Bump anchore/scan-action from 3.2.0 to 3.2.5

[dependabot]

Bumps anchore/scan-action from 3.2.0 to 3.2.5.

Release notes

Sourced from anchore/scan-action's releases.

v3.2.5

New in scan-action v3.2.5

• Update node versions to v16 from v12 (#176) [spiffcs]
• Update Grype to v0.38.0 (#173)

v3.2.4

New in scan-action v3.2.4

• Update Grype to v0.34.7 (#163)
• More closely align parameters with sbom-action (#158)

v3.2.3

New in scan-action v3.2.3

• Support SBOM input for scanning (#154) [@​harmw]

v3.2.2

New in scan-action v3.2.2

• Add sub-action to download Grype (#152)
• Update Grype to 0.34.4 to fix a nil pointer in SARIF generation (#151)

v3.2.1

New in scan-action v3.2.1

• Remove SARIF processing (#148)

Commits

• ecfd0e9 update node versions to v16 from v12 (#176)
• 942ffaa Update Grype to v0.38.0 (#173)
• 8dc1927 Update Grype to v0.36.1 (#172)
• 001541c Remove commit signing requirement (#150)
• 768ac09 Update Grype to v0.35.0 (#170)
• ba1a08a Add author to the release drafter template (#167)
• e83a5d9 Update Grype to v0.34.7 (#163)
• f39983b Explicitly run npm run build for auto-update PR (#166)
• 95d50bf Update husky and other deps, fix erroneous test (#165)
• 94892a6 More closely align parameters with sbom-action (#158)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[codecov]

Codecov Report

❗ No coverage uploaded for pull request base (develop@39861f7). Click here to learn what that means.
The diff coverage is n/a.

@@              Coverage Diff              @@
##             develop        #120   +/-   ##
=============================================
  Coverage           ?   92.87297%           
=============================================
  Files              ?         247           
  Lines              ?       13989           
  Branches           ?         740           
=============================================
  Hits               ?       12992           
  Misses             ?         779           
  Partials           ?         218           

Flag	Coverage Δ
unittests	92.87297% <ø> (?)

Flags with carried forward coverage won't be shown. Click here to find out more.

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 39861f7...332db26. Read the comment docs.