Bump ossf/scorecard-action from 2.3.0 to 2.3.1

[dependabot]

Bumps ossf/scorecard-action from 2.3.0 to 2.3.1.

Release notes

Sourced from ossf/scorecard-action's releases.

v2.3.1

What's Changed

• 🌱 Bump github.com/ossf/scorecard/v4 from v4.13.0 to v4.13.1 by @​spencerschrock in ossf/scorecard-action#1282
  • Adds additional Fuzzing detection and fixes a SAST bug related to detecting CodeQL. For a full changelist of what this includes, see the v4.13.1 release notes

Full Changelog: ossf/scorecard-action@v2.3.0...v2.3.1

Commits

• 0864cf1 🌱 Bump docker tag to for v2.3.1 release (#1284)
• 72df3bf 🌱 Bump github.com/ossf/scorecard/v4 from v4.13.0 to v4.13.1 (#1282)
• 0ea411f 🌱 Bump the docker-images group with 1 update (#1281)
• dbfd042 🌱 Bump the github-actions group with 1 update (#1280)
• 2fa1e2f 🌱 Bump golang.org/x/net from 0.16.0 to 0.17.0 (#1278)
• 652ddd0 🌱 Bump github.com/google/go-cmp from 0.5.9 to 0.6.0 (#1277)
• 28d0c92 🌱 Group Dependabot updates for GitHub Actions and Dockerfiles (#1276)
• cb50491 🌱 Bump distroless/base from a35b652 to b31a6e0 (#1275)
• 87157ac 🌱 Bump github/codeql-action from 2.21.9 to 2.22.1 (#1274)
• 7c1648b 🌱 Bump step-security/harden-runner from 2.5.1 to 2.6.0 (#1273)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[codecov-commenter]

Codecov Report

Merging #428 (fbc7bb4) into master (ac783e7) will decrease coverage by 0.01%.
The diff coverage is n/a.

@@             Coverage Diff              @@
##             master     #428      +/-   ##
============================================
- Coverage     80.47%   80.47%   -0.01%     
+ Complexity     6740     6739       -1     
============================================
  Files           343      343              
  Lines         25295    25295              
  Branches       4095     4095              
============================================
- Hits          20357    20355       -2     
- Misses         3364     3367       +3     
+ Partials       1574     1573       -1     

see 1 file with indirect coverage changes

📣 We’re building smart automated test selection to slash your CI/CD build times. Learn more