From 6b15c754ff1bff7827c7973b64667749d5569357 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 22 Jul 2024 11:29:16 +0000
Subject: [PATCH] build(deps): bump the dependencies group across 1 directory
 with 3 updates

Bumps the dependencies group with 3 updates in the / directory: [github/codeql-action](https://github.com/github/codeql-action), [actions/setup-python](https://github.com/actions/setup-python) and [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action).


Updates `github/codeql-action` from 3.25.11 to 3.25.13
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/b611370bb5703a7efb587f9d136a52ea24c5c38c...2d790406f505036ef40ecba973cc774a50395aac)

Updates `actions/setup-python` from 5.1.0 to 5.1.1
- [Release notes](https://github.com/actions/setup-python/releases)
- [Commits](https://github.com/actions/setup-python/compare/82c7e631bb3cdc910f68e0081d67478d79c6982d...39cd14951b08e74b54015e9e001cdefcf80e669f)

Updates `aquasecurity/trivy-action` from 0.23.0 to 0.24.0
- [Release notes](https://github.com/aquasecurity/trivy-action/releases)
- [Commits](https://github.com/aquasecurity/trivy-action/compare/7c2007bcb556501da015201bcba5aa14069b74e2...6e7b7d1fd3e4fef0c5fa8cce1229c54b2c9bd0d8)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: actions/setup-python
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dependencies
- dependency-name: aquasecurity/trivy-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 .github/workflows/kics.yml                 | 2 +-
 .github/workflows/localdev-chart-test.yaml | 2 +-
 .github/workflows/portal-chart-test.yaml   | 2 +-
 .github/workflows/trivy.yml                | 4 ++--
 4 files changed, 5 insertions(+), 5 deletions(-)

diff --git a/.github/workflows/kics.yml b/.github/workflows/kics.yml
index c7fd274b9..1de7ee6c4 100644
--- a/.github/workflows/kics.yml
+++ b/.github/workflows/kics.yml
@@ -69,6 +69,6 @@ jobs:
       # Upload findings to GitHub Advanced Security Dashboard
       - name: Upload SARIF file for GitHub Advanced Security Dashboard
         if: always()
-        uses: github/codeql-action/upload-sarif@b611370bb5703a7efb587f9d136a52ea24c5c38c # v3.25.11
+        uses: github/codeql-action/upload-sarif@2d790406f505036ef40ecba973cc774a50395aac # v3.25.13
         with:
           sarif_file: kicsResults/results.sarif
diff --git a/.github/workflows/localdev-chart-test.yaml b/.github/workflows/localdev-chart-test.yaml
index 6dffc3ee6..d1487d919 100644
--- a/.github/workflows/localdev-chart-test.yaml
+++ b/.github/workflows/localdev-chart-test.yaml
@@ -62,7 +62,7 @@ jobs:
           version: v3.10.3
 
       # Setup python as a prerequisite for chart linting 
-      - uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d # v5.1.0
+      - uses: actions/setup-python@39cd14951b08e74b54015e9e001cdefcf80e669f # v5.1.1
         with:
           python-version: '3.9'
           check-latest: true
diff --git a/.github/workflows/portal-chart-test.yaml b/.github/workflows/portal-chart-test.yaml
index dbd6ff18f..e0c90ca42 100644
--- a/.github/workflows/portal-chart-test.yaml
+++ b/.github/workflows/portal-chart-test.yaml
@@ -67,7 +67,7 @@ jobs:
           version: v3.10.3
 
       # Setup python as a prerequisite for chart linting 
-      - uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d # v5.1.0
+      - uses: actions/setup-python@39cd14951b08e74b54015e9e001cdefcf80e669f # v5.1.1
         with:
           python-version: '3.9'
           check-latest: true
diff --git a/.github/workflows/trivy.yml b/.github/workflows/trivy.yml
index aaa4cd516..e8c700114 100644
--- a/.github/workflows/trivy.yml
+++ b/.github/workflows/trivy.yml
@@ -50,7 +50,7 @@ jobs:
         uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
 
       - name: Run Trivy vulnerability scanner in repo mode
-        uses: aquasecurity/trivy-action@7c2007bcb556501da015201bcba5aa14069b74e2 # v0.23.0
+        uses: aquasecurity/trivy-action@6e7b7d1fd3e4fef0c5fa8cce1229c54b2c9bd0d8 # v0.24.0
         with:
           scan-type: "config"
           hide-progress: false
@@ -59,7 +59,7 @@ jobs:
           vuln-type: "os,library"
 
       - name: Upload Trivy scan results to GitHub Security tab
-        uses: github/codeql-action/upload-sarif@b611370bb5703a7efb587f9d136a52ea24c5c38c # v3.25.11
+        uses: github/codeql-action/upload-sarif@2d790406f505036ef40ecba973cc774a50395aac # v3.25.13
         if: always()
         with:
           sarif_file: "trivy-results1.sarif"