dependabot[bot] 9fc174d12d Bump actions/dependency-review-action from 4.6.0 to 4.7.0 (#3519) ... Bumps [actions/dependency-review-action](https://github.com/actions/dependency-review-action) from 4.6.0 to 4.7.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/dependency-review-action/releases">actions/dependency-review-action's releases</a>.</em></p> <blockquote> <h2>v4.7.0</h2> <ul> <li>Handle complex license expressions (e.g. <code>MIT AND GPL-2.0</code>) in allow lists (fixes <a href="https://redirect.github.com/actions/dependency-review-action/issues/809">#809</a> and probably others)</li> <li>Replace <code>OTHER</code> in package licenses with <code>LicenseRef-clearlydefined-OTHER</code> so that parsing passes</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="38ecb5b593"><code>38ecb5b</code></a> Merge pull request <a href="https://redirect.github.com/actions/dependency-review-action/issues/929">#929</a> from actions/dangoor/4.7-release</li> <li><a href="0e9e935cc8"><code>0e9e935</code></a> Version 4.7.0 release</li> <li><a href="69d2faa365"><code>69d2faa</code></a> Merge pull request <a href="https://redirect.github.com/actions/dependency-review-action/issues/926">#926</a> from dangoor/dangoor/replace-other</li> <li><a href="7e14978e0e"><code>7e14978</code></a> Merge branch 'actions:main' into dangoor/replace-other</li> <li><a href="8477905b0e"><code>8477905</code></a> Merge pull request <a href="https://redirect.github.com/actions/dependency-review-action/issues/927">#927</a> from dangoor/dangoor/multilicense</li> <li><a href="f3ff3564fa"><code>f3ff356</code></a> Update dist</li> <li><a href="c7565d44ec"><code>c7565d4</code></a> Fix tests and respond to review feedback</li> <li><a href="82299c3bbe"><code>82299c3</code></a> Replace OTHER with a LicenseRef</li> <li><a href="2013ccccfe"><code>2013ccc</code></a> Update type definition for spdx-satisfies</li> <li><a href="3a2b68706a"><code>3a2b687</code></a> Handle complex licenses (e.g. X AND Y)</li> <li>Additional commits viewable in <a href="ce3cf9537a...38ecb5b593">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>		2025-05-13 23:04:45 +01:00
..
auto-labeler.yml	Bump step-security/harden-runner from 2.11.1 to 2.12.0 (#3394)	2025-04-24 10:43:08 +01:00
build.yml	Bump actions/setup-python from 5.5.0 to 5.6.0 (#3410)	2025-04-24 12:35:47 +01:00
check_properties.yml	Bump actions/setup-python from 5.5.0 to 5.6.0 (#3410)	2025-04-24 12:35:47 +01:00
codeql.yml-disabled	Bump: Harden Runner from v2.10.2 to v2.10.3 (#2686)	2025-01-13 22:26:05 +00:00
dependency-review.yml	Bump actions/dependency-review-action from 4.6.0 to 4.7.0 (#3519)	2025-05-13 23:04:45 +01:00
licenses-update.yml	Bump actions/create-github-app-token from 2.0.5 to 2.0.6 (#3475)	2025-05-05 23:23:16 +01:00
manage-label.yml	Bump step-security/harden-runner from 2.11.1 to 2.12.0 (#3394)	2025-04-24 10:43:08 +01:00
multiOSReleases.yml	Bump actions/download-artifact from 4.2.1 to 4.3.0 (#3443)	2025-04-29 11:37:16 +01:00
PR-Demo-cleanup.yml	Bump step-security/harden-runner from 2.11.1 to 2.12.0 (#3394)	2025-04-24 10:43:08 +01:00
PR-Demo-Comment-with-react.yml	Bump actions/create-github-app-token from 2.0.5 to 2.0.6 (#3475)	2025-05-05 23:23:16 +01:00
pre_commit.yml	Bump actions/create-github-app-token from 2.0.5 to 2.0.6 (#3475)	2025-05-05 23:23:16 +01:00
push-docker.yml	Bump docker/build-push-action from 6.15.0 to 6.16.0 (#3442)	2025-04-29 11:38:55 +01:00
releaseArtifacts.yml	Bump actions/download-artifact from 4.2.1 to 4.3.0 (#3443)	2025-04-29 11:37:16 +01:00
scorecards.yml	Bump github/codeql-action from 3.28.16 to 3.28.17 (#3467)	2025-05-03 14:31:44 +01:00
sonarqube.yml	Bump step-security/harden-runner from 2.11.1 to 2.12.0 (#3394)	2025-04-24 10:43:08 +01:00
stale.yml	Bump step-security/harden-runner from 2.11.1 to 2.12.0 (#3394)	2025-04-24 10:43:08 +01:00
swagger.yml	Bump step-security/harden-runner from 2.11.1 to 2.12.0 (#3394)	2025-04-24 10:43:08 +01:00
sync_files.yml	Bump actions/create-github-app-token from 2.0.5 to 2.0.6 (#3475)	2025-05-05 23:23:16 +01:00
testdriver.yml	Bump docker/build-push-action from 6.15.0 to 6.16.0 (#3442)	2025-04-29 11:38:55 +01:00