ci: add trivy workflow #3997
Merged
ci: add trivy workflow #3997
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
to ensure critical and high vulnerabilties are detected quickly
|
This pull request sets up GitHub code scanning for this repository. Once the scans have completed and the checks have passed, the analysis results for this pull request branch will appear on this overview. Once you merge this pull request, the 'Security' tab will show more code scanning analysis results (for example, for the default branch). Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results. For more information about GitHub code scanning, check out the documentation. |
|
@dani-garcia would you mind reviewing this pr? Or @BlackDex maybe ? |
dani-garcia
reviewed
Nov 5, 2023
There was a problem hiding this comment.
We haven't used code scanning much in the past because in my experience we end up dealing with more false positives and non-actionable reports than good reports, but I think it's worth trying at least. Just gotta update the trivy action as there was a new release last week
dani-garcia
approved these changes
Nov 5, 2023
arthurgeek
pushed a commit
to arthurgeek/vaultwarden-fly-template
that referenced
this pull request
Nov 12, 2023
[](https://renovatebot.com) This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [vaultwarden/server](https://togithub.com/dani-garcia/vaultwarden) | stage | minor | `1.29.2-alpine` -> `1.30.0-alpine` | --- ### Release Notes <details> <summary>dani-garcia/vaultwarden (vaultwarden/server)</summary> ### [`v1.30.0`](https://togithub.com/dani-garcia/vaultwarden/releases/tag/1.30.0) [Compare Source](https://togithub.com/dani-garcia/vaultwarden/compare/1.29.2...1.30.0)⚠️ **Note:** The WebSockets service for live sync has been integrated in the main HTTP server, which means simpler proxy setups that don't require a separate rule to redirect WS traffic to port 3012. Please check the updated examples in the [wiki](https://togithub.com/dani-garcia/vaultwarden/wiki/Proxy-examples). It's recommended to migrate to this new setup as using the old server on port 3012 is deprecated, won't receive new features and will be removed in a future release. #### Major changes and New Features - Added `passkey` support, allowing the browser extensions to store and use your `passkeys`, make sure the extension is updated to version `2023.10.0` or newer for passkey support. - Updated web vault to 2023.10.0. - Fixed crashes in ARMv6 devices - Fixed crashes when trying to create/edit a cipher in the mobile applications. #### What's Changed - Update Rust and Crates by [@​BlackDex](https://togithub.com/BlackDex) in [dani-garcia/vaultwarden#3808 - update web-vault to v2023.8.2 by [@​stefan0xC](https://togithub.com/stefan0xC) in [dani-garcia/vaultwarden#3821 - Fix Login With Device without MasterPassword by [@​BlackDex](https://togithub.com/BlackDex) in [dani-garcia/vaultwarden#3831 - Update GitHub Workflow by [@​BlackDex](https://togithub.com/BlackDex) in [dani-garcia/vaultwarden#3910 - Fix arm builds by [@​BlackDex](https://togithub.com/BlackDex) in [dani-garcia/vaultwarden#3911 - Fix typos by [@​tuhanayim](https://togithub.com/tuhanayim) in [dani-garcia/vaultwarden#3959 - csp: rename anonaddy.com to addy.io by [@​stefan0xC](https://togithub.com/stefan0xC) in [dani-garcia/vaultwarden#3950 - filter handlebars logs by [@​stefan0xC](https://togithub.com/stefan0xC) in [dani-garcia/vaultwarden#3859 - Remove unnecessary variable clone by [@​mvalois](https://togithub.com/mvalois) in [dani-garcia/vaultwarden#3981 - README.md: Fix grammar nit by [@​AndreasHGK](https://togithub.com/AndreasHGK) in [dani-garcia/vaultwarden#3965 - Fix small issues by [@​BlackDex](https://togithub.com/BlackDex) in [dani-garcia/vaultwarden#3964 - Adds LastActive on /admin/users API route by [@​mvalois](https://togithub.com/mvalois) in [dani-garcia/vaultwarden#3951 - Reopen log file on SIGHUP by [@​tobiasmboelz](https://togithub.com/tobiasmboelz) in [dani-garcia/vaultwarden#3909 - Fix External ID not set during DC Sync by [@​BlackDex](https://togithub.com/BlackDex) in [dani-garcia/vaultwarden#3804 - New config option disable email change by [@​admav](https://togithub.com/admav) in [dani-garcia/vaultwarden#3986 - 2FA Confirmation Code Email subject line change to fix triggering Google spam blocker by [@​aureateflux](https://togithub.com/aureateflux) in [dani-garcia/vaultwarden#3572 - Implement cipher key encryption by [@​dani-garcia](https://togithub.com/dani-garcia) in [dani-garcia/vaultwarden#3990 - Container building changes by [@​BlackDex](https://togithub.com/BlackDex) in [dani-garcia/vaultwarden#3958 - Fix issue with MariaDB/MySQL migrations by [@​BlackDex](https://togithub.com/BlackDex) in [dani-garcia/vaultwarden#3994 - feat: Working passkeys storage by [@​GeekCornerGH](https://togithub.com/GeekCornerGH) in [dani-garcia/vaultwarden#4025 - ci: add trivy workflow by [@​mightyBroccoli](https://togithub.com/mightyBroccoli) in [dani-garcia/vaultwarden#3997 - Fix importing Bitwarden exports by [@​BlackDex](https://togithub.com/BlackDex) in [dani-garcia/vaultwarden#4030 #### New Contributors - [@​tuhanayim](https://togithub.com/tuhanayim) made their first contribution in [dani-garcia/vaultwarden#3959 - [@​mvalois](https://togithub.com/mvalois) made their first contribution in [dani-garcia/vaultwarden#3981 - [@​AndreasHGK](https://togithub.com/AndreasHGK) made their first contribution in [dani-garcia/vaultwarden#3965 - [@​tobiasmboelz](https://togithub.com/tobiasmboelz) made their first contribution in [dani-garcia/vaultwarden#3909 - [@​admav](https://togithub.com/admav) made their first contribution in [dani-garcia/vaultwarden#3986 - [@​aureateflux](https://togithub.com/aureateflux) made their first contribution in [dani-garcia/vaultwarden#3572 - [@​mightyBroccoli](https://togithub.com/mightyBroccoli) made their first contribution in [dani-garcia/vaultwarden#3997 **Full Changelog**: dani-garcia/vaultwarden@1.29.2...1.30.0 </details> --- ### Configuration 📅 **Schedule**: Branch creation - "on saturday" (UTC), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/arthurgeek/vaultwarden-fly-template). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy40Ni4wIiwidXBkYXRlZEluVmVyIjoiMzcuNDYuMCIsInRhcmdldEJyYW5jaCI6Im1haW4ifQ==--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
](https://renovatebot.com){kind=link}
arthurgeek
pushed a commit
to arthurgeek/vaultwarden-fly
that referenced
this pull request
Nov 12, 2023
[](https://renovatebot.com) This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [vaultwarden/server](https://togithub.com/dani-garcia/vaultwarden) | stage | minor | `1.29.2-alpine` -> `1.30.0-alpine` | --- ### Release Notes <details> <summary>dani-garcia/vaultwarden (vaultwarden/server)</summary> ### [`v1.30.0`](https://togithub.com/dani-garcia/vaultwarden/releases/tag/1.30.0) [Compare Source](https://togithub.com/dani-garcia/vaultwarden/compare/1.29.2...1.30.0)⚠️ **Note:** The WebSockets service for live sync has been integrated in the main HTTP server, which means simpler proxy setups that don't require a separate rule to redirect WS traffic to port 3012. Please check the updated examples in the [wiki](https://togithub.com/dani-garcia/vaultwarden/wiki/Proxy-examples). It's recommended to migrate to this new setup as using the old server on port 3012 is deprecated, won't receive new features and will be removed in a future release. #### Major changes and New Features - Added `passkey` support, allowing the browser extensions to store and use your `passkeys`, make sure the extension is updated to version `2023.10.0` or newer for passkey support. - Updated web vault to 2023.10.0. - Fixed crashes in ARMv6 devices - Fixed crashes when trying to create/edit a cipher in the mobile applications. #### What's Changed - Update Rust and Crates by [@​BlackDex](https://togithub.com/BlackDex) in [dani-garcia/vaultwarden#3808 - update web-vault to v2023.8.2 by [@​stefan0xC](https://togithub.com/stefan0xC) in [dani-garcia/vaultwarden#3821 - Fix Login With Device without MasterPassword by [@​BlackDex](https://togithub.com/BlackDex) in [dani-garcia/vaultwarden#3831 - Update GitHub Workflow by [@​BlackDex](https://togithub.com/BlackDex) in [dani-garcia/vaultwarden#3910 - Fix arm builds by [@​BlackDex](https://togithub.com/BlackDex) in [dani-garcia/vaultwarden#3911 - Fix typos by [@​tuhanayim](https://togithub.com/tuhanayim) in [dani-garcia/vaultwarden#3959 - csp: rename anonaddy.com to addy.io by [@​stefan0xC](https://togithub.com/stefan0xC) in [dani-garcia/vaultwarden#3950 - filter handlebars logs by [@​stefan0xC](https://togithub.com/stefan0xC) in [dani-garcia/vaultwarden#3859 - Remove unnecessary variable clone by [@​mvalois](https://togithub.com/mvalois) in [dani-garcia/vaultwarden#3981 - README.md: Fix grammar nit by [@​AndreasHGK](https://togithub.com/AndreasHGK) in [dani-garcia/vaultwarden#3965 - Fix small issues by [@​BlackDex](https://togithub.com/BlackDex) in [dani-garcia/vaultwarden#3964 - Adds LastActive on /admin/users API route by [@​mvalois](https://togithub.com/mvalois) in [dani-garcia/vaultwarden#3951 - Reopen log file on SIGHUP by [@​tobiasmboelz](https://togithub.com/tobiasmboelz) in [dani-garcia/vaultwarden#3909 - Fix External ID not set during DC Sync by [@​BlackDex](https://togithub.com/BlackDex) in [dani-garcia/vaultwarden#3804 - New config option disable email change by [@​admav](https://togithub.com/admav) in [dani-garcia/vaultwarden#3986 - 2FA Confirmation Code Email subject line change to fix triggering Google spam blocker by [@​aureateflux](https://togithub.com/aureateflux) in [dani-garcia/vaultwarden#3572 - Implement cipher key encryption by [@​dani-garcia](https://togithub.com/dani-garcia) in [dani-garcia/vaultwarden#3990 - Container building changes by [@​BlackDex](https://togithub.com/BlackDex) in [dani-garcia/vaultwarden#3958 - Fix issue with MariaDB/MySQL migrations by [@​BlackDex](https://togithub.com/BlackDex) in [dani-garcia/vaultwarden#3994 - feat: Working passkeys storage by [@​GeekCornerGH](https://togithub.com/GeekCornerGH) in [dani-garcia/vaultwarden#4025 - ci: add trivy workflow by [@​mightyBroccoli](https://togithub.com/mightyBroccoli) in [dani-garcia/vaultwarden#3997 - Fix importing Bitwarden exports by [@​BlackDex](https://togithub.com/BlackDex) in [dani-garcia/vaultwarden#4030 #### New Contributors - [@​tuhanayim](https://togithub.com/tuhanayim) made their first contribution in [dani-garcia/vaultwarden#3959 - [@​mvalois](https://togithub.com/mvalois) made their first contribution in [dani-garcia/vaultwarden#3981 - [@​AndreasHGK](https://togithub.com/AndreasHGK) made their first contribution in [dani-garcia/vaultwarden#3965 - [@​tobiasmboelz](https://togithub.com/tobiasmboelz) made their first contribution in [dani-garcia/vaultwarden#3909 - [@​admav](https://togithub.com/admav) made their first contribution in [dani-garcia/vaultwarden#3986 - [@​aureateflux](https://togithub.com/aureateflux) made their first contribution in [dani-garcia/vaultwarden#3572 - [@​mightyBroccoli](https://togithub.com/mightyBroccoli) made their first contribution in [dani-garcia/vaultwarden#3997 **Full Changelog**: dani-garcia/vaultwarden@1.29.2...1.30.0 </details> --- ### Configuration 📅 **Schedule**: Branch creation - "on saturday" (UTC), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://developer.mend.io/github/arthurgeek/vaultwarden-fly). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy40Ni4wIiwidXBkYXRlZEluVmVyIjoiMzcuNDYuMCIsInRhcmdldEJyYW5jaCI6Im1haW4ifQ==--> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
to ensure critical and high vulnerabilties are detected quickly