Skip to content

fix: updated semver version #241

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
willmurphyscode merged 1 commit into from
Nov 7, 2023
Merged

fix: updated semver version #241

willmurphyscode merged 1 commit into from
Nov 7, 2023

Conversation

@gicappa
Copy link
Contributor

@gicappa gicappa commented Oct 12, 2023

While updating the action with a new grype version npm run audit fails because of an issue with semver being vulnerable. https://github.com/anchore/scan-action/actions/runs/6479148648/job/17592137397?pr=236

The upgrade of semver is also failing, so the action is stuck with an old grype version.

This commit has an upgraded semver version and a recreated index.js

@gicappa
fix: updated semver version
1fda7ee 
While updating the action with a new grype version npm run audit
fails because of an issue with semver being vulnerable.
https://github.com/anchore/scan-action/actions/runs/6479148648/job/17592137397?pr=236

The upgrade of semver is also failing, so the action is stuck with
an old grype version.

This commit has an upgraded semver version and a recreated index.js

Signed-off-by: Gian Carlo Pace <[email protected]>
@gicappa gicappa force-pushed the update-semver-version branch from 33307bd to 1fda7ee Compare October 12, 2023 16:56
@willmurphyscode
Copy link
Contributor

willmurphyscode commented Nov 7, 2023

Thanks very much for the fix @gicappa !

@willmurphyscode willmurphyscode added the dependencies Pull requests that update a dependency file label Nov 7, 2023
@willmurphyscode willmurphyscode merged commit 6decf31 into anchore:main Nov 7, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@willmurphyscode willmurphyscode willmurphyscode approved these changes

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@gicappa @willmurphyscode