Skip to content

v1.0.6
Compare
Choose a tag to compare
@celanthe celanthe released this 09 Aug 13:41
v1.0.6
2ae2b43
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Learn about vigilant mode.

What’s New:



This release introduces optional Trivy Security Scanning, which can be run during the release process contained in this action via a Bash script. When enabled, Trivy scans for security vulnerabilities in container images, file systems, and Git repositories, as well as for configuration issues. To enable the scanner, set the vulnerability-scan input default to true.

If there are no vulnerabilities found, or UNKNOWN, LOW, or MEDIUM vulnerabilities, the action will complete with exit 0. If there is a HIGH or CRITICAL vulnerability found, the release deployment will fail with exit 1. The results of the scan will then be displayed in a sarif.tpl named trivy-results.sarif.

Assets 2
Loading