Bump Sarif.Sdk from 2.4.12 to 2.4.13

[dependabot]

Bumps Sarif.Sdk from 2.4.12 to 2.4.13.

Release notes

Sourced from Sarif.Sdk's releases.

v2.4.13

v2.4.13 Sdk | Driver | Converters | Multitool | Multitool Library

• BREAKING: AnalyzeCommandBase previously persisted all scan target artifacts to SARIF logs rather than only persisting artifacts referenced by an analysis result, when an option to persist hashes, text file or binary information was set. MultithreadedAnalyzeCommandBase previously persisted all scan targets artifacts to SARIF logs in cases when hash insertion was eenabled rather than only persisting artifacts referenced by an analysis result. #2433
• BUGFIX: Adjust Json Serialization field order for ReportingDescriptor and skip emit empty AutomationDetails node. #2420
• BREAKING: Fix InvalidOperationException when using PropertiesDictionary in a multithreaded application, and remove [Serializable] from it. Now use of BinaryFormatter on it will result in SerializationException: Type PropertiesDictionary is not marked as serializable. #2415
• BREAKING: SarifLogger now emits an artifacts table entry if artifactLocation is not null for tool configuration and tool execution notifications. #2437
• BUGFIX: Fix ArgumentException when --recurse is enabled and two file target specifiers generates the same file path. #2438
• BUGFIX: Fix 'InvalidOperationException' with message Collection was modified; enumeration operation may not execute in MultithreadedAnalyzeCommandBase, which is raised when analyzing with the --hashes switch. #2447
• BUGFIX: Fix Merge command produces empty SARIF file in Linux when providing file name only without path. #2408
• FEATURE: Add --sort-results argument to the rewrite command to get sorted SARIF results. #2422
• BUGFIX: Fix NullReferenceException when filing work item with a SARIF file which has no filable results. #2412
• BUGFIX: Fix missing endLine and endColumn properties and remove vulnerable packages for ESLint SARIF formatter. #2458

Commits

• f8fece5 Releasing v2.4.13 (#2466)
• 96688cf Fix invalid toolConfigurationNotification property suppressions in … (#2464)
• 839537f Add new visitor to get deterministic SARIF log by sorting results (#2422)
• bedc46e ESLint sarif formatter improvements (#2458)
• 6814635 fix codeql workflow failure (#2462)
• 1b7d87c Fix NullReferenceException in WorkItemFiler when all results baseline state...
• 25b7e57 Updating jschema version (#2460)
• 2d2b643 Remove unnecessary NuGet.Config in sub folder (#2425)
• 525a250 Revert simple Join-Path syntax (#2459)
• 92cb8e0 Fix merge bug in Linux when only pass file name without path (#2408)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)