diff --git a/.github/workflows/anchore-analysis.yml b/.github/workflows/anchore-analysis.yml index 77b98e0..63ea477 100644 --- a/.github/workflows/anchore-analysis.yml +++ b/.github/workflows/anchore-analysis.yml @@ -24,7 +24,7 @@ jobs: - name: Build the Docker image run: docker build . --file Dockerfile --tag localbuild/testimage:latest - name: Run the Anchore scan action itself with GitHub Advanced Security code scanning integration enabled - uses: anchore/scan-action@v4 + uses: anchore/scan-action@v5 id: scan with: image: "localbuild/testimage:latest" @@ -34,7 +34,7 @@ jobs: with: sarif_file: ${{ steps.scan.outputs.sarif }} - name: Fail build if scan has vulns - uses: anchore/scan-action@v4 + uses: anchore/scan-action@v5 with: image: "localbuild/testimage:latest" severity-cutoff: critical