build(deps): Bump blackduck-inc/black-duck-security-scan from 2.4.0 to 2.5.0 (#1324)

dependabot[bot] · web-flow · commit eeb41c630b7f · 2025-09-29T12:41:13.000+02:00
Bumps [blackduck-inc/black-duck-security-scan](https://github.com/blackduck-inc/black-duck-security-scan) from 2.4.0 to 2.5.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/blackduck-inc/black-duck-security-scan/releases">blackduck-inc/black-duck-security-scan's releases</a>.</em></p> <blockquote> <h2>Black Duck Security Scan v2.5.0</h2> <p>Fail PR For Coverity</p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/blackduck-inc/black-duck-security-scan/commit/b6f87e0cec75fc586a22ce6e076e3b9d691b685a"><code>b6f87e0</code></a> Merge pull request <a href="https://redirect.github.com/blackduck-inc/black-duck-security-scan/issues/117">#117</a> from blackduck-inc/contract-testcase-issue</li> <li><a href="https://github.com/blackduck-inc/black-duck-security-scan/commit/2c3aa567c3873b5c2d836351d2988e3f04548d50"><code>2c3aa56</code></a> Merge branch 'main' of <a href="https://github.com/blackduck-inc/black-duck-security-s">https://github.com/blackduck-inc/black-duck-security-s</a>...</li> <li><a href="https://github.com/blackduck-inc/black-duck-security-scan/commit/47ceb360a990fe51e007b7edb5dec8f358aa646e"><code>47ceb36</code></a> Updated contract 2e2 test case</li> <li><a href="https://github.com/blackduck-inc/black-duck-security-scan/commit/a8f896618034ecd8718cabee811eb7c15c5569cb"><code>a8f8966</code></a> Updated Error message</li> <li><a href="https://github.com/blackduck-inc/black-duck-security-scan/commit/ca30d89672fedb1defdae5e9666f42f5e3f2ba7c"><code>ca30d89</code></a> Merge pull request <a href="https://redirect.github.com/blackduck-inc/black-duck-security-scan/issues/116">#116</a> from blackduck-inc/bridge-download</li> <li><a href="https://github.com/blackduck-inc/black-duck-security-scan/commit/9eeaa301a3259d530af174debcafd90300e00de6"><code>9eeaa30</code></a> Updated regx bridge download format</li> <li><a href="https://github.com/blackduck-inc/black-duck-security-scan/commit/1e666c58405d78fe0a1c56a1ba3a1a6f2bdc0b0d"><code>1e666c5</code></a> Merge pull request <a href="https://redirect.github.com/blackduck-inc/black-duck-security-scan/issues/115">#115</a> from blackduck-inc/action_version_update_2.5.0</li> <li><a href="https://github.com/blackduck-inc/black-duck-security-scan/commit/858b85f7eb5e91056fbc56620652a7d7de4a01a0"><code>858b85f</code></a> upgrade action version to 2.5.0 [skip ci]</li> <li><a href="https://github.com/blackduck-inc/black-duck-security-scan/commit/cbc9aa4c0695733a449e125f593a0afd79e576f3"><code>cbc9aa4</code></a> feat: Fail PR on coverity scan, coverity impacts (<a href="https://redirect.github.com/blackduck-inc/black-duck-security-scan/issues/105">#105</a>)</li> <li>See full diff in <a href="https://github.com/blackduck-inc/black-duck-security-scan/compare/v2.4.0...v2.5.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=blackduck-inc/black-duck-security-scan&package-manager=github_actions&previous-version=2.4.0&new-version=2.5.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
diff --git a/.github/workflows/blackduck.yaml b/.github/workflows/blackduck.yaml
@@ -61,7 +61,7 @@ jobs:
 
       - name: Black Duck Full Scan
         if: ${{ github.event_name != 'pull_request' }}
-        uses: blackduck-inc/black-duck-security-scan@v2.4.0
+        uses: blackduck-inc/black-duck-security-scan@v2.5.0
         with:
           blackducksca_url: ${{ secrets.BLACKDUCK_URL }}
           blackducksca_token: ${{ secrets.BLACKDUCK_API_TOKEN }}
@@ -71,7 +71,7 @@ jobs:
 
       - name: Black Duck PR Scan
         if: ${{ github.event_name == 'pull_request' }}
-        uses: blackduck-inc/black-duck-security-scan@v2.4.0
+        uses: blackduck-inc/black-duck-security-scan@v2.5.0
         env:
           DETECT_PROJECT_VERSION_NAME: ${{ github.base_ref }}
         with:
