chore: update aquasecurity/trivy-action digest to 22438a4 #330

	name: "Security Scan"

	on:
	push:
	branches: [main]
	pull_request:
	branches: [main]
	schedule:
	- cron: '34 0 * * 6'

	permissions: read-all

	jobs:
	trivy-scan:
	name: Trivy Scan
	runs-on: ubuntu-24.04
	permissions:
	security-events: write
	steps:
	- name: Checkout repository
	uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6
	- name: Run Trivy vulnerability scanner in repo mode
	uses: aquasecurity/trivy-action@83690f7d38282f3c235caa2aac0043f2b4fe6134 # master
	with:
	scan-type: 'fs'
	ignore-unfixed: true
	format: 'sarif'
	output: 'trivy-results.sarif'
	severity: 'CRITICAL,HIGH'
	skip-dirs: 'docs/content/docs,docs/build'
	- name: Upload Trivy scan results to GitHub Security tab
	uses: github/codeql-action/upload-sarif@cf1bb45a277cb3c205638b2cd5c984db1c46a412 # v4.31.7
	with:
	sarif_file: 'trivy-results.sarif'

	codeql-scan:
	name: CodeQL Scan
	runs-on: ubuntu-latest
	permissions:
	security-events: write
	steps:
	- name: Checkout repository
	uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6
	- name: Set up Go
	uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c # v6.1.0
	with:
	go-version: 1.25.0
	- name: Initialize CodeQL
	uses: github/codeql-action/init@cf1bb45a277cb3c205638b2cd5c984db1c46a412 # v4.31.7
	with:
	languages: go
	queries: security-and-quality
	- name: Perform CodeQL Analysis
	uses: github/codeql-action/analyze@cf1bb45a277cb3c205638b2cd5c984db1c46a412 # v4.31.7
	with:
	category: "/language:go"

Provide feedback