From eb358c2dea87c20f791bd4b9ba97d0fb5cba67bf Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 22 Apr 2026 15:46:50 +0000 Subject: [PATCH] Bump aquasecurity/trivy-action in /.github/workflows Bumps [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) from 0.35.0 to 0.36.0. - [Release notes](https://github.com/aquasecurity/trivy-action/releases) - [Commits](https://github.com/aquasecurity/trivy-action/compare/0.35.0...v0.36.0) --- updated-dependencies: - dependency-name: aquasecurity/trivy-action dependency-version: 0.36.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] --- .github/workflows/consul-template.yml | 2 +- .github/workflows/docker-nginx-proxy.yml | 2 +- .github/workflows/golang-terratest.yml | 4 ++-- .github/workflows/tool-box.yml | 2 +- .github/workflows/vault-agent.yml | 2 +- .github/workflows/vault.yml | 2 +- 6 files changed, 7 insertions(+), 7 deletions(-) diff --git a/.github/workflows/consul-template.yml b/.github/workflows/consul-template.yml index bf05359b..c825770f 100644 --- a/.github/workflows/consul-template.yml +++ b/.github/workflows/consul-template.yml @@ -42,7 +42,7 @@ jobs: run: make tag - name: Run trivy scan - uses: aquasecurity/trivy-action@0.35.0 + uses: aquasecurity/trivy-action@v0.36.0 with: image-ref: constantin07/consul-template:latest format: sarif diff --git a/.github/workflows/docker-nginx-proxy.yml b/.github/workflows/docker-nginx-proxy.yml index fd910333..7ddb5338 100644 --- a/.github/workflows/docker-nginx-proxy.yml +++ b/.github/workflows/docker-nginx-proxy.yml @@ -40,7 +40,7 @@ jobs: run: make tag - name: Run trivy scan - uses: aquasecurity/trivy-action@0.35.0 + uses: aquasecurity/trivy-action@v0.36.0 with: image-ref: 'docker.io/constantin07/docker-nginx-proxy:latest' scan-type: 'image' diff --git a/.github/workflows/golang-terratest.yml b/.github/workflows/golang-terratest.yml index a052510c..e78a3d7e 100644 --- a/.github/workflows/golang-terratest.yml +++ b/.github/workflows/golang-terratest.yml @@ -82,7 +82,7 @@ jobs: run: make build - name: Run trivy scan (console output) - uses: aquasecurity/trivy-action@0.35.0 + uses: aquasecurity/trivy-action@v0.36.0 with: image-ref: constantin07/golang-terratest:${{ needs.get-version.outputs.version }} ignore-unfixed: true @@ -90,7 +90,7 @@ jobs: format: table - name: Run trivy scan (report upload) - uses: aquasecurity/trivy-action@0.35.0 + uses: aquasecurity/trivy-action@v0.36.0 with: image-ref: constantin07/golang-terratest:${{ needs.get-version.outputs.version }} ignore-unfixed: true diff --git a/.github/workflows/tool-box.yml b/.github/workflows/tool-box.yml index 7514f619..6b80e2e9 100644 --- a/.github/workflows/tool-box.yml +++ b/.github/workflows/tool-box.yml @@ -76,7 +76,7 @@ jobs: run: docker buildx build --load --platform 'linux/arm64' -t ${{ env.IMAGE_NAME }}-arm64 . - name: Run trivy scan - uses: aquasecurity/trivy-action@0.35.0 + uses: aquasecurity/trivy-action@v0.36.0 with: image-ref: ${{ env.IMAGE_NAME }} format: sarif diff --git a/.github/workflows/vault-agent.yml b/.github/workflows/vault-agent.yml index 3527ea36..8fdd350a 100644 --- a/.github/workflows/vault-agent.yml +++ b/.github/workflows/vault-agent.yml @@ -84,7 +84,7 @@ jobs: -t ${{ env.REPOSITORY }}:${{ env.VAULT_VERSION }}-arm64 . - name: Run trivy scan - uses: aquasecurity/trivy-action@0.35.0 + uses: aquasecurity/trivy-action@v0.36.0 with: image-ref: ${{ env.REPOSITORY }}:${{ env.VAULT_VERSION }} format: sarif diff --git a/.github/workflows/vault.yml b/.github/workflows/vault.yml index c16b6be6..3d2b8045 100644 --- a/.github/workflows/vault.yml +++ b/.github/workflows/vault.yml @@ -84,7 +84,7 @@ jobs: -t ${{ env.REPOSITORY }}:${{ env.VAULT_VERSION }}-arm64 . - name: Run trivy scan - uses: aquasecurity/trivy-action@0.35.0 + uses: aquasecurity/trivy-action@v0.36.0 with: image-ref: ${{ env.REPOSITORY }}:${{ env.VAULT_VERSION }} format: 'sarif'