Bump the dependencies group with 3 updates (#8463)

mirror of https://github.com/inventree/InvenTree.git synced 2025-06-17 20:45:44 +00:00

Bumps the dependencies group with 3 updates: [anchore/sbom-action](https://github.com/anchore/sbom-action), [actions/attest-build-provenance](https://github.com/actions/attest-build-provenance) and [github/codeql-action](https://github.com/github/codeql-action).


Updates `anchore/sbom-action` from 0.17.6 to 0.17.7
- [Release notes](https://github.com/anchore/sbom-action/releases)
- [Changelog](https://github.com/anchore/sbom-action/blob/main/RELEASE.md)
- [Commits](251a468eed...fc46e51fd3)

Updates `actions/attest-build-provenance` from 1.4.3 to 1.4.4
- [Release notes](https://github.com/actions/attest-build-provenance/releases)
- [Changelog](https://github.com/actions/attest-build-provenance/blob/main/RELEASE.md)
- [Commits](1c608d11d6...ef244123eb)

Updates `github/codeql-action` from 3.27.0 to 3.27.1
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](662472033e...4f3212b617)

---
updated-dependencies:
- dependency-name: anchore/sbom-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: actions/attest-build-provenance
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

This commit is contained in:

dependabot[bot]

2024-11-12 09:47:29 +11:00

committed by

GitHub

parent ea1cc4d8dc

commit ff81cb61f2

2 changed files with 3 additions and 3 deletions

									
										2

.github/workflows/scorecard.yaml
									
										vendored
									
												View File
												
				@ -67,6 +67,6 @@ jobs:

				      # Upload the results to GitHub's code scanning dashboard.

				      - name: "Upload to code-scanning"

				        uses: github/codeql-action/upload-sarif@662472033e021d55d94146f66f6058822b0b39fd # v3.27.0

				        uses: github/codeql-action/upload-sarif@4f3212b61783c3c68e8309a0f18a699764811cda # v3.27.1

				        with:

				          sarif_file: results.sarif

Bump the dependencies group with 3 updates (#8463)

2 .github/workflows/scorecard.yaml vendored Unescape Escape View File

2

.github/workflows/scorecard.yaml vendored

View File