From b0dc902fb927938984d10c3db8cda620300445e3 Mon Sep 17 00:00:00 2001 From: Katherine Chen Date: Sun, 22 Mar 2026 16:05:58 +1100 Subject: [PATCH 1/3] Update to trivy-action@0.35.0 --- actions/vulnerability_scan/action.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/actions/vulnerability_scan/action.yaml b/actions/vulnerability_scan/action.yaml index f2ddd145..166ba046 100644 --- a/actions/vulnerability_scan/action.yaml +++ b/actions/vulnerability_scan/action.yaml @@ -79,7 +79,7 @@ runs: key: cache-trivy-${{ steps.date.outputs.date }} - name: Generate Trivy vulnerability scan report - uses: aquasecurity/trivy-action@0.34.2 + uses: aquasecurity/trivy-action@0.35.0 if: inputs.publish_vulnerabilities == 'true' with: image-ref: ${{ inputs.image_ref }} @@ -103,7 +103,7 @@ runs: - name: Local vulnerability scanner for MEDIUM,HIGH,CRITICAL for reporting if: ${{ inputs.full_report == 'true' }} - uses: aquasecurity/trivy-action@0.34.2 + uses: aquasecurity/trivy-action@0.35.0 with: image-ref: ${{ inputs.image_ref }} scan-type: ${{ inputs.scan_type }} @@ -119,7 +119,7 @@ runs: TRIVY_DEPENDENCY_TREE: true - name: Test with Trivy vulnerability scanner - uses: aquasecurity/trivy-action@0.34.2 + uses: aquasecurity/trivy-action@0.35.0 with: image-ref: ${{ inputs.image_ref }} scan-type: ${{ inputs.scan_type }} From a3c3c3598a7022da0750637490c3cf19148a9b8d Mon Sep 17 00:00:00 2001 From: Katherine Chen Date: Sun, 22 Mar 2026 16:07:51 +1100 Subject: [PATCH 2/3] Use commit hashes --- actions/vulnerability_scan/action.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/actions/vulnerability_scan/action.yaml b/actions/vulnerability_scan/action.yaml index 166ba046..c25eadbe 100644 --- a/actions/vulnerability_scan/action.yaml +++ b/actions/vulnerability_scan/action.yaml @@ -79,7 +79,7 @@ runs: key: cache-trivy-${{ steps.date.outputs.date }} - name: Generate Trivy vulnerability scan report - uses: aquasecurity/trivy-action@0.35.0 + uses: aquasecurity/aquasecurity/trivy-action@57a97c7e7821a5776cebc9bb87c984fa69cba8f1 # v0.35.0 if: inputs.publish_vulnerabilities == 'true' with: image-ref: ${{ inputs.image_ref }} @@ -103,7 +103,7 @@ runs: - name: Local vulnerability scanner for MEDIUM,HIGH,CRITICAL for reporting if: ${{ inputs.full_report == 'true' }} - uses: aquasecurity/trivy-action@0.35.0 + uses: aquasecurity/aquasecurity/trivy-action@57a97c7e7821a5776cebc9bb87c984fa69cba8f1 # v0.35.0 with: image-ref: ${{ inputs.image_ref }} scan-type: ${{ inputs.scan_type }} @@ -119,7 +119,7 @@ runs: TRIVY_DEPENDENCY_TREE: true - name: Test with Trivy vulnerability scanner - uses: aquasecurity/trivy-action@0.35.0 + uses: aquasecurity/aquasecurity/trivy-action@57a97c7e7821a5776cebc9bb87c984fa69cba8f1 # v0.35.0 with: image-ref: ${{ inputs.image_ref }} scan-type: ${{ inputs.scan_type }} From e31270b92d476ac993a99ae407af3506749aad54 Mon Sep 17 00:00:00 2001 From: Katherine Chen Date: Sun, 22 Mar 2026 16:12:17 +1100 Subject: [PATCH 3/3] Fix typo --- actions/vulnerability_scan/action.yaml | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/actions/vulnerability_scan/action.yaml b/actions/vulnerability_scan/action.yaml index c25eadbe..7d6bf23b 100644 --- a/actions/vulnerability_scan/action.yaml +++ b/actions/vulnerability_scan/action.yaml @@ -79,7 +79,7 @@ runs: key: cache-trivy-${{ steps.date.outputs.date }} - name: Generate Trivy vulnerability scan report - uses: aquasecurity/aquasecurity/trivy-action@57a97c7e7821a5776cebc9bb87c984fa69cba8f1 # v0.35.0 + uses: aquasecurity/trivy-action@57a97c7e7821a5776cebc9bb87c984fa69cba8f1 # v0.35.0 if: inputs.publish_vulnerabilities == 'true' with: image-ref: ${{ inputs.image_ref }} @@ -103,7 +103,7 @@ runs: - name: Local vulnerability scanner for MEDIUM,HIGH,CRITICAL for reporting if: ${{ inputs.full_report == 'true' }} - uses: aquasecurity/aquasecurity/trivy-action@57a97c7e7821a5776cebc9bb87c984fa69cba8f1 # v0.35.0 + uses: aquasecurity/trivy-action@57a97c7e7821a5776cebc9bb87c984fa69cba8f1 # v0.35.0 with: image-ref: ${{ inputs.image_ref }} scan-type: ${{ inputs.scan_type }} @@ -119,7 +119,7 @@ runs: TRIVY_DEPENDENCY_TREE: true - name: Test with Trivy vulnerability scanner - uses: aquasecurity/aquasecurity/trivy-action@57a97c7e7821a5776cebc9bb87c984fa69cba8f1 # v0.35.0 + uses: aquasecurity/trivy-action@57a97c7e7821a5776cebc9bb87c984fa69cba8f1 # v0.35.0 with: image-ref: ${{ inputs.image_ref }} scan-type: ${{ inputs.scan_type }}