Inicio Explorar Ayuda
Iniciar sesión
yunoadmin
/
bambuddy
espejo de https://github.com/maziggy/bambuddy
1
0
Fork 0
Archivos Incidencias 0 Wiki
Explorar el Código

Updated CI

maziggy hace 3 meses
padre
f9431ced0c
commit
45e08b023a
Se han modificado 1 ficheros con 5 adiciones y 5 borrados
Unificar vista Mostrar estadísticas de diff
  1. 5 5
      .github/workflows/security.yml

+ 5 - 5
.github/workflows/security.yml
Ver fichero 

@@ -54,7 +54,7 @@ jobs:
 
           bandit -r backend/ -f sarif -o bandit-results.sarif --severity-level medium || true
 
           bandit -r backend/ -f sarif -o bandit-results.sarif --severity-level medium || true
 
 
 
       - name: Upload Bandit results to GitHub Security
 
       - name: Upload Bandit results to GitHub Security
 
-        uses: github/codeql-action/upload-sarif@v3
 
+        uses: github/codeql-action/upload-sarif@v4
 
         if: always()
 
         if: always()
 
         with:
 
         with:
 
           sarif_file: bandit-results.sarif
 
           sarif_file: bandit-results.sarif
 
@@ -73,7 +73,7 @@ jobs:
 
         run: docker build -t bambuddy:security-scan .
 
         run: docker build -t bambuddy:security-scan .
 
 
 
       - name: Run Trivy vulnerability scanner
 
       - name: Run Trivy vulnerability scanner
 
-        uses: aquasecurity/trivy-action@master
 
+        uses: aquasecurity/trivy-action@v0.33.1
 
         with:
 
         with:
 
           image-ref: 'bambuddy:security-scan'
 
           image-ref: 'bambuddy:security-scan'
 
           format: 'sarif'
 
           format: 'sarif'
 
@@ -81,14 +81,14 @@ jobs:
 
           severity: 'CRITICAL,HIGH,MEDIUM'
 
           severity: 'CRITICAL,HIGH,MEDIUM'
 
 
 
       - name: Upload Trivy results to GitHub Security
 
       - name: Upload Trivy results to GitHub Security
 
-        uses: github/codeql-action/upload-sarif@v3
 
+        uses: github/codeql-action/upload-sarif@v4
 
         if: always()
 
         if: always()
 
         with:
 
         with:
 
           sarif_file: trivy-results.sarif
 
           sarif_file: trivy-results.sarif
 
           category: trivy
 
           category: trivy
 
 
 
       - name: Run Trivy for Dockerfile/IaC
 
       - name: Run Trivy for Dockerfile/IaC
 
-        uses: aquasecurity/trivy-action@master
 
+        uses: aquasecurity/trivy-action@v0.33.1
 
         with:
 
         with:
 
           scan-type: 'config'
 
           scan-type: 'config'
 
           scan-ref: '.'
 
           scan-ref: '.'
 
@@ -97,7 +97,7 @@ jobs:
 
           severity: 'CRITICAL,HIGH,MEDIUM'
 
           severity: 'CRITICAL,HIGH,MEDIUM'
 
 
 
       - name: Upload Trivy config results
 
       - name: Upload Trivy config results
 
-        uses: github/codeql-action/upload-sarif@v3
 
+        uses: github/codeql-action/upload-sarif@v4
 
         if: always()
 
         if: always()
 
         with:
 
         with:
 
           sarif_file: trivy-config-results.sarif
 
           sarif_file: trivy-config-results.sarif