From 1ca2edbb5954ad9252271d640831b2598c49ddfa Mon Sep 17 00:00:00 2001
From: Priyanka Saggu <priyankasaggu11929@gmail.com>
Date: Sun, 22 Mar 2026 18:42:48 +0100
Subject: [PATCH] security: Update trivy-action to v0.35.0

Updates aquasecurity/trivy-action from mutable references to SHA-pinned
version to address security vulnerabilities.

- Updates to v0.35.0 (57a97c7e)
- Pins to specific SHA for immutability
- Addresses issue: aquasecurity/trivy#10425

Signed-off-by: Priyanka Saggu <priyankasaggu11929@gmail.com>
---
 .github/workflows/security.yaml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/security.yaml b/.github/workflows/security.yaml
index 6ccbe9a78..99425b358 100644
--- a/.github/workflows/security.yaml
+++ b/.github/workflows/security.yaml
@@ -29,7 +29,7 @@ jobs:
           IMAGE_TAG=${HELM_IMAGE_TAG:-security-test}
           VERSION=security-test make image
       - name: Run Trivy vulnerability scanner
-        uses: aquasecurity/trivy-action@master
+        uses: aquasecurity/trivy-action@57a97c7e7821a5776cebc9bb87c984fa69cba8f1  # v0.35.0
         with:
           image-ref: 'descheduler:security-test'
           format: 'sarif'