chore(deps): update launchdarkly/gh-actions digest to e739737 (#1415)

renovate[bot] · web-flow · commit 7be80304a8cb · 2026-06-04T09:32:42.000-04:00
This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [launchdarkly/gh-actions](https://redirect.github.com/launchdarkly/gh-actions) ([changelog](https://redirect.github.com/launchdarkly/gh-actions/compare/2e6676d8c7ed1a59114d08faa22e3dbf085a1a64..e739737ec160daae50efc7a07e6b453a104db067)) | action | digest | `2e6676d` → `e739737` | --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] If you want to rebase/retry this PR, check this box --- This PR was generated by [Mend Renovate](https://mend.io/renovate/). View the [repository job log](https://developer.mend.io/github/launchdarkly/js-core).   --- > [!NOTE] > **Low Risk** > CI-only digest pin updates with no application code changes; risk is limited to possible behavior changes in the external SBOM/policy actions. > > **Overview** > Renovate bumps the pinned **`launchdarkly/gh-actions`** digest in **`.github/workflows/dependency-scan.yml`** from `2e6676d` to `e739737` for both the **Generate SBOM** and **Evaluate SBOM Policy** steps. Step inputs (`types`, `ensure-non-empty`, `artifacts-pattern`) are unchanged; only the reusable action commit SHA moves forward on `main`. > > <sup>Reviewed by [Cursor Bugbot](https://cursor.com/bugbot) for commit dc27227. Bugbot is set up for automated code reviews on this repo. Configure [here](https://www.cursor.com/dashboard/bugbot).</sup>  Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
diff --git a/.github/workflows/dependency-scan.yml b/.github/workflows/dependency-scan.yml
@@ -24,7 +24,7 @@ jobs:
           ELECTRON_SKIP_BINARY_DOWNLOAD: '1'
 
       - name: Generate SBOM
-        uses: launchdarkly/gh-actions/actions/dependency-scan/generate-sbom@2e6676d8c7ed1a59114d08faa22e3dbf085a1a64 # main
+        uses: launchdarkly/gh-actions/actions/dependency-scan/generate-sbom@e739737ec160daae50efc7a07e6b453a104db067 # main
         with:
           types: 'nodejs'
           ensure-non-empty: 'true'
@@ -37,6 +37,6 @@ jobs:
       - uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
 
       - name: Evaluate SBOM Policy
-        uses: launchdarkly/gh-actions/actions/dependency-scan/evaluate-policy@2e6676d8c7ed1a59114d08faa22e3dbf085a1a64 # main
+        uses: launchdarkly/gh-actions/actions/dependency-scan/evaluate-policy@e739737ec160daae50efc7a07e6b453a104db067 # main
         with:
           artifacts-pattern: bom-*
