From f487fc79eca27b7ccc9a9af76f2167439f0cc47d Mon Sep 17 00:00:00 2001
From: "renovate-pagopa[bot]"
 <164534245+renovate-pagopa[bot]@users.noreply.github.com>
Date: Fri, 29 Nov 2024 10:36:22 +0100
Subject: [PATCH] Pin dependencies (#5)

Co-authored-by: renovate-pagopa[bot] <164534245+renovate-pagopa[bot]@users.noreply.github.com>
---
 .github/workflows/security-scan.yml | 2 +-
 Dockerfile                          | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/security-scan.yml b/.github/workflows/security-scan.yml
index 239bc0d..3783154 100644
--- a/.github/workflows/security-scan.yml
+++ b/.github/workflows/security-scan.yml
@@ -37,7 +37,7 @@ jobs:
         run: docker build . --file Dockerfile --tag localbuild/testimage:latest
       - name: Run the Trivy scan action itself with GitHub Advanced Security code scanning integration enabled
         id: scan
-        uses: aquasecurity/trivy-action@0.28.0 #v0.28.0
+        uses: aquasecurity/trivy-action@915b19bbe73b92a6cf82a1bc12b087c9a19a5fe2 # 0.28.0
         with:
           trivy-config: 'config/trivy.yaml'
           image-ref: "localbuild/testimage:latest"
diff --git a/Dockerfile b/Dockerfile
index ca67189..6822b33 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,4 +1,4 @@
-# syntax=docker/dockerfile:1.4
+# syntax=docker/dockerfile:1.4@sha256:9ba7531bd80fb0a858632727cf7a112fbfd19b17e94c4e84ced81e24ef1a0dbc
 
 #
 # 🎯 Version Management