AnchorFree · anchorfree-jenkins · Apr 15, 2024
diff --git a/.github/workflows/hadolint.yml b/.github/workflows/hadolint.yml
@@ -10,10 +10,9 @@ jobs:
       pull-requests: write
     steps:
       - name: Check out code
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
       - name: Scanning the dockerfile
-        uses: reviewdog/action-hadolint@v1.34.1
+        uses: reviewdog/action-hadolint@v1.39.0
         with:
           reporter: github-pr-review
           filter_mode: file
-
diff --git a/.github/workflows/trivy.yml b/.github/workflows/trivy.yml
@@ -23,7 +23,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout code
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
         with:
           lfs: true
           submodules: recursive
@@ -32,22 +32,22 @@ jobs:
         run: git lfs checkout
 
       - name: Run Trivy vulnerability scanner in repo mode (table)
-        uses: aquasecurity/trivy-action@0.10.0
+        uses: aquasecurity/trivy-action@0.19.0
         with:
           scan-type: 'fs'
           ignore-unfixed: true
           format: 'table'
 
       - name: Run Trivy vulnerability scanner in repo mode (sarif)
-        uses: aquasecurity/trivy-action@0.10.0
+        uses: aquasecurity/trivy-action@0.19.0
         with:
           scan-type: 'fs'
           ignore-unfixed: true
           format: 'sarif'
           output: 'trivy-results.sarif'
 
       - name: Upload Trivy scan results to GitHub Security tab
-        uses: github/codeql-action/upload-sarif@v2
+        uses: github/codeql-action/upload-sarif@v3
         with:
           sarif_file: 'trivy-results.sarif'
 
@@ -60,7 +60,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout code
-        uses: actions/checkout@v3
+        uses: actions/checkout@v4
         with:
           lfs: true
           submodules: recursive
@@ -72,21 +72,21 @@ jobs:
         run: |
           docker build -t ${{ github.sha }} .
       - name: Run Trivy vulnerability scanner in image mode (table output)
-        uses: aquasecurity/trivy-action@0.10.0
+        uses: aquasecurity/trivy-action@0.19.0
         with:
           image-ref: '${{ github.sha }}'
           ignore-unfixed: true
           format: 'table'
 
       - name: Run Trivy vulnerability scanner in image mode (sarif output)
-        uses: aquasecurity/trivy-action@0.10.0
+        uses: aquasecurity/trivy-action@0.19.0
         with:
           image-ref: '${{ github.sha }}'
           ignore-unfixed: true
           format: 'sarif'
           output: 'trivy-results.sarif'
 
       - name: Upload Trivy scan results to GitHub Security tab
-        uses: github/codeql-action/upload-sarif@v2
+        uses: github/codeql-action/upload-sarif@v3
         with:
           sarif_file: 'trivy-results.sarif'