build(deps): bump anchore/scan-action from 6.5.1 to 7.4.0

[dependabot]

Bumps anchore/scan-action from 6.5.1 to 7.4.0.

Release notes

Sourced from anchore/scan-action's releases.

v7.4.0

• chore: update to node 24 (#629) [@​kzantow]
• fix(dev): move to esbuild (#601) [@​willmurphyscode]
• chore: update to ES modules + update @actions/* (#595) [@​kzantow]

⬆️ Dependencies

• chore(deps): update Grype to v0.110.0 (#618) [@anchore-actions-token-generator[bot]]
• chore(deps-dev): bump tar 7.5.11 (#620) [@dependabot[bot]]
• chore(deps): bump undici 6.24.1 (#622) [@dependabot[bot]]
• chore: bump fast-xml-parser 5.5.7 (#626) [@dependabot[bot]]

v7.3.2

• feat: add option to specify one or more grype config files (#589) [@​sam-super]

⬆️ Dependencies

• chore(deps): bump @​actions/cache from 5.0.3 to 5.0.5 (#592) [@dependabot[bot]]
• chore(deps): bump @​actions/tool-cache from 3.0.0 to 3.0.1 (#593) [@dependabot[bot]]
• chore(deps): update Grype to v0.107.1 (#594) [@anchore-actions-token-generator[bot]]
• chore(deps): bump fast-xml-parser from 5.3.3 to 5.3.4 (#590) [@dependabot[bot]]
• chore(deps): update Grype to v0.107.0 (#588) [@anchore-actions-token-generator[bot]]
• chore(deps-dev): bump prettier from 3.8.0 to 3.8.1 (#584) [@dependabot[bot]]
• chore(deps-dev): bump tar from 7.5.6 to 7.5.7 (#586) [@dependabot[bot]]

v7.3.1

⬆️ Dependencies

• chore(deps): update Grype to v0.106.0 (#583) [@anchore-actions-token-generator[bot]]
• chore(deps): bump lodash from 4.17.21 to 4.17.23 (#580) [@dependabot[bot]]

v7.3.0

New in scan-action v7.3.0

⬆️ Dependencies

• chore(deps): bump @​actions/tool-cache from 2.0.2 to 3.0.0 (#567) [@​dependabot]
• chore(deps): bump @​actions/cache from 5.0.1 to 5.0.2 (#568) [@​dependabot]
• chore(deps): bump @​actions/core from 2.0.1 to 2.0.2 (#569) [@​dependabot]
• chore(deps-dev): bump tar from 7.5.2 to 7.5.3 (#574) [@​dependabot]
• chore(deps): update Grype to v0.105.0 (#572) [@​anchore-actions-token-generator[bot]]

v7.2.3

New in scan-action v7.2.3

• chore(deps): update Grype to v0.104.4 (#566) [[anchore-actions-token-generator[bot]](https://github.com/[anchore-actions-token-generator[bot]](https://github.com/apps/anchore-actions-token-generator))]
• chore(deps): bump @​actions/cache from 4.1.0 to 5.0.1 (#563) [[dependabot[bot]](https://github.com/[dependabot[bot]](https://github.com/apps/dependabot))]

... (truncated)

Commits

• e116508 chore: bump fast-xml-parser from 5.5.6 to 5.5.7 + setup-node (#631)
• 382a23a chore(deps): update Grype to v0.110.0 (#618)
• 2898213 chore: update to node 24 (#629)
• 4e1eb5b chore: update to modules and bump all deps (required for new @​actions librari...
• 8ed60d1 chore(deps): bump actions/setup-node from 6.2.0 to 6.3.0 (#617)
• 5a271d2 chore(deps-dev): bump lint-staged from 16.3.1 to 16.3.2 (#619)
• 6d37af2 chore(deps-dev): bump jest from 30.2.0 to 30.3.0 (#625)
• 50a8160 chore(deps-dev): bump tar from 7.5.10 to 7.5.11 (#620)
• daeb723 chore(deps): bump undici from 6.23.0 to 6.24.1 (#622)
• 6471a7e chore(deps): bump fast-xml-parser from 5.3.6 to 5.5.6 (#626)
• Additional commits viewable in compare view

[dependabot]

Labels

The following labels could not be found: ci, dependencies. Please create them before Dependabot can add them to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.