From c1b369769b527eadbe6f8865733825ac555dc715 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Tue, 31 Oct 2023 19:27:51 +0100
Subject: [PATCH] fix(ci): bump aquasecurity/trivy-action from 0.12.0 to 0.13.1
 (#63)

Bumps [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) from 0.12.0 to 0.13.1.
- [Release notes](https://github.com/aquasecurity/trivy-action/releases)
- [Commits](https://github.com/aquasecurity/trivy-action/compare/0.12.0...0.13.1)

---
updated-dependencies:
- dependency-name: aquasecurity/trivy-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 .github/workflows/release-container.yaml | 8 ++++----
 .github/workflows/schedule-trivy.yaml    | 6 +++---
 2 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/.github/workflows/release-container.yaml b/.github/workflows/release-container.yaml
index 67a6135..7f870b9 100644
--- a/.github/workflows/release-container.yaml
+++ b/.github/workflows/release-container.yaml
@@ -124,7 +124,7 @@ jobs:
           DOCKER_CONTENT_TRUST: 1
             
       - name: Run Trivy vulnerability scanner
-        uses: aquasecurity/trivy-action@0.12.0
+        uses: aquasecurity/trivy-action@0.13.1
         with:
           image-ref: '${{ inputs.image }}:${{ steps.meta.outputs.version }}'
           format: 'json'
@@ -133,7 +133,7 @@ jobs:
           output: 'trivy.json'
 
       - name: Convert trivy results to sarif
-        uses: aquasecurity/trivy-action@0.12.0
+        uses: aquasecurity/trivy-action@0.13.1
         with:
           image-ref: trivy.json
           scan-type: 'convert'
@@ -181,7 +181,7 @@ jobs:
           TAGS: ${{ steps.meta.outputs.tags }}
 
       - name: Convert trivy results to CycloneDX
-        uses: aquasecurity/trivy-action@0.12.0
+        uses: aquasecurity/trivy-action@0.13.1
         with:
           image-ref: trivy.json
           scan-type: 'convert'
@@ -197,7 +197,7 @@ jobs:
         if: github.event_name != 'pull_request' && startsWith(github.event.ref, 'refs/tags/v')
 
       - name: Convert trivy results to cosign-vuln
-        uses: aquasecurity/trivy-action@0.12.0
+        uses: aquasecurity/trivy-action@0.13.1
         with:
           image-ref: trivy.json
           scan-type: 'convert'
diff --git a/.github/workflows/schedule-trivy.yaml b/.github/workflows/schedule-trivy.yaml
index 9b70528..c307401 100644
--- a/.github/workflows/schedule-trivy.yaml
+++ b/.github/workflows/schedule-trivy.yaml
@@ -35,7 +35,7 @@ jobs:
         uses: sigstore/cosign-installer@v3.1.2
 
       - name: Run Trivy vulnerability scanner
-        uses: aquasecurity/trivy-action@0.12.0
+        uses: aquasecurity/trivy-action@0.13.1
         with:
           image-ref: ${{ inputs.image-ref }}
           timeout: ${{ inputs.timeout }}
@@ -46,7 +46,7 @@ jobs:
           output: 'trivy.json'
 
       - name: Convert trivy results to sarif
-        uses: aquasecurity/trivy-action@0.12.0
+        uses: aquasecurity/trivy-action@0.13.1
         with:
           image-ref: trivy.json
           scan-type: 'convert'
@@ -64,7 +64,7 @@ jobs:
           sarif_file: 'trivy.sarif'
 
       - name: Convert trivy results to cosign-vuln
-        uses: aquasecurity/trivy-action@0.12.0
+        uses: aquasecurity/trivy-action@0.13.1
         with:
           image-ref: trivy.json
           scan-type: 'convert'