Merge pull request #179 from MaibornWolff/dev

chore: merge to main for release 2024_07
MaibornWolff · Jul 20, 2024 · 368b4b1 · 368b4b1
2 parents 5cb0527 + 27ab715
commit 368b4b1
Show file tree

Hide file tree

Showing 4 changed files with 16 additions and 16 deletions.
diff --git a/.github/workflows/build_push_dev.yml b/.github/workflows/build_push_dev.yml
@@ -28,7 +28,7 @@ jobs:
         run: echo "CREATED=$(date +'%Y-%m-%dT%H:%M:%S')" >> $GITHUB_ENV
       -
         name: Build and push scanners
-        uses: docker/build-push-action@v5
+        uses: docker/build-push-action@v6
         with:
           context: .
           file: ./docker//Dockerfile
@@ -40,7 +40,7 @@ jobs:
             VERSION=dev
       -
         name: Build and push ZAP
-        uses: docker/build-push-action@v5
+        uses: docker/build-push-action@v6
         with:
           context: .
           file: ./docker_zap//Dockerfile

diff --git a/.github/workflows/build_push_latest.yml b/.github/workflows/build_push_latest.yml
@@ -35,7 +35,7 @@ jobs:
         run: echo "CREATED=$(date +'%Y-%m-%dT%H:%M:%S')" >> $GITHUB_ENV
       -
         name: Build and push scanners
-        uses: docker/build-push-action@v5
+        uses: docker/build-push-action@v6
         with:
           context: .
           file: ./docker//Dockerfile
@@ -49,7 +49,7 @@ jobs:
             VERSION=${{ github.event.inputs.release }}
       -
         name: Build and push ZAP
-        uses: docker/build-push-action@v5
+        uses: docker/build-push-action@v6
         with:
           context: .
           file: ./docker_zap//Dockerfile

diff --git a/docker/Dockerfile b/docker/Dockerfile
@@ -1,5 +1,5 @@
 # Python build stage
-FROM python:3.12.4-alpine as python-build-stage
+FROM python:3.12.4-alpine AS python-build-stage
 
 # Install gcc to be able to compile wheels for python packages
 RUN apk add --no-cache gcc musl-dev python3-dev
@@ -10,9 +10,9 @@ COPY docker/requirements.txt .
 RUN pip wheel --wheel-dir /usr/src/app/wheels -r ./requirements.txt
 
 # Go build stage for KICS
-FROM golang:1.22.4-alpine as go-build-stage
+FROM golang:1.22.5-alpine AS go-build-stage
 
-ARG KICS_VERSION=2.0.1
+ARG KICS_VERSION=2.1.1
 
 # Install kics from GitHub
 WORKDIR /usr/local/kics
@@ -22,13 +22,13 @@ RUN wget --no-verbose https://github.com/Checkmarx/kics/archive/refs/tags/v${KIC
     && go build -o ./bin/kics cmd/console/main.go
 
 # Python run stage
-FROM python:3.12.4-alpine as python-run-stage
+FROM python:3.12.4-alpine AS python-run-stage
 
-ARG GITLEAKS_VERSION=8.18.3
-ARG GRYPE_VERSION=0.78.0
-ARG KICS_VERSION=2.0.1
-ARG TRIVY_VERSION=0.52.0
-ARG TFSEC_VERSION=1.28.6
+ARG GITLEAKS_VERSION=8.18.4
+ARG GRYPE_VERSION=0.79.3
+ARG KICS_VERSION=2.1.1
+ARG TRIVY_VERSION=0.53.0
+ARG TFSEC_VERSION=1.28.10
 
 ARG CREATED
 ARG REVISION

diff --git a/docker/requirements.txt b/docker/requirements.txt
@@ -1,15 +1,15 @@
 # Bandit
 # ----------------------------------------------------------------
-bandit==1.7.8  # https://github.com/PyCQA/bandit
+bandit==1.7.9  # https://github.com/PyCQA/bandit
 bandit-sarif-formatter==1.1.1  # https://github.com/microsoft/bandit-sarif-formatter
 
 # Checkov
 # ----------------------------------------------------------------
-checkov==3.2.93  # https://github.com/bridgecrewio/checkov
+checkov==3.2.194  # https://github.com/bridgecrewio/checkov
 
 # Semgrep
 # ----------------------------------------------------------------
-semgrep==1.75.0  # https://github.com/returntocorp/semgrep
+semgrep==1.80.0  # https://github.com/returntocorp/semgrep
 
 # CryptoLyzer
 # ----------------------------------------------------------------