/github_actions/actions-f1f2d6c3b3 Bump the actions group with 3 updates
AndrewSirenko · Oct 17, 2024 · 7fd319a · 7fd319a
2 parents 486fbd0 + 31e5e88
commit 7fd319a
Show file tree

Hide file tree

Showing 4 changed files with 4 additions and 4 deletions.
diff --git a/.github/workflows/dependency-review.yaml b/.github/workflows/dependency-review.yaml
@@ -26,4 +26,4 @@ jobs:
         uses: actions/checkout@v4
 
       - name: 'Dependency Review'
-        uses: actions/dependency-review-action@v3
+        uses: actions/dependency-review-action@v4
diff --git a/.github/workflows/output-code-coverage.yaml b/.github/workflows/output-code-coverage.yaml
@@ -30,7 +30,7 @@ jobs:
     steps:
       # https://docs.github.com/en/actions/using-workflows/events-that-trigger-workflows#using-data-from-the-triggering-workflow
       - name: 'Download reports'
-        uses: actions/github-script@v6
+        uses: actions/github-script@v7
         with:
           script: |
             let fs = require('fs');

diff --git a/.github/workflows/trivy-containers.yaml b/.github/workflows/trivy-containers.yaml
@@ -68,7 +68,7 @@ jobs:
         run: docker pull ${{ matrix.image }}
 
       - name: Scan container image
-        uses: aquasecurity/trivy-action@0.26.0
+        uses: aquasecurity/trivy-action@0.28.0
         with:
           image-ref: '${{ matrix.image }}'
           output: 'results.sarif'

diff --git a/.github/workflows/trivy.yaml b/.github/workflows/trivy.yaml
@@ -32,7 +32,7 @@ jobs:
         uses: actions/checkout@v4
 
       - name: Run Trivy vulnerability scanner in repo mode
-        uses: aquasecurity/trivy-action@0.26.0
+        uses: aquasecurity/trivy-action@0.28.0
         with:
           scan-type: 'fs'
           ignore-unfixed: true