chore(deps-dev): bump safety from 3.6.1 to 3.7.0

[dependabot]

Bumps safety from 3.6.1 to 3.7.0.

Release notes

Sourced from safety's releases.

Version 3.7.0

What's Changed

• bump: version 3.7.0b5 → 3.7.0 (9df3a6f)
• fix: npm ecosystem check on render package details (#820) (9780ac2)

Version 3.7.0b5

What's Changed

• bump: version 3.7.0b4 → 3.7.0b5 (7f138f1)
• fix: bash priority issues (#819) (933dc82)

Version 3.7.0b4

What's Changed

• bump: version 3.7.0b3 → 3.7.0b4 (3b1e4dc)
• ci: remove version from the artifacts name (#818) (c5134b5)

Version 3.7.0b3

What's Changed

• bump: version 3.7.0b2 → 3.7.0b3 (04f24e5)
• ci: separate checksum artifacts for signed and unsigned builds (#817) (a08a347)

Version 3.7.0b0

What's Changed

• bump: version 3.6.2 → 3.7.0b0 (b289a6c)
• fix: replace deprecated pkg_resources with importlib.metadata (#813) (c1e07ef)
• chore: drop python 3.8 support (#791) (a41c82b)
• chore: set minimum tenacity version to 8.1.0 (#812) (973a265)
• chore: restructure GitHub issue templates and remove bug bounty references (#811) (2fcbe72)
• feat: add firewall support for NPM (#800) (5d44edf)

Version 3.6.2

What's Changed

• bump: version 3.6.2b0 → 3.6.2 (f0c46b2)
• chore: prepare for stable release (dda0a45)

Version 3.6.2b0

What's Changed

• bump: version 3.6.1 → 3.6.2b0 (f0e4d24)
• refactor: firewall tools and parsers (#798) (071c858)
• fix: allow passing package and tool location (#797) (4180179)
• chore: use the latest safety_schemas version (#795) (ee430de)
• ci: add firewall index to the project setup (#794) (6f97082)
• chore: relax pydantic version constraints (#793) (3fd3031)
• ci: add bot access to the comment workflow (#790) (70c2c27)
• ci: resolve PR number via graphql API and update artifacts message (#789) (2d69508)
• ci: fix comment workflow for forks (#787) (f14b3b4)
• chore: remove old code related to legacy schemas (#786) (5ddd816)
• chore: upgrade safety_schemas version (#785) (92bbb66)

Changelog

Sourced from safety's changelog.

3.7.0 (2025-11-06)

Fix

• npm ecosystem check on render package details (#820)

3.7.0b5 (2025-11-04)

Fix

• bash priority issues (#819)

3.7.0b4 (2025-11-03)

3.7.0b3 (2025-11-03)

3.7.0b2 (2025-11-03)

3.7.0b1 (2025-11-03)

3.7.0b0 (2025-10-22)

Feat

• add firewall support for NPM (#800)

Fix

• replace deprecated pkg_resources with importlib.metadata (#813)

3.6.2 (2025-09-24)

3.6.2b0 (2025-09-23)

Fix

• allow passing package and tool location (#797)

Refactor

• firewall tools and parsers (#798)

Commits

• 9df3a6f bump: version 3.7.0b5 → 3.7.0
• 9780ac2 fix: npm ecosystem check on render package details (#820)
• 7f138f1 bump: version 3.7.0b4 → 3.7.0b5
• 933dc82 fix: bash priority issues (#819)
• 3b1e4dc bump: version 3.7.0b3 → 3.7.0b4
• c5134b5 ci: remove version from the artifacts name (#818)
• 04f24e5 bump: version 3.7.0b2 → 3.7.0b3
• a08a347 ci: separate checksum artifacts for signed and unsigned builds (#817)
• 2ff7ace bump: version 3.7.0b1 → 3.7.0b2
• 2964f19 ci: load version on release jobs (#816)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)