Skip to content

Commit

Permalink
Upgrade Trivy action
Browse files Browse the repository at this point in the history 
Doc-only: true

Required-githooks: true

Signed-off-by: Tomasz Gromadzki <[email protected]>
  • Loading branch information
@grom72
grom72 committed Oct 25, 2024
1 parent fde8fc8 commit 17651f1
Showing 1 changed file with 5 additions and 1 deletion.
6 changes: 5 additions & 1 deletion .github/workflows/trivy.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,10 @@ on:
pull_request:
branches: ["master", "release/**"]

env:
# 0.28.0
TRIVY_ACTION: "aquasecurity/trivy-action@915b19bbe73b92a6cf82a1bc12b087c9a19a5fe2"

# Declare default permissions as nothing.
permissions: {}

Expand All @@ -26,7 +30,7 @@ jobs:
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1

- name: Run Trivy vulnerability scanner in filesystem mode (table format)
uses: aquasecurity/trivy-action@6e7b7d1fd3e4fef0c5fa8cce1229c54b2c9bd0d8 # 0.24.0
uses: $TRIVY_ACTION

Check warning

Code scanning / Scorecard

Pinned-Dependencies Medium

score is 1: third-party GitHubAction not pinned by hash
Click Remediation section below to solve this issue
with:
scan-type: 'fs'
scan-ref: '.'
Expand Down

0 comments on commit 17651f1

Please sign in to comment.