From c13b331436cadeb0232d67e191861ca80f161e23 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Thu, 10 Oct 2024 08:33:30 +0000
Subject: [PATCH 1/2] Bump aquasecurity/trivy-action from 0.24.0 to 0.26.0
 (#92)

---
 .github/workflows/scan-image.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/scan-image.yml b/.github/workflows/scan-image.yml
index 5ffb723..91ef526 100644
--- a/.github/workflows/scan-image.yml
+++ b/.github/workflows/scan-image.yml
@@ -30,7 +30,7 @@ jobs:
 
       - name: Scan Image
         id: scan_image
-        uses: aquasecurity/trivy-action@6e7b7d1fd3e4fef0c5fa8cce1229c54b2c9bd0d8 # v0.24.0
+        uses: aquasecurity/trivy-action@a20de5420d57c4102486cdd9578b45609c99d7eb # v0.26.0
         with:
           image-ref: analytical-platform-rshiny-open-source-base
           exit-code: 1
@@ -49,7 +49,7 @@ jobs:
       - name: Scan Image (On SARIF Scan Failure)
         if: failure() && steps.scan_image.outcome == 'failure'
         id: scan_image_on_failure
-        uses: aquasecurity/trivy-action@6e7b7d1fd3e4fef0c5fa8cce1229c54b2c9bd0d8 # v0.24.0
+        uses: aquasecurity/trivy-action@a20de5420d57c4102486cdd9578b45609c99d7eb # v0.26.0
         with:
           image-ref: analytical-platform-rshiny-open-source-base
           exit-code: 1

From 040a1f52b9b9e21dd4c018e71ebbb49fe15f599a Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Fri, 11 Oct 2024 16:17:23 +0100
Subject: [PATCH 2/2] Bump ghcr.io/devcontainers/features/docker-in-docker from
 2.10.2 to 2.12.0 (#79)

* Bump ghcr.io/devcontainers/features/docker-in-docker

Bumps ghcr.io/devcontainers/features/docker-in-docker from 2.10.2 to 2.12.0.

---
updated-dependencies:
- dependency-name: ghcr.io/devcontainers/features/docker-in-docker
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* remove duplicate keys

* Bump ghcr.io/devcontainers/features/docker-in-docker from 2.10.2 to 2.12.0

Dependabot couldn't find the original pull request head commit, cd0288ea04143ab269426cd682832ba1b90ee0be.

* remove duplicate keys 2

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: BrianEllwood <brian.ellwood@digital.justice.gov.uk>
---
 .devcontainer/devcontainer-lock.json | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/.devcontainer/devcontainer-lock.json b/.devcontainer/devcontainer-lock.json
index e39b1dd..6c23165 100644
--- a/.devcontainer/devcontainer-lock.json
+++ b/.devcontainer/devcontainer-lock.json
@@ -1,9 +1,9 @@
 {
   "features": {
     "ghcr.io/devcontainers/features/docker-in-docker:2": {
-      "version": "2.10.2",
-      "resolved": "ghcr.io/devcontainers/features/docker-in-docker@sha256:23ae11a86089da5f0b98a6edd603f91831802b7f2d5ef1e104e1b94a3beb546c",
-      "integrity": "sha256:23ae11a86089da5f0b98a6edd603f91831802b7f2d5ef1e104e1b94a3beb546c"
+      "version": "2.12.0",
+      "resolved": "ghcr.io/devcontainers/features/docker-in-docker@sha256:5f3e2005aad161ce3ff7700b2603f11935348c039f9166960efd050d69cd3014",
+      "integrity": "sha256:5f3e2005aad161ce3ff7700b2603f11935348c039f9166960efd050d69cd3014"
     },
     "ghcr.io/ministryofjustice/devcontainer-feature/container-structure-test:1": {
       "version": "1.0.0",