Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
## Description Chainguard stopped publishing versioned images outside of `latest` last fall and so dependabot never picked up a newer version. This led to a stale Pepr Controller image that had vulnerabilities from not being maintained. This step in CI will fail if there are high vulnerabilities in the `pepr:dev` image which is the candidate image for release. If there are vulnerabilities it will trigger our team to research why the vulnerabilities are there, ie checking to ensure we have the latest and correct images. CC: Thanks @eddiezane @jeff-mccoy for pointing it out ## Related Issue Fixes # <!-- or --> Relates to #716 ## Type of change - [ ] Bug fix (non-breaking change which fixes an issue) - [ ] New feature (non-breaking change which adds functionality) - [x] Other (security config, docs update, etc) ## Checklist before merging - [x] Test, docs, adr added or updated as needed - [x] [Contributor Guide Steps](https://docs.pepr.dev/main/contribute/contributor-guide/#submitting-a-pull-request) followed --------- Signed-off-by: Case Wylie <cmwylie19@defenseunicorns.com>
- Loading branch information