chore(deps): bump the dependencies group with 3 updates (#10193)

mirror of https://github.com/inventree/InvenTree.git synced 2025-09-13 14:11:37 +00:00

Bumps the dependencies group with 3 updates: [depot/build-push-action](https://github.com/depot/build-push-action), [github/codeql-action](https://github.com/github/codeql-action) and [anchore/sbom-action](https://github.com/anchore/sbom-action).


Updates `depot/build-push-action` from 1.15.0 to 1.16.2
- [Release notes](https://github.com/depot/build-push-action/releases)
- [Commits](2583627a84...9785b135c3)

Updates `github/codeql-action` from 3.29.8 to 3.29.10
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](76621b61de...96f518a34f)

Updates `anchore/sbom-action` from 0.20.4 to 0.20.5
- [Release notes](https://github.com/anchore/sbom-action/releases)
- [Changelog](https://github.com/anchore/sbom-action/blob/main/RELEASE.md)
- [Commits](7b36ad622f...da167eac91)

---
updated-dependencies:
- dependency-name: depot/build-push-action
  dependency-version: 1.16.2
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
- dependency-name: github/codeql-action
  dependency-version: 3.29.10
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: anchore/sbom-action
  dependency-version: 0.20.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

This commit is contained in:

dependabot[bot]

2025-08-19 16:32:26 +10:00

committed by

GitHub

parent 57970b53ec

commit ce6ffdac18

4 changed files with 4 additions and 4 deletions

									
										2

.github/workflows/scorecard.yaml
									
										vendored
									
												View File
												
				@@ -67,6 +67,6 @@ jobs:

				      # Upload the results to GitHub's code scanning dashboard.

				      - name: "Upload to code-scanning"

				        uses: github/codeql-action/upload-sarif@76621b61decf072c1cee8dd1ce2d2a82d33c17ed # v3.29.8

				        uses: github/codeql-action/upload-sarif@96f518a34f7a870018057716cc4d7a5c014bd61c # v3.29.10

				        with:

				          sarif_file: results.sarif

chore(deps): bump the dependencies group with 3 updates (#10193)

2 .github/workflows/scorecard.yaml vendored Unescape Escape View File

2

.github/workflows/scorecard.yaml vendored

View File