chore(dev): update dependency @types/node to v22.18.13 #5041

	---
	name: Container Security Scan

	on:
	pull_request:
	push:
	branches: [main]
	schedule:
	- cron: '0 0 * * 0' # Weekly on Sundays at midnight UTC

	permissions:
	contents: read

	jobs:
	scan:
	name: Container Scan
	permissions:
	security-events: write
	runs-on: ubuntu-latest
	steps:
	- name: Checkout code
	uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0

	- id: filter
	name: Filter changes
	uses: dorny/paths-filter@de90cc6fb38fc0963ad72b210f1f284cd68cea36 # v3.0.2
	with:
	filters: \|
	changes:
	- '**/Dockerfile'
	- '*/docker-compose.yml'
	- '.github/workflows/container-scan.yaml'

	- if: steps.filter.outputs.changes == 'true'
	name: Run Trivy vulnerability scanner
	uses: aquasecurity/trivy-action@b6643a29fecd7f34b3597bc6acb0a98b03d33ff8 # 0.33.1
	with:
	scan-type: fs
	scan-ref: .
	format: sarif
	output: trivy-results.sarif
	severity: 'CRITICAL,HIGH'
	ignore-unfixed: true

	- name: Upload Trivy scan results to GitHub Security tab
	uses: github/codeql-action/upload-sarif@5d5cd550d3e189c569da8f16ea8de2d821c9bf7a # v3.31.2
	if: steps.filter.outputs.changes == 'true' && always()
	with:
	sarif_file: trivy-results.sarif

Provide feedback