github/tor-guard-relay
1
1
Fork 0
mirror of https://github.com/r3bo0tbx1/tor-guard-relay.git synced 2026-04-06 00:32:04 +02:00
Code Issues Packages Projects Releases Wiki Activity

🔒 ci: Pin Trivy Action to 0.33.1

Browse Source 
🛠️ Updated all workflow steps to use aquasecurity/trivy-action@0.33.1
📦 Replaced @master to improve stability and reproducibility
This commit is contained in:
rE-Bo0t.bx1
2025-11-14 18:05:02 +08:00
parent a294d1b110
commit 05050e935c
1 changed files with 6 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
.github/workflows/validate.yml vendored
View File

@@ -437,7 +437,7 @@ jobs:
run: docker load -i /tmp/tor-relay-test.tar
- name: 🔒 Trivy - Comprehensive Vulnerability Scan
uses: aquasecurity/trivy-action@master
uses: aquasecurity/trivy-action@0.33.1
with:
image-ref: 'tor-relay:test'
format: 'sarif'
@@ -478,7 +478,7 @@ jobs:
fi
- name: 📊 Trivy - Human Readable Report (Critical & High)
uses: aquasecurity/trivy-action@master
uses: aquasecurity/trivy-action@0.33.1
with:
image-ref: 'tor-relay:test'
format: 'table'
@@ -487,7 +487,7 @@ jobs:
ignore-unfixed: false
- name: 🔍 Trivy - Full Vulnerability List (All Severities)
uses: aquasecurity/trivy-action@master
uses: aquasecurity/trivy-action@0.33.1
with:
image-ref: 'tor-relay:test'
format: 'json'
@@ -497,7 +497,7 @@ jobs:
continue-on-error: true
- name: 🔐 Trivy - Secret Scanning
uses: aquasecurity/trivy-action@master
uses: aquasecurity/trivy-action@0.33.1
with:
image-ref: 'tor-relay:test'
scanners: 'secret'
@@ -505,7 +505,7 @@ jobs:
continue-on-error: true
- name: ⚙️ Trivy - Configuration Audit
uses: aquasecurity/trivy-action@master
uses: aquasecurity/trivy-action@0.33.1
with:
image-ref: 'tor-relay:test'
scanners: 'config'
@@ -513,7 +513,7 @@ jobs:
continue-on-error: true
- name: 🗂️ Trivy - Filesystem Scan
uses: aquasecurity/trivy-action@master
uses: aquasecurity/trivy-action@0.33.1
with:
scan-type: 'fs'
scan-ref: '.'