eclipse-tractusx · dependabot · Oct 21, 2024
diff --git a/.github/workflows/trivy-scan.yml b/.github/workflows/trivy-scan.yml
@@ -43,7 +43,7 @@
 
     steps:
       - name: Run Trivy vulnerability scanner
-        uses: aquasecurity/trivy-action@0.24.0
+        uses: aquasecurity/trivy-action@0.28.0
         with:
           image-ref: "tractusx/managed-simple-data-exchanger-frontend:latest" # Pull image from Docker Hub and run Trivy vulnerability scanner
           format: "sarif"
@@ -54,7 +54,7 @@
          limit-severities-for-sarif: true

      - name: Upload Trivy scan results to GitHub Security tab
        uses: github/codeql-action/upload-sarif@v3
        if: always()
        with:
          sarif_file: "trivy-results.sarif"