Skip to content

Commit

Permalink
updated: dependencies and release 1.27.0
Browse files Browse the repository at this point in the history
  • Loading branch information
ammnt committed Jun 29, 2024
1 parent 20674cc commit 4f1450c
Show file tree
Hide file tree
Showing 2 changed files with 4 additions and 4 deletions.
6 changes: 3 additions & 3 deletions .github/workflows/build.yml
Original file line number Diff line number Diff line change
Expand Up @@ -97,23 +97,23 @@ jobs:
path: "${{ github.workspace }}/dependency-results.sbom.json"
retention-days: 20

- name: Analyze image with Anchore💊
- name: Analyze image with Grype💊
id: anchore
uses: anchore/scan-action@v3.6.4
with:
image: ghcr.io/ammnt/nginx:main
fail-build: false
severity-cutoff: critical

- name: Upload Anchore report📊
- name: Upload Grype report📊
uses: github/codeql-action/upload-sarif@v3
with:
sarif_file: ${{ steps.anchore.outputs.sarif }}

- name: Analyze image with Syft💊
uses: anchore/sbom-action@v0.16.0
with:
syft-version: v1.6.0
syft-version: v1.8.0
image: ghcr.io/ammnt/nginx:main
artifact-name: image.spdx.json
dependency-snapshot: false
Expand Down
2 changes: 1 addition & 1 deletion README.md
Original file line number Diff line number Diff line change
Expand Up @@ -30,7 +30,7 @@ https://github.com/openssl/openssl
- No excess ENTRYPOINT in the image;
- Slimmed version by Docker Slim tool;
- Scanned effiniefficiency result with Dive tool;
- Scanned by vulnerability scanners: GitHub, Docker Scout, Snyk, Anchore, Clair and Syft;
- Scanned by vulnerability scanners: GitHub, Docker Scout, Snyk, Grype, Clair and Syft;
- Prioritize ChaCha cipher patch and anonymous signature - removed "Server" header ("banner"):<br>
https://github.com/ammnt/nginx/blob/main/Dockerfile

Expand Down

0 comments on commit 4f1450c

Please sign in to comment.