From b1d3a224aca97740fad4ad426777a85e2d27f4ff Mon Sep 17 00:00:00 2001
From: Aaron Steinfeld <aaron@traceable.ai>
Date: Fri, 29 Aug 2025 13:45:05 -0400
Subject: [PATCH] ci: fix sha

---
 trivy-fs-scan/action.yaml   | 2 +-
 trivy-image-scan/action.yml | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/trivy-fs-scan/action.yaml b/trivy-fs-scan/action.yaml
index fb4c7f1..13692b8 100644
--- a/trivy-fs-scan/action.yaml
+++ b/trivy-fs-scan/action.yaml
@@ -73,7 +73,7 @@ runs:
         touch .trivyignore
 
     - name: Run Trivy vulnerability scanner
-      uses: aquasecurity/trivy-action@9ea583eb67910444b1f64abf338bd2e105a0a93d
+      uses: aquasecurity/trivy-action@dc5a429b52fcf669ce959baa2c2dd26090d2a6c4
       with:
         scan-type: 'fs'
         scan-ref: ${{ inputs.scan-ref }}
diff --git a/trivy-image-scan/action.yml b/trivy-image-scan/action.yml
index 9c8563b..c511de2 100644
--- a/trivy-image-scan/action.yml
+++ b/trivy-image-scan/action.yml
@@ -86,7 +86,7 @@ runs:
         cat $GITHUB_ACTION_PATH/.trivyignore >> .trivyignore
 
     - name: Run Trivy vulnerability scanner
-      uses: aquasecurity/trivy-action@9ea583eb67910444b1f64abf338bd2e105a0a93d
+      uses: aquasecurity/trivy-action@dc5a429b52fcf669ce959baa2c2dd26090d2a6c4
       with:
         trivyignores: ${{ inputs.trivyignores }}
         image-ref: ${{ inputs.image }}:${{ steps.tag.outputs.TRIVY_IMAGE_TAG }}
@@ -104,7 +104,7 @@ runs:
 
     - name: Rerun Trivy vulnerability scanner with logging
       if: failure() && inputs.output-mode != 'log'
-      uses: aquasecurity/trivy-action@9ea583eb67910444b1f64abf338bd2e105a0a93d
+      uses: aquasecurity/trivy-action@dc5a429b52fcf669ce959baa2c2dd26090d2a6c4
       with:
         trivyignores: ${{ inputs.trivyignores }}
         image-ref: ${{ inputs.image }}:${{ steps.tag.outputs.TRIVY_IMAGE_TAG }}