fix: correct Trivy security scan configuration

- Add explicit scan-type: 'image' parameter to Trivy action
- This fixes the 'could not parse reference: .' error
- Ensures security scan targets the built Docker image instead of filesystem

Author: michaelsstuff

.github/workflows/ci-cd.yml

@@ -233,6 +233,7 @@ jobs:
     - name: Run Trivy vulnerability scanner
       uses: aquasecurity/trivy-action@master
       with:
+        scan-type: 'image'
         image-ref: ${{ needs.docker-build-and-push.outputs.image-tag }}
         format: 'sarif'
         output: 'trivy-results.sarif'