From ce6ffdac18d52ebf0fdb02fbe0918c199f3a1022 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Tue, 19 Aug 2025 16:32:26 +1000
Subject: [PATCH] chore(deps): bump the dependencies group with 3 updates
 (#10193)

Bumps the dependencies group with 3 updates: [depot/build-push-action](https://github.com/depot/build-push-action), [github/codeql-action](https://github.com/github/codeql-action) and [anchore/sbom-action](https://github.com/anchore/sbom-action).


Updates `depot/build-push-action` from 1.15.0 to 1.16.2
- [Release notes](https://github.com/depot/build-push-action/releases)
- [Commits](https://github.com/depot/build-push-action/compare/2583627a84956d07561420dcc1d0eb1f2af3fac0...9785b135c3c76c33db102e45be96a25ab55cd507)

Updates `github/codeql-action` from 3.29.8 to 3.29.10
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/76621b61decf072c1cee8dd1ce2d2a82d33c17ed...96f518a34f7a870018057716cc4d7a5c014bd61c)

Updates `anchore/sbom-action` from 0.20.4 to 0.20.5
- [Release notes](https://github.com/anchore/sbom-action/releases)
- [Changelog](https://github.com/anchore/sbom-action/blob/main/RELEASE.md)
- [Commits](https://github.com/anchore/sbom-action/compare/7b36ad622f042cab6f59a75c2ac24ccb256e9b45...da167eac915b4e86f08b264dbdbc867b61be6f0c)

---
updated-dependencies:
- dependency-name: depot/build-push-action
  dependency-version: 1.16.2
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: github/codeql-action
  dependency-version: 3.29.10
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: anchore/sbom-action
  dependency-version: 0.20.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 .github/workflows/docker.yaml    | 2 +-
 .github/workflows/qc_checks.yaml | 2 +-
 .github/workflows/release.yaml   | 2 +-
 .github/workflows/scorecard.yaml | 2 +-
 4 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/.github/workflows/docker.yaml b/.github/workflows/docker.yaml
index c5f3e073a9..64bf5f7897 100644
--- a/.github/workflows/docker.yaml
+++ b/.github/workflows/docker.yaml
@@ -175,7 +175,7 @@ jobs:
       - name: Push Docker Images
         id: push-docker
         if: github.event_name != 'pull_request'
-        uses: depot/build-push-action@2583627a84956d07561420dcc1d0eb1f2af3fac0 # pin@v1
+        uses: depot/build-push-action@9785b135c3c76c33db102e45be96a25ab55cd507 # pin@v1
         with:
           project: jczzbjkk68
           context: .
diff --git a/.github/workflows/qc_checks.yaml b/.github/workflows/qc_checks.yaml
index c0e32643fa..c996a6e2d0 100644
--- a/.github/workflows/qc_checks.yaml
+++ b/.github/workflows/qc_checks.yaml
@@ -684,7 +684,7 @@ jobs:
         env:
           GH_TOKEN: ${{ secrets.GITHUB_TOKEN }}
       - name: Upload SARIF file
-        uses: github/codeql-action/upload-sarif@76621b61decf072c1cee8dd1ce2d2a82d33c17ed # pin@v3
+        uses: github/codeql-action/upload-sarif@96f518a34f7a870018057716cc4d7a5c014bd61c # pin@v3
         with:
           sarif_file: results.sarif
           category: zizmor
diff --git a/.github/workflows/release.yaml b/.github/workflows/release.yaml
index 91b0980f1d..f4ddacb730 100644
--- a/.github/workflows/release.yaml
+++ b/.github/workflows/release.yaml
@@ -55,7 +55,7 @@ jobs:
       - name: Build frontend
         run: cd src/frontend && npm run compile && npm run build
       - name: Create SBOM for frontend
-        uses: anchore/sbom-action@7b36ad622f042cab6f59a75c2ac24ccb256e9b45 # pin@v0
+        uses: anchore/sbom-action@da167eac915b4e86f08b264dbdbc867b61be6f0c # pin@v0
         with:
           artifact-name: frontend-build.spdx
           path: src/frontend
diff --git a/.github/workflows/scorecard.yaml b/.github/workflows/scorecard.yaml
index 91a2fa3e40..3be50e69c4 100644
--- a/.github/workflows/scorecard.yaml
+++ b/.github/workflows/scorecard.yaml
@@ -67,6 +67,6 @@ jobs:
 
       # Upload the results to GitHub's code scanning dashboard.
       - name: "Upload to code-scanning"
-        uses: github/codeql-action/upload-sarif@76621b61decf072c1cee8dd1ce2d2a82d33c17ed # v3.29.8
+        uses: github/codeql-action/upload-sarif@96f518a34f7a870018057716cc4d7a5c014bd61c # v3.29.10
         with:
           sarif_file: results.sarif