Skip to content

v1.9.0

Choose a tag to compare

View all tags
@lachen-nv lachen-nv released this 10 Apr 06:14
· 7 commits to main since this release
v1.9.0
2cb7843
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode. 
fix: remove compromised Trivy scan from CI workflow (#76)

Trivy (aquasecurity/trivy-action@0.35.0) has been reported as
compromised. Remove the Trivy vulnerability scan and SARIF upload
steps from the security-scan job. TruffleHog secret scanning is
retained.

Also removes the now-unnecessary artifact download step and
security-events permission.

Ref: CDEVS-2134
Made-with: Cursor
Assets 11
Loading