Bump actions/dependency-review-action from 4.8.2 to 4.8.3 (#277)

Bumps
[actions/dependency-review-action](https://github.com/actions/dependency-review-action)
from 4.8.2 to 4.8.3.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/dependency-review-action/releases">actions/dependency-review-action's
releases</a>.</em></p>
<blockquote>
<h2>4.8.3</h2>
<h2>Dependency Review Action v4.8.3</h2>
<p>This is a bugfix release that updates a number of upstream
dependencies and includes a fix for the earlier feature that detected
oversized summaries and upload them as artifacts, which could
occasionally crash the action.</p>
<p>We have also updated the release process to use a long-lived
<code>v4</code> <strong>branch</strong> for the action, instead of a
force-pushed tag, which aligns better with git branching strategies; the
change should be transparent to end users.</p>
<h2>What's Changed</h2>
<ul>
<li>GitHub Actions can't push to our protected main by <a
href="https://github.com/dangoor"><code>@​dangoor</code></a> in <a
href="https://redirect.github.com/actions/dependency-review-action/pull/1017">actions/dependency-review-action#1017</a></li>
<li>Bump actions/stale from 9.1.0 to 10.1.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/actions/dependency-review-action/pull/995">actions/dependency-review-action#995</a></li>
<li>Bump github/codeql-action from 3 to 4 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/actions/dependency-review-action/pull/1003">actions/dependency-review-action#1003</a></li>
<li>Bump actions/setup-node from 4 to 6 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/actions/dependency-review-action/pull/1005">actions/dependency-review-action#1005</a></li>
<li>Upgrade glob to address a vulnerability by <a
href="https://github.com/brrygrdn"><code>@​brrygrdn</code></a> in <a
href="https://redirect.github.com/actions/dependency-review-action/pull/1024">actions/dependency-review-action#1024</a></li>
<li>Bump js-yaml by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/actions/dependency-review-action/pull/1020">actions/dependency-review-action#1020</a></li>
<li>Addressing vulnerabilities by <a
href="https://github.com/Ahmed3lmallah"><code>@​Ahmed3lmallah</code></a>
in <a
href="https://redirect.github.com/actions/dependency-review-action/pull/1036">actions/dependency-review-action#1036</a></li>
<li>Bump fast-xml-parser from 5.3.3 to 5.3.5 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/actions/dependency-review-action/pull/1050">actions/dependency-review-action#1050</a></li>
<li>Bump fast-xml-parser from 5.3.5 to 5.3.6 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/actions/dependency-review-action/pull/1053">actions/dependency-review-action#1053</a></li>
<li>Properly truncate long summaries and catch errors by <a
href="https://github.com/juxtin"><code>@​juxtin</code></a> in <a
href="https://redirect.github.com/actions/dependency-review-action/pull/1052">actions/dependency-review-action#1052</a></li>
<li>Bump spdx-expression-parse from 3.0.1 to 4.0.0 in the spdx-licenses
group across 1 directory by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/actions/dependency-review-action/pull/931">actions/dependency-review-action#931</a></li>
<li>Changes for Release 4.8.3 by <a
href="https://github.com/ahpook"><code>@​ahpook</code></a> in <a
href="https://redirect.github.com/actions/dependency-review-action/pull/1054">actions/dependency-review-action#1054</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/dependency-review-action/compare/v4.8.2..v4.8.3">https://github.com/actions/dependency-review-action/compare/v4.8.2..v4.8.3</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/actions/dependency-review-action/commit/05fe4576374b728f0c523d6a13d64c25081e0803"><code>05fe457</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/dependency-review-action/issues/1054">#1054</a>
from actions/ahpook/release-4.8.3</li>
<li><a
href="https://github.com/actions/dependency-review-action/commit/3a8496cb71ebae2e228d1c4a47974cdc724cf07d"><code>3a8496c</code></a>
Update generated package files for v4.8.3</li>
<li><a
href="https://github.com/actions/dependency-review-action/commit/0f22a0159293e2496eef4ce36c3b7b3b31081f7d"><code>0f22a01</code></a>
Update CONTRIBUTING for new release process</li>
<li><a
href="https://github.com/actions/dependency-review-action/commit/58be34364db3f04dc3de8db0417b5d18451a4fdf"><code>58be343</code></a>
Updating package versions for 4.8.3</li>
<li><a
href="https://github.com/actions/dependency-review-action/commit/9284e0c621cb66311d82087d9ea1f539e40da6eb"><code>9284e0c</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/dependency-review-action/issues/931">#931</a>
from actions/dependabot/npm_and_yarn/spdx-licenses-20...</li>
<li><a
href="https://github.com/actions/dependency-review-action/commit/8b766562f01731bcb0f65222324f2152d142a19a"><code>8b76656</code></a>
Bump spdx-expression-parse in the spdx-licenses group across 1
directory</li>
<li><a
href="https://github.com/actions/dependency-review-action/commit/43f5f029f51af9c859564cae942f58ea63a22100"><code>43f5f02</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/dependency-review-action/issues/1052">#1052</a>
from actions/juxtin/fix-long-summaries</li>
<li><a
href="https://github.com/actions/dependency-review-action/commit/f0033fc4d6972851b5170177d58a8da79811a797"><code>f0033fc</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/dependency-review-action/issues/1053">#1053</a>
from actions/dependabot/npm_and_yarn/fast-xml-parser...</li>
<li><a
href="https://github.com/actions/dependency-review-action/commit/b379e2e05ffa2e429ca97047d4c2738a0039425e"><code>b379e2e</code></a>
Bump fast-xml-parser from 5.3.5 to 5.3.6</li>
<li><a
href="https://github.com/actions/dependency-review-action/commit/2e1cf54a500fb2037239e92489ed0bad323c8c68"><code>2e1cf54</code></a>
Properly truncate long summaries and catch errors</li>
<li>Additional commits viewable in <a
href="https://github.com/actions/dependency-review-action/compare/3c4e3dcb1aa7874d2c16be7d79418e9b7efd6261...05fe4576374b728f0c523d6a13d64c25081e0803">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/dependency-review-action&package-manager=github_actions&previous-version=4.8.2&new-version=4.8.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Author: DefinetlyNotAI

.github/workflows/dependency-review.yml

@@ -24,4 +24,4 @@ jobs:
       - name: 'Checkout Repository'
         uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
       - name: 'Dependency Review'
-        uses: actions/dependency-review-action@3c4e3dcb1aa7874d2c16be7d79418e9b7efd6261 # v4.8.2
+        uses: actions/dependency-review-action@05fe4576374b728f0c523d6a13d64c25081e0803 # v4.8.3