From bf3e9d82b40afdc89edc519f40bc0f67af48f1bf Mon Sep 17 00:00:00 2001
From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com>
Date: Tue, 12 Dec 2023 15:24:30 +0000
Subject: [PATCH 1/5] fix(deps): update module google.golang.org/grpc to
v1.60.0 (#1074)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)
This PR contains the following updates:
| Package | Type | Update | Change |
|---|---|---|---|
| [google.golang.org/grpc](https://togithub.com/grpc/grpc-go) | require
| minor | `v1.59.0` -> `v1.60.0` |
---
> [!WARNING]
> Some dependencies could not be looked up. Check the Dependency
Dashboard for more information.
---
### Release Notes
grpc/grpc-go (google.golang.org/grpc)
### [`v1.60.0`](https://togithub.com/grpc/grpc-go/releases/tag/v1.60.0):
Release 1.60.0
[Compare
Source](https://togithub.com/grpc/grpc-go/compare/v1.59.0...v1.60.0)
### Security
- credentials/tls: if not set, set TLS MinVersion to 1.2 and
CipherSuites according to supported suites not forbidden by RFC7540.
- This is a behavior change to bring us into better alignment with RFC
7540.
### API Changes
- resolver: remove deprecated and experimental
`ClientConn.NewServiceConfig`
([#6784](https://togithub.com/grpc/grpc-go/issues/6784))
- client: remove deprecated `grpc.WithServiceConfig` `DialOption`
([#6800](https://togithub.com/grpc/grpc-go/issues/6800))
### Bug Fixes
- client: fix race that could cause a deadlock while entering idle mode
and receiving a name resolver update
([#6804](https://togithub.com/grpc/grpc-go/issues/6804))
- client: always enable TCP keepalives with OS defaults
([#6834](https://togithub.com/grpc/grpc-go/issues/6834))
- credentials/alts: fix a bug preventing ALTS from connecting to the
metadata server if the default scheme is overridden
([#6686](https://togithub.com/grpc/grpc-go/issues/6686))
- Special Thanks: [@mjamaloney](https://togithub.com/mjamaloney)
### Behavior Changes
- server: Do not return from Stop() or GracefulStop() until all
resources are released
([#6489](https://togithub.com/grpc/grpc-go/issues/6489))
- Special Thanks: [@fho](https://togithub.com/fho)
### Documentation
- codes: clarify that only codes defined by this package are valid and
that users should not cast other values to `codes.Code`
([#6701](https://togithub.com/grpc/grpc-go/issues/6701))
---
### Configuration
📅 **Schedule**: Branch creation - At any time (no schedule defined),
Automerge - At any time (no schedule defined).
🚦 **Automerge**: Enabled.
â™» **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.
🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.
---
- [ ] If you want to rebase/retry this PR, check
this box
---
This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View
repository job log
[here](https://developer.mend.io/github/open-feature/flagd).
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
---
core/go.mod | 10 +++++-----
core/go.sum | 10 ++++++++++
2 files changed, 15 insertions(+), 5 deletions(-)
diff --git a/core/go.mod b/core/go.mod
index 77d7625e4..9239851ed 100644
--- a/core/go.mod
+++ b/core/go.mod
@@ -37,7 +37,7 @@ require (
golang.org/x/mod v0.14.0
golang.org/x/net v0.19.0
golang.org/x/sync v0.5.0
- google.golang.org/grpc v1.59.0
+ google.golang.org/grpc v1.60.0
google.golang.org/protobuf v1.31.0
gopkg.in/yaml.v3 v3.0.1
k8s.io/apimachinery v0.28.4
@@ -90,14 +90,14 @@ require (
github.com/xeipuuv/gojsonreference v0.0.0-20180127040603-bd5ef7bd5415 // indirect
go.opentelemetry.io/proto/otlp v1.0.0 // indirect
go.uber.org/multierr v1.11.0 // indirect
- golang.org/x/oauth2 v0.11.0 // indirect
+ golang.org/x/oauth2 v0.13.0 // indirect
golang.org/x/sys v0.15.0 // indirect
golang.org/x/term v0.15.0 // indirect
golang.org/x/text v0.14.0 // indirect
golang.org/x/time v0.3.0 // indirect
- google.golang.org/appengine v1.6.7 // indirect
- google.golang.org/genproto/googleapis/api v0.0.0-20230822172742-b8732ec3820d // indirect
- google.golang.org/genproto/googleapis/rpc v0.0.0-20230822172742-b8732ec3820d // indirect
+ google.golang.org/appengine v1.6.8 // indirect
+ google.golang.org/genproto/googleapis/api v0.0.0-20231002182017-d307bd883b97 // indirect
+ google.golang.org/genproto/googleapis/rpc v0.0.0-20231002182017-d307bd883b97 // indirect
gopkg.in/inf.v0 v0.9.1 // indirect
gopkg.in/yaml.v2 v2.4.0 // indirect
k8s.io/api v0.28.4 // indirect
diff --git a/core/go.sum b/core/go.sum
index 07d1f3f7a..6047dda9f 100644
--- a/core/go.sum
+++ b/core/go.sum
@@ -906,6 +906,8 @@ golang.org/x/oauth2 v0.0.0-20221014153046-6fdb5e3db783/go.mod h1:h4gKUeWbJ4rQPri
golang.org/x/oauth2 v0.4.0/go.mod h1:RznEsdpjGAINPTOF0UH/t+xJ75L18YO3Ho6Pyn+uRec=
golang.org/x/oauth2 v0.11.0 h1:vPL4xzxBM4niKCW6g9whtaWVXTJf1U5e4aZxxFx/gbU=
golang.org/x/oauth2 v0.11.0/go.mod h1:LdF7O/8bLR/qWK9DrpXmbHLTouvRHK0SgJl0GmDBchk=
+golang.org/x/oauth2 v0.13.0 h1:jDDenyj+WgFtmV3zYVoi8aE2BwtXFLWOA67ZfNWftiY=
+golang.org/x/oauth2 v0.13.0/go.mod h1:/JMhi4ZRXAf4HG9LiNmxvk+45+96RUlVThiH8FzNBn0=
golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
golang.org/x/sync v0.0.0-20181221193216-37e7f081c4d4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM=
@@ -1149,6 +1151,8 @@ google.golang.org/appengine v1.6.5/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCID
google.golang.org/appengine v1.6.6/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc=
google.golang.org/appengine v1.6.7 h1:FZR1q0exgwxzPzp/aF+VccGrSfxfPpkBqjIIEq3ru6c=
google.golang.org/appengine v1.6.7/go.mod h1:8WjMMxjGQR8xUklV/ARdw2HLXBOI7O7uCIDZVag1xfc=
+google.golang.org/appengine v1.6.8 h1:IhEN5q69dyKagZPYMSdIjS2HqprW324FRQZJcGqPAsM=
+google.golang.org/appengine v1.6.8/go.mod h1:1jJ3jBArFh5pcgW8gCtRJnepW8FzD1V44FJffLiz/Ds=
google.golang.org/genproto v0.0.0-20180817151627-c66870c02cf8/go.mod h1:JiN7NxoALGmiZfu7CAH4rXhgtRTLTxftemlI0sWmxmc=
google.golang.org/genproto v0.0.0-20190307195333-5fe7a883aa19/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE=
google.golang.org/genproto v0.0.0-20190418145605-e7d98fc518a7/go.mod h1:VzzqZJRnGkLBvHegQrXjBqPurQTc5/KpmUdxsrq26oE=
@@ -1264,8 +1268,12 @@ google.golang.org/genproto v0.0.0-20230110181048-76db0878b65f/go.mod h1:RGgjbofJ
google.golang.org/genproto v0.0.0-20230822172742-b8732ec3820d h1:VBu5YqKPv6XiJ199exd8Br+Aetz+o08F+PLMnwJQHAY=
google.golang.org/genproto/googleapis/api v0.0.0-20230822172742-b8732ec3820d h1:DoPTO70H+bcDXcd39vOqb2viZxgqeBeSGtZ55yZU4/Q=
google.golang.org/genproto/googleapis/api v0.0.0-20230822172742-b8732ec3820d/go.mod h1:KjSP20unUpOx5kyQUFa7k4OJg0qeJ7DEZflGDu2p6Bk=
+google.golang.org/genproto/googleapis/api v0.0.0-20231002182017-d307bd883b97 h1:W18sezcAYs+3tDZX4F80yctqa12jcP1PUS2gQu1zTPU=
+google.golang.org/genproto/googleapis/api v0.0.0-20231002182017-d307bd883b97/go.mod h1:iargEX0SFPm3xcfMI0d1domjg0ZF4Aa0p2awqyxhvF0=
google.golang.org/genproto/googleapis/rpc v0.0.0-20230822172742-b8732ec3820d h1:uvYuEyMHKNt+lT4K3bN6fGswmK8qSvcreM3BwjDh+y4=
google.golang.org/genproto/googleapis/rpc v0.0.0-20230822172742-b8732ec3820d/go.mod h1:+Bk1OCOj40wS2hwAMA+aCW9ypzm63QTBBHp6lQ3p+9M=
+google.golang.org/genproto/googleapis/rpc v0.0.0-20231002182017-d307bd883b97 h1:6GQBEOdGkX6MMTLT9V+TjtIRZCw9VPD5Z+yHY9wMgS0=
+google.golang.org/genproto/googleapis/rpc v0.0.0-20231002182017-d307bd883b97/go.mod h1:v7nGkzlmW8P3n/bKmWBn2WpBjpOEx8Q6gMueudAmKfY=
google.golang.org/grpc v1.19.0/go.mod h1:mqu4LbDTu4XGKhr4mRzUsmM4RtVoemTSY81AxZiDr8c=
google.golang.org/grpc v1.20.1/go.mod h1:10oTOabMzJvdu6/UiuZezV6QK5dSlG84ov/aaiqXj38=
google.golang.org/grpc v1.21.1/go.mod h1:oYelfM1adQP15Ek0mdvEgi9Df8B9CZIaU1084ijfRaM=
@@ -1306,6 +1314,8 @@ google.golang.org/grpc v1.51.0/go.mod h1:wgNDFcnuBGmxLKI/qn4T+m5BtEBYXJPvibbUPsA
google.golang.org/grpc v1.53.0/go.mod h1:OnIrk0ipVdj4N5d9IUoFUx72/VlD7+jUsHwZgwSMQpw=
google.golang.org/grpc v1.59.0 h1:Z5Iec2pjwb+LEOqzpB2MR12/eKFhDPhuqW91O+4bwUk=
google.golang.org/grpc v1.59.0/go.mod h1:aUPDwccQo6OTjy7Hct4AfBPD1GptF4fyUjIkQ9YtF98=
+google.golang.org/grpc v1.60.0 h1:6FQAR0kM31P6MRdeluor2w2gPaS4SVNrD/DNTxrQ15k=
+google.golang.org/grpc v1.60.0/go.mod h1:OlCHIeLYqSSsLi6i49B5QGdzaMZK9+M7LXN2FKz4eGM=
google.golang.org/grpc/cmd/protoc-gen-go-grpc v1.1.0/go.mod h1:6Kw0yEErY5E/yWrBtf03jp27GLLJujG4z/JK95pnjjw=
google.golang.org/protobuf v0.0.0-20200109180630-ec00e32a8dfd/go.mod h1:DFci5gLYBciE7Vtevhsrf46CRTquxDuWsQurQQe4oz8=
google.golang.org/protobuf v0.0.0-20200221191635-4d8936d0db64/go.mod h1:kwYJMbMJ01Woi6D6+Kah6886xMZcty6N08ah7+eCXa0=
From 5c5d5abc38540277deb4e11f41f79ff49273d659 Mon Sep 17 00:00:00 2001
From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com>
Date: Tue, 12 Dec 2023 18:10:26 +0000
Subject: [PATCH 2/5] fix(deps): update module
github.com/diegoholiveira/jsonlogic/v3 to v3.4.0 (#1068)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)
This PR contains the following updates:
| Package | Type | Update | Change |
|---|---|---|---|
|
[github.com/diegoholiveira/jsonlogic/v3](https://togithub.com/diegoholiveira/jsonlogic)
| require | minor | `v3.3.2` -> `v3.4.0` |
---
> [!WARNING]
> Some dependencies could not be looked up. Check the Dependency
Dashboard for more information.
---
### Release Notes
diegoholiveira/jsonlogic
(github.com/diegoholiveira/jsonlogic/v3)
###
[`v3.4.0`](https://togithub.com/diegoholiveira/jsonlogic/releases/tag/v3.4.0)
[Compare
Source](https://togithub.com/diegoholiveira/jsonlogic/compare/v3.3.2...v3.4.0)
#### What's Changed
- Verify array before try to access any position by
[@diegoholiveira](https://togithub.com/diegoholiveira) in
[https://github.com/diegoholiveira/jsonlogic/pull/76](https://togithub.com/diegoholiveira/jsonlogic/pull/76)
**Full Changelog**:
https://github.com/diegoholiveira/jsonlogic/compare/v3.3.2...v3.4.0
---
### Configuration
📅 **Schedule**: Branch creation - At any time (no schedule defined),
Automerge - At any time (no schedule defined).
🚦 **Automerge**: Enabled.
â™» **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.
🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.
---
- [ ] If you want to rebase/retry this PR, check
this box
---
This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View
repository job log
[here](https://developer.mend.io/github/open-feature/flagd).
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
---
core/go.mod | 2 +-
core/go.sum | 2 ++
2 files changed, 3 insertions(+), 1 deletion(-)
diff --git a/core/go.mod b/core/go.mod
index 9239851ed..663eb6e22 100644
--- a/core/go.mod
+++ b/core/go.mod
@@ -8,7 +8,7 @@ require (
buf.build/gen/go/open-feature/flagd/protocolbuffers/go v1.31.0-20231031123731-ac2ec0f39838.2
connectrpc.com/connect v1.13.0
connectrpc.com/otelconnect v0.6.0
- github.com/diegoholiveira/jsonlogic/v3 v3.3.2
+ github.com/diegoholiveira/jsonlogic/v3 v3.4.0
github.com/fsnotify/fsnotify v1.7.0
github.com/golang/mock v1.6.0
github.com/open-feature/open-feature-operator v0.5.2
diff --git a/core/go.sum b/core/go.sum
index 6047dda9f..3e842ff28 100644
--- a/core/go.sum
+++ b/core/go.sum
@@ -442,6 +442,8 @@ github.com/davecgh/go-spew v1.1.1 h1:vj9j/u1bqnvCEfJOwUhtlOARqs3+rkHYY13jYWTU97c
github.com/davecgh/go-spew v1.1.1/go.mod h1:J7Y8YcW2NihsgmVo/mv3lAwl/skON4iLHjSsI+c5H38=
github.com/diegoholiveira/jsonlogic/v3 v3.3.2 h1:srg/h16pzyuS0/+P2HOt2zdDPDnzaFZtsHtfTugRPVc=
github.com/diegoholiveira/jsonlogic/v3 v3.3.2/go.mod h1:9oE8z9G+0OMxOoLHF3fhek3KuqD5CBqM0B6XFL08MSg=
+github.com/diegoholiveira/jsonlogic/v3 v3.4.0 h1:TN++nRmEMA5UHzKl8MJ1kbF5SSzWtKHE0PZ6ITbJeH4=
+github.com/diegoholiveira/jsonlogic/v3 v3.4.0/go.mod h1:9oE8z9G+0OMxOoLHF3fhek3KuqD5CBqM0B6XFL08MSg=
github.com/emicklei/go-restful/v3 v3.11.0 h1:rAQeMHw1c7zTmncogyy8VvRZwtkmkZ4FxERmMY4rD+g=
github.com/emicklei/go-restful/v3 v3.11.0/go.mod h1:6n3XBCmQQb25CM2LCACGz8ukIrRry+4bhvbpWn3mrbc=
github.com/envoyproxy/go-control-plane v0.9.0/go.mod h1:YTl/9mNaCwkRvm6d1a2C3ymFceY/DCBVvsKhRF0iEA4=
From 3ec8cf670423901c45a1d41d350258af2b34726c Mon Sep 17 00:00:00 2001
From: Kavindu Dodanduwa
Date: Tue, 12 Dec 2023 11:51:06 -0800
Subject: [PATCH 3/5] chore: update to go-sdk 1.9.0 (#1080)
## This PR
Update test dependencies to go-sdk 1.9.0
Signed-off-by: Kavindu Dodanduwa
---
test/integration/evaluation_test.go | 2 +-
test/integration/go.mod | 2 +-
test/integration/json_evaluator_test.go | 2 +-
3 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/test/integration/evaluation_test.go b/test/integration/evaluation_test.go
index d0b1ed675..47bbdbb3b 100644
--- a/test/integration/evaluation_test.go
+++ b/test/integration/evaluation_test.go
@@ -7,7 +7,7 @@ import (
"github.com/cucumber/godog"
flagd "github.com/open-feature/go-sdk-contrib/providers/flagd/pkg"
"github.com/open-feature/go-sdk-contrib/tests/flagd/pkg/integration"
- "github.com/open-feature/go-sdk/pkg/openfeature"
+ "github.com/open-feature/go-sdk/openfeature"
)
func TestEvaluation(t *testing.T) {
diff --git a/test/integration/go.mod b/test/integration/go.mod
index 10d0fb2b4..038c29155 100644
--- a/test/integration/go.mod
+++ b/test/integration/go.mod
@@ -4,7 +4,7 @@ go 1.19
require (
github.com/cucumber/godog v0.13.0
- github.com/open-feature/go-sdk v1.8.0
+ github.com/open-feature/go-sdk v1.9.0
github.com/open-feature/go-sdk-contrib/providers/flagd v0.1.18
github.com/open-feature/go-sdk-contrib/tests/flagd v1.3.2
)
diff --git a/test/integration/json_evaluator_test.go b/test/integration/json_evaluator_test.go
index cfae8803b..57221e06f 100644
--- a/test/integration/json_evaluator_test.go
+++ b/test/integration/json_evaluator_test.go
@@ -7,7 +7,7 @@ import (
"github.com/cucumber/godog"
flagd "github.com/open-feature/go-sdk-contrib/providers/flagd/pkg"
"github.com/open-feature/go-sdk-contrib/tests/flagd/pkg/integration"
- "github.com/open-feature/go-sdk/pkg/openfeature"
+ "github.com/open-feature/go-sdk/openfeature"
)
func TestJsonEvaluator(t *testing.T) {
From f0d7c91473bc3827a2fba94fed161e2e0124dc38 Mon Sep 17 00:00:00 2001
From: Michael Beemer
Date: Tue, 12 Dec 2023 15:38:27 -0500
Subject: [PATCH 4/5] Remove benchmark workflow
Signed-off-by: Michael Beemer
---
.github/workflows/publish-benchmark.yaml | 41 ------------------------
1 file changed, 41 deletions(-)
delete mode 100644 .github/workflows/publish-benchmark.yaml
diff --git a/.github/workflows/publish-benchmark.yaml b/.github/workflows/publish-benchmark.yaml
deleted file mode 100644
index c639fdf3f..000000000
--- a/.github/workflows/publish-benchmark.yaml
+++ /dev/null
@@ -1,41 +0,0 @@
-name: "Trigger Site Rebuild on a CRON Schedule"
-
-on:
- schedule:
- # runs at 02:00 every day, UTC
- - cron: "0 2 * * *"
-
-env:
- GO_VERSION: '1.20'
-
-jobs:
- benchmark-publish:
- name: Run Benchmark
- if: github.repository == 'open-feature/flagd'
- runs-on: ubuntu-latest
- steps:
- - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4
-
- - name: Setup go
- uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5
- with:
- go-version: ${{ env.GO_VERSION }}
-
- - name: Workspace init
- run: make workspace-init
-
- - name: Run benchmark
- run: set -o pipefail; go test -bench=Bench -short -benchtime=5s -benchmem ./core/... | tee output.txt
-
- - name: Store benchmark result
- uses: benchmark-action/github-action-benchmark@v1
- with:
- name: Go Benchmark
- tool: "go"
- output-file-path: output.txt
- github-token: ${{ secrets.GITHUB_TOKEN }}
- auto-push: true
- # Show alert with commit comment on detecting possible performance regression
- alert-threshold: "130%"
- comment-on-alert: true
- fail-on-alert: false
From c8c9a19a4d31df01e6d122c14191dacce98f3d36 Mon Sep 17 00:00:00 2001
From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com>
Date: Wed, 13 Dec 2023 20:04:50 +0000
Subject: [PATCH 5/5] chore(deps): update github/codeql-action action to v3
(#1081)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)
This PR contains the following updates:
| Package | Type | Update | Change |
|---|---|---|---|
| [github/codeql-action](https://togithub.com/github/codeql-action) |
action | major | `v2` -> `v3` |
---
> [!WARNING]
> Some dependencies could not be looked up. Check the Dependency
Dashboard for more information.
---
### Release Notes
github/codeql-action (github/codeql-action)
### [`v3`](https://togithub.com/github/codeql-action/compare/v2...v3)
[Compare
Source](https://togithub.com/github/codeql-action/compare/v2...v3)
---
### Configuration
📅 **Schedule**: Branch creation - At any time (no schedule defined),
Automerge - At any time (no schedule defined).
🚦 **Automerge**: Enabled.
â™» **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.
🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.
---
- [ ] If you want to rebase/retry this PR, check
this box
---
This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View
repository job log
[here](https://developer.mend.io/github/open-feature/flagd).
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
---
.github/workflows/build.yaml | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/.github/workflows/build.yaml b/.github/workflows/build.yaml
index 1b5cfd414..3cd80a615 100644
--- a/.github/workflows/build.yaml
+++ b/.github/workflows/build.yaml
@@ -107,7 +107,7 @@ jobs:
severity: "CRITICAL,HIGH"
- name: Upload Trivy scan results to GitHub Security tab
- uses: github/codeql-action/upload-sarif@c0d1daa7f7e14667747d73a7dbbe8c074bc8bfe2 # v2
+ uses: github/codeql-action/upload-sarif@b374143c1149a9115d881581d29b8390bbcbb59c # v3
with:
sarif_file: "trivy-results.sarif"