aboutsummaryrefslogtreecommitdiff
path: root/.github/workflows/trivy.yml
diff options
context:
space:
mode:
authorMathijs van Veluw <[email protected]>2024-10-11 18:42:40 +0200
committerGitHub <[email protected]>2024-10-11 18:42:40 +0200
commite3541763fd349e9b66142f5119041db89fbf97a6 (patch)
treed7c535b6f4a9741fea1121e22a900081dfee62f5 /.github/workflows/trivy.yml
parentf0efec7c9623fab4ba3c2b53cba724e4e6a8a739 (diff)
downloadvaultwarden-e3541763fd349e9b66142f5119041db89fbf97a6.tar.gz
vaultwarden-e3541763fd349e9b66142f5119041db89fbf97a6.zip
Updates and collection management fixes (#5072)
* Fix collections not editable by managers Since a newer version of the web-vault we use manager were not able to create sub collections anymore. This was because of some missing details in the response of some json objects. This commit fixes this by using the `to_json_details` instead of the `to_json` Fixes #5066 Fixes #5044 * Update crates and GitHub Actions - Updated all the crates - Updated all the GHA dependencies - Configured the trivy workflow to only run on the main repo and not on forks Also selected a random new scheduled date so it will not run at the same time as all other forks. The two changes should help running this scan every day without failing, and also prevent the same for new or updated forks.
Diffstat (limited to '.github/workflows/trivy.yml')
-rw-r--r--.github/workflows/trivy.yml11
1 files changed, 7 insertions, 4 deletions
diff --git a/.github/workflows/trivy.yml b/.github/workflows/trivy.yml
index 2de72d81..48a8bc1e 100644
--- a/.github/workflows/trivy.yml
+++ b/.github/workflows/trivy.yml
@@ -9,13 +9,16 @@ on:
pull_request:
branches: [ "main" ]
schedule:
- - cron: '00 12 * * *'
+ - cron: '08 11 * * *'
permissions:
contents: read
jobs:
trivy-scan:
+ # Only run this in the master repo and not on forks
+ # When all forks run this at the same time, it is causing `Too Many Requests` issues
+ if: ${{ github.repository == 'dani-garcia/vaultwarden' }}
name: Check
runs-on: ubuntu-24.04
timeout-minutes: 30
@@ -25,10 +28,10 @@ jobs:
actions: read
steps:
- name: Checkout code
- uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 #v4.1.7
+ uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 #v4.2.1
- name: Run Trivy vulnerability scanner
- uses: aquasecurity/trivy-action@6e7b7d1fd3e4fef0c5fa8cce1229c54b2c9bd0d8 # v0.24.0
+ uses: aquasecurity/trivy-action@5681af892cd0f4997658e2bacc62bd0a894cf564 # v0.27.0
with:
scan-type: repo
ignore-unfixed: true
@@ -37,6 +40,6 @@ jobs:
severity: CRITICAL,HIGH
- name: Upload Trivy scan results to GitHub Security tab
- uses: github/codeql-action/upload-sarif@2bbafcdd7fbf96243689e764c2f15d9735164f33 # v3.25.10
+ uses: github/codeql-action/upload-sarif@2bbafcdd7fbf96243689e764c2f15d9735164f33 # v3.26.6
with:
sarif_file: 'trivy-results.sarif'