build(deps): bump anchore/scan-action from 6.2.0 to 6.3.0 (#712)

dependabot[bot] · web-flow · commit e71ac633d9c4 · 2025-06-16T14:48:17.000-04:00
Bumps [anchore/scan-action](https://github.com/anchore/scan-action) from 6.2.0 to 6.3.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/anchore/scan-action/releases">anchore/scan-action's releases</a>.</em></p> <blockquote> <h2>v6.3.0</h2> <h2>New in scan-action v6.3.0</h2> <ul> <li>Update Grype to v0.94.0 (<a href="https://redirect.github.com/anchore/scan-action/issues/470">#470</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/anchore/scan-action/commit/be7a22da4f22dde446c4c4c099887ff5b256526c"><code>be7a22d</code></a> chore(deps): update Grype to v0.94.0 (<a href="https://redirect.github.com/anchore/scan-action/issues/470">#470</a>)</li> <li><a href="https://github.com/anchore/scan-action/commit/77f24ed70d7ec1b51bac2e40dea14eda7ca45ee7"><code>77f24ed</code></a> chore: remove npm audit from workflow (<a href="https://redirect.github.com/anchore/scan-action/issues/475">#475</a>)</li> <li><a href="https://github.com/anchore/scan-action/commit/251fd2c39f60e9dee3293aa6715bfd709ba02952"><code>251fd2c</code></a> chore(deps-dev): bump eslint from 9.25.1 to 9.26.0 (<a href="https://redirect.github.com/anchore/scan-action/issues/465">#465</a>)</li> <li><a href="https://github.com/anchore/scan-action/commit/98d9c29c1a1ffd6cb2165dab676e2bfb65be829f"><code>98d9c29</code></a> Fix issue with missing permissions directive in example workflow (<a href="https://redirect.github.com/anchore/scan-action/issues/466">#466</a>)</li> <li><a href="https://github.com/anchore/scan-action/commit/52d195a70b108f757eb0f0f27061dbac4e7f876c"><code>52d195a</code></a> chore(deps): update Grype to v0.92.0 (<a href="https://redirect.github.com/anchore/scan-action/issues/464">#464</a>)</li> <li><a href="https://github.com/anchore/scan-action/commit/16d8e0676574f6423d256b7e1f51d987c391dce0"><code>16d8e06</code></a> chore(deps-dev): bump lint-staged from 15.5.1 to 16.0.0 (<a href="https://redirect.github.com/anchore/scan-action/issues/468">#468</a>)</li> <li>See full diff in <a href="https://github.com/anchore/scan-action/compare/2c901ab7378897c01b8efaa2d0c9bf519cc64b9e...be7a22da4f22dde446c4c4c099887ff5b256526c">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=anchore/scan-action&package-manager=github_actions&previous-version=6.2.0&new-version=6.3.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
diff --git a/.github/workflows/serverless-vuln-scan.yml b/.github/workflows/serverless-vuln-scan.yml
@@ -52,7 +52,7 @@ jobs:
           format: table
 
       - name: Scan latest release image with grype
-        uses: anchore/scan-action@2c901ab7378897c01b8efaa2d0c9bf519cc64b9e # v6.2.0
+        uses: anchore/scan-action@be7a22da4f22dde446c4c4c099887ff5b256526c # v6.3.0
         with:
           image: "public.ecr.aws/datadog/lambda-extension:latest"
           only-fixed: true
@@ -61,7 +61,7 @@ jobs:
           output-format: table
 
       - name: Scan latest-alpine release image with grype
-        uses: anchore/scan-action@2c901ab7378897c01b8efaa2d0c9bf519cc64b9e # v6.2.0
+        uses: anchore/scan-action@be7a22da4f22dde446c4c4c099887ff5b256526c # v6.3.0
         with:
           image: "public.ecr.aws/datadog/lambda-extension:latest-alpine"
           only-fixed: true
@@ -70,7 +70,7 @@ jobs:
           output-format: table
 
       - name: Scan latest serverless-init image with grype
-        uses: anchore/scan-action@2c901ab7378897c01b8efaa2d0c9bf519cc64b9e # v6.2.0
+        uses: anchore/scan-action@be7a22da4f22dde446c4c4c099887ff5b256526c # v6.3.0
         with:
           image: "datadog/serverless-init:latest"
           only-fixed: true
@@ -79,7 +79,7 @@ jobs:
           output-format: table
 
       - name: Scan latest-alpine serverless-init image with grype
-        uses: anchore/scan-action@2c901ab7378897c01b8efaa2d0c9bf519cc64b9e # v6.2.0
+        uses: anchore/scan-action@be7a22da4f22dde446c4c4c099887ff5b256526c # v6.3.0
         with:
           image: "datadog/serverless-init:latest-alpine"
           only-fixed: true
@@ -133,7 +133,7 @@ jobs:
           format: table
 
       - name: Scan amd64 image with grype
-        uses: anchore/scan-action@2c901ab7378897c01b8efaa2d0c9bf519cc64b9e # v6.2.0
+        uses: anchore/scan-action@be7a22da4f22dde446c4c4c099887ff5b256526c # v6.3.0
         with:
           image: "datadog/build-lambda-extension-amd64:${{ env.VERSION }}"
           only-fixed: true
@@ -142,7 +142,7 @@ jobs:
           output-format: table
 
       - name: Scan arm64 image with grype
-        uses: anchore/scan-action@2c901ab7378897c01b8efaa2d0c9bf519cc64b9e # v6.2.0
+        uses: anchore/scan-action@be7a22da4f22dde446c4c4c099887ff5b256526c # v6.3.0
         with:
           image: "datadog/build-lambda-extension-arm64:${{ env.VERSION }}"
           only-fixed: true
@@ -151,7 +151,7 @@ jobs:
           output-format: table
 
       - name: Scan binary files with grype
-        uses: anchore/scan-action@2c901ab7378897c01b8efaa2d0c9bf519cc64b9e # v6.2.0
+        uses: anchore/scan-action@be7a22da4f22dde446c4c4c099887ff5b256526c # v6.3.0
         with:
           path: go/src/github.com/DataDog/datadog-lambda-extension/.layers
           only-fixed: true
