fix: switch trivy from aqua to github backend to avoid API rate limits

MichaelWalker-git · MichaelWalker-git · commit f17815e12fc3 · 2026-04-03T00:00:49.000-07:00
The aqua mise backend for trivy hits GitHub API 403 rate limits in CI.
The github backend downloads from GitHub releases with proper auth
token handling, avoiding the rate limit issue.
diff --git a/agent/mise.toml b/agent/mise.toml
@@ -7,7 +7,7 @@ semgrep = "latest"
 uv = "latest"
 "grype" = "0.109.0"
 osv-scanner = "latest"
-"aqua:aquasecurity/trivy" = "0.69.2"
+"github:aquasecurity/trivy" = "0.69.2"
 
 [env]
 _.python.venv = { path = ".venv", create = true }
