deps: bump the production-dependencies group across 1 directory with 7 updates

Bumps the production-dependencies group with 7 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [dtolnay/rust-toolchain](https://github.com/dtolnay/rust-toolchain) | `0b1efabc08b657293548b77fb76cc02d26091c7e` | `f7ccc83f9ed1e5b9c81d8a67d7ad1a747e22a561` |
| [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) | `3.11.1` | `3.12.0` |
| [docker/login-action](https://github.com/docker/login-action) | `3.6.0` | `3.7.0` |
| [advanced-security/spdx-dependency-submission-action](https://github.com/advanced-security/spdx-dependency-submission-action) | `0.1.1` | `0.1.2` |
| [actions/attest-build-provenance](https://github.com/actions/attest-build-provenance) | `3.0.0` | `3.2.0` |
| [anchore/scan-action](https://github.com/anchore/scan-action) | `7.2.2` | `7.3.1` |
| [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) | `8.0.0` | `8.1.0` |



Updates `dtolnay/rust-toolchain` from 0b1efabc08b657293548b77fb76cc02d26091c7e to f7ccc83f9ed1e5b9c81d8a67d7ad1a747e22a561
- [Release notes](https://github.com/dtolnay/rust-toolchain/releases)
- [Commits](dtolnay/rust-toolchain@0b1efab...f7ccc83)

Updates `docker/setup-buildx-action` from 3.11.1 to 3.12.0
- [Release notes](https://github.com/docker/setup-buildx-action/releases)
- [Commits](docker/setup-buildx-action@e468171...8d2750c)

Updates `docker/login-action` from 3.6.0 to 3.7.0
- [Release notes](https://github.com/docker/login-action/releases)
- [Commits](docker/login-action@5e57cd1...c94ce9f)

Updates `advanced-security/spdx-dependency-submission-action` from 0.1.1 to 0.1.2
- [Release notes](https://github.com/advanced-security/spdx-dependency-submission-action/releases)
- [Commits](advanced-security/spdx-dependency-submission-action@5530bab...f957edb)

Updates `actions/attest-build-provenance` from 3.0.0 to 3.2.0
- [Release notes](https://github.com/actions/attest-build-provenance/releases)
- [Changelog](https://github.com/actions/attest-build-provenance/blob/main/RELEASE.md)
- [Commits](actions/attest-build-provenance@977bb37...96278af)

Updates `anchore/scan-action` from 7.2.2 to 7.3.1
- [Release notes](https://github.com/anchore/scan-action/releases)
- [Changelog](https://github.com/anchore/scan-action/blob/main/RELEASE.md)
- [Commits](anchore/scan-action@3c9a191...8d2fce0)

Updates `peter-evans/create-pull-request` from 8.0.0 to 8.1.0
- [Release notes](https://github.com/peter-evans/create-pull-request/releases)
- [Commits](peter-evans/create-pull-request@98357b1...c0f553f)

---
updated-dependencies:
- dependency-name: dtolnay/rust-toolchain
  dependency-version: f7ccc83f9ed1e5b9c81d8a67d7ad1a747e22a561
  dependency-type: direct:production
  dependency-group: production-dependencies
- dependency-name: docker/setup-buildx-action
  dependency-version: 3.12.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
- dependency-name: docker/login-action
  dependency-version: 3.7.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
- dependency-name: advanced-security/spdx-dependency-submission-action
  dependency-version: 0.1.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: production-dependencies
- dependency-name: actions/attest-build-provenance
  dependency-version: 3.2.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
- dependency-name: anchore/scan-action
  dependency-version: 7.3.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
- dependency-name: peter-evans/create-pull-request
  dependency-version: 8.1.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>

Author: dependabot[bot]

.github/workflows/codeql-ql.yml

@@ -21,7 +21,7 @@ jobs:
         uses: actions/checkout@v6
 
       - name: "Set up Rust"
-        uses: dtolnay/rust-toolchain@0b1efabc08b657293548b77fb76cc02d26091c7e   # v1.85.1
+        uses: dtolnay/rust-toolchain@f7ccc83f9ed1e5b9c81d8a67d7ad1a747e22a561   # v1.85.1
         with:
           toolchain: stable
 

.github/workflows/container-publish.yml

@@ -43,10 +43,10 @@ jobs:
         uses: actions/checkout@v6
 
       - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 # v3.11.1
+        uses: docker/setup-buildx-action@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f # v3.12.0
 
       - name: Log in to the Container registry
-        uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0
+        uses: docker/login-action@c94ce9fb468520275223c153574b00df6fe4bcc9 # v3.7.0
         with:
           registry: ${{ env.REGISTRY }}
           username: ${{ github.actor }}
@@ -80,20 +80,20 @@ jobs:
 
       # Upload Software Bill of Materials (SBOM) to GitHub
       - name: Upload SBOM
-        uses: advanced-security/spdx-dependency-submission-action@5530bab9ee4bbe66420ce8280624036c77f89746  # v0.1.1
+        uses: advanced-security/spdx-dependency-submission-action@f957edbb35161c1f9e33f61026fc86a671c58cae  # v0.1.2
         with:
           filePath: '.'
           filePattern: '*.spdx.json'
 
       # Build provenance attestations
       - name: Attest Container Image
-        uses: actions/attest-build-provenance@977bb373ede98d70efdf65b84cb5f73e068dcc2a  # v3.0.0
+        uses: actions/attest-build-provenance@96278af6caaf10aea03fd8d33a09a777ca52d62f  # v3.2.0
         with:
           subject-name: ${{ env.REGISTRY }}/${{ env.IMAGE_NAME }}
           subject-digest: ${{ steps.build.outputs.digest }}
           push-to-registry: true
 
       # - name: Attest Container SBOM
-      #   uses: actions/attest-build-provenance@977bb373ede98d70efdf65b84cb5f73e068dcc2a  # v3.0.0
+      #   uses: actions/attest-build-provenance@96278af6caaf10aea03fd8d33a09a777ca52d62f  # v3.2.0
       #   with:
       #     subject-path:: '*.spdx.json'

.github/workflows/container-security.yml

@@ -38,7 +38,7 @@ jobs:
         uses: actions/checkout@v6
 
       - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@e468171a9de216ec08956ac3ada2f0791b6bd435 # v3.11.1
+        uses: docker/setup-buildx-action@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f # v3.12.0
 
       - name: Build Initial Container
         uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 # v6.18.0
@@ -52,7 +52,7 @@ jobs:
 
       # Scan the image for vulnerabilities
       - name: Run the Anchore / Grype scan action
-        uses: anchore/scan-action@3c9a191a0fbab285ca6b8530b5de5a642cba332f # v7.2.2
+        uses: anchore/scan-action@8d2fce09422cd6037e577f4130e9b925e9a37175 # v7.3.1
         id: scan
         with:
           image: localbuild/testimage:latest

.github/workflows/python-vendor.yml

@@ -79,7 +79,7 @@ jobs:
         
       - name: "Create Pull Request with updated vendored dependencies"
         if: ${{ steps.vendoring.outputs.changes > 0 }}
-        uses: peter-evans/create-pull-request@98357b18bf14b5342f975ff684046ec3b2a07725  # v8.0.0
+        uses: peter-evans/create-pull-request@c0f553fe549906ede9cf27b5156039d195d2ece0  # v8.1.0
         with:
           token: ${{ github.token }}
           commit-message: "[chore]: Update vendored dependencies"

.github/workflows/release.yml

@@ -38,7 +38,7 @@ jobs:
           mode: ${{ github.event.inputs.bump }}
 
       - name: "Create Release"
-        uses: peter-evans/create-pull-request@98357b18bf14b5342f975ff684046ec3b2a07725 # v8.0.0
+        uses: peter-evans/create-pull-request@c0f553fe549906ede9cf27b5156039d195d2ece0 # v8.1.0
         with:
           token: ${{ github.token }}
           commit-message: "[chore]: Create release for ${{ github.event.inputs.version }}"