From 50103fffa94b07dc7fbf27a94612166b2abb249e Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 12 Jan 2026 15:39:57 +0000
Subject: [PATCH] deps: bump the production-dependencies group across 1
 directory with 5 updates

Bumps the production-dependencies group with 5 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [dtolnay/rust-toolchain](https://github.com/dtolnay/rust-toolchain) | `0b1efabc08b657293548b77fb76cc02d26091c7e` | `f7ccc83f9ed1e5b9c81d8a67d7ad1a747e22a561` |
| [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) | `3.11.1` | `3.12.0` |
| [advanced-security/spdx-dependency-submission-action](https://github.com/advanced-security/spdx-dependency-submission-action) | `0.1.1` | `0.1.2` |
| [actions/attest-build-provenance](https://github.com/actions/attest-build-provenance) | `3.0.0` | `3.1.0` |
| [anchore/scan-action](https://github.com/anchore/scan-action) | `7.2.2` | `7.2.3` |



Updates `dtolnay/rust-toolchain` from 0b1efabc08b657293548b77fb76cc02d26091c7e to f7ccc83f9ed1e5b9c81d8a67d7ad1a747e22a561
- [Release notes](https://github.com/dtolnay/rust-toolchain/releases)
- [Commits](https://github.com/dtolnay/rust-toolchain/compare/0b1efabc08b657293548b77fb76cc02d26091c7e...f7ccc83f9ed1e5b9c81d8a67d7ad1a747e22a561)

Updates `docker/setup-buildx-action` from 3.11.1 to 3.12.0
- [Release notes](https://github.com/docker/setup-buildx-action/releases)
- [Commits](https://github.com/docker/setup-buildx-action/compare/e468171a9de216ec08956ac3ada2f0791b6bd435...8d2750c68a42422c14e847fe6c8ac0403b4cbd6f)

Updates `advanced-security/spdx-dependency-submission-action` from 0.1.1 to 0.1.2
- [Release notes](https://github.com/advanced-security/spdx-dependency-submission-action/releases)
- [Commits](https://github.com/advanced-security/spdx-dependency-submission-action/compare/5530bab9ee4bbe66420ce8280624036c77f89746...f957edbb35161c1f9e33f61026fc86a671c58cae)

Updates `actions/attest-build-provenance` from 3.0.0 to 3.1.0
- [Release notes](https://github.com/actions/attest-build-provenance/releases)
- [Changelog](https://github.com/actions/attest-build-provenance/blob/main/RELEASE.md)
- [Commits](https://github.com/actions/attest-build-provenance/compare/977bb373ede98d70efdf65b84cb5f73e068dcc2a...00014ed6ed5efc5b1ab7f7f34a39eb55d41aa4f8)

Updates `anchore/scan-action` from 7.2.2 to 7.2.3
- [Release notes](https://github.com/anchore/scan-action/releases)
- [Changelog](https://github.com/anchore/scan-action/blob/main/RELEASE.md)
- [Commits](https://github.com/anchore/scan-action/compare/3c9a191a0fbab285ca6b8530b5de5a642cba332f...62b74fb7bb810d2c45b1865f47a77655621862a5)

---
updated-dependencies:
- dependency-name: dtolnay/rust-toolchain
  dependency-version: f7ccc83f9ed1e5b9c81d8a67d7ad1a747e22a561
  dependency-type: direct:production
  dependency-group: production-dependencies
- dependency-name: docker/setup-buildx-action
  dependency-version: 3.12.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
- dependency-name: advanced-security/spdx-dependency-submission-action
  dependency-version: 0.1.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: production-dependencies
- dependency-name: actions/attest-build-provenance
  dependency-version: 3.1.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
- dependency-name: anchore/scan-action
  dependency-version: 7.2.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: production-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 .github/workflows/codeql-ql.yml          | 2 +-
 .github/workflows/container-publish.yml  | 8 ++++----
 .github/workflows/container-security.yml | 4 ++--
 3 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/.github/workflows/codeql-ql.yml b/.github/workflows/codeql-ql.yml
index c8e6973..b806fb4 100644
--- a/.github/workflows/codeql-ql.yml
+++ b/.github/workflows/codeql-ql.yml
@@ -21,7 +21,7 @@ jobs:
         uses: actions/checkout@v6
 
       - name: "Set up Rust"
-        uses: dtolnay/rust-toolchain@0b1efabc08b657293548b77fb76cc02d26091c7e   # v1.85.1
+        uses: dtolnay/rust-toolchain@f7ccc83f9ed1e5b9c81d8a67d7ad1a747e22a561   # v1.85.1
         with:
           toolchain: stable
 
diff --git a/.github/workflows/container-publish.yml b/.github/workflows/container-publish.yml
index 1f10156..9456f4b 100644
--- a/.github/workflows/container-publish.yml
+++ b/.github/workflows/container-publish.yml
@@ -43,7 +43,7 @@ jobs:
         uses: actions/checkout@v6
 
       - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 # v3.11.1
+        uses: docker/setup-buildx-action@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f # v3.12.0
 
       - name: Log in to the Container registry
         uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0
@@ -80,20 +80,20 @@ jobs:
 
       # Upload Software Bill of Materials (SBOM) to GitHub
       - name: Upload SBOM
-        uses: advanced-security/spdx-dependency-submission-action@5530bab9ee4bbe66420ce8280624036c77f89746  # v0.1.1
+        uses: advanced-security/spdx-dependency-submission-action@f957edbb35161c1f9e33f61026fc86a671c58cae  # v0.1.2
         with:
           filePath: '.'
           filePattern: '*.spdx.json'
 
       # Build provenance attestations
       - name: Attest Container Image
-        uses: actions/attest-build-provenance@977bb373ede98d70efdf65b84cb5f73e068dcc2a  # v3.0.0
+        uses: actions/attest-build-provenance@00014ed6ed5efc5b1ab7f7f34a39eb55d41aa4f8  # v3.1.0
         with:
           subject-name: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
           subject-digest: ${{ steps.build.outputs.digest }}
           push-to-registry: true
 
       # - name: Attest Container SBOM
-      #   uses: actions/attest-build-provenance@977bb373ede98d70efdf65b84cb5f73e068dcc2a  # v3.0.0
+      #   uses: actions/attest-build-provenance@00014ed6ed5efc5b1ab7f7f34a39eb55d41aa4f8  # v3.1.0
       #   with:
       #     subject-path:: '*.spdx.json'
diff --git a/.github/workflows/container-security.yml b/.github/workflows/container-security.yml
index 1803d98..f176e58 100644
--- a/.github/workflows/container-security.yml
+++ b/.github/workflows/container-security.yml
@@ -38,7 +38,7 @@ jobs:
         uses: actions/checkout@v6
 
       - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 # v3.11.1
+        uses: docker/setup-buildx-action@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f # v3.12.0
 
       - name: Build Initial Container
         uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 # v6.18.0
@@ -52,7 +52,7 @@ jobs:
 
       # Scan the image for vulnerabilities
       - name: Run the Anchore / Grype scan action
-        uses: anchore/scan-action@3c9a191a0fbab285ca6b8530b5de5a642cba332f # v7.2.2
+        uses: anchore/scan-action@62b74fb7bb810d2c45b1865f47a77655621862a5 # v7.2.3
         id: scan
         with:
           image: localbuild/testimage:latest