From 6495922e42b29b19ae37b376863e07b8508740c9 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Sun, 1 Mar 2026 12:13:54 +0000
Subject: [PATCH] [#patch](deps): Bump the actions-deps group with 5 updates

Bumps the actions-deps group with 5 updates:

| Package | From | To |
| --- | --- | --- |
| [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) | `0.34.0` | `0.34.1` |
| [github/codeql-action](https://github.com/github/codeql-action) | `4.31.9` | `4.32.4` |
| [reviewdog/action-actionlint](https://github.com/reviewdog/action-actionlint) | `1.70.0` | `1.71.0` |
| [tj-actions/changed-files](https://github.com/tj-actions/changed-files) | `47.0.1` | `47.0.4` |
| [actions/dependency-review-action](https://github.com/actions/dependency-review-action) | `4.8.2` | `4.8.3` |


Updates `aquasecurity/trivy-action` from 0.34.0 to 0.34.1
- [Release notes](https://github.com/aquasecurity/trivy-action/releases)
- [Commits](https://github.com/aquasecurity/trivy-action/compare/c1824fd6edce30d7ab345a9989de00bbd46ef284...e368e328979b113139d6f9068e03accaed98a518)

Updates `github/codeql-action` from 4.31.9 to 4.32.4
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/5d4e8d1aca955e8d8589aabd499c5cae939e33c7...89a39a4e59826350b863aa6b6252a07ad50cf83e)

Updates `reviewdog/action-actionlint` from 1.70.0 to 1.71.0
- [Release notes](https://github.com/reviewdog/action-actionlint/releases)
- [Commits](https://github.com/reviewdog/action-actionlint/compare/e58ee9d111489c31395fbe4857b0be6e7635dbda...0d952c597ef8459f634d7145b0b044a9699e5e43)

Updates `tj-actions/changed-files` from 47.0.1 to 47.0.4
- [Release notes](https://github.com/tj-actions/changed-files/releases)
- [Changelog](https://github.com/tj-actions/changed-files/blob/main/HISTORY.md)
- [Commits](https://github.com/tj-actions/changed-files/compare/e0021407031f5be11a464abee9a0776171c79891...7dee1b0c1557f278e5c7dc244927139d78c0e22a)

Updates `actions/dependency-review-action` from 4.8.2 to 4.8.3
- [Release notes](https://github.com/actions/dependency-review-action/releases)
- [Commits](https://github.com/actions/dependency-review-action/compare/3c4e3dcb1aa7874d2c16be7d79418e9b7efd6261...05fe4576374b728f0c523d6a13d64c25081e0803)

---
updated-dependencies:
- dependency-name: aquasecurity/trivy-action
  dependency-version: 0.34.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: actions-deps
- dependency-name: github/codeql-action
  dependency-version: 4.32.4
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: actions-deps
- dependency-name: reviewdog/action-actionlint
  dependency-version: 1.71.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: actions-deps
- dependency-name: tj-actions/changed-files
  dependency-version: 47.0.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: actions-deps
- dependency-name: actions/dependency-review-action
  dependency-version: 4.8.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: actions-deps
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 .github/workflows/docker-build-and-push.yml | 6 +++---
 .github/workflows/go-security-scan.yml      | 2 +-
 .github/workflows/infra-security-scan.yml   | 6 +++---
 .github/workflows/local-auto-tagger.yml     | 2 +-
 .github/workflows/rust-ci.yml               | 2 +-
 .github/workflows/sast.yml                  | 4 ++--
 .github/workflows/terraform-ci.yml          | 4 ++--
 7 files changed, 13 insertions(+), 13 deletions(-)

diff --git a/.github/workflows/docker-build-and-push.yml b/.github/workflows/docker-build-and-push.yml
index 9cacf45..aa16899 100644
--- a/.github/workflows/docker-build-and-push.yml
+++ b/.github/workflows/docker-build-and-push.yml
@@ -188,7 +188,7 @@ jobs:
           push-to-registry: true
           create-storage-record: ${{ startsWith(inputs.registry, 'ghcr.io') }}
       - name: Run Trivy Scan
-        uses: aquasecurity/trivy-action@c1824fd6edce30d7ab345a9989de00bbd46ef284 # v0.34.0
+        uses: aquasecurity/trivy-action@e368e328979b113139d6f9068e03accaed98a518 # v0.34.1
         if: inputs.scan-image
         with:
           format: sarif
@@ -199,7 +199,7 @@ jobs:
           output: ${{ inputs.working-directory }}/trivy_results.sarif
           github-pat: ${{ secrets.GITHUB_TOKEN }}
       - name: Generate SBOM
-        uses: aquasecurity/trivy-action@c1824fd6edce30d7ab345a9989de00bbd46ef284 # v0.34.0
+        uses: aquasecurity/trivy-action@e368e328979b113139d6f9068e03accaed98a518 # v0.34.1
         if: inputs.push
         with:
           format: spdx-json
@@ -238,7 +238,7 @@ jobs:
           echo -n "$(cat ./trivy_results.sarif)" | reviewdog -reporter=github-check -f=sarif -level=warning -diff="git diff FETCH_HEAD"
       - name: Upload results
         if: ${{ inputs.scan-image && inputs.upload-sarif }}
-        uses: github/codeql-action/upload-sarif@5d4e8d1aca955e8d8589aabd499c5cae939e33c7 #  v4.31.9
+        uses: github/codeql-action/upload-sarif@89a39a4e59826350b863aa6b6252a07ad50cf83e #  v4.32.4
         with:
           sarif_file: ${{ inputs.working-directory }}/trivy_results.sarif
           category: container-security
diff --git a/.github/workflows/go-security-scan.yml b/.github/workflows/go-security-scan.yml
index e3316fd..555f043 100644
--- a/.github/workflows/go-security-scan.yml
+++ b/.github/workflows/go-security-scan.yml
@@ -61,7 +61,7 @@ jobs:
         run: |
           echo -n "$(cat ./gosec-results.sarif)" | reviewdog -reporter=github-check -f=sarif -level=error -diff="git diff FETCH_HEAD"
       - name: Upload results
-        uses: github/codeql-action/upload-sarif@5d4e8d1aca955e8d8589aabd499c5cae939e33c7 #  v4.31.9
+        uses: github/codeql-action/upload-sarif@89a39a4e59826350b863aa6b6252a07ad50cf83e #  v4.32.4
         with:
           sarif_file: '${{ inputs.working-directory }}/gosec-results.sarif'
           category: sast
diff --git a/.github/workflows/infra-security-scan.yml b/.github/workflows/infra-security-scan.yml
index 1b63985..9661b62 100644
--- a/.github/workflows/infra-security-scan.yml
+++ b/.github/workflows/infra-security-scan.yml
@@ -64,7 +64,7 @@ jobs:
           enable_jobs_summary: true
           comments_with_queries: true
       - name: Upload SARIF file
-        uses: github/codeql-action/upload-sarif@5d4e8d1aca955e8d8589aabd499c5cae939e33c7 #  v4.31.9
+        uses: github/codeql-action/upload-sarif@89a39a4e59826350b863aa6b6252a07ad50cf83e #  v4.32.4
         with:
           sarif_file: ${{ inputs.working-directory }}/kics_results.sarif
           category: devops
@@ -93,7 +93,7 @@ jobs:
       - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
         with:
           persist-credentials: false
-      - uses: reviewdog/action-actionlint@e58ee9d111489c31395fbe4857b0be6e7635dbda # v1.70.0
+      - uses: reviewdog/action-actionlint@0d952c597ef8459f634d7145b0b044a9699e5e43 # v1.71.0
         continue-on-error: true
         with:
           fail_level: any
@@ -117,7 +117,7 @@ jobs:
         run: |
           echo -n "$(cat ./zizmor_results.sarif)" | reviewdog -reporter=github-check -f=sarif -level=warning -diff="git diff FETCH_HEAD"
       - name: Upload SARIF file
-        uses: github/codeql-action/upload-sarif@5d4e8d1aca955e8d8589aabd499c5cae939e33c7 #  v4.31.9
+        uses: github/codeql-action/upload-sarif@89a39a4e59826350b863aa6b6252a07ad50cf83e #  v4.32.4
         with:
           sarif_file: zizmor_results.sarif
           category: github-actions
diff --git a/.github/workflows/local-auto-tagger.yml b/.github/workflows/local-auto-tagger.yml
index cdf690f..b6e62b4 100644
--- a/.github/workflows/local-auto-tagger.yml
+++ b/.github/workflows/local-auto-tagger.yml
@@ -31,7 +31,7 @@ jobs:
           persist-credentials: false
       - name: Get changed files for each workflow and action
         id: changed-files
-        uses: tj-actions/changed-files@e0021407031f5be11a464abee9a0776171c79891 # v47.0.1
+        uses: tj-actions/changed-files@7dee1b0c1557f278e5c7dc244927139d78c0e22a # v47.0.4
         with:
           files_yaml: |
             cleanup-cache:
diff --git a/.github/workflows/rust-ci.yml b/.github/workflows/rust-ci.yml
index 45a34a3..d8e8cbc 100644
--- a/.github/workflows/rust-ci.yml
+++ b/.github/workflows/rust-ci.yml
@@ -153,7 +153,7 @@ jobs:
         run: |
           echo -n "$(cat ./clippy-results.sarif)" | reviewdog -reporter=github-check -f=sarif -level=warning -diff="git diff FETCH_HEAD"
       - name: Upload results
-        uses: github/codeql-action/upload-sarif@5d4e8d1aca955e8d8589aabd499c5cae939e33c7 #  v4.31.9
+        uses: github/codeql-action/upload-sarif@89a39a4e59826350b863aa6b6252a07ad50cf83e #  v4.32.4
         with:
           sarif_file: ${{ inputs.working-directory }}/clippy-results.sarif
           category: sast
diff --git a/.github/workflows/sast.yml b/.github/workflows/sast.yml
index be03325..2ac3027 100644
--- a/.github/workflows/sast.yml
+++ b/.github/workflows/sast.yml
@@ -31,7 +31,7 @@ jobs:
           persist-credentials: false
       - name: 'Dependency Review'
         if: github.event_name == 'pull_request'
-        uses: actions/dependency-review-action@3c4e3dcb1aa7874d2c16be7d79418e9b7efd6261 # v4.8.2
+        uses: actions/dependency-review-action@05fe4576374b728f0c523d6a13d64c25081e0803 # v4.8.3
         with:
           fail-on-severity: moderate
           comment-summary-in-pr: on-failure
@@ -54,7 +54,7 @@ jobs:
         run: |
           echo -n "$(cat ./sast-output.sarif)" | reviewdog -reporter=github-check -f=sarif -level=error -diff="git diff FETCH_HEAD"
       - name: Upload SARIF file
-        uses: github/codeql-action/upload-sarif@5d4e8d1aca955e8d8589aabd499c5cae939e33c7 #  v4.31.9
+        uses: github/codeql-action/upload-sarif@89a39a4e59826350b863aa6b6252a07ad50cf83e #  v4.32.4
         with:
           sarif_file: ./sast-output.sarif
           category: sast
diff --git a/.github/workflows/terraform-ci.yml b/.github/workflows/terraform-ci.yml
index 0d2b13f..aa97fcf 100644
--- a/.github/workflows/terraform-ci.yml
+++ b/.github/workflows/terraform-ci.yml
@@ -101,7 +101,7 @@ jobs:
           filter_mode: nofilter
 
       - name: Run Trivy Scan
-        uses: aquasecurity/trivy-action@c1824fd6edce30d7ab345a9989de00bbd46ef284 # v0.34.0
+        uses: aquasecurity/trivy-action@e368e328979b113139d6f9068e03accaed98a518 # v0.34.1
         with:
           hide-progress: true
           format: sarif
@@ -117,7 +117,7 @@ jobs:
         run: |
           echo -n "$(cat ./trivy_results.sarif)" | reviewdog -reporter=github-check -f=sarif -level=error -diff="git diff FETCH_HEAD"
       - name: Upload results
-        uses: github/codeql-action/upload-sarif@5d4e8d1aca955e8d8589aabd499c5cae939e33c7 #  v4.31.9
+        uses: github/codeql-action/upload-sarif@89a39a4e59826350b863aa6b6252a07ad50cf83e #  v4.32.4
         with:
           sarif_file: ${{ inputs.working-directory }}/trivy_results.sarif
           category: devops