diff --git a/.github/workflows/trivy-remediation.yml b/.github/workflows/trivy-remediation.yml index 0daba0a..7dd8fcf 100644 --- a/.github/workflows/trivy-remediation.yml +++ b/.github/workflows/trivy-remediation.yml @@ -28,7 +28,7 @@ jobs: - name: Scan current image for critical CVEs id: scan - uses: aquasecurity/trivy-action@0.28.0 + uses: aquasecurity/trivy-action@0.34.2 with: image-ref: "ghcr.io/strausmann/dockhand-guardian:latest" format: "json" diff --git a/.github/workflows/trivy.yml b/.github/workflows/trivy.yml index 8327a2c..6bacd3a 100644 --- a/.github/workflows/trivy.yml +++ b/.github/workflows/trivy.yml @@ -31,7 +31,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Run Trivy vulnerability scanner - uses: aquasecurity/trivy-action@0.28.0 + uses: aquasecurity/trivy-action@0.34.2 with: image-ref: "ghcr.io/strausmann/dockhand-guardian:latest" format: "sarif" @@ -47,7 +47,7 @@ jobs: category: "trivy-latest" - name: Run Trivy for human-readable output - uses: aquasecurity/trivy-action@0.28.0 + uses: aquasecurity/trivy-action@0.34.2 with: image-ref: "ghcr.io/strausmann/dockhand-guardian:latest" format: "table" @@ -62,7 +62,7 @@ jobs: uses: actions/checkout@v4 - name: Run Trivy vulnerability scanner on Dockerfile - uses: aquasecurity/trivy-action@0.28.0 + uses: aquasecurity/trivy-action@0.34.2 with: scan-type: "config" scan-ref: "docker/Dockerfile" @@ -86,7 +86,7 @@ jobs: uses: actions/checkout@v4 - name: Run Trivy vulnerability scanner on filesystem - uses: aquasecurity/trivy-action@0.28.0 + uses: aquasecurity/trivy-action@0.34.2 with: scan-type: "fs" scan-ref: "." @@ -103,7 +103,7 @@ jobs: category: "trivy-filesystem" - name: Run Trivy for human-readable output (dependencies) - uses: aquasecurity/trivy-action@0.28.0 + uses: aquasecurity/trivy-action@0.34.2 with: scan-type: "fs" scan-ref: "."