chore(deps): bump google/osv-scanner-action from 1.8.1 to 1.8.5

[dependabot[bot]]

Bumps google/osv-scanner-action from 1.8.1 to 1.8.5.

Release notes

Sourced from google/osv-scanner-action's releases.

v1.8.5

This updates OSV-Scanner to v1.8.5.

What's Changed

• chore(deps): update workflows by @​renovate-bot in google/osv-scanner-action#34
• fix: Use force checkout on second checkout for PR scanning by @​another-rex in google/osv-scanner-action#41
• chore: update to v1.8.5 by @​cuixq in google/osv-scanner-action#42

New Contributors

• @​cuixq made their first contribution in google/osv-scanner-action#42

Full Changelog: https://github.com/google/osv-scanner-action/compare/v1.8.4...v1.8.5

v1.8.4

Bump OSV-Scanner version https://github.com/google/osv-scanner/releases/tag/v1.8.4

v1.8.3

What's Changed

• Now uses OSV-Scanner v1.8.3, see https://github.com/google/osv-scanner/blob/main/CHANGELOG.md for full changelog.

New Contributors

• @​hogo6002 made their first contribution in google/osv-scanner-action#37

Full Changelog: https://github.com/google/osv-scanner-action/compare/v1.8.2...v1.8.3

v1.8.2

What's Changed

• Now uses OSV-Scanner v1.8.2, see https://github.com/google/osv-scanner/blob/main/CHANGELOG.md for full changelog.
• Call analysis is now done by default for golang.

Commits

• f0e6719 Merge pull request #42 from google/update-to-v1.8.5
• b2d6423 Update unified workflow example to point to v1.8.5 reusable workflows
• 7c52d44 Update reusable workflows to point to v1.8.5 actions
• c8774f9 Update actions to use v1.8.5 osv-scanner image
• 6777cfa Merge pull request #41 from google/force-checkout
• 5624e70 Use force checkout
• 75f230e Merge pull request #34 from renovate-bot/renovate/workflows
• 69f000a chore(deps): update workflows
• 678a866 Merge pull request #39 from google/update-to-v1.8.4
• 6a315db Update unified workflow example to point to v1.8.4 reusable workflows
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)