Compare commits

...

4 Commits

Author SHA1 Message Date
Varun Chawla
1bdd6daa01
Merge 1653ca33d3c440a05e1dacc9d162310a4011f9d4 into 0c219e7902e88b27be1736d46efb241e4482b30f 2026-02-21 22:37:59 +08:00
Bo-Yi Wu
1653ca33d3
Merge branch 'master' into fix/issue-2959-redirect-fixed-path-panic 2026-02-21 22:37:56 +08:00
dependabot[bot]
0c219e7902
chore(deps): bump aquasecurity/trivy-action in the actions group (#4544)
Bumps the actions group with 1 update: [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action).


Updates `aquasecurity/trivy-action` from 0.34.0 to 0.34.1
- [Release notes](https://github.com/aquasecurity/trivy-action/releases)
- [Commits](https://github.com/aquasecurity/trivy-action/compare/0.34.0...0.34.1)

---
updated-dependencies:
- dependency-name: aquasecurity/trivy-action
  dependency-version: 0.34.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: actions
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-02-21 22:33:30 +08:00
Bo-Yi Wu
00900fb3e1
ci: update CI workflows and standardize Trivy config quotes (#4531)
- Update gin workflow to use v2.9 and add Go 1.26 to the matrix
- Upgrade Trivy action to v0.34.0 in the scan workflow
- Change all single quotes to double quotes in Trivy workflow configuration

Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
2026-02-21 22:32:32 +08:00
2 changed files with 18 additions and 18 deletions

View File

@ -26,14 +26,14 @@ jobs:
- name: Setup golangci-lint
uses: golangci/golangci-lint-action@v9
with:
version: v2.6
version: v2.9
args: --verbose
test:
needs: lint
strategy:
matrix:
os: [ubuntu-latest, macos-latest]
go: ["1.24", "1.25"]
go: ["1.24", "1.25", "1.26"]
test-tags:
[
"",

View File

@ -9,7 +9,7 @@ on:
- master
schedule:
# Run daily at 00:00 UTC
- cron: '0 0 * * *'
- cron: "0 0 * * *"
workflow_dispatch: # Allow manual trigger
permissions:
@ -27,30 +27,30 @@ jobs:
fetch-depth: 0
- name: Run Trivy vulnerability scanner (source code)
uses: aquasecurity/trivy-action@0.34.0
uses: aquasecurity/trivy-action@0.34.1
with:
scan-type: 'fs'
scan-ref: '.'
scanners: 'vuln,secret,misconfig'
format: 'sarif'
output: 'trivy-results.sarif'
severity: 'CRITICAL,HIGH,MEDIUM'
scan-type: "fs"
scan-ref: "."
scanners: "vuln,secret,misconfig"
format: "sarif"
output: "trivy-results.sarif"
severity: "CRITICAL,HIGH,MEDIUM"
ignore-unfixed: true
- name: Upload Trivy results to GitHub Security tab
uses: github/codeql-action/upload-sarif@v4
if: always()
with:
sarif_file: 'trivy-results.sarif'
sarif_file: "trivy-results.sarif"
- name: Run Trivy scanner (table output for logs)
uses: aquasecurity/trivy-action@0.34.0
uses: aquasecurity/trivy-action@0.34.1
if: always()
with:
scan-type: 'fs'
scan-ref: '.'
scanners: 'vuln,secret,misconfig'
format: 'table'
severity: 'CRITICAL,HIGH,MEDIUM'
scan-type: "fs"
scan-ref: "."
scanners: "vuln,secret,misconfig"
format: "table"
severity: "CRITICAL,HIGH,MEDIUM"
ignore-unfixed: true
exit-code: '1'
exit-code: "1"