From e8c2dfe46f6ea8699a557f8ef3a002ad7bda64cd Mon Sep 17 00:00:00 2001
From: Matteo Mortari <matteo.mortari@gmail.com>
Date: Sun, 22 Mar 2026 20:59:25 +0100
Subject: [PATCH] Upgrade Trivy action to version 0.35.0

Updated Trivy action version to v0.35.0 for vulnerability scans.
---
 .github/workflows/security.yaml | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/security.yaml b/.github/workflows/security.yaml
index 9da83bf..193d21c 100644
--- a/.github/workflows/security.yaml
+++ b/.github/workflows/security.yaml
@@ -33,7 +33,7 @@ jobs:
           fi
 
       - name: Run Trivy vulnerability scan
-        uses: aquasecurity/trivy-action@0.28.0
+        uses: aquasecurity/trivy-action@57a97c7e7821a5776cebc9bb87c984fa69cba8f1 # v0.35.0
         with:
           scan-type: 'fs'
           scan-ref: '.'
@@ -42,7 +42,7 @@ jobs:
           severity: 'CRITICAL,HIGH,MEDIUM,LOW'
           exit-code: '0'
       - name: Check for critical and high vulnerabilities
-        uses: aquasecurity/trivy-action@0.28.0
+        uses: aquasecurity/trivy-action@57a97c7e7821a5776cebc9bb87c984fa69cba8f1 # v0.35.0
         with:
           scan-type: 'fs'
           scan-ref: '.'
@@ -111,4 +111,4 @@ jobs:
           name: bandit-sarif-results
           path: results.sarif
           retention-days: 30
-        continue-on-error: true
\ No newline at end of file
+        continue-on-error: true