chore(deps): update actions/dependency-review-action action to v4.3.4

[renovate[bot]]

This PR contains the following updates:

Package	Type	Update	Change
actions/dependency-review-action	action	minor	v4.2.4 -> v4.3.4

---

Release Notes

actions/dependency-review-action (actions/dependency-review-action)

### [`v4.3.4`](https://redirect.github.com/actions/dependency-review-action/releases/tag/v4.3.4) [Compare Source](https://redirect.github.com/actions/dependency-review-action/compare/v4.3.3...v4.3.4) #### What's Changed - Include all added dependencies in scorecard entries by [@​elireisman](https://redirect.github.com/elireisman) in [https://github.com/actions/dependency-review-action/pull/783](https://redirect.github.com/actions/dependency-review-action/pull/783) - Update SPDX Expression Parsing by [@​febuiles](https://redirect.github.com/febuiles) in [https://github.com/actions/dependency-review-action/pull/719](https://redirect.github.com/actions/dependency-review-action/pull/719) - This PR is a significant refactor of SPDX expression parsing that *may* fix some bugs, but unfortunately there are several related known issues that remain unresolved as of this version. **Full Changelog**: https://github.com/actions/dependency-review-action/compare/v4.3.3...v4.3.4 ### [`v4.3.3`](https://redirect.github.com/actions/dependency-review-action/releases/tag/v4.3.3): Notes for v4.3.3 [Compare Source](https://redirect.github.com/actions/dependency-review-action/compare/v4.3.2...v4.3.3) #### What's Changed - Allow slashes in purl package names by [@​juxtin](https://redirect.github.com/juxtin) in [https://github.com/actions/dependency-review-action/pull/765](https://redirect.github.com/actions/dependency-review-action/pull/765) - use the v3 version of the deps.dev API by [@​josieang](https://redirect.github.com/josieang) in [https://github.com/actions/dependency-review-action/pull/741](https://redirect.github.com/actions/dependency-review-action/pull/741) - PR with suggestions - \[Improvement]: Help streamline / simplify dependency review action README by [@​am-stead](https://redirect.github.com/am-stead) in [https://github.com/actions/dependency-review-action/pull/773](https://redirect.github.com/actions/dependency-review-action/pull/773) - fix show-openssf-scorecard-levels input by [@​ramann](https://redirect.github.com/ramann) in [https://github.com/actions/dependency-review-action/pull/776](https://redirect.github.com/actions/dependency-review-action/pull/776) - Updates to the contribution guidelines by [@​jonjanego](https://redirect.github.com/jonjanego) in [https://github.com/actions/dependency-review-action/pull/778](https://redirect.github.com/actions/dependency-review-action/pull/778) - Create issue templates by [@​jonjanego](https://redirect.github.com/jonjanego) in [https://github.com/actions/dependency-review-action/pull/777](https://redirect.github.com/actions/dependency-review-action/pull/777) - Fix the max comment length issue by [@​jhutchings1](https://redirect.github.com/jhutchings1) and [@​elireisman](https://redirect.github.com/elireisman) in [https://github.com/actions/dependency-review-action/pull/767](https://redirect.github.com/actions/dependency-review-action/pull/767) - Bump project version to 4.3.3 in prep for a release by [@​elireisman](https://redirect.github.com/elireisman) in [https://github.com/actions/dependency-review-action/pull/781](https://redirect.github.com/actions/dependency-review-action/pull/781) #### New Contributors - [@​josieang](https://redirect.github.com/josieang) made their first contribution in [https://github.com/actions/dependency-review-action/pull/741](https://redirect.github.com/actions/dependency-review-action/pull/741) - [@​am-stead](https://redirect.github.com/am-stead) made their first contribution in [https://github.com/actions/dependency-review-action/pull/773](https://redirect.github.com/actions/dependency-review-action/pull/773) - [@​ramann](https://redirect.github.com/ramann) made their first contribution in [https://github.com/actions/dependency-review-action/pull/776](https://redirect.github.com/actions/dependency-review-action/pull/776) **Full Changelog**: https://github.com/actions/dependency-review-action/compare/v4.3.2...v4.3.3 ### [`v4.3.2`](https://redirect.github.com/actions/dependency-review-action/releases/tag/v4.3.2) [Compare Source](https://redirect.github.com/actions/dependency-review-action/compare/v4.3.1...v4.3.2) #### What's Changed - Fix package-url parsing for allow-dependencies-licenses by [@​juxtin](https://redirect.github.com/juxtin) in [https://github.com/actions/dependency-review-action/pull/761](https://redirect.github.com/actions/dependency-review-action/pull/761) **Full Changelog**: https://github.com/actions/dependency-review-action/compare/v4.3.1...v4.3.2 ### [`v4.3.1`](https://redirect.github.com/actions/dependency-review-action/releases/tag/v4.3.1) [Compare Source](https://redirect.github.com/actions/dependency-review-action/compare/v4.3.0...v4.3.1) #### What's Changed This release fixes some bugs related to package-url parsing that were introduced in 4.3.0. See [https://github.com/actions/dependency-review-action/pull/753](https://redirect.github.com/actions/dependency-review-action/pull/753). **Full Changelog**: https://github.com/actions/dependency-review-action/compare/V4.3.0...v4.3.1 ### [`v4.3.0`](https://redirect.github.com/actions/dependency-review-action/releases/tag/v4.3.0) [Compare Source](https://redirect.github.com/actions/dependency-review-action/compare/v4.2.5...v4.3.0) #### New Features - The `deny-packages` option can now be used without a version number to exclude *all* versions of a package. #### What's Changed - Fix action variable name for scorecard by [@​lukehinds](https://redirect.github.com/lukehinds) in [https://github.com/actions/dependency-review-action/pull/735](https://redirect.github.com/actions/dependency-review-action/pull/735) - Fix extra https:// in summary by [@​jhutchings1](https://redirect.github.com/jhutchings1) in [https://github.com/actions/dependency-review-action/pull/748](https://redirect.github.com/actions/dependency-review-action/pull/748) - Bump typescript from 5.3.3 to 5.4.5 by [@​dependabot](https://redirect.github.com/dependabot) in [https://github.com/actions/dependency-review-action/pull/744](https://redirect.github.com/actions/dependency-review-action/pull/744) - Bump eslint-plugin-github from 4.10.1 to 4.10.2 by [@​dependabot](https://redirect.github.com/dependabot) in [https://github.com/actions/dependency-review-action/pull/737](https://redirect.github.com/actions/dependency-review-action/pull/737) - Show denied packages with red X by [@​juxtin](https://redirect.github.com/juxtin) in [https://github.com/actions/dependency-review-action/pull/750](https://redirect.github.com/actions/dependency-review-action/pull/750) - deny-packages configuration option can deny specified version or all packages by [@​febuiles](https://redirect.github.com/febuiles) and [@​bteng22](https://redirect.github.com/bteng22) in [https://github.com/actions/dependency-review-action/pull/733](https://redirect.github.com/actions/dependency-review-action/pull/733) #### New Contributors - [@​bteng22](https://redirect.github.com/bteng22) made their first contribution in [https://github.com/actions/dependency-review-action/pull/733](https://redirect.github.com/actions/dependency-review-action/pull/733) - [@​lukehinds](https://redirect.github.com/lukehinds) made their first contribution in [https://github.com/actions/dependency-review-action/pull/735](https://redirect.github.com/actions/dependency-review-action/pull/735) **Full Changelog**: https://github.com/actions/dependency-review-action/compare/v4.2.5...V4.3.0 ### [`v4.2.5`](https://redirect.github.com/actions/dependency-review-action/releases/tag/v4.2.5): 4.2.5 [Compare Source](https://redirect.github.com/actions/dependency-review-action/compare/v4.2.4...v4.2.5) #### What's Changed - Fixed a bug where some configuration options in external files were not being properly picked up -- [https://github.com/actions/dependency-review-action/pull/722](https://redirect.github.com/actions/dependency-review-action/pull/722) - Bump eslint from 8.56.0 to 8.57.0 **Full Changelog**: https://github.com/actions/dependency-review-action/compare/v4.2.4...v4.2.5

---

Configuration

📅 Schedule: Branch creation - "after 10:00 before 19:00 every weekday except after 13:00 before 14:00" in timezone Europe/Berlin, Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• [ ] If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[coderabbitai[bot]]

[!IMPORTANT]

Review skipped

Bot user detected.

To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

---

🪧 Tips

### Chat There are 3 ways to chat with [CodeRabbit](https://coderabbit.ai): - Review comments: Directly reply to a review comment made by CodeRabbit. Example: - `I pushed a fix in commit , please review it.` - `Generate unit testing code for this file.` - `Open a follow-up GitHub issue for this discussion.` - Files and specific lines of code (under the "Files changed" tab): Tag `@coderabbitai` in a new review comment at the desired location with your query. Examples: - `@coderabbitai generate unit testing code for this file.` - `@coderabbitai modularize this function.` - PR comments: Tag `@coderabbitai` in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples: - `@coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.` - `@coderabbitai read src/utils.ts and generate unit testing code.` - `@coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.` - `@coderabbitai help me debug CodeRabbit configuration file.` Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments. ### CodeRabbit Commands (Invoked using PR comments) - `@coderabbitai pause` to pause the reviews on a PR. - `@coderabbitai resume` to resume the paused reviews. - `@coderabbitai review` to trigger an incremental review. This is useful when automatic reviews are disabled for the repository. - `@coderabbitai full review` to do a full review from scratch and review all the files again. - `@coderabbitai summary` to regenerate the summary of the PR. - `@coderabbitai resolve` resolve all the CodeRabbit review comments. - `@coderabbitai configuration` to show the current CodeRabbit configuration for the repository. - `@coderabbitai help` to get help. ### Other keywords and placeholders - Add `@coderabbitai ignore` anywhere in the PR description to prevent this PR from being reviewed. - Add `@coderabbitai summary` to generate the high-level summary at a specific location in the PR description. - Add `@coderabbitai` anywhere in the PR title to generate the title automatically. ### CodeRabbit Configuration File (`.coderabbit.yaml`) - You can programmatically configure CodeRabbit by adding a `.coderabbit.yaml` file to the root of your repository. - Please see the [configuration documentation](https://docs.coderabbit.ai/guides/configure-coderabbit) for more information. - If your editor has YAML language server enabled, you can add the path at the top of this file to enable auto-completion and validation: `# yaml-language-server: $schema=https://coderabbit.ai/integrations/schema.v2.json` ### Documentation and Community - Visit our [Documentation](https://coderabbit.ai/docs) for detailed information on how to use CodeRabbit. - Join our [Discord Community](http://discord.gg/coderabbit) to get help, request features, and share feedback. - Follow us on [X/Twitter](https://twitter.com/coderabbitai) for updates and announcements.

[github-actions[bot]]

Thank you for following the naming conventions! 🙏