Bump slsa-framework/slsa-github-generator from 2.0.0 to 2.1.0 in the version-updates group #345

	name: Dependency review
	on:
	pull_request:
	branches:
	- main

	permissions: read-all

	jobs:
	dependency-review:
	name: Dependency review
	runs-on: ubuntu-latest
	permissions:
	pull-requests: write
	steps:
	- name: Harden runner
	uses: step-security/harden-runner@4d991eb9b905ef189e4c376166672c3f2f230481 # v2.11.0
	with:
	egress-policy: audit
	- name: Checkout repository
	uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
	- name: Dependency review
	uses: actions/dependency-review-action@3b139cfc5fae8b618d3eae3675e383bb1769c019 # v4.5.0
	with:
	comment-summary-in-pr: true
	fail-on-severity: low
	vulnerability-check: true

Provide feedback