Bump aquasecurity/trivy-action from 0.27.0 to 0.28.0 in the minor group

Bumps the minor group with 1 update: [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action). Updates `aquasecurity/trivy-action` from 0.27.0 to 0.28.0 - [Release notes](https://github.com/aquasecurity/trivy-action/releases) - [Commits](aquasecurity/trivy-action@5681af8...915b19b) --- updated-dependencies: - dependency-name: aquasecurity/trivy-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: minor ... Signed-off-by: dependabot[bot] <support@github.com>
ministryofjustice · Oct 21, 2024 · 35621b3 · 35621b3
1 parent d9bfdb0
commit 35621b3
Showing 1 changed file with 2 additions and 2 deletions.
diff --git a/.github/workflows/security.yml b/.github/workflows/security.yml
@@ -38,7 +38,7 @@ jobs:
           echo >> projects/${{ matrix.project }}/.trivyignore
 
       - name: Scan image
-        uses: aquasecurity/trivy-action@5681af892cd0f4997658e2bacc62bd0a894cf564 # v0.27.0
+        uses: aquasecurity/trivy-action@915b19bbe73b92a6cf82a1bc12b087c9a19a5fe2 # v0.28.0
         with:
           image-ref: 'ghcr.io/ministryofjustice/hmpps-probation-integration-services/${{ matrix.project }}:latest'
           ignore-unfixed: true
@@ -56,7 +56,7 @@ jobs:
           sarif_file: 'trivy-results.sarif'
 
       - name: Get Trivy results
-        uses: aquasecurity/trivy-action@5681af892cd0f4997658e2bacc62bd0a894cf564 # v0.27.0
+        uses: aquasecurity/trivy-action@915b19bbe73b92a6cf82a1bc12b087c9a19a5fe2 # v0.28.0
         with:
           image-ref: 'ghcr.io/ministryofjustice/hmpps-probation-integration-services/${{ matrix.project }}:latest'
           ignore-unfixed: true