Bump the actions-dependencies group across 1 directory with 11 updates

[dependabot]

Bumps the actions-dependencies group with 11 updates in the /.github/workflows directory:

Package	From	To
actions/checkout	4.1.1	4.2.2
actions/deploy-pages	4.0.3	4.0.5
seanmiddleditch/gha-setup-ninja	5	6
actions/upload-artifact	4.3.1	4.6.2
actions/setup-python	5.0.0	5.5.0
github/codeql-action	3.23.2	3.28.15
actions/download-artifact	4.1.8	4.2.1
actions/upload-pages-artifact	3.0.0	3.0.1
TheMrMilchmann/setup-msvc-dev	3.0.0	3.0.1
aquasecurity/trivy-action	0.17.0	0.30.0
ossf/scorecard-action	2.3.1	2.4.1

Updates actions/checkout from 4.1.1 to 4.2.2

Release notes

Sourced from actions/checkout's releases.

v4.2.2

What's Changed

• url-helper.ts now leverages well-known environment variables by @​jww3 in actions/checkout#1941
• Expand unit test coverage for isGhes by @​jww3 in actions/checkout#1946

Full Changelog: actions/checkout@v4.2.1...v4.2.2

v4.2.1

What's Changed

• Check out other refs/* by commit if provided, fall back to ref by @​orhantoy in actions/checkout#1924

New Contributors

• @​Jcambass made their first contribution in actions/checkout#1919

Full Changelog: actions/checkout@v4.2.0...v4.2.1

v4.2.0

What's Changed

• Add Ref and Commit outputs by @​lucacome in actions/checkout#1180
• Dependabot updates in actions/checkout#1777 & actions/checkout#1872

New Contributors

• @​yasonk made their first contribution in actions/checkout#1869
• @​lucacome made their first contribution in actions/checkout#1180

Full Changelog: actions/checkout@v4.1.7...v4.2.0

v4.1.7

What's Changed

• Bump the minor-npm-dependencies group across 1 directory with 4 updates by @​dependabot in actions/checkout#1739
• Bump actions/checkout from 3 to 4 by @​dependabot in actions/checkout#1697
• Check out other refs/* by commit by @​orhantoy in actions/checkout#1774
• Pin actions/checkout's own workflows to a known, good, stable version. by @​jww3 in actions/checkout#1776

New Contributors

• @​orhantoy made their first contribution in actions/checkout#1774

Full Changelog: actions/checkout@v4.1.6...v4.1.7

v4.1.6

What's Changed

• Check platform to set archive extension appropriately by @​cory-miller in actions/checkout#1732
• Update for 4.1.6 release by @​cory-miller in actions/checkout#1733

Full Changelog: actions/checkout@v4.1.5...v4.1.6

v4.1.5

What's Changed

... (truncated)

Changelog

Sourced from actions/checkout's changelog.

Changelog

v4.2.2

• url-helper.ts now leverages well-known environment variables by @​jww3 in actions/checkout#1941
• Expand unit test coverage for isGhes by @​jww3 in actions/checkout#1946

v4.2.1

• Check out other refs/* by commit if provided, fall back to ref by @​orhantoy in actions/checkout#1924

v4.2.0

• Add Ref and Commit outputs by @​lucacome in actions/checkout#1180
• Dependency updates by @​dependabot- actions/checkout#1777, actions/checkout#1872

v4.1.7

• Bump the minor-npm-dependencies group across 1 directory with 4 updates by @​dependabot in actions/checkout#1739
• Bump actions/checkout from 3 to 4 by @​dependabot in actions/checkout#1697
• Check out other refs/* by commit by @​orhantoy in actions/checkout#1774
• Pin actions/checkout's own workflows to a known, good, stable version. by @​jww3 in actions/checkout#1776

v4.1.6

• Check platform to set archive extension appropriately by @​cory-miller in actions/checkout#1732

v4.1.5

• Update NPM dependencies by @​cory-miller in actions/checkout#1703
• Bump github/codeql-action from 2 to 3 by @​dependabot in actions/checkout#1694
• Bump actions/setup-node from 1 to 4 by @​dependabot in actions/checkout#1696
• Bump actions/upload-artifact from 2 to 4 by @​dependabot in actions/checkout#1695
• README: Suggest user.email to be 41898282+github-actions[bot]@users.noreply.github.com by @​cory-miller in actions/checkout#1707

v4.1.4

• Disable extensions.worktreeConfig when disabling sparse-checkout by @​jww3 in actions/checkout#1692
• Add dependabot config by @​cory-miller in actions/checkout#1688
• Bump the minor-actions-dependencies group with 2 updates by @​dependabot in actions/checkout#1693
• Bump word-wrap from 1.2.3 to 1.2.5 by @​dependabot in actions/checkout#1643

v4.1.3

• Check git version before attempting to disable sparse-checkout by @​jww3 in actions/checkout#1656
• Add SSH user parameter by @​cory-miller in actions/checkout#1685
• Update actions/checkout version in update-main-version.yml by @​jww3 in actions/checkout#1650

v4.1.2

• Fix: Disable sparse checkout whenever sparse-checkout option is not present @​dscho in actions/checkout#1598

v4.1.1

• Correct link to GitHub Docs by @​peterbe in actions/checkout#1511
• Link to release page from what's new section by @​cory-miller in actions/checkout#1514

v4.1.0

• Add support for partial checkout filters

... (truncated)

Commits

• 11bd719 Prepare 4.2.2 Release (#1953)
• e3d2460 Expand unit test coverage (#1946)
• 163217d url-helper.ts now leverages well-known environment variables. (#1941)
• eef6144 Prepare 4.2.1 release (#1925)
• 6b42224 Add workflow file for publishing releases to immutable action package (#1919)
• de5a000 Check out other refs/* by commit if provided, fall back to ref (#1924)
• d632683 Prepare 4.2.0 release (#1878)
• 6d193bf Bump braces from 3.0.2 to 3.0.3 (#1777)
• db0cee9 Bump the minor-npm-dependencies group across 1 directory with 4 updates (#1872)
• b684943 Add Ref and Commit outputs (#1180)
• Additional commits viewable in compare view

Updates actions/deploy-pages from 4.0.3 to 4.0.5

Release notes

Sourced from actions/deploy-pages's releases.

v4.0.5

Changelog

• On API error, the error message will surface the API request ID @​TooManyBees (#324)
• Bump the non-breaking-changes group with 2 updates @​dependabot (#318)
• Bump the non-breaking-changes group with 1 update @​dependabot (#316)
• Bump the non-breaking-changes group with 3 updates @​dependabot (#314)
• Bump release-drafter/release-drafter from 5.25.0 to 6.0.0 @​dependabot (#311)

---

See details of all code changes since previous release.

⚠️ For use with products other than GitHub.com, such as GitHub Enterprise Server, please consult the compatibility table.

v4.0.4

Changelog

• Update api-client.js @​lmammino (#295)
• fix typo: compatibilty -> compatibility @​SimonSiefke (#298)
• Bump @​actions/artifact from 2.0.1 to 2.1.1 @​dependabot (#310)
• Update Dependabot config to group non-breaking changes @​JamesMGreene (#307)

---

See details of all code changes since previous release.

⚠️ For use with products other than GitHub.com, such as GitHub Enterprise Server, please consult the compatibility table.

Commits

• d6db901 Merge pull request #324 from actions/error-message-request-id
• 055f425 compile changes
• 5ab929b Include request id in the error message of an error response
• 3ff795b Merge pull request #318 from actions/dependabot/npm_and_yarn/non-breaking-cha...
• f5a2f0d Update distributables after Dependabot 🤖
• 1364cde Bump the non-breaking-changes group with 2 updates
• 2ed07f7 Merge pull request #316 from actions/dependabot/npm_and_yarn/non-breaking-cha...
• d5a892b Bump the non-breaking-changes group with 1 update
• 05977f5 Merge pull request #314 from actions/dependabot/npm_and_yarn/non-breaking-cha...
• 9414024 Update distributables after Dependabot 🤖
• Additional commits viewable in compare view

Updates seanmiddleditch/gha-setup-ninja from 5 to 6

Release notes

Sourced from seanmiddleditch/gha-setup-ninja's releases.

v6

• Support and default to ninja 1.12.1
• Support Windows and Linux 64-bit ARM builds of ninja
  • Added winarm64 and linux-aarch64 options to platform input
• Update dependencies

Commits

• 3b1f8f9 Bump undici from 5.28.4 to 5.28.5 (#33)
• 7fa4bc0 matrix: include: v1.12.1 on ubuntu-24.04-arm (#34)
• 78f0be8 Add Ninja 1.12.1 support, including improved platform detection (#29)
• d3403b5 Add Ninja v1.12.1 to the testing (#32)
• See full diff in compare view

Updates actions/upload-artifact from 4.3.1 to 4.6.2

Release notes

Sourced from actions/upload-artifact's releases.

v4.6.2

What's Changed

• Update to use artifact 2.3.2 package & prepare for new upload-artifact release by @​salmanmkc in actions/upload-artifact#685

New Contributors

• @​salmanmkc made their first contribution in actions/upload-artifact#685

Full Changelog: actions/upload-artifact@v4...v4.6.2

v4.6.1

What's Changed

• Update to use artifact 2.2.2 package by @​yacaovsnc in actions/upload-artifact#673

Full Changelog: actions/upload-artifact@v4...v4.6.1

v4.6.0

What's Changed

• Expose env vars to control concurrency and timeout by @​yacaovsnc in actions/upload-artifact#662

Full Changelog: actions/upload-artifact@v4...v4.6.0

v4.5.0

What's Changed

• fix: deprecated Node.js version in action by @​hamirmahal in actions/upload-artifact#578
• Add new artifact-digest output by @​bdehamer in actions/upload-artifact#656

New Contributors

• @​hamirmahal made their first contribution in actions/upload-artifact#578
• @​bdehamer made their first contribution in actions/upload-artifact#656

Full Changelog: actions/upload-artifact@v4.4.3...v4.5.0

v4.4.3

What's Changed

• Undo indirect dependency updates from #627 by @​joshmgross in actions/upload-artifact#632

Full Changelog: actions/upload-artifact@v4.4.2...v4.4.3

v4.4.2

What's Changed

• Bump @actions/artifact to 2.1.11 by @​robherley in actions/upload-artifact#627
  • Includes fix for relative symlinks not resolving properly

Full Changelog: actions/upload-artifact@v4.4.1...v4.4.2

v4.4.1

... (truncated)

Commits

• ea165f8 Merge pull request #685 from salmanmkc/salmanmkc/3-new-upload-artifacts-release
• 0839620 Prepare for new release of actions/upload-artifact with new toolkit cache ver...
• 4cec3d8 Merge pull request #673 from actions/yacaovsnc/artifact_2.2.2
• e9fad96 license cache update for artifact
• b26fd06 Update to use artifact 2.2.2 package
• 65c4c4a Merge pull request #662 from actions/yacaovsnc/add_variable_for_concurrency_a...
• 0207619 move files back to satisfy licensed ci
• 1ecca81 licensed cache updates
• 9742269 Expose env vars to controll concurrency and timeout
• 6f51ac0 Merge pull request #656 from bdehamer/bdehamer/artifact-digest
• Additional commits viewable in compare view

Updates actions/setup-python from 5.0.0 to 5.5.0

Release notes

Sourced from actions/setup-python's releases.

v5.5.0

What's Changed

Enhancements:

• Support free threaded Python versions like '3.13t' by @​colesbury in actions/setup-python#973
• Enhance Workflows: Include ubuntu-arm runners, Add e2e Testing for free threaded and Upgrade @​action/cache from 4.0.0 to 4.0.3 by @​priya-kinthali in actions/setup-python#1056
• Add support for .tool-versions file in setup-python by @​mahabaleshwars in actions/setup-python#1043

Bug fixes:

• Fix architecture for pypy on Linux ARM64 by @​mayeut in actions/setup-python#1011 This update maps arm64 to aarch64 for Linux ARM64 PyPy installations.

Dependency updates:

• Upgrade @​vercel/ncc from 0.38.1 to 0.38.3 by @​dependabot in actions/setup-python#1016
• Upgrade @​actions/glob from 0.4.0 to 0.5.0 by @​dependabot in actions/setup-python#1015

New Contributors

• @​colesbury made their first contribution in actions/setup-python#973
• @​mahabaleshwars made their first contribution in actions/setup-python#1043

Full Changelog: actions/setup-python@v5...v5.5.0

v5.4.0

What's Changed

Enhancements:

• Update cache error message by @​aparnajyothi-y in actions/setup-python#968
• Enhance Workflows: Add Ubuntu-24, Remove Python 3.8 by @​priya-kinthali in actions/setup-python#985
• Configure Dependabot settings by @​HarithaVattikuti in actions/setup-python#1008

Documentation changes:

• Readme update - recommended permissions by @​benwells in actions/setup-python#1009
• Improve Advanced Usage examples by @​lrq3000 in actions/setup-python#645

Dependency updates:

• Upgrade undici from 5.28.4 to 5.28.5 by @​dependabot in actions/setup-python#1012
• Upgrade urllib3 from 1.25.9 to 1.26.19 in /tests/data by @​dependabot in actions/setup-python#895
• Upgrade actions/publish-immutable-action from 0.0.3 to 0.0.4 by @​dependabot in actions/setup-python#1014
• Upgrade @actions/http-client from 2.2.1 to 2.2.3 by @​dependabot in actions/setup-python#1020
• Upgrade requests from 2.24.0 to 2.32.2 in /tests/data by @​dependabot in actions/setup-python#1019
• Upgrade @actions/cache to ^4.0.0 by @​priyagupta108 in actions/setup-python#1007

New Contributors

• @​benwells made their first contribution in actions/setup-python#1009
• @​HarithaVattikuti made their first contribution in actions/setup-python#1008
• @​lrq3000 made their first contribution in actions/setup-python#645

Full Changelog: actions/setup-python@v5...v5.4.0

v5.3.0

What's Changed

• Add workflow file for publishing releases to immutable action package by @​Jcambass in actions/setup-python#941
• Upgrade IA publish by @​Jcambass in actions/setup-python#943

Bug Fixes:

• Normalise Line Endings to Ensure Cross-Platform Consistency by @​priya-kinthali in actions/setup-python#938
• Revise isGhes logic by @​jww3 in actions/setup-python#963

... (truncated)

Commits

• 8d9ed9a Add e2e Testing for free threaded and Bump @​action/cache from 4.0.0 to 4.0.3 ...
• 19e4675 Add support for .tool-versions file in setup-python (#1043)
• 6fd11e1 Bump @​actions/glob from 0.4.0 to 0.5.0 (#1015)
• 9e62be8 Support free threaded Python versions like '3.13t' (#973)
• 6ca8e85 Bump @​vercel/ncc from 0.38.1 to 0.38.3 (#1016)
• 8039c45 fix: install PyPy on Linux ARM64 (#1011)
• 4237552 Improve Advanced Usage examples (#645)
• 709bfa5 Bump requests from 2.24.0 to 2.32.2 in /tests/data (#1019)
• ceb20b2 Bump @​actions/http-client from 2.2.1 to 2.2.3 (#1020)
• 0dc2d2c Bump actions/publish-immutable-action from 0.0.3 to 0.0.4 (#1014)
• Additional commits viewable in compare view

Updates github/codeql-action from 3.23.2 to 3.28.15

Release notes

Sourced from github/codeql-action's releases.

v3.28.15

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.28.15 - 07 Apr 2025

• Fix bug where the action would fail if it tried to produce a debug artifact with more than 65535 files. #2842

See the full CHANGELOG.md for more information.

v3.28.14

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.28.14 - 07 Apr 2025

• Update default CodeQL bundle version to 2.21.0. #2838

See the full CHANGELOG.md for more information.

v3.28.13

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.28.13 - 24 Mar 2025

No user facing changes.

See the full CHANGELOG.md for more information.

v3.28.12

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.28.12 - 19 Mar 2025

• Dependency caching should now cache more dependencies for Java build-mode: none extractions. This should speed up workflows and avoid inconsistent alerts in some cases.
• Update default CodeQL bundle version to 2.20.7. #2810

See the full CHANGELOG.md for more information.

v3.28.11

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

... (truncated)

Changelog

Sourced from github/codeql-action's changelog.

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

[UNRELEASED]

No user facing changes.

3.28.15 - 07 Apr 2025

• Fix bug where the action would fail if it tried to produce a debug artifact with more than 65535 files. #2842

3.28.14 - 07 Apr 2025

• Update default CodeQL bundle version to 2.21.0. #2838

3.28.13 - 24 Mar 2025

No user facing changes.

3.28.12 - 19 Mar 2025

• Dependency caching should now cache more dependencies for Java build-mode: none extractions. This should speed up workflows and avoid inconsistent alerts in some cases.
• Update default CodeQL bundle version to 2.20.7. #2810

3.28.11 - 07 Mar 2025

• Update default CodeQL bundle version to 2.20.6. #2793

3.28.10 - 21 Feb 2025

• Update default CodeQL bundle version to 2.20.5. #2772
• Address an issue where the CodeQL Bundle would occasionally fail to decompress on macOS. #2768

3.28.9 - 07 Feb 2025

• Update default CodeQL bundle version to 2.20.4. #2753

3.28.8 - 29 Jan 2025

• Enable support for Kotlin 2.1.10 when running with CodeQL CLI v2.20.3. #2744

3.28.7 - 29 Jan 2025

No user facing changes.

3.28.6 - 27 Jan 2025

• Re-enable debug artifact upload for CLI versions 2.20.3 or greater. #2726

... (truncated)

Commits

• 45775bd Merge pull request #2854 from github/update-v3.28.15-a35ae8c38
• dd78aab Update CHANGELOG.md with bug fix details
• e40af59 Update changelog for v3.28.15
• a35ae8c Merge pull request #2843 from github/cklin/diff-informed-compat
• bb59df6 Merge pull request #2842 from github/henrymercer/zip64
• 4b508f5 Merge pull request #2845 from github/mergeback/v3.28.14-to-main-fc7e4a0f
• ca00afb Update checked-in dependencies
• 2969c78 Update changelog and version after v3.28.14
• fc7e4a0 Merge pull request #2844 from github/update-v3.28.14-362ef4ce2
• be0175c Update changelog for v3.28.14
• Additional commits viewable in compare view

Updates actions/download-artifact from 4.1.8 to 4.2.1

Release notes

Sourced from actions/download-artifact's releases.

v4.2.1

What's Changed

• Add unit tests by @​GhadimiR in actions/download-artifact#392
• Fix bug introduced in 4.2.0 by @​GhadimiR in actions/download-artifact#391

Full Changelog: actions/download-artifact@v4.2.0...v4.2.1

v4.2.0

What's Changed

• Update README.md by @​lkfortuna in actions/download-artifact#384
• Bump artifact version, do digest check by @​GhadimiR in actions/download-artifact#383

New Contributors

• @​lkfortuna made their first contribution in actions/download-artifact#384
• @​GhadimiR made their first contribution in actions/download-artifact#383

Full Changelog: actions/download-artifact@v4.1.9...v4.2.0

v4.1.9

What's Changed

• Add workflow file for publishing releases to immutable action package by @​Jcambass in actions/download-artifact#354
• docs: small migration fix by @​froblesmartin in actions/download-artifact#370
• Update MIGRATION.md by @​andyfeller in actions/download-artifact#372
• Update artifact package to 2.2.2 by @​yacaovsnc in actions/download-artifact#380

New Contributors

• @​Jcambass made their first contribution in actions/download-artifact#354
• @​froblesmartin made their first contribution in actions/download-artifact#370
• @​andyfeller made their first contribution in actions/download-artifact#372
• @​yacaovsnc made their first contribution in actions/download-artifact#380

Full Changelog: actions/download-artifact@v4.1.8...v4.1.9

Commits

• 95815c3 Merge pull request #391 from GhadimiR/main
• 278fca4 Move log statements
• 6890984 Merge branch 'main' into main
• f9415c0 Run unit tests in CI
• 76a6eb5 Merge pull request #392 from GhadimiR/add_unit_tests
• a2426d7 Merge branch 'main' into add_unit_tests
• 3ffa694 lint
• 53f6aa5 Add extra assertion to download single artifact test
• b456700 lint
• 9eab798 Configure tsconfig
• Additional commits viewable in compare view

Updates actions/upload-pages-artifact from 3.0.0 to 3.0.1

Release notes

Sourced from actions/upload-pages-artifact's releases.

v3.0.1

Changelog

• Group tar's output to prevent it from messing up action logs @​SilverRainZ (#94)
• Update README.md @​uiolee (#88)
• Bump the non-breaking-changes group with 1 update @​dependabot (#92)
• Update Dependabot config to group non-breaking changes @​JamesMGreene (#91)
• Bump actions/checkout from 3 to 4 @​dependabot (#76)

See details of all code changes since previous release.

Commits

• 56afc60 Merge pull request #94 from SilverRainZ/main
• d12fdfb Merge branch 'main' into main
• aef5542 Merge pull request #88 from uiolee/patch-1
• 29cedd7 Merge branch 'main' into patch-1
• a69c22e Merge pull request #92 from actions/dependabot/github_actions/non-breaking-ch...
• 794e304 Group tar's output to prevent it from messing up logs
• 14007f6 Bump the non-breaking-changes group with 1 update
• 0191170 Merge pull request #91 from actions/dependabot-grouping
• 0e7832d Update Dependabot config to group non-breaking changes
• 1a6d9fa Update README.md
• Additional commits viewable in compare view

Updates TheMrMilchmann/setup-msvc-dev from 3.0.0 to 3.0.1

Release notes

Sourced from TheMrMilchmann/setup-msvc-dev's releases.

3.0.1

Overview

This is a maintenance release only and does not contain any behavioral change.

Commits

• fb19abb Release 3.0.1
• See full diff in compare view

Updates aquasecurity/trivy-action from 0.17.0 to 0.30.0

Release notes

Sourced from aquasecurity/trivy-action's releases.

v0.30.0

What's Changed

• fix: Update default trivy version in README by @​derrix060 in aquasecurity/trivy-action#444
• fix: typo in description of an input for action.yaml by @​yutatokoi in aquasecurity/trivy-action#452
• Improve README/SBOM by @​AB-xdev in aquasecurity/trivy-action#439
• chore: bump trivy to v0.60.0 by @​nikpivkin in aquasecurity/trivy-action#453

New Contributors

• @​derrix060 made their first contribution in aquasecurity/trivy-action#444
• @​yutatokoi made their first contribution in aquasecurity/trivy-action#452
• @​AB-xdev made their first contribution in aquasecurity/trivy-action#439

Full Changelog: aquasecurity/trivy-action@0.29.0...0.30.0

v0.29.0

What's Changed

• feat: Allow skipping setup by @​rvesse in aquasecurity/trivy-action#414
• Fix oras command not found in "Update Trivy Cache" action by @​Tiryoh in aquasecurity/trivy-action#413
• Update README.md by @​simar7 in aquasecurity/trivy-action#420
• feat: add token for setup-trivy by @​DmitriyLewen in aquasecurity/trivy-action#421
• fix: bump setup-trivy and add new contrib directory path info by @​DmitriyLewen in aquasecurity/trivy-action#424
• docs: remove ignore-unfixed from IaC scan example by @​nikpivkin in aquasecurity/trivy-action#429
• chore(deps): Bump trivy to v0.57.1 by @​simar7 in aquasecurity/trivy-action#434

New Contributors

• @​rvesse made their first contribution in aquasecurity/trivy-action#414
• @​Tiryoh made their first contribution in aquasecurity/trivy-action#413

Full Changelog: aquasecurity/trivy-action@0.28.0...0.29.0

v0.28.0

What's Changed

• chore(deps): bump setup-trivy to v0.2.1 by @​DmitriyLewen in aquasecurity/trivy-action#411

Full Changelog: aquasecurity/trivy-action@0.27.0...0.28.0

v0.27.0

What's Changed

• ci: use setup-trivy to install Trivy by @​DmitriyLewen in aquasecurity/trivy-action#406
• chore: update description for scanners and format inputs by @​nikpivkin in aquasecurity/trivy-action#407
• fix: set envs only when passed by @​knqyf263 in aquasecurity/trivy-action#405

Full Changelog: aquasecurity/trivy-action@0.26.0...0.27.0

v0.26.0

What's Changed

• docs: add usage info about action/cache for trivy databases by @​DmitriyLewen in aquasecurity/trivy-action#397
• feat: store artifacts in cache by default by @​knqyf263 in aquasecurity/trivy-action#399

... (truncated)

Commits

• 6c175e9 chore: bump trivy to v0.60.0 (#453)
• 53e8848 Improve README/SBOM (#439)
• ef1b561 fix: typo in description of an input for action.yaml (#452)
• a11da62 fix: Update default ...

  Description has been truncated