From a0ccd739d6dce28da8cf5119cb78ef9c71324da9 Mon Sep 17 00:00:00 2001
From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com>
Date: Mon, 15 Jul 2024 18:09:31 +0000
Subject: [PATCH] chore(deps): update anchore/sbom-action action to v0.17.0 in
 .github/workflows/release.yml (#59)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Type | Update | Change |
|---|---|---|---|
| [anchore/sbom-action](https://togithub.com/anchore/sbom-action) |
action | minor | `v0.16.1` -> `v0.17.0` |

---

### Release Notes

<details>
<summary>anchore/sbom-action (anchore/sbom-action)</summary>

###
[`v0.17.0`](https://togithub.com/anchore/sbom-action/releases/tag/v0.17.0)

[Compare
Source](https://togithub.com/anchore/sbom-action/compare/v0.16.1...v0.17.0)

#### Changes in v0.17.0

- chore(deps): update Syft to v1.9.0
([#&#8203;479](https://togithub.com/anchore/sbom-action/issues/479))
\[[anchore-actions-token-generator](https://togithub.com/anchore-actions-token-generator)]
- chore(deps): bump actions/checkout from 4.1.6 to 4.1.7
([#&#8203;474](https://togithub.com/anchore/sbom-action/issues/474))
\[[dependabot](https://togithub.com/dependabot)]
- chore(deps): bump peter-evans/create-pull-request from 6.0.5 to 6.1.0
([#&#8203;475](https://togithub.com/anchore/sbom-action/issues/475))
\[[dependabot](https://togithub.com/dependabot)]
- chore: serialize tests to prevent install race
([#&#8203;478](https://togithub.com/anchore/sbom-action/issues/478))
\[[willmurphyscode](https://togithub.com/willmurphyscode)]

</details>

---

### Configuration

📅 **Schedule**: Branch creation - "* */8 * * *" (UTC), Automerge - At
any time (no schedule defined).

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View
repository job log
[here](https://developer.mend.io/github/jippi/dottie).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy40MjUuMSIsInVwZGF0ZWRJblZlciI6IjM3LjQzMS40IiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJkZXBlbmRlbmNpZXMiXX0=-->

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
---
 .github/workflows/build.yml   | 2 +-
 .github/workflows/release.yml | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index f1323df..6513dfa 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -89,7 +89,7 @@ jobs:
 
       - uses: sigstore/cosign-installer@v3.5.0
 
-      - uses: anchore/sbom-action/download-syft@v0.16.1
+      - uses: anchore/sbom-action/download-syft@v0.17.0
 
       - name: setup-validate-krew-manifest
         run: go install sigs.k8s.io/krew/cmd/validate-krew-manifest@latest
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index cecbdb4..48f7330 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -48,7 +48,7 @@ jobs:
 
       - uses: sigstore/cosign-installer@v3.5.0
 
-      - uses: anchore/sbom-action/download-syft@v0.16.1
+      - uses: anchore/sbom-action/download-syft@v0.17.0
 
       - name: ghcr-login
         uses: docker/login-action@v3