-
-
Notifications
You must be signed in to change notification settings - Fork 351
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add dependency security check using trivy #1163
Add dependency security check using trivy #1163
Conversation
well before we can merge it, I guess we have to bump frontend deps ... ... witch we also should do for release branch as long as possible ... |
should I fix security issues here or on other PR? |
I dont mind ... ... a seperate pull might be better in terms of backporting |
I changed not to fail security check step for docs as it does not seems to be fixable at the moment 😕 |
Deployment of preview was successful: https://woodpecker-ci-woodpecker-pr-1163.surge.sh |
-> |
Fixes #899
This could be also done for docker image security check but that would probably require building docker image to tar file so I did not add that in this PR.
I usually do this with such steps: