Bump org.apache.commons:commons-compress from 1.26.1 to 1.26.2 #252

	name: trivy
	permissions: read-all
	on: [ push, pull_request ]

	jobs:
	trivy:
	runs-on: ubuntu-20.04
	permissions:
	checks: write
	actions: read
	contents: read
	security-events: write
	steps:
	- name: Harden Runner
	uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4 # v2.7.1
	with:
	disable-sudo: true
	egress-policy: block
	allowed-endpoints: >
	api.github.com:443
	ghcr.io:443
	github.com:443
	pkg-containers.githubusercontent.com:443
	- uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
	- name: Run Trivy vulnerability scanner
	uses: aquasecurity/trivy-action@b2933f565dbc598b29947660e66259e3c7bc8561 # v0.20.0
	with:
	scan-type: fs
	format: sarif
	output: trivy-results.sarif
	- name: Upload Trivy scan results to GitHub Security tab
	uses: github/codeql-action/upload-sarif@ccf74c947955fd1cf117aef6a0e4e66191ef6f61 # v3.25.4
	with:
	sarif_file: trivy-results.sarif

Provide feedback