Skip to content

Bump aquasecurity/trivy-action from 0.27.0 to 0.28.0 #1343

Bump aquasecurity/trivy-action from 0.27.0 to 0.28.0

Bump aquasecurity/trivy-action from 0.27.0 to 0.28.0 #1343

Workflow file for this run

# This file is part of Dependency-Track.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.
#
# SPDX-License-Identifier: Apache-2.0
# Copyright (c) OWASP Foundation. All Rights Reserved.
name: Buf
on:
pull_request:
branches:
- main
- "feature-**"
permissions: { }
jobs:
buf:
name: Buf
runs-on: ubuntu-latest
timeout-minutes: 5
steps:
- name: Checkout Repository
uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # tag=v4.2.1
- name: Setup buf
uses: bufbuild/buf-setup-action@2211e06e8cf26d628cda2eea15c95f8c42b080b3 # tag=v1.45.0
with:
github_token: ${{ github.token }}
- name: Lint Protobuf
uses: bufbuild/buf-lint-action@06f9dd823d873146471cfaaf108a993fe00e5325 # tag=v1.1.1
with:
input: src/main/proto
- name: Detect Breaking Changes
uses: bufbuild/buf-breaking-action@c57b3d842a5c3f3b454756ef65305a50a587c5ba # tag=v1.1.4
with:
input: src/main/proto
against: "https://github.com/${{ github.repository }}.git#branch=${{ github.base_ref }},subdir=src/main/proto"