Merge pull request #46 from google/update-to-v1.9.0

Update to v1.9.0
google · Oct 2, 2024 · 19ec111 · 19ec111
2 parents d2af9ba + 305dc32
commit 19ec111
Show file tree

Hide file tree

Showing 6 changed files with 10 additions and 10 deletions.
diff --git a/.github/workflows/osv-scanner-reusable-pr.yml b/.github/workflows/osv-scanner-reusable-pr.yml
@@ -56,7 +56,7 @@ jobs:
       - name: "Checkout target branch"
         run: git checkout $GITHUB_BASE_REF
       - name: "Run scanner on existing code"
-        uses: google/osv-scanner-action/osv-scanner-action@c8774f9a566b87da6d60dc699730b268382bcd4e # v1.8.5
+        uses: google/osv-scanner-action/osv-scanner-action@c80d3cb8d7bfabae9f047f6b8ea68792dd2ebcf6 # v1.9.0
         continue-on-error: true
         with:
           scan-args: |-
@@ -67,15 +67,15 @@ jobs:
         # Use -f in case any changes were made by osv-scanner (there should be no changes)
         run: git checkout -f $GITHUB_SHA
       - name: "Run scanner on new code"
-        uses: google/osv-scanner-action/osv-scanner-action@c8774f9a566b87da6d60dc699730b268382bcd4e # v1.8.5
+        uses: google/osv-scanner-action/osv-scanner-action@c80d3cb8d7bfabae9f047f6b8ea68792dd2ebcf6 # v1.9.0
         with:
           scan-args: |-
             --format=json
             --output=new-results.json
             ${{ inputs.scan-args }}
         continue-on-error: true
       - name: "Run osv-scanner-reporter"
-        uses: google/osv-scanner-action/osv-reporter-action@c8774f9a566b87da6d60dc699730b268382bcd4e # v1.8.5
+        uses: google/osv-scanner-action/osv-reporter-action@c80d3cb8d7bfabae9f047f6b8ea68792dd2ebcf6 # v1.9.0
         with:
           scan-args: |-
             --output=${{ inputs.results-file-name }}

diff --git a/.github/workflows/osv-scanner-reusable.yml b/.github/workflows/osv-scanner-reusable.yml
@@ -64,15 +64,15 @@ jobs:
           name: "${{ inputs.download-artifact }}"
           path: "./"
       - name: "Run scanner"
-        uses: google/osv-scanner-action/osv-scanner-action@c8774f9a566b87da6d60dc699730b268382bcd4e # v1.8.5
+        uses: google/osv-scanner-action/osv-scanner-action@c80d3cb8d7bfabae9f047f6b8ea68792dd2ebcf6 # v1.9.0
         with:
           scan-args: |-
             --output=results.json
             --format=json
             ${{ inputs.scan-args }}
         continue-on-error: true
       - name: "Run osv-scanner-reporter"
-        uses: google/osv-scanner-action/osv-reporter-action@c8774f9a566b87da6d60dc699730b268382bcd4e # v1.8.5
+        uses: google/osv-scanner-action/osv-reporter-action@c80d3cb8d7bfabae9f047f6b8ea68792dd2ebcf6 # v1.9.0
         with:
           scan-args: |-
             --output=${{ inputs.results-file-name }}

diff --git a/.github/workflows/osv-scanner-unified-workflow.yml b/.github/workflows/osv-scanner-unified-workflow.yml
@@ -35,7 +35,7 @@ permissions:
 jobs:
   scan-scheduled:
     if: ${{ github.event_name == 'push' || github.event_name == 'schedule' }}
-    uses: "google/osv-scanner-action/.github/workflows/osv-scanner-reusable.yml@7c52d44abe9736f8a11bac47f6baadad7b3389f5" # v1.8.5
+    uses: "google/osv-scanner-action/.github/workflows/osv-scanner-reusable.yml@1748759ebfcc44efbab41fc085665c64558eb9da" # v1.9.0
     with:
       # Example of specifying custom arguments
       scan-args: |-
@@ -44,7 +44,7 @@ jobs:
         ./
   scan-pr:
     if: ${{ github.event_name == 'pull_request' || github.event_name == 'merge_group' }}
-    uses: "google/osv-scanner-action/.github/workflows/osv-scanner-reusable-pr.yml@7c52d44abe9736f8a11bac47f6baadad7b3389f5" # v1.8.5
+    uses: "google/osv-scanner-action/.github/workflows/osv-scanner-reusable-pr.yml@1748759ebfcc44efbab41fc085665c64558eb9da" # v1.9.0
     with:
       # Example of specifying custom arguments
       scan-args: |-

diff --git a/README.md b/README.md
@@ -1,6 +1,6 @@
 # OSV-Scanner CI/CD Action
 
-[![Release v1.8.5](https://img.shields.io/badge/release-v1.8.5-blue?style=flat)](https://github.com/google/osv-scanner-action/releases)
+[![Release v1.9.0](https://img.shields.io/badge/release-v1.9.0-blue?style=flat)](https://github.com/google/osv-scanner-action/releases)
 <!-- Hard coded release version -->
 
 The OSV-Scanner CI/CD action leverages the [OSV.dev](https://osv.dev/) database and the [OSV-Scanner](https://google.github.io/osv-scanner/) CLI tool to track and notify you of known vulnerabilities in your dependencies for over 11 [languages and ecosystems](https://google.github.io/osv-scanner/supported-languages-and-lockfiles/).

diff --git a/osv-reporter-action/action.yml b/osv-reporter-action/action.yml
@@ -22,7 +22,7 @@ inputs:
     required: true
 runs:
   using: "docker"
-  image: "docker://ghcr.io/google/osv-scanner-action:v1.8.5"
+  image: "docker://ghcr.io/google/osv-scanner-action:v1.9.0"
   entrypoint: /root/osv-reporter
   args:
     - "${{ inputs.scan-args }}"
diff --git a/osv-scanner-action/action.yml b/osv-scanner-action/action.yml
@@ -25,6 +25,6 @@ inputs:
       ./
 runs:
   using: "docker"
-  image: "docker://ghcr.io/google/osv-scanner-action:v1.8.5"
+  image: "docker://ghcr.io/google/osv-scanner-action:v1.9.0"
   args:
     - ${{ inputs.scan-args }}