Bump vite-plugin-dts from 4.3.0 to 4.4.0 (#445) #7

	name: Trivy Image Scan
	on:
	push:
	branches: ["main"]
	workflow_dispatch:
	schedule:
	- cron: "10 11 * * 0"

	permissions:
	contents: read

	jobs:
	docker:
	permissions:
	contents: read
	security-events: write
	actions: read
	runs-on: ubuntu-latest

	steps:
	- name: Checkout
	uses: actions/checkout@v4

	- name: Set up QEMU
	uses: docker/setup-qemu-action@v3

	- name: Set up Docker Buildx
	uses: docker/setup-buildx-action@v3

	- name: Build and push
	uses: docker/build-push-action@v6
	with:
	context: .
	load: true
	tags: pxweb:${{ github.sha }}

	- name: Run Trivy vulnerability scanner
	uses: aquasecurity/[email protected]
	with:
	scan-type: image
	image-ref: pxweb:${{ github.sha }}
	format: sarif
	output: trivy-results.sarif

	- name: Upload Trivy scan results to GitHub Security tab
	uses: github/codeql-action/upload-sarif@v3
	with:
	sarif_file: trivy-results.sarif

Provide feedback