Bump coverlet.collector from 6.0.4 to 8.0.0 #484

	name: CVE Scanning

	on:
	push:
	workflow_dispatch:

	jobs:
	dotnet-modules-scan:
	name: dotnet-scan
	runs-on: ubuntu-latest
	continue-on-error: false

	steps:
	- name: Checkout
	uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
	- name: Setup .NET
	uses: actions/setup-dotnet@baa11fbfe1d6520db94683bd5c7a3818018e4309 # v5.1.0
	with:
	dotnet-version: 8.x
	- name: Build project with dotnet
	run: dotnet build --configuration Release
	working-directory: 'src'
	- name: List vulnerable libraries
	run: dotnet list package --vulnerable --include-transitive
	working-directory: 'src'
	- name: Depcheck
	uses: dependency-check/Dependency-Check_Action@1e54355a8b4c8abaa8cc7d0b70aa655a3bb15a6c
	id: Depcheck
	with:
	project: '.'
	path: '.'
	format: 'HTML'
	out: 'reports'
	args: >
	--suppression .cve/allow-list.xml
	--failOnCVSS 7
	--enableRetired
	- name: Upload Test results
	if: ${{ always() }}
	uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0
	with:
	name: Depcheck report
	path: ${{ github.workspace }}/reports

Provide feedback