Update aquasecurity/trivy-action action to v0.10.0 (#43)

[![Mend Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com) This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [aquasecurity/trivy-action](https://togithub.com/aquasecurity/trivy-action) | action | minor | `0.9.2` -> `0.10.0` | --- ### Release Notes <details> <summary>aquasecurity/trivy-action</summary> ### [`v0.10.0`](https://togithub.com/aquasecurity/trivy-action/releases/tag/0.10.0) [Compare Source](https://togithub.com/aquasecurity/trivy-action/compare/0.9.2...0.10.0) #### What's Changed - docs: improve SBOM documentation by [@saerosV](https://togithub.com/saerosV) in [aquasecurity/trivy-action#208 - chore: Update Trivy to 0.40.0 by [@PerfectSlayer](https://togithub.com/PerfectSlayer) in [aquasecurity/trivy-action#223 #### New Contributors - [@saerosV](https://togithub.com/saerosV) made their first contribution in [aquasecurity/trivy-action#208 - [@PerfectSlayer](https://togithub.com/PerfectSlayer) made their first contribution in [aquasecurity/trivy-action#223 **Full Changelog**: aquasecurity/trivy-action@0.9.2...0.10.0 </details> --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://www.mend.io/free-developer-tools/renovate/). View repository job log [here](https://app.renovatebot.com/dashboard#github/swissgrc/.github).  Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
swissgrc · Apr 19, 2023 · f0a5c82 · f0a5c82
1 parent 65c7dbd
commit f0a5c82
Showing 1 changed file with 2 additions and 2 deletions.
diff --git a/.github/workflows/publish-image.yml b/.github/workflows/publish-image.yml
@@ -54,7 +54,7 @@ jobs:
  # Scan Docker image (not for release builds since we will have multiple tags)
  - name: Scan Docker image
  if: github.event_name != 'release'
- uses: aquasecurity/trivy-action@1f0aa582c8c8f5f7639610d6d38baddfea4fdcee # 0.9.2
+ uses: aquasecurity/trivy-action@e5f43133f6e8736992c9f3c1b3296e24b37e17f2 # 0.10.0
  with:
  image-ref: ${{ steps.extract.outputs.imageRef }}
  format: 'sarif'
@@ -70,7 +70,7 @@ jobs:
  # Create Software Bill of Materials (SBOM) (not for release builds since we will have multiple tags)
  - name: Create Software Bill of Materials (SBOM)
  if: github.event_name == 'push'
- uses: aquasecurity/trivy-action@1f0aa582c8c8f5f7639610d6d38baddfea4fdcee # 0.9.2
+ uses: aquasecurity/trivy-action@e5f43133f6e8736992c9f3c1b3296e24b37e17f2 # 0.10.0
  with:
  image-ref: ${{ steps.extract.outputs.imageRef }}
  format: 'github'