Skip to content

Commit a0a6914

Browse files
committed
fix(ci): use v-prefixed trivy-action tag
aquasecurity/trivy-action migrated to v-prefixed tags starting with v0.35.0. The tag 0.36.0 does not exist; use v0.36.0 instead.
1 parent 05de36a commit a0a6914

1 file changed

Lines changed: 2 additions & 2 deletions

File tree

.github/workflows/security-scan.yaml

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -61,7 +61,7 @@ jobs:
6161
# Human-readable output in logs
6262
# This NEVER fails the job; it's only for visibility
6363
- name: Display vulnerabilities (table format)
64-
uses: aquasecurity/trivy-action@0.36.0
64+
uses: aquasecurity/trivy-action@v0.36.0
6565
with:
6666
image-ref: ${{ steps.image-source.outputs.image }}
6767
format: "table"
@@ -75,7 +75,7 @@ jobs:
7575
# - Trivy sometimes exits with 1 even when no vulns exist
7676
# - GitHub Security UI is responsible for enforcement
7777
- name: Generate SARIF (Code Scanning)
78-
uses: aquasecurity/trivy-action@0.36.0
78+
uses: aquasecurity/trivy-action@v0.36.0
7979
with:
8080
image-ref: ${{ steps.image-source.outputs.image }}
8181
format: "sarif"

0 commit comments

Comments
 (0)