From 0a90eec3cf02fd595b4ffd1ec3058d6548abb12f Mon Sep 17 00:00:00 2001
From: Elliot Anders <elliot@greenriver.org>
Date: Tue, 29 Oct 2024 14:18:30 -0400
Subject: [PATCH] Security update and trivy port from the warehouse

---
 .github/workflows/build_images.yml | 5 ++++-
 Gemfile.lock                       | 2 +-
 2 files changed, 5 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/build_images.yml b/.github/workflows/build_images.yml
index 62621863c..df1af9a5b 100644
--- a/.github/workflows/build_images.yml
+++ b/.github/workflows/build_images.yml
@@ -169,7 +169,10 @@ jobs:
       # https://github.com/aquasecurity/trivy-action
       - name: Run vulnerability scan
         id: vuln_scan
-        uses: aquasecurity/trivy-action@0.14.0
+        uses: aquasecurity/trivy-action@0.28.0
+        env:
+          TRIVY_DB_REPOSITORY: "public.ecr.aws/aquasecurity/trivy-db:2"
+          TRIVY_JAVA_DB_REPOSITORY: "public.ecr.aws/aquasecurity/trivy-java-db:1"
         with:
           image-ref: ${{ secrets.ECR_REPOSITORY_URI }}
           format: 'table'
diff --git a/Gemfile.lock b/Gemfile.lock
index f42dde0c9..10f390618 100644
--- a/Gemfile.lock
+++ b/Gemfile.lock
@@ -590,7 +590,7 @@ GEM
     responders (3.1.1)
       actionpack (>= 5.2)
       railties (>= 5.2)
-    rexml (3.3.7)
+    rexml (3.3.9)
     roo (2.10.1)
       nokogiri (~> 1)
       rubyzip (>= 1.3.0, < 3.0.0)