Merge pull request #24 from GeorgeDavis-Ibexlabs/minor-fixes

More Minor fixes

Author: GeorgeDavis-Ibexlabs

.github/workflows/build-ci.yml

@@ -90,7 +90,6 @@ jobs:
           scan-type: "fs"
           format: "github"
           output: "dependency-results.sbom.json"
-          image-ref: "georgedavisibexlabs/publish-sarif-to-jira:main"
           github-pat: ${{ secrets.GITHUB_TOKEN }}
 
       - name: Upload trivy SBOM as a Github artifact

.github/workflows/docker-publish.yml

@@ -30,25 +30,25 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Check out the repo
-        uses: actions/checkout@v4.1.7
+        uses: actions/checkout@v4.2.2
 
       - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@v3
+        uses: docker/setup-buildx-action@v3.11.1
 
       - name: Log in to Docker Hub
-        uses: docker/login-action@v3.3.0
+        uses: docker/login-action@v3.4.0
         with:
           username: ${{ secrets.DOCKERHUB_USERNAME }}
           password: ${{ secrets.DOCKERHUB_TOKEN }}
 
       - name: Extract metadata (tags, labels) for Docker
         id: meta
-        uses: docker/metadata-action@v5.5.1
+        uses: docker/metadata-action@v5.7.0
         with:
           images: georgedavisibexlabs/publish-sarif-to-jira
 
       - name: Build and push Docker image
-        uses: docker/build-push-action@v6.6.1
+        uses: docker/build-push-action@v6.18.0
         with:
           context: .
           file: Dockerfile
@@ -58,7 +58,7 @@ jobs:
           labels: ${{ steps.meta.outputs.labels }}
 
       - name: Update Docker Hub description
-        uses: peter-evans/dockerhub-description@v4.0.0
+        uses: peter-evans/dockerhub-description@v4.0.2
         with:
           username: ${{ secrets.DOCKERHUB_USERNAME }}
           password: ${{ secrets.DOCKERHUB_TOKEN }}
@@ -68,15 +68,15 @@ jobs:
           enable-url-completion: true
 
       - name: Run Trivy Image scanner
-        uses: aquasecurity/trivy-action@0.24.0
+        uses: aquasecurity/trivy-action@0.32.0
         with:
           scan-type: 'image'
           image-ref: 'georgedavisibexlabs/publish-sarif-to-jira:main'
           limit-severities-for-sarif: true
           trivy-config: .github/config/trivy-sarif.yaml
 
       - name: Upload Trivy Image scan results
-        uses: actions/upload-artifact@v4.3.6
+        uses: actions/upload-artifact@v4.6.2
         with:
           name: trivy-image-scan-results
           path: trivy-image-scan-results.sarif

requirements.txt

@@ -2,5 +2,5 @@ atlassian_doc_builder==0.4
 jira==3.8.0
 mergedeep==1.3.4
 python_json_config==1.2.3
-setuptools==69.1.0
-sarif-tools==2.0.0
+setuptools==80.9.0
+sarif-tools==3.0.4