From c3c1e5dd74e20b60178ebc1edc19b0aa697632b4 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 27 Apr 2026 15:07:31 +0000
Subject: [PATCH] chore(deps): bump
 sonatype-nexus-community/nancy-github-action

Bumps the security-scanners group with 1 update in the / directory: [sonatype-nexus-community/nancy-github-action](https://github.com/sonatype-nexus-community/nancy-github-action).


Updates `sonatype-nexus-community/nancy-github-action` from 1.0.2 to 1.0.3
- [Release notes](https://github.com/sonatype-nexus-community/nancy-github-action/releases)
- [Commits](https://github.com/sonatype-nexus-community/nancy-github-action/compare/aae196481b961d446f4bff9012e4e3b63d7921a4...726e338312e68ecdd4b4195765f174d3b3ce1533)

---
updated-dependencies:
- dependency-name: sonatype-nexus-community/nancy-github-action
  dependency-version: 1.0.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: security-scanners
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 .github/workflows/go-security.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/go-security.yml b/.github/workflows/go-security.yml
index c661e44..311ea1f 100644
--- a/.github/workflows/go-security.yml
+++ b/.github/workflows/go-security.yml
@@ -150,7 +150,7 @@ jobs:
         run: go list -json -m all > go.list
 
       - name: Nancy vulnerability scan
-        uses: sonatype-nexus-community/nancy-github-action@aae196481b961d446f4bff9012e4e3b63d7921a4 # v1.0.2
+        uses: sonatype-nexus-community/nancy-github-action@726e338312e68ecdd4b4195765f174d3b3ce1533 # v1.0.3
         with:
           nancyCommand: sleuth --loud
         continue-on-error: true