From cde300d7126283c41e7be8684e7d8a7fd2307189 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 16 Dec 2024 07:52:09 +0000
Subject: [PATCH] Bump the catch-all group

Bumps the catch-all group in /.github/actions/docker-build-image with 2 updates: [anchore/scan-action](https://github.com/anchore/scan-action) and [github/codeql-action](https://github.com/github/codeql-action).


Updates `anchore/scan-action` from 5.3.0 to 6.0.0
- [Release notes](https://github.com/anchore/scan-action/releases)
- [Changelog](https://github.com/anchore/scan-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/anchore/scan-action/compare/869c549e657a088dc0441b08ce4fc0ecdac2bb65...abae793926ec39a78ab18002bc7fc45bbbd94342)

Updates `github/codeql-action` from 3.27.6 to 3.27.9
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/aa578102511db1f4524ed59b8cc2bae4f6e88195...df409f7d9260372bd5f19e5b04e83cb3c43714ae)

---
updated-dependencies:
- dependency-name: anchore/scan-action
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: catch-all
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: catch-all
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 .github/actions/docker-build-image/action.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/.github/actions/docker-build-image/action.yml b/.github/actions/docker-build-image/action.yml
index 0aceed452..8bbad2c53 100644
--- a/.github/actions/docker-build-image/action.yml
+++ b/.github/actions/docker-build-image/action.yml
@@ -130,7 +130,7 @@ runs:
 
     - name: Anchore Scan API Image
       if: inputs.grype-scan-enabled == 'true'
-      uses: anchore/scan-action@869c549e657a088dc0441b08ce4fc0ecdac2bb65 # v5.3.0
+      uses: anchore/scan-action@abae793926ec39a78ab18002bc7fc45bbbd94342 # v6.0.0
       id: scan
       with:
         fail-build: ${{ inputs.grype-fail-build }}
@@ -145,7 +145,7 @@ runs:
 
     - name: Upload SARIF Files
       if: always() && inputs.grype-scan-enabled == 'true' && github.event_name == 'push'
-      uses: github/codeql-action/upload-sarif@aa578102511db1f4524ed59b8cc2bae4f6e88195 # v3.27.6
+      uses: github/codeql-action/upload-sarif@df409f7d9260372bd5f19e5b04e83cb3c43714ae # v3.27.9
       continue-on-error: true # do not fail if GHAS is not enabled
       with:
         sarif_file: ${{ steps.scan.outputs.sarif }}