Merge pull request #97 from stacklok/bump_trivy

Bump trivy version in remediation
mindersec · Apr 16, 2024 · d436179 · d436179
2 parents 1ed1087 + 4541e52
commit d436179
Showing 1 changed file with 2 additions and 2 deletions.
diff --git a/rule-types/github/trivy_action_enabled.yaml b/rule-types/github/trivy_action_enabled.yaml
@@ -19,7 +19,7 @@ guidance: |
 
   ```yaml
   - name: Trivy Scan
-    uses: aquasecurity/trivy-action@fbd16365eb88e12433951383f5e99bd901fc618f  # v0.12.0
+    uses: aquasecurity/trivy-action@d710430a6722f083d3b36b8339ff66b32f22ee55 # v0.19.0
     with:
       image-ref: ${{ github.repository }}
       format: json
@@ -99,7 +99,7 @@ def:
                   - name: Checkout
                     uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4
                   - name: Security Scan
-                    uses: aquasecurity/trivy-action@d43c1f16c00cfd3978dde6c07f4bbcf9eb6993ca # 0.16.1
+                    uses: aquasecurity/trivy-action@d710430a6722f083d3b36b8339ff66b32f22ee55 # v0.19.0
                     with:
                       scan-type: 'fs'
                       scanners: vuln,secret