diff --git a/.github/workflows/trivy.yml b/.github/workflows/trivy.yml
index c74737a..b759b05 100644
--- a/.github/workflows/trivy.yml
+++ b/.github/workflows/trivy.yml
@@ -30,6 +30,11 @@ on:
 
 env:
   sarif_file_name: trivy-results-${{ inputs.NOTEBOOK_TYPE  }}.sarif
+  # downloading the trivy-db from its default GitHub location fails because
+  # the site experiences too many downloads.  The fix is to pull from this
+  # alternate location.
+  TRIVY_DB_REPOSITORY: public.ecr.aws/aquasecurity/trivy-db:2
+  TRIVY_JAVA_DB_REPOSITORY: public.ecr.aws/aquasecurity/trivy-java-db:1
 
 jobs:
   trivy:
diff --git a/.github/workflows/trivy_periodic_image_scan.yml b/.github/workflows/trivy_periodic_image_scan.yml
index 23ecbc8..ac82a27 100644
--- a/.github/workflows/trivy_periodic_image_scan.yml
+++ b/.github/workflows/trivy_periodic_image_scan.yml
@@ -44,7 +44,7 @@ jobs:
 
   # If scan failed, rebuild the image
   update-image:
-    if: ${{needs.trivy-matrix.outputs.trivy_conclusion == 'failure' }}
+    if: ${{!cancelled() && needs.trivy-matrix.outputs.trivy_conclusion == 'failure' }}
     needs: trivy-matrix
     runs-on: ubuntu-latest
     # tag the repo to trigger a new build
diff --git a/.yamllint.yaml b/.yamllint.yaml
new file mode 100644
index 0000000..addf0aa
--- /dev/null
+++ b/.yamllint.yaml
@@ -0,0 +1,7 @@
+extends: default
+
+rules:
+  # 80 chars should be enough, but don't fail if a line is longer
+  line-length:
+    max: 80
+    level: warning