Bump the catch-all group

Bumps the catch-all group in /.github/actions/docker-build-image with 3 updates: [docker/build-push-action](https://github.com/docker/build-push-action), [anchore/scan-action](https://github.com/anchore/scan-action) and [github/codeql-action](https://github.com/github/codeql-action). Updates `docker/build-push-action` from 6.12.0 to 6.13.0 - [Release notes](https://github.com/docker/build-push-action/releases) - [Commits](docker/build-push-action@67a2d40...ca877d9) Updates `anchore/scan-action` from 6.0.0 to 6.1.0 - [Release notes](https://github.com/anchore/scan-action/releases) - [Changelog](https://github.com/anchore/scan-action/blob/main/RELEASE.md) - [Commits](anchore/scan-action@abae793...7c05671) Updates `github/codeql-action` from 3.28.1 to 3.28.4 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@b6a472f...ee117c9) --- updated-dependencies: - dependency-name: docker/build-push-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: catch-all - dependency-name: anchore/scan-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: catch-all - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-patch dependency-group: catch-all ... Signed-off-by: dependabot[bot] <support@github.com>
Alfresco · Jan 24, 2025 · 053d38f · 053d38f
1 parent ac971d3
commit 053d38f
Showing 1 changed file with 4 additions and 4 deletions.
diff --git a/.github/actions/docker-build-image/action.yml b/.github/actions/docker-build-image/action.yml
@@ -121,7 +121,7 @@ runs:
 
     - name: Build image ${{ env.IMAGE_NAME }} and export to docker
       if: inputs.grype-scan-enabled == 'true'
-      uses: docker/build-push-action@67a2d409c0a876cbe6b11854e3e25193efe4e62d # v6.12.0
+      uses: docker/build-push-action@ca877d9245402d1537745e0e356eab47c3520991 # v6.13.0
       with:
         context: ${{ inputs.base-directory }}/${{ inputs.image-dir }}
         tags: test-${{ env.IMAGE_NAME }}
@@ -130,7 +130,7 @@ runs:
 
     - name: Anchore Scan API Image
       if: inputs.grype-scan-enabled == 'true'
-      uses: anchore/scan-action@abae793926ec39a78ab18002bc7fc45bbbd94342 # v6.0.0
+      uses: anchore/scan-action@7c05671ae9be166aeb155bad2d7df9121823df32 # v6.1.0
       id: scan
       with:
         fail-build: ${{ inputs.grype-fail-build }}
@@ -145,7 +145,7 @@ runs:
 
     - name: Upload SARIF Files
       if: always() && inputs.grype-scan-enabled == 'true' && github.event_name == 'push'
-      uses: github/codeql-action/upload-sarif@b6a472f63d85b9c78a3ac5e89422239fc15e9b3c # v3.28.1
+      uses: github/codeql-action/upload-sarif@ee117c905ab18f32fa0f66c2fe40ecc8013f3e04 # v3.28.4
       continue-on-error: true # do not fail if GHAS is not enabled
       with:
         sarif_file: ${{ steps.scan.outputs.sarif }}
@@ -203,7 +203,7 @@ runs:
     - name: Build and Push image ${{ env.IMAGE_NAME }}
       id: build-and-push
       if: env.PUSH_IMAGE == 'true'
-      uses: docker/build-push-action@67a2d409c0a876cbe6b11854e3e25193efe4e62d # v6.12.0
+      uses: docker/build-push-action@ca877d9245402d1537745e0e356eab47c3520991 # v6.13.0
       with:
         context: ${{ inputs.base-directory }}/${{ inputs.image-dir }}
         platforms: linux/amd64,linux/arm64/v8