Bump docker/scout-action from 1.9.1 to 1.9.3

dependabot[bot] commented 2 months ago

Bumps docker/scout-action from 1.9.1 to 1.9.3.

Release notes

Sourced from docker/scout-action's releases.

v1.9.3

Bug Fixes

Fix a panic while retrieving cached SBOM

Contributor

Commits

5dae9c7 Merge ce525ad95663800f78d7bf5d823d9b7162948178 into b0c66a3ccc2a4a8233b31a370...
ce525ad [BOT] Publish v1.9.3 release
See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

github-actions[bot] commented 2 months ago

:mag: Vulnerabilities of `sommerfeldio/source2adoc:8b9ce769498f7d56f48050a0d462c429ad05e629`

:package: Image Reference sommerfeldio/source2adoc:8b9ce769498f7d56f48050a0d462c429ad05e629

digest	`sha256:4c0bfc204df8dc0e3378f88c9e17a37e9e99b00b95d2139cfbf1d1e3c22ee85a`
vulnerabilities
size	6.8 MB
packages	21

:package: Base Image alpine:3

also known as	`3.20` `3.20.0` `latest`
digest	`sha256:216266c86fc4dcef5619930bd394245824c2af52fd21ba7c6fa0e618657d4c3b`
vulnerabilities

github-actions[bot] commented 2 months ago

Overview

Image reference	`sommerfeldio/source2adoc:rc`	`sommerfeldio/source2adoc:8b9ce769498f7d56f48050a0d462c429ad05e629`
- digest	`e8210c104ba1`	`4c0bfc204df8`
- provenance	https://github.com/sommerfeld-io/source2adoc/commit/5f5ecadfa54d12965ca5b105f66893ff3ac43f01	https://github.com/sommerfeld-io/source2adoc/commit/8b9ce769498f7d56f48050a0d462c429ad05e629
- vulnerabilities
- platform	linux/amd64	linux/amd64
- size	6.6 MB	6.8 MB (+213 kB)
- packages	27	21 (-6)
Base Image	`alpine:3` also known as: • `3.19` • `3.19.1` • `latest`	`alpine:3.20.0` also known as: • `3` • `3.20` • `latest`
- vulnerabilities

Labels (3 changes)

> * `±` 3 changed > * _9 unchanged_ ```diff maintainer=sebastian@sommerfeld.io org.opencontainers.image.authors=source2adoc open source project -org.opencontainers.image.created=2024-05-28T07:11:23.163Z +org.opencontainers.image.created=2024-06-03T19:58:56.742Z org.opencontainers.image.description=Streamline the process of generating AsciiDoc documentation from inline comments within source code files. This tool converts inline documentation into AsciiDoc files, tailored for seamless integration with Antora. org.opencontainers.image.documentation=https://source2adoc.sommerfeld.io org.opencontainers.image.licenses=NOASSERTION -org.opencontainers.image.revision=5f5ecadfa54d12965ca5b105f66893ff3ac43f01 +org.opencontainers.image.revision=8b9ce769498f7d56f48050a0d462c429ad05e629 org.opencontainers.image.source=https://github.com/sommerfeld-io/source2adoc org.opencontainers.image.title=source2adoc org.opencontainers.image.url=https://github.com/sommerfeld-io/source2adoc org.opencontainers.image.vendor=source2adoc open source project -org.opencontainers.image.version=main +org.opencontainers.image.version=pr-67 ```

Packages and Vulnerabilities (18 package changes and 6 vulnerability changes)

> * :heavy_minus_sign: 5 packages removed > * :infinity: 13 packages changed > * 8 packages unchanged > * :heavy_check_mark: 6 vulnerabilities removed

Changes for packages of type apk (17 changes)

	Package	Version `sommerfeldio/source2adoc:rc`	Version `sommerfeldio/source2adoc:8b9ce769498f7d56f48050a0d462c429ad05e629`
:infinity:	alpine-baselayout	`3.4.3-r2`	`3.6.5-r0`
:infinity:	alpine-baselayout-data	`3.4.3-r2`	`3.6.5-r0`
:infinity:	apk-tools	`2.14.0-r5`	`2.14.4-r0`
:infinity:	busybox	`1.36.1-r15`	`1.36.1-r28`

		Removed vulnerabilities (4):
:infinity:	busybox-binsh	`1.36.1-r15`	`1.36.1-r28`
:heavy_minus_sign:	ca-certificates	`20230506-r0`
:infinity:	ca-certificates-bundle	`20230506-r0`	`20240226-r0`
:heavy_minus_sign:	libc-dev	`0.7.2-r5`
:heavy_minus_sign:	libc-utils	`0.7.2-r5`
:infinity:	libcrypto3	`3.1.4-r5`	`3.3.0-r2`
:infinity:	libssl3	`3.1.4-r5`	`3.3.0-r2`
:infinity:	musl	`1.2.4_git20230717-r4`	`1.2.5-r0`
:infinity:	musl-utils	`1.2.4_git20230717-r4`	`1.2.5-r0`
:heavy_minus_sign:	openssl	`3.1.4-r5`

		Removed vulnerabilities (2):
:heavy_minus_sign:	pax-utils	`1.3.7-r2`
:infinity:	ssl_client	`1.36.1-r15`	`1.36.1-r28`
:infinity:	zlib	`1.3.1-r0`	`1.3.1-r1`