Security vulnerabilities with docker-build-test.yaml

[davidusb-geek]

@GeoDerp
I have seen an important number of vulnerabilities linked to this pipeline, specifically on the osv-scan method.
This uses a branch of yours in:

uses: "geoderp/osv-scanner-action/.github/workflows/[email protected]"

Don't you think we should switch to the updated original osv-scanner-action?

[GeoDerp]

@GeoDerp
I have seen an important number of vulnerabilities linked to this pipeline, specifically on the osv-scan method.
This uses a branch of yours in:

uses: "geoderp/osv-scanner-action/.github/workflows/[email protected]"

Don't you think we should switch to the updated original osv-scanner-action?

100% , they recently merged my pull request 😁
Can do this on my PR later tonight if I have time while I check the js

[davidusb-geek]

Preparing the upcoming release, I've just comment out the osv-scan part on docker-build-test.yaml, waiting until they release the new improved version.

[GeoDerp]

Preparing the upcoming release, I've just comment out the osv-scan part on docker-build-test.yaml, waiting until they release the new improved version.

Once they release I'll probably do a review and see what might need to be changed

[GeoDerp]

PS. The errors in the actions are because the are known vulnerabilities detected in the Linux container. Unfortunately from what I have seen the known vulnerabilities are related to the version of debian. (Have to wait for HA to update)