From cbeef5541f7eba9d3de0131c27bf3a619bf8e55b Mon Sep 17 00:00:00 2001
From: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Date: Sun, 10 Nov 2024 09:46:01 +0000
Subject: [PATCH] chore(deps-dev): bump @types/node from 22.8.7 to 22.9.0 in the production-dependencies group (#1579)
---
.github/workflows/docker-build-push.yaml | 29 -----------------------------
1 files changed, 0 insertions(+), 29 deletions(-)
diff --git a/.github/workflows/docker-build-push.yaml b/.github/workflows/docker-build-push.yaml
index 61ec110..f3bd2cd 100644
--- a/.github/workflows/docker-build-push.yaml
+++ b/.github/workflows/docker-build-push.yaml
@@ -86,32 +86,3 @@
labels: ${{ steps.meta.outputs.labels || steps.meta-pr.outputs.labels }}
cache-from: type=gha
cache-to: type=gha
-
- - name: Sign the released image
- if: ${{ github.event_name != 'pull_request' }}
- env:
- COSIGN_EXPERIMENTAL: "true"
- run: echo "${{ steps.meta.outputs.tags }}" | xargs -I {} cosign sign --yes {}@${{ steps.build-and-push.outputs.digest }}
- - name: Run Trivy in GitHub SBOM mode and submit results to Dependency Graph
- uses: aquasecurity/trivy-action@master
- if: ${{ github.event_name != 'pull_request' }}
- with:
- image-ref: "ghcr.io/${{ github.repository_owner }}/quartz:sha-${{ env.GITHUB_SHA_SHORT }}"
- format: "github"
- output: "dependency-results.sbom.json"
- github-pat: ${{ secrets.GITHUB_TOKEN }}
- scanners: "vuln"
- - name: Run Trivy vulnerability scanner
- uses: aquasecurity/trivy-action@master
- if: ${{ github.event_name != 'pull_request' }}
- with:
- image-ref: "ghcr.io/${{ github.repository_owner }}/quartz:sha-${{ env.GITHUB_SHA_SHORT }}"
- format: "sarif"
- output: "trivy-results.sarif"
- severity: "CRITICAL"
- scanners: "vuln"
- - name: Upload Trivy scan results to GitHub Security tab
- uses: github/codeql-action/upload-sarif@v2
- if: ${{ github.event_name != 'pull_request' }}
- with:
- sarif_file: "trivy-results.sarif"
--
Gitblit v1.10.0