Skip to content

Commit

Permalink
chore(deps): bump anchore/sbom-action from 0.11.0 to 0.12.0 (#3321)
Browse files Browse the repository at this point in the history 
Bumps anchore/sbom-action from 0.11.0 to 0.12.0.

Release notes
Sourced from anchore/sbom-action's releases.

v0.12.0
Changes in v0.12.0

Update dependencies (#317) kzantow
Update Syft to v0.53.4 (#266) anchore-actions-token-generator
Expose upload-artifact and upload-release-assets inputs (#277) joshowen
Document the dependency-snapshot property (#297) kzantow




Commits

b5042e9 Update dependencies (#317)
ac5a533 Update Syft to v0.53.4 (#266)
0f0f981 Expose upload-artifact and upload-release-assets inputs (#277)
6fb484a Document the dependency-snapshot property (#297)
See full diff in compare view




Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
  • Loading branch information
@dependabot
dependabot[bot] committed Aug 19, 2022
1 parent 2eb6f84 commit 8b8da0d
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion .github/workflows/build.yml
View file
Expand Up @@ -81,7 +81,7 @@ jobs:
./dist/*.apk
key: ${{ runner.os }}-go-${{ hashFiles('**/*.go') }}-${{ hashFiles('**/go.sum') }}
- uses: sigstore/cosign-installer@v2.5.1
- uses: anchore/sbom-action/download-syft@v0.11.0
- uses: anchore/sbom-action/download-syft@v0.12.0
- name: setup-validate-krew-manifest
run: go install sigs.k8s.io/krew/cmd/validate-krew-manifest@latest
- name: setup-tparse
Expand Down

0 comments on commit 8b8da0d

Please sign in to comment.