Skip to content

chore(deps): bump aquasecurity/trivy-action from 0.24.0 to 0.35.0 in /.github/workflows in the github_actions group across 1 directory#73

Merged
TaylorHo merged 1 commit intomainfrom
dependabot/github_actions/dot-github/workflows/github_actions-34786f325a
Apr 8, 2026
Merged

chore(deps): bump aquasecurity/trivy-action from 0.24.0 to 0.35.0 in /.github/workflows in the github_actions group across 1 directory#73
TaylorHo merged 1 commit intomainfrom
dependabot/github_actions/dot-github/workflows/github_actions-34786f325a

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github Mar 24, 2026
edited
Loading

Bumps the github_actions group with 1 update in the /.github/workflows directory: aquasecurity/trivy-action.

Updates aquasecurity/trivy-action from 0.24.0 to 0.35.0

Release notes

Sourced from aquasecurity/trivy-action's releases.

Release: 0.35.0

What's Changed

Full Changelog: aquasecurity/trivy-action@0.34.2...0.35.0

Release: v0.35.0

This release is a duplicate of 0.35.0 which was not compromised.

As part of our response to the recent supply chain attack, we have migrated all tags to use the v prefix (e.g., v0.35.0 instead of 0.35.0). Going forward, all new releases will use the v prefix convention.

We have intentionally kept the 0.35.0 tag intact to avoid breaking existing workflows that depend on it.

If you are currently using 0.35.0, your workflows are safe — no action is required.

Release: v0.34.0

Full Changelog: aquasecurity/trivy-action@v0.33.1...v0.34.0

Release: v0.33.1

What's Changed

Full Changelog: aquasecurity/trivy-action@v0.33.0...v0.33.1

Release: v0.33.0

What's Changed

New Contributors

Full Changelog: aquasecurity/trivy-action@v0.32.0...v0.33.0

Release: v0.32.0

What's Changed

Full Changelog: aquasecurity/trivy-action@v0.31.0...v0.32.0

Release: v0.31.0

What's Changed

... (truncated)

Commits

@dependabot dependabot Bot added dependencies Dependencies and packages updates github_actions Pull requests that update GitHub Actions code labels Mar 24, 2026
@dependabot dependabot Bot requested a review from TaylorHo as a code owner March 24, 2026 17:56
@vercel
Copy link
Copy Markdown

vercel Bot commented Mar 24, 2026
edited
Loading

The latest updates on your projects. Learn more about Vercel for GitHub.

Project Deployment Actions Updated (UTC)
avalia Ready Ready Preview, Comment Apr 8, 2026 8:52pm

@TaylorHo
Copy link
Copy Markdown
Owner

TaylorHo commented Apr 8, 2026

@dependabot rebase

@dependabot
chore(deps): bump aquasecurity/trivy-action
bea6dd2 
Bumps the github_actions group with 1 update in the /.github/workflows directory: [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action).


Updates `aquasecurity/trivy-action` from 0.24.0 to 0.35.0
- [Release notes](https://github.com/aquasecurity/trivy-action/releases)
- [Commits](aquasecurity/trivy-action@0.24.0...0.35.0)

---
updated-dependencies:
- dependency-name: aquasecurity/trivy-action
  dependency-version: 0.35.0
  dependency-type: direct:production
  dependency-group: github_actions
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/github_actions/dot-github/workflows/github_actions-34786f325a branch from 74cb6e7 to bea6dd2 Compare April 8, 2026 20:50
@TaylorHo TaylorHo merged commit 0921ce8 into main Apr 8, 2026
3 of 4 checks passed
@dependabot dependabot Bot deleted the dependabot/github_actions/dot-github/workflows/github_actions-34786f325a branch April 8, 2026 20:52
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@TaylorHo TaylorHo TaylorHo approved these changes

Assignees

No one assigned

Labels

dependencies Dependencies and packages updates github_actions Pull requests that update GitHub Actions code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@TaylorHo