mirror of
https://github.com/anchore/syft.git
synced 2026-05-20 12:15:27 +02:00
c09a009bda
Bumps the actions-minor-patch group with 4 updates in the / directory: [anchore/workflows/.github/workflows/codeql.yaml](https://github.com/anchore/workflows), [anchore/workflows/.github/workflows/check-version-available.yaml](https://github.com/anchore/workflows), [anchore/workflows/.github/workflows/check-gate.yaml](https://github.com/anchore/workflows) and [anchore/workflows/.github/workflows/release-install-script.yaml](https://github.com/anchore/workflows). Updates `anchore/workflows/.github/workflows/codeql.yaml` from 0.5.0 to 0.6.0 - [Commits](e8cee3a591...15122524ce) Updates `anchore/workflows/.github/workflows/check-version-available.yaml` from 0.4.0 to 0.6.0 - [Commits](8b2b1caf40...15122524ce) Updates `anchore/workflows/.github/workflows/check-gate.yaml` from 0.4.0 to 0.6.0 - [Commits](8b2b1caf40...15122524ce) Updates `anchore/workflows/.github/workflows/release-install-script.yaml` from 0.4.0 to 0.6.0 - [Commits](8b2b1caf40...15122524ce) --- updated-dependencies: - dependency-name: anchore/workflows/.github/workflows/codeql.yaml dependency-version: 0.6.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions-minor-patch - dependency-name: anchore/workflows/.github/workflows/check-version-available.yaml dependency-version: 0.6.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions-minor-patch - dependency-name: anchore/workflows/.github/workflows/check-gate.yaml dependency-version: 0.6.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions-minor-patch - dependency-name: anchore/workflows/.github/workflows/release-install-script.yaml dependency-version: 0.6.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions-minor-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
22 lines
401 B
YAML
22 lines
401 B
YAML
name: "CodeQL"
|
|
|
|
on:
|
|
push:
|
|
branches: [ "main" ]
|
|
pull_request:
|
|
branches: [ "main" ]
|
|
schedule:
|
|
- cron: '38 11 * * 3'
|
|
|
|
permissions: {}
|
|
|
|
jobs:
|
|
analyze:
|
|
name: Analyze
|
|
uses: anchore/workflows/.github/workflows/codeql.yaml@15122524ced7906bfa9685eeae12e22647773ea6 # v0.6.0
|
|
permissions:
|
|
security-events: write
|
|
packages: read
|
|
actions: read
|
|
contents: read
|