Skip to content

chore: migrate from Trivy to Grype for vulnerability scanning#448

Merged
peppescg merged 1 commit intomainfrom
chore/migrate-trivy-to-grype
Mar 26, 2026
Merged

chore: migrate from Trivy to Grype for vulnerability scanning#448
peppescg merged 1 commit intomainfrom
chore/migrate-trivy-to-grype

Conversation

@JAORMX
Copy link
Copy Markdown
Contributor

@JAORMX JAORMX commented Mar 20, 2026

Summary

  • Replace aquasecurity/trivy-action with anchore/scan-action (Grype) v7.3.2

Test plan

  • Verify Grype scan runs successfully in CI

🤖 Generated with Claude Code

@JAORMX @claude
chore: migrate from Trivy to Grype for vulnerability scanning
fdc5080 
Replace aquasecurity/trivy-action with anchore/scan-action (Grype) v7.3.2.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Copilot AI review requested due to automatic review settings March 20, 2026 08:57
@github-actions github-actions bot added the size/XS Extra small PR: < 100 lines changed label Mar 20, 2026
Copilot AI reviewed Mar 20, 2026
View reviewed changes
Copy link
Copy Markdown

Copilot AI left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Migrates the repository CI vulnerability scanning workflow from Trivy to Grype (via anchore/scan-action), updating the GitHub Actions security checks accordingly.

Changes:

  • Replaced aquasecurity/trivy-action with anchore/scan-action pinned to v7.3.2.
  • Updated scan configuration to filesystem path scanning with build-fail thresholds and fixed-only findings.

Comment thread .github/workflows/security-checks.yml
Comment thread .github/workflows/security-checks.yml
peppescg
peppescg approved these changes Mar 20, 2026
View reviewed changes
Copy link
Copy Markdown
Collaborator

@peppescg peppescg left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

🚀

@peppescg
Copy link
Copy Markdown
Collaborator

peppescg commented Mar 20, 2026

I am going to fix the vulns in a next pr

@peppescg peppescg merged commit 4ba9304 into main Mar 26, 2026
12 of 14 checks passed
@peppescg peppescg deleted the chore/migrate-trivy-to-grype branch March 26, 2026 13:55
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

Copilot code review Copilot Copilot left review comments

@peppescg peppescg peppescg approved these changes

Assignees

No one assigned

Labels

size/XS Extra small PR: < 100 lines changed

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@JAORMX @peppescg