chore(deps): bump aquasecurity/trivy-action from 0.27.0 to 0.28.0

Bumps [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) from 0.27.0 to 0.28.0. - [Release notes](https://github.com/aquasecurity/trivy-action/releases) - [Commits](aquasecurity/trivy-action@5681af8...915b19b) --- updated-dependencies: - dependency-name: aquasecurity/trivy-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>
digitalservicebund · Oct 17, 2024 · 659b79c · 659b79c
1 parent 4e3bb50
commit 659b79c
Show file tree

Hide file tree

Showing 3 changed files with 4 additions and 4 deletions.
diff --git a/.github/workflows/pipeline.yml b/.github/workflows/pipeline.yml
@@ -149,7 +149,7 @@ jobs:
         uses: digitalservicebund/github-actions-linter@3b941278d52936497add0afdebbf5c6e6ee8bd5d # v0.1.13
 
       - name: Run Trivy vulnerability scanner
-        uses: aquasecurity/trivy-action@5681af892cd0f4997658e2bacc62bd0a894cf564 # v0.27.0
+        uses: aquasecurity/trivy-action@915b19bbe73b92a6cf82a1bc12b087c9a19a5fe2 # v0.28.0
         env:
           TRIVY_USERNAME: ${{ github.actor }}
           TRIVY_PASSWORD: ${{ secrets.GITHUB_TOKEN }}

diff --git a/.github/workflows/scan.yml b/.github/workflows/scan.yml
@@ -18,7 +18,7 @@ jobs:
       - name: validate github workflow files to have pinned versions
         uses: digitalservicebund/github-actions-linter@3b941278d52936497add0afdebbf5c6e6ee8bd5d # v0.1.13
       - name: Run Trivy vulnerability scanner
-        uses: aquasecurity/trivy-action@5681af892cd0f4997658e2bacc62bd0a894cf564 # v0.27.0
+        uses: aquasecurity/trivy-action@915b19bbe73b92a6cf82a1bc12b087c9a19a5fe2 # v0.28.0
         env:
           TRIVY_USERNAME: ${{ github.actor }}
           TRIVY_PASSWORD: ${{ secrets.GITHUB_TOKEN }}

diff --git a/.talismanrc b/.talismanrc
@@ -4,9 +4,9 @@ fileignoreconfig:
   - filename: .github/workflows/secrets-check.yml
     checksum: 20e55c98a60e39438b1843b02f289c5d729a781e95bdebf025d6e8768a1768d4
   - filename: .github/workflows/scan.yml
-    checksum: 6a1ebee1f0e3bae211bc71b6595c1f5da85b49bc34427f90600402a82d6f96ca
+    checksum: 21bd9a0219274fae64dab5a98c5bca2dba6333fd21f43f10ee5528deefe9e51e
   - filename: .github/workflows/pipeline.yml
-    checksum: 10eb99e6f0c44fa6edef972aad70647252bf513507913d31410517031e9ebeb5
+    checksum: 4c8315bd2e790d50989310faa9a8ff36e776f54751bc862d37555fd81f739c7a
 scopeconfig:
   - scope: node
 allowed_patterns: