From dc376e99f8a25dbb9d43107ec4c0ba2bf4d8cad6 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 20 Jan 2025 20:18:11 +0000
Subject: [PATCH 1/4] chore(deps): bump marocchino/sticky-pull-request-comment

Bumps [marocchino/sticky-pull-request-comment](https://github.com/marocchino/sticky-pull-request-comment) from 2.9.0 to 2.9.1.
- [Release notes](https://github.com/marocchino/sticky-pull-request-comment/releases)
- [Commits](https://github.com/marocchino/sticky-pull-request-comment/compare/331f8f5b4215f0445d3c07b4967662a32a2d3e31...52423e01640425a022ef5fd42c6fb5f633a02728)

---
updated-dependencies:
- dependency-name: marocchino/sticky-pull-request-comment
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 .github/workflows/release-preview-pr.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/release-preview-pr.yml b/.github/workflows/release-preview-pr.yml
index 154a67dd..20b245fc 100644
--- a/.github/workflows/release-preview-pr.yml
+++ b/.github/workflows/release-preview-pr.yml
@@ -30,7 +30,7 @@ jobs:
     steps:
       - if: ${{ needs.notes.outputs.no_release == 'false' }}
         name: Add comment to the PR
-        uses: marocchino/sticky-pull-request-comment@331f8f5b4215f0445d3c07b4967662a32a2d3e31 # v2.9.0
+        uses: marocchino/sticky-pull-request-comment@52423e01640425a022ef5fd42c6fb5f633a02728 # v2.9.1
         with:
           header: ReleasePreview
           message: |
@@ -42,7 +42,7 @@ jobs:
 
       - if: ${{ needs.notes.outputs.no_release == 'true' }}
         name: Add comment to the PR
-        uses: marocchino/sticky-pull-request-comment@331f8f5b4215f0445d3c07b4967662a32a2d3e31 # v2.9.0
+        uses: marocchino/sticky-pull-request-comment@52423e01640425a022ef5fd42c6fb5f633a02728 # v2.9.1
         with:
           header: ReleasePreview
           message: "⚠⚠⚠ This pull request will not create a new release. ⚠⚠⚠"

From dafd21c3ddc5b6981b77b170fb0ad75c8a860acf Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Wed, 22 Jan 2025 01:10:43 +0000
Subject: [PATCH 2/4] test(deps): bump org.assertj:assertj-core from 3.27.2 to
 3.27.3

Bumps [org.assertj:assertj-core](https://github.com/assertj/assertj) from 3.27.2 to 3.27.3.
- [Release notes](https://github.com/assertj/assertj/releases)
- [Commits](https://github.com/assertj/assertj/compare/assertj-build-3.27.2...assertj-build-3.27.3)

---
updated-dependencies:
- dependency-name: org.assertj:assertj-core
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 build.gradle | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/build.gradle b/build.gradle
index bfeb8a86..49df5307 100644
--- a/build.gradle
+++ b/build.gradle
@@ -107,7 +107,7 @@ dependencies {
   testImplementation enforcedPlatform("org.junit:junit-bom:5.11.4")
   testImplementation 'org.junit.jupiter:junit-jupiter'
   testImplementation 'org.junit-pioneer:junit-pioneer:2.3.0'
-  testImplementation 'org.assertj:assertj-core:3.27.2', {
+  testImplementation 'org.assertj:assertj-core:3.27.3', {
     // conflict of 1.12.10 in assertj vs 1.12.13 in mockito-core
     exclude group: "net.bytebuddy", module: "byte-buddy"
     exclude group: "net.bytebuddy", module: "byte-buddy-agent"

From a21a9b2476553e629e54690f30822451b364a20d Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Wed, 22 Jan 2025 01:10:46 +0000
Subject: [PATCH 3/4] chore(deps): bump org.cyclonedx.bom from 1.10.0 to 2.0.0

Bumps org.cyclonedx.bom from 1.10.0 to 2.0.0.

---
updated-dependencies:
- dependency-name: org.cyclonedx.bom
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 build.gradle | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/build.gradle b/build.gradle
index 49df5307..5030c769 100644
--- a/build.gradle
+++ b/build.gradle
@@ -5,7 +5,7 @@ plugins {
   id 'org.sonarqube' version '6.0.1.5171'
   id "com.diffplug.spotless" version "7.0.2"
   id "com.google.cloud.tools.jib" version "3.4.4"
-  id 'org.cyclonedx.bom' version '1.10.0'
+  id 'org.cyclonedx.bom' version '2.0.0'
 }
 
 repositories {

From 2de565816d665138718da5296ab850b9e5ae5548 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?J=C3=B6rg=20Siebahn?= <joerg.siebahn@sda-se.com>
Date: Fri, 24 Jan 2025 09:43:00 +0100
Subject: [PATCH 4/4] chore: specify sbom version

---
 build.gradle | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/build.gradle b/build.gradle
index 5030c769..7ca233ea 100644
--- a/build.gradle
+++ b/build.gradle
@@ -8,6 +8,10 @@ plugins {
   id 'org.cyclonedx.bom' version '2.0.0'
 }
 
+cyclonedxBom {
+  schemaVersion = "1.5"
+}
+
 repositories {
   mavenCentral()
 }