search

Automattic / vip-container-images

Multipurpose VIP Docker container images (primarily meant for use with the VIP Local Development Environment)
https://docs.wpvip.com/technical-references/vip-local-development-environment/
16 stars 4 forks source link

chore(deps): Bump github/codeql-action from 3.26.10 to 3.26.11 in /.github/actions/build-docker-image #914

Closed dependabot[bot] closed 2 weeks ago

dependabot[bot] commented 2 weeks ago

Bumps github/codeql-action from 3.26.10 to 3.26.11.

Changelog

Sourced from github/codeql-action's changelog.

3.26.11 - 03 Oct 2024

  • Upcoming breaking change: Add support for using actions/download-artifact@v4 to programmatically consume CodeQL Action debug artifacts.

    Starting November 30, 2024, GitHub.com customers will no longer be able to use actions/download-artifact@v3. Therefore, to avoid breakage, customers who programmatically download the CodeQL Action debug artifacts should set the CODEQL_ACTION_ARTIFACT_V4_UPGRADE environment variable to true and bump actions/download-artifact@v3 to actions/download-artifact@v4 in their workflows. The CodeQL Action will enable this behavior by default in early November and workflows that have not yet bumped to actions/download-artifact@v3 to actions/download-artifact@v4 will begin failing then.

    This change is currently unavailable for GitHub Enterprise Server customers, as actions/upload-artifact@v4 and actions/download-artifact@v4 are not yet compatible with GHES.

  • Update default CodeQL bundle version to 2.19.1. #2519

Commits
  • 6db8d63 Merge pull request #2522 from github/update-v3.26.11-8aba5f2c4
  • 389647f Update changelog for v3.26.11
  • 8aba5f2 Merge pull request #2516 from github/aeisenberg/dependabot-exclude
  • ecac2c6 Exclupde eslint-plugin-import updates from dependabot
  • e85017e Merge pull request #2514 from github/henrymercer/zstd-better-failure-logging
  • a60db1d Add notice for dependency upgrade timeline (#2513)
  • 28db28f Improve clean up if extraction fails
  • 3da852e Capture stderr from extracting .tar.zst
  • c4d433c Merge pull request #2510 from github/dependabot/npm_and_yarn/npm-13baf58ce8
  • 2f6cf48 Undo eslint-plugin-import bump
  • Additional commits viewable in compare view


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
github-actions[bot] commented 2 weeks ago

Trivy Scan Report

ghcr.io/automattic/vip-container-images/wordpress:6.0 (alpine 3.20.3)

No vulnerabilities found.

github-actions[bot] commented 2 weeks ago

Trivy Scan Report

ghcr.io/automattic/vip-container-images/wordpress:6.5 (alpine 3.20.3)

No vulnerabilities found.

github-actions[bot] commented 2 weeks ago

Trivy Scan Report

ghcr.io/automattic/vip-container-images/wordpress:6.7 (alpine 3.20.3)

No vulnerabilities found.

github-actions[bot] commented 2 weeks ago

Trivy Scan Report

ghcr.io/automattic/vip-container-images/wordpress:6.6 (alpine 3.20.3)

No vulnerabilities found.

github-actions[bot] commented 2 weeks ago

Trivy Scan Report

ghcr.io/automattic/vip-container-images/php-fpm:8.3 (ubuntu 24.04)

No vulnerabilities found.

github-actions[bot] commented 2 weeks ago

Trivy Scan Report

ghcr.io/automattic/vip-container-images/wordpress:6.2 (alpine 3.20.3)

No vulnerabilities found.

github-actions[bot] commented 2 weeks ago

Trivy Scan Report

ghcr.io/automattic/vip-container-images/php-fpm:8.1 (ubuntu 22.04)

No vulnerabilities found.

github-actions[bot] commented 2 weeks ago

Trivy Scan Report

ghcr.io/automattic/vip-container-images/wordpress:6.3 (alpine 3.20.3)

No vulnerabilities found.

github-actions[bot] commented 2 weeks ago

Trivy Scan Report

ghcr.io/automattic/vip-container-images/wordpress:trunk (alpine 3.20.3)

No vulnerabilities found.

github-actions[bot] commented 2 weeks ago

Trivy Scan Report

ghcr.io/automattic/vip-container-images/mu-plugins:0.1 (alpine 3.20.3)

No vulnerabilities found.

sjinks commented 2 weeks ago

@dependabot rebase

github-actions[bot] commented 2 weeks ago

Trivy Scan Report

ghcr.io/automattic/vip-container-images/skeleton:latest (alpine 3.20.3)

No vulnerabilities found.

github-actions[bot] commented 2 weeks ago

Trivy Scan Report

ghcr.io/automattic/vip-container-images/dev-tools:0.9 (alpine 3.20.3)

No vulnerabilities found.

github-actions[bot] commented 2 weeks ago

Trivy Scan Report

ghcr.io/automattic/vip-container-images/alpine:3.20.3 (alpine 3.20.3)

No vulnerabilities found.

github-actions[bot] commented 2 weeks ago

Trivy Scan Report

ghcr.io/automattic/vip-container-images/photon:latest (alpine 3.20.3)

No vulnerabilities found.

github-actions[bot] commented 2 weeks ago

Trivy Scan Report

ghcr.io/automattic/vip-container-images/nginx:1.27.2 (alpine 3.20.3)

No vulnerabilities found.

github-actions[bot] commented 2 weeks ago

Trivy Scan Report

ghcr.io/automattic/vip-container-images/traefik_openssl:2.11.2 (alpine 3.19.1)

No vulnerabilities found.

github-actions[bot] commented 2 weeks ago

Trivy Scan Report

ghcr.io/automattic/vip-container-images/wordpress:6.1 (alpine 3.20.3)

No vulnerabilities found.

github-actions[bot] commented 2 weeks ago

Trivy Scan Report

ghcr.io/automattic/vip-container-images/php-fpm:8.2 (ubuntu 22.04)

No vulnerabilities found.

github-actions[bot] commented 2 weeks ago

Trivy Scan Report

ghcr.io/automattic/vip-container-images/wordpress:6.4 (alpine 3.20.3)

No vulnerabilities found.