Skip to content

chore(deps): bump complytime/org-infra/.github/workflows/reusable_trivy_image_scan.yml from e266be092e71ac9343fcd6d5cafc50402161981e to 638b2037394ca0f0b860a135c7c27dce75fd3c03#71

Closed
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/github_actions/complytime/org-infra/dot-github/workflows/reusable_trivy_image_scan.yml-638b2037394ca0f0b860a135c7c27dce75fd3c03
Closed

chore(deps): bump complytime/org-infra/.github/workflows/reusable_trivy_image_scan.yml from e266be092e71ac9343fcd6d5cafc50402161981e to 638b2037394ca0f0b860a135c7c27dce75fd3c03#71
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/github_actions/complytime/org-infra/dot-github/workflows/reusable_trivy_image_scan.yml-638b2037394ca0f0b860a135c7c27dce75fd3c03

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 26, 2026

Copy link
Copy Markdown
Contributor

Bumps complytime/org-infra/.github/workflows/reusable_trivy_image_scan.yml from e266be092e71ac9343fcd6d5cafc50402161981e to 638b2037394ca0f0b860a135c7c27dce75fd3c03.

Changelog

Sourced from complytime/org-infra/.github/workflows/reusable_trivy_image_scan.yml's changelog.

Changelog

Unreleased

Changed

  • crapload workflow: Replaced custom scripts/compare-crapload.sh (315 lines) with gaze's native gaze crap --baseline comparison. The workflow now writes a temporary .gaze.yaml from workflow inputs when the consumer repo has no config file, preserving backward compatibility. PR comment generation is inline via jq. (#328)

Removed

  • scripts/compare-crapload.sh — comparison logic is now native to gaze
  • TestCompareCrapload test class (5 tests, 203 lines) — covered by 34 upstream tests in gaze
Commits
  • 638b203 ci(deps): bump release-drafter/release-drafter from 7.4.0 to 7.5.1
  • 8222761 ci(deps): bump actions/setup-python from 6.2.0 to 6.3.0
  • f0c3d41 ci(deps): bump actions/setup-go from 6.4.0 to 6.5.0
  • 33c4fc5 chore: updates reusable_compliance.yml refs (#362)
  • 769c263 fix: remove invalid run.skip-dirs from .golangci.yml sync template
  • 90151e5 chore: remove gemara-content-service from sync exclusion list
  • 4468086 chore(deps): bump pytest from 9.1.0 to 9.1.1
  • 44a6c8a chore(deps): bump https://github.com/astral-sh/ruff-pre-commit
  • 74cf3d5 chore(deps): bump ruff from 0.15.17 to 0.15.18
  • 9ac1df8 fix: addresses feedback from review
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

…vy_image_scan.yml

Bumps [complytime/org-infra/.github/workflows/reusable_trivy_image_scan.yml](https://github.com/complytime/org-infra) from e266be092e71ac9343fcd6d5cafc50402161981e to 638b2037394ca0f0b860a135c7c27dce75fd3c03.
- [Release notes](https://github.com/complytime/org-infra/releases)
- [Changelog](https://github.com/complytime/org-infra/blob/main/CHANGELOG.md)
- [Commits](complytime/org-infra@e266be0...638b203)

---
updated-dependencies:
- dependency-name: complytime/org-infra/.github/workflows/reusable_trivy_image_scan.yml
  dependency-version: 638b2037394ca0f0b860a135c7c27dce75fd3c03
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Jun 26, 2026
@dependabot dependabot Bot requested a review from a team as a code owner June 26, 2026 01:53
@dependabot dependabot Bot requested review from gvauter and hbraswelrh and removed request for a team June 26, 2026 01:53
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Jun 26, 2026
@dependabot @github

dependabot Bot commented on behalf of github Jul 3, 2026

Copy link
Copy Markdown
Contributor Author

Superseded by #96.

@dependabot dependabot Bot closed this Jul 3, 2026
@dependabot dependabot Bot deleted the dependabot/github_actions/complytime/org-infra/dot-github/workflows/reusable_trivy_image_scan.yml-638b2037394ca0f0b860a135c7c27dce75fd3c03 branch July 3, 2026 01:53
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants