From 388653bd3b9c61e1b701ff638c8ba90b6a26d2bd Mon Sep 17 00:00:00 2001
From: "we-renovate[bot]" <162337394+we-renovate[bot]@users.noreply.github.com>
Date: Fri, 11 Oct 2024 08:06:37 +0000
Subject: [PATCH] fix(deps): update all non-major dependencies

---
 .github/workflows/dockerfile.yml     |  4 ++--
 .github/workflows/gradle-library.yml |  8 ++++----
 .github/workflows/gradle-service.yml | 10 +++++-----
 .github/workflows/play-service.yml   |  4 ++--
 .github/workflows/sbt-library.yml    |  2 +-
 .github/workflows/scan-images.yml    | 10 +++++-----
 6 files changed, 19 insertions(+), 19 deletions(-)

diff --git a/.github/workflows/dockerfile.yml b/.github/workflows/dockerfile.yml
index bc8cf67..0a84009 100644
--- a/.github/workflows/dockerfile.yml
+++ b/.github/workflows/dockerfile.yml
@@ -30,7 +30,7 @@ jobs:
   run:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
+      - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1
 
       - name: Docker meta
         id: meta
@@ -56,7 +56,7 @@ jobs:
           labels: ${{ steps.meta.outputs.labels }}
 
       - name: Vulnerability check
-        uses: wetransform/gha-trivy@43245e19f1f3debe1caaeb795f6187f36cfa38de # v2.2.0
+        uses: wetransform/gha-trivy@e06eaae60c4781e82886b303499cf0ea1a0639a4 # v2.2.1
         with:
           image-ref: "${{ inputs.image }}:${{ inputs.tag }}"
           create-test-report: true
diff --git a/.github/workflows/gradle-library.yml b/.github/workflows/gradle-library.yml
index 602da9b..a187674 100644
--- a/.github/workflows/gradle-library.yml
+++ b/.github/workflows/gradle-library.yml
@@ -99,7 +99,7 @@ jobs:
 
     steps:
       - name: Checkout
-        uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
+        uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1
         with:
           ref: ${{ inputs.checkout-ref }}
           submodules: ${{ inputs.submodules }}
@@ -180,7 +180,7 @@ jobs:
         run: ./gradlew ${{ inputs.build-tasks }}
 
       - name: Upload Gradle test reports
-        uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0
+        uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3
         if: ${{ !inputs.skip-build && always() }}
         with:
           name: Gradle test reports
@@ -197,7 +197,7 @@ jobs:
 
       - name: Vulnerability scan
         if: ${{ !inputs.skip-scan }}
-        uses: wetransform/gha-trivy@43245e19f1f3debe1caaeb795f6187f36cfa38de # v2.2.0
+        uses: wetransform/gha-trivy@e06eaae60c4781e82886b303499cf0ea1a0639a4 # v2.2.1
         with:
           junit-test-output: "${{ inputs.multi-module && 'trivy-gha-scan/build/test-results/trivy.xml' || 'build/test-results/trivy.xml' }}" # added to unit test report
           report-retention-days: 30
@@ -264,7 +264,7 @@ jobs:
       - name: Upload artifact
         if: ${{ always() && inputs.upload-artifact-path != '' }}
         continue-on-error: true
-        uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0
+        uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3
         with:
           name: ${{ inputs.upload-artifact-name }}
           path: ${{ inputs.upload-artifact-path }}
diff --git a/.github/workflows/gradle-service.yml b/.github/workflows/gradle-service.yml
index 71ae373..abdd7e9 100644
--- a/.github/workflows/gradle-service.yml
+++ b/.github/workflows/gradle-service.yml
@@ -95,7 +95,7 @@ jobs:
       release-version: ${{ steps.gradle-release.outputs.release-version }}
 
     steps:
-      - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
+      - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1
         with:
           ref: ${{ inputs.checkout-ref }}
           submodules: ${{ inputs.submodules }}
@@ -164,7 +164,7 @@ jobs:
         run: ./gradlew ${{ inputs.build-tasks }}
 
       - name: Upload Gradle test reports
-        uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0
+        uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3
         if: ${{ !inputs.skip-build && always() }}
         with:
           name: Gradle test reports
@@ -217,7 +217,7 @@ jobs:
 
       - name: Vulnerability scan
         if: ${{ !inputs.skip-scan }}
-        uses: wetransform/gha-trivy@43245e19f1f3debe1caaeb795f6187f36cfa38de # v2.2.0
+        uses: wetransform/gha-trivy@e06eaae60c4781e82886b303499cf0ea1a0639a4 # v2.2.1
         with:
           image-ref: 'docker.io/${{ inputs.image-tag }}'
           junit-test-output: "${{ inputs.multi-module && 'trivy-gha-scan/build/test-results/trivy.xml' || 'build/test-results/trivy.xml' }}" # added to unit test report
@@ -225,7 +225,7 @@ jobs:
           report-tag: ${{ inputs.image-tag }}
 
       - name: Vulnerability scan (Image 2)
-        uses: wetransform/gha-trivy@43245e19f1f3debe1caaeb795f6187f36cfa38de # v2.2.0
+        uses: wetransform/gha-trivy@e06eaae60c4781e82886b303499cf0ea1a0639a4 # v2.2.1
         if: ${{ !inputs.skip-scan && inputs.image-tag-2 != '' }}
         with:
           image-ref: 'docker.io/${{ inputs.image-tag-2 }}'
@@ -234,7 +234,7 @@ jobs:
           report-tag: ${{ inputs.image-tag-2 }}
 
       - name: Vulnerability scan (Image 3)
-        uses: wetransform/gha-trivy@43245e19f1f3debe1caaeb795f6187f36cfa38de # v2.2.0
+        uses: wetransform/gha-trivy@e06eaae60c4781e82886b303499cf0ea1a0639a4 # v2.2.1
         if: ${{ !inputs.skip-scan && inputs.image-tag-3 != '' }}
         with:
           image-ref: 'docker.io/${{ inputs.image-tag-3 }}'
diff --git a/.github/workflows/play-service.yml b/.github/workflows/play-service.yml
index 20bfb58..ec0ad89 100644
--- a/.github/workflows/play-service.yml
+++ b/.github/workflows/play-service.yml
@@ -49,7 +49,7 @@ jobs:
     runs-on: ubuntu-latest
 
     steps:
-      - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
+      - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1
 
       - uses: actions/setup-java@b36c23c0d998641eff861008f374ee103c25ac73 # v4.4.0
         with:
@@ -98,7 +98,7 @@ jobs:
         run: mkdir -p ${{ inputs.junit-test-folder }}
 
       - name: Vulnerability scan
-        uses: wetransform/gha-trivy@43245e19f1f3debe1caaeb795f6187f36cfa38de # v2.2.0
+        uses: wetransform/gha-trivy@e06eaae60c4781e82886b303499cf0ea1a0639a4 # v2.2.1
         with:
           image-ref: 'docker.io/${{ inputs.image-tag }}'
           junit-test-output: "${{ inputs.junit-test-folder }}/trivy.xml" # added to unit test report
diff --git a/.github/workflows/sbt-library.yml b/.github/workflows/sbt-library.yml
index 106cf38..491cbf0 100644
--- a/.github/workflows/sbt-library.yml
+++ b/.github/workflows/sbt-library.yml
@@ -35,7 +35,7 @@ jobs:
     runs-on: ubuntu-latest
 
     steps:
-      - uses: actions/checkout@d632683dd7b4114ad314bca15554477dd762a938 # v4.2.0
+      - uses: actions/checkout@eef61447b9ff4aafe5dcd4e0bbf5d482be7e7871 # v4.2.1
 
       - uses: actions/setup-java@b36c23c0d998641eff861008f374ee103c25ac73 # v4.4.0
         with:
diff --git a/.github/workflows/scan-images.yml b/.github/workflows/scan-images.yml
index d9367f2..cc54f12 100644
--- a/.github/workflows/scan-images.yml
+++ b/.github/workflows/scan-images.yml
@@ -86,7 +86,7 @@ jobs:
           docker pull ${{ matrix.image }}
 
       - name: Vulnerability scan
-        uses: wetransform/gha-trivy@43245e19f1f3debe1caaeb795f6187f36cfa38de # v2.2.0
+        uses: wetransform/gha-trivy@e06eaae60c4781e82886b303499cf0ea1a0639a4 # v2.2.1
         with:
           image-ref: ${{ matrix.image }}
           create-test-report: ${{ inputs.create-test-report }}
@@ -100,7 +100,7 @@ jobs:
     steps:
       - name: Merge SBOM artifacts
         if: ${{ inputs.remove-individual-artifacts }}
-        uses: actions/upload-artifact/merge@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0
+        uses: actions/upload-artifact/merge@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3
         with:
           name: SBOM (CycloneDX) [all-individual-results]
           pattern: SBOM (CycloneDX) * # name used by gha-trivy action
@@ -108,7 +108,7 @@ jobs:
 
       - name: Merge HTML report artifacts
         if: ${{ inputs.remove-individual-artifacts }}
-        uses: actions/upload-artifact/merge@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0
+        uses: actions/upload-artifact/merge@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3
         with:
           name: Vulnerability report (HTML)
           pattern: Vulnerability report (HTML)* # name used by gha-trivy action
@@ -167,7 +167,7 @@ jobs:
 
       - name: Upload combined SBOMs
         if: ${{ inputs.merge-sboms }}
-        uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0
+        uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3
         with:
           name: Merged SBOMs (CycloneDX)
           path: merged/
@@ -176,7 +176,7 @@ jobs:
       # Scan merged SBOM for an overview, but trivy fails for mixed OS dependencies, so disabled by default
       - name: Scan merged SBOM
         if: ${{ inputs.merge-sboms && inputs.scan-merged-sbom }}
-        uses: wetransform/gha-trivy@43245e19f1f3debe1caaeb795f6187f36cfa38de # v2.2.0
+        uses: wetransform/gha-trivy@e06eaae60c4781e82886b303499cf0ea1a0639a4 # v2.2.1
         with:
           scan-ref: merged/sbom.json
           create-test-report: false