From 4a4de9c2550bfbaa09bc06117ccc203de176a5fe Mon Sep 17 00:00:00 2001
From: "const.koutsakis@aurecongroup.com" <constantinos.koutsakis@gmail.com>
Date: Mon, 27 Apr 2026 02:46:35 +1000
Subject: [PATCH] fix: update trivy-action SHA (Teller's SHA no longer in repo)

---
 .github/workflows/security.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/security.yml b/.github/workflows/security.yml
index bebb111..5989ee5 100644
--- a/.github/workflows/security.yml
+++ b/.github/workflows/security.yml
@@ -95,7 +95,7 @@ jobs:
       - name: Run Trivy vulnerability scanner
         # Pinned to a SHA — never @master. A moving branch in a
         # supply-chain workflow defeats the point of the scan.
-        uses: aquasecurity/trivy-action@a9c7b0f06e461e9d4b4d1711f154ee024b8d7ab8  # v0.36.0
+        uses: aquasecurity/trivy-action@ed142fd0673e97e23eac54620cfb913e5ce36c25  # v0.36.0
         with:
           image-ref: harness-python-react:ci
           format: table