Closed
Description
The output from grype has change in a slightly incompatible way between 0.7.0 and 0.16.0, so after some discussion, it makes sense to release a scan-action@v3 with this update and remove references from the documentation to the vulnerabilities.json as well as the grype-version, since changes in grype output could at any point break this action. Additionally, make sure the SARIF output is as correct as possible, as it's a standard and the only thing Github supports.
- fix SARIF url output
- fix SARIF fix version
- remove references to
vulnerabilities.json - remove
grype-version - fix release-drafter
- update to grype 0.17.0
- actually release v3