ci(github-action): update actions/dependency-review-action action to v4.7.1

[renovate]

This PR contains the following updates:

Package	Type	Update	Change	OpenSSF
actions/dependency-review-action	action	minor	v4.6.0 -> v4.7.1

---

Release Notes

actions/dependency-review-action (actions/dependency-review-action)

v4.7.1

Compare Source

• Packages added to allow-dependencies-licenses will be allowed even if the package in question has no license information #​889
• License expressions (e.g. Ruby OR GPL-2.0) in the allow list are automatically discarded so that they don't invalidate the whole allow list, which should just be license identifier (e.g. Ruby)

v4.7.0

Compare Source

• Handle complex license expressions (e.g. MIT AND GPL-2.0) in allow lists (fixes #​809 and probably others)
• Replace OTHER in package licenses with LicenseRef-clearlydefined-OTHER so that parsing passes

---

Configuration

📅 Schedule: Branch creation - Between 12:00 AM and 03:59 AM ( * 0-3 * * * ) (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[github-actions]

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

Package	Version	Score	Details
actions/actions/dependency-review-action	da24556b548a50705dd671f47852072ea4c105d9	🟢 7	Details Check Score Reason Security-Policy 🟢 9 security policy file detected Maintained 🟢 10 30 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 10 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Binary-Artifacts 🟢 10 no binaries found in the repo Packaging ⚠️ -1 packaging workflow not detected Code-Review 🟢 10 all changesets reviewed Signed-Releases ⚠️ -1 no releases found Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions License 🟢 10 license file detected Fuzzing ⚠️ 0 project is not fuzzed Pinned-Dependencies ⚠️ 2 dependency not pinned by hash detected -- score normalized to 2 Branch-Protection 🟢 6 branch protection is not maximal on development and all release branches SAST 🟢 9 SAST tool detected but not run on all commits Vulnerabilities 🟢 9 1 existing vulnerabilities detected

Scanned Files

• .github/workflows/dependency-review.yml

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 61.24%. Comparing base (025e932) to head (6877a33).

Additional details and impacted files

@@           Coverage Diff           @@
##             main     #106   +/-   ##
=======================================
  Coverage   61.24%   61.24%           
=======================================
  Files          77       77           
  Lines        1548     1548           
  Branches      117      117           
=======================================
  Hits          948      948           
  Misses        582      582           
  Partials       18       18           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.