From cc60f4c283c3af65982f82e230f3d339248058bc Mon Sep 17 00:00:00 2001 From: TrueCharts Bot Date: Tue, 16 Sep 2025 05:31:10 +0200 Subject: [PATCH] =?UTF-8?q?chore(github-action):=20update=20anchore/sbom-a?= =?UTF-8?q?ction=20action=20v0.20.5=20=E2=86=92=20v0.20.6=20(#39583)?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [anchore/sbom-action](https://redirect.github.com/anchore/sbom-action) | action | patch | `da167ea` -> `f8bdd1d` | --- > [!WARNING] > Some dependencies could not be looked up. Check the Dependency Dashboard for more information. Add the preset `:preserveSemverRanges` to your config if you don't want to pin your dependencies. --- ### Release Notes
anchore/sbom-action (anchore/sbom-action) ### [`v0.20.6`](https://redirect.github.com/anchore/sbom-action/releases/tag/v0.20.6) [Compare Source](https://redirect.github.com/anchore/sbom-action/compare/v0.20.5...v0.20.6) #### Changes in v0.20.6 - chore(deps): update Syft to v1.33.0 ([#​537](https://redirect.github.com/anchore/sbom-action/issues/537)) \[\[[anchore-actions-token-generator\[bot\]](https://redirect.github.com/apps/anchore-actions-token-generator)]\([anchore-actions-token-generator\[bot\]](https://redirect.github.com/apps/anchore-actions-token-generator))] - chore: update actions library to resolve critical vulnerability ([#​536](https://redirect.github.com/anchore/sbom-action/issues/536)) \[[spiffcs](https://redirect.github.com/spiffcs)]
--- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). --- .github/workflows/containers.build.yaml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/containers.build.yaml b/.github/workflows/containers.build.yaml index 99d3faf999f..14410c12f6c 100644 --- a/.github/workflows/containers.build.yaml +++ b/.github/workflows/containers.build.yaml @@ -195,7 +195,7 @@ jobs: - uses: sigstore/cosign-installer@main - name: Install Syft - uses: anchore/sbom-action/download-syft@da167eac915b4e86f08b264dbdbc867b61be6f0c # v0.20.5 + uses: anchore/sbom-action/download-syft@f8bdd1d8ac5e901a77a92f111440fdb1b593736b # v0.20.6 - name: Login to Quay uses: docker/login-action@184bdaa0721073962dff0199f1fb9940f07167d1 # v3