fix: vulnerability scan w/trivy

[fredbi]

We should setup the latest go before loading trivy, otherwise an older go version installed on the runner is checked.

Also: specified a more up to date trivy version than the default used by the action.

Change type

Please select: 🆕 New feature or enhancement|🔧 Bug fix'|📃 Documentation update

Short description

Fixes

Full description

Checklist

• I have signed all my commits with my name and email (see DCO. This does not require a PGP-signed commit
• I have rebased and squashed my work, so only one commit remains
• I have added tests to cover my changes.
• I have properly enriched go doc comments in code.
• I have properly documented any breaking change.

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 100.00%. Comparing base (88b44bd) to head (8b6b52f).
⚠️ Report is 5 commits behind head on master.
✅ All tests successful. No failed tests found.

Additional details and impacted files

@@            Coverage Diff            @@
##            master       #31   +/-   ##
=========================================
  Coverage   100.00%   100.00%           
=========================================
  Files            2         2           
  Lines            4         4           
=========================================
  Hits             4         4           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[Copilot]

Pull request overview

This PR fixes an issue with the Trivy vulnerability scanner by ensuring the latest Go version is set up before running Trivy, and explicitly specifies a more recent Trivy version.

Key Changes:

• Add actions/setup-go step before the Trivy scan to ensure a current Go version is available
• Specify trivy-version: v0.68.0 to use an updated version of the Trivy CLI tool

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.