ci: update aquasec/trivy to 0.47.0

Automattic · Nov 10, 2023 · 2577e1e · 2577e1e
1 parent f1749c6
commit 2577e1e
Showing 1 changed file with 4 additions and 4 deletions.
diff --git a/.github/actions/build-docker-image/action.yml b/.github/actions/build-docker-image/action.yml
@@ -96,17 +96,17 @@ runs:
         echo "filename=trivy-$(basename "${{ inputs.primaryTag }}" | tr '\\/:' '-').sarif" >> "${GITHUB_OUTPUT}"
 
     - name: Security Scan
-      uses: docker://aquasec/trivy:0.46.1
+      uses: docker://aquasec/trivy:0.47.0
       with:
         args: image --format json --ignore-unfixed ${{ inputs.primaryTag }} --output trivy.json
 
     - name: Print report
-      uses: docker://aquasec/trivy:0.46.1
+      uses: docker://aquasec/trivy:0.47.0
       with:
         args: convert --format=table trivy.json
 
     - name: Generate SARIF
-      uses: docker://aquasec/trivy:0.46.1
+      uses: docker://aquasec/trivy:0.47.0
       with:
         args: convert --format=sarif --output=${{ steps.filename.outputs.filename }} trivy.json
       if: github.event_name != 'pull_request' || github.event.pull_request.head.repo.full_name == github.event.pull_request.base.repo.full_name
@@ -119,7 +119,7 @@ runs:
       continue-on-error: true
 
     - name: Prepare markdown report
-      uses: docker://aquasec/trivy:0.46.1
+      uses: docker://aquasec/trivy:0.47.0
       with:
         args: convert --format=template [email protected]/actions/build-docker-image/markdown.tpl --output=trivy.md trivy.json
       if: github.event_name == 'pull_request' && github.event.pull_request.head.repo.full_name == github.event.pull_request.base.repo.full_name