intel
diff --git a/‎.github/workflows/build-wheel.yml
+1-1 b/‎.github/workflows/build-wheel.yml
+1-1
diff --git a/‎.github/workflows/codeql-analysis.yml
+1-1 b/‎.github/workflows/codeql-analysis.yml
+1-1
diff --git a/‎.github/workflows/coverity.yml
+1-1 b/‎.github/workflows/coverity.yml
+1-1
diff --git a/‎.github/workflows/cve_scan.yml
+2-2 b/‎.github/workflows/cve_scan.yml
+2-2
diff --git a/‎.github/workflows/dependency-review.yml
+2-2 b/‎.github/workflows/dependency-review.yml
+2-2
diff --git a/‎.github/workflows/formatting.yml
+1-1 b/‎.github/workflows/formatting.yml
+1-1
diff --git a/‎.github/workflows/fuzzing.yml
+2-2 b/‎.github/workflows/fuzzing.yml
+2-2
diff --git a/‎.github/workflows/linting.yml
+1-1 b/‎.github/workflows/linting.yml
+1-1
diff --git a/‎.github/workflows/sbom.yml
+1-1 b/‎.github/workflows/sbom.yml
+1-1
diff --git a/‎.github/workflows/spelling.yml
+1-1 b/‎.github/workflows/spelling.yml
+1-1
diff --git a/‎.github/workflows/testing.yml
+24-24 b/‎.github/workflows/testing.yml
+24-24
diff --git a/‎.github/workflows/update-cache.yml
+2-2 b/‎.github/workflows/update-cache.yml
+2-2
diff --git a/‎.github/workflows/update-js-dependencies.yml
+3-3 b/‎.github/workflows/update-js-dependencies.yml
+3-3
diff --git a/‎.github/workflows/update-pre-commit.yml
+1-1 b/‎.github/workflows/update-pre-commit.yml
+1-1
diff --git a/‎.github/workflows/update-spdx-header.yml
+1-1 b/‎.github/workflows/update-spdx-header.yml
+1-1
diff --git a/‎.github/workflows/validate-yml.yml
+1-1 b/‎.github/workflows/validate-yml.yml
+1-1
diff --git a/‎cve_bin_tool/checkers/curl.py
+1-1 b/‎cve_bin_tool/checkers/curl.py
+1-1
@@ -23,7 +23,7 @@ jobs:
     if: github.repository == 'intel/cve-bin-tool' # run on origin repo only
     steps:
     - name: Harden Runner
-      uses: step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481 # v2.11.0
+      uses: step-security/harden-runner@0634a2670c59f64b4a01f0f96f84700a4088b9f0 # v2.12.0
       with:
         egress-policy: audit
 
 
@@ -42,7 +42,7 @@ jobs:
 
     steps:
     - name: Harden Runner
-      uses: step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481 # v2.11.0
+      uses: step-security/harden-runner@0634a2670c59f64b4a01f0f96f84700a4088b9f0 # v2.12.0
       with:
         egress-policy: audit
 
 
@@ -14,7 +14,7 @@ jobs:
     runs-on: ${{ github.repository_owner == 'intel' && 'intel-ubuntu-latest' || 'ubuntu-latest' }}
     steps:
     - name: Harden Runner
-      uses: step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481 # v2.11.0
+      uses: step-security/harden-runner@0634a2670c59f64b4a01f0f96f84700a4088b9f0 # v2.12.0
       with:
         egress-policy: audit
 
 
@@ -17,7 +17,7 @@ jobs:
     timeout-minutes: 60
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481 # v2.11.0
+        uses: step-security/harden-runner@0634a2670c59f64b4a01f0f96f84700a4088b9f0 # v2.12.0
         with:
           egress-policy: audit
 
@@ -32,7 +32,7 @@ jobs:
         run: |
           echo "date=$(/bin/date -u "+%Y%m%d")" >> $GITHUB_OUTPUT
       - name: Get cached database
-        uses: actions/cache@d4323d4df104b026a6aa633fdb11d772146be0bf # v4.2.2
+        uses: actions/cache@5a3ec84eff668545956fd18022155c47e93e2684 # v4.2.3
         with:
           path: cache
           key: Linux-cve-bin-tool-${{ steps.get-date.outputs.date }}
 
@@ -17,11 +17,11 @@ jobs:
     runs-on: ${{ github.repository_owner == 'intel' && 'intel-ubuntu-latest' || 'ubuntu-latest' }}
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481 # v2.11.0
+        uses: step-security/harden-runner@0634a2670c59f64b4a01f0f96f84700a4088b9f0 # v2.12.0
         with:
           egress-policy: audit
 
       - name: 'Checkout Repository'
         uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
       - name: 'Dependency Review'
-        uses: actions/dependency-review-action@3b139cfc5fae8b618d3eae3675e383bb1769c019 # v4.5.0
+        uses: actions/dependency-review-action@ce3cf9537a52e8119d91fd484ab5b8a807627bf8 # v4.6.0
@@ -19,7 +19,7 @@ jobs:
     runs-on: ${{ github.repository_owner == 'intel' && 'intel-ubuntu-latest' || 'ubuntu-latest' }}
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481 # v2.11.0
+        uses: step-security/harden-runner@0634a2670c59f64b4a01f0f96f84700a4088b9f0 # v2.12.0
         with:
           egress-policy: audit
 
 
@@ -69,14 +69,14 @@ jobs:
           echo "yesterday=$(/bin/date -d "-1 day" -u "+%Y%m%d")" >> $GITHUB_OUTPUT
 
       - name: Get today's cached database
-        uses: actions/cache@d4323d4df104b026a6aa633fdb11d772146be0bf # v4.2.2
+        uses: actions/cache@5a3ec84eff668545956fd18022155c47e93e2684 # v4.2.3
         id: todays-cache
         with:
           path: fuzz-cache
           key: Linux-cve-bin-tool-${{ steps.get-date.outputs.date }}
 
       - name: Get yesterday's cached database if today's is not available
-        uses: actions/cache@d4323d4df104b026a6aa633fdb11d772146be0bf # v4.2.2
+        uses: actions/cache@5a3ec84eff668545956fd18022155c47e93e2684 # v4.2.3
         if: steps.todays-cache.outputs.cache-hit != 'true'
         with:
           path: fuzz-cache
 
@@ -19,7 +19,7 @@ jobs:
         tool: ['isort', 'black', 'pyupgrade', 'flake8', 'bandit', 'gitlint', 'mypy', 'interrogate']
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481 # v2.11.0
+        uses: step-security/harden-runner@0634a2670c59f64b4a01f0f96f84700a4088b9f0 # v2.12.0
         with:
           egress-policy: audit
 
 
@@ -22,7 +22,7 @@ jobs:
         python: ['3.9', '3.10', '3.11', '3.12', '3.13']
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481 # v2.11.0
+        uses: step-security/harden-runner@0634a2670c59f64b4a01f0f96f84700a4088b9f0 # v2.12.0
         with:
           egress-policy: audit
 
 
@@ -15,7 +15,7 @@ jobs:
     runs-on: ${{ github.repository_owner == 'intel' && 'intel-ubuntu-latest' || 'ubuntu-latest' }}
     steps:
     - name: Harden Runner
-      uses: step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481 # v2.11.0
+      uses: step-security/harden-runner@0634a2670c59f64b4a01f0f96f84700a4088b9f0 # v2.12.0
       with:
         egress-policy: audit
 
 
@@ -39,7 +39,7 @@ jobs:
     runs-on: ${{ github.repository_owner == 'intel' && 'intel-ubuntu-latest' || 'ubuntu-latest' }}
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481 # v2.11.0
+        uses: step-security/harden-runner@0634a2670c59f64b4a01f0f96f84700a4088b9f0 # v2.12.0
         with:
           disable-sudo: true
           egress-policy: block
@@ -76,7 +76,7 @@ jobs:
     timeout-minutes: 90
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481 # v2.11.0
+        uses: step-security/harden-runner@0634a2670c59f64b4a01f0f96f84700a4088b9f0 # v2.12.0
         with:
           egress-policy: block
           allowed-endpoints: >
@@ -136,13 +136,13 @@ jobs:
           echo "Today's Cache Key: Linux-cve-bin-tool-${{ steps.get-date.outputs.date }}"
           echo "Yesterday's Cache Key: Linux-cve-bin-tool-${{ steps.get-date.outputs.yesterday }}"
       - name: Get today's cached database
-        uses: actions/cache@d4323d4df104b026a6aa633fdb11d772146be0bf # v4.2.2
+        uses: actions/cache@5a3ec84eff668545956fd18022155c47e93e2684 # v4.2.3
         id: todays-cache
         with:
           path: cache
           key: Linux-cve-bin-tool-${{ steps.get-date.outputs.date }}
       - name: Get yesterday's cached database if today's is not available
-        uses: actions/cache@d4323d4df104b026a6aa633fdb11d772146be0bf # v4.2.2
+        uses: actions/cache@5a3ec84eff668545956fd18022155c47e93e2684 # v4.2.3
         if: steps.todays-cache.outputs.cache-hit != 'true'
         with:
           path: cache
@@ -232,13 +232,13 @@ jobs:
           echo "Today's Cache Key: Linux-cve-bin-tool-${{ steps.get-date.outputs.date }}"
           echo "Yesterday's Cache Key: Linux-cve-bin-tool-${{ steps.get-date.outputs.yesterday }}"
       - name: Get today's cached database
-        uses: actions/cache@d4323d4df104b026a6aa633fdb11d772146be0bf # v4.2.2
+        uses: actions/cache@5a3ec84eff668545956fd18022155c47e93e2684 # v4.2.3
         id: todays-cache
         with:
           path: cache
           key: Linux-cve-bin-tool-${{ steps.get-date.outputs.date }}
       - name: Get yesterday's cached database if today's is not available
-        uses: actions/cache@d4323d4df104b026a6aa633fdb11d772146be0bf # v4.2.2
+        uses: actions/cache@5a3ec84eff668545956fd18022155c47e93e2684 # v4.2.3
         if: steps.todays-cache.outputs.cache-hit != 'true'
         with:
           path: cache
@@ -285,7 +285,7 @@ jobs:
           --ignore=test/test_language_parser.py
       - name: Upload code coverage to codecov
         if: env.sbom != 'true'
-        uses: codecov/codecov-action@0565863a31f2c772f9f0395002a31e3f06189574 # v5.4.0
+        uses: codecov/codecov-action@ad3126e916f78f00edff4ed0317cf185271ccc2d # v5.4.2
         with:
           token: ${{ secrets.CODECOV_TOKEN }}
           files: coverage.xml
@@ -349,13 +349,13 @@ jobs:
           echo "Today's Cache Key: Linux-cve-bin-tool-${{ steps.get-date.outputs.date }}"
           echo "Yesterday's Cache Key: Linux-cve-bin-tool-${{ steps.get-date.outputs.yesterday }}"
       - name: Get today's cached database
-        uses: actions/cache@d4323d4df104b026a6aa633fdb11d772146be0bf # v4.2.2
+        uses: actions/cache@5a3ec84eff668545956fd18022155c47e93e2684 # v4.2.3
         id: todays-cache
         with:
           path: cache
           key: Linux-cve-bin-tool-${{ steps.get-date.outputs.date }}
       - name: Get yesterday's cached database if today's is not available
-        uses: actions/cache@d4323d4df104b026a6aa633fdb11d772146be0bf # v4.2.2
+        uses: actions/cache@5a3ec84eff668545956fd18022155c47e93e2684 # v4.2.3
         if: steps.todays-cache.outputs.cache-hit != 'true'
         with:
           path: cache
@@ -388,7 +388,7 @@ jobs:
           test/test_language_scanner.py
       - name: Upload code coverage to codecov
         if: env.sbom != 'true'
-        uses: codecov/codecov-action@0565863a31f2c772f9f0395002a31e3f06189574 # v5.4.0
+        uses: codecov/codecov-action@ad3126e916f78f00edff4ed0317cf185271ccc2d # v5.4.2
         with:
           token: ${{ secrets.CODECOV_TOKEN }}
           files: coverage.xml
@@ -452,13 +452,13 @@ jobs:
           echo "Today's Cache Key: Linux-cve-bin-tool-${{ steps.get-date.outputs.date }}"
           echo "Yesterday's Cache Key: Linux-cve-bin-tool-${{ steps.get-date.outputs.yesterday }}"
       - name: Get today's cached database
-        uses: actions/cache@d4323d4df104b026a6aa633fdb11d772146be0bf # v4.2.2
+        uses: actions/cache@5a3ec84eff668545956fd18022155c47e93e2684 # v4.2.3
         id: todays-cache
         with:
           path: cache
           key: Linux-cve-bin-tool-${{ steps.get-date.outputs.date }}
       - name: Get yesterday's cached database if today's is not available
-        uses: actions/cache@d4323d4df104b026a6aa633fdb11d772146be0bf # v4.2.2
+        uses: actions/cache@5a3ec84eff668545956fd18022155c47e93e2684 # v4.2.3
         if: steps.todays-cache.outputs.cache-hit != 'true'
         with:
           path: cache
@@ -491,7 +491,7 @@ jobs:
           test/test_scanner.py
       - name: Upload code coverage to codecov
         if: env.sbom != 'true'
-        uses: codecov/codecov-action@0565863a31f2c772f9f0395002a31e3f06189574 # v5.4.0
+        uses: codecov/codecov-action@ad3126e916f78f00edff4ed0317cf185271ccc2d # v5.4.2
         with:
           token: ${{ secrets.CODECOV_TOKEN }}
           files: coverage.xml
@@ -555,13 +555,13 @@ jobs:
           echo "Today's Cache Key: Linux-cve-bin-tool-${{ steps.get-date.outputs.date }}"
           echo "Yesterday's Cache Key: Linux-cve-bin-tool-${{ steps.get-date.outputs.yesterday }}"
       - name: Get today's cached database
-        uses: actions/cache@d4323d4df104b026a6aa633fdb11d772146be0bf # v4.2.2
+        uses: actions/cache@5a3ec84eff668545956fd18022155c47e93e2684 # v4.2.3
         id: todays-cache
         with:
           path: cache
           key: Linux-cve-bin-tool-${{ steps.get-date.outputs.date }}
       - name: Get yesterday's cached database if today's is not available
-        uses: actions/cache@d4323d4df104b026a6aa633fdb11d772146be0bf # v4.2.2
+        uses: actions/cache@5a3ec84eff668545956fd18022155c47e93e2684 # v4.2.3
         if: steps.todays-cache.outputs.cache-hit != 'true'
         with:
           path: cache
@@ -595,7 +595,7 @@ jobs:
           test/test_cvedb.py
       - name: Upload code coverage to codecov
         if: env.sbom != 'true'
-        uses: codecov/codecov-action@0565863a31f2c772f9f0395002a31e3f06189574 # v5.4.0
+        uses: codecov/codecov-action@ad3126e916f78f00edff4ed0317cf185271ccc2d # v5.4.2
         with:
           token: ${{ secrets.CODECOV_TOKEN }}
           files: coverage.xml
@@ -632,7 +632,7 @@ jobs:
       EXTERNAL_SYSTEM: 1
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481 # v2.11.0
+        uses: step-security/harden-runner@0634a2670c59f64b4a01f0f96f84700a4088b9f0 # v2.12.0
         with:
           egress-policy: block
           allowed-endpoints: >
@@ -678,13 +678,13 @@ jobs:
           echo "Today's Cache Key: Linux-cve-bin-tool-${{ steps.get-date.outputs.date }}"
           echo "Yesterday's Cache Key: Linux-cve-bin-tool-${{ steps.get-date.outputs.yesterday }}"
       - name: Get today's cached database
-        uses: actions/cache@d4323d4df104b026a6aa633fdb11d772146be0bf # v4.2.2
+        uses: actions/cache@5a3ec84eff668545956fd18022155c47e93e2684 # v4.2.3
         id: todays-cache
         with:
           path: cache
           key: Linux-cve-bin-tool-${{ steps.get-date.outputs.date }}
       - name: Get yesterday's cached database if today's is not available
-        uses: actions/cache@d4323d4df104b026a6aa633fdb11d772146be0bf # v4.2.2
+        uses: actions/cache@5a3ec84eff668545956fd18022155c47e93e2684 # v4.2.3
         if: steps.todays-cache.outputs.cache-hit != 'true'
         with:
           path: cache
@@ -766,7 +766,7 @@ jobs:
       PYTHONIOENCODING: 'utf8'
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481 # v2.11.0
+        uses: step-security/harden-runner@0634a2670c59f64b4a01f0f96f84700a4088b9f0 # v2.12.0
         with:
           egress-policy: audit
 
@@ -785,14 +785,14 @@ jobs:
           echo "Today's Cache Key: Linux-cve-bin-tool-${{ steps.get-date.outputs.DATE }}"
           echo "Yesterday's Cache Key: Linux-cve-bin-tool-${{ steps.get-date.outputs.YESTERDAY }}"
       - name: Get today's cached database
-        uses: actions/cache@d4323d4df104b026a6aa633fdb11d772146be0bf # v4.2.2
+        uses: actions/cache@5a3ec84eff668545956fd18022155c47e93e2684 # v4.2.3
         id: todays-cache
         with:
           path: cache
           key: Linux-cve-bin-tool-${{ steps.get-date.outputs.DATE }}
           enableCrossOsArchive: true
       - name: Get yesterday's cached database if today's is not available
-        uses: actions/cache@d4323d4df104b026a6aa633fdb11d772146be0bf # v4.2.2
+        uses: actions/cache@5a3ec84eff668545956fd18022155c47e93e2684 # v4.2.3
         if: steps.todays-cache.outputs.cache-hit != 'true'
         with:
           path: cache
@@ -839,7 +839,7 @@ jobs:
           test/test_cli.py
           test/test_cvedb.py
       - name: Cache conda
-        uses: actions/cache@d4323d4df104b026a6aa633fdb11d772146be0bf # v4.2.2
+        uses: actions/cache@5a3ec84eff668545956fd18022155c47e93e2684 # v4.2.3
         env:
           # Increase to reset cache if requirements.txt file has not changed
           CACHE_NUMBER: 0
@@ -873,7 +873,7 @@ jobs:
           -o junit_family=legacy  
           --durations=50
       - name: Upload code coverage to codecov
-        uses: codecov/codecov-action@0565863a31f2c772f9f0395002a31e3f06189574 # v5.4.0
+        uses: codecov/codecov-action@ad3126e916f78f00edff4ed0317cf185271ccc2d # v5.4.2
         with:
           files: coverage.xml
           flags: windows_long_tests
 
@@ -26,7 +26,7 @@ jobs:
     timeout-minutes: 60
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481 # v2.11.0
+        uses: step-security/harden-runner@0634a2670c59f64b4a01f0f96f84700a4088b9f0 # v2.12.0
         with:
           egress-policy: audit
 
@@ -39,7 +39,7 @@ jobs:
         id: get-date
         run: |
           echo "date=$(/bin/date -u "+%Y%m%d")" >> $GITHUB_OUTPUT
-      - uses: actions/cache@d4323d4df104b026a6aa633fdb11d772146be0bf # v4.2.2
+      - uses: actions/cache@5a3ec84eff668545956fd18022155c47e93e2684 # v4.2.3
         with:
           path: cache
           key: Linux-cve-bin-tool-${{ steps.get-date.outputs.date }}
 
@@ -22,7 +22,7 @@ jobs:
 
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481 # v2.11.0
+        uses: step-security/harden-runner@0634a2670c59f64b4a01f0f96f84700a4088b9f0 # v2.12.0
         with:
           egress-policy: audit
 
@@ -36,7 +36,7 @@ jobs:
         run: python .github/workflows/update_js_dependencies.py
 
       - name: Get cached Python packages
-        uses: actions/cache@d4323d4df104b026a6aa633fdb11d772146be0bf # v4.2.2
+        uses: actions/cache@5a3ec84eff668545956fd18022155c47e93e2684 # v4.2.3
         with:
           path: ~/.cache/pip
           key: ${{ runner.os }}-pip-${{ hashFiles('**/requirements.txt') }}
@@ -73,7 +73,7 @@ jobs:
           output_html(TestOutputEngine.MOCK_OUTPUT, None, "", "", "", 3, 3, 0, None, None, open("test.html", "w"))'
 
       - name: Upload mock report
-        uses: actions/upload-artifact@4cec3d8aa04e39d1a68397de0c4cd6fb9dce8ec1 # v4.6.1
+        uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
         with:
           name: HTML report
           path: test.html
@@ -22,7 +22,7 @@ jobs:
 
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481 # v2.11.0
+        uses: step-security/harden-runner@0634a2670c59f64b4a01f0f96f84700a4088b9f0 # v2.12.0
         with:
           egress-policy: audit
 
 
@@ -23,7 +23,7 @@ jobs:
 
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481 # v2.11.0
+        uses: step-security/harden-runner@0634a2670c59f64b4a01f0f96f84700a4088b9f0 # v2.12.0
         with:
           egress-policy: audit
 
 
@@ -14,7 +14,7 @@ jobs:
 
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481 # v2.11.0
+        uses: step-security/harden-runner@0634a2670c59f64b4a01f0f96f84700a4088b9f0 # v2.12.0
         with:
           egress-policy: audit
 
 
@@ -30,5 +30,5 @@ class CurlChecker(Checker):
     FILENAME_PATTERNS = [
         r"curl",
     ]
-    VERSION_PATTERNS = [r"\r?\ncurl[ -/]([678]+\.[0-9]+\.[0-9]+)"]
+    VERSION_PATTERNS = [r"\r?\ncurl[ -]([678]+\.[0-9]+\.[0-9]+)"]
     VENDOR_PRODUCT = [("haxx", "curl")]
Original file line number	Diff line number	Diff line change
`@@ -30,5 +30,5 @@ class CurlChecker(Checker):`
`30`	`30`	`FILENAME_PATTERNS = [`
`31`	`31`	`r"curl",`
`32`	`32`	`]`
`33`		`- VERSION_PATTERNS = [r"\r?\ncurl[ -/]([678]+\.[0-9]+\.[0-9]+)"]`
	`33`	`+ VERSION_PATTERNS = [r"\r?\ncurl[ -]([678]+\.[0-9]+\.[0-9]+)"]`
`34`	`34`	`VENDOR_PRODUCT = [("haxx", "curl")]`