chore: update docker image demo workflow, update to Node 24 (#402)

Author: KLongmuirHD

.github/dependabot.yml

@@ -9,5 +9,7 @@ updates:
     directory: "/"
     schedule:
       interval: "weekly"
-    exclude-paths:
-      - "e2e/fixtures/**"
+    ignore:
+      - dependency-name: "*"
+        paths:
+          - "e2e/fixtures/**"

.github/workflows/demo-build-and-scan-docker-image.yml

@@ -19,7 +19,7 @@ jobs:
       - name: Set up Node.js
         uses: actions/setup-node@v6
         with:
-          node-version: '22'
+          node-version-file: '.nvmrc'
 
       - name: Install cdxgen
         run: npm install -g @cyclonedx/cdxgen
@@ -48,7 +48,7 @@ jobs:
       - name: Set up Node.js
         uses: actions/setup-node@v6
         with:
-          node-version: '22'
+          node-version-file: '.nvmrc'
 
       - name: Download SBOM artifact
         uses: actions/download-artifact@v6

.github/workflows/demo-scan-docker-image.yml

@@ -19,7 +19,7 @@ jobs:
       - name: Set up Node.js
         uses: actions/setup-node@v6
         with:
-          node-version: '22'
+          node-version-file: '.nvmrc'
 
       - name: Install cdxgen
         run: npm install -g @cyclonedx/cdxgen
@@ -44,7 +44,7 @@ jobs:
       - name: Set up Node.js
         uses: actions/setup-node@v6
         with:
-          node-version: '22'
+          node-version-file: '.nvmrc'
 
       - name: Download SBOM artifact
         uses: actions/download-artifact@v6

.github/workflows/demo-scan-with-image.yml

@@ -14,18 +14,17 @@ jobs:
       - name: Checkout repository
         uses: actions/checkout@v5
 
-      - name: Make workspace writable
-        run: chmod -R 777 $GITHUB_WORKSPACE
-
       - name: Run EOL Scan
         run: |
-          docker run --rm \
+          docker run --name eol-scanner \
             -v $GITHUB_WORKSPACE:/app \
             -w /app \
-            ghcr.io/herodevs/eol-scan --save
+            ghcr.io/herodevs/eol-scan --save --output /tmp/herodevs.report.json
+          docker cp eol-scanner:/tmp/herodevs.report.json ${{ runner.temp }}/herodevs.report.json
+          docker rm eol-scanner
 
       - name: Upload artifact
         uses: actions/upload-artifact@v5
         with:
           name: my-eol-report
-          path: ./herodevs.report.json
+          path: ${{ runner.temp }}/herodevs.report.json

.github/workflows/demo-scan.yaml

@@ -16,7 +16,7 @@ jobs:
 
       - uses: actions/setup-node@v6
         with:
-          node-version: '22'
+          node-version-file: '.nvmrc'
 
       - name: Run EOL Scan
         run: npx @herodevs/cli@beta scan eol --save

.nvmrc

@@ -1 +1 @@
-v22
+v24

README.md

@@ -209,6 +209,8 @@ You can use `@herodevs/cli` in your CI/CD pipelines to automate EOL scanning.
 We provide a Docker image that's pre-configured to run EOL scans. Based on [`cdxgen`](https://github.com/CycloneDX/cdxgen),
 it contains build tools for most project types and will provide best results when generating an SBOM. Use these templates to generate a report and save it to your CI job artifact for analysis and processing after your scan runs.
 
+**Note:** There is a potential to run into permission issues writing out the report to your CI runner. Please ensure that your CI runner is setup to have proper read/write permissions for wherever your output files are being written to.
+
 #### GitHub Actions
 
 ```yaml
@@ -231,16 +233,18 @@ jobs:
 
       - name: Run EOL Scan
         run: |
-          docker run --rm \
+          docker run --name eol-scanner \
             -v $GITHUB_WORKSPACE:/app \
             -w /app \
-            ghcr.io/herodevs/eol-scan --save
+            ghcr.io/herodevs/eol-scan --save --output /tmp/herodevs.report.json
+          docker cp eol-scanner:/tmp/herodevs.report.json ${{ runner.temp }}/herodevs.report.json
+          docker rm eol-scanner
 
       - name: Upload artifact
         uses: actions/upload-artifact@v5
         with:
           name: my-eol-report
-          path: ./herodevs.report.json
+          path: ${{ runner.temp }}/herodevs.report.json
 ```
 
 #### GitLab CI/CD
@@ -284,9 +288,10 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - uses: actions/checkout@v5
+
       - uses: actions/setup-node@v6
         with:
-          node-version: '22'
+          node-version: '24'
 
       - run: echo # Prepare environment, install tooling, perform setup, etc.