build(deps): bump build.buf.gen:permifyco_permify_grpc_java from 1.79.0.1.20251103093708.d86d36fe3266 to 1.80.0.1.20251103093708.d86d36fe3266 in /sdk/java/grpc #1193

	name: Container Security Scan
	on:
	push:
	branches:
	- master
	pull_request:
	branches:
	- master
	permissions:
	contents: read

	jobs:
	container-security-scan:
	name: Scan Container for Vulnerabilities
	runs-on: ubuntu-24.04
	steps:
	- name: Harden the runner (Audit all outbound calls)
	uses: step-security/harden-runner@df199fb7be9f65074067a9eb93f12bb4c5547cf2 # v2.13.3
	with:
	egress-policy: audit

	- name: Checkout repository
	uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2

	- name: Build Docker image for scanning
	run: \|
	docker build -t ghcr.io/permify/permify:scan-${{ github.sha }} .

	- name: Run Trivy vulnerability scanner
	uses: aquasecurity/trivy-action@b6643a29fecd7f34b3597bc6acb0a98b03d33ff8 # 0.33.1
	with:
	image-ref: 'ghcr.io/permify/permify:scan-${{ github.sha }}'
	format: 'table'
	exit-code: '1'
	ignore-unfixed: true
	vuln-type: 'os,library'
	severity: 'CRITICAL,HIGH'

Provide feedback