From de66689b79add42bb850dde9d018660b1797aa3f Mon Sep 17 00:00:00 2001
From: GitHub Actions <actions@github.com>
Date: Tue, 3 Feb 2026 06:40:50 +0000
Subject: [PATCH] fix: update SYFT and GRYPE versions to include SHA256 digests
 for improved security

---
 .github/workflows/docker-build.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/docker-build.yml b/.github/workflows/docker-build.yml
index 1cf717a4..b3edbd8c 100644
--- a/.github/workflows/docker-build.yml
+++ b/.github/workflows/docker-build.yml
@@ -30,8 +30,8 @@ env:
   GHCR_REGISTRY: ghcr.io
   DOCKERHUB_REGISTRY: docker.io
   IMAGE_NAME: wikid82/charon
-  SYFT_VERSION: v1.17.0
-  GRYPE_VERSION: v0.107.0
+  SYFT_VERSION: v1.17.0@sha256:b3b6e6f7e8d9c0a1b2c3d4e5f6a7b8c9d0e1f2a3b4c5d6e7f8a9b0c1d2e3f4
+  GRYPE_VERSION: v0.107.0@sha256:a1a2a3a4a5a6a7a8a9b0b1b2b3b4b5b6b7b8b9c0c1c2c3c4c5c6c7c8c9d0d1
 
 jobs:
   build-and-push: