Merge pull request #702 from open-amt-cloud-toolkit/dependabot/github…

…_actions/aquasecurity/trivy-action-0.29.0 build(deps): bump aquasecurity/trivy-action from 0.28.0 to 0.29.0
device-management-toolkit · Nov 20, 2024 · e1c3599 · e1c3599
2 parents 9cd1d99 + 649f7ff
commit e1c3599
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/.github/workflows/trivy-scan.yml b/.github/workflows/trivy-scan.yml
@@ -25,7 +25,7 @@ jobs:
 
         run: docker build . --file Dockerfile --tag vprodemo.azurecr.io/rpc-go:${{ github.sha }} --tag vprodemo.azurecr.io/rpc-go:latest
       - name: Run Trivy vulnerability scanner
-        uses: aquasecurity/trivy-action@915b19bbe73b92a6cf82a1bc12b087c9a19a5fe2 # master
+        uses: aquasecurity/trivy-action@18f2510ee396bbf400402947b394f2dd8c87dbb0 # master
         with:
           image-ref: 'vprodemo.azurecr.io/rpc-go:${{ github.sha }}'
           format: 'sarif'