From 630ce5a7128fe43bfe5db28dadcc0269034fb179 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 25 Nov 2024 06:49:36 +0000
Subject: [PATCH] BAU: Bump the gha-all-dependencies group across 1 directory
 with 4 updates

Bumps the gha-all-dependencies group with 4 updates in the / directory: [docker/metadata-action](https://github.com/docker/metadata-action), [bridgecrewio/checkov-action](https://github.com/bridgecrewio/checkov-action), [actions/dependency-review-action](https://github.com/actions/dependency-review-action) and [zgosalvez/github-actions-ensure-sha-pinned-actions](https://github.com/zgosalvez/github-actions-ensure-sha-pinned-actions).


Updates `docker/metadata-action` from 5.5.1 to 5.6.1
- [Release notes](https://github.com/docker/metadata-action/releases)
- [Commits](https://github.com/docker/metadata-action/compare/8e5442c4ef9f78752691e2d8f8d19755c6f78e81...369eb591f429131d6889c46b94e711f089e6ca96)

Updates `bridgecrewio/checkov-action` from 12.2909.0 to 12.2918.0
- [Release notes](https://github.com/bridgecrewio/checkov-action/releases)
- [Commits](https://github.com/bridgecrewio/checkov-action/compare/e6d0a8bcd744a15c35296f51478cd96fcbdada13...05decb42b761b4c4ce4927c084165bb4705bbcef)

Updates `actions/dependency-review-action` from 4.4.0 to 4.5.0
- [Release notes](https://github.com/actions/dependency-review-action/releases)
- [Commits](https://github.com/actions/dependency-review-action/compare/4081bf99e2866ebe428fc0477b69eb4fcda7220a...3b139cfc5fae8b618d3eae3675e383bb1769c019)

Updates `zgosalvez/github-actions-ensure-sha-pinned-actions` from 3.0.16 to 3.0.17
- [Release notes](https://github.com/zgosalvez/github-actions-ensure-sha-pinned-actions/releases)
- [Commits](https://github.com/zgosalvez/github-actions-ensure-sha-pinned-actions/compare/38608ef4fb69adae7f1eac6eeb88e67b7d083bfd...5d6ac37a4cef8b8df67f482a8e384987766f0213)

---
updated-dependencies:
- dependency-name: docker/metadata-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: gha-all-dependencies
- dependency-name: bridgecrewio/checkov-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: gha-all-dependencies
- dependency-name: actions/dependency-review-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: gha-all-dependencies
- dependency-name: zgosalvez/github-actions-ensure-sha-pinned-actions
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: gha-all-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 .github/workflows/call_build-push-docker-image.yml  | 2 +-
 .github/workflows/checkov.yml                       | 2 +-
 .github/workflows/dependency-review.yml             | 2 +-
 .github/workflows/require-pinned-github-actions.yml | 2 +-
 4 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/.github/workflows/call_build-push-docker-image.yml b/.github/workflows/call_build-push-docker-image.yml
index 2766a189d..5652bd857 100644
--- a/.github/workflows/call_build-push-docker-image.yml
+++ b/.github/workflows/call_build-push-docker-image.yml
@@ -60,7 +60,7 @@ jobs:
       - name: Build image metadata
         id: metadata
         if: github
-        uses: docker/metadata-action@8e5442c4ef9f78752691e2d8f8d19755c6f78e81 # v5.5.1
+        uses: docker/metadata-action@369eb591f429131d6889c46b94e711f089e6ca96 # v5.6.1
         with:
           images: |
             "${{ steps.login-ecr.outputs.registry }}/${{ secrets.ecr_repo }}"
diff --git a/.github/workflows/checkov.yml b/.github/workflows/checkov.yml
index 1c98e7f08..55880f71d 100644
--- a/.github/workflows/checkov.yml
+++ b/.github/workflows/checkov.yml
@@ -21,7 +21,7 @@ jobs:
       - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
 
       - name: Checkov GitHub Action
-        uses: bridgecrewio/checkov-action@e6d0a8bcd744a15c35296f51478cd96fcbdada13 # v12.2909.0
+        uses: bridgecrewio/checkov-action@05decb42b761b4c4ce4927c084165bb4705bbcef # v12.2918.0
         with:
           directory: ci/terraform
           soft_fail: true
diff --git a/.github/workflows/dependency-review.yml b/.github/workflows/dependency-review.yml
index 4e9b2a538..09b4e7230 100644
--- a/.github/workflows/dependency-review.yml
+++ b/.github/workflows/dependency-review.yml
@@ -11,4 +11,4 @@ jobs:
       - name: Checkout Repository
         uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
       - name: Dependency Review
-        uses: actions/dependency-review-action@4081bf99e2866ebe428fc0477b69eb4fcda7220a # v4.4.0
+        uses: actions/dependency-review-action@3b139cfc5fae8b618d3eae3675e383bb1769c019 # v4.5.0
diff --git a/.github/workflows/require-pinned-github-actions.yml b/.github/workflows/require-pinned-github-actions.yml
index 1d78b2bac..ed31bbb13 100644
--- a/.github/workflows/require-pinned-github-actions.yml
+++ b/.github/workflows/require-pinned-github-actions.yml
@@ -16,4 +16,4 @@ jobs:
       - name: Checkout code
         uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
       - name: Ensure SHA pinned actions
-        uses: zgosalvez/github-actions-ensure-sha-pinned-actions@38608ef4fb69adae7f1eac6eeb88e67b7d083bfd # v3.0.16
+        uses: zgosalvez/github-actions-ensure-sha-pinned-actions@5d6ac37a4cef8b8df67f482a8e384987766f0213 # v3.0.17