grype_me

Version updated for https://github.com/TomTonic/grype_me to version v1.3.10-release.

• This action is used across all versions by 0 repositories.

Action Type

This is a Docker action.

Go to the GitHub Marketplace to find the latest changes.

Action Summary

The grype_me GitHub Action automates vulnerability scanning for your project’s supply chain using Anchore Grype, providing detailed reports and dynamic shields.io badges. It simplifies the detection of known vulnerabilities in repositories, container images, or SBOMs, and supports nightly scans of tagged releases with pre-downloaded vulnerability databases for faster execution. Key features include configurable build failure thresholds, severity-based reporting, and integrated badge generation for easy visibility of security status.

Release notes

What’s Changed

• Fix for GHSA-46g3-37rh-v698 (MEDIUM CVE) in CI code
• Update golang:1.26.1-bookworm Docker digest to 8e8aa80 by @renovate[bot] in https://github.com/TomTonic/grype_me/pull/56
• Update dependency importlib-metadata to v8.8.0 by @renovate[bot] in https://github.com/TomTonic/grype_me/pull/57
• Update dependency importlib-metadata to v9 by @renovate[bot] in https://github.com/TomTonic/grype_me/pull/58
• Pin dependencies by @renovate[bot] in https://github.com/TomTonic/grype_me/pull/59

Full Changelog: https://github.com/TomTonic/grype_me/compare/v1.3.9-release...v1.3.10-release

• TomTonic
• GitHub Actions