@@ -235,7 +235,7 @@ jobs:
235235 username : ${{ github.actor }}
236236 password : ${{ secrets.GITHUB_TOKEN }}
237237 - name : Run Trivy vulnerability scanner
238- uses : aquasecurity/trivy-action@master
238+ uses : aquasecurity/trivy-action@57a97c7
239239 with :
240240 image-ref : ' ghcr.io/${{ github.repository_owner }}/zot-${{ matrix.os }}-${{ matrix.arch }}:${{ github.event.release.tag_name }}'
241241 format : ' sarif'
@@ -244,7 +244,7 @@ jobs:
244244 TRIVY_USERNAME : ${{ github.actor }}
245245 TRIVY_PASSWORD : ${{ secrets.GITHUB_TOKEN }}
246246 - name : Run Trivy vulnerability scanner (minimal)
247- uses : aquasecurity/trivy-action@master
247+ uses : aquasecurity/trivy-action@57a97c7
248248 with :
249249 image-ref : ' ghcr.io/${{ github.repository_owner }}/zot-minimal-${{ matrix.os }}-${{ matrix.arch }}:${{ github.event.release.tag_name }}'
250250 format : ' sarif'
@@ -272,7 +272,7 @@ jobs:
272272 username : ${{ github.actor }}
273273 password : ${{ secrets.GITHUB_TOKEN }}
274274 - name : Run Trivy vulnerability scanner
275- uses : aquasecurity/trivy-action@master
275+ uses : aquasecurity/trivy-action@57a97c7
276276 with :
277277 image-ref : ' ghcr.io/${{ github.repository_owner }}/zot:${{ github.event.release.tag_name }}'
278278 format : ' sarif'
@@ -281,7 +281,7 @@ jobs:
281281 TRIVY_USERNAME : ${{ github.actor }}
282282 TRIVY_PASSWORD : ${{ secrets.GITHUB_TOKEN }}
283283 - name : Run Trivy vulnerability scanner (minimal)
284- uses : aquasecurity/trivy-action@master
284+ uses : aquasecurity/trivy-action@57a97c7
285285 with :
286286 image-ref : ' ghcr.io/${{ github.repository_owner }}/zot-minimal:${{ github.event.release.tag_name }}'
287287 format : ' sarif'
0 commit comments