diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml index 88111c56..0eb615b0 100644 --- a/.github/workflows/ci.yaml +++ b/.github/workflows/ci.yaml @@ -517,7 +517,7 @@ jobs: fetch-depth: 0 - name: Run Trivy vulnerability scanner in repo mode - uses: aquasecurity/trivy-action@7b7aa264d83dc58691451798b4d117d53d21edfe + uses: aquasecurity/trivy-action@0105373003c89c494a3f436bd5efc57f3ac1ca20 with: scan-type: "fs" scan-ref: "." diff --git a/.github/workflows/trivy-docker.yaml b/.github/workflows/trivy-docker.yaml index cc809c35..527b5110 100644 --- a/.github/workflows/trivy-docker.yaml +++ b/.github/workflows/trivy-docker.yaml @@ -51,7 +51,7 @@ jobs: uses: actions/checkout@v3 - name: Run Trivy vulnerability scanner in image mode - uses: aquasecurity/trivy-action@7b7aa264d83dc58691451798b4d117d53d21edfe + uses: aquasecurity/trivy-action@0105373003c89c494a3f436bd5efc57f3ac1ca20 with: image-ref: "docker.io/codercom/code-server:latest" ignore-unfixed: true