workflows: Bump OSV scanner

Bump to the latest version to pick up bug fixes Signed-off-by: stevenhorsman <steven@uk.ibm.com>
2026-02-22 06:43:41 +00:00 · 2026-02-13 16:41:10 +00:00
1 changed files with 4 additions and 2 deletions
--- a/.github/workflows/osv-scanner.yaml
+++ b/.github/workflows/osv-scanner.yaml
@@ -19,23 +19,25 @@ permissions: {}

 jobs:
  scan-scheduled:
+    name: Scan of whole repo
    permissions:
      actions: read # # Required to upload SARIF file to CodeQL
      contents: read  # Read commit contents
      security-events: write  # Require writing security events to upload SARIF file to security tab
    if: ${{ github.event_name == 'push' || github.event_name == 'schedule' || github.event_name == 'workflow_dispatch' }}
-    uses: "google/osv-scanner-action/.github/workflows/osv-scanner-reusable.yml@b00f71e051ddddc6e46a193c31c8c0bf283bf9e6" # v2.1.0
+    uses: "google/osv-scanner-action/.github/workflows/osv-scanner-reusable.yml@8ae4be80636b94886b3c271caad730985ce0611c" # v2.3.3
    with:
      scan-args: |-
        -r
        ./
  scan-pr:
+    name: Scan of just PR code
    permissions:
      actions: read # Required to upload SARIF file to CodeQL
      contents: read  # Read commit contents
      security-events: write  # Require writing security events to upload SARIF file to security tab
    if: ${{ github.event_name == 'pull_request' }}
-    uses: "google/osv-scanner-action/.github/workflows/osv-scanner-reusable-pr.yml@b00f71e051ddddc6e46a193c31c8c0bf283bf9e6" # v2.1.0
+    uses: "google/osv-scanner-action/.github/workflows/osv-scanner-reusable-pr.yml@b8ae4be80636b94886b3c271caad730985ce0611c" # v2.3.3
    with:
      # Example of specifying custom arguments
      scan-args: |-