From 4c230f92ea50629de2516e1dd6a78d198503109c Mon Sep 17 00:00:00 2001
From: "Richard Kuo (Danswer)" <rkuo@onyx.app>
Date: Thu, 27 Feb 2025 15:05:03 -0800
Subject: [PATCH] trivy test

---
 .github/workflows/nightly-scan-licenses.yml | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/nightly-scan-licenses.yml b/.github/workflows/nightly-scan-licenses.yml
index c1e269c84..13cc61983 100644
--- a/.github/workflows/nightly-scan-licenses.yml
+++ b/.github/workflows/nightly-scan-licenses.yml
@@ -64,14 +64,15 @@ jobs:
         # with a huge amount of items. Work out the issues before enabling upload.       
       - name: Run Trivy vulnerability scanner in repo mode
         if: always()
-        uses: aquasecurity/trivy-action@0.28.0
+        uses: aquasecurity/trivy-action@0.29.0
         with:
           scan-type: fs
+          scan-ref: .
           scanners: license
           format: table
+          severity: HIGH,CRITICAL
 #           format: sarif
 #           output: trivy-results.sarif
-          severity: HIGH,CRITICAL
 
 #       - name: Upload Trivy scan results to GitHub Security tab
 #         uses: github/codeql-action/upload-sarif@v3