Merge branch 'main' into dependabot/npm_and_yarn/jsonpath-plus-10.1.0

mia-platform · Oct 23, 2024 · ff14fb6 · ff14fb6
2 parents f4b749f + 54bd14c
commit ff14fb6
Show file tree

Hide file tree

Showing 2 changed files with 2 additions and 2 deletions.
diff --git a/.github/workflows/dependency-review.yaml b/.github/workflows/dependency-review.yaml
@@ -22,5 +22,5 @@ jobs:
     - name: Dependency Review
       uses: actions/dependency-review-action@5a2ce3f5b92ee19cbb1541a4984c76d921601d7c # v4.3.4
       with:
-        fail-on-scope: runtime,unknown
+        fail-on-scopes: runtime,unknown
         comment-summary-in-pr: on-failure
diff --git a/.github/workflows/release-docker.yml b/.github/workflows/release-docker.yml
@@ -118,7 +118,7 @@ jobs:
         for tag in ${TAGS}; do
           image="${tag}@${DIGEST}"
           cosign sign --recursive --yes --key "${COSIGN_PRIVATE_KEY}" "${image}"
-          cosign attest --recursive --yes --key "${COSIGN_PRIVATE_KEY} --predicate "crud-service-sbom.spdx.json" --type="spdxjson" "${image}"
+          cosign attest --recursive --yes --key "${COSIGN_PRIVATE_KEY}" --predicate "crud-service-sbom.spdx.json" --type="spdxjson" "${image}"
         done
       env:
         TAGS: |