From 56ffd4cc14e4a01e99c1b2ec1f972054b827f6d7 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 10 May 2024 16:18:08 +0200 Subject: [PATCH] chore(deps): bump aquasecurity/trivy-action from 0.19.0 to 0.20.0 (#11) Bumps [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) from 0.19.0 to 0.20.0. - [Release notes](https://github.com/aquasecurity/trivy-action/releases) - [Commits](https://github.com/aquasecurity/trivy-action/compare/0.19.0...0.20.0) --- updated-dependencies: - dependency-name: aquasecurity/trivy-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> --- action.yaml | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/action.yaml b/action.yaml index 3b7dd9e..97ad716 100644 --- a/action.yaml +++ b/action.yaml @@ -44,7 +44,7 @@ runs: password: ${{ inputs.token }} - name: Run Trivy vulnerability scanner - uses: aquasecurity/trivy-action@0.19.0 + uses: aquasecurity/trivy-action@0.20.0 with: image-ref: ${{ inputs.image-ref }} format: "json" @@ -52,7 +52,7 @@ runs: github-pat: ${{ inputs.token }} - name: Convert results to sarif - uses: aquasecurity/trivy-action@0.19.0 + uses: aquasecurity/trivy-action@0.20.0 with: image-ref: results.json scan-type: "convert" @@ -73,7 +73,7 @@ runs: - name: Convert trivy results to cosign-vuln if: ${{ inputs.attest && !inputs.digest }} - uses: aquasecurity/trivy-action@0.19.0 + uses: aquasecurity/trivy-action@0.20.0 with: image-ref: results.json scan-type: "convert" @@ -95,7 +95,7 @@ runs: - name: Convert trivy results to cyclonedx if: ${{ inputs.attest && inputs.digest }} - uses: aquasecurity/trivy-action@0.19.0 + uses: aquasecurity/trivy-action@0.20.0 with: image-ref: results.json scan-type: "convert"