diff --git a/.github/workflows/test.yaml b/.github/workflows/test.yaml
index a214e59..808c5e8 100644
--- a/.github/workflows/test.yaml
+++ b/.github/workflows/test.yaml
@@ -23,6 +23,8 @@ jobs:
         with:
           push: false
           tags: 'ledger:${{ github.sha }}'
+          cache-from: type=gha
+          cache-to: type=gha,mode=max
 
       - name: Run Trivy vulnerability scanner
         uses: aquasecurity/trivy-action@master
@@ -30,6 +32,8 @@ jobs:
           image-ref: 'ledger:${{ github.sha }}'
           format: 'sarif'
           output: 'trivy-results.sarif'
+          ignore-unfixed: true
+          severity: 'CRITICAL,HIGH'
 
       - name: Upload Trivy scan results to GitHub Security tab
         uses: github/codeql-action/upload-sarif@v2