hpi-schul-cloud · Loki-Afro · Jan 16, 2025 · Jan 15, 2025
diff --git a/.github/workflows/push.yml b/.github/workflows/push.yml
@@ -140,7 +140,7 @@ jobs:
       security-events: write
     steps:
       - name: run trivy vulnerability scanner
-        uses: aquasecurity/trivy-action@915b19bbe73b92a6cf82a1bc12b087c9a19a5fe2
+        uses: aquasecurity/trivy-action@0.29.0
         with:
           image-ref: 'ghcr.io/${{ github.repository }}:${{ needs.branch_meta.outputs.sha }}'
           format: 'sarif'
@@ -155,4 +155,4 @@ jobs:
         if: ${{ always() }}
         uses: github/codeql-action/upload-sarif@v3
         with:
-          sarif_file: 'trivy-results.sarif'
+          sarif_file: 'trivy-results.sarif'
diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
@@ -66,7 +66,7 @@ jobs:
           distribution: 'temurin'
           java-version: '21'
       - name: SonarCloud upload coverage
-        uses: SonarSource/sonarcloud-github-action@v3.0.0
+        uses: SonarSource/sonarcloud-github-action@v4.0.0
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
           SONAR_TOKEN: ${{ secrets.SONARCLOUD_TOKEN }}