chore(deps): bump the github-actions group across 1 directory with 9 updates

[dependabot]

Bumps the github-actions group with 9 updates in the / directory:

Package	From	To
actions/setup-node	6.2.0	6.3.0
aws-powertools/actions	1.5.0	1.5.1
actions/dependency-review-action	4.8.3	4.9.0
actions/download-artifact	8.0.0	8.0.1
docker/setup-qemu-action	3.7.0	4.0.0
docker/setup-buildx-action	3.12.0	4.0.0
codecov/codecov-action	5.5.2	5.5.3
release-drafter/release-drafter	6.2.0	7.1.1
zgosalvez/github-actions-ensure-sha-pinned-actions	5.0.1	5.0.3

Updates actions/setup-node from 6.2.0 to 6.3.0

Release notes

Sourced from actions/setup-node's releases.

v6.3.0

What's Changed

Enhancements:

• Support parsing devEngines field by @​susnux in actions/setup-node#1283

When using node-version-file: package.json, setup-node now prefers devEngines.runtime over engines.node.

Dependency updates:

• Fix npm audit issues by @​gowridurgad in actions/setup-node#1491
• Replace uuid with crypto.randomUUID() by @​trivikr in actions/setup-node#1378
• Upgrade minimatch from 3.1.2 to 3.1.5 by @​dependabot in actions/setup-node#1498

Bug fixes:

• Remove hardcoded bearer for mirror-url @​marco-ippolito in actions/setup-node#1467
• Scope test lockfiles by package manager and update cache tests by @​gowridurgad in actions/setup-node#1495

New Contributors

• @​susnux made their first contribution in actions/setup-node#1283

Full Changelog: actions/setup-node@v6...v6.3.0

Commits

• 53b8394 Bump minimatch from 3.1.2 to 3.1.5 (#1498)
• 54045ab Scope test lockfiles by package manager and update cache tests (#1495)
• c882bff Replace uuid with crypto.randomUUID() (#1378)
• 774c1d6 feat(node-version-file): support parsing devEngines field (#1283)
• efcb663 fix: remove hardcoded bearer (#1467)
• d02c89d Fix npm audit issues (#1491)
• See full diff in compare view

Updates aws-powertools/actions from 1.5.0 to 1.5.1

Release notes

Sourced from aws-powertools/actions's releases.

v1.5.1

What's Changed

Patch release to upgrade dependencies and workflow actions - no new features.

Full Changelog: aws-powertools/actions@v1.5.0...v1.5.1

Commits

• 828e78a chore: bump zgosalvez/github-actions-ensure-sha-pinned-actions from 5.0.1 to ...
• 901d4d6 chore: bump actions/download-artifact from 8.0.0 to 8.0.1 (#236)
• 72854b5 chore: bump actions/setup-go from 6.2.0 to 6.3.0 (#231)
• 852881a chore: bump actions/download-artifact from 7.0.0 to 8.0.0 (#230)
• f7b4bad chore: bump zgosalvez/github-actions-ensure-sha-pinned-actions from 5.0.0 to ...
• 9256582 chore: bump actions/setup-node from 6.2.0 to 6.3.0 in /.github/actions/versio...
• 867a070 chore: bump actions/dependency-review-action from 4.8.3 to 4.9.0 (#233)
• c020ac8 chore: bump actions/dependency-review-action from 4.8.2 to 4.8.3 (#229)
• aaa124a chore: bump aws-actions/configure-aws-credentials from 5.1.1 to 6.0.0 (#228)
• 1216964 chore: bump zgosalvez/github-actions-ensure-sha-pinned-actions from 4.0.1 to ...
• Additional commits viewable in compare view

Updates actions/dependency-review-action from 4.8.3 to 4.9.0

Release notes

Sourced from actions/dependency-review-action's releases.

Dependency Review Action 4.9.0

This feature release contains a couple of notable changes:

• There is a new configuration option show_patched_versions which will add a column to the output, showing the fix version of each vulnerable dependency. Thanks @​felickz!
• Runs which do not display OpenSSF scorecards no longer fetch scorecard information; previously it was fetched regardless of whether or not it was displayed, causing unneccessary slowness. Great catch @​jantiebot!
• There are a couple of fixes to purl parsing which should improve match accuracy for allow-package-dependency lists, including case (in)sensitivity and url-encoded namespaces Thanks @​juxtin!

What's Changed

• Compare normalized purls to account for encoding quirks by @​juxtin in actions/dependency-review-action#1056
• Make purl comparisons case insensitive by @​juxtin in actions/dependency-review-action#1057
• Feat: Add Patched Version to Vulnerabilities summary by @​felickz in actions/dependency-review-action#1045
• fix: only get scorecard levels if user wants to see the OpenSSF scorecard by @​jantiebot in actions/dependency-review-action#1060
• Bump actions/stale from 10.1.0 to 10.2.0 by @​dependabot[bot] in actions/dependency-review-action#1058
• Bump actions/checkout from 4 to 6 by @​dependabot[bot] in actions/dependency-review-action#1021
• Updates for release 4.9.0 by @​ahpook in actions/dependency-review-action#1064

New Contributors

• @​jantiebot made their first contribution in actions/dependency-review-action#1060

Full Changelog: actions/dependency-review-action@v4.8.3...v4.9.0

Commits

• 2031cfc Merge pull request #1064 from actions/ahpook/release-4.9.0
• d02fa39 Updates for release 4.9.0
• 4038a34 Merge pull request #1021 from actions/dependabot/github_actions/actions/check...
• a632b83 Merge pull request #1058 from actions/dependabot/github_actions/actions/stale...
• 57a3d46 Merge pull request #1060 from jantiebot/main
• 5ecdc4b Merge pull request #1045 from forks-felickz/main
• e8c2f9a fix: remove inferrable type annotation to pass eslint
• 0e129e1 Prettier - Refactor summary table rendering for improved readability
• aa60746 Add 'show-patched-versions' option to configuration and update summary handling
• e404798 Merge upstream actions/dependency-review-action main
• Additional commits viewable in compare view

Updates actions/download-artifact from 8.0.0 to 8.0.1

Release notes

Sourced from actions/download-artifact's releases.

v8.0.1

What's Changed

• Support for CJK characters in the artifact name by @​danwkennedy in actions/download-artifact#471
• Add a regression test for artifact name + content-type mismatches by @​danwkennedy in actions/download-artifact#472

Full Changelog: actions/download-artifact@v8...v8.0.1

Commits

• 3e5f45b Add regression tests for CJK characters (#471)
• e6d03f6 Add a regression test for artifact name + content-type mismatches (#472)
• See full diff in compare view

Updates docker/setup-qemu-action from 3.7.0 to 4.0.0

Release notes

Sourced from docker/setup-qemu-action's releases.

v4.0.0

• Node 24 as default runtime (requires Actions Runner v2.327.1 or later) by @​crazy-max in docker/setup-qemu-action#245
• Switch to ESM and update config/test wiring by @​crazy-max in docker/setup-qemu-action#241
• Bump @​actions/core from 1.11.1 to 3.0.0 in docker/setup-qemu-action#244
• Bump @​docker/actions-toolkit from 0.67.0 to 0.77.0 in docker/setup-qemu-action#243
• Bump @​isaacs/brace-expansion from 5.0.0 to 5.0.1 in docker/setup-qemu-action#240
• Bump js-yaml from 3.14.1 to 3.14.2 in docker/setup-qemu-action#231
• Bump lodash from 4.17.21 to 4.17.23 in docker/setup-qemu-action#238

Full Changelog: docker/setup-qemu-action@v3.7.0...v4.0.0

Commits

• ce36039 Merge pull request #245 from crazy-max/node24
• 6386344 node 24 as default runtime
• 1ea3db7 Merge pull request #243 from docker/dependabot/npm_and_yarn/docker/actions-to...
• b56a002 chore: update generated content
• c43f02d build(deps): bump @​docker/actions-toolkit from 0.67.0 to 0.77.0
• ce10c58 Merge pull request #244 from docker/dependabot/npm_and_yarn/actions/core-3.0.0
• 429fc9d chore: update generated content
• 060e5f8 build(deps): bump @​actions/core from 1.11.1 to 3.0.0
• 44be13e Merge pull request #231 from docker/dependabot/npm_and_yarn/js-yaml-3.14.2
• 1897438 chore: update generated content
• Additional commits viewable in compare view

Updates docker/setup-buildx-action from 3.12.0 to 4.0.0

Release notes

Sourced from docker/setup-buildx-action's releases.

v4.0.0

• Node 24 as default runtime (requires Actions Runner v2.327.1 or later) by @​crazy-max in docker/setup-buildx-action#483
• Remove deprecated inputs/outputs by @​crazy-max in docker/setup-buildx-action#464
• Switch to ESM and update config/test wiring by @​crazy-max in docker/setup-buildx-action#481
• Bump @​actions/core from 1.11.1 to 3.0.0 in docker/setup-buildx-action#475
• Bump @​docker/actions-toolkit from 0.63.0 to 0.79.0 in docker/setup-buildx-action#482 docker/setup-buildx-action#485
• Bump js-yaml from 4.1.0 to 4.1.1 in docker/setup-buildx-action#452
• Bump lodash from 4.17.21 to 4.17.23 in docker/setup-buildx-action#472
• Bump minimatch from 3.1.2 to 3.1.5 in docker/setup-buildx-action#480

Full Changelog: docker/setup-buildx-action@v3.12.0...v4.0.0

Commits

• 4d04d5d Merge pull request #485 from docker/dependabot/npm_and_yarn/docker/actions-to...
• cd74e05 chore: update generated content
• eee38ec build(deps): bump @​docker/actions-toolkit from 0.77.0 to 0.79.0
• 7a83f65 Merge pull request #484 from docker/dependabot/github_actions/docker/setup-qe...
• a5aa967 Merge pull request #464 from crazy-max/rm-deprecated
• e73d53f build(deps): bump docker/setup-qemu-action from 3 to 4
• 28a438e Merge pull request #483 from crazy-max/node24
• 034e9d3 chore: update generated content
• b4664d8 remove deprecated inputs/outputs
• a8257de node 24 as default runtime
• Additional commits viewable in compare view

Updates codecov/codecov-action from 5.5.2 to 5.5.3

Release notes

Sourced from codecov/codecov-action's releases.

v5.5.3

What's Changed

• build(deps): bump actions/github-script from 7.0.1 to 8.0.0 by @​dependabot[bot] in codecov/codecov-action#1874
• chore(release): bump to 5.5.3 by @​thomasrockhu-codecov in codecov/codecov-action#1922

Full Changelog: codecov/codecov-action@v5.5.2...v5.5.3

Changelog

Sourced from codecov/codecov-action's changelog.

v5.5.2

What's Changed

Full Changelog: https://github.com/codecov/codecov-action/compare/v5.5.1..v5.5.2

v5.5.1

What's Changed

• fix: overwrite pr number on fork by @​thomasrockhu-codecov in codecov/codecov-action#1871
• build(deps): bump actions/checkout from 4.2.2 to 5.0.0 by @​app/dependabot in codecov/codecov-action#1868
• build(deps): bump github/codeql-action from 3.29.9 to 3.29.11 by @​app/dependabot in codecov/codecov-action#1867
• fix: update to use local app/ dir by @​thomasrockhu-codecov in codecov/codecov-action#1872
• docs: fix typo in README by @​datalater in codecov/codecov-action#1866
• Document a codecov-cli version reference example by @​webknjaz in codecov/codecov-action#1774
• build(deps): bump github/codeql-action from 3.28.18 to 3.29.9 by @​app/dependabot in codecov/codecov-action#1861
• build(deps): bump ossf/scorecard-action from 2.4.1 to 2.4.2 by @​app/dependabot in codecov/codecov-action#1833

Full Changelog: https://github.com/codecov/codecov-action/compare/v5.5.0..v5.5.1

v5.5.0

What's Changed

• feat: upgrade wrapper to 0.2.4 by @​jviall in codecov/codecov-action#1864
• Pin actions/github-script by Git SHA by @​martincostello in codecov/codecov-action#1859
• fix: check reqs exist by @​joseph-sentry in codecov/codecov-action#1835
• fix: Typo in README by @​spalmurray in codecov/codecov-action#1838
• docs: Refine OIDC docs by @​spalmurray in codecov/codecov-action#1837
• build(deps): bump github/codeql-action from 3.28.17 to 3.28.18 by @​app/dependabot in codecov/codecov-action#1829

Full Changelog: https://github.com/codecov/codecov-action/compare/v5.4.3..v5.5.0

v5.4.3

What's Changed

• build(deps): bump github/codeql-action from 3.28.13 to 3.28.17 by @​app/dependabot in codecov/codecov-action#1822
• fix: OIDC on forks by @​joseph-sentry in codecov/codecov-action#1823

Full Changelog: https://github.com/codecov/codecov-action/compare/v5.4.2..v5.4.3

v5.4.2

... (truncated)

Commits

• 1af5884 chore(release): bump to 5.5.3 (#1922)
• c143300 build(deps): bump actions/github-script from 7.0.1 to 8.0.0 (#1874)
• See full diff in compare view

Updates release-drafter/release-drafter from 6.2.0 to 7.1.1

Release notes

Sourced from release-drafter/release-drafter's releases.

v7.1.1

What's Changed

Bug Fixes

• fix: remove disable-releaser and disable-autolabeler from action.yaml (#1564) @​cchanche

Full Changelog: release-drafter/release-drafter@v7.1.0...v7.1.1

v7.1.0

What's Changed

New

• feat: filter previous releases by range with semver (#1445) @​cchanche
• feat: support advanced substitutions in replacers (#1517) @​cchanche

Bug Fixes

• fix: support pull_request_target event in autolabeler (#1560) @​jmeridth
• fix: empty template when prs all are excluded by labels (#1429) @​Bledai
• fix: fall back to org .github repo when config not found in current repo (#1554) @​jetersen

Maintenance

• ci: make sure PRs have a type label (#1557) @​cchanche

Documentation

• docs: update README with pull_request_target example (#1561) @​jmeridth

Full Changelog: release-drafter/release-drafter@v7.0.0...v7.1.0

v7.0.0

What's Changed

Breaking

• feat: new major version (#1475) @​cchanche

Bug Fixes

• fix: JSON schema too strict with required fields (#1535) @​jetersen

Maintenance

• chore(deps): update vitest to 4.1.0 (#1544) @renovate[bot]
• chore(deps): update linters (#1549) @renovate[bot]
• chore(deps): update dependency nock to 14.0.11 (#1548) @renovate[bot]
• chore(deps): update dependency @​graphql-codegen/near-operation-file-preset to 5.0.0 (#1545) @renovate[bot]

... (truncated)

Commits

• 139054a chore: release v7.1.1
• 114efa7 fix: remove disable-releaser and disable-autolabeler from action.yaml (#1564)
• b23b6d2 test: add semantic prefix replacer example
• 44a942e chore: release v7.1.0
• f1f40a0 docs: update README with pull_request_target example (#1561)
• ebb69bb fix: support pull_request_target event in autolabeler (#1560)
• bddbd54 ci: make sure PRs have a type label (#1557)
• 4a66170 fix: empty template when prs all are excluded by labels (#1429)
• 7431882 feat: filter releases by semver range (#1445)
• 5a8b0d3 ci: restore CodeQL category lost when matrix was removed
• Additional commits viewable in compare view

Updates zgosalvez/github-actions-ensure-sha-pinned-actions from 5.0.1 to 5.0.3

Release notes

Sourced from zgosalvez/github-actions-ensure-sha-pinned-actions's releases.

v5.0.3

What's Changed

• Bump flatted from 3.3.1 to 3.4.2 by @​dependabot[bot] in zgosalvez/github-actions-ensure-sha-pinned-actions#299

Full Changelog: zgosalvez/github-actions-ensure-sha-pinned-actions@v5...v5.0.3

v5.0.2

What's Changed

• Bump jest from 30.2.0 to 30.3.0 by @​dependabot[bot] in zgosalvez/github-actions-ensure-sha-pinned-actions#298
• Bump eslint from 10.0.1 to 10.0.3 by @​dependabot[bot] in zgosalvez/github-actions-ensure-sha-pinned-actions#295
• Bump actions/cache from 5.0.1 to 5.0.3 by @​dependabot[bot] in zgosalvez/github-actions-ensure-sha-pinned-actions#294
• Bump undici from 6.23.0 to 6.24.1 by @​dependabot[bot] in zgosalvez/github-actions-ensure-sha-pinned-actions#297
• Bump actions/checkout from 6.0.1 to 6.0.2 by @​dependabot[bot] in zgosalvez/github-actions-ensure-sha-pinned-actions#293
• Bump actions/setup-node from 6.1.0 to 6.2.0 by @​dependabot[bot] in zgosalvez/github-actions-ensure-sha-pinned-actions#292

Full Changelog: zgosalvez/github-actions-ensure-sha-pinned-actions@v5...v5.0.2

Commits

• 471d5ac Bump flatted from 3.3.1 to 3.4.2 (#299)
• cc9ffdc Bump actions/setup-node from 6.1.0 to 6.2.0 (#292)
• b74bd12 Bump actions/checkout from 6.0.1 to 6.0.2 (#293)
• 8921d5c Bump undici from 6.23.0 to 6.24.1 (#297)
• a88dd70 Bump actions/cache from 5.0.1 to 5.0.3 (#294)
• 743dbe8 Bump eslint from 10.0.1 to 10.0.3 (#295)
• fb78cc3 Bump jest from 30.2.0 to 30.3.0 (#298)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud