v2.0.3

What's Changed

• ci(.github): deprecate reuse of sca scan action in docker image scan by @saisatishkarra in #95

Full Changelog: v2...v2.0.3

v2.0.2

What's Changed

• feat: Add optional "config" input to sca syft action by @saisatishkarra in #94

Full Changelog: v2...v2.0.2

v2.0.1

What's Changed

• ci(.github): fix sca action path and ref for image scan by @saisatishkarra in #93

Full Changelog: v2...v2.0.1

v2.0.0

What's Changed

• ci(.github): generalize sca scan for non docker artifacts by @saisatishkarra in #89
• github-actions(deps): bump anchore/scan-action from 3.6.0 to 3.6.4 in /security-actions/sca by @dependabot in #92
• github-actions(deps): bump andstor/file-existence-action from 2 to 3 in /security-actions/sca by @dependabot in #90
• github-actions(deps): bump anchore/sbom-action from 0.15.4 to 0.15.8 in /security-actions/sca by @dependabot in #91
• github-actions(deps): bump andstor/file-existence-action from 2 to 3 in /security-actions/scan-docker-image by @dependabot in #83

Breaking changes

• #89 (comment)

Full Changelog: v1.15.0...v2.0.0

v1.15.0

What's Changed

• github-actions(deps): bump anchore/scan-action from 3.5.0 to 3.6.0 in /security-actions/scan-docker-image by @dependabot in #78
• github-actions(deps): bump anchore/sbom-action from 0.15.3 to 0.15.4 in /security-actions/scan-docker-image by @dependabot in #77
• update download and upload action to v4 by @saisatishkarra in #79

Full Changelog: v1...v1.15.0

v1.14.0

Actions bumped:

Syft action bumped to v0.15.3
Grype action bumped to v3.5.0
upload-artifact from v3 to v4
checkout action from v3 to v4

v1.13.0

Security actions bumped:

Syft action bumped to v0.14.3
Grype action bumped to 3.3.6

v1.12.0

document code quality action outcome

configurable semgrep build failure mode

v1.10.0

control linter report status check output

v1.9.0

move semgrep to security