From de27ea02c59e184f1fad299811e3c1c796f093f1 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 10 Nov 2025 15:03:16 +0000
Subject: [PATCH 1/5] build(deps): bump commons-io:commons-io from 2.20.0 to
 2.21.0 (#4852)

Bumps [commons-io:commons-io](https://github.com/apache/commons-io) from
2.20.0 to 2.21.0.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/apache/commons-io/blob/master/RELEASE-NOTES.txt">commons-io:commons-io's
changelog</a>.</em></p>
<blockquote>
<p>Apache Commons IO 2.21.0 Release Notes</p>
<p>The Apache Commons IO team is pleased to announce the release of
Apache Commons IO 2.21.0.</p>
<h2>Introduction</h2>
<p>The Apache Commons IO library contains utility classes, stream
implementations, file filters,
file comparators, endian transformation classes, and much more.</p>
<p>Version 2.21.0: Java 8 or later is required.</p>
<h2>New features</h2>
<p>o FileUtils#byteCountToDisplaySize() supports Zettabyte, Yottabyte,
Ronnabyte and Quettabyte <a
href="https://redirect.github.com/apache/commons-io/issues/763">#763</a>.
Thanks to strangelookingnerd, Gary Gregory.
o Add org.apache.commons.io.FileUtils.ONE_RB <a
href="https://redirect.github.com/apache/commons-io/issues/763">#763</a>.
Thanks to strangelookingnerd, Gary Gregory.
o Add org.apache.commons.io.FileUtils.ONE_QB <a
href="https://redirect.github.com/apache/commons-io/issues/763">#763</a>.
Thanks to strangelookingnerd, Gary Gregory.
o Add org.apache.commons.io.output.ProxyOutputStream.writeRepeat(byte[],
int, int, long). Thanks to Gary Gregory.
o Add org.apache.commons.io.output.ProxyOutputStream.writeRepeat(byte[],
long). Thanks to Gary Gregory.
o Add org.apache.commons.io.output.ProxyOutputStream.writeRepeat(int,
long). Thanks to Gary Gregory.
o Add length unit support in FileSystem limits. Thanks to Piotr P.
Karwasz.
o Add IOUtils.toByteArray(InputStream, int, int) for safer chunked
reading with size validation. Thanks to Piotr P. Karwasz.
o Add org.apache.commons.io.file.PathUtils.getPath(String, String).
Thanks to Gary Gregory.
o Add org.apache.commons.io.channels.ByteArraySeekableByteChannel.
Thanks to Gary Gregory.
o          Add IOIterable.asIterable(). Thanks to Gary Gregory.
o Add NIO channel support to <code>AbstractStreamBuilder</code>. Thanks
to Piotr P. Karwasz.
o Add CloseShieldChannel to close-shielded NIO Channels <a
href="https://redirect.github.com/apache/commons-io/issues/786">#786</a>.
Thanks to Piotr P. Karwasz.
o Added IOUtils.checkFromIndexSize as a Java 8 backport of
Objects.checkFromIndexSize <a
href="https://redirect.github.com/apache/commons-io/issues/790">#790</a>.
Thanks to Piotr P. Karwasz.</p>
<h2>Fixed Bugs</h2>
<p>o When testing on Java 21 and up, enable
-XX:+EnableDynamicAgentLoading. Thanks to Gary Gregory.
o When testing on Java 24 and up, don't fail FileUtilsListFilesTest for
a different behavior in the JRE. Thanks to Gary Gregory.
o ValidatingObjectInputStream does not validate dynamic proxy
interfaces. Thanks to Stanislav Fort, Gary Gregory.
o BoundedInputStream.getRemaining() now reports Long.MAX_VALUE instead
of 0 when no limit is set. Thanks to Piotr P. Karwasz.
o BoundedInputStream.available() correctly accounts for the maximum read
limit. Thanks to Piotr P. Karwasz.
o Deprecate IOUtils.readFully(InputStream, int) in favor of
toByteArray(InputStream, int). Thanks to Gary Gregory, Piotr P. Karwasz.
o IOUtils.toByteArray(InputStream) now throws IOException on byte array
overflow. Thanks to Piotr P. Karwasz.
o Javadoc general improvements. Thanks to Gary Gregory, Piotr P.
Karwasz.
o IOUtils.toByteArray() now throws EOFException when not enough data is
available <a
href="https://redirect.github.com/apache/commons-io/issues/796">#796</a>.
Thanks to Piotr P. Karwasz.
o Fix IOUtils.skip() usage in concurrent scenarios. Thanks to Piotr P.
Karwasz.
o [javadoc] Fix XmlStreamReader Javadoc to indicate the correct class
that is built <a
href="https://redirect.github.com/apache/commons-io/issues/806">#806</a>.
Thanks to J Hawkins.</p>
<h2>Changes</h2>
<p>o Bump org.apache.commons:commons-parent from 85 to 91 <a
href="https://redirect.github.com/apache/commons-io/issues/774">#774</a>,
<a
href="https://redirect.github.com/apache/commons-io/issues/783">#783</a>,
<a
href="https://redirect.github.com/apache/commons-io/issues/808">#808</a>.
Thanks to Gary Gregory, Dependabot.</p>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/apache/commons-io/commit/54073d3b5fdd2985b98a48040ede95eb59c7ee53"><code>54073d3</code></a>
Prepare for the release candidate 2.21.0 RC1</li>
<li><a
href="https://github.com/apache/commons-io/commit/f141f09d91368543e4f0754cbd649c484768c55c"><code>f141f09</code></a>
Prepare for the next release candidate</li>
<li><a
href="https://github.com/apache/commons-io/commit/adcf1350152faf4dbd8cf53fb2f2649f25dbe227"><code>adcf135</code></a>
Add license header</li>
<li><a
href="https://github.com/apache/commons-io/commit/0f499d060adbd4b36bbd9f47393a7ea6af8149ff"><code>0f499d0</code></a>
Use new oak logo</li>
<li><a
href="https://github.com/apache/commons-io/commit/34a961c3ed58ed96c73836db154ae50f0c45110f"><code>34a961c</code></a>
Use HTTPS in URL</li>
<li><a
href="https://github.com/apache/commons-io/commit/9e511181a03096b77c3a4b9c6077a4ac0b56b510"><code>9e51118</code></a>
Use HTTPS in URL</li>
<li><a
href="https://github.com/apache/commons-io/commit/d715865ee705fdb8ed786582bd6bd4ee996b0665"><code>d715865</code></a>
Add dependabot email [skip ci]</li>
<li><a
href="https://github.com/apache/commons-io/commit/3d6a7e113633e1a33ca254d744c3fcbab61663f3"><code>3d6a7e1</code></a>
Javadoc</li>
<li><a
href="https://github.com/apache/commons-io/commit/ad875d566f273f54094b6b872bf9433be9fd86a7"><code>ad875d5</code></a>
Bump actions/upload-artifact from 4.6.2 to 5.0.0 (<a
href="https://redirect.github.com/apache/commons-io/issues/810">#810</a>)</li>
<li><a
href="https://github.com/apache/commons-io/commit/bc01dee31ec0ff10aa0841ff245b770fa1ecfade"><code>bc01dee</code></a>
Bump github/codeql-action from 4.30.9 to 4.31.2 (<a
href="https://redirect.github.com/apache/commons-io/issues/811">#811</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/apache/commons-io/compare/rel/commons-io-2.20.0...rel/commons-io-2.21.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=commons-io:commons-io&package-manager=gradle&previous-version=2.20.0&new-version=2.21.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 app/core/build.gradle | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/app/core/build.gradle b/app/core/build.gradle
index d12eed6ae..a95fc0051 100644
--- a/app/core/build.gradle
+++ b/app/core/build.gradle
@@ -55,7 +55,7 @@ dependencies {
     implementation project(':common')
     implementation 'org.springframework.boot:spring-boot-starter-jetty'
     implementation 'com.posthog.java:posthog:1.2.0'
-    implementation 'commons-io:commons-io:2.20.0'
+    implementation 'commons-io:commons-io:2.21.0'
     implementation "org.bouncycastle:bcprov-jdk18on:$bouncycastleVersion"
     implementation "org.bouncycastle:bcpkix-jdk18on:$bouncycastleVersion"
     implementation 'io.micrometer:micrometer-core:1.15.5'

From 6281db58c9ec183e5397eac85ebbbfe80308cb49 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 10 Nov 2025 15:03:34 +0000
Subject: [PATCH 2/5] build(deps): bump docker/metadata-action from 5.8.0 to
 5.9.0 (#4851)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Bumps
[docker/metadata-action](https://github.com/docker/metadata-action) from
5.8.0 to 5.9.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/docker/metadata-action/releases">docker/metadata-action's
releases</a>.</em></p>
<blockquote>
<h2>v5.9.0</h2>
<ul>
<li>Add <code>tag-names</code> output to return tag names without image
base name by <a
href="https://github.com/crazy-max"><code>@​crazy-max</code></a> in <a
href="https://redirect.github.com/docker/metadata-action/pull/553">docker/metadata-action#553</a></li>
<li>Bump <code>@​babel/runtime-corejs3</code> from 7.14.7 to 7.28.2 in
<a
href="https://redirect.github.com/docker/metadata-action/pull/539">docker/metadata-action#539</a></li>
<li>Bump <code>@​docker/actions-toolkit</code> from 0.62.1 to 0.66.0 in
<a
href="https://redirect.github.com/docker/metadata-action/pull/555">docker/metadata-action#555</a></li>
<li>Bump brace-expansion from 1.1.11 to 1.1.12 in <a
href="https://redirect.github.com/docker/metadata-action/pull/540">docker/metadata-action#540</a></li>
<li>Bump csv-parse from 5.6.0 to 6.1.0 in <a
href="https://redirect.github.com/docker/metadata-action/pull/532">docker/metadata-action#532</a></li>
<li>Bump semver from 7.7.2 to 7.7.3 in in <a
href="https://redirect.github.com/docker/metadata-action/pull/554">docker/metadata-action#554</a></li>
<li>Bump tmp from 0.2.3 to 0.2.5 in <a
href="https://redirect.github.com/docker/metadata-action/pull/541">docker/metadata-action#541</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/metadata-action/compare/v5.8.0...v5.9.0">https://github.com/docker/metadata-action/compare/v5.8.0...v5.9.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/docker/metadata-action/commit/318604b99e75e41977312d83839a89be02ca4893"><code>318604b</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/metadata-action/issues/539">#539</a>
from docker/dependabot/npm_and_yarn/babel/runtime-cor...</li>
<li><a
href="https://github.com/docker/metadata-action/commit/49c0a55d550aa6a75ca45d794feeed45985039b1"><code>49c0a55</code></a>
chore: update generated content</li>
<li><a
href="https://github.com/docker/metadata-action/commit/486229e3f47b6ee1b8f8222e94b250765d66c21f"><code>486229e</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/metadata-action/issues/558">#558</a>
from crazy-max/fix-dist</li>
<li><a
href="https://github.com/docker/metadata-action/commit/f02aeab1eec44688425e47726ea8f1517e67b6c1"><code>f02aeab</code></a>
chore: fix dist</li>
<li><a
href="https://github.com/docker/metadata-action/commit/beafb973058c84432dbfe5597f50522a763b1203"><code>beafb97</code></a>
chore(deps): Bump <code>@​babel/runtime-corejs3</code> from 7.14.7 to
7.28.2</li>
<li><a
href="https://github.com/docker/metadata-action/commit/3ff819c6c588be1afbd2a366e7d4277a6f657b85"><code>3ff819c</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/metadata-action/issues/557">#557</a>
from crazy-max/yarn-4.9.2</li>
<li><a
href="https://github.com/docker/metadata-action/commit/05838e9769c2d7801f424666843e0d4d5c80b6f3"><code>05838e9</code></a>
update yarn to 4.9.2</li>
<li><a
href="https://github.com/docker/metadata-action/commit/43fa4ac0d33c225d08882e24e3aa49bcea4f135b"><code>43fa4ac</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/metadata-action/issues/556">#556</a>
from crazy-max/dev-deps</li>
<li><a
href="https://github.com/docker/metadata-action/commit/b3120f2f185dcf0a842f81a5550c160d87034a9c"><code>b3120f2</code></a>
chore: update generated content</li>
<li><a
href="https://github.com/docker/metadata-action/commit/1f469d21ee9a749f1501af441c4cb15d7bf409d6"><code>1f469d2</code></a>
update dev dependencies</li>
<li>Additional commits viewable in <a
href="https://github.com/docker/metadata-action/compare/c1e51972afc2121e065aed6d45c65596fe445f3f...318604b99e75e41977312d83839a89be02ca4893">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=docker/metadata-action&package-manager=github_actions&previous-version=5.8.0&new-version=5.9.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 .github/workflows/push-docker.yml | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/push-docker.yml b/.github/workflows/push-docker.yml
index 6f66b051f..704bcccd4 100644
--- a/.github/workflows/push-docker.yml
+++ b/.github/workflows/push-docker.yml
@@ -88,7 +88,7 @@ jobs:
 
       - name: Generate tags
         id: meta
-        uses: docker/metadata-action@c1e51972afc2121e065aed6d45c65596fe445f3f # v5.8.0
+        uses: docker/metadata-action@318604b99e75e41977312d83839a89be02ca4893 # v5.9.0
         if: github.ref != 'refs/heads/main'
         with:
           images: |
@@ -134,7 +134,7 @@ jobs:
 
       - name: Generate tags ultra-lite
         id: meta2
-        uses: docker/metadata-action@c1e51972afc2121e065aed6d45c65596fe445f3f # v5.8.0
+        uses: docker/metadata-action@318604b99e75e41977312d83839a89be02ca4893 # v5.9.0
         if: github.ref != 'refs/heads/main'
         with:
           images: |
@@ -165,7 +165,7 @@ jobs:
 
       - name: Generate tags fat
         id: meta3
-        uses: docker/metadata-action@c1e51972afc2121e065aed6d45c65596fe445f3f # v5.8.0
+        uses: docker/metadata-action@318604b99e75e41977312d83839a89be02ca4893 # v5.9.0
         with:
           images: |
             ${{ secrets.DOCKER_HUB_USERNAME }}/s-pdf

From 6dce5d675cc211319e6701e7a5f6c55b654cc14b Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 10 Nov 2025 15:03:46 +0000
Subject: [PATCH 3/5] build(deps): bump step-security/harden-runner from 2.13.1
 to 2.13.2 (#4853)

Bumps
[step-security/harden-runner](https://github.com/step-security/harden-runner)
from 2.13.1 to 2.13.2.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/step-security/harden-runner/releases">step-security/harden-runner's
releases</a>.</em></p>
<blockquote>
<h2>v2.13.2</h2>
<h2>What's Changed</h2>
<ul>
<li>Fixed an issue where there was a limit of 512 allowed endpoints when
using block egress policy. This restriction has been removed, allowing
for an unlimited number of endpoints to be configured.</li>
<li>Harden Runner now automatically detects if the agent is already
pre-installed on a custom VM image used by a GitHub-hosted runner. When
detected, the action will skip reinstallation and use the existing
agent.</li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/step-security/harden-runner/compare/v2.13.1...v2.13.2">https://github.com/step-security/harden-runner/compare/v2.13.1...v2.13.2</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/step-security/harden-runner/commit/95d9a5deda9de15063e7595e9719c11c38c90ae2"><code>95d9a5d</code></a>
Merge pull request <a
href="https://redirect.github.com/step-security/harden-runner/issues/606">#606</a>
from step-security/rc-28</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/87e429d3fb470bcc827f338e5cce1155ff99c6eb"><code>87e429d</code></a>
Update limitations.md</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/ef891c3a30c3c15c2287ce04b33ec28b6d90a447"><code>ef891c3</code></a>
feat: add support for custom vm image</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/1fa8c8a8b1b523829fe596bfc665d2bc4c0ef835"><code>1fa8c8a</code></a>
update agent</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/92c522aaa6f53af082553dedc1596c80b71aba33"><code>92c522a</code></a>
Merge pull request <a
href="https://redirect.github.com/step-security/harden-runner/issues/593">#593</a>
from step-security/ak-readme-updates</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/4719ad5578c61961f4f70f833580278dea5544de"><code>4719ad5</code></a>
README updates</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/4fde639ab437b75bf4ecb52bbddb23ab0ac00259"><code>4fde639</code></a>
Merge pull request <a
href="https://redirect.github.com/step-security/harden-runner/issues/591">#591</a>
from eromosele-stepsecurity/Upd</li>
<li><a
href="https://github.com/step-security/harden-runner/commit/f682f2f2d06275b6ab30c2a973c1de2fa120e134"><code>f682f2f</code></a>
Update README.md</li>
<li>See full diff in <a
href="https://github.com/step-security/harden-runner/compare/f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a...95d9a5deda9de15063e7595e9719c11c38c90ae2">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=step-security/harden-runner&package-manager=github_actions&previous-version=2.13.1&new-version=2.13.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 .github/workflows/PR-Demo-Comment-with-react.yml |  6 +++---
 .github/workflows/PR-Demo-cleanup.yml            |  2 +-
 .github/workflows/ai_pr_title_review.yml         |  2 +-
 .github/workflows/auto-labelerV2.yml             |  2 +-
 .github/workflows/build.yml                      | 10 +++++-----
 .github/workflows/check_properties.yml           |  2 +-
 .github/workflows/dependency-review.yml          |  2 +-
 .github/workflows/licenses-update.yml            |  2 +-
 .github/workflows/manage-label.yml               |  2 +-
 .github/workflows/multiOSReleases.yml            | 12 ++++++------
 .github/workflows/pre_commit.yml                 |  2 +-
 .github/workflows/push-docker.yml                |  2 +-
 .github/workflows/releaseArtifacts.yml           |  6 +++---
 .github/workflows/scorecards.yml                 |  2 +-
 .github/workflows/stale.yml                      |  2 +-
 .github/workflows/swagger.yml                    |  2 +-
 .github/workflows/sync_files.yml                 |  2 +-
 .github/workflows/testdriver.yml                 |  6 +++---
 18 files changed, 33 insertions(+), 33 deletions(-)

diff --git a/.github/workflows/PR-Demo-Comment-with-react.yml b/.github/workflows/PR-Demo-Comment-with-react.yml
index 68b4ad196..2d241bf89 100644
--- a/.github/workflows/PR-Demo-Comment-with-react.yml
+++ b/.github/workflows/PR-Demo-Comment-with-react.yml
@@ -39,7 +39,7 @@ jobs:
       enable_enterprise: ${{ steps.check-pro-flag.outputs.enable_enterprise }}
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a # v2.13.1
+        uses: step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2 # v2.13.2
         with:
           egress-policy: audit
 
@@ -127,7 +127,7 @@ jobs:
 
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a # v2.13.1
+        uses: step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2 # v2.13.2
         with:
           egress-policy: audit
 
@@ -361,7 +361,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a # v2.13.1
+        uses: step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2 # v2.13.2
         with:
           egress-policy: audit
 
diff --git a/.github/workflows/PR-Demo-cleanup.yml b/.github/workflows/PR-Demo-cleanup.yml
index 47f1e8ed9..5efc9e857 100644
--- a/.github/workflows/PR-Demo-cleanup.yml
+++ b/.github/workflows/PR-Demo-cleanup.yml
@@ -21,7 +21,7 @@ jobs:
 
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a # v2.13.1
+        uses: step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2 # v2.13.2
         with:
           egress-policy: audit
 
diff --git a/.github/workflows/ai_pr_title_review.yml b/.github/workflows/ai_pr_title_review.yml
index 77668d69a..59338bdff 100644
--- a/.github/workflows/ai_pr_title_review.yml
+++ b/.github/workflows/ai_pr_title_review.yml
@@ -19,7 +19,7 @@ jobs:
 
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a # v2.13.1
+        uses: step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2 # v2.13.2
         with:
           egress-policy: audit
 
diff --git a/.github/workflows/auto-labelerV2.yml b/.github/workflows/auto-labelerV2.yml
index e30f99f07..61fefb6fe 100644
--- a/.github/workflows/auto-labelerV2.yml
+++ b/.github/workflows/auto-labelerV2.yml
@@ -16,7 +16,7 @@ jobs:
       pull-requests: write
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a # v2.13.1
+        uses: step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2 # v2.13.2
         with:
           egress-policy: audit
 
diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index f45316472..c0a3b6e32 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -56,7 +56,7 @@ jobs:
 
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a # v2.13.1
+        uses: step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2 # v2.13.2
         with:
           egress-policy: audit
 
@@ -143,7 +143,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a # v2.13.1
+        uses: step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2 # v2.13.2
         with:
           egress-policy: audit
 
@@ -176,7 +176,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a # v2.13.1
+        uses: step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2 # v2.13.2
         with:
           egress-policy: audit
 
@@ -225,7 +225,7 @@ jobs:
 
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a # v2.13.1
+        uses: step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2 # v2.13.2
         with:
           egress-policy: audit
 
@@ -274,7 +274,7 @@ jobs:
         docker-rev: ["Dockerfile", "Dockerfile.ultra-lite", "Dockerfile.fat"]
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a # v2.13.1
+        uses: step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2 # v2.13.2
         with:
           egress-policy: audit
 
diff --git a/.github/workflows/check_properties.yml b/.github/workflows/check_properties.yml
index fd25ebaf9..b68bff54c 100644
--- a/.github/workflows/check_properties.yml
+++ b/.github/workflows/check_properties.yml
@@ -32,7 +32,7 @@ jobs:
       pull-requests: write # Allow writing to pull requests
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a # v2.13.1
+        uses: step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2 # v2.13.2
         with:
           egress-policy: audit
 
diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml
index 49aa24fd9..88c0a40d5 100644
--- a/.github/workflows/dependency-review.yml
+++ b/.github/workflows/dependency-review.yml
@@ -17,7 +17,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a # v2.13.1
+        uses: step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2 # v2.13.2
         with:
           egress-policy: audit
 
diff --git a/.github/workflows/licenses-update.yml b/.github/workflows/licenses-update.yml
index 613a8219b..15127b302 100644
--- a/.github/workflows/licenses-update.yml
+++ b/.github/workflows/licenses-update.yml
@@ -31,7 +31,7 @@ jobs:
       repository-projects: write # Required for enabling automerge
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a # v2.13.1
+        uses: step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2 # v2.13.2
         with:
           egress-policy: audit
 
diff --git a/.github/workflows/manage-label.yml b/.github/workflows/manage-label.yml
index d480249f2..e59757822 100644
--- a/.github/workflows/manage-label.yml
+++ b/.github/workflows/manage-label.yml
@@ -15,7 +15,7 @@ jobs:
       issues: write
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a # v2.13.1
+        uses: step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2 # v2.13.2
         with:
           egress-policy: audit
 
diff --git a/.github/workflows/multiOSReleases.yml b/.github/workflows/multiOSReleases.yml
index 02087c613..201fae4f7 100644
--- a/.github/workflows/multiOSReleases.yml
+++ b/.github/workflows/multiOSReleases.yml
@@ -21,7 +21,7 @@ jobs:
       versionMac: ${{ steps.versionNumberMac.outputs.versionNumberMac }}
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a # v2.13.1
+        uses: step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2 # v2.13.2
         with:
           egress-policy: audit
 
@@ -60,7 +60,7 @@ jobs:
             file_suffix: ""
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a # v2.13.1
+        uses: step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2 # v2.13.2
         with:
           egress-policy: audit
 
@@ -110,7 +110,7 @@ jobs:
             file_suffix: ""
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a # v2.13.1
+        uses: step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2 # v2.13.2
         with:
           egress-policy: audit
 
@@ -148,7 +148,7 @@ jobs:
       contents: write
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a # v2.13.1
+        uses: step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2 # v2.13.2
         with:
           egress-policy: audit
 
@@ -238,7 +238,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a # v2.13.1
+        uses: step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2 # v2.13.2
         with:
           egress-policy: audit
 
@@ -301,7 +301,7 @@ jobs:
       contents: write
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a # v2.13.1
+        uses: step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2 # v2.13.2
         with:
           egress-policy: audit
 
diff --git a/.github/workflows/pre_commit.yml b/.github/workflows/pre_commit.yml
index acd489f5b..8ac469e0f 100644
--- a/.github/workflows/pre_commit.yml
+++ b/.github/workflows/pre_commit.yml
@@ -21,7 +21,7 @@ jobs:
       pull-requests: write
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a # v2.13.1
+        uses: step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2 # v2.13.2
         with:
           egress-policy: audit
 
diff --git a/.github/workflows/push-docker.yml b/.github/workflows/push-docker.yml
index 704bcccd4..da9a85b2e 100644
--- a/.github/workflows/push-docker.yml
+++ b/.github/workflows/push-docker.yml
@@ -30,7 +30,7 @@ jobs:
       id-token: write
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a # v2.13.1
+        uses: step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2 # v2.13.2
         with:
           egress-policy: audit
 
diff --git a/.github/workflows/releaseArtifacts.yml b/.github/workflows/releaseArtifacts.yml
index 0577bb96e..24cce9d08 100644
--- a/.github/workflows/releaseArtifacts.yml
+++ b/.github/workflows/releaseArtifacts.yml
@@ -23,7 +23,7 @@ jobs:
       version: ${{ steps.versionNumber.outputs.versionNumber }}
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a # v2.13.1
+        uses: step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2 # v2.13.2
         with:
           egress-policy: audit
 
@@ -83,7 +83,7 @@ jobs:
             file_suffix: ""
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a # v2.13.1
+        uses: step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2 # v2.13.2
         with:
           egress-policy: audit
 
@@ -161,7 +161,7 @@ jobs:
             file_suffix: ""
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a # v2.13.1
+        uses: step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2 # v2.13.2
         with:
           egress-policy: audit
 
diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml
index b764dd675..a7999e14f 100644
--- a/.github/workflows/scorecards.yml
+++ b/.github/workflows/scorecards.yml
@@ -34,7 +34,7 @@ jobs:
 
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a # v2.13.1
+        uses: step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2 # v2.13.2
         with:
           egress-policy: audit
 
diff --git a/.github/workflows/stale.yml b/.github/workflows/stale.yml
index c3c0b110a..e6bf2b78b 100644
--- a/.github/workflows/stale.yml
+++ b/.github/workflows/stale.yml
@@ -16,7 +16,7 @@ jobs:
       pull-requests: write
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a # v2.13.1
+        uses: step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2 # v2.13.2
         with:
           egress-policy: audit
 
diff --git a/.github/workflows/swagger.yml b/.github/workflows/swagger.yml
index 16f0a3088..64df21429 100644
--- a/.github/workflows/swagger.yml
+++ b/.github/workflows/swagger.yml
@@ -26,7 +26,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a # v2.13.1
+        uses: step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2 # v2.13.2
         with:
           egress-policy: audit
 
diff --git a/.github/workflows/sync_files.yml b/.github/workflows/sync_files.yml
index 1233ac701..827b38f86 100644
--- a/.github/workflows/sync_files.yml
+++ b/.github/workflows/sync_files.yml
@@ -36,7 +36,7 @@ jobs:
       PIP_DISABLE_PIP_VERSION_CHECK: "1"
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a # v2.13.1
+        uses: step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2 # v2.13.2
         with:
           egress-policy: audit
 
diff --git a/.github/workflows/testdriver.yml b/.github/workflows/testdriver.yml
index cd2cedb25..fb901e5e8 100644
--- a/.github/workflows/testdriver.yml
+++ b/.github/workflows/testdriver.yml
@@ -24,7 +24,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a # v2.13.1
+        uses: step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2 # v2.13.2
         with:
           egress-policy: audit
 
@@ -139,7 +139,7 @@ jobs:
 
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a # v2.13.1
+        uses: step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2 # v2.13.2
         with:
           egress-policy: audit
 
@@ -175,7 +175,7 @@ jobs:
 
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@f4a75cfd619ee5ce8d5b864b0d183aff3c69b55a # v2.13.1
+        uses: step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2 # v2.13.2
         with:
           egress-policy: audit
 

From 5535e5003d083c029571326a7169298a85bc463c Mon Sep 17 00:00:00 2001
From: "stirlingbot[bot]" <195170888+stirlingbot[bot]@users.noreply.github.com>
Date: Mon, 10 Nov 2025 16:19:44 +0000
Subject: [PATCH 4/5] =?UTF-8?q?=F0=9F=A4=96=20format=20everything=20with?=
 =?UTF-8?q?=20pre-commit=20by=20stirlingbot=20(#4839)?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Auto-generated by [create-pull-request][1] with **stirlingbot**

[1]: https://github.com/peter-evans/create-pull-request

Signed-off-by: stirlingbot[bot] <stirlingbot[bot]@users.noreply.github.com>
Co-authored-by: stirlingbot[bot] <195170888+stirlingbot[bot]@users.noreply.github.com>
---
 app/core/src/main/resources/static/js/merge.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/app/core/src/main/resources/static/js/merge.js b/app/core/src/main/resources/static/js/merge.js
index 09a4fe2fc..82a0a0d88 100644
--- a/app/core/src/main/resources/static/js/merge.js
+++ b/app/core/src/main/resources/static/js/merge.js
@@ -179,7 +179,7 @@ function updateFiles() {
       console.warn("updateFiles: Could not find file:", fileNameFromList);
     }
   }
-  
+
   document.getElementById("fileInput-input").files = dataTransfer.files;
   console.log("updateFiles: Updated file input with", dataTransfer.files.length, "files");
 

From 57eb6dbed95a19e4d2cee3a40deb8e7ee5371dda Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 10 Nov 2025 16:52:07 +0000
Subject: [PATCH 5/5] build(deps): bump docker/setup-qemu-action from 3.6.0 to
 3.7.0 (#4854)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Bumps
[docker/setup-qemu-action](https://github.com/docker/setup-qemu-action)
from 3.6.0 to 3.7.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/docker/setup-qemu-action/releases">docker/setup-qemu-action's
releases</a>.</em></p>
<blockquote>
<h2>v3.7.0</h2>
<ul>
<li>Bump <code>@​docker/actions-toolkit</code> from 0.56.0 to 0.67.0 in
<a
href="https://redirect.github.com/docker/setup-qemu-action/pull/217">docker/setup-qemu-action#217</a>
<a
href="https://redirect.github.com/docker/setup-qemu-action/pull/230">docker/setup-qemu-action#230</a></li>
<li>Bump brace-expansion from 1.1.11 to 1.1.12 in <a
href="https://redirect.github.com/docker/setup-qemu-action/pull/220">docker/setup-qemu-action#220</a></li>
<li>Bump form-data from 2.5.1 to 2.5.5 in <a
href="https://redirect.github.com/docker/setup-qemu-action/pull/218">docker/setup-qemu-action#218</a></li>
<li>Bump tmp from 0.2.3 to 0.2.4 in <a
href="https://redirect.github.com/docker/setup-qemu-action/pull/221">docker/setup-qemu-action#221</a></li>
<li>Bump undici from 5.28.4 to 5.29.0 in <a
href="https://redirect.github.com/docker/setup-qemu-action/pull/219">docker/setup-qemu-action#219</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/docker/setup-qemu-action/compare/v3.6.0...v3.7.0">https://github.com/docker/setup-qemu-action/compare/v3.6.0...v3.7.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/docker/setup-qemu-action/commit/c7c53464625b32c7a7e944ae62b3e17d2b600130"><code>c7c5346</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-qemu-action/issues/230">#230</a>
from docker/dependabot/npm_and_yarn/docker/actions-to...</li>
<li><a
href="https://github.com/docker/setup-qemu-action/commit/3a517a1a6f815421d6c0f8ab069bd9cae3024828"><code>3a517a1</code></a>
chore: update generated content</li>
<li><a
href="https://github.com/docker/setup-qemu-action/commit/a5b45edf7e42dbe6d762ad8053bd35a7d336a850"><code>a5b45ed</code></a>
build(deps): bump <code>@​docker/actions-toolkit</code> from 0.62.1 to
0.67.0</li>
<li><a
href="https://github.com/docker/setup-qemu-action/commit/3a64278e93930d340f1caabd280b2e78b36b5032"><code>3a64278</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-qemu-action/issues/220">#220</a>
from docker/dependabot/npm_and_yarn/brace-expansion-1...</li>
<li><a
href="https://github.com/docker/setup-qemu-action/commit/94906ba253608103ef32875025dd58d7f74e2716"><code>94906ba</code></a>
chore: update generated content</li>
<li><a
href="https://github.com/docker/setup-qemu-action/commit/4027abfd67ddf4bd8f75dbf3bb8bf3b69764ded6"><code>4027abf</code></a>
build(deps): bump brace-expansion from 1.1.11 to 1.1.12</li>
<li><a
href="https://github.com/docker/setup-qemu-action/commit/bee0aaad0f43394cdb4b8756cd994ae278b0667c"><code>bee0aaa</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-qemu-action/issues/221">#221</a>
from docker/dependabot/npm_and_yarn/tmp-0.2.4</li>
<li><a
href="https://github.com/docker/setup-qemu-action/commit/0d7e25756e271776f152e7669522f64f54c5e3e2"><code>0d7e257</code></a>
chore: update generated content</li>
<li><a
href="https://github.com/docker/setup-qemu-action/commit/b86960130e28d1756dfa88e15e28ee5880e893de"><code>b869601</code></a>
build(deps): bump tmp from 0.2.3 to 0.2.4</li>
<li><a
href="https://github.com/docker/setup-qemu-action/commit/3a043edff31c211e56ebb1e00a76ce49a831bd24"><code>3a043ed</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/setup-qemu-action/issues/219">#219</a>
from docker/dependabot/npm_and_yarn/undici-5.29.0</li>
<li>Additional commits viewable in <a
href="https://github.com/docker/setup-qemu-action/compare/29109295f81e9208d7d86ff1c6c12d2833863392...c7c53464625b32c7a7e944ae62b3e17d2b600130">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=docker/setup-qemu-action&package-manager=github_actions&previous-version=3.6.0&new-version=3.7.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 .github/workflows/build.yml       | 2 +-
 .github/workflows/push-docker.yml | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index c0a3b6e32..7da172bbf 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -299,7 +299,7 @@ jobs:
           STIRLING_PDF_DESKTOP_UI: false
 
       - name: Set up QEMU
-        uses: docker/setup-qemu-action@29109295f81e9208d7d86ff1c6c12d2833863392 # v3.6.0
+        uses: docker/setup-qemu-action@c7c53464625b32c7a7e944ae62b3e17d2b600130 # v3.7.0
 
       - name: Set up Docker Buildx
         id: buildx
diff --git a/.github/workflows/push-docker.yml b/.github/workflows/push-docker.yml
index da9a85b2e..1be914500 100644
--- a/.github/workflows/push-docker.yml
+++ b/.github/workflows/push-docker.yml
@@ -80,7 +80,7 @@ jobs:
           password: ${{ github.token }}
 
       - name: Set up QEMU
-        uses: docker/setup-qemu-action@29109295f81e9208d7d86ff1c6c12d2833863392 # v3.6.0
+        uses: docker/setup-qemu-action@c7c53464625b32c7a7e944ae62b3e17d2b600130 # v3.7.0
 
       - name: Convert repository owner to lowercase
         id: repoowner