diff --git a/.github/workflows/build_push_dev.yml b/.github/workflows/build_push_dev.yml index cef62797..84cb9860 100644 --- a/.github/workflows/build_push_dev.yml +++ b/.github/workflows/build_push_dev.yml @@ -14,7 +14,7 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v5 + uses: actions/checkout@v6 with: ref: dev - diff --git a/.github/workflows/build_push_latest.yml b/.github/workflows/build_push_latest.yml index dc1e836e..fd6fe720 100644 --- a/.github/workflows/build_push_latest.yml +++ b/.github/workflows/build_push_latest.yml @@ -19,7 +19,7 @@ jobs: steps: - name: Checkout - uses: actions/checkout@v5 + uses: actions/checkout@v6 with: ref: 'v${{ github.event.inputs.release }}' - diff --git a/actions/DAST/cryptolyzer/action.yaml b/actions/DAST/cryptolyzer/action.yaml index 890faebb..6e893b4f 100644 --- a/actions/DAST/cryptolyzer/action.yaml +++ b/actions/DAST/cryptolyzer/action.yaml @@ -42,7 +42,7 @@ inputs: runs: using: 'docker' - image: 'docker://ghcr.io/secobserve/secobserve-scanners:2025_11' + image: 'docker://ghcr.io/secobserve/secobserve-scanners:2025_12' entrypoint: '/entrypoints/entrypoint_cryptolyzer.sh' env: TARGET: ${{ inputs.target }} diff --git a/actions/DAST/drheader/action.yaml b/actions/DAST/drheader/action.yaml index c0755a97..d6bf7662 100644 --- a/actions/DAST/drheader/action.yaml +++ b/actions/DAST/drheader/action.yaml @@ -45,7 +45,7 @@ inputs: runs: using: 'docker' - image: 'docker://ghcr.io/secobserve/secobserve-scanners:2025_11' + image: 'docker://ghcr.io/secobserve/secobserve-scanners:2025_12' entrypoint: '/entrypoints/entrypoint_drheader.sh' env: TARGET: ${{ inputs.target }} diff --git a/actions/DAST/zap/action.yaml b/actions/DAST/zap/action.yaml index e96b9031..4c62ac09 100644 --- a/actions/DAST/zap/action.yaml +++ b/actions/DAST/zap/action.yaml @@ -46,7 +46,7 @@ inputs: runs: using: 'docker' - image: 'docker://ghcr.io/secobserve/secobserve-scanners-zap:2025_11' + image: 'docker://ghcr.io/secobserve/secobserve-scanners-zap:2025_12' entrypoint: '/entrypoints/entrypoint_zap.sh' env: TARGET: ${{ inputs.target }} diff --git a/actions/SAST/bandit/action.yaml b/actions/SAST/bandit/action.yaml index c4497b06..996fca9d 100644 --- a/actions/SAST/bandit/action.yaml +++ b/actions/SAST/bandit/action.yaml @@ -46,7 +46,7 @@ inputs: runs: using: 'docker' - image: 'docker://ghcr.io/secobserve/secobserve-scanners:2025_11' + image: 'docker://ghcr.io/secobserve/secobserve-scanners:2025_12' entrypoint: '/entrypoints/entrypoint_bandit.sh' env: TARGET: ${{ inputs.target }} diff --git a/actions/SAST/checkov/action.yaml b/actions/SAST/checkov/action.yaml index 413a5c32..b85a79bf 100644 --- a/actions/SAST/checkov/action.yaml +++ b/actions/SAST/checkov/action.yaml @@ -46,7 +46,7 @@ inputs: runs: using: 'docker' - image: 'docker://ghcr.io/secobserve/secobserve-scanners:2025_11' + image: 'docker://ghcr.io/secobserve/secobserve-scanners:2025_12' entrypoint: '/entrypoints/entrypoint_checkov.sh' env: TARGET: ${{ inputs.target }} diff --git a/actions/SAST/eslint/action.yaml b/actions/SAST/eslint/action.yaml index 7a4132fd..a23369ff 100644 --- a/actions/SAST/eslint/action.yaml +++ b/actions/SAST/eslint/action.yaml @@ -46,7 +46,7 @@ inputs: runs: using: 'docker' - image: 'docker://ghcr.io/secobserve/secobserve-scanners:2025_11' + image: 'docker://ghcr.io/secobserve/secobserve-scanners:2025_12' entrypoint: '/entrypoints/entrypoint_eslint.sh' env: TARGET: ${{ inputs.target }} diff --git a/actions/SAST/kics/action.yaml b/actions/SAST/kics/action.yaml index 65f3d848..91dd303a 100644 --- a/actions/SAST/kics/action.yaml +++ b/actions/SAST/kics/action.yaml @@ -50,7 +50,7 @@ inputs: runs: using: 'docker' - image: 'docker://ghcr.io/secobserve/secobserve-scanners:2025_11' + image: 'docker://ghcr.io/secobserve/secobserve-scanners:2025_12' entrypoint: '/entrypoints/entrypoint_kics.sh' env: TARGET: ${{ inputs.target }} diff --git a/actions/SAST/semgrep/action.yaml b/actions/SAST/semgrep/action.yaml index e8dbacbc..276db19b 100644 --- a/actions/SAST/semgrep/action.yaml +++ b/actions/SAST/semgrep/action.yaml @@ -50,7 +50,7 @@ inputs: runs: using: 'docker' - image: 'docker://ghcr.io/secobserve/secobserve-scanners:2025_11' + image: 'docker://ghcr.io/secobserve/secobserve-scanners:2025_12' entrypoint: '/entrypoints/entrypoint_semgrep.sh' env: TARGET: ${{ inputs.target }} diff --git a/actions/SAST/tfsec/action.yaml b/actions/SAST/tfsec/action.yaml index de3543b6..883af265 100644 --- a/actions/SAST/tfsec/action.yaml +++ b/actions/SAST/tfsec/action.yaml @@ -46,7 +46,7 @@ inputs: runs: using: 'docker' - image: 'docker://ghcr.io/secobserve/secobserve-scanners:2025_11' + image: 'docker://ghcr.io/secobserve/secobserve-scanners:2025_12' entrypoint: '/entrypoints/entrypoint_tfsec.sh' env: TARGET: ${{ inputs.target }} diff --git a/actions/SAST/trivy_config/action.yaml b/actions/SAST/trivy_config/action.yaml index cf75bc86..aa950c6e 100644 --- a/actions/SAST/trivy_config/action.yaml +++ b/actions/SAST/trivy_config/action.yaml @@ -46,7 +46,7 @@ inputs: runs: using: 'docker' - image: 'docker://ghcr.io/secobserve/secobserve-scanners:2025_11' + image: 'docker://ghcr.io/secobserve/secobserve-scanners:2025_12' entrypoint: '/entrypoints/entrypoint_trivy_config.sh' env: TARGET: ${{ inputs.target }} diff --git a/actions/SCA/grype_image/action.yaml b/actions/SCA/grype_image/action.yaml index 73b92765..daab94dd 100644 --- a/actions/SCA/grype_image/action.yaml +++ b/actions/SCA/grype_image/action.yaml @@ -45,7 +45,7 @@ inputs: runs: using: 'docker' - image: 'docker://ghcr.io/secobserve/secobserve-scanners:2025_11' + image: 'docker://ghcr.io/secobserve/secobserve-scanners:2025_12' entrypoint: '/entrypoints/entrypoint_grype_image.sh' env: TARGET: ${{ inputs.target }} diff --git a/actions/SCA/grype_sbom/action.yaml b/actions/SCA/grype_sbom/action.yaml index f19aa6a8..6c369dfd 100644 --- a/actions/SCA/grype_sbom/action.yaml +++ b/actions/SCA/grype_sbom/action.yaml @@ -45,7 +45,7 @@ inputs: runs: using: 'docker' - image: 'docker://ghcr.io/secobserve/secobserve-scanners:2025_11' + image: 'docker://ghcr.io/secobserve/secobserve-scanners:2025_12' entrypoint: '/entrypoints/entrypoint_grype_sbom.sh' env: TARGET: ${{ inputs.target }} diff --git a/actions/SCA/trivy_filesystem/action.yaml b/actions/SCA/trivy_filesystem/action.yaml index b8c34ab0..07ff8c93 100644 --- a/actions/SCA/trivy_filesystem/action.yaml +++ b/actions/SCA/trivy_filesystem/action.yaml @@ -50,7 +50,7 @@ inputs: runs: using: 'docker' - image: 'docker://ghcr.io/secobserve/secobserve-scanners:2025_11' + image: 'docker://ghcr.io/secobserve/secobserve-scanners:2025_12' entrypoint: '/entrypoints/entrypoint_trivy_filesystem.sh' env: TARGET: ${{ inputs.target }} diff --git a/actions/SCA/trivy_image/action.yaml b/actions/SCA/trivy_image/action.yaml index 91557536..22d828cc 100644 --- a/actions/SCA/trivy_image/action.yaml +++ b/actions/SCA/trivy_image/action.yaml @@ -46,7 +46,7 @@ inputs: runs: using: 'docker' - image: 'docker://ghcr.io/secobserve/secobserve-scanners:2025_11' + image: 'docker://ghcr.io/secobserve/secobserve-scanners:2025_12' entrypoint: '/entrypoints/entrypoint_trivy_image.sh' env: TARGET: ${{ inputs.target }} diff --git a/actions/check_security_gate/action.yaml b/actions/check_security_gate/action.yaml index d4757759..0efe493c 100644 --- a/actions/check_security_gate/action.yaml +++ b/actions/check_security_gate/action.yaml @@ -15,7 +15,7 @@ inputs: runs: using: 'docker' - image: 'docker://ghcr.io/secobserve/secobserve-scanners:2025_11' + image: 'docker://ghcr.io/secobserve/secobserve-scanners:2025_12' entrypoint: 'check_security_gate.sh' env: SO_API_BASE_URL: ${{ inputs.so_api_base_url }} diff --git a/actions/importer/action.yaml b/actions/importer/action.yaml index bf29e9bf..f2c7a2a1 100644 --- a/actions/importer/action.yaml +++ b/actions/importer/action.yaml @@ -41,7 +41,7 @@ inputs: runs: using: 'docker' - image: 'docker://ghcr.io/secobserve/secobserve-scanners:2025_11' + image: 'docker://ghcr.io/secobserve/secobserve-scanners:2025_12' entrypoint: 'file_upload_observations.sh' env: SO_UPLOAD: ${{ inputs.so_upload }} diff --git a/actions/secrets/gitleaks/action.yaml b/actions/secrets/gitleaks/action.yaml index 69c169f2..3a7ebdbd 100644 --- a/actions/secrets/gitleaks/action.yaml +++ b/actions/secrets/gitleaks/action.yaml @@ -42,7 +42,7 @@ inputs: runs: using: 'docker' - image: 'docker://ghcr.io/secobserve/secobserve-scanners:2025_11' + image: 'docker://ghcr.io/secobserve/secobserve-scanners:2025_12' entrypoint: '/entrypoints/entrypoint_gitleaks.sh' env: REPORT_NAME: ${{ inputs.report_name }} diff --git a/actions/secrets/trivy_filesystem_secrets/action.yaml b/actions/secrets/trivy_filesystem_secrets/action.yaml index 29e93ae3..b030ec34 100644 --- a/actions/secrets/trivy_filesystem_secrets/action.yaml +++ b/actions/secrets/trivy_filesystem_secrets/action.yaml @@ -46,7 +46,7 @@ inputs: runs: using: 'docker' - image: 'docker://ghcr.io/secobserve/secobserve-scanners:2025_11' + image: 'docker://ghcr.io/secobserve/secobserve-scanners:2025_12' entrypoint: '/entrypoints/entrypoint_trivy_filesystem_secrets.sh' env: TARGET: ${{ inputs.target }} diff --git a/actions/secrets/trivy_image_secrets/action.yaml b/actions/secrets/trivy_image_secrets/action.yaml index 95ba4ef1..2464817e 100644 --- a/actions/secrets/trivy_image_secrets/action.yaml +++ b/actions/secrets/trivy_image_secrets/action.yaml @@ -42,7 +42,7 @@ inputs: runs: using: 'docker' - image: 'docker://ghcr.io/secobserve/secobserve-scanners:2025_11' + image: 'docker://ghcr.io/secobserve/secobserve-scanners:2025_12' entrypoint: '/entrypoints/entrypoint_trivy_image_secrets.sh' env: TARGET: ${{ inputs.target }} diff --git a/actions/upload_observations/action.yaml b/actions/upload_observations/action.yaml index c88af927..68920ceb 100644 --- a/actions/upload_observations/action.yaml +++ b/actions/upload_observations/action.yaml @@ -30,7 +30,7 @@ inputs: runs: using: 'docker' - image: 'docker://ghcr.io/secobserve/secobserve-scanners:2025_11' + image: 'docker://ghcr.io/secobserve/secobserve-scanners:2025_12' entrypoint: 'file_upload_observations.sh' env: SO_API_BASE_URL: ${{ inputs.so_api_base_url }} diff --git a/actions/upload_sbom/action.yaml b/actions/upload_sbom/action.yaml index aa038927..1f0d9d7a 100644 --- a/actions/upload_sbom/action.yaml +++ b/actions/upload_sbom/action.yaml @@ -24,7 +24,7 @@ inputs: runs: using: 'docker' - image: 'docker://ghcr.io/secobserve/secobserve-scanners:2025_11' + image: 'docker://ghcr.io/secobserve/secobserve-scanners:2025_12' entrypoint: 'file_upload_observations.sh' env: SO_API_BASE_URL: ${{ inputs.so_api_base_url }} diff --git a/actions/vulnerability_scanner/action.yaml b/actions/vulnerability_scanner/action.yaml index 5726b087..239a78b5 100644 --- a/actions/vulnerability_scanner/action.yaml +++ b/actions/vulnerability_scanner/action.yaml @@ -12,7 +12,7 @@ inputs: runs: using: 'docker' - image: 'docker://ghcr.io/secobserve/secobserve-scanners:2025_11' + image: 'docker://ghcr.io/secobserve/secobserve-scanners:2025_12' entrypoint: '/entrypoints/entrypoint_vulnerability_scanner.sh' env: SO_CONFIGURATION: ${{ inputs.so_configuration }} diff --git a/docker/Dockerfile b/docker/Dockerfile index 880f9580..c212d865 100644 --- a/docker/Dockerfile +++ b/docker/Dockerfile @@ -12,9 +12,9 @@ COPY docker/requirements_checkov.txt . RUN pip wheel --wheel-dir /usr/src/app/wheels_checkov -r ./requirements_checkov.txt # Go build stage for KICS -FROM golang:1.25.4-alpine AS go-build-stage +FROM golang:1.25.5-alpine AS go-build-stage -ARG KICS_VERSION=2.1.15 +ARG KICS_VERSION=2.1.17 # Install kics from GitHub WORKDIR /usr/local/kics @@ -26,10 +26,10 @@ RUN wget --no-verbose https://github.com/Checkmarx/kics/archive/refs/tags/v${KIC # Python run stage FROM python:3.13-alpine AS python-run-stage -ARG GITLEAKS_VERSION=8.29.0 -ARG GRYPE_VERSION=0.103.0 -ARG KICS_VERSION=2.1.15 -ARG TRIVY_VERSION=0.67.2 +ARG GITLEAKS_VERSION=8.30.0 +ARG GRYPE_VERSION=0.104.2 +ARG KICS_VERSION=2.1.17 +ARG TRIVY_VERSION=0.68.1 ARG TFSEC_VERSION=1.28.14 ARG CREATED diff --git a/docker/requirements.txt b/docker/requirements.txt index 107817a2..92422597 100644 --- a/docker/requirements.txt +++ b/docker/requirements.txt @@ -1,11 +1,11 @@ # Bandit # ---------------------------------------------------------------- -bandit==1.8.6 # https://github.com/PyCQA/bandit +bandit==1.9.2 # https://github.com/PyCQA/bandit bandit-sarif-formatter==1.1.1 # https://github.com/microsoft/bandit-sarif-formatter # Semgrep # ---------------------------------------------------------------- -semgrep==1.142.1 # https://github.com/returntocorp/semgrep +semgrep==1.145.1 # https://github.com/returntocorp/semgrep # CryptoLyzer # ---------------------------------------------------------------- diff --git a/docker/requirements_checkov.txt b/docker/requirements_checkov.txt index 7649906f..e2bff09f 100644 --- a/docker/requirements_checkov.txt +++ b/docker/requirements_checkov.txt @@ -1,3 +1,3 @@ # Checkov # ---------------------------------------------------------------- -checkov==3.2.492 # https://github.com/bridgecrewio/checkov +checkov==3.2.495 # https://github.com/bridgecrewio/checkov diff --git a/templates/DAST/cryptolyzer.yml b/templates/DAST/cryptolyzer.yml index 672807cc..1b0c794f 100644 --- a/templates/DAST/cryptolyzer.yml +++ b/templates/DAST/cryptolyzer.yml @@ -1,6 +1,6 @@ .cryptolyzer: image: - name: ghcr.io/secobserve/secobserve-scanners:2025_11 + name: ghcr.io/secobserve/secobserve-scanners:2025_12 stage: post_deploy variables: GIT_STRATEGY: none diff --git a/templates/DAST/drheader.yml b/templates/DAST/drheader.yml index af16d388..bd85cb0d 100644 --- a/templates/DAST/drheader.yml +++ b/templates/DAST/drheader.yml @@ -1,6 +1,6 @@ .drheader: image: - name: ghcr.io/secobserve/secobserve-scanners:2025_11 + name: ghcr.io/secobserve/secobserve-scanners:2025_12 stage: post_deploy variables: GIT_STRATEGY: none diff --git a/templates/DAST/zap.yml b/templates/DAST/zap.yml index 19c5a5a8..322b2d3b 100644 --- a/templates/DAST/zap.yml +++ b/templates/DAST/zap.yml @@ -1,6 +1,6 @@ .zap: image: - name: ghcr.io/secobserve/secobserve-scanners-zap:2025_11 + name: ghcr.io/secobserve/secobserve-scanners-zap:2025_12 stage: post_deploy variables: GIT_STRATEGY: none diff --git a/templates/SAST/bandit.yml b/templates/SAST/bandit.yml index 5f921148..638c50c4 100644 --- a/templates/SAST/bandit.yml +++ b/templates/SAST/bandit.yml @@ -1,6 +1,6 @@ .bandit: image: - name: ghcr.io/secobserve/secobserve-scanners:2025_11 + name: ghcr.io/secobserve/secobserve-scanners:2025_12 stage: test variables: FURTHER_PARAMETERS: "" diff --git a/templates/SAST/checkov.yml b/templates/SAST/checkov.yml index f734e292..ed932e68 100644 --- a/templates/SAST/checkov.yml +++ b/templates/SAST/checkov.yml @@ -1,6 +1,6 @@ .checkov: image: - name: ghcr.io/secobserve/secobserve-scanners:2025_11 + name: ghcr.io/secobserve/secobserve-scanners:2025_12 stage: test variables: FURTHER_PARAMETERS: "" diff --git a/templates/SAST/eslint.yml b/templates/SAST/eslint.yml index b18ce0f7..f9ae5661 100644 --- a/templates/SAST/eslint.yml +++ b/templates/SAST/eslint.yml @@ -1,6 +1,6 @@ .eslint: image: - name: ghcr.io/secobserve/secobserve-scanners:2025_11 + name: ghcr.io/secobserve/secobserve-scanners:2025_12 stage: test variables: FURTHER_PARAMETERS: "" diff --git a/templates/SAST/kics.yml b/templates/SAST/kics.yml index a0101618..296132c9 100644 --- a/templates/SAST/kics.yml +++ b/templates/SAST/kics.yml @@ -1,6 +1,6 @@ .kics: image: - name: ghcr.io/secobserve/secobserve-scanners:2025_11 + name: ghcr.io/secobserve/secobserve-scanners:2025_12 stage: test variables: FURTHER_PARAMETERS: "" diff --git a/templates/SAST/semgrep.yml b/templates/SAST/semgrep.yml index 92da174b..bbd949b7 100644 --- a/templates/SAST/semgrep.yml +++ b/templates/SAST/semgrep.yml @@ -1,6 +1,6 @@ .semgrep: image: - name: ghcr.io/secobserve/secobserve-scanners:2025_11 + name: ghcr.io/secobserve/secobserve-scanners:2025_12 stage: test variables: FURTHER_PARAMETERS: "" diff --git a/templates/SAST/tfsec.yml b/templates/SAST/tfsec.yml index aab320bb..d93f5dc0 100644 --- a/templates/SAST/tfsec.yml +++ b/templates/SAST/tfsec.yml @@ -1,6 +1,6 @@ .kics: image: - name: ghcr.io/secobserve/secobserve-scanners:2025_11 + name: ghcr.io/secobserve/secobserve-scanners:2025_12 stage: test variables: FURTHER_PARAMETERS: "" diff --git a/templates/SAST/trivy_config.yml b/templates/SAST/trivy_config.yml index 00fdf150..853b9ebf 100644 --- a/templates/SAST/trivy_config.yml +++ b/templates/SAST/trivy_config.yml @@ -1,6 +1,6 @@ .kics: image: - name: ghcr.io/secobserve/secobserve-scanners:2025_11 + name: ghcr.io/secobserve/secobserve-scanners:2025_12 stage: test variables: FURTHER_PARAMETERS: "" diff --git a/templates/SCA/grype_image.yml b/templates/SCA/grype_image.yml index 1c1bff5f..afb7e9ba 100644 --- a/templates/SCA/grype_image.yml +++ b/templates/SCA/grype_image.yml @@ -1,6 +1,6 @@ .grype_image: image: - name: ghcr.io/secobserve/secobserve-scanners:2025_11 + name: ghcr.io/secobserve/secobserve-scanners:2025_12 stage: test variables: GIT_STRATEGY: none diff --git a/templates/SCA/grype_sbom.yml b/templates/SCA/grype_sbom.yml index e1fe5816..cb22b07a 100644 --- a/templates/SCA/grype_sbom.yml +++ b/templates/SCA/grype_sbom.yml @@ -1,6 +1,6 @@ .grype_image: image: - name: ghcr.io/secobserve/secobserve-scanners:2025_11 + name: ghcr.io/secobserve/secobserve-scanners:2025_12 stage: test variables: FURTHER_PARAMETERS: "" diff --git a/templates/SCA/trivy_filesystem.yml b/templates/SCA/trivy_filesystem.yml index d27851d3..333832b1 100644 --- a/templates/SCA/trivy_filesystem.yml +++ b/templates/SCA/trivy_filesystem.yml @@ -1,6 +1,6 @@ .trivy_filesystem: image: - name: ghcr.io/secobserve/secobserve-scanners:2025_11 + name: ghcr.io/secobserve/secobserve-scanners:2025_12 stage: test variables: FURTHER_PARAMETERS: "" diff --git a/templates/SCA/trivy_image.yml b/templates/SCA/trivy_image.yml index 4a618d0a..8fa7f402 100644 --- a/templates/SCA/trivy_image.yml +++ b/templates/SCA/trivy_image.yml @@ -1,6 +1,6 @@ .trivy_image: image: - name: ghcr.io/secobserve/secobserve-scanners:2025_11 + name: ghcr.io/secobserve/secobserve-scanners:2025_12 stage: test variables: GIT_STRATEGY: none diff --git a/templates/check_security_gate.yml b/templates/check_security_gate.yml index 4e6eb262..ce2cc85a 100644 --- a/templates/check_security_gate.yml +++ b/templates/check_security_gate.yml @@ -1,6 +1,6 @@ .check_security_gate: image: - name: ghcr.io/secobserve/secobserve-scanners:2025_11 + name: ghcr.io/secobserve/secobserve-scanners:2025_12 stage: post_test variables: GIT_STRATEGY: none diff --git a/templates/importer.yml b/templates/importer.yml index df077984..c23161e9 100644 --- a/templates/importer.yml +++ b/templates/importer.yml @@ -1,6 +1,6 @@ .importer: image: - name: ghcr.io/secobserve/secobserve-scanners:2025_11 + name: ghcr.io/secobserve/secobserve-scanners:2025_12 stage: upload variables: GIT_STRATEGY: none diff --git a/templates/secrets/gitleaks.yml b/templates/secrets/gitleaks.yml index 6fcc52d8..ffff49ec 100644 --- a/templates/secrets/gitleaks.yml +++ b/templates/secrets/gitleaks.yml @@ -1,6 +1,6 @@ .gitleaks: image: - name: ghcr.io/secobserve/secobserve-scanners:2025_11 + name: ghcr.io/secobserve/secobserve-scanners:2025_12 stage: test variables: FURTHER_PARAMETERS: "" diff --git a/templates/secrets/trivy_filesystem_secrets.yml b/templates/secrets/trivy_filesystem_secrets.yml index 231f7ba5..921e1f7d 100644 --- a/templates/secrets/trivy_filesystem_secrets.yml +++ b/templates/secrets/trivy_filesystem_secrets.yml @@ -1,6 +1,6 @@ .trivy_filesystem_secrets: image: - name: ghcr.io/secobserve/secobserve-scanners:2025_11 + name: ghcr.io/secobserve/secobserve-scanners:2025_12 stage: test variables: FURTHER_PARAMETERS: "" diff --git a/templates/secrets/trivy_image_secrets.yml b/templates/secrets/trivy_image_secrets.yml index 9ac38eaa..ba5d111f 100644 --- a/templates/secrets/trivy_image_secrets.yml +++ b/templates/secrets/trivy_image_secrets.yml @@ -1,6 +1,6 @@ .trivy_image_secrets: image: - name: ghcr.io/secobserve/secobserve-scanners:2025_11 + name: ghcr.io/secobserve/secobserve-scanners:2025_12 stage: test variables: GIT_STRATEGY: none diff --git a/templates/upload_observations.yml b/templates/upload_observations.yml index 12b478c7..9b3e3e16 100644 --- a/templates/upload_observations.yml +++ b/templates/upload_observations.yml @@ -1,6 +1,6 @@ .importer: image: - name: ghcr.io/secobserve/secobserve-scanners:2025_11 + name: ghcr.io/secobserve/secobserve-scanners:2025_12 stage: upload variables: GIT_STRATEGY: none diff --git a/templates/upload_sbom.yml b/templates/upload_sbom.yml index f5f10be6..a5ff38b2 100644 --- a/templates/upload_sbom.yml +++ b/templates/upload_sbom.yml @@ -1,6 +1,6 @@ .importer: image: - name: ghcr.io/secobserve/secobserve-scanners:2025_11 + name: ghcr.io/secobserve/secobserve-scanners:2025_12 stage: upload variables: GIT_STRATEGY: none diff --git a/templates/vulnerability_scanner.yml b/templates/vulnerability_scanner.yml index 4075a1db..81705924 100644 --- a/templates/vulnerability_scanner.yml +++ b/templates/vulnerability_scanner.yml @@ -1,6 +1,6 @@ .vulnerability_scanner: image: - name: ghcr.io/secobserve/secobserve-scanners:2025_11 + name: ghcr.io/secobserve/secobserve-scanners:2025_12 script: - /entrypoints/entrypoint_vulnerability_scanner.sh interruptible: true