chore(deps): bump aquasecurity/trivy-action from 0.12.0 to 0.13.1

Bumps [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) from 0.12.0 to 0.13.1. - [Release notes](https://github.com/aquasecurity/trivy-action/releases) - [Commits](aquasecurity/trivy-action@0.12.0...0.13.1) --- updated-dependencies: - dependency-name: aquasecurity/trivy-action dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <[email protected]>
nrkno · Nov 6, 2023 · 08ff4d6 · 08ff4d6
1 parent b7fbefe
commit 08ff4d6
Show file tree

Hide file tree

Showing 2 changed files with 5 additions and 5 deletions.
diff --git a/.github/workflows/node.yaml b/.github/workflows/node.yaml
@@ -216,7 +216,7 @@ jobs:
           echo "image=$image" >> $GITHUB_OUTPUT
       - name: Trivy scanning
         if: steps.check-build-and-push.outputs.enable == 'true' && steps.check-ghcr.outputs.enable == 'true' && steps.ghcr-tag.outputs.tags != 0
-        uses: aquasecurity/trivy-action@0.12.0
+        uses: aquasecurity/trivy-action@0.13.1
         with:
           image-ref: '${{ steps.trivy-image.outputs.image }}'
           format: 'table'
@@ -358,7 +358,7 @@ jobs:
           echo "image=$image" >> $GITHUB_OUTPUT
       - name: Trivy scanning
         if: steps.check-build-and-push.outputs.enable == 'true' && steps.check-ghcr.outputs.enable == 'true' && steps.ghcr-tag.outputs.tags != 0
-        uses: aquasecurity/trivy-action@0.12.0
+        uses: aquasecurity/trivy-action@0.13.1
         with:
           image-ref: '${{ steps.trivy-image.outputs.image }}'
           format: 'table'

diff --git a/.github/workflows/trivy.yml b/.github/workflows/trivy.yml
@@ -13,14 +13,14 @@ jobs:
         image: ["server-core", "playout-gateway", "mos-gateway"]
     steps:
       - name: Run Trivy vulnerability scanner (json)
-        uses: aquasecurity/trivy-action@0.12.0
+        uses: aquasecurity/trivy-action@0.13.1
         with:
           image-ref: ghcr.io/nrkno/sofie-core-${{ matrix.image }}:latest
           format: json
           output: '${{ matrix.image }}-trivy-scan-results.json'
 
       - name: Run Trivy vulnerability scanner (table)
-        uses: aquasecurity/trivy-action@0.12.0
+        uses: aquasecurity/trivy-action@0.13.1
         with:
           image-ref: ghcr.io/nrkno/sofie-core-${{ matrix.image }}:latest
           output: '${{ matrix.image }}-trivy-scan-results.txt'
@@ -36,7 +36,7 @@ jobs:
           echo $CODE_BLOCK >> $GITHUB_STEP_SUMMARY
 
       - name: Run Trivy in GitHub SBOM mode and submit results to Dependency Graph
-        uses: aquasecurity/trivy-action@0.12.0
+        uses: aquasecurity/trivy-action@0.13.1
         with:
           format: 'github'
           output: 'dependency-results-${{ matrix.image }}.sbom.json'