Skip to content

Bump aquasecurity/trivy-action from 0.18.0 to 0.28.0 #315

Bump aquasecurity/trivy-action from 0.18.0 to 0.28.0

Bump aquasecurity/trivy-action from 0.18.0 to 0.28.0 #315

# Need a GitHub Advanced Security license to run this action on private repos.
name: Dependency Review
on:
pull_request:
types: [opened, edited, reopened, synchronize]
permissions:
contents: read
jobs:
dependency-review:
runs-on: ubuntu-latest
steps:
- name: Checkout Repository
uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
- name: Dependency Review
uses: actions/dependency-review-action@v4
with:
# Possible values: critical, high, moderate, low
fail-on-severity: critical