individual scans

anthony-nhs · anthony-nhs · commit 23f04f063116 · 2026-01-06T15:02:11.000Z
diff --git a/.github/workflows/quality-checks.yml b/.github/workflows/quality-checks.yml
@@ -173,12 +173,12 @@ jobs:
           pkg:
             include-dev-deps: true
           EOF
-      - name: Check licenses
+      - name: Check python licenses
         uses: aquasecurity/trivy-action@b6643a29fecd7f34b3597bc6acb0a98b03d33ff8
         if: ${{ steps.check_languages.outputs.uses_poetry == 'true' }}
         with:
           scan-type: "fs"
-          scan-ref: "."
+          scan-ref: "poetry.lock"
           severity: "CRITICAL,HIGH"
           scanners: "license"
           format: "table"
diff --git a/trivy.yaml b/trivy.yaml
@@ -0,0 +1,2 @@
+pkg:
+  include-dev-deps: true
