From b4407e34a1c7154f3473c509af8f5f894402548e Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Fri, 27 Mar 2026 14:45:02 +0000
Subject: [PATCH] [gha] Bump
 open-edge-platform/orch-ci/.github/workflows/post-merge-scorecard.yml

Bumps [open-edge-platform/orch-ci/.github/workflows/post-merge-scorecard.yml](https://github.com/open-edge-platform/orch-ci) from 2026.0.17 to 2026.0.19.
- [Commits](https://github.com/open-edge-platform/orch-ci/compare/b5930c48c1fcdb6b34ffbcd465cff96dabfbde70...d40dfda9598df896aa20cb1dc2c950d6444e8fa7)

---
updated-dependencies:
- dependency-name: open-edge-platform/orch-ci/.github/workflows/post-merge-scorecard.yml
  dependency-version: 2026.0.19
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 .github/workflows/post-merge-scorecard.yml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/.github/workflows/post-merge-scorecard.yml b/.github/workflows/post-merge-scorecard.yml
index 681418e9..04a14789 100644
--- a/.github/workflows/post-merge-scorecard.yml
+++ b/.github/workflows/post-merge-scorecard.yml
@@ -20,7 +20,7 @@ jobs:
       id-token: write
       contents: read
 
-    uses: open-edge-platform/orch-ci/.github/workflows/post-merge-scorecard.yml@b5930c48c1fcdb6b34ffbcd465cff96dabfbde70  # 2026.0.17
+    uses: open-edge-platform/orch-ci/.github/workflows/post-merge-scorecard.yml@d40dfda9598df896aa20cb1dc2c950d6444e8fa7  # 2026.0.19
     with:
       project_folder: "."
     secrets: