From 7185a34fdafdc541762579f2c8978a4261737277 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Tue, 8 Apr 2025 09:06:16 +0200
Subject: [PATCH] [DEV-OPS] (dependabot) Bump
 advanced-security/maven-dependency-submission-action from 4.1.1 to 4.1.2
 (#42)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Bumps
[advanced-security/maven-dependency-submission-action](https://github.com/advanced-security/maven-dependency-submission-action)
from 4.1.1 to 4.1.2.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/advanced-security/maven-dependency-submission-action/releases">advanced-security/maven-dependency-submission-action's
releases</a>.</em></p>
<blockquote>
<h2>v4.1.2</h2>
<h2>What's Changed</h2>
<ul>
<li>Add cycle safety for transitive dependencies by <a
href="https://github.com/juxtin"><code>@​juxtin</code></a> in <a
href="https://redirect.github.com/advanced-security/maven-dependency-submission-action/pull/103">advanced-security/maven-dependency-submission-action#103</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/juxtin"><code>@​juxtin</code></a> made
their first contribution in <a
href="https://redirect.github.com/advanced-security/maven-dependency-submission-action/pull/103">advanced-security/maven-dependency-submission-action#103</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/advanced-security/maven-dependency-submission-action/compare/v4...v4.1.2">https://github.com/advanced-security/maven-dependency-submission-action/compare/v4...v4.1.2</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/advanced-security/maven-dependency-submission-action/commit/aeab9f885293af501bae8bdfe88c589528ea5e25"><code>aeab9f8</code></a>
Merge pull request <a
href="https://redirect.github.com/advanced-security/maven-dependency-submission-action/issues/106">#106</a>
from advanced-security/juxtin/prep-412</li>
<li><a
href="https://github.com/advanced-security/maven-dependency-submission-action/commit/bc43a53a41f48f710734ac22c07f773dcd2c5b05"><code>bc43a53</code></a>
Update step numbers</li>
<li><a
href="https://github.com/advanced-security/maven-dependency-submission-action/commit/8ec6a0b12e093e488e5d9cf195bc923ed0d6ffa9"><code>8ec6a0b</code></a>
Add note about running npm build</li>
<li><a
href="https://github.com/advanced-security/maven-dependency-submission-action/commit/8c8c37cf513763e51f6b3b510030a99a71d3192f"><code>8c8c37c</code></a>
Merge branch 'main' into juxtin/prep-412</li>
<li><a
href="https://github.com/advanced-security/maven-dependency-submission-action/commit/4ccf7bf0a3e06066dab3224e5ff53fa98f366295"><code>4ccf7bf</code></a>
Update version to 4.1.2 and update release instructions</li>
<li><a
href="https://github.com/advanced-security/maven-dependency-submission-action/commit/973a8cf442549f9fe303f76d73f7275bb4bc62fb"><code>973a8cf</code></a>
Merge pull request <a
href="https://redirect.github.com/advanced-security/maven-dependency-submission-action/issues/104">#104</a>
from advanced-security/juxtin/prep-412</li>
<li><a
href="https://github.com/advanced-security/maven-dependency-submission-action/commit/48f232b0d166d6cb58cc1289390a4959d82266d1"><code>48f232b</code></a>
Update dist files</li>
<li><a
href="https://github.com/advanced-security/maven-dependency-submission-action/commit/769e1e8558eb6fab557a838279796d633da3ea6c"><code>769e1e8</code></a>
Prepare for 4.1.2 release</li>
<li><a
href="https://github.com/advanced-security/maven-dependency-submission-action/commit/298a80476969862896de03263b786faedc84727a"><code>298a804</code></a>
Upgrade version of Maven plugin</li>
<li><a
href="https://github.com/advanced-security/maven-dependency-submission-action/commit/29fd39885eafa717ad960f9ebd179e6fec0e863e"><code>29fd398</code></a>
Merge pull request <a
href="https://redirect.github.com/advanced-security/maven-dependency-submission-action/issues/103">#103</a>
from advanced-security/juxtin/handle-cycles</li>
<li>Additional commits viewable in <a
href="https://github.com/advanced-security/maven-dependency-submission-action/compare/4f64ddab9d742a4806eeb588d238e4c311a8397d...aeab9f885293af501bae8bdfe88c589528ea5e25">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=advanced-security/maven-dependency-submission-action&package-manager=github_actions&previous-version=4.1.1&new-version=4.1.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 .github/workflows/maven.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/maven.yml b/.github/workflows/maven.yml
index 98d4888..ccc9940 100644
--- a/.github/workflows/maven.yml
+++ b/.github/workflows/maven.yml
@@ -32,4 +32,4 @@ jobs:
 
     # Optional: Uploads the full dependency graph to GitHub to improve the quality of Dependabot alerts this repository can receive
     - name: Update dependency graph
-      uses: advanced-security/maven-dependency-submission-action@4f64ddab9d742a4806eeb588d238e4c311a8397d
+      uses: advanced-security/maven-dependency-submission-action@aeab9f885293af501bae8bdfe88c589528ea5e25