From bc57ffe8ae01dfd450dfebbd258d3777c470b1ce Mon Sep 17 00:00:00 2001 From: Bo-Yi Wu Date: Sat, 25 Apr 2026 16:51:03 +0800 Subject: [PATCH] ci(actions): bump trivy-action to v0.36.0 and codecov-action to v6 --- .github/workflows/docker.yml | 2 +- .github/workflows/testing.yml | 2 +- .github/workflows/trivy.yml | 4 ++-- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml index 7f2d930..783f262 100644 --- a/.github/workflows/docker.yml +++ b/.github/workflows/docker.yml @@ -76,7 +76,7 @@ jobs: tags: drone-ssh:scan - name: Run Trivy vulnerability scanner - uses: aquasecurity/trivy-action@v0.35.0 + uses: aquasecurity/trivy-action@v0.36.0 with: image-ref: "drone-ssh:scan" format: "sarif" diff --git a/.github/workflows/testing.yml b/.github/workflows/testing.yml index addf32a..c482718 100644 --- a/.github/workflows/testing.yml +++ b/.github/workflows/testing.yml @@ -50,6 +50,6 @@ jobs: make test - name: Upload coverage to Codecov - uses: codecov/codecov-action@v5 + uses: codecov/codecov-action@v6 with: flags: go-${{ matrix.go-version }} diff --git a/.github/workflows/trivy.yml b/.github/workflows/trivy.yml index 8043c1a..9b63909 100644 --- a/.github/workflows/trivy.yml +++ b/.github/workflows/trivy.yml @@ -25,7 +25,7 @@ jobs: uses: actions/checkout@v6 - name: Run Trivy vulnerability scanner (repo) - uses: aquasecurity/trivy-action@v0.35.0 + uses: aquasecurity/trivy-action@v0.36.0 with: scan-type: "fs" scan-ref: "." @@ -70,7 +70,7 @@ jobs: tags: drone-ssh:scan - name: Run Trivy vulnerability scanner (image) - uses: aquasecurity/trivy-action@v0.35.0 + uses: aquasecurity/trivy-action@v0.36.0 with: image-ref: "drone-ssh:scan" format: "sarif"