Bump actions/dependency-review-action from 2.0.2 to 2.0.4

[dependabot]

Bumps actions/dependency-review-action from 2.0.2 to 2.0.4.

Release notes

Sourced from actions/dependency-review-action's releases.

2.0.4

The previous release did not include the right package.json, no major changes.

2.0.3

• Fixed a bug where removed changes were being inspected and reported as vulnerable (#155, thanks @​kachick!)

Commits

• 94145f3 Bumping the version to 2.0.4.
• af8d39d Bumping the version to 2.0.3.
• b83777f Merge pull request #156 from actions/dependabot/npm_and_yarn/types/node-16.11.44
• 1dc503a Merge pull request #155 from kachick/fix-154
• 8975a27 Bump @​types/node from 16.11.43 to 16.11.44
• c003e7f Add more test for added and removed pattern
• ae4118f Update build files with npm run all
• c5d7bdc Ignore removed changes in license checker
• bced8aa Merge pull request #153 from actions/dependabot/npm_and_yarn/typescript-eslin...
• ba8e0b0 Bump @​typescript-eslint/parser from 5.30.5 to 5.30.6
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[codecov-commenter]

Codecov Report

Merging #925 (a78374e) into main (97622ad) will decrease coverage by 0.09%.
The diff coverage is n/a.

@@            Coverage Diff             @@
##             main     #925      +/-   ##
==========================================
- Coverage   48.25%   48.16%   -0.10%     
==========================================
  Files          62       62              
  Lines        5398     5398              
==========================================
- Hits         2605     2600       -5     
- Misses       2511     2515       +4     
- Partials      282      283       +1     

Impacted Files	Coverage Δ
pkg/types/alpine/v0.0.1/entry.go	55.46% <0.00%> (-1.27%)	⬇️
pkg/types/rekord/v0.0.1/entry.go	48.82% <0.00%> (-0.67%)	⬇️

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 97622ad...a78374e. Read the comment docs.