From b7c3f3693e7259ecf968b1e8c901cbd2c726d4cd Mon Sep 17 00:00:00 2001
From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com>
Date: Mon, 23 Dec 2024 01:32:07 +0000
Subject: [PATCH] [deps]: Update gh minor

---
 .github/workflows/build-unified.yml   | 6 +++---
 .github/workflows/scan.yml            | 4 ++--
 .github/workflows/update-versions.yml | 2 +-
 3 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/.github/workflows/build-unified.yml b/.github/workflows/build-unified.yml
index 638e1b4b..3b769c7d 100644
--- a/.github/workflows/build-unified.yml
+++ b/.github/workflows/build-unified.yml
@@ -79,7 +79,7 @@ jobs:
         uses: docker/setup-qemu-action@49b3bc8e6bdd4a60e6116a5414239cba5943d3cf # v3.2.0
 
       - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@c47758b77c9736f4b2ef4073d4d51994fabfe349 # v3.7.1
+        uses: docker/setup-buildx-action@6524bf65af31da8d45b59e8c27de4bd072b392f5 # v3.8.0
 
       ########## Login to Docker registries ##########
       - name: Login to Azure - Prod Subscription
@@ -178,14 +178,14 @@ jobs:
 
       - name: Scan Docker image
         id: container-scan
-        uses: anchore/scan-action@5ed195cc06065322983cae4bb31e2a751feb86fd # v5.2.0
+        uses: anchore/scan-action@869c549e657a088dc0441b08ce4fc0ecdac2bb65 # v5.3.0
         with:
           image: ${{ steps.tag-list.outputs.primary_tag }}
           fail-build: false
           output-format: sarif
 
       - name: Upload Grype results to GitHub
-        uses: github/codeql-action/upload-sarif@662472033e021d55d94146f66f6058822b0b39fd # v3.27.0
+        uses: github/codeql-action/upload-sarif@48ab28a6f5dbc2a99bf1e0131198dd8f1df78169 # v3.28.0
         with:
           sarif_file: ${{ steps.container-scan.outputs.sarif }}
 
diff --git a/.github/workflows/scan.yml b/.github/workflows/scan.yml
index e7a38891..36459231 100644
--- a/.github/workflows/scan.yml
+++ b/.github/workflows/scan.yml
@@ -29,7 +29,7 @@ jobs:
           ref: ${{ github.event.pull_request.head.sha }}
 
       - name: Scan with Checkmarx
-        uses: checkmarx/ast-github-action@b74e8d514feae4ad5ad2b43e72590935bd2daf5f # 2.0.39
+        uses: checkmarx/ast-github-action@629a9fac14369bf2898d583b22bf8c40a5caf8e9 # 2.0.40
         env:
           INCREMENTAL: "${{ contains(github.event_name, 'pull_request') && '--sast-incremental' || '' }}"
         with:
@@ -44,7 +44,7 @@ jobs:
             --output-path . ${{ env.INCREMENTAL }}
 
       - name: Upload Checkmarx results to GitHub
-        uses: github/codeql-action/upload-sarif@aa578102511db1f4524ed59b8cc2bae4f6e88195 # v3.27.6
+        uses: github/codeql-action/upload-sarif@48ab28a6f5dbc2a99bf1e0131198dd8f1df78169 # v3.28.0
         with:
           sarif_file: cx_result.sarif
 
diff --git a/.github/workflows/update-versions.yml b/.github/workflows/update-versions.yml
index 5123f000..30d298f7 100644
--- a/.github/workflows/update-versions.yml
+++ b/.github/workflows/update-versions.yml
@@ -181,7 +181,7 @@ jobs:
         run: git push -u origin $PR_BRANCH
 
       - name: Generate GH App token
-        uses: actions/create-github-app-token@5d869da34e18e7287c1daad50e0b8ea0f506ce69 # v1.11.0
+        uses: actions/create-github-app-token@c1a285145b9d317df6ced56c09f525b5c2b6f755 # v1.11.1
         id: app-token
         with:
           app-id: ${{ secrets.BW_GHAPP_ID }}