Upgrade GitHub Actions to latest versions

[salmanmkc]

Summary

Upgrade GitHub Actions to their latest versions for improved features, bug fixes, and security updates.

Changes

Action	Old Version(s)	New Version	Release	Files
aquasecurity/trivy-action	0.32.0	0.33.1	Release	vulnerability-check.yaml
golangci/golangci-lint-action	v8	v9	Release	build-and-test.yaml

Why upgrade?

Keeping GitHub Actions up to date ensures:

• Security: Latest security patches and fixes
• Features: Access to new functionality and improvements
• Compatibility: Better support for current GitHub features
• Performance: Optimizations and efficiency improvements

Security Note

Actions that were previously pinned to commit SHAs remain pinned to SHAs (updated to the latest release SHA) to maintain the security benefits of immutable references.

Testing

These changes only affect CI/CD workflow configurations and should not impact application functionality. The workflows should be tested by running them on a branch before merging.

[CLAassistant]

All committers have signed the CLA.

[Copilot]

Pull request overview

Updates CI workflows to use newer versions of third-party GitHub Actions (Trivy scanning and golangci-lint) to keep the pipeline current with upstream improvements and fixes.

Changes:

• Bump aquasecurity/trivy-action from 0.32.0 to 0.33.1 in the vulnerability scan workflow.
• Bump golangci/golangci-lint-action from v8 to v9 in the build/test workflow.

Reviewed changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated 2 comments.

File	Description
.github/workflows/vulnerability-check.yaml	Upgrades Trivy action version used for PR scans and SARIF reporting.
.github/workflows/build-and-test.yaml	Upgrades golangci-lint action major version used in the lint job.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[thijmv]

Thank you for the PR, one comment:

[thijmv]

On the note of upgrading the actions, let's also bump this to v4.