diff --git a/.github/workflows/trivy.yml b/.github/workflows/trivy.yml index 217e6a5..0483d36 100644 --- a/.github/workflows/trivy.yml +++ b/.github/workflows/trivy.yml @@ -13,12 +13,12 @@ jobs: # https://github.com/aquasecurity/trivy-action - name: Run Trivy vulnerability scanner in repo mode - uses: aquasecurity/trivy-action@0.16.1 + uses: aquasecurity/trivy-action@0.28.0 with: scan-type: "fs" format: "sarif" output: "trivy-results.sarif" - scanners: "vuln,secret,config" + scanners: "vuln,secret,misconfig" severity: "CRITICAL,HIGH" - name: Upload Trivy scan results to GitHub Security tab