diff --git a/.github/workflows/serverless-init-vulnerability-scan.yml b/.github/workflows/serverless-init-vulnerability-scan.yml index cf9ba9190..107c4b2be 100644 --- a/.github/workflows/serverless-init-vulnerability-scan.yml +++ b/.github/workflows/serverless-init-vulnerability-scan.yml @@ -16,7 +16,7 @@ jobs: runs-on: ubuntu-22.04 steps: - name: Scan latest serverless-init image with trivy - uses: aquasecurity/trivy-action@e368e328979b113139d6f9068e03accaed98a518 # v0.34.1 + uses: aquasecurity/trivy-action@97e0b3872f55f89b95b2f65b3dbab56962816478 # v0.34.2 with: image-ref: "datadog/serverless-init:latest" ignore-unfixed: true @@ -24,7 +24,7 @@ jobs: format: table - name: Scan latest-alpine serverless-init image with trivy - uses: aquasecurity/trivy-action@e368e328979b113139d6f9068e03accaed98a518 # v0.34.1 + uses: aquasecurity/trivy-action@97e0b3872f55f89b95b2f65b3dbab56962816478 # v0.34.2 with: image-ref: "datadog/serverless-init:latest-alpine" ignore-unfixed: true diff --git a/.github/workflows/vulnerability-scan.yml b/.github/workflows/vulnerability-scan.yml index b936779bb..f8ee7ab51 100644 --- a/.github/workflows/vulnerability-scan.yml +++ b/.github/workflows/vulnerability-scan.yml @@ -17,7 +17,7 @@ jobs: runs-on: ubuntu-22.04 steps: - name: Scan latest released image with trivy - uses: aquasecurity/trivy-action@e368e328979b113139d6f9068e03accaed98a518 # v0.34.1 + uses: aquasecurity/trivy-action@97e0b3872f55f89b95b2f65b3dbab56962816478 # v0.34.2 with: image-ref: "public.ecr.aws/datadog/lambda-extension:latest" ignore-unfixed: true @@ -25,7 +25,7 @@ jobs: format: table - name: Scan latest-alpine released image with trivy - uses: aquasecurity/trivy-action@e368e328979b113139d6f9068e03accaed98a518 # v0.34.1 + uses: aquasecurity/trivy-action@97e0b3872f55f89b95b2f65b3dbab56962816478 # v0.34.2 with: image-ref: "public.ecr.aws/datadog/lambda-extension:latest-alpine" ignore-unfixed: true