summaryrefslogtreecommitdiff
path: root/.github/workflows/security.yml
AgeCommit message (Collapse)Author
2025-07-04[upd] github-actions: Bump aquasecurity/trivy-action (#4969)dependabot[bot]
Bumps [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) from 0.31.0 to 0.32.0. - [Release notes](https://github.com/aquasecurity/trivy-action/releases) - [Commits](https://github.com/aquasecurity/trivy-action/compare/0.31.0...0.32.0) --- updated-dependencies: - dependency-name: aquasecurity/trivy-action dependency-version: 0.32.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-06-06[upd] github-actions: Bump aquasecurity/trivy-action (#4898)dependabot[bot]
Bumps [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) from 0.30.0 to 0.31.0. - [Release notes](https://github.com/aquasecurity/trivy-action/releases) - [Commits](https://github.com/aquasecurity/trivy-action/compare/0.30.0...0.31.0) --- updated-dependencies: - dependency-name: aquasecurity/trivy-action dependency-version: 0.31.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-05-25[mod] ci: exclude some workflows from forks (#4849)Ivan Gabaldon
Excludes some workflows/jobs unneeded on forks. Closes https://github.com/searxng/searxng/issues/4847
2025-05-15[fix] CI: prevent race conditionIvan Gabaldon
`checker.yml` and `integration.yml` are the only workflows that are currently safe to be executed simultaneously, the others present a risk that the order of completion may not be expected. The ones that are chained from `integration.yml` can be called as many times as `integration.yml` workflows are running at that moment, the same with the trigger "workflow_dispatch". This can be fatal for workflows like `container.yml` that use a centralized cache to store and load the candidate images in a common tag called "searxng-<arch>". * For example, a `container.yml` workflow is executed after being chained from `integration.yml` (called "~1"), and seconds later it may be triggered again because another PR merged some breaking changes (called "~2"). While "~1" has already passed the test job successfully and is about to start the release job, "~2" finishes building the container and overwrites the references on the common tag. When "~1" in the release job loads the images using the common tag, it will load the container of "~2" instead of "~1" having skipped the whole test job process. The example is only set for the container workflow, but the other workflows might occur in a similar way.
2025-05-08[fix] fix security.yml workflow (#4735)Ivan Gabaldon
Uploading SARIFs needs to write into the repository GitHub security tab
2025-05-08[mod] CI refactor security.yml - style and cleanup changes (#4731)Ivan Gabaldon
2025-02-07[upd] upgrade: github actions / to ubuntu: 24.04 / to nvm: node 20.15Markus Heiser
- ubuntu-20.04 --> ubuntu-24.04 Signed-off-by: Markus Heiser <markus.heiser@darmarit.de>
2024-11-06[fix] issues reported by `make test.yamllint`Markus Heiser
Signed-off-by: Markus Heiser <markus.heiser@darmarit.de>
2023-09-15[CI] upgrade actions/checkout@v4 & actions/upload-artifact@v3Markus Heiser
Closes: https://github.com/searxng/searxng/issues/2777#issuecomment-1720958570 Signed-off-by: Markus Heiser <markus.heiser@darmarit.de>
2022-08-31GitHub worfklow: add daily security check using trivyAlexandre FLAMENT
generated by cgit v1.2.3 (git 2.25.1) at 2026-03-09 18:50:38 +0000