diff --git a/.github/workflows/python.yaml b/.github/workflows/python.yaml
index d241420..73c6ee0 100644
--- a/.github/workflows/python.yaml
+++ b/.github/workflows/python.yaml
@@ -241,7 +241,7 @@ jobs:
           fi
       # this comes as last or scan results won't be uploaded
       - name: Run Trivy vulnerability scanner (security treshold)
-        uses: aquasecurity/trivy-action@0.34.0
+        uses: aquasecurity/trivy-action@0.35.0
         with:
           scan-type: fs
           scan-ref: .
diff --git a/RELEASE_NOTES.md b/RELEASE_NOTES.md
index d21469b..8fb21d8 100644
--- a/RELEASE_NOTES.md
+++ b/RELEASE_NOTES.md
@@ -86,9 +86,11 @@
 
 ### Dependencies
 
+- Bump docker/metadata-action from 5 to 6 (PR #256 by @dependabot[bot])
 - Bump docker/build-push-action from 6 to 7 (PR #254 by @dependabot[bot])
 - Bump docker/setup-buildx-action from 3 to 4 (PR #258 by @dependabot[bot])
-- Bump docker/metadata-action from 5 to 6 (PR #256 by @dependabot[bot])
+- Bump aquasecurity/trivy-action from 0.34.0 to 0.35.0 (PR #257 by
+  @dependabot[bot])
 - Bump aquasecurity/trivy-action from 0.33.1 to 0.34.0 (PR #247 by
   @dependabot[bot])
 - Bump reproducible-containers/buildkit-cache-dance from 3.3.1 to 3.3.2 (PR #252