Merge pull request #3018 from tarlepp/chore(ci)/fix-trivy-scan-action

tarlepp · web-flow · commit 33358ce27a76 · 2025-07-17T09:11:24.000+03:00
Chore(ci) - Fix faulty Trivy option
diff --git a/.github/workflows/vulnerability-scan.yml b/.github/workflows/vulnerability-scan.yml
@@ -21,8 +21,10 @@ jobs:
         run: docker build . --file Dockerfile --tag symfony-flex-backend:master
 
       - name: Scan image with Trivy
-        uses: lazy-actions/gitrivy@v3
+        uses: aquasecurity/trivy-action@0.28.0
         with:
-          token: ${{ secrets.GITHUB_TOKEN }}
-          image: symfony-flex-backend:master
-          ignore-unfixed: true
+          image-ref: symfony-flex-backend:master
+          ignore-unfixed: 'true'
+          exit-code: '1'
+          vuln-type: 'os,library'
+          severity: 'CRITICAL,HIGH'
