chore(deps): bump the actions group with 2 updates (#7776)

dependabot[bot] · jjngx · web-flow · commit 172f92eba9fd · 2025-05-14T13:53:30.000Z
Bumps the actions group with 2 updates: [docker/scout-action](https://github.com/docker/scout-action) and [actions/dependency-review-action](https://github.com/actions/dependency-review-action). Updates `docker/scout-action` from 1.17.1 to 1.18.0 - [Release notes](https://github.com/docker/scout-action/releases) - [Commits](docker/scout-action@381b657...c94507b) Updates `actions/dependency-review-action` from 4.7.0 to 4.7.1 - [Release notes](https://github.com/actions/dependency-review-action/releases) - [Commits](actions/dependency-review-action@38ecb5b...da24556) --- updated-dependencies: - dependency-name: docker/scout-action dependency-version: 1.18.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions - dependency-name: actions/dependency-review-action dependency-version: 4.7.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: actions ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Jakub Jarosz <99677300+jjngx@users.noreply.github.com>
diff --git a/.github/workflows/build-oss.yml b/.github/workflows/build-oss.yml
@@ -201,7 +201,7 @@ jobs:
 
       - name: Run Docker Scout vulnerability scanner
         id: docker-scout
-        uses: docker/scout-action@381b657c498a4d287752e7f2cfb2b41823f566d9 # v1.17.1
+        uses: docker/scout-action@c94507b5bf72bd25244caafe9d4dab09fa2d687b # v1.18.0
         with:
           command: cves
           image: ${{ steps.meta.outputs.tags }}
diff --git a/.github/workflows/build-plus.yml b/.github/workflows/build-plus.yml
@@ -222,7 +222,7 @@ jobs:
 
       - name: Run Docker Scout vulnerability scanner
         id: docker-scout
-        uses: docker/scout-action@381b657c498a4d287752e7f2cfb2b41823f566d9 # v1.17.1
+        uses: docker/scout-action@c94507b5bf72bd25244caafe9d4dab09fa2d687b # v1.18.0
         with:
           command: cves
           image: ${{ steps.meta.outputs.tags }}
diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml
@@ -24,7 +24,7 @@ jobs:
         uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
 
       - name: "Dependency Review"
-        uses: actions/dependency-review-action@38ecb5b593bf0eb19e335c03f97670f792489a8b # v4.7.0
+        uses: actions/dependency-review-action@da24556b548a50705dd671f47852072ea4c105d9 # v4.7.1
         with:
           config-file: "nginx/k8s-common/dependency-review-config.yml@main"
           base-ref: ${{ github.event.pull_request.base.sha || github.event.repository.default_branch }}
diff --git a/.github/workflows/image-promotion.yml b/.github/workflows/image-promotion.yml
@@ -450,7 +450,7 @@ jobs:
 
       - name: Run Docker Scout vulnerability scanner
         id: docker-scout
-        uses: docker/scout-action@381b657c498a4d287752e7f2cfb2b41823f566d9 # v1.17.1
+        uses: docker/scout-action@c94507b5bf72bd25244caafe9d4dab09fa2d687b # v1.18.0
         with:
           command: cves
           image: ${{ steps.meta.outputs.tags }}
@@ -539,7 +539,7 @@ jobs:
 
       - name: Run Docker Scout vulnerability scanner
         id: docker-scout
-        uses: docker/scout-action@381b657c498a4d287752e7f2cfb2b41823f566d9 # v1.17.1
+        uses: docker/scout-action@c94507b5bf72bd25244caafe9d4dab09fa2d687b # v1.18.0
         with:
           command: cves
           image: ${{ steps.meta.outputs.tags }}
@@ -635,7 +635,7 @@ jobs:
 
       - name: Run Docker Scout vulnerability scanner
         id: docker-scout
-        uses: docker/scout-action@381b657c498a4d287752e7f2cfb2b41823f566d9 # v1.17.1
+        uses: docker/scout-action@c94507b5bf72bd25244caafe9d4dab09fa2d687b # v1.18.0
         with:
           command: cves
           image: ${{ steps.meta.outputs.tags }}
