ci: scan for all CVE severity levels and remove Docker image scan

- Scan LOW,MEDIUM,HIGH,CRITICAL instead of only HIGH,CRITICAL
- Remove Docker image scan (no :latest tag exists)

Author: ausbru87

.github/workflows/security.yaml

@@ -63,34 +63,10 @@ jobs:
           scan-ref: "."
           format: "sarif"
           output: "trivy-results.sarif"
-          severity: "CRITICAL,HIGH"
+          severity: "LOW,MEDIUM,HIGH,CRITICAL"
 
       - name: Upload Trivy scan results to GitHub Security tab
         uses: github/codeql-action/upload-sarif@v3
         with:
           sarif_file: "trivy-results.sarif"
           category: "Trivy-Filesystem"
-
-  trivy-image:
-    name: Trivy Docker Image Scan
-    runs-on: ubuntu-latest
-    permissions:
-      security-events: write
-      contents: read
-    steps:
-      - name: Checkout repository
-        uses: actions/checkout@v4
-
-      - name: Run Trivy vulnerability scanner on latest image
-        uses: aquasecurity/[email protected]
-        with:
-          image-ref: "ghcr.io/coder/code-marketplace:latest"
-          format: "sarif"
-          output: "trivy-image-results.sarif"
-          severity: "CRITICAL,HIGH"
-
-      - name: Upload Trivy scan results to GitHub Security tab
-        uses: github/codeql-action/upload-sarif@v3
-        with:
-          sarif_file: "trivy-image-results.sarif"
-          category: "Trivy-Docker"