From d467e5cd3cc39ab3fdb5329e0feb4ec57ce99f63 Mon Sep 17 00:00:00 2001
From: Steve Breker <sbreker@artefactual.com>
Date: Fri, 12 Apr 2024 16:55:38 -0700
Subject: [PATCH] Scan requirements-dev.txt

---
 .github/workflows/generate-sbom.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/generate-sbom.yml b/.github/workflows/generate-sbom.yml
index c0eb8cceb7..1bd2b10afc 100644
--- a/.github/workflows/generate-sbom.yml
+++ b/.github/workflows/generate-sbom.yml
@@ -26,7 +26,7 @@ jobs:
             ${{ runner.os }}-trivy-
 
       - name: Generate SBOM
-        run: trivy fs --format cyclonedx --include-dev-deps --output sbom.xml .
+        run: trivy fs --format cyclonedx --file-patterns 'pip:requirements*.txt' --include-dev-deps --output sbom.xml .
         env:
           TRIVY_NO_PROGRESS: "true"