From 00900fb3e1ea9dde33985a0e4f6afec793d5e786 Mon Sep 17 00:00:00 2001
From: Bo-Yi Wu <appleboy.tw@gmail.com>
Date: Sat, 21 Feb 2026 22:32:32 +0800
Subject: [PATCH 1/2] ci: update CI workflows and standardize Trivy config
 quotes (#4531)

- Update gin workflow to use v2.9 and add Go 1.26 to the matrix
- Upgrade Trivy action to v0.34.0 in the scan workflow
- Change all single quotes to double quotes in Trivy workflow configuration

Signed-off-by: Bo-Yi Wu <appleboy.tw@gmail.com>
---
 .github/workflows/gin.yml        |  4 ++--
 .github/workflows/trivy-scan.yml | 28 ++++++++++++++--------------
 2 files changed, 16 insertions(+), 16 deletions(-)

diff --git a/.github/workflows/gin.yml b/.github/workflows/gin.yml
index 8ece7f1d..df774eab 100644
--- a/.github/workflows/gin.yml
+++ b/.github/workflows/gin.yml
@@ -26,14 +26,14 @@ jobs:
       - name: Setup golangci-lint
         uses: golangci/golangci-lint-action@v9
         with:
-          version: v2.6
+          version: v2.9
           args: --verbose
   test:
     needs: lint
     strategy:
       matrix:
         os: [ubuntu-latest, macos-latest]
-        go: ["1.24", "1.25"]
+        go: ["1.24", "1.25", "1.26"]
         test-tags:
           [
             "",
diff --git a/.github/workflows/trivy-scan.yml b/.github/workflows/trivy-scan.yml
index ec8f55ad..57aceb76 100644
--- a/.github/workflows/trivy-scan.yml
+++ b/.github/workflows/trivy-scan.yml
@@ -9,7 +9,7 @@ on:
       - master
   schedule:
     # Run daily at 00:00 UTC
-    - cron: '0 0 * * *'
+    - cron: "0 0 * * *"
   workflow_dispatch: # Allow manual trigger
 
 permissions:
@@ -29,28 +29,28 @@ jobs:
       - name: Run Trivy vulnerability scanner (source code)
         uses: aquasecurity/trivy-action@0.34.0
         with:
-          scan-type: 'fs'
-          scan-ref: '.'
-          scanners: 'vuln,secret,misconfig'
-          format: 'sarif'
-          output: 'trivy-results.sarif'
-          severity: 'CRITICAL,HIGH,MEDIUM'
+          scan-type: "fs"
+          scan-ref: "."
+          scanners: "vuln,secret,misconfig"
+          format: "sarif"
+          output: "trivy-results.sarif"
+          severity: "CRITICAL,HIGH,MEDIUM"
           ignore-unfixed: true
 
       - name: Upload Trivy results to GitHub Security tab
         uses: github/codeql-action/upload-sarif@v4
         if: always()
         with:
-          sarif_file: 'trivy-results.sarif'
+          sarif_file: "trivy-results.sarif"
 
       - name: Run Trivy scanner (table output for logs)
         uses: aquasecurity/trivy-action@0.34.0
         if: always()
         with:
-          scan-type: 'fs'
-          scan-ref: '.'
-          scanners: 'vuln,secret,misconfig'
-          format: 'table'
-          severity: 'CRITICAL,HIGH,MEDIUM'
+          scan-type: "fs"
+          scan-ref: "."
+          scanners: "vuln,secret,misconfig"
+          format: "table"
+          severity: "CRITICAL,HIGH,MEDIUM"
           ignore-unfixed: true
-          exit-code: '1'
+          exit-code: "1"

From 0c219e7902e88b27be1736d46efb241e4482b30f Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Sat, 21 Feb 2026 22:33:30 +0800
Subject: [PATCH 2/2] chore(deps): bump aquasecurity/trivy-action in the
 actions group (#4544)

Bumps the actions group with 1 update: [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action).


Updates `aquasecurity/trivy-action` from 0.34.0 to 0.34.1
- [Release notes](https://github.com/aquasecurity/trivy-action/releases)
- [Commits](https://github.com/aquasecurity/trivy-action/compare/0.34.0...0.34.1)

---
updated-dependencies:
- dependency-name: aquasecurity/trivy-action
  dependency-version: 0.34.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: actions
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 .github/workflows/trivy-scan.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/trivy-scan.yml b/.github/workflows/trivy-scan.yml
index 57aceb76..a4c62bf4 100644
--- a/.github/workflows/trivy-scan.yml
+++ b/.github/workflows/trivy-scan.yml
@@ -27,7 +27,7 @@ jobs:
           fetch-depth: 0
 
       - name: Run Trivy vulnerability scanner (source code)
-        uses: aquasecurity/trivy-action@0.34.0
+        uses: aquasecurity/trivy-action@0.34.1
         with:
           scan-type: "fs"
           scan-ref: "."
@@ -44,7 +44,7 @@ jobs:
           sarif_file: "trivy-results.sarif"
 
       - name: Run Trivy scanner (table output for logs)
-        uses: aquasecurity/trivy-action@0.34.0
+        uses: aquasecurity/trivy-action@0.34.1
         if: always()
         with:
           scan-type: "fs"