Bump platformdirs from 4.3.2 to 4.3.3 in /components/api_server #11930

	name: Trivy
	on:
	push:
	branches:
	- master
	pull_request:
	jobs:
	build:
	name: Trivy component analysis
	runs-on: ubuntu-latest
	permissions:
	security-events: write
	strategy:
	matrix:
	include:
	- component: api_server
	build_path: components
	docker_file: api_server/Dockerfile
	- component: collector
	build_path: components
	docker_file: collector/Dockerfile
	- component: database
	build_path: components/database
	docker_file: Dockerfile
	- component: frontend
	build_path: components/frontend
	docker_file: Dockerfile
	- component: notifier
	build_path: components
	docker_file: notifier/Dockerfile
	- component: proxy
	build_path: components/proxy
	docker_file: Dockerfile
	- component: renderer
	build_path: components/renderer
	docker_file: Dockerfile
	steps:
	- name: Checkout code
	uses: actions/[email protected]

	- name: Build image from Dockerfile
	run: \|
	cd ${{ matrix.build_path }}
	docker build -f ${{ matrix.docker_file }} -t docker.io/ictu/quality-time_${{ matrix.component }} .

	- name: Run Trivy vulnerability scanner
	uses: aquasecurity/trivy-action@master
	with:
	image-ref: 'docker.io/ictu/quality-time_${{ matrix.component }}'
	ignore-unfixed: true
	format: 'sarif'
	output: 'trivy-${{ matrix.component }}.sarif'

	- name: Upload Trivy scan results to GitHub Security tab
	if: ${{ github.ref == 'refs/heads/master' }}
	uses: github/codeql-action/upload-sarif@v3
	with:
	sarif_file: 'trivy-${{ matrix.component }}.sarif'

	- name: Upload artifacts
	uses: actions/upload-artifact@v4
	with:
	name: 'trivy-${{ matrix.component }}.sarif'
	path: '*.sarif'

Provide feedback