Bump anchore/sbom-action from 0.14.1 to 0.14.2

[dependabot]

Bumps anchore/sbom-action from 0.14.1 to 0.14.2.

Release notes

Sourced from anchore/sbom-action's releases.

v0.14.2

Changes in v0.14.2

• Update Syft to v0.80.0 (#415)
• Make sure all invalid artifact name characters are replaced #396 (#417) [lts-po]
• Ensure SBOM is copied to output-file (#411) [gszr]

Commits

• 4d571ad chore(deps): update Syft to v0.80.0 (#415)
• a59054d fix: Make sure all invalid chars are replaced for artifact names -- fixes #39...
• ea7104d chore: update snapshot workflow (#413)
• 50dec67 chore(deps): update Syft to v0.77.0 (#409)
• 8e2e937 fix: ensure sbom is copied to output-file (#411)
• 800a56f chore: update snapshot workflow (#412)
• 9cf3dcd chore: update snapshot workflow (#410)
• 642f63c chore: update syft update check (#408)
• a7622b6 chore: update deprecated set-output (#407)
• c82ee26 chore: add workflow to update snapshots from PR comment (#406)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[codecov]

Codecov Report

Merging #3876 (d6e59f1) into main (8d437fd) will decrease coverage by 0.03%.
The diff coverage is n/a.

❗ Current head d6e59f1 differs from pull request most recent head e885dee. Consider uploading reports for the commit e885dee to get more accurate results

@@            Coverage Diff             @@
##             main    #3876      +/-   ##
==========================================
- Coverage   51.94%   51.91%   -0.03%     
==========================================
  Files          59       59              
  Lines       16742    16742              
==========================================
- Hits         8696     8692       -4     
- Misses       7748     7750       +2     
- Partials      298      300       +2     

see 1 file with indirect coverage changes

📣 We’re building smart automated test selection to slash your CI/CD build times. Learn more