Merge pull request #263 from fosrl/dependabot/github_actions/aquasecurity/trivy-action-0.35.0

chore(deps): bump aquasecurity/trivy-action from 0.34.2 to 0.35.0
2026-04-04 17:06:38 +00:00 · 2026-04-03 14:33:52 +02:00
parent 4e6e79ad21 abe6e2e400
commit 4f42560e26
1 changed files with 1 additions and 1 deletions
--- a/.github/workflows/cicd.yml
+++ b/.github/workflows/cicd.yml
@@ -759,7 +759,7 @@ jobs:
          cosign public-key --key env://COSIGN_PRIVATE_KEY >/dev/null

      - name: Generate SBOM (SPDX JSON) from GHCR digest
-        uses: aquasecurity/trivy-action@97e0b3872f55f89b95b2f65b3dbab56962816478 # v0.34.2
+        uses: aquasecurity/trivy-action@57a97c7e7821a5776cebc9bb87c984fa69cba8f1 # v0.35.0
        with:
          image-ref: ${{ env.GHCR_REF }}
          format: spdx-json