Bump the actions-deps group across 1 directory with 2 updates (#1299)

dependabot[bot] · web-flow · commit 1afde8ec6e7c · 2025-07-14T11:14:56.000+02:00
Signed-off-by: dependabot[bot] &lt;support@github.com&gt;
Co-authored-by: dependabot[bot] &lt;49699333+dependabot[bot]@users.noreply.github.com&gt;
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -230,7 +230,7 @@ jobs:
           echo "path=${{ steps.binary.outputs.path }}.gz" >> ${{ runner.os == 'Windows' && '$ENV:GITHUB_OUTPUT' || '$GITHUB_OUTPUT' }}
       - if: github.ref == 'refs/heads/main'
         name: Upload release
-        uses: svenstaro/upload-release-action@ebd922b779f285dafcac6410a0710daee9c12b82 # v2
+        uses: svenstaro/upload-release-action@81c65b7cd4de9b2570615ce3aad67a41de5b1a13 # v2
         with:
           repo_token: ${{ secrets.BOT_GITHUB_TOKEN }}
           tag: hive-gateway@${{ steps.ver-gateway.outputs.result }}
diff --git a/.github/workflows/test.yml b/.github/workflows/test.yml
@@ -231,7 +231,7 @@ jobs:
           # we must load so that the created image can be scanned
           load: true
       - name: Scan
-        uses: aquasecurity/trivy-action@76071ef0d7ec797419534a183b498b4d6366cf37 # 0.31.0
+        uses: aquasecurity/trivy-action@dc5a429b52fcf669ce959baa2c2dd26090d2a6c4 # 0.32.0
         with:
           image-ref: ghcr.io/graphql-hive/gateway:e2e${{ matrix.runtime == 'Bun' && '-bun' || '' }}
           format: table
