fix: update Bun base image and enhance security scanning

- Update Bun from 1.2.14 to 1.2.18 to address CVE-2025-22874 - Pin Trivy action to stable version (0.28.0) - Add SARIF output for GitHub Security tab integration - Set ignore-unfixed to false for comprehensive vulnerability detection - Add security-events permission for uploading scan results - Include fallback table output on scan failures
2026-03-13 22:12:54 +03:00 · 2025-06-15 13:48:58 +05:30
parent ae57b1b320
commit 6551ea719c
2 changed files with 23 additions and 4 deletions
--- a/2
+++ b/2
@@ -1,6 +1,6 @@
 # syntax=docker/dockerfile:1.4

-FROM oven/bun:1.2.14-alpine AS base
+FROM oven/bun:1.2.18-alpine AS base
 WORKDIR /app
 RUN apk add --no-cache libc6-compat python3 make g++ gcc wget sqlite openssl