From 6667662dd0e5b5bab975505937b195965ec42911 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 2 Mar 2026 19:01:42 +0000
Subject: [PATCH] ci: bump aquasecurity/trivy-action from 0.34.0 to 0.34.2

Bumps [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) from 0.34.0 to 0.34.2.
- [Release notes](https://github.com/aquasecurity/trivy-action/releases)
- [Commits](https://github.com/aquasecurity/trivy-action/compare/0.34.0...0.34.2)

---
updated-dependencies:
- dependency-name: aquasecurity/trivy-action
  dependency-version: 0.34.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 .github/workflows/security.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/security.yml b/.github/workflows/security.yml
index 0c8b4f2..f2fb561 100644
--- a/.github/workflows/security.yml
+++ b/.github/workflows/security.yml
@@ -111,7 +111,7 @@ jobs:
           cache-to: type=gha,mode=max
 
       - name: Run Trivy vulnerability scanner
-        uses: aquasecurity/trivy-action@0.34.0
+        uses: aquasecurity/trivy-action@0.34.2
         with:
           image-ref: 'core-exchange-${{ matrix.service }}:scan'
           format: 'sarif'
@@ -128,7 +128,7 @@ jobs:
           sarif_file: 'trivy-results-${{ matrix.service }}.sarif'
 
       - name: Trivy summary
-        uses: aquasecurity/trivy-action@0.34.0
+        uses: aquasecurity/trivy-action@0.34.2
         with:
           image-ref: 'core-exchange-${{ matrix.service }}:scan'
           format: 'table'