Skip to content

dependabot(github): bump github/codeql-action from 2 to 3 #179

dependabot(github): bump github/codeql-action from 2 to 3

dependabot(github): bump github/codeql-action from 2 to 3 #179

Workflow file for this run

name: Trivy
# This workflow uses actions that are not certified by GitHub.
# They are provided by a third-party and are governed by
# separate terms of service, privacy policy, and support
# documentation.
on:
pull_request:
workflow_dispatch:
jobs:
scan:
runs-on: ubuntu-latest
steps:
- name: Checkout code
uses: actions/checkout@v4
- name: Run Trivy vulnerability scanner
uses: aquasecurity/trivy-action@master
with:
scan-type: 'fs'
format: 'table'
ignore-unfixed: 'false'
vuln-type: 'os,library'
severity: 'CRITICAL,HIGH'