build(deps): bump the dependencies group across 1 directory with 6 updates

.github/workflows/build.yml

@@ -70,7 +70,7 @@ jobs:
         run: yarn test:ci
 
       - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@c47758b77c9736f4b2ef4073d4d51994fabfe349 # v3.7.1
+        uses: docker/setup-buildx-action@6524bf65af31da8d45b59e8c27de4bd072b392f5 # v3.8.0
 
       - name: Login to DockerHub
         if: github.event_name != 'pull_request'
@@ -89,7 +89,7 @@ jobs:
             type=raw,value=${{ github.sha }}
 
       - name: Build and push Docker image
-        uses: docker/build-push-action@48aba3b46d1b1fec4febb7c5d0c644b249a11355 # v6.10.0
+        uses: docker/build-push-action@b32b51a8eda65d6793cd0494a773d4f6bcef32dc # v6.11.0
         with:
           context: .
           file: .conf/Dockerfile.prebuilt

.github/workflows/codeql.yml

@@ -75,7 +75,7 @@ jobs:
 
       # Initializes the CodeQL tools for scanning.
       - name: Initialize CodeQL
-        uses: github/codeql-action/init@aa578102511db1f4524ed59b8cc2bae4f6e88195 # v2.227
+        uses: github/codeql-action/init@b6a472f63d85b9c78a3ac5e89422239fc15e9b3c # v2.227
         with:
           languages: ${{ matrix.language }}
           # If you wish to specify custom queries, you can do so here or in a config file.
@@ -89,7 +89,7 @@ jobs:
       # Automates dependency installation for Python, Ruby, and JavaScript, optimizing the CodeQL analysis setup.
       # If this step fails, then you should remove it and run the build manually (see below)
       - name: Autobuild
-        uses: github/codeql-action/autobuild@aa578102511db1f4524ed59b8cc2bae4f6e88195 # v2.227
+        uses: github/codeql-action/autobuild@b6a472f63d85b9c78a3ac5e89422239fc15e9b3c # v2.227
 
       # ℹ️ Command-line programs to run using the OS shell.
       # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun
@@ -102,6 +102,6 @@ jobs:
       #     ./location_of_script_within_repo/buildscript.sh
 
       - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@aa578102511db1f4524ed59b8cc2bae4f6e88195 # v2.227
+        uses: github/codeql-action/analyze@b6a472f63d85b9c78a3ac5e89422239fc15e9b3c # v2.227
         with:
           category: '/language:${{matrix.language}}'

.github/workflows/dependencies.yaml

@@ -40,7 +40,7 @@ jobs:
 
     steps:
       - name: Set up JDK 17
-        uses: actions/setup-java@8df1039502a15bceb9433410b1a100fbe190c53b # v4.5.0
+        uses: actions/setup-java@7a6d8a8234af8eb26422e24e3006232cccaa061b # v4.6.0
         with:
           distribution: 'temurin'
           java-version: '17'
@@ -73,7 +73,7 @@ jobs:
         if: steps.dependencies-changed.outputs.changed == 'true'
 
       - name: Upload DEPENDENCIES file
-        uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3
+        uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0
         with:
           path: DEPENDENCIES
         if: steps.dependencies-changed.outputs.changed == 'true'

.github/workflows/kics.yml

@@ -67,6 +67,6 @@ jobs:
       # Upload findings to GitHub Advanced Security Dashboard
       - name: Upload SARIF file for GitHub Advanced Security Dashboard
         if: always()
-        uses: github/codeql-action/upload-sarif@aa578102511db1f4524ed59b8cc2bae4f6e88195 # v3.27.6
+        uses: github/codeql-action/upload-sarif@b6a472f63d85b9c78a3ac5e89422239fc15e9b3c # v3.28.1
         with:
           sarif_file: kicsResults/results.sarif

.github/workflows/release-release_candidate.yml

@@ -86,7 +86,7 @@ jobs:
         run: yarn test:ci
 
       - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@c47758b77c9736f4b2ef4073d4d51994fabfe349 # v3.7.1
+        uses: docker/setup-buildx-action@6524bf65af31da8d45b59e8c27de4bd072b392f5 # v3.8.0
 
       - name: Login to DockerHub
         if: github.event_name != 'pull_request'
@@ -111,7 +111,7 @@ jobs:
             type=semver,pattern=v{{major}}.{{minor}}
 
       - name: Build and push Docker image
-        uses: docker/build-push-action@48aba3b46d1b1fec4febb7c5d0c644b249a11355 # v6.10.0
+        uses: docker/build-push-action@b32b51a8eda65d6793cd0494a773d4f6bcef32dc # v6.11.0
         with:
           context: .
           file: .conf/Dockerfile.prebuilt

.github/workflows/release.yml

@@ -87,7 +87,7 @@ jobs:
         run: yarn test:ci
 
       - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@c47758b77c9736f4b2ef4073d4d51994fabfe349 # v3.7.1
+        uses: docker/setup-buildx-action@6524bf65af31da8d45b59e8c27de4bd072b392f5 # v3.8.0
 
       - name: Login to DockerHub
         if: github.event_name != 'pull_request'
@@ -112,7 +112,7 @@ jobs:
             type=semver,pattern=v{{major}}.{{minor}}
 
       - name: Build and push Docker image
-        uses: docker/build-push-action@48aba3b46d1b1fec4febb7c5d0c644b249a11355 # v6.10.0
+        uses: docker/build-push-action@b32b51a8eda65d6793cd0494a773d4f6bcef32dc # v6.11.0
         with:
           context: .
           file: .conf/Dockerfile.prebuilt

.github/workflows/release_candidate.yml

@@ -67,7 +67,7 @@ jobs:
         run: yarn test:ci
 
       - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@c47758b77c9736f4b2ef4073d4d51994fabfe349 # v3.7.1
+        uses: docker/setup-buildx-action@6524bf65af31da8d45b59e8c27de4bd072b392f5 # v3.8.0
 
       - name: Login to DockerHub
         if: github.event_name != 'pull_request'
@@ -86,7 +86,7 @@ jobs:
             type=raw,value=${{ github.sha }}
 
       - name: Build and push Docker image
-        uses: docker/build-push-action@48aba3b46d1b1fec4febb7c5d0c644b249a11355 # v6.10.0
+        uses: docker/build-push-action@b32b51a8eda65d6793cd0494a773d4f6bcef32dc # v6.11.0
         with:
           context: .
           file: .conf/Dockerfile.prebuilt

.github/workflows/trivy-main.yml

@@ -66,7 +66,7 @@ jobs:
           limit-severities-for-sarif: true
 
       - name: Upload Trivy scan results to GitHub Security tab
-        uses: github/codeql-action/upload-sarif@aa578102511db1f4524ed59b8cc2bae4f6e88195 # v3.27.6
+        uses: github/codeql-action/upload-sarif@b6a472f63d85b9c78a3ac5e89422239fc15e9b3c # v3.28.1
         if: always()
         with:
           sarif_file: 'trivy-results1.sarif'
@@ -103,6 +103,6 @@ jobs:
 
       - name: Upload Trivy scan results to GitHub Security tab
         if: always()
-        uses: github/codeql-action/upload-sarif@aa578102511db1f4524ed59b8cc2bae4f6e88195 # v3.27.6
+        uses: github/codeql-action/upload-sarif@b6a472f63d85b9c78a3ac5e89422239fc15e9b3c # v3.28.1
         with:
           sarif_file: 'trivy-results2.sarif'

.github/workflows/trivy.yml

@@ -66,7 +66,7 @@ jobs:
           limit-severities-for-sarif: true
 
       - name: Upload Trivy scan results to GitHub Security tab
-        uses: github/codeql-action/upload-sarif@aa578102511db1f4524ed59b8cc2bae4f6e88195 # v3.27.6
+        uses: github/codeql-action/upload-sarif@b6a472f63d85b9c78a3ac5e89422239fc15e9b3c # v3.28.1
         if: always()
         with:
           sarif_file: 'trivy-results1.sarif'
@@ -103,6 +103,6 @@ jobs:
 
       - name: Upload Trivy scan results to GitHub Security tab
         if: always()
-        uses: github/codeql-action/upload-sarif@aa578102511db1f4524ed59b8cc2bae4f6e88195 # v3.27.6
+        uses: github/codeql-action/upload-sarif@b6a472f63d85b9c78a3ac5e89422239fc15e9b3c # v3.28.1
         with:
           sarif_file: 'trivy-results2.sarif'

.github/workflows/trufflehog.yml

@@ -48,7 +48,7 @@ jobs:
 
       - name: TruffleHog OSS
         id: trufflehog
-        uses: trufflesecurity/trufflehog@710d09ba85a0b34cea5592f3a42aae7db5d1a279 #v3.85.0
+        uses: trufflesecurity/trufflehog@a94d152bf65bebf5baa486d3d4dfee520af2ceed #v3.88.2
         continue-on-error: true
         with:
           path: ./ # Scan the entire repository

DEPENDENCIES

@@ -113,9 +113,9 @@ npm/npmjs/-/csstype/3.1.3, MIT, approved, #11847
 npm/npmjs/-/cypress/13.15.2, MIT AND BSD-3-Clause AND Apache-2.0 AND MPL-2.0, approved, #17385
 npm/npmjs/-/dashdash/1.14.1, MIT AND CDDL-1.0, approved, #14596
 npm/npmjs/-/data-urls/3.0.2, MIT, approved, clearlydefined
-npm/npmjs/-/data-view-buffer/1.0.1, MIT, approved, clearlydefined
-npm/npmjs/-/data-view-byte-length/1.0.1, MIT, approved, clearlydefined
-npm/npmjs/-/data-view-byte-offset/1.0.0, MIT, approved, clearlydefined
+npm/npmjs/-/data-view-buffer/1.0.1, MIT, approved, #18374
+npm/npmjs/-/data-view-byte-length/1.0.1, MIT, approved, #18392
+npm/npmjs/-/data-view-byte-offset/1.0.0, MIT, approved, #18407
 npm/npmjs/-/date-fns/3.6.0, MIT, approved, #14000
 npm/npmjs/-/dayjs/1.11.13, MIT, approved, #9149
 npm/npmjs/-/debug/3.2.7, MIT, approved, clearlydefined
@@ -150,7 +150,7 @@ npm/npmjs/-/enquire.js/2.1.6, MIT, approved, clearlydefined
 npm/npmjs/-/enquirer/2.4.1, MIT AND (ISC AND MIT), approved, #10900
 npm/npmjs/-/entities/4.5.0, BSD-2-Clause, approved, #7910
 npm/npmjs/-/error-ex/1.3.2, MIT, approved, clearlydefined
-npm/npmjs/-/es-abstract/1.23.3, MIT, approved, clearlydefined
+npm/npmjs/-/es-abstract/1.23.3, MIT, approved, #18406
 npm/npmjs/-/es-define-property/1.0.0, MIT, approved, #13222
 npm/npmjs/-/es-errors/1.3.0, MIT, approved, #13162
 npm/npmjs/-/es-get-iterator/1.1.3, MIT, approved, clearlydefined
@@ -178,7 +178,7 @@ npm/npmjs/-/eslint-plugin-promise/6.6.0, ISC, approved, clearlydefined
 npm/npmjs/-/eslint-plugin-react-hooks/4.6.2, MIT, approved, clearlydefined
 npm/npmjs/-/eslint-plugin-react/7.37.2, MIT, approved, #16407
 npm/npmjs/-/eslint-scope/7.2.2, BSD-2-Clause, approved, #9916
-npm/npmjs/-/eslint-visitor-keys/3.4.3, Apache-2.0, approved, #15274
+npm/npmjs/-/eslint-visitor-keys/3.4.3, Apache-2.0, approved, #18264
 npm/npmjs/-/eslint/8.57.1, MIT AND ISC AND OFL-1.1 AND CC-BY-SA-2.0, approved, #15317
 npm/npmjs/-/espree/9.6.1, BSD-2-Clause AND BSD-3-Clause AND MIT AND BSD-2-Clause AND BSD-3-Clause AND MIT AND (BSD-2-Clause AND MIT) AND (BSD-3-Clause AND LGPL-2.0-or-later AND MIT) AND LGPL-2.1-or-later, approved, #15293
 npm/npmjs/-/esprima/4.0.1, BSD-2-Clause, approved, #995
@@ -291,7 +291,7 @@ npm/npmjs/-/is-boolean-object/1.1.2, MIT, approved, clearlydefined
 npm/npmjs/-/is-builtin-module/3.2.1, MIT, approved, clearlydefined
 npm/npmjs/-/is-callable/1.2.7, MIT, approved, clearlydefined
 npm/npmjs/-/is-core-module/2.15.1, MIT, approved, clearlydefined
-npm/npmjs/-/is-data-view/1.0.1, MIT, approved, clearlydefined
+npm/npmjs/-/is-data-view/1.0.1, MIT, approved, #18375
 npm/npmjs/-/is-date-object/1.0.5, MIT, approved, clearlydefined
 npm/npmjs/-/is-extglob/2.1.1, MIT, approved, clearlydefined
 npm/npmjs/-/is-finalizationregistry/1.0.2, MIT, approved, clearlydefined
@@ -317,7 +317,7 @@ npm/npmjs/-/is-typedarray/1.0.0, MIT, approved, #2531
 npm/npmjs/-/is-unicode-supported/0.1.0, MIT, approved, clearlydefined
 npm/npmjs/-/is-weakmap/2.0.2, MIT, approved, clearlydefined
 npm/npmjs/-/is-weakref/1.0.2, MIT, approved, clearlydefined
-npm/npmjs/-/is-weakset/2.0.3, MIT, approved, clearlydefined
+npm/npmjs/-/is-weakset/2.0.3, MIT, approved, #18388
 npm/npmjs/-/isarray/2.0.5, MIT, approved, clearlydefined
 npm/npmjs/-/isexe/2.0.0, ISC, approved, clearlydefined
 npm/npmjs/-/isstream/0.1.2, MIT, approved, clearlydefined
@@ -327,7 +327,7 @@ npm/npmjs/-/istanbul-lib-instrument/6.0.3, BSD-3-Clause, approved, clearlydefine
 npm/npmjs/-/istanbul-lib-report/3.0.1, BSD-3-Clause, approved, clearlydefined
 npm/npmjs/-/istanbul-lib-source-maps/4.0.1, BSD-3-Clause, approved, clearlydefined
 npm/npmjs/-/istanbul-reports/3.1.7, BSD-3-Clause AND MIT, approved, #1710
-npm/npmjs/-/iterator.prototype/1.1.3, MIT, approved, clearlydefined
+npm/npmjs/-/iterator.prototype/1.1.3, MIT, approved, #18395
 npm/npmjs/-/jake/10.9.2, Apache-2.0 AND (Apache-2.0 AND MIT), approved, #14655
 npm/npmjs/-/jest-changed-files/29.7.0, MIT, approved, clearlydefined
 npm/npmjs/-/jest-circus/29.7.0, MIT, approved, clearlydefined
@@ -435,7 +435,7 @@ npm/npmjs/-/object.assign/4.1.5, MIT, approved, #15306
 npm/npmjs/-/object.entries/1.1.8, MIT, approved, #4671
 npm/npmjs/-/object.fromentries/2.0.8, MIT, approved, #4600
 npm/npmjs/-/object.groupby/1.0.3, MIT, approved, #10360
-npm/npmjs/-/object.values/1.2.0, MIT, approved, clearlydefined
+npm/npmjs/-/object.values/1.2.0, MIT, approved, #18366
 npm/npmjs/-/once/1.4.0, ISC, approved, clearlydefined
 npm/npmjs/-/onetime/5.1.2, MIT, approved, clearlydefined
 npm/npmjs/-/optionator/0.9.4, MIT, approved, #9208
@@ -527,7 +527,7 @@ npm/npmjs/-/rimraf/3.0.2, ISC, approved, clearlydefined
 npm/npmjs/-/rollup/4.24.0, MIT AND (ISC AND MIT), approved, #16917
 npm/npmjs/-/run-parallel/1.2.0, MIT, approved, clearlydefined
 npm/npmjs/-/rxjs/7.8.1, Apache-2.0 AND (0BSD AND Apache-2.0) AND 0BSD, approved, #5993
-npm/npmjs/-/safe-array-concat/1.1.2, MIT, approved, clearlydefined
+npm/npmjs/-/safe-array-concat/1.1.2, MIT, approved, #18359
 npm/npmjs/-/safe-buffer/5.2.1, MIT, approved, clearlydefined
 npm/npmjs/-/safe-regex-test/1.0.3, MIT, approved, clearlydefined
 npm/npmjs/-/safer-buffer/2.1.2, MIT, approved, clearlydefined
@@ -864,14 +864,14 @@ npm/npmjs/@types/jsdom/20.0.1, MIT, approved, clearlydefined
 npm/npmjs/@types/json5/0.0.29, MIT, approved, clearlydefined
 npm/npmjs/@types/lodash.debounce/4.0.9, MIT, approved, clearlydefined
 npm/npmjs/@types/lodash.uniq/4.5.9, MIT, approved, #13930
-npm/npmjs/@types/lodash/4.17.13, MIT, approved, clearlydefined
+npm/npmjs/@types/lodash/4.17.13, MIT, approved, #18358
 npm/npmjs/@types/node/20.16.15, MIT, approved, #16051
 npm/npmjs/@types/node/22.7.4, MIT, approved, #16398
 npm/npmjs/@types/papaparse/5.3.15, MIT, approved, #10964
 npm/npmjs/@types/parse-json/4.0.2, MIT, approved, clearlydefined
 npm/npmjs/@types/prop-types/15.7.13, MIT, approved, #16176
 npm/npmjs/@types/qs/6.9.17, MIT, approved, #14071
-npm/npmjs/@types/react-dom/18.3.1, MIT, approved, clearlydefined
+npm/npmjs/@types/react-dom/18.3.1, MIT, approved, #18409
 npm/npmjs/@types/react-redux/7.1.34, MIT, approved, #10970
 npm/npmjs/@types/react-slick/0.23.13, MIT, approved, #11666
 npm/npmjs/@types/react-transition-group/4.4.11, MIT, approved, #8416
@@ -897,5 +897,5 @@ npm/npmjs/@typescript-eslint/typescript-estree/7.18.0, BSD-2-Clause AND MIT AND
 npm/npmjs/@typescript-eslint/utils/7.18.0, BSD-2-Clause AND MIT AND (BSD-2-Clause AND ISC AND MIT), approved, #15824
 npm/npmjs/@typescript-eslint/visitor-keys/6.21.0, MIT, approved, clearlydefined
 npm/npmjs/@typescript-eslint/visitor-keys/7.18.0, MIT, approved, clearlydefined
-npm/npmjs/@ungap/structured-clone/1.2.0, ISC, approved, clearlydefined
+npm/npmjs/@ungap/structured-clone/1.2.0, ISC, approved, #18522
 npm/npmjs/@vitejs/plugin-react/4.3.3, MIT, approved, #14877