build(deps): bump actions/dependency-review-action from 4.5.0 to 4.6.0

[dependabot]

Bumps actions/dependency-review-action from 4.5.0 to 4.6.0.

Release notes

Sourced from actions/dependency-review-action's releases.

v4.6.0

What's Changed

• Updating multiple dependency versions by @​Ahmed3lmallah in actions/dependency-review-action#870
• Grouping minor and patch dependabot updates to lessen the number of PRs by @​Ahmed3lmallah in actions/dependency-review-action#876
• Bump actions/stale from 9.0.0 to 9.1.0 by @​dependabot in actions/dependency-review-action#878
• Bump undici from 5.28.4 to 5.28.5 by @​dependabot in actions/dependency-review-action#877
• DR Action should link to the proxima stamp when appropriate in error messages by @​AshelyTC in actions/dependency-review-action#891
• Allow deny package removal by @​ellenfieldn in actions/dependency-review-action#888
• Fix typos by @​omahs in actions/dependency-review-action#893
• Bump esbuild from 0.19.5 to 0.25.0 by @​dependabot in actions/dependency-review-action#900
• Bump octokit and related dependencies by @​RomanIakovlev in actions/dependency-review-action#904
• Bump @​babel/helpers from 7.23.2 to 7.26.10 by @​dependabot in actions/dependency-review-action#905
• Bump @​octokit/plugin-paginate-rest from 9.1.5 to 9.2.2 by @​dependabot in actions/dependency-review-action#899
• Update transitive dependency spdx-license-ids by @​ailox in actions/dependency-review-action#855
• To not print OpenSSF Scorecard section if no dependencies scanned by @​fabasoad in actions/dependency-review-action#884
• Improve usage of this action in dependency-review.yml by @​fabasoad in actions/dependency-review-action#883
• Clarify comment-summary-in-pr behaviour by @​Pantelis-Santorinios in actions/dependency-review-action#902
• Prepare 4.6.0 Release candidate by @​brrygrdn in actions/dependency-review-action#910

New Contributors

• @​AshelyTC made their first contribution in actions/dependency-review-action#891
• @​ellenfieldn made their first contribution in actions/dependency-review-action#888
• @​omahs made their first contribution in actions/dependency-review-action#893
• @​RomanIakovlev made their first contribution in actions/dependency-review-action#904
• @​ailox made their first contribution in actions/dependency-review-action#855
• @​fabasoad made their first contribution in actions/dependency-review-action#884
• @​Pantelis-Santorinios made their first contribution in actions/dependency-review-action#902
• @​brrygrdn made their first contribution in actions/dependency-review-action#910

Full Changelog: actions/dependency-review-action@v4.5.0...v4.6.0

Commits

• ce3cf95 Merge pull request #910 from actions/brrygrdn/4.6.0-release-candidate
• 479b697 Prepare 4.6.0
• aee9590 Merge pull request #902 from Pantelis-Santorinios/patch-1
• 080ada6 Merge pull request #883 from fabasoad/fix/ci
• 430e5f0 Merge pull request #884 from fabasoad/fix/863
• 51699b6 Merge pull request #855 from ailox/ailox/fix/invalid-new-licenses
• ac9b193 Merge pull request #899 from actions/dependabot/npm_and_yarn/octokit/plugin-p...
• d630451 Pin @​octokit/types version for compatibility
• c8dafca Add dist for @​octokit/plugin-paginate-rest version bump
• bc858b5 Bump @​octokit/plugin-paginate-rest from 9.1.5 to 9.2.2
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[github-actions]

Failed Interop Tests

None ❓

All results

Succeeded Interop Tests

None ❓

Unsupported Interop Tests

None ❓

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 92.93%. Comparing base (ced3931) to head (05ee77a).
Report is 2 commits behind head on main.

✅ All tests successful. No failed tests found.

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #2562      +/-   ##
==========================================
+ Coverage   92.91%   92.93%   +0.02%     
==========================================
  Files         115      115              
  Lines       36912    36912              
  Branches    36912    36912              
==========================================
+ Hits        34295    34303       +8     
+ Misses       1792     1782      -10     
- Partials      825      827       +2     

Components	Coverage Δ
neqo-common	96.09% <ø> (ø)
neqo-crypto	80.33% <ø> (ø)
neqo-http3	92.61% <ø> (ø)
neqo-qpack	94.15% <ø> (ø)
neqo-transport	94.13% <ø> (+0.04%)	⬆️
neqo-udp	83.61% <ø> (ø)