Merge pull request #28 from chef/sandhi/fixes-for-trivy

karunesh-tech · web-flow · commit a9fa07f6d325 · 2026-03-03T18:10:56.000+05:30
Fixes in Trivy for trivy exploit
diff --git a/.github/workflows/trivy.yml b/.github/workflows/trivy.yml
@@ -43,7 +43,7 @@ jobs:
 
       # The first call to the action will invoke setup-trivy and install trivy
       - name: Generate Trivy Vulnerability Report (JSON)
-        uses: aquasecurity/trivy-action@master
+        uses: aquasecurity/trivy-action@0.34.2
         with:
           scan-type: "fs"
           output: trivy-report.json
@@ -61,7 +61,7 @@ jobs:
 
 
       - name: Generate Trivy Vulnerability Report (TABLE)
-        uses: aquasecurity/trivy-action@master
+        uses: aquasecurity/trivy-action@0.34.2
         with:
           scan-type: "fs"
           output: trivy-report.txt
@@ -96,7 +96,7 @@ jobs:
 
       - name: Fail build on High/Critical Vulnerabilities
         if: ${{ inputs.trivy-fail-on-high || inputs.trivy-fail-on-critical }}
-        uses: aquasecurity/trivy-action@master
+        uses: aquasecurity/trivy-action@0.34.2
         with:
           scan-type: "fs"
           format: table
