Anchore Container Scan

Version updated for https://github.com/anchore/scan-action to version v7.3.1.

• This publisher is shown as ‘verified’ by GitHub.
• This action is used across all versions by 8,627 repositories.

Go to the GitHub Marketplace to find the latest changes.

Action Summary

The GitHub Action for Vulnerability Scanning integrates the Grype scanner to detect vulnerabilities in files, directories, container images, or SBOM files during CI/CD workflows. It automates vulnerability scanning, enabling users to enforce security checks by failing builds based on configurable severity thresholds, all while operating locally without requiring external credentials. This action provides fast and comprehensive scans, supporting a wide range of system and language-based packages.

Release notes

v7.3.1

⬆️ Dependencies

• chore(deps): update Grype to v0.106.0 (#583) [@anchore-actions-token-generator[bot]]
• chore(deps): bump lodash from 4.17.21 to 4.17.23 (#580) [@dependabot[bot]]

• anchore
• GitHub Actions