Commit bb0415d
fix(ci): use ghcr.io for Trivy vulnerability DB download (#363)
Trivy defaults to mirror.gcr.io for DB download, which is blocked
by harden-runner egress policy. Use ghcr.io/aquasecurity/trivy-db:2
instead, which is already in allowed-endpoints.
🖥️ IDE: [Cursor](https://cursor.sh)
🔌 Extension: [Claude Code](https://claude.ai/download)
Model-Raw: claude-opus-4-6-20250514
Co-authored-by: Claude Opus 4.6 <noreply@anthropic.com>1 parent bc82184 commit bb0415d
1 file changed
Lines changed: 2 additions & 1 deletion
| Original file line number | Diff line number | Diff line change | |
|---|---|---|---|
| |||
80 | 80 | | |
81 | 81 | | |
82 | 82 | | |
83 | | - | |
| 83 | + | |
| 84 | + | |
84 | 85 | | |
85 | 86 | | |
86 | 87 | | |
| |||
0 commit comments