mirror of
https://github.com/dani-garcia/vaultwarden
synced 2024-12-15 01:53:43 +01:00
e3541763fd
* Fix collections not editable by managers Since a newer version of the web-vault we use manager were not able to create sub collections anymore. This was because of some missing details in the response of some json objects. This commit fixes this by using the `to_json_details` instead of the `to_json` Fixes #5066 Fixes #5044 * Update crates and GitHub Actions - Updated all the crates - Updated all the GHA dependencies - Configured the trivy workflow to only run on the main repo and not on forks Also selected a random new scheduled date so it will not run at the same time as all other forks. The two changes should help running this scan every day without failing, and also prevent the same for new or updated forks.
45 lines
1.2 KiB
YAML
45 lines
1.2 KiB
YAML
name: trivy
|
|
|
|
on:
|
|
push:
|
|
branches:
|
|
- main
|
|
tags:
|
|
- '*'
|
|
pull_request:
|
|
branches: [ "main" ]
|
|
schedule:
|
|
- cron: '08 11 * * *'
|
|
|
|
permissions:
|
|
contents: read
|
|
|
|
jobs:
|
|
trivy-scan:
|
|
# Only run this in the master repo and not on forks
|
|
# When all forks run this at the same time, it is causing `Too Many Requests` issues
|
|
if: ${{ github.repository == 'dani-garcia/vaultwarden' }}
|
|
name: Check
|
|
runs-on: ubuntu-24.04
|
|
timeout-minutes: 30
|
|
permissions:
|
|
contents: read
|
|
security-events: write
|
|
actions: read
|
|
steps:
|
|
- name: Checkout code
|
|
uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 #v4.2.1
|
|
|
|
- name: Run Trivy vulnerability scanner
|
|
uses: aquasecurity/trivy-action@5681af892cd0f4997658e2bacc62bd0a894cf564 # v0.27.0
|
|
with:
|
|
scan-type: repo
|
|
ignore-unfixed: true
|
|
format: sarif
|
|
output: trivy-results.sarif
|
|
severity: CRITICAL,HIGH
|
|
|
|
- name: Upload Trivy scan results to GitHub Security tab
|
|
uses: github/codeql-action/upload-sarif@2bbafcdd7fbf96243689e764c2f15d9735164f33 # v3.26.6
|
|
with:
|
|
sarif_file: 'trivy-results.sarif'
|