Skip to content

Bump Checkmarx/kics-github-action from 4063ea7186bec9fed1bf055e095a4658693f9998 to 7117906d8779ecaf5180f34c4931a774f10d7625#465

Open
dependabot[bot] wants to merge 2 commits into
mainfrom
dependabot/github_actions/Checkmarx/kics-github-action-7117906d8779ecaf5180f34c4931a774f10d7625
Open

Bump Checkmarx/kics-github-action from 4063ea7186bec9fed1bf055e095a4658693f9998 to 7117906d8779ecaf5180f34c4931a774f10d7625#465
dependabot[bot] wants to merge 2 commits into
mainfrom
dependabot/github_actions/Checkmarx/kics-github-action-7117906d8779ecaf5180f34c4931a774f10d7625

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 2, 2026

Copy link
Copy Markdown
Contributor

Bumps Checkmarx/kics-github-action from 4063ea7186bec9fed1bf055e095a4658693f9998 to 7117906d8779ecaf5180f34c4931a774f10d7625.

Commits
  • 7117906 [StepSecurity] Apply security best practices (#157)
  • adb6756 Merge pull request #156 from Checkmarx/AST-151131
  • 1246b53 security: add fully qualified name
  • 98b796e security: digest-pin Dockerfile base images
  • See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
Bump Checkmarx/kics-github-action
5aea849 
Bumps [Checkmarx/kics-github-action](https://github.com/checkmarx/kics-github-action) from 4063ea7186bec9fed1bf055e095a4658693f9998 to 7117906d8779ecaf5180f34c4931a774f10d7625.
- [Release notes](https://github.com/checkmarx/kics-github-action/releases)
- [Commits](Checkmarx/kics-github-action@4063ea7...7117906)

---
updated-dependencies:
- dependency-name: Checkmarx/kics-github-action
  dependency-version: 7117906d8779ecaf5180f34c4931a774f10d7625
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Jun 2, 2026
@dependabot dependabot Bot mentioned this pull request Jun 2, 2026
Closed
@afeefghannam89
Merge branch 'main' into dependabot/github_actions/Checkmarx/kics-git…
96b2bcf 
…hub-action-7117906d8779ecaf5180f34c4931a774f10d7625
@afeefghannam89

afeefghannam89 commented Jun 22, 2026
edited
Loading

Copy link
Copy Markdown
Member

There is a bug in dependabot when usin SHA instead of version => dependabot/dependabot-core#13466
Updating the version after the comment does not work because of this bug dependabot/dependabot-core#5951

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@afeefghannam89