Comparing changes
Open a pull request
- 10 commits
- 15 files changed
- 11 contributors
Commits on Jun 27, 2023
Commits on Jul 6, 2023
-
* Add by-cve option to action options Signed-off-by: too-gee <[email protected]> * chore: update audit to use npm-better-audit * chore: modify workflow to use new audit script Signed-off-by: Christopher Phillips <[email protected]> --------- Signed-off-by: Keith Zantow <[email protected]> Signed-off-by: too-gee <[email protected]> Signed-off-by: Christopher Phillips <[email protected]> Co-authored-by: Keith Zantow <[email protected]> Co-authored-by: Christopher Phillips <[email protected]>
3 people authoredJul 6, 2023
Commits on Jul 13, 2023
-
chore(deps): update Grype to v0.63.1 (#233)
Signed-off-by: GitHub <[email protected]> Co-authored-by: kzantow <[email protected]>
-
chore: add new exception for audit (#235)
Signed-off-by: Christopher Phillips <[email protected]>
Commits on Aug 28, 2023
-
chore(docs): update docker related actions to avoid warnings in workf…
…low (#240) Signed-off-by: Mykhailo Kuzmich <[email protected]>
Commits on Nov 7, 2023
-
fix: updated semver version (#241)
While updating the action with a new grype version npm run audit fails because of an issue with semver being vulnerable. https://github.com/anchore/scan-action/actions/runs/6479148648/job/17592137397?pr=236 The upgrade of semver is also failing, so the action is stuck with an old grype version. This commit has an upgraded semver version and a recreated index.js Signed-off-by: Gian Carlo Pace <[email protected]>
Commits on Nov 17, 2023
-
chore: add manual trigger to test workflow (#247)
Signed-off-by: Will Murphy <[email protected]>
-
chore(deps): update Grype to v0.73.2; remove snapshot tests (#236)
* chore(deps): update Grype to v0.73.2 Signed-off-by: GitHub <[email protected]> * remove snapshot test; assert only valid SARIF Signed-off-by: Will Murphy <[email protected]> * make cmd arg assertions aware of debug Signed-off-by: Will Murphy <[email protected]> * put bundler vuln back from GHSA Signed-off-by: Will Murphy <[email protected]> --------- Signed-off-by: GitHub <[email protected]> Signed-off-by: Will Murphy <[email protected]> Co-authored-by: kzantow <[email protected]> Co-authored-by: Will Murphy <[email protected]>
3 people authoredNov 17, 2023
Commits on Nov 18, 2023
-
chore(deps): update Grype to v0.73.3 (#248)
Signed-off-by: GitHub <[email protected]> Co-authored-by: willmurphyscode <[email protected]>
Commits on Nov 20, 2023
-
chore: address test flakes (#249)
* chore: bump jest timeout We're seeing this timeout triggered in CI. Signed-off-by: Will Murphy <[email protected]> * bump timeout in remaining tests Signed-off-by: Will Murphy <[email protected]> * chore: only run push tests on main Otherwise, we'd run tests twice for each PR; once because it was a PR, and once because someone pushed to a branch. Signed-off-by: Will Murphy <[email protected]> * chore: even higher jest timeout Signed-off-by: Will Murphy <[email protected]> * chore: install grype ahead of tests Signed-off-by: Will Murphy <[email protected]> * chore: comment test timeout Signed-off-by: Will Murphy <[email protected]> --------- Signed-off-by: Will Murphy <[email protected]>
This comparison is taking too long to generate.
Unfortunately it looks like we can’t render this comparison for you right now. It might be too big, or there might be something weird with your repository.
You can try running this command locally to see the comparison on your machine:
git diff v3.3.6...v3.3.7