From f389fea8673beb6bb6df399a69ec0570ba3f2cc7 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 24 Mar 2025 02:25:26 +0000
Subject: [PATCH 1/2] build(deps): Bump blackduck-inc/black-duck-security-scan

Bumps [blackduck-inc/black-duck-security-scan](https://github.com/blackduck-inc/black-duck-security-scan) from 2.0.0 to 2.1.0.
- [Release notes](https://github.com/blackduck-inc/black-duck-security-scan/releases)
- [Changelog](https://github.com/blackduck-inc/black-duck-security-scan/blob/main/releasesrc)
- [Commits](https://github.com/blackduck-inc/black-duck-security-scan/compare/v2.0.0...v2.1.0)

---
updated-dependencies:
- dependency-name: blackduck-inc/black-duck-security-scan
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 .github/workflows/blackduck.yaml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/blackduck.yaml b/.github/workflows/blackduck.yaml
index eb4d5675c..128487609 100644
--- a/.github/workflows/blackduck.yaml
+++ b/.github/workflows/blackduck.yaml
@@ -59,7 +59,7 @@ jobs:
 
       - name: Black Duck Full Scan
         if: ${{ github.event_name != 'pull_request' }}
-        uses: blackduck-inc/black-duck-security-scan@v2.0.0
+        uses: blackduck-inc/black-duck-security-scan@v2.1.0
         with:
           blackducksca_url: ${{ secrets.BLACKDUCK_URL }}
           blackducksca_token: ${{ secrets.BLACKDUCK_API_TOKEN }}
@@ -69,7 +69,7 @@ jobs:
 
       - name: Black Duck PR Scan
         if: ${{ github.event_name == 'pull_request' }}
-        uses: blackduck-inc/black-duck-security-scan@v2.0.0
+        uses: blackduck-inc/black-duck-security-scan@v2.1.0
         env:
           DETECT_PROJECT_VERSION_NAME: ${{ github.base_ref }}
         with:

From 938f0cd783f570319bd03dbf69065113169f7932 Mon Sep 17 00:00:00 2001
From: Jimmi Dyson <jimmidyson@gmail.com>
Date: Mon, 24 Mar 2025 10:29:24 +0000
Subject: [PATCH 2/2] fixup! ci: Allow blackduck to comment on PR

---
 .github/workflows/blackduck.yaml | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/.github/workflows/blackduck.yaml b/.github/workflows/blackduck.yaml
index 128487609..a0893d130 100644
--- a/.github/workflows/blackduck.yaml
+++ b/.github/workflows/blackduck.yaml
@@ -24,6 +24,8 @@ jobs:
   security:
     if: github.repository == 'nutanix-cloud-native/cluster-api-runtime-extensions-nutanix'
     runs-on: ubuntu-22.04
+    permissions:
+      pull-requests: write
     steps:
       - name: Checkout
         uses: actions/checkout@v4