Bump anchore/scan-action from 6 to 7 in the github-actions group across 1 directory (#18195)

* Bump anchore/scan-action in the github-actions group across 1 directory

Bumps the github-actions group with 1 update in the / directory: [anchore/scan-action](https://github.com/anchore/scan-action).


Updates `anchore/scan-action` from 6 to 7
- [Release notes](https://github.com/anchore/scan-action/releases)
- [Changelog](https://github.com/anchore/scan-action/blob/main/RELEASE.md)
- [Commits](anchore/scan-action@v6...v7)

---
updated-dependencies:
- dependency-name: anchore/scan-action
  dependency-version: '7'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions
...

Signed-off-by: dependabot[bot] <[email protected]>

* Use commit instead of tag on non trusted action

---------

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: fr4nc1sc0.r4m0n <[email protected]>

Author: dependabot[bot]

.github/workflows/critical_vulnerability_scan.yml

@@ -17,7 +17,7 @@ jobs:
       - run: tar -zxf ../build/logstash-*.tar.gz
         working-directory: ./scan
       - name: scan image
-        uses: anchore/scan-action@v6
+        uses: anchore/scan-action@f6601287cdb1efc985d6b765bbf99cb4c0ac29d8 # v7.0.0
         with:
           path: "./scan"
           fail-build: true