🌱 Bump aquasecurity/trivy-action to v0.35.0

[MikeSpreitzer]

Summary

• Upgrades aquasecurity/trivy-action to v0.35.0
• Pin by commit hash per repo GHA discipline: 57a97c7e7821a5776cebc9bb87c984fa69cba8f1

Related issue(s)

Related: kubestellar/infra#129

Test plan

• CI passes on this PR

---

Generated with Claude Code

[kubestellar-prow]

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by:
Once this PR has been reviewed and has the lgtm label, please assign antedotee for approval. For more information see the Code Review Process.

The full list of commands accepted by this bot can be found here.

Details

Needs approval from an approver in each of these files:

• OWNERS

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

[github-actions]

👋 Welcome to the KubeStellar community! 💖

Thanks and congrats 🎉 for opening your first PR here! We're excited to have you contributing.

Before merge, please ensure:

• ✅ DCO Sign-off — All commits signed with git commit -s (DCO)
• ✅ PR Title — Starts with an emoji: ✨ feature | 🐛 bug fix | 📖 docs | 🌱 infra/tests | ⚠️ breaking

📬 If you're using KubeStellar in your organization, please add your name to our Adopters list. 🙏 It really helps the project gain momentum and credibility — a small contribution back with a big impact.

Resources:

• 🖥️ KubeStellar Console — Try the live multi-cluster dashboard
• 📖 Console Docs — Installation, features, and architecture
• 🧩 Marketplace — Community extensions and cards
• 📚 Knowledge Base — Troubleshooting and how-tos
• 📖 Full Documentation | 🤝 Contributor Handbook | 💬 Slack

A maintainer will review your PR soon. Hope you have a great time here!

🌟 ~~~~~~~~~~ 🌟

📬 If you like KubeStellar, please ⭐ star ⭐ our repo to support it!

🙏 It really helps the project gain momentum and credibility — a small contribution back with a big impact.

[Copilot]

Pull request overview

Updates the container image vulnerability scanning workflow to use a newer, commit-pinned version of the Trivy GitHub Action for frontend/backend image scans.

Changes:

• Bump aquasecurity/trivy-action from 0.28.0 to the commit SHA for v0.35.0 (pinned by hash).
• Apply the same action version update to both frontend and backend scan steps.

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[MikeSpreitzer]

For this one we are breaking the rule of waiting at least a week for vulnerabilities to be discovered, because this is a fix for a supply chain attack and no older version is operable now.

[MikeSpreitzer]

/assign @KPRoche