chore(deps): bump anchore/sbom-action from 0.12.0 to 0.13.0

[dependabot[bot]]

Bumps anchore/sbom-action from 0.12.0 to 0.13.0.

Release notes

Sourced from anchore/sbom-action's releases.

v0.13.0

Changes in v0.13.0

• Allow type "file:..." to enable creation of SBOMs from tar and other package formats (#357) [malt3]
• Update Syft to v0.59.0 (#371) [anchore-actions-token-generator]
• Update dependencies and node version (#372) [kzantow]

Commits

• b7e8507 chore: remove dependabot (#381)
• 2424de2 Bump @​types/node from 18.11.2 to 18.11.3 (#373)
• 12a03b5 Update Syft to v0.59.0 (#371)
• 563238b chore: Update dependencies and action node version (#372)
• eda5943 Update Syft to v0.58.0 (#354)
• 614fe8a feat: Allow type "file:..." (#357)
• 6218d4f Update Syft to v0.57.0 (#344)
• a173e53 Update Syft to v0.56.0 (#329)
• 2cd5755 Add update-deps script (#322)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[codecov[bot]]

Codecov Report

:exclamation: No coverage uploaded for pull request base (main@6ab80a0). Click here to learn what that means. The diff coverage is n/a.

@@           Coverage Diff           @@
##             main     #116   +/-   ##
=======================================
  Coverage        ?   57.22%           
=======================================
  Files           ?        4           
  Lines           ?      180           
  Branches        ?        0           
=======================================
  Hits            ?      103           
  Misses          ?       60           
  Partials        ?       17           

:mega: We’re building smart automated test selection to slash your CI/CD build times. Learn more

[dependabot[bot]]

Superseded by #117.