v6.0.0

Release notes for scan-action v6.0.0

Release Notes

New in scan-action v6.0.0

Breaking Change

feat: add output-file option, default to random directory output in temp (#346) [kzantow]

The action no longer generates files in your working directory by default, instead you should use the action outputs: ${{ steps.<id>.outputs.sarif }} where the <id> needs to match the id you configured to reference the scan-action, e.g.:

      - uses: anchore/scan-action[@v6](https://github.com/v6)
        id: scan
        ...
      - uses: github/codeql-action/upload-sarif[@v3](https://github.com/v3)
        with:
          sarif_file: ${{ steps.scan.outputs.sarif }}

Other Changes

chore(deps): update Grype to v0.86.1 (#416) [anchore-actions-token-generator]
feat: add support for cyclonedx and cyclonedx-json output-formats (#396) [ps-e]
chore(deps): bump @actions/cache from 3.3.0 to 4.0.0 (#412) [dependabot]
chore(deps): update Grype to v0.86.0 (#413) [anchore-actions-token-generator]

Last modified October 10, 2025: fix reference links (1594d93)

v6.0.0

Categories:

Tags:

Release Notes

New in scan-action v6.0.0

Breaking Change

Other Changes