deps: bump the production-dependencies group across 1 directory with 14 updates

[dependabot]

Bumps the production-dependencies group with 14 updates in the / directory:

Package	From	To
actions/checkout	4	5
github/codeql-action	3	4
actions/github-script	7	8
dtolnay/rust-toolchain	56f84321dbccf38fb67ce29ab63e4754056677e0	6d653acede28d24f02e3cd41383119e8b1b35921
docker/setup-buildx-action	3.10.0	3.11.1
docker/login-action	3.4.0	3.6.0
docker/metadata-action	5.7.0	5.8.0
docker/build-push-action	6.15.0	6.18.0
actions/attest-build-provenance	2.2.3	3.0.0
anchore/scan-action	6.1.0	7.0.0
actions/labeler	5	6
actions/setup-python	5	6
42ByteLabs/patch-release-me	0.5.3	0.6.2
Andrew-Chen-Wang/github-wiki-action	4.4.0	5.0.3

Updates actions/checkout from 4 to 5

Release notes

Sourced from actions/checkout's releases.

v5.0.0

What's Changed

• Update actions checkout to use node 24 by @​salmanmkc in actions/checkout#2226
• Prepare v5.0.0 release by @​salmanmkc in actions/checkout#2238

⚠️ Minimum Compatible Runner Version

v2.327.1
Release Notes

Make sure your runner is updated to this version or newer to use this release.

Full Changelog: actions/checkout@v4...v5.0.0

v4.3.0

What's Changed

• docs: update README.md by @​motss in actions/checkout#1971
• Add internal repos for checking out multiple repositories by @​mouismail in actions/checkout#1977
• Documentation update - add recommended permissions to Readme by @​benwells in actions/checkout#2043
• Adjust positioning of user email note and permissions heading by @​joshmgross in actions/checkout#2044
• Update README.md by @​nebuk89 in actions/checkout#2194
• Update CODEOWNERS for actions by @​TingluoHuang in actions/checkout#2224
• Update package dependencies by @​salmanmkc in actions/checkout#2236
• Prepare release v4.3.0 by @​salmanmkc in actions/checkout#2237

New Contributors

• @​motss made their first contribution in actions/checkout#1971
• @​mouismail made their first contribution in actions/checkout#1977
• @​benwells made their first contribution in actions/checkout#2043
• @​nebuk89 made their first contribution in actions/checkout#2194
• @​salmanmkc made their first contribution in actions/checkout#2236

Full Changelog: actions/checkout@v4...v4.3.0

v4.2.2

What's Changed

• url-helper.ts now leverages well-known environment variables by @​jww3 in actions/checkout#1941
• Expand unit test coverage for isGhes by @​jww3 in actions/checkout#1946

Full Changelog: actions/checkout@v4.2.1...v4.2.2

v4.2.1

What's Changed

• Check out other refs/* by commit if provided, fall back to ref by @​orhantoy in actions/checkout#1924

New Contributors

• @​Jcambass made their first contribution in actions/checkout#1919

Full Changelog: actions/checkout@v4.2.0...v4.2.1

... (truncated)

Changelog

Sourced from actions/checkout's changelog.

Changelog

V5.0.0

• Update actions checkout to use node 24 by @​salmanmkc in actions/checkout#2226

V4.3.0

• docs: update README.md by @​motss in actions/checkout#1971
• Add internal repos for checking out multiple repositories by @​mouismail in actions/checkout#1977
• Documentation update - add recommended permissions to Readme by @​benwells in actions/checkout#2043
• Adjust positioning of user email note and permissions heading by @​joshmgross in actions/checkout#2044
• Update README.md by @​nebuk89 in actions/checkout#2194
• Update CODEOWNERS for actions by @​TingluoHuang in actions/checkout#2224
• Update package dependencies by @​salmanmkc in actions/checkout#2236

v4.2.2

• url-helper.ts now leverages well-known environment variables by @​jww3 in actions/checkout#1941
• Expand unit test coverage for isGhes by @​jww3 in actions/checkout#1946

v4.2.1

• Check out other refs/* by commit if provided, fall back to ref by @​orhantoy in actions/checkout#1924

v4.2.0

• Add Ref and Commit outputs by @​lucacome in actions/checkout#1180
• Dependency updates by @​dependabot- actions/checkout#1777, actions/checkout#1872

v4.1.7

• Bump the minor-npm-dependencies group across 1 directory with 4 updates by @​dependabot in actions/checkout#1739
• Bump actions/checkout from 3 to 4 by @​dependabot in actions/checkout#1697
• Check out other refs/* by commit by @​orhantoy in actions/checkout#1774
• Pin actions/checkout's own workflows to a known, good, stable version. by @​jww3 in actions/checkout#1776

v4.1.6

• Check platform to set archive extension appropriately by @​cory-miller in actions/checkout#1732

v4.1.5

• Update NPM dependencies by @​cory-miller in actions/checkout#1703
• Bump github/codeql-action from 2 to 3 by @​dependabot in actions/checkout#1694
• Bump actions/setup-node from 1 to 4 by @​dependabot in actions/checkout#1696
• Bump actions/upload-artifact from 2 to 4 by @​dependabot in actions/checkout#1695
• README: Suggest user.email to be 41898282+github-actions[bot]@users.noreply.github.com by @​cory-miller in actions/checkout#1707

v4.1.4

• Disable extensions.worktreeConfig when disabling sparse-checkout by @​jww3 in actions/checkout#1692
• Add dependabot config by @​cory-miller in actions/checkout#1688
• Bump the minor-actions-dependencies group with 2 updates by @​dependabot in actions/checkout#1693
• Bump word-wrap from 1.2.3 to 1.2.5 by @​dependabot in actions/checkout#1643

v4.1.3

... (truncated)

Commits

• 08c6903 Prepare v5.0.0 release (#2238)
• 9f26565 Update actions checkout to use node 24 (#2226)
• See full diff in compare view

Updates github/codeql-action from 3 to 4

Release notes

Sourced from github/codeql-action's releases.

v3.30.8

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.30.8 - 10 Oct 2025

No user facing changes.

See the full CHANGELOG.md for more information.

v3.30.7

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.30.7 - 06 Oct 2025

No user facing changes.

See the full CHANGELOG.md for more information.

v3.30.6

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.30.6 - 02 Oct 2025

• Update default CodeQL bundle version to 2.23.2. #3168

See the full CHANGELOG.md for more information.

v3.30.5

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.30.5 - 26 Sep 2025

• We fixed a bug that was introduced in 3.30.4 with upload-sarif which resulted in files without a .sarif extension not getting uploaded. #3160

See the full CHANGELOG.md for more information.

v3.30.4

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.30.4 - 25 Sep 2025

... (truncated)

Changelog

Sourced from github/codeql-action's changelog.

3.29.4 - 23 Jul 2025

No user facing changes.

3.29.3 - 21 Jul 2025

No user facing changes.

3.29.2 - 30 Jun 2025

• Experimental: When the quality-queries input for the init action is provided with an argument, separate .quality.sarif files are produced and uploaded for each language with the results of the specified queries. Do not use this in production as it is part of an internal experiment and subject to change at any time. #2935

3.29.1 - 27 Jun 2025

• Fix bug in PR analysis where user-provided include query filter fails to exclude non-included queries. #2938
• Update default CodeQL bundle version to 2.22.1. #2950

3.29.0 - 11 Jun 2025

• Update default CodeQL bundle version to 2.22.0. #2925
• Bump minimum CodeQL bundle version to 2.16.6. #2912

3.28.21 - 28 July 2025

No user facing changes.

3.28.20 - 21 July 2025

• Remove support for combining SARIF files from a single upload for GHES 3.18, see the changelog post. #2959

3.28.19 - 03 Jun 2025

• The CodeQL Action no longer includes its own copy of the extractor for the actions language, which is currently in public preview. The actions extractor has been included in the CodeQL CLI since v2.20.6. If your workflow has enabled the actions language and you have pinned your tools: property to a specific version of the CodeQL CLI earlier than v2.20.6, you will need to update to at least CodeQL v2.20.6 or disable actions analysis.
• Update default CodeQL bundle version to 2.21.4. #2910

3.28.18 - 16 May 2025

• Update default CodeQL bundle version to 2.21.3. #2893
• Skip validating SARIF produced by CodeQL for improved performance. #2894
• The number of threads and amount of RAM used by CodeQL can now be set via the CODEQL_THREADS and CODEQL_RAM runner environment variables. If set, these environment variables override the threads and ram inputs respectively. #2891

3.28.17 - 02 May 2025

• Update default CodeQL bundle version to 2.21.2. #2872

3.28.16 - 23 Apr 2025

... (truncated)

Commits

• a841c54 Scratch uploadSpecifiedFiles tests, make uploadPayload tests instead
• aeb12f6 Merge branch 'main' into redsun82/skip-sarif-upload-tests
• 6fd4ceb Merge pull request #3189 from github/henrymercer/download-codeql-rate-limit
• 196a3e5 Merge pull request #3188 from github/mbg/telemetry/partial-config
• 98abb87 Add configuration error for rate limited CodeQL download
• bdd2cdf Also include language in error status report for start-proxy, if available
• fb14878 Include languages in start-proxy telemetry
• 2ff418f Parse language before calling getCredentials
• See full diff in compare view

Updates actions/github-script from 7 to 8

Release notes

Sourced from actions/github-script's releases.

v8.0.0

What's Changed

• Update Node.js version support to 24.x by @​salmanmkc in actions/github-script#637
• README for updating actions/github-script from v7 to v8 by @​sneha-krip in actions/github-script#653

⚠️ Minimum Compatible Runner Version

v2.327.1
Release Notes

Make sure your runner is updated to this version or newer to use this release.

New Contributors

• @​salmanmkc made their first contribution in actions/github-script#637
• @​sneha-krip made their first contribution in actions/github-script#653

Full Changelog: actions/github-script@v7.1.0...v8.0.0

v7.1.0

What's Changed

• Upgrade husky to v9 by @​benelan in actions/github-script#482
• Add workflow file for publishing releases to immutable action package by @​Jcambass in actions/github-script#485
• Upgrade IA Publish by @​Jcambass in actions/github-script#486
• Fix workflow status badges by @​joshmgross in actions/github-script#497
• Update usage of actions/upload-artifact by @​joshmgross in actions/github-script#512
• Clear up package name confusion by @​joshmgross in actions/github-script#514
• Update dependencies with npm audit fix by @​joshmgross in actions/github-script#515
• Specify that the used script is JavaScript by @​timotk in actions/github-script#478
• chore: Add Dependabot for NPM and Actions by @​nschonni in actions/github-script#472
• Define permissions in workflows and update actions by @​joshmgross in actions/github-script#531
• chore: Add Dependabot for .github/actions/install-dependencies by @​nschonni in actions/github-script#532
• chore: Remove .vscode settings by @​nschonni in actions/github-script#533
• ci: Use github/setup-licensed by @​nschonni in actions/github-script#473
• make octokit instance available as octokit on top of github, to make it easier to seamlessly copy examples from GitHub rest api or octokit documentations by @​iamstarkov in actions/github-script#508
• Remove octokit README updates for v7 by @​joshmgross in actions/github-script#557
• docs: add "exec" usage examples by @​neilime in actions/github-script#546
• Bump ruby/setup-ruby from 1.213.0 to 1.222.0 by @​dependabot[bot] in actions/github-script#563
• Bump ruby/setup-ruby from 1.222.0 to 1.229.0 by @​dependabot[bot] in actions/github-script#575
• Clearly document passing inputs to the script by @​joshmgross in actions/github-script#603
• Update README.md by @​nebuk89 in actions/github-script#610

New Contributors

• @​benelan made their first contribution in actions/github-script#482
• @​Jcambass made their first contribution in actions/github-script#485
• @​timotk made their first contribution in actions/github-script#478
• @​iamstarkov made their first contribution in actions/github-script#508
• @​neilime made their first contribution in actions/github-script#546
• @​nebuk89 made their first contribution in actions/github-script#610

Full Changelog: actions/github-script@v7...v7.1.0

... (truncated)

Commits

• ed59741 Merge pull request #653 from actions/sneha-krip/readme-for-v8
• 2dc352e Bold minimum Actions Runner version in README
• 01e118c Update README for Node 24 runtime requirements
• 8b222ac Apply suggestion from @​salmanmkc
• adc0eea README for updating actions/github-script from v7 to v8
• 20fe497 Merge pull request #637 from actions/node24
• e7b7f22 update licenses
• 2c81ba0 Update Node.js version support to 24.x
• See full diff in compare view

Updates dtolnay/rust-toolchain from 56f84321dbccf38fb67ce29ab63e4754056677e0 to 6d653acede28d24f02e3cd41383119e8b1b35921

Commits

• 6d653ac Merge pull request #171 from dtolnay/up
• 30dc51d Update Linux arm64 runner to Ubuntu 24.04
• e97e2d8 Update actions/checkout@v4 -> v5
• 3bd6ba1 Merge pull request #168 from dtolnay/sed
• 0185c06 Fix update-revs.sh to recognize only the intended required: true
• 350b817 Merge pull request #166 from dtolnay/fix1
• 6ded28b Try without comment?
• cc2784c Merge pull request #165 from dtolnay/fix2
• f6642a8 Try without backtick?
• 5ee21dc Merge pull request #162 from dtolnay/pin
• Additional commits viewable in compare view

Updates docker/setup-buildx-action from 3.10.0 to 3.11.1

Release notes

Sourced from docker/setup-buildx-action's releases.

v3.11.1

• Fix keep-state not being respected by @​crazy-max in docker/setup-buildx-action#429

Full Changelog: docker/setup-buildx-action@v3.11.0...v3.11.1

v3.11.0

• Keep BuildKit state support by @​crazy-max in docker/setup-buildx-action#427
• Remove aliases created when installing by default by @​hashhar in docker/setup-buildx-action#139
• Bump @​docker/actions-toolkit from 0.56.0 to 0.62.1 in docker/setup-buildx-action#422 docker/setup-buildx-action#425

Full Changelog: docker/setup-buildx-action@v3.10.0...v3.11.0

Commits

• e468171 Merge pull request #429 from crazy-max/fix-keep-state
• a3e7502 chore: update generated content
• b145473 fix keep-state not being respected
• 18ce135 Merge pull request #425 from docker/dependabot/npm_and_yarn/docker/actions-to...
• 0e198e9 chore: update generated content
• 05f3f3a build(deps): bump @​docker/actions-toolkit from 0.61.0 to 0.62.1
• 6229134 Merge pull request #427 from crazy-max/keep-state
• c6f6a07 chore: update generated content
• 6c5e29d skip builder creation if one already exists with the same name
• 548b297 ci: keep-state check
• Additional commits viewable in compare view

Updates docker/login-action from 3.4.0 to 3.6.0

Release notes

Sourced from docker/login-action's releases.

v3.6.0

• Add registry-auth input for raw authentication to registries by @​crazy-max in docker/login-action#887
• Bump @​aws-sdk/client-ecr to 3.890.0 in docker/login-action#882 docker/login-action#890
• Bump @​aws-sdk/client-ecr-public to 3.890.0 in docker/login-action#882 docker/login-action#890
• Bump @​docker/actions-toolkit from 0.62.1 to 0.63.0 in docker/login-action#883
• Bump brace-expansion from 1.1.11 to 1.1.12 in docker/login-action#880
• Bump undici from 5.28.4 to 5.29.0 in docker/login-action#879
• Bump tmp from 0.2.3 to 0.2.4 in docker/login-action#881

Full Changelog: docker/login-action@v3.5.0...v3.6.0

v3.5.0

• Support dual-stack endpoints for AWS ECR by @​Spacefish @​crazy-max in docker/login-action#874 docker/login-action#876
• Bump @​aws-sdk/client-ecr to 3.859.0 in docker/login-action#860 docker/login-action#878
• Bump @​aws-sdk/client-ecr-public to 3.859.0 in docker/login-action#860 docker/login-action#878
• Bump @​docker/actions-toolkit from 0.57.0 to 0.62.1 in docker/login-action#870
• Bump form-data from 2.5.1 to 2.5.5 in docker/login-action#875

Full Changelog: docker/login-action@v3.4.0...v3.5.0

Commits

• 5e57cd1 Merge pull request #890 from docker/dependabot/npm_and_yarn/aws-sdk-dependenc...
• 97e3143 chore: update generated content
• 3a0796b build(deps): bump the aws-sdk-dependencies group with 2 updates
• 5b7b28b Merge pull request #882 from docker/dependabot/npm_and_yarn/aws-sdk-dependenc...
• abc9fb3 chore: update generated content
• d468688 build(deps): bump the aws-sdk-dependencies group with 2 updates
• a99b2f8 Merge pull request #883 from docker/dependabot/npm_and_yarn/docker/actions-to...
• 0d7fae8 chore: update generated content
• 9832253 build(deps): bump @​docker/actions-toolkit from 0.62.1 to 0.63.0
• 09e05bb Merge pull request #881 from docker/dependabot/npm_and_yarn/tmp-0.2.4
• Additional commits viewable in compare view

Updates docker/metadata-action from 5.7.0 to 5.8.0

Release notes

Sourced from docker/metadata-action's releases.

v5.8.0

• New is_not_default_branch global expression by @​crazy-max in docker/metadata-action#535
• Allow to match part of the git tag or value for semver/pep440 types by @​crazy-max in docker/metadata-action#536 docker/metadata-action#537
• Bump @​actions/github from 6.0.0 to 6.0.1 in docker/metadata-action#523
• Bump @​docker/actions-toolkit from 0.56.0 to 0.62.1 in docker/metadata-action#526
• Bump form-data from 2.5.1 to 2.5.5 in docker/metadata-action#533
• Bump moment-timezone from 0.5.47 to 0.6.0 in docker/metadata-action#525
• Bump semver from 7.7.1 to 7.7.2 in docker/metadata-action#524

Full Changelog: docker/metadata-action@v5.7.0...v5.8.0

Commits

• c1e5197 Merge pull request #537 from crazy-max/pep440-match
• 89dd65a chore: update generated content
• 699ee45 allow to match part of the git tag or value for pep440 type
• e0542a6 Merge pull request #536 from crazy-max/semver-match
• b7facdf chore: update generated content
• 81c60df allow to match part of the git tag or value for semver type
• de11195 Merge pull request #535 from crazy-max/not_def_branch
• 2f9c64b Merge pull request #533 from docker/dependabot/npm_and_yarn/form-data-2.5.5
• 510f746 chore: update generated content
• 2bc3f4e is_not_default_branch global expression
• Additional commits viewable in compare view

Updates docker/build-push-action from 6.15.0 to 6.18.0

Release notes

Sourced from docker/build-push-action's releases.

v6.18.0

• Bump @​docker/actions-toolkit from 0.61.0 to 0.62.1 in docker/build-push-action#1381

[!NOTE] Build summary is now supported with Docker Build Cloud.

Full Changelog: docker/build-push-action@v6.17.0...v6.18.0

v6.17.0

• Bump @​docker/actions-toolkit from 0.59.0 to 0.61.0 by @​crazy-max in docker/build-push-action#1364

[!NOTE] Build record is now exported using the buildx history export command instead of the legacy export-build tool.

Full Changelog: docker/build-push-action@v6.16.0...v6.17.0

v6.16.0

• Handle no default attestations env var by @​crazy-max in docker/build-push-action#1343
• Only print secret keys in build summary output by @​crazy-max in docker/build-push-action#1353
• Bump @​docker/actions-toolkit from 0.56.0 to 0.59.0 in docker/build-push-action#1352

Full Changelog: docker/build-push-action@v6.15.0...v6.16.0

Commits

• 2634353 Merge pull request #1381 from docker/dependabot/npm_and_yarn/docker/actions-t...
• c0432d2 chore: update generated content
• 0bb1f27 set builder driver and endpoint attributes for dbc summary support
• 5f9dbf9 chore(deps): Bump @​docker/actions-toolkit from 0.61.0 to 0.62.1
• 0788c44 Merge pull request #1375 from crazy-max/remove-gcr
• aa179ca e2e: remove GCR
• 1dc7386 Merge pull request #1364 from crazy-max/history-export-cmd
• 9c9803f chore: update generated content
• db1f6c4 DOCKER_BUILD_EXPORT_LEGACY env var to opt-in for legacy export
• 721e8c7 Bump @​docker/actions-toolkit from 0.59.0 to 0.61.0
• Additional commits viewable in compare view

Updates actions/attest-build-provenance from 2.2.3 to 3.0.0

Release notes

Sourced from actions/attest-build-provenance's releases.

v3.0.0

What's Changed

• Adjust node max-http-header-size setting by @​bdehamer in actions/attest-build-provenance#687
• Bump actions/attest from v2.4.0 to v3.0.0 by @​bdehamer in actions/attest-build-provenance#691
  • Bump to node24 runtime
  • Improved checksum parsing
• Bump attest-build-provenance/predicate to v2.0.0 by @​bdehamer in actions/attest-build-provenance#693
  • Bump to node24 runtime by @​bdehamer in actions/attest-build-provenance#692

⚠️ Minimum Compatible Runner Version

v2.327.1 Release Notes

Make sure your runner is updated to this version or newer to use this release.

Full Changelog: actions/attest-build-provenance@v2.4.0...v3.0.0

v2.4.0

What's Changed

• Bump undici from 5.28.5 to 5.29.0 by @​dependabot in actions/attest-build-provenance#633
• Bump actions/attest from 2.3.0 to 2.4.0 by @​bdehamer in actions/attest-build-provenance#654
  • Includes support for the new well-known summary file which will accumulate paths to all attestations generated in a given workflow run

Full Changelog: actions/attest-build-provenance@v2.3.0...v2.4.0

v2.3.0

What's Changed

• Bump actions/attest from 2.2.1 to 2.3.0 by @​bdehamer in actions/attest-build-provenance#615
  • Updates @sigstore/oci from 0.4.0 to 0.5.0

Full Changelog: actions/attest-build-provenance@v2.2.3...v2.3.0

Commits

• 977bb37 bump attest-build-provenance/predicate to v2.0.0 (#693)
• 864457a Bump to node24 runtime (#692)
• 57aa2b0 bump actions/attest from v2.4.0 to v3.0.0 (#691)
• 8ee7163 refactor eslint config (#690)
• 91ca1c2 Bump actions/checkout from 4.1.1 to 5.0.0 (#684)
• ff19f40 custom node max-http-header-size (#687)
• 8bd83f1 pin workflow deps (#683)
• f0878de Bump the npm-development group with 4 updates (#681)
• 463e6df Bump the npm-development group with 3 updates (#678)
• fef91c1 Bump the npm-development group with 6 updates (#673)
• Additional commits viewable in compare view

Updates anchore/scan-action from 6.1.0 to 7.0.0

Release notes

Sourced from anchore/scan-action's releases.

v7.0.0

New in scan-action v7.0.0

• chore(deps): update Grype to v0.100.0 (#516)

v6.5.1

New in scan-action v6.5.1

• Update Grype to v0.97.1 (#495)

v6.5.0

New in scan-action v6.5.0

• Update Grype to v0.96.1 (#493) [[anchore-actions-token-generator[bot]](https://github.com/[anchore-actions-token-generator[bot]](https://github.com/apps/anchore-actions-token-generator))]
• fix: output stderr for nonzero exit code (#491) [kzantow]

v6.4.0

New in scan-action v6.4.0

• Update Grype to v0.95.0 (#486)
• chore(deps-dev): bump eslint from 9.30.0 to 9.30.1 (#485)
• chore(deps-dev): bump lint-staged from 16.1.0 to 16.1.2 (#476)
• chore(deps-dev): bump jest from 30.0.0 to 30.0.3 (#481)
• chore(deps-dev): bump prettier from 3.5.3 to 3.6.2 (#483)
• chore(deps-dev): bump eslint from 9.28.0 to 9.30.0 (#484)

v6.3.0

New in scan-action v6.3.0

• Update Grype to v0.94.0 (#470)

v6.2.0

New in scan-action v6.2.0

• feat: update Scan action to use grype db v6 (#462) [spiffcs]

Commits

• f660128 chore(deps): update Grype to v0.100.0 (#516)
• ac86363 chore(deps-dev): bump jest from 30.0.5 to 30.1.3 (#512)
• 046620b chore(deps-dev): bump lint-staged from 16.1.5 to 16.1.6 (#511)
• 3c2456f chore(deps): bump actions/setup-node from 4.4.0 to 5.0.0 (#514)
• d71ad1a chore(deps-dev): bump eslint from 9.33.0 to 9.35.0 (#515)
• 6d57c16 chore: bump Grype version to 0.99.1 (#513)
• d5c127d chore(deps): update Grype to v0.98.0 (#505)
• 9e5cfda chore(deps): bump actions/checkout from 4.2.2 to 5.0.0 (#502)
• 4538f8a chore(deps): update Grype to v0.97.2 (#499)
• e07c35e chore(deps-dev): bump eslint from 9.32.0 to 9.33.0 (#500)
• Additional commits viewable in compare view

Updates actions/labeler from 5 to 6

Release notes

Sourced from actions/labeler's releases.

v6.0.0

What's Changed

• Add workflow file...

  Description has been truncated

[github-actions]

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.