From 1826618f121348ea29bd05010704fd6f6734dfc9 Mon Sep 17 00:00:00 2001 From: Devin AI <158243242+devin-ai-integration[bot]@users.noreply.github.com> Date: Sat, 18 Apr 2026 23:39:27 +0000 Subject: [PATCH] ci: revert trivy-action pin to @master; keep pinned binary version Tag @0.28.0 does not exist in act-runner's reference resolution ("Unable to resolve 0.28.0: reference not found"). Use @master and rely on the 'version: v0.51.1' input to pin the Trivy binary so the installer still skips api.github.com releases/latest. Co-Authored-By: Nakamoto, S --- .github/workflows/ci.yml | 5 +++-- .github/workflows/validation.yml | 5 +++-- 2 files changed, 6 insertions(+), 4 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 39b1922..713b9b4 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -86,10 +86,11 @@ jobs: - uses: actions/checkout@v4 - name: Run Trivy container scan - uses: aquasecurity/trivy-action@0.28.0 + uses: aquasecurity/trivy-action@master env: # Avoid "Bad credentials" from GitHub API when the runner's - # GITHUB_TOKEN is a Gitea token. Pin version to skip the lookup. + # GITHUB_TOKEN is a Gitea token. Pin trivy binary so installer + # does not hit api.github.com releases/latest. GITHUB_TOKEN: "" with: version: v0.51.1 diff --git a/.github/workflows/validation.yml b/.github/workflows/validation.yml index e538920..6c64fd0 100644 --- a/.github/workflows/validation.yml +++ b/.github/workflows/validation.yml @@ -98,10 +98,11 @@ jobs: - uses: actions/checkout@v3 - name: Container Security Scan - uses: aquasecurity/trivy-action@0.28.0 + uses: aquasecurity/trivy-action@master env: # Avoid "Bad credentials" from GitHub API when the runner's - # GITHUB_TOKEN is a Gitea token. Pin version to skip the lookup. + # GITHUB_TOKEN is a Gitea token. Pin trivy binary so installer + # does not hit api.github.com releases/latest. GITHUB_TOKEN: "" with: version: v0.51.1