chore(nix): fix hash for updated go dependencies

chore(deps): bump aquasecurity/trivy-action from 0.34.2 to 0.35.0
Bumps [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) from 0.34.2 to 0.35.0. - [Release notes](https://github.com/aquasecurity/trivy-action/releases) - [Commits](97e0b3872f...57a97c7e78) --- updated-dependencies: - dependency-name: aquasecurity/trivy-action dependency-version: 0.35.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
2026-03-26 20:46:41 +00:00 · 2026-03-09 10:29:43 +00:00 · 2026-03-09 10:27:55 +00:00
2 changed files with 2 additions and 2 deletions
--- a/.github/workflows/cicd.yml
+++ b/.github/workflows/cicd.yml
@@ -759,7 +759,7 @@ jobs:
          cosign public-key --key env://COSIGN_PRIVATE_KEY >/dev/null

      - name: Generate SBOM (SPDX JSON) from GHCR digest
-        uses: aquasecurity/trivy-action@97e0b3872f55f89b95b2f65b3dbab56962816478 # v0.34.2
+        uses: aquasecurity/trivy-action@57a97c7e7821a5776cebc9bb87c984fa69cba8f1 # v0.35.0
        with:
          image-ref: ${{ env.GHCR_REF }}
          format: spdx-json
--- a/flake.nix
+++ b/flake.nix
@@ -35,7 +35,7 @@
            inherit version;
            src = pkgs.nix-gitignore.gitignoreSource [ ] ./.;

-            vendorHash = "sha256-kmQM8Yy5TuOiNpMpUme/2gfE+vrhUK+0AphN+p71wGs=";
+            vendorHash = "sha256-vy6Dqjek7pLdASbCrM9snq5Dt9lbwNJ0AuQboy1JWNQ=";

            nativeInstallCheckInputs = [ pkgs.versionCheckHook ];