[dependabot-gh-actions] Bump aquasecurity/trivy-action

Bumps [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) from 0.16.1 to 0.18.0. - [Release notes](https://github.com/aquasecurity/trivy-action/releases) - [Commits](aquasecurity/trivy-action@0.16.1...0.18.0) --- updated-dependencies: - dependency-name: aquasecurity/trivy-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
koenighotze · Mar 27, 2024 · f56a5eb · f56a5eb
1 parent a32282f
commit f56a5eb
Show file tree

Hide file tree

Showing 2 changed files with 3 additions and 3 deletions.
diff --git a/.github/workflows/build-and-deploy.yml b/.github/workflows/build-and-deploy.yml
@@ -30,7 +30,7 @@ jobs:
         with:
           args: --severity-threshold=high
       - name: Run vulnerability scanner in repo mode
-        uses: aquasecurity/trivy-action@0.16.1
+        uses: aquasecurity/trivy-action@0.18.0
         with:
           scan-type: "fs"
           ignore-unfixed: false
@@ -117,7 +117,7 @@ jobs:
       - name: Build image
         run: ./scripts/containerize.sh
       - name: Run vulnerability scanner
-        uses: aquasecurity/trivy-action@0.16.1
+        uses: aquasecurity/trivy-action@0.18.0
         with:
           image-ref: ${{ env.image-name }}
           format: "table"

diff --git a/.github/workflows/receive-pull-request.yml b/.github/workflows/receive-pull-request.yml
@@ -14,7 +14,7 @@ jobs:
         env:
           SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
       - name: Run vulnerability scanner in repo mode
-        uses: aquasecurity/trivy-action@0.16.1
+        uses: aquasecurity/trivy-action@0.18.0
         with:
           scan-type: "fs"
           ignore-unfixed: false