deps: bump the production-dependencies group across 1 directory with 5 updates

dependabot[bot] · web-flow · commit 05d8d2e99ed5 · 2026-02-23T13:25:09.000Z
Bumps the production-dependencies group with 5 updates in the / directory: | Package | From | To | | --- | --- | --- | | [dtolnay/rust-toolchain](https://github.com/dtolnay/rust-toolchain) | `f7ccc83f9ed1e5b9c81d8a67d7ad1a747e22a561` | `efa25f7f19611383d5b0ccf2d1c8914531636bf9` | | [docker/build-push-action](https://github.com/docker/build-push-action) | `6.18.0` | `6.19.2` | | [advanced-security/spdx-dependency-submission-action](https://github.com/advanced-security/spdx-dependency-submission-action) | `0.1.2` | `0.2.0` | | [anchore/scan-action](https://github.com/anchore/scan-action) | `7.3.1` | `7.3.2` | | [42ByteLabs/patch-release-me](https://github.com/42bytelabs/patch-release-me) | `0.6.4` | `0.6.5` | Updates `dtolnay/rust-toolchain` from f7ccc83f9ed1e5b9c81d8a67d7ad1a747e22a561 to efa25f7f19611383d5b0ccf2d1c8914531636bf9 - [Release notes](https://github.com/dtolnay/rust-toolchain/releases) - [Commits](dtolnay/rust-toolchain@f7ccc83...efa25f7) Updates `docker/build-push-action` from 6.18.0 to 6.19.2 - [Release notes](https://github.com/docker/build-push-action/releases) - [Commits](docker/build-push-action@2634353...10e90e3) Updates `advanced-security/spdx-dependency-submission-action` from 0.1.2 to 0.2.0 - [Release notes](https://github.com/advanced-security/spdx-dependency-submission-action/releases) - [Commits](advanced-security/spdx-dependency-submission-action@f957edb...169d224) Updates `anchore/scan-action` from 7.3.1 to 7.3.2 - [Release notes](https://github.com/anchore/scan-action/releases) - [Changelog](https://github.com/anchore/scan-action/blob/main/RELEASE.md) - [Commits](anchore/scan-action@8d2fce0...7037fa0) Updates `42ByteLabs/patch-release-me` from 0.6.4 to 0.6.5 - [Release notes](https://github.com/42bytelabs/patch-release-me/releases) - [Commits](42ByteLabs/patch-release-me@ef44b04...6cd166a) --- updated-dependencies: - dependency-name: dtolnay/rust-toolchain dependency-version: efa25f7f19611383d5b0ccf2d1c8914531636bf9 dependency-type: direct:production dependency-group: production-dependencies - dependency-name: docker/build-push-action dependency-version: 6.19.2 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: production-dependencies - dependency-name: advanced-security/spdx-dependency-submission-action dependency-version: 0.2.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: production-dependencies - dependency-name: anchore/scan-action dependency-version: 7.3.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: production-dependencies - dependency-name: 42ByteLabs/patch-release-me dependency-version: 0.6.5 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: production-dependencies ... Signed-off-by: dependabot[bot] <support@github.com>
diff --git a/.github/workflows/codeql-ql.yml b/.github/workflows/codeql-ql.yml
@@ -21,7 +21,7 @@ jobs:
         uses: actions/checkout@v6
 
       - name: "Set up Rust"
-        uses: dtolnay/rust-toolchain@f7ccc83f9ed1e5b9c81d8a67d7ad1a747e22a561   # v1.85.1
+        uses: dtolnay/rust-toolchain@efa25f7f19611383d5b0ccf2d1c8914531636bf9   # v1.85.1
         with:
           toolchain: stable
 
diff --git a/.github/workflows/container-publish.yml b/.github/workflows/container-publish.yml
@@ -67,7 +67,7 @@ jobs:
             type=semver,pattern=v{{major}}.{{minor}},value=${{ inputs.version }}
     
       - name: Build & Publish Container ${{ env.IMAGE_NAME }}
-        uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 # v6.18.0
+        uses: docker/build-push-action@10e90e3645eae34f1e60eeb005ba3a3d33f178e8 # v6.19.2
         id: build
         with:
           file: "${{ inputs.container-file }}"
@@ -80,7 +80,7 @@ jobs:
 
       # Upload Software Bill of Materials (SBOM) to GitHub
       - name: Upload SBOM
-        uses: advanced-security/spdx-dependency-submission-action@f957edbb35161c1f9e33f61026fc86a671c58cae  # v0.1.2
+        uses: advanced-security/spdx-dependency-submission-action@169d22427d74f3faf93504e70b03eede8dab272a  # v0.2.0
         with:
           filePath: '.'
           filePattern: '*.spdx.json'
diff --git a/.github/workflows/container-security.yml b/.github/workflows/container-security.yml
@@ -41,7 +41,7 @@ jobs:
         uses: docker/setup-buildx-action@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f # v3.12.0
 
       - name: Build Initial Container
-        uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 # v6.18.0
+        uses: docker/build-push-action@10e90e3645eae34f1e60eeb005ba3a3d33f178e8 # v6.19.2
         id: build
         with:
           file: "${{ inputs.container-file }}"
@@ -52,7 +52,7 @@ jobs:
 
       # Scan the image for vulnerabilities
       - name: Run the Anchore / Grype scan action
-        uses: anchore/scan-action@8d2fce09422cd6037e577f4130e9b925e9a37175 # v7.3.1
+        uses: anchore/scan-action@7037fa011853d5a11690026fb85feee79f4c946c # v7.3.2
         id: scan
         with:
           image: localbuild/testimage:latest
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
@@ -33,7 +33,7 @@ jobs:
         uses: actions/checkout@v6
 
       - name: "Patch Release Me"
-        uses: 42ByteLabs/patch-release-me@ef44b04c04fde87280adf14548664bfbcebba04d    # 0.6.4
+        uses: 42ByteLabs/patch-release-me@6cd166a460bc205b93c29acb6fef2aa275dc0502    # 0.6.5
         with:
           mode: ${{ github.event.inputs.bump }}
 
