release now uses reusable workflow #2398

	name: Security Scan

	on:
	push:
	branches:
	- main
	- renovate/**
	pull_request:

	jobs:
	trivy:
	name: Trivy security scan
	runs-on: ubuntu-latest
	steps:
	- name: Checkout code
	uses: actions/checkout@v3

	- name: Run Trivy vulnerability scanner in repo mode
	uses: aquasecurity/trivy-action@master
	if: contains(fromJSON('["push", "pull_request"]'), github.event_name)
	with:
	scan-type: fs
	ignore-unfixed: true
	exit-code: 1
	severity: 'HIGH,CRITICAL'
	skip-dirs: 'tools'

Provide feedback