chore: update release candidate for 1.1304.0

[PeterSchafer]

Pull Request Submission Checklist

• Follows CONTRIBUTING guidelines
• Commit messages
  are release-note ready, emphasizing
  what was changed, not how.
• Includes detailed description of changes
• Contains risk assessment (Low | Medium | High)
• Highlights breaking API changes (if applicable)
• Links to automated tests covering new functionality
• Includes manual testing instructions (if necessary)
• Updates relevant GitBook documentation (PR link: ___)
• Includes product update to be announced in the next stable release notes

What does this PR do?

Where should the reviewer start?

How should this be manually tested?

What's the product update that needs to be communicated to CLI users?

[snyk-io]

✅ Snyk checks have passed. No issues have been found so far.

Status	Scan Engine	Critical	High	Medium	Low	Total (0)
✅	Open Source Security	0	0	0	0	0 issues
✅	Licenses	0	0	0	0	0 issues
✅	Code Security	0	0	0	0	0 issues

💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse.

[github-actions]

	Warnings
⚠️	There are multiple commits on your branch, please squash them locally before merging!

Generated by 🚫 dangerJS against dee50b9

[snyk-pr-review-bot]

PR Reviewer Guide 🔍

🧪 No relevant tests

🔒 No security concerns identified

⚡ Recommended focus areas for review Brittle Cache Logic 🟡 [minor] The logic for reading and parsing the local cached schema at lines 10-13 is implemented outside of the try...catch block. If a file exists in the sarif-schemas directory but is malformed or corrupted (e.g., contains invalid JSON), JSON.parse(content) will throw an unhandled exception. This causes the test suite to crash during the beforeAll setup in cli-sarif-output.spec.ts instead of falling back to fetching the schema from the network as intended by the logic at lines 16-25. const content = fs.readFileSync(localPath, 'utf-8'); return JSON.parse(content); Inconsistent Error Wrapping 🟡 [minor] The new URL(uri) call is located outside the try...catch block. If an invalid or malformed URI is passed to getSarifSchema, the function will throw a raw URL constructor exception instead of the descriptive wrapped error provided in the catch block at the end of the function. Moving this check inside the try block would ensure consistent error reporting. const url = new URL(uri);

📚 Repository Context Analyzed This review considered 16 relevant code sections from 4 files (average relevance: 0.76) package-lock.json (12 segments, lines 18640-18951) dangerfile.js (lines 1-111) CONTRIBUTING.md (lines 1-218) binary-releases/RELEASE_NOTES.md (lines 1-31)