From 2d50396c80892eb76e6f872c0ddaff9f62062f1a Mon Sep 17 00:00:00 2001
From: Thomas Parrott <thomas.parrott@canonical.com>
Date: Tue, 10 Dec 2024 11:24:35 +0000
Subject: [PATCH] github: Use cohort="+" for trivy snap scan

So that we get the latest version when rolling out new releases.

Signed-off-by: Thomas Parrott <thomas.parrott@canonical.com>
---
 .github/workflows/security.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/security.yml b/.github/workflows/security.yml
index 051de4961b0c..62f05548c1db 100644
--- a/.github/workflows/security.yml
+++ b/.github/workflows/security.yml
@@ -95,7 +95,7 @@ jobs:
 
       - name: Download snap for scan
         run: |
-          snap download lxd --channel=${{ matrix.version }}/stable
+          snap download lxd --channel=${{ matrix.version }}/stable --cohort="+"
           unsquashfs ./lxd*.snap
 
       - name: Run Trivy vulnerability scanner