From 1ae98e535074e8aea7de5b349c2f8419fcb4f04a Mon Sep 17 00:00:00 2001
From: Sergei Maertens <sergei@maykinmedia.nl>
Date: Wed, 9 Oct 2024 13:09:12 +0200
Subject: [PATCH] :construction_worker: Try pinning security scan action

---
 .github/workflows/ci.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index 18ad782e..ae12da4c 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -166,7 +166,7 @@ jobs:
           name: docker-image
 
       - name: Scan image with Trivy
-        uses: aquasecurity/trivy-action@master
+        uses: aquasecurity/trivy-action@0.25.0
         with:
           input: /github/workspace/image.tar  # from download-artifact
           format: 'sarif'