diff --git a/.github/workflows/report-on-vulnerabilities.yaml b/.github/workflows/report-on-vulnerabilities.yaml index a074ca8416..2625fdd6e8 100644 --- a/.github/workflows/report-on-vulnerabilities.yaml +++ b/.github/workflows/report-on-vulnerabilities.yaml @@ -30,7 +30,7 @@ jobs: echo "releasebranch2=$releasebranch2" >> $GITHUB_OUTPUT - name: Scan for vulnerabilities in latest image - uses: aquasecurity/trivy-action@6e7b7d1fd3e4fef0c5fa8cce1229c54b2c9bd0d8 # v0.8.0 (Trivy v0.34.0) + uses: aquasecurity/trivy-action@6e7b7d1fd3e4fef0c5fa8cce1229c54b2c9bd0d8 # v0.24.0 with: image-ref: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:latest @@ -40,7 +40,7 @@ jobs: output: scan1.json - name: Scan for vulnerabilities in latest-1 image - uses: aquasecurity/trivy-action@6e7b7d1fd3e4fef0c5fa8cce1229c54b2c9bd0d8 # v0.8.0 (Trivy v0.34.0) + uses: aquasecurity/trivy-action@6e7b7d1fd3e4fef0c5fa8cce1229c54b2c9bd0d8 # v0.24.0 with: image-ref: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.get-branches.outputs.releasebranch1 }} format: json @@ -49,7 +49,7 @@ jobs: output: scan2.json - name: Scan for vulnerabilities in latest-2 image - uses: aquasecurity/trivy-action@6e7b7d1fd3e4fef0c5fa8cce1229c54b2c9bd0d8 # v0.8.0 (Trivy v0.34.0) + uses: aquasecurity/trivy-action@6e7b7d1fd3e4fef0c5fa8cce1229c54b2c9bd0d8 # v0.24.0 with: image-ref: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:${{ steps.get-branches.outputs.releasebranch2 }} format: json