github/tor-guard-relay
1
1
Fork 0
mirror of https://github.com/r3bo0tbx1/tor-guard-relay.git synced 2026-04-06 00:32:04 +02:00
Code Issues Packages Projects Releases Wiki Activity

🔒 ci: Pin Trivy Action to 0.67.2

Browse Source 
- 🛠️ Updated all workflow steps to use aquasecurity/trivy-action@0.67.2
- 📦 Replaced @master to improve stability and reproducibility
This commit is contained in:
rE-Bo0t.bx1
2025-11-14 18:16:46 +08:00
parent da9aea3c2a
commit 1f82da5252
1 changed files with 6 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
.github/workflows/validate.yml vendored
View File

@@ -437,7 +437,7 @@ jobs:
run: docker load -i /tmp/tor-relay-test.tar
- name: 🔒 Trivy - Comprehensive Vulnerability Scan
uses: aquasecurity/trivy-action@latest
uses: aquasecurity/trivy-action@0.67.2
with:
image-ref: 'tor-relay:test'
format: 'sarif'
@@ -478,7 +478,7 @@ jobs:
fi
- name: 📊 Trivy - Human Readable Report (Critical & High)
uses: aquasecurity/trivy-action@latest
uses: aquasecurity/trivy-action@0.67.2
with:
image-ref: 'tor-relay:test'
format: 'table'
@@ -487,7 +487,7 @@ jobs:
ignore-unfixed: false
- name: 🔍 Trivy - Full Vulnerability List (All Severities)
uses: aquasecurity/trivy-action@latest
uses: aquasecurity/trivy-action@0.67.2
with:
image-ref: 'tor-relay:test'
format: 'json'
@@ -497,7 +497,7 @@ jobs:
continue-on-error: true
- name: 🔐 Trivy - Secret Scanning
uses: aquasecurity/trivy-action@latest
uses: aquasecurity/trivy-action@0.67.2
with:
image-ref: 'tor-relay:test'
scanners: 'secret'
@@ -505,7 +505,7 @@ jobs:
continue-on-error: true
- name: ⚙️ Trivy - Configuration Audit
uses: aquasecurity/trivy-action@latest
uses: aquasecurity/trivy-action@0.67.2
with:
image-ref: 'tor-relay:test'
scanners: 'config'
@@ -513,7 +513,7 @@ jobs:
continue-on-error: true
- name: 🗂️ Trivy - Filesystem Scan
uses: aquasecurity/trivy-action@latest
uses: aquasecurity/trivy-action@0.67.2
with:
scan-type: 'fs'
scan-ref: '.'