From 2fc07d85e26ec6705501edbde6abc85e1ce9e5fb Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Tue, 7 Nov 2023 18:39:06 -0700 Subject: [PATCH] build(deps): bump aquasecurity/trivy-action from 0.13.1 to 0.14.0 (#1163) Bumps [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) from 0.13.1 to 0.14.0. - [Release notes](https://github.com/aquasecurity/trivy-action/releases) - [Commits](https://github.com/aquasecurity/trivy-action/compare/f78e9ecf42a1271402d4f484518b9313235990e1...2b6a709cf9c4025c5438138008beaddbb02086f0) --- updated-dependencies: - dependency-name: aquasecurity/trivy-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Walt --- .github/workflows/trivy-scan.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/trivy-scan.yml b/.github/workflows/trivy-scan.yml index 4a2bcfa61..e135cb229 100644 --- a/.github/workflows/trivy-scan.yml +++ b/.github/workflows/trivy-scan.yml @@ -24,7 +24,7 @@ jobs: run: docker build . --file Dockerfile --tag vprodemo.azurecr.io/mps:${{ github.sha }} --tag vprodemo.azurecr.io/mps:latest - name: Run Trivy vulnerability scanner - uses: aquasecurity/trivy-action@f78e9ecf42a1271402d4f484518b9313235990e1 # master + uses: aquasecurity/trivy-action@2b6a709cf9c4025c5438138008beaddbb02086f0 # master with: image-ref: 'vprodemo.azurecr.io/mps:${{ github.sha }}' format: 'table'