From f2302842fffaea55b5d2f76d38ec3b61518ef865 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 11 May 2026 00:49:35 +0000
Subject: [PATCH] build(deps): bump aquasecurity/trivy-action

Bumps the actions-minor-patch group with 1 update in the / directory: [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action).


Updates `aquasecurity/trivy-action` from 0.35.0 to 0.36.0
- [Release notes](https://github.com/aquasecurity/trivy-action/releases)
- [Commits](https://github.com/aquasecurity/trivy-action/compare/v0.35.0...v0.36.0)

---
updated-dependencies:
- dependency-name: aquasecurity/trivy-action
  dependency-version: 0.36.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: actions-minor-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 .github/workflows/cd.yaml      | 2 +-
 .github/workflows/ci.yaml      | 2 +-
 .github/workflows/release.yaml | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/cd.yaml b/.github/workflows/cd.yaml
index f6ceeab..97359c3 100644
--- a/.github/workflows/cd.yaml
+++ b/.github/workflows/cd.yaml
@@ -96,7 +96,7 @@ jobs:
             "${{ matrix.context }}"
 
       - name: Scan image for vulnerabilities
-        uses: aquasecurity/trivy-action@v0.35.0
+        uses: aquasecurity/trivy-action@v0.36.0
         with:
           image-ref: ${{ steps.meta.outputs.uri }}
           format: table
diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml
index d0a0462..87e8c28 100644
--- a/.github/workflows/ci.yaml
+++ b/.github/workflows/ci.yaml
@@ -230,7 +230,7 @@ jobs:
         run: docker build -t netlix-web:ci app/services/web/
 
       - name: Trivy vulnerability scan
-        uses: aquasecurity/trivy-action@v0.35.0
+        uses: aquasecurity/trivy-action@v0.36.0
         with:
           image-ref: netlix-web:ci
           format: table
diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml
index 9cce8a1..24f8bb5 100644
--- a/.github/workflows/release.yaml
+++ b/.github/workflows/release.yaml
@@ -48,7 +48,7 @@ jobs:
           load: true
 
       - name: Scan image for vulnerabilities
-        uses: aquasecurity/trivy-action@v0.35.0
+        uses: aquasecurity/trivy-action@v0.36.0
         with:
           image-ref: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}:sha-${{ github.sha }}
           format: table