Skip to content

Commit

Permalink
fetch tags so that goreleaser generates the right binary version
Browse files Browse the repository at this point in the history 
this fixes an issue with trivy where it flags SpiceDB as
vulnerable, possibly as of aquasecurity/trivy#6564
include in version 0.51.0. It's flagged because it parses it as version
0.0.1-next
  • Loading branch information
@vroldanbet
vroldanbet committed May 3, 2024
1 parent f391921 commit 3fe79ed
Showing 1 changed file with 2 additions and 0 deletions.
2 changes: 2 additions & 0 deletions .github/workflows/security.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -42,6 +42,8 @@ jobs:
runs-on: "buildjet-2vcpu-ubuntu-2204"
steps:
- uses: "actions/checkout@v4"
with:
fetch-depth: 0
- uses: "authzed/actions/setup-go@main"
- uses: "docker/login-action@v3"
with:
Expand Down

0 comments on commit 3fe79ed

Please sign in to comment.