Anchore Container Scan

Version updated for https://github.com/anchore/scan-action to version v7.2.3.

• This publisher is shown as ‘verified’ by GitHub.
• This action is used across all versions by 8,554 repositories.

Go to the GitHub Marketplace to find the latest changes.

Action Summary

This GitHub Action leverages the Grype vulnerability scanner to detect security vulnerabilities in files, directories, container images, or SBOMs during CI/CD workflows. It automates vulnerability scanning to ensure software integrity before deployment, with options to fail builds based on configurable severity thresholds. Key features include local scanning without external data transmission, support for various Linux distributions and programming languages, and detailed vulnerability reporting.

Release notes

New in scan-action v7.2.3

• chore(deps): update Grype to v0.104.4 (#566) [[anchore-actions-token-generator[bot]](https://github.com/anchore-actions-token-generator[bot])]
• chore(deps): bump @actions/cache from 4.1.0 to 5.0.1 (#563) [[dependabot[bot]](https://github.com/dependabot[bot])]

• anchore
• GitHub Actions