updated: dependencies and release 1.27.0

ammnt · Jun 29, 2024 · 4f1450c · 4f1450c
1 parent 20674cc
commit 4f1450c
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 4 deletions.
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
@@ -97,23 +97,23 @@ jobs:
           path: "${{ github.workspace }}/dependency-results.sbom.json"
           retention-days: 20
 
-      - name: Analyze image with Anchore💊
+      - name: Analyze image with Grype💊
         id: anchore
         uses: anchore/scan-action@v3.6.4
         with:
           image: ghcr.io/ammnt/nginx:main
           fail-build: false
           severity-cutoff: critical
 
-      - name: Upload Anchore report📊
+      - name: Upload Grype report📊
         uses: github/codeql-action/upload-sarif@v3
         with:
           sarif_file: ${{ steps.anchore.outputs.sarif }}
 
       - name: Analyze image with Syft💊
         uses: anchore/sbom-action@v0.16.0
         with:
-          syft-version: v1.6.0
+          syft-version: v1.8.0
           image: ghcr.io/ammnt/nginx:main
           artifact-name: image.spdx.json
           dependency-snapshot: false

diff --git a/README.md b/README.md
@@ -30,7 +30,7 @@ https://github.com/openssl/openssl
 - No excess ENTRYPOINT in the image;
 - Slimmed version by Docker Slim tool;
 - Scanned effiniefficiency result with Dive tool;
-- Scanned by vulnerability scanners: GitHub, Docker Scout, Snyk, Anchore, Clair and Syft;
+- Scanned by vulnerability scanners: GitHub, Docker Scout, Snyk, Grype, Clair and Syft;
 - Prioritize ChaCha cipher patch and anonymous signature - removed "Server" header ("banner"):<br>
 https://github.com/ammnt/nginx/blob/main/Dockerfile