Skip to content
Pre-Merge CI Pipeline

[gha] Bump open-edge-platform/orch-ci/.github/workflows/post-merge.yml from 2026.0.19 to 2026.1.1 #351

Sign in to view logs

[gha] Bump open-edge-platform/orch-ci/.github/workflows/post-merge.yml from 2026.0.19 to 2026.1.1

[gha] Bump open-edge-platform/orch-ci/.github/workflows/post-merge.yml from 2026.0.19 to 2026.1.1 #351

Triggered via pull request April 3, 2026 09:00
@dependabotdependabot[bot]
opened #508
dependabot/github_actions/open-edge-platform/orch-ci/dot-github/workflows/post-merge.yml-2026.1.1
Status Success
Total duration 8m 3s
Artifacts 4

pre-merge.yml

on: pull_request
pre-merge  /  sanitize-project-folder
4s
pre-merge / sanitize-project-folder
pre-merge  /  license-compliance-check
0s
pre-merge / license-compliance-check
pre-merge  /  run-repo-pipelines
4m 25s
pre-merge / run-repo-pipelines
pre-merge  /  zizmor-scan
7s
pre-merge / zizmor-scan
pre-merge  /  secrets-gitleaks-scan
9s
pre-merge / secrets-gitleaks-scan
pre-merge  /  trivy-filesystem-scan
16s
pre-merge / trivy-filesystem-scan
pre-merge  /  trivy-critical-scan
17s
pre-merge / trivy-critical-scan
pre-merge  /  trivy-config-scan
13s
pre-merge / trivy-config-scan
pre-merge  /  bandit
10s
pre-merge / bandit
Matrix: pre-merge / Scan Docker Images for CIS
Fit to window
Zoom out
Zoom in

Annotations

4 warnings
pre-merge / zizmor-scan
No file matched to [/home/runner/work/os-image-composer/os-image-composer/**/*requirements*.txt,/home/runner/work/os-image-composer/os-image-composer/**/*requirements*.in,/home/runner/work/os-image-composer/os-image-composer/**/*constraints*.txt,/home/runner/work/os-image-composer/os-image-composer/**/*constraints*.in,/home/runner/work/os-image-composer/os-image-composer/**/pyproject.toml,/home/runner/work/os-image-composer/os-image-composer/**/uv.lock,/home/runner/work/os-image-composer/os-image-composer/**/*.py.lock]. The cache will never get invalidated. Make sure you have checked out the target repository and configured the cache-dependency-glob input correctly.
pre-merge / trivy-filesystem-scan
Node.js 20 actions are deprecated. The following actions are running on Node.js 20 and may not work as expected: actions/cache@0400d5f644dc74513175e3cd8d07132dd4860809. Actions will be forced to run with Node.js 24 by default starting June 2nd, 2026. Node.js 20 will be removed from the runner on September 16th, 2026. Please check if updated versions of these actions are available that support Node.js 24. To opt into Node.js 24 now, set the FORCE_JAVASCRIPT_ACTIONS_TO_NODE24=true environment variable on the runner or in your workflow file. Once Node.js 24 becomes the default, you can temporarily opt out by setting ACTIONS_ALLOW_USE_UNSECURE_NODE_VERSION=true. For more information see: https://github.blog/changelog/2025-09-19-deprecation-of-node-20-on-github-actions-runners/
pre-merge / trivy-critical-scan
Node.js 20 actions are deprecated. The following actions are running on Node.js 20 and may not work as expected: actions/cache@0400d5f644dc74513175e3cd8d07132dd4860809. Actions will be forced to run with Node.js 24 by default starting June 2nd, 2026. Node.js 20 will be removed from the runner on September 16th, 2026. Please check if updated versions of these actions are available that support Node.js 24. To opt into Node.js 24 now, set the FORCE_JAVASCRIPT_ACTIONS_TO_NODE24=true environment variable on the runner or in your workflow file. Once Node.js 24 becomes the default, you can temporarily opt out by setting ACTIONS_ALLOW_USE_UNSECURE_NODE_VERSION=true. For more information see: https://github.blog/changelog/2025-09-19-deprecation-of-node-20-on-github-actions-runners/
pre-merge / trivy-config-scan
Node.js 20 actions are deprecated. The following actions are running on Node.js 20 and may not work as expected: actions/cache@0400d5f644dc74513175e3cd8d07132dd4860809. Actions will be forced to run with Node.js 24 by default starting June 2nd, 2026. Node.js 20 will be removed from the runner on September 16th, 2026. Please check if updated versions of these actions are available that support Node.js 24. To opt into Node.js 24 now, set the FORCE_JAVASCRIPT_ACTIONS_TO_NODE24=true environment variable on the runner or in your workflow file. Once Node.js 24 becomes the default, you can temporarily opt out by setting ACTIONS_ALLOW_USE_UNSECURE_NODE_VERSION=true. For more information see: https://github.blog/changelog/2025-09-19-deprecation-of-node-20-on-github-actions-runners/

Artifacts

Produced during runtime
Name Size Digest
gitleaks-results-6bqjno-os-image-composer Expired
175 Bytes
sha256:c34d684df2f5da4448d5dd1e9fc56f86729517c905e71262b4c30a7256740119
trivy-config-scan-os-image-composer
492 Bytes
sha256:d1f45bbebba67f77f4d7e36073c6d9b505f8cb4e5610adcd65ffd3b3036e96eb
trivy-fs-scan-report-os-image-composer
1.29 KB
sha256:c1b8e3bc07bf288d3010ff109108fa001c33344f19d95c2228d8edef0ac9bab9
zizmor-scan-report-os-image-composer
591 Bytes
sha256:16a8c0d0b71a01e3a1dd62b27c161cdc512e4936b894db2c3deb9dc2395f88af