From f35fc59af9d89a52fd3ad8e774beace95e993571 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 31 Aug 2025 20:01:24 +0000 Subject: [PATCH] build(deps): bump aquasecurity/trivy-action in the github-actions group Bumps the github-actions group with 1 update: [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action). Updates `aquasecurity/trivy-action` from 0.32.0 to 0.33.0 - [Release notes](https://github.com/aquasecurity/trivy-action/releases) - [Commits](https://github.com/aquasecurity/trivy-action/compare/dc5a429b52fcf669ce959baa2c2dd26090d2a6c4...f9424c10c36e288d5fa79bd3dfd1aeb2d6eae808) --- updated-dependencies: - dependency-name: aquasecurity/trivy-action dependency-version: 0.33.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions ... Signed-off-by: dependabot[bot] --- .github/workflows/lib-publish.yaml | 2 +- .github/workflows/lib-trivy.yaml | 8 ++++---- .github/workflows/trivy-periodic.yaml | 2 +- 3 files changed, 6 insertions(+), 6 deletions(-) diff --git a/.github/workflows/lib-publish.yaml b/.github/workflows/lib-publish.yaml index e2eb8014f..1e36ca645 100644 --- a/.github/workflows/lib-publish.yaml +++ b/.github/workflows/lib-publish.yaml @@ -69,7 +69,7 @@ jobs: run: | ORG=${{ inputs.registry }} TAG=${{ inputs.image_tag }} make ${IMAGE_NAME} BUILDER=docker - name: Trivy scan for image - uses: aquasecurity/trivy-action@dc5a429b52fcf669ce959baa2c2dd26090d2a6c4 # 0.32.0 + uses: aquasecurity/trivy-action@f9424c10c36e288d5fa79bd3dfd1aeb2d6eae808 # 0.33.0 with: scan-type: image image-ref: ${{ inputs.registry }}/${{ matrix.image }}:${{ inputs.image_tag }} diff --git a/.github/workflows/lib-trivy.yaml b/.github/workflows/lib-trivy.yaml index 4b044b24c..951271d79 100644 --- a/.github/workflows/lib-trivy.yaml +++ b/.github/workflows/lib-trivy.yaml @@ -32,7 +32,7 @@ jobs: - name: Checkout uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v4 - name: Run Trivy in config mode for deployments - uses: aquasecurity/trivy-action@dc5a429b52fcf669ce959baa2c2dd26090d2a6c4 # 0.32.0 + uses: aquasecurity/trivy-action@f9424c10c36e288d5fa79bd3dfd1aeb2d6eae808 # 0.33.0 with: scan-type: config scan-ref: deployments/ @@ -50,7 +50,7 @@ jobs: - name: Checkout uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v4 - name: Run Trivy in config mode for dockerfiles - uses: aquasecurity/trivy-action@dc5a429b52fcf669ce959baa2c2dd26090d2a6c4 # 0.32.0 + uses: aquasecurity/trivy-action@f9424c10c36e288d5fa79bd3dfd1aeb2d6eae808 # 0.33.0 with: scan-type: config scan-ref: build/docker/ @@ -64,7 +64,7 @@ jobs: - name: Checkout uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v4 - name: Run Trivy in fs mode - uses: aquasecurity/trivy-action@dc5a429b52fcf669ce959baa2c2dd26090d2a6c4 # 0.32.0 + uses: aquasecurity/trivy-action@f9424c10c36e288d5fa79bd3dfd1aeb2d6eae808 # 0.33.0 with: scan-type: fs scan-ref: . @@ -81,7 +81,7 @@ jobs: - name: Checkout uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v4 - name: Run Trivy in fs mode - uses: aquasecurity/trivy-action@dc5a429b52fcf669ce959baa2c2dd26090d2a6c4 # 0.32.0 + uses: aquasecurity/trivy-action@f9424c10c36e288d5fa79bd3dfd1aeb2d6eae808 # 0.33.0 with: scan-type: fs scan-ref: . diff --git a/.github/workflows/trivy-periodic.yaml b/.github/workflows/trivy-periodic.yaml index 2035b9904..4ecc03706 100644 --- a/.github/workflows/trivy-periodic.yaml +++ b/.github/workflows/trivy-periodic.yaml @@ -22,7 +22,7 @@ jobs: - name: Run Trivy in fs mode # Don't fail in case of vulnerabilities, report them in the next step continue-on-error: true - uses: aquasecurity/trivy-action@dc5a429b52fcf669ce959baa2c2dd26090d2a6c4 # 0.32.0 + uses: aquasecurity/trivy-action@f9424c10c36e288d5fa79bd3dfd1aeb2d6eae808 # 0.33.0 with: scan-type: fs scan-ref: .