chore: pin osv-scanner

The `ghcr.io/google/osv-scanner:latest` docker image was updated to `v2.0.0-beta1`. This breaks the build with the error: `Failed to parse SBOM "/bom.json" with error: could not determine extractor suitable to this file` This commit pins the image tag to last working release `v1.9.2` Signed-off-by: Andrew Coleman <andrew_coleman@uk.ibm.com>
substrait-io · Jan 31, 2025 · ba64206 · ba64206
1 parent a0ef1dd
commit ba64206
Show file tree

Hide file tree

Showing 2 changed files with 2 additions and 2 deletions.
diff --git a/.github/workflows/pr.yml b/.github/workflows/pr.yml
@@ -69,7 +69,7 @@ jobs:
         with:
           name: cyclonedx-sbom
       - name: Scan
-        run: docker run --rm -v "${PWD}/${{ matrix.project }}/build/reports/bom.json:/bom.json" ghcr.io/google/osv-scanner --sbom /bom.json
+        run: docker run --rm -v "${PWD}/${{ matrix.project }}/build/reports/bom.json:/bom.json" ghcr.io/google/osv-scanner:v1.9.2 --sbom /bom.json
   java:
     name: Build and Test Java
     runs-on: ubuntu-latest

diff --git a/readme.md b/readme.md
@@ -37,7 +37,7 @@ SLF4J(W): See https://www.slf4j.org/codes.html#noProviders for further details.
 
 The [examples](./examples) folder contains examples on using Substrait with Java; please check each example for specific details of the requirements and how to run. The examples are aimed to be tested within the github workflow; depending on the setup required it might be only possible to validate compilation.
 
-- [Substrait-Spark](./examples/subtrait-spark/README.md) Using Substrait to produce and consume plans within Apache Spark
+- [Substrait-Spark](./examples/subtrait-spark/README.md) Using Substrait to produce and consume plans within Apache Spark.
 
 ## Getting Involved
 To learn more, head over [Substrait](https://substrait.io/), our parent project and join our [community](https://substrait.io/community/)