From 35ff197900e928056adcc507bff5718957db31f0 Mon Sep 17 00:00:00 2001 From: Cas Donoghue Date: Mon, 4 Aug 2025 10:11:43 -0700 Subject: [PATCH] Log *what* components trigger a grype scan (#17905) This commit updates the grype action to log what components it is scanning (including any that are critical which will cause the action to fail). Previously the default sarif file was generated and nothing was logged. Without this commit it is impossible to tell from a failed action *what* is causing the failure. (cherry picked from commit 6b8d0903ce372f061f05571cdb210b0a95416948) --- .github/workflows/critical_vulnerability_scan.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/critical_vulnerability_scan.yml b/.github/workflows/critical_vulnerability_scan.yml index e1e290c91df..8f10847619a 100644 --- a/.github/workflows/critical_vulnerability_scan.yml +++ b/.github/workflows/critical_vulnerability_scan.yml @@ -22,3 +22,4 @@ jobs: path: "./scan" fail-build: true severity-cutoff: critical + output-format: table