From 42aaeb417dd199a21a04596e4273133864d4b671 Mon Sep 17 00:00:00 2001
From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com>
Date: Mon, 27 Apr 2026 07:27:19 +0000
Subject: [PATCH] chore(deps): update all non-major dependencies

---
 .github/workflows/scans.yml | 8 ++++----
 .pre-commit-config.yaml     | 8 ++++----
 Dockerfile                  | 2 +-
 3 files changed, 9 insertions(+), 9 deletions(-)

diff --git a/.github/workflows/scans.yml b/.github/workflows/scans.yml
index 2ea0802..dd740ca 100644
--- a/.github/workflows/scans.yml
+++ b/.github/workflows/scans.yml
@@ -319,14 +319,14 @@ jobs:
     steps:
       - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6
 
-      - uses: aquasecurity/trivy-action@57a97c7e7821a5776cebc9bb87c984fa69cba8f1 # 0.30
+      - uses: aquasecurity/trivy-action@ed142fd0673e97e23eac54620cfb913e5ce36c25 # v0.36.0
         with:
           scan-type: fs
           format: github
           output: dependency-results.sbom.json
           github-pat: ${{ github.token }}
 
-      - uses: aquasecurity/trivy-action@57a97c7e7821a5776cebc9bb87c984fa69cba8f1 # 0.30
+      - uses: aquasecurity/trivy-action@ed142fd0673e97e23eac54620cfb913e5ce36c25 # v0.36.0
         with:
           scan-type: fs
           format: sarif
@@ -359,14 +359,14 @@ jobs:
           cache-from: ${{ env.GHCR_IMAGE_NAME }}:cache
           load: true
 
-      - uses: aquasecurity/trivy-action@57a97c7e7821a5776cebc9bb87c984fa69cba8f1 # 0.30
+      - uses: aquasecurity/trivy-action@ed142fd0673e97e23eac54620cfb913e5ce36c25 # v0.36.0
         with:
           image-ref: ${{ steps.build.outputs.imageid }}
           format: github
           output: dependency-results.sbom.json
           github-pat: ${{ github.token }}
 
-      - uses: aquasecurity/trivy-action@57a97c7e7821a5776cebc9bb87c984fa69cba8f1 # 0.30
+      - uses: aquasecurity/trivy-action@ed142fd0673e97e23eac54620cfb913e5ce36c25 # v0.36.0
         with:
           image-ref: ${{ steps.build.outputs.imageid }}
           format: sarif
diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml
index 5b44103..61a200a 100644
--- a/.pre-commit-config.yaml
+++ b/.pre-commit-config.yaml
@@ -6,7 +6,7 @@ default_stages:
 
 repos:
   - repo: https://github.com/pre-commit/pre-commit
-    rev: v4.5.1
+    rev: v4.6.0
     hooks:
       - id: validate_manifest
 
@@ -45,7 +45,7 @@ repos:
       - id: detect-private-key
 
   - repo: https://github.com/gitleaks/gitleaks
-    rev: v8.30.0
+    rev: v8.30.1
     hooks:
       - id: gitleaks
 
@@ -65,13 +65,13 @@ repos:
       - id: hadolint-docker
 
   - repo: https://github.com/DavidAnson/markdownlint-cli2
-    rev: v0.22.0
+    rev: v0.22.1
     hooks:
       - id: markdownlint-cli2
         args: [--fix]
 
   - repo: https://github.com/astral-sh/ruff-pre-commit
-    rev: v0.15.11
+    rev: v0.15.12
     hooks:
       - id: ruff
         types_or: [python, pyi, jupyter]
diff --git a/Dockerfile b/Dockerfile
index 4b1aec5..0118423 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,5 +1,5 @@
 # hadolint global ignore=DL3008
-FROM ghcr.io/astral-sh/uv:0.11.4@sha256:5164bf84e7b4e2e08ce0b4c66b4a8c996a286e6959f72ac5c6e0a3c80e8cb04a AS uv
+FROM ghcr.io/astral-sh/uv:0.11.7@sha256:240fb85ab0f263ef12f492d8476aa3a2e4e1e333f7d67fbdd923d00a506a516a AS uv
 
 ##
 # base