@slack-actions/workflow-notification@4.0.0

4.0.0 (2025-01-03)

✨ Features

• release: independent releases for public shared actions (#201) (3d24b7f)

Breaking changes

• release: - Each project within Public Shared Action is now treated as an independent package.

• Each package will have its own versioned release.
• Releases tag example "@security-actions/scan-docker-image@1.1.0".
• Markdown (.md) files will be ignored when determining changes for releases.

2.7.3 (2024-09-30)

✨ Features

• slack: new workflow inputs (#163) (28d20a1)

2.7.2 (2024-09-27)

🐛 Bug Fixes

• success not status (#162) (0aaaa49)

2.7.1 (2024-09-27)

🐛 Bug Fixes

• slack: flip failure message (#161) (4cf2875)

2.7.0 (2024-09-27)

✨ Features

• slack workflow conclusion notifications (#160) (33942dd)

@security-actions/sign-docker-image@4.0.0

4.0.0 (2025-01-03)

✨ Features

• release: independent releases for public shared actions (#201) (3d24b7f)

Breaking changes

• release: - Each project within Public Shared Action is now treated as an independent package.

• Each package will have its own versioned release.
• Releases tag example "@security-actions/scan-docker-image@1.1.0".
• Markdown (.md) files will be ignored when determining changes for releases.

2.2.2 (2024-04-25)

2.2.0 (2024-04-16)

♻️ Chores

• readme: Add usage examples to security actions (#106) (d9e10a3)

2.1.0 (2024-03-20)

⚙️ Continuous Integrations

• deps: bump cosign to v2.2.3 to avoid sigstore TUF invalid key issue (#100) (590c699)

1.15.0 (2024-01-22)

✨ Features

• SLSA/SEC-973: container image signing action (#65) (b7def0b)

@security-actions/semgrep@4.0.0

4.0.0 (2025-01-03)

✨ Features

• release: independent releases for public shared actions (#201) (3d24b7f)
• SEC-1211: update semgrep version (#154) (6d6e601)

♻️ Chores

• deps: bump github/codeql-action/upload-sarif from v2 to v3 (9d9c93f)
• docs: update semgrep readme (#195) (1a06695)
• readme: Add vulnerability migration and breakglass strategy for SCA and CVE action (#107) (ad89a25)

Breaking changes

• release: - Each project within Public Shared Action is now treated as an independent package.

• Each package will have its own versioned release.
• Releases tag example "@security-actions/scan-docker-image@1.1.0".
• Markdown (.md) files will be ignored when determining changes for releases.

1.15.0 (2024-01-22)

♻️ Chores

• ci: configurable failure mode for semgrep (#55) (bc77fa6)

@security-actions/scan-rust@4.0.0

4.0.0 (2025-01-03)

✨ Features

• release: independent releases for public shared actions (#201) (3d24b7f)

♻️ Chores

• deps: bump github/codeql-action/upload-sarif from v2 to v3 (9d9c93f)

Breaking changes

• release: - Each project within Public Shared Action is now treated as an independent package.

• Each package will have its own versioned release.
• Releases tag example "@security-actions/scan-docker-image@1.1.0".
• Markdown (.md) files will be ignored when determining changes for releases.

1.15.0 (2024-01-22)

1.8.0 (2023-06-26)

📦 Code Refactoring

• sca: Separate linters and sca for rust (#46) (b037b99)

@security-actions/scan-docker-image@4.0.0

4.0.0 (2025-01-03)

✨ Features

• release: independent releases for public shared actions (#201) (3d24b7f)

Breaking changes

• release: - Each project within Public Shared Action is now treated as an independent package.

• Each package will have its own versioned release.
• Releases tag example "@security-actions/scan-docker-image@1.1.0".
• Markdown (.md) files will be ignored when determining changes for releases.

2.8.0 (2024-12-02)

✨ Features

• security-actions/scan-docker-image: support trivy_db_cache as alternate (#184) (0ccacff)

2.6.0 (2024-09-19)

✨ Features

• input to skip Trivy scan (#156) (ecbcd70)

2.5.1 (2024-09-03)

2.5.0 (2024-08-27)

🐛 Bug Fixes

• omitted severity flags in docker image scan action (#142) (f19e9a7)

2.4.1 (2024-08-22)

2.4.0 (2024-08-16)

2.3.0 (2024-05-20)

2.2.1 (2024-04-17)

2.2.0 (2024-04-16)

♻️ Chores

• readme: Add usage examples to security actions (#106) (d9e10a3)
• readme: Add vulnerability migration and breakglass strategy for SCA and CVE action (#107) (ad89a25)

2.0.3 (2024-03-04)

⚙️ Continuous Integrations

• .github: deprecate reuse of sca scan action in docker image scan (#95) (60c9b13)

2.0.1 (2024-02-07)

⚙️ Continuous Integrations

• .github: fix sca action path and ref for image scan (#93) (17456e7)

2.0.0 (2024-02-01)

⚙️ Continuous Integrations

• .github: generalize sca scan for non docker artifacts (#89) (7f27a2b)

1.15.0 (2024-01-22)

1.13.0 (2023-09-18)

1.11.0 (2023-07-06)

✨ Features

• ingore unfixed for trivy image scan (#51) (1c1db81)

🐛 Bug Fixes

• ci: Fix grype output file and dependency (#38) (45d3c9a)

1.3.0 (2023-06-08)

✨ Features

• cd: add trivy docker-cis scan (#1) (84f743c)
• cd: Use pinned tags instead of latest (4b6870c)

🐛 Bug Fixes

• cd: only pass input flag to trivy action when docker tar is present (cbe4f65)

♻️ Chores

• docs: update readme to include trivy docker-cis (ab12bb2)
• sbom-action: bump sbom action to 0.13.4 (396a2e4)

@security-actions/sca@4.0.0

4.0.0 (2025-01-03)

✨ Features

• release: independent releases for public shared actions (#201) (3d24b7f)

Breaking changes

• release: - Each project within Public Shared Action is now treated as an independent package.

• Each package will have its own versioned release.
• Releases tag example "@security-actions/scan-docker-image@1.1.0".
• Markdown (.md) files will be ignored when determining changes for releases.

2.5.1 (2024-09-03)

2.5.0 (2024-08-27)

2.4.1 (2024-08-22)

2.4.0 (2024-08-16)

2.3.0 (2024-05-20)

2.2.1 (2024-04-17)

2.2.0 (2024-04-16)

♻️ Chores

• readme: Add usage examples to security actions (#106) (d9e10a3)
• readme: Add vulnerability migration and breakglass strategy for SCA and CVE action (#107) (ad89a25)

2.0.3 (2024-03-04)

⚙️ Continuous Integrations

• .github: deprecate reuse of sca scan action in docker image scan (#95) (60c9b13)

2.0.2 (2024-02-12)

✨ Features

• Add optional "config" input to sca syft action (#94) (b0ef627)

⚙️ Continuous Integrations

• .github: generalize sca scan for non docker artifacts (#89) (7f27a2b)

@pr-previews/validate@4.0.0

4.0.0 (2025-01-03)

✨ Features

• release: independent releases for public shared actions (#201) (3d24b7f)

🐛 Bug Fixes

• moving actions that deal with PR preview packages from shared-actions [KHCP-7461] (#18) (a61b6ff)
• validate: check all pr formats (#52) (052816f)

Breaking changes

• release: - Each project within Public Shared Action is now treated as an independent package.

• Each package will have its own versioned release.
• Releases tag example "@security-actions/scan-docker-image@1.1.0".
• Markdown (.md) files will be ignored when determining changes for releases.

@pr-previews/up-to-date@4.0.0

4.0.0 (2025-01-03)

✨ Features

• release: independent releases for public shared actions (#201) (3d24b7f)

🐛 Bug Fixes

• moving actions that deal with PR preview packages from shared-actions [KHCP-7461] (#18) (a61b6ff)

Breaking changes

• release: - Each project within Public Shared Action is now treated as an independent package.

• Each package will have its own versioned release.
• Releases tag example "@security-actions/scan-docker-image@1.1.0".
• Markdown (.md) files will be ignored when determining changes for releases.

@pr-previews/cleanup@4.0.0

4.0.0 (2025-01-03)

✨ Features

• limit cleanup to versions created in last X days [KHCP-7885] (#58) (3c05dce)
• release: independent releases for public shared actions (#201) (3d24b7f)

🐛 Bug Fixes

• cleanup starting with newer PR versions [KHCP-7461] (#44) (92fb10e)
• do not attempt to proceed already removed version [KHCP-7885] (#59) (32dac54)
• moving actions that deal with PR preview packages from shared-actions [KHCP-7461] (#18) (a61b6ff)

Breaking changes

• release: - Each project within Public Shared Action is now treated as an independent package.

• Each package will have its own versioned release.
• Releases tag example "@security-actions/scan-docker-image@1.1.0".
• Markdown (.md) files will be ignored when determining changes for releases.

@code-check-actions/rust-lint@4.0.0

4.0.0 (2025-01-03)

✨ Features

• release: independent releases for public shared actions (#201) (3d24b7f)

♻️ Chores

• ci: configurable failure mode for semgrep (#55) (bc77fa6)
• readme: Add vulnerability migration and breakglass strategy for SCA and CVE action (#107) (ad89a25)

Breaking changes

• release: - Each project within Public Shared Action is now treated as an independent package.

• Each package will have its own versioned release.
• Releases tag example "@security-actions/scan-docker-image@1.1.0".
• Markdown (.md) files will be ignored when determining changes for releases.

1.10.0 (2023-06-26)

1.8.0 (2023-06-26)

📦 Code Refactoring

• sca: Separate linters and sca for rust (#46) (b037b99)