build

Update aquasecurity/trivy-action digest to f78e9ec #56

	name: build

	on: [pull_request]

	permissions:
	contents: read

	jobs:
	build:

	permissions:
	contents: read # for actions/checkout to fetch code
	security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
	runs-on: ubuntu-latest
	steps:
	- uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
	- name: Set up Go
	uses: actions/setup-go@93397bea11091df50f3d7e59dc26a7711a8bcfbe # v4.1.0
	id: setup-go
	with:
	go-version-file: "go.mod"
	- name: Build
	run: go build -v ./...
	- name: Checkout And Build
	run: docker compose up -d postgres
	- name: Test
	run: go test -v ./...
	- name: Run Trivy vulnerability scanner in repo mode
	uses: aquasecurity/trivy-action@f78e9ecf42a1271402d4f484518b9313235990e1 # master
	with:
	image-ref: ''
	scan-type: 'fs'
	ignore-unfixed: true
	format: 'sarif'
	output: 'trivy-results.sarif'
	severity: 'CRITICAL'
	- name: Upload Trivy scan results to GitHub Security tab
	uses: github/codeql-action/upload-sarif@74483a38d39275f33fcff5f35b679b5ca4a26a99 # v2.22.5
	with:
	sarif_file: 'trivy-results.sarif'

Provide feedback