Bump aquasecurity/trivy-action from 0.25.0 to 0.27.0 in /.github/workflows

[dependabot[bot]]

Bumps aquasecurity/trivy-action from 0.25.0 to 0.27.0.

Release notes

Sourced from aquasecurity/trivy-action's releases.

v0.27.0

What's Changed

• ci: use setup-trivy to install Trivy by @​DmitriyLewen in aquasecurity/trivy-action#406
• chore: update description for scanners and format inputs by @​nikpivkin in aquasecurity/trivy-action#407
• fix: set envs only when passed by @​knqyf263 in aquasecurity/trivy-action#405

Full Changelog: https://github.com/aquasecurity/trivy-action/compare/0.26.0...0.27.0

v0.26.0

What's Changed

• docs: add usage info about action/cache for trivy databases by @​DmitriyLewen in aquasecurity/trivy-action#397
• feat: store artifacts in cache by default by @​knqyf263 in aquasecurity/trivy-action#399

Full Changelog: https://github.com/aquasecurity/trivy-action/compare/0.25.0...0.26.0

Commits

• 5681af8 fix: set envs only when passed (#405)
• 8078967 chore: update description for scanners and format inputs (#407)
• 0fa0cdb ci: use setup-trivy to install Trivy (#406)
• a20de54 feat: store artifacts in cache by default (#399)
• 1b8b83d docs: add usage info about action/cache for trivy databases (#397)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)