Bump advanced-security/spdx-dependency-submission-action

dependabot[bot] · web-flow · commit b7569d83a520 · 2026-04-09T23:02:05.000Z
Bumps [advanced-security/spdx-dependency-submission-action](https://github.com/advanced-security/spdx-dependency-submission-action) from 0.0.1 to 0.2.0. - [Release notes](https://github.com/advanced-security/spdx-dependency-submission-action/releases) - [Commits](advanced-security/spdx-dependency-submission-action@v0.0.1...v0.2.0) --- updated-dependencies: - dependency-name: advanced-security/spdx-dependency-submission-action dependency-version: 0.2.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com>
diff --git a/.github/workflows/sbom.yml b/.github/workflows/sbom.yml
@@ -55,7 +55,7 @@ jobs:
         path: sbom.spdx.json
 
     - name: SBOM upload
-      uses: advanced-security/spdx-dependency-submission-action@v0.0.1
+      uses: advanced-security/spdx-dependency-submission-action@v0.2.0
 
     - name: Upload Trivy scan results to GitHub Security tab [all]
       uses: github/codeql-action/upload-sarif@v4
