Merge pull request #3461 from cdr/jsjoeio/fix-3459
fix(ci): disable trivy-scan-image
This commit is contained in:
commit
c6d5da1c9c
7
.github/workflows/ci.yaml
vendored
7
.github/workflows/ci.yaml
vendored
@ -434,7 +434,9 @@ jobs:
|
|||||||
trivy-scan-image:
|
trivy-scan-image:
|
||||||
runs-on: ubuntu-20.04
|
runs-on: ubuntu-20.04
|
||||||
needs: docker-amd64
|
needs: docker-amd64
|
||||||
|
# NOTE@jsjoeio: disabling due to a memory issue upstream
|
||||||
|
# See: https://github.com/github/codeql-action/issues/528
|
||||||
|
if: 1 == 2
|
||||||
steps:
|
steps:
|
||||||
- name: Checkout code
|
- name: Checkout code
|
||||||
uses: actions/checkout@v2
|
uses: actions/checkout@v2
|
||||||
@ -457,6 +459,9 @@ jobs:
|
|||||||
output: "trivy-image-results.sarif"
|
output: "trivy-image-results.sarif"
|
||||||
severity: "HIGH,CRITICAL"
|
severity: "HIGH,CRITICAL"
|
||||||
|
|
||||||
|
- name: Debug Trivy SARIF file
|
||||||
|
run: cat trivy-image-results.sarif && ls -l trivy-image-results.sarif
|
||||||
|
|
||||||
- name: Upload Trivy scan results to GitHub Security tab
|
- name: Upload Trivy scan results to GitHub Security tab
|
||||||
uses: github/codeql-action/upload-sarif@v1
|
uses: github/codeql-action/upload-sarif@v1
|
||||||
with:
|
with:
|
||||||
|
@ -80,6 +80,7 @@
|
|||||||
"doctoc/**/trim": "^1.0.0",
|
"doctoc/**/trim": "^1.0.0",
|
||||||
"postcss": "^8.2.1",
|
"postcss": "^8.2.1",
|
||||||
"parcel-bundler/cssnano": "^5.0.2",
|
"parcel-bundler/cssnano": "^5.0.2",
|
||||||
|
"browserslist": "^4.16.5",
|
||||||
"safe-buffer": "^5.1.1",
|
"safe-buffer": "^5.1.1",
|
||||||
"vfile-message": "^2.0.2"
|
"vfile-message": "^2.0.2"
|
||||||
},
|
},
|
||||||
|
20
yarn.lock
20
yarn.lock
@ -1867,18 +1867,7 @@ browserify-zlib@^0.2.0:
|
|||||||
dependencies:
|
dependencies:
|
||||||
pako "~1.0.5"
|
pako "~1.0.5"
|
||||||
|
|
||||||
browserslist@^4.0.0, browserslist@^4.1.0, browserslist@^4.12.0, browserslist@^4.14.5, browserslist@^4.16.3:
|
browserslist@^4.0.0, browserslist@^4.1.0, browserslist@^4.12.0, browserslist@^4.14.5, browserslist@^4.16.0, browserslist@^4.16.3, browserslist@^4.16.5:
|
||||||
version "4.16.4"
|
|
||||||
resolved "https://registry.yarnpkg.com/browserslist/-/browserslist-4.16.4.tgz#7ebf913487f40caf4637b892b268069951c35d58"
|
|
||||||
integrity sha512-d7rCxYV8I9kj41RH8UKYnvDYCRENUlHRgyXy/Rhr/1BaeLGfiCptEdFE8MIrvGfWbBFNjVYx76SQWvNX1j+/cQ==
|
|
||||||
dependencies:
|
|
||||||
caniuse-lite "^1.0.30001208"
|
|
||||||
colorette "^1.2.2"
|
|
||||||
electron-to-chromium "^1.3.712"
|
|
||||||
escalade "^3.1.1"
|
|
||||||
node-releases "^1.1.71"
|
|
||||||
|
|
||||||
browserslist@^4.16.0:
|
|
||||||
version "4.16.6"
|
version "4.16.6"
|
||||||
resolved "https://registry.yarnpkg.com/browserslist/-/browserslist-4.16.6.tgz#d7901277a5a88e554ed305b183ec9b0c08f66fa2"
|
resolved "https://registry.yarnpkg.com/browserslist/-/browserslist-4.16.6.tgz#d7901277a5a88e554ed305b183ec9b0c08f66fa2"
|
||||||
integrity sha512-Wspk/PqO+4W9qp5iUTJsa1B/QrYn1keNCcEP5OvP7WBwT4KaDly0uONYmC6Xa3Z5IqnUgS0KcgLYu1l74x0ZXQ==
|
integrity sha512-Wspk/PqO+4W9qp5iUTJsa1B/QrYn1keNCcEP5OvP7WBwT4KaDly0uONYmC6Xa3Z5IqnUgS0KcgLYu1l74x0ZXQ==
|
||||||
@ -2030,7 +2019,7 @@ caniuse-api@^3.0.0:
|
|||||||
lodash.memoize "^4.1.2"
|
lodash.memoize "^4.1.2"
|
||||||
lodash.uniq "^4.5.0"
|
lodash.uniq "^4.5.0"
|
||||||
|
|
||||||
caniuse-lite@^1.0.0, caniuse-lite@^1.0.30001109, caniuse-lite@^1.0.30001208:
|
caniuse-lite@^1.0.0, caniuse-lite@^1.0.30001109:
|
||||||
version "1.0.30001209"
|
version "1.0.30001209"
|
||||||
resolved "https://registry.yarnpkg.com/caniuse-lite/-/caniuse-lite-1.0.30001209.tgz#1bb4be0bd118e98e21cfb7ef617b1ef2164622f4"
|
resolved "https://registry.yarnpkg.com/caniuse-lite/-/caniuse-lite-1.0.30001209.tgz#1bb4be0bd118e98e21cfb7ef617b1ef2164622f4"
|
||||||
integrity sha512-2Ktt4OeRM7EM/JaOZjuLzPYAIqmbwQMNnYbgooT+icoRGrKOyAxA1xhlnotBD1KArRSPsuJp3TdYcZYrL7qNxA==
|
integrity sha512-2Ktt4OeRM7EM/JaOZjuLzPYAIqmbwQMNnYbgooT+icoRGrKOyAxA1xhlnotBD1KArRSPsuJp3TdYcZYrL7qNxA==
|
||||||
@ -3028,11 +3017,6 @@ ee-first@1.1.1:
|
|||||||
resolved "https://registry.yarnpkg.com/ee-first/-/ee-first-1.1.1.tgz#590c61156b0ae2f4f0255732a158b266bc56b21d"
|
resolved "https://registry.yarnpkg.com/ee-first/-/ee-first-1.1.1.tgz#590c61156b0ae2f4f0255732a158b266bc56b21d"
|
||||||
integrity sha1-WQxhFWsK4vTwJVcyoViyZrxWsh0=
|
integrity sha1-WQxhFWsK4vTwJVcyoViyZrxWsh0=
|
||||||
|
|
||||||
electron-to-chromium@^1.3.712:
|
|
||||||
version "1.3.717"
|
|
||||||
resolved "https://registry.yarnpkg.com/electron-to-chromium/-/electron-to-chromium-1.3.717.tgz#78d4c857070755fb58ab64bcc173db1d51cbc25f"
|
|
||||||
integrity sha512-OfzVPIqD1MkJ7fX+yTl2nKyOE4FReeVfMCzzxQS+Kp43hZYwHwThlGP+EGIZRXJsxCM7dqo8Y65NOX/HP12iXQ==
|
|
||||||
|
|
||||||
electron-to-chromium@^1.3.723:
|
electron-to-chromium@^1.3.723:
|
||||||
version "1.3.727"
|
version "1.3.727"
|
||||||
resolved "https://registry.yarnpkg.com/electron-to-chromium/-/electron-to-chromium-1.3.727.tgz#857e310ca00f0b75da4e1db6ff0e073cc4a91ddf"
|
resolved "https://registry.yarnpkg.com/electron-to-chromium/-/electron-to-chromium-1.3.727.tgz#857e310ca00f0b75da4e1db6ff0e073cc4a91ddf"
|
||||||
|
Reference in New Issue
Block a user