Merge pull request #14 from carhartl/dependabot/github_actions/aquasecurity/trivy-action-0.30.0

carhartl · web-flow · commit 76b5c50c8d94 · 2025-03-14T13:03:11.000+01:00
Bump aquasecurity/trivy-action from 0.29.0 to 0.30.0
diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
@@ -38,7 +38,7 @@ jobs:
       - name: Run Trivy vulnerability scanner
         # Third-party action, pin to commit SHA!
         # See https://docs.github.com/en/actions/security-guides/security-hardening-for-github-actions
-        uses: aquasecurity/trivy-action@18f2510ee396bbf400402947b394f2dd8c87dbb0
+        uses: aquasecurity/trivy-action@6c175e9c4083a92bbca2f9724c8a5e33bc2d97a5
         with:
           scan-type: "fs"
           format: "sarif"
