From 85c4f897e25769d9abead1c0bf6435b012e1ab6f Mon Sep 17 00:00:00 2001
From: "we-renovate[bot]" <162337394+we-renovate[bot]@users.noreply.github.com>
Date: Mon, 18 Nov 2024 19:48:50 +0000
Subject: [PATCH] fix(deps): update all non-major dependencies

---
 .github/workflows/dockerfile.yml     | 2 +-
 .github/workflows/gradle-library.yml | 4 ++--
 .github/workflows/gradle-service.yml | 8 ++++----
 .github/workflows/play-service.yml   | 2 +-
 .github/workflows/scan-images.yml    | 4 ++--
 5 files changed, 10 insertions(+), 10 deletions(-)

diff --git a/.github/workflows/dockerfile.yml b/.github/workflows/dockerfile.yml
index 86773ad..6610af2 100644
--- a/.github/workflows/dockerfile.yml
+++ b/.github/workflows/dockerfile.yml
@@ -56,7 +56,7 @@ jobs:
           labels: ${{ steps.meta.outputs.labels }}
 
       - name: Vulnerability check
-        uses: wetransform/gha-trivy@ea088b75341e15242000952b7b8c079ea9d85bc6 # v2.3.0
+        uses: wetransform/gha-trivy@c689d5004057e340f147fdcb196450a6b09284f9 # v2.3.1
         with:
           image-ref: "${{ inputs.image }}:${{ inputs.tag }}"
           create-test-report: true
diff --git a/.github/workflows/gradle-library.yml b/.github/workflows/gradle-library.yml
index c7670c2..c7a5099 100644
--- a/.github/workflows/gradle-library.yml
+++ b/.github/workflows/gradle-library.yml
@@ -135,7 +135,7 @@ jobs:
           java-version: ${{ inputs.java-version }}
 
       - name: Setup Gradle
-        uses: gradle/actions/setup-gradle@473878a77f1b98e2b5ac4af93489d1656a80a5ed # v4.2.0
+        uses: gradle/actions/setup-gradle@cc4fc85e6b35bafd578d5ffbc76a5518407e1af0 # v4.2.1
 
       - name: Write dependency lockfile for security scan
         if: ${{ !inputs.skip-scan }}
@@ -199,7 +199,7 @@ jobs:
 
       - name: Vulnerability scan
         if: ${{ !inputs.skip-scan }}
-        uses: wetransform/gha-trivy@ea088b75341e15242000952b7b8c079ea9d85bc6 # v2.3.0
+        uses: wetransform/gha-trivy@c689d5004057e340f147fdcb196450a6b09284f9 # v2.3.1
         with:
           junit-test-output: "${{ inputs.multi-module && 'trivy-gha-scan/build/test-results/trivy.xml' || 'build/test-results/trivy.xml' }}" # added to unit test report
           report-retention-days: 30
diff --git a/.github/workflows/gradle-service.yml b/.github/workflows/gradle-service.yml
index 72c58ca..76856a5 100644
--- a/.github/workflows/gradle-service.yml
+++ b/.github/workflows/gradle-service.yml
@@ -151,7 +151,7 @@ jobs:
           java-version: ${{ inputs.java-version }}
 
       - name: Setup Gradle
-        uses: gradle/actions/setup-gradle@473878a77f1b98e2b5ac4af93489d1656a80a5ed # v4.2.0
+        uses: gradle/actions/setup-gradle@cc4fc85e6b35bafd578d5ffbc76a5518407e1af0 # v4.2.1
 
       - name: Build and test with Gradle
         if: ${{ !inputs.skip-build }}
@@ -219,7 +219,7 @@ jobs:
 
       - name: Vulnerability scan
         if: ${{ !inputs.skip-scan }}
-        uses: wetransform/gha-trivy@ea088b75341e15242000952b7b8c079ea9d85bc6 # v2.3.0
+        uses: wetransform/gha-trivy@c689d5004057e340f147fdcb196450a6b09284f9 # v2.3.1
         with:
           image-ref: 'docker.io/${{ inputs.image-tag }}'
           junit-test-output: "${{ inputs.multi-module && 'trivy-gha-scan/build/test-results/trivy.xml' || 'build/test-results/trivy.xml' }}" # added to unit test report
@@ -227,7 +227,7 @@ jobs:
           report-tag: ${{ inputs.image-tag }}
 
       - name: Vulnerability scan (Image 2)
-        uses: wetransform/gha-trivy@ea088b75341e15242000952b7b8c079ea9d85bc6 # v2.3.0
+        uses: wetransform/gha-trivy@c689d5004057e340f147fdcb196450a6b09284f9 # v2.3.1
         if: ${{ !inputs.skip-scan && inputs.image-tag-2 != '' }}
         with:
           image-ref: 'docker.io/${{ inputs.image-tag-2 }}'
@@ -236,7 +236,7 @@ jobs:
           report-tag: ${{ inputs.image-tag-2 }}
 
       - name: Vulnerability scan (Image 3)
-        uses: wetransform/gha-trivy@ea088b75341e15242000952b7b8c079ea9d85bc6 # v2.3.0
+        uses: wetransform/gha-trivy@c689d5004057e340f147fdcb196450a6b09284f9 # v2.3.1
         if: ${{ !inputs.skip-scan && inputs.image-tag-3 != '' }}
         with:
           image-ref: 'docker.io/${{ inputs.image-tag-3 }}'
diff --git a/.github/workflows/play-service.yml b/.github/workflows/play-service.yml
index 2038a05..cf61c84 100644
--- a/.github/workflows/play-service.yml
+++ b/.github/workflows/play-service.yml
@@ -98,7 +98,7 @@ jobs:
         run: mkdir -p ${{ inputs.junit-test-folder }}
 
       - name: Vulnerability scan
-        uses: wetransform/gha-trivy@ea088b75341e15242000952b7b8c079ea9d85bc6 # v2.3.0
+        uses: wetransform/gha-trivy@c689d5004057e340f147fdcb196450a6b09284f9 # v2.3.1
         with:
           image-ref: 'docker.io/${{ inputs.image-tag }}'
           junit-test-output: "${{ inputs.junit-test-folder }}/trivy.xml" # added to unit test report
diff --git a/.github/workflows/scan-images.yml b/.github/workflows/scan-images.yml
index 1f61fe4..e1db72f 100644
--- a/.github/workflows/scan-images.yml
+++ b/.github/workflows/scan-images.yml
@@ -86,7 +86,7 @@ jobs:
           docker pull ${{ matrix.image }}
 
       - name: Vulnerability scan
-        uses: wetransform/gha-trivy@ea088b75341e15242000952b7b8c079ea9d85bc6 # v2.3.0
+        uses: wetransform/gha-trivy@c689d5004057e340f147fdcb196450a6b09284f9 # v2.3.1
         with:
           image-ref: ${{ matrix.image }}
           create-test-report: ${{ inputs.create-test-report }}
@@ -176,7 +176,7 @@ jobs:
       # Scan merged SBOM for an overview, but trivy fails for mixed OS dependencies, so disabled by default
       - name: Scan merged SBOM
         if: ${{ inputs.merge-sboms && inputs.scan-merged-sbom }}
-        uses: wetransform/gha-trivy@ea088b75341e15242000952b7b8c079ea9d85bc6 # v2.3.0
+        uses: wetransform/gha-trivy@c689d5004057e340f147fdcb196450a6b09284f9 # v2.3.1
         with:
           scan-ref: merged/sbom.json
           create-test-report: false