From caaf39fc0810f882c4df0ec442e006b69609581a Mon Sep 17 00:00:00 2001 From: Bo-Yi Wu Date: Sat, 25 Apr 2026 16:51:03 +0800 Subject: [PATCH] ci(actions): bump trivy-action to v0.36.0 and codecov-action to v6 --- .github/workflows/docker.yml | 2 +- .github/workflows/lint.yml | 2 +- .github/workflows/trivy.yml | 4 ++-- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/.github/workflows/docker.yml b/.github/workflows/docker.yml index 8bf34d1..e331ce8 100644 --- a/.github/workflows/docker.yml +++ b/.github/workflows/docker.yml @@ -77,7 +77,7 @@ jobs: tags: drone-telegram:scan - name: Run Trivy vulnerability scanner - uses: aquasecurity/trivy-action@v0.35.0 + uses: aquasecurity/trivy-action@v0.36.0 with: image-ref: "drone-telegram:scan" format: "sarif" diff --git a/.github/workflows/lint.yml b/.github/workflows/lint.yml index 987f189..bb03e34 100644 --- a/.github/workflows/lint.yml +++ b/.github/workflows/lint.yml @@ -65,6 +65,6 @@ jobs: run: | make test - name: Upload coverage to Codecov - uses: codecov/codecov-action@v5 + uses: codecov/codecov-action@v6 with: flags: ${{ matrix.os }},go-${{ matrix.go }} diff --git a/.github/workflows/trivy.yml b/.github/workflows/trivy.yml index f7265d9..1b706f9 100644 --- a/.github/workflows/trivy.yml +++ b/.github/workflows/trivy.yml @@ -25,7 +25,7 @@ jobs: uses: actions/checkout@v6 - name: Run Trivy vulnerability scanner (repo) - uses: aquasecurity/trivy-action@v0.35.0 + uses: aquasecurity/trivy-action@v0.36.0 with: scan-type: "fs" scan-ref: "." @@ -70,7 +70,7 @@ jobs: tags: drone-telegram:scan - name: Run Trivy vulnerability scanner (image) - uses: aquasecurity/trivy-action@v0.35.0 + uses: aquasecurity/trivy-action@v0.36.0 with: image-ref: "drone-telegram:scan" format: "sarif"