Merge pull request #627 from eclipse-tractusx/dependabot/github_actions/aquasecurity/trivy-action-0.27.0

tom-rm-meyer-ISST · web-flow · commit 8f5ef5e8d635 · 2024-10-13T22:19:24.000-07:00
chore(deps): bump aquasecurity/trivy-action from 0.24.0 to 0.27.0
diff --git a/.github/workflows/trivy.yml b/.github/workflows/trivy.yml
@@ -40,7 +40,7 @@ jobs:
         uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
 
       - name: Run Trivy vulnerability scanner in repo mode
-        uses: aquasecurity/trivy-action@6e7b7d1fd3e4fef0c5fa8cce1229c54b2c9bd0d8 # v0.24.0
+        uses: aquasecurity/trivy-action@5681af892cd0f4997658e2bacc62bd0a894cf564 # v0.27.0
         with:
           image-ref: "tractusx/app-puris-frontend:latest"
           format: "sarif"
@@ -67,7 +67,7 @@ jobs:
     steps:
       # Pull image from Docker Hub and run Trivy vulnerability scanner
       - name: Run Trivy vulnerability scanner
-        uses: aquasecurity/trivy-action@6e7b7d1fd3e4fef0c5fa8cce1229c54b2c9bd0d8 # v0.24.0
+        uses: aquasecurity/trivy-action@5681af892cd0f4997658e2bacc62bd0a894cf564 # v0.27.0
         with:
           image-ref: "tractusx/app-puris-backend:latest"
           format: "sarif"
