build(deps): bump the all-actions group with 7 updates

[dependabot]

Bumps the all-actions group with 7 updates:

Package	From	To
actions/checkout	2	4
actions/setup-go	3.3.0	5.0.2
golangci/golangci-lint-action	3.2.0	6.0.1
svenstaro/upload-release-action	2.2.1	2.9.0
actions/cache	3	4
docker/login-action	1.14.0	3.2.0
tibdex/github-app-token	1	2

Updates actions/checkout from 2 to 4

Release notes

Sourced from actions/checkout's releases.

v4.0.0

What's Changed

• Update default runtime to node20 by @​takost in actions/checkout#1436
• Support fetching without the --progress option by @​simonbaird in actions/checkout#1067
• Release 4.0.0 by @​takost in actions/checkout#1447

New Contributors

• @​takost made their first contribution in actions/checkout#1436
• @​simonbaird made their first contribution in actions/checkout#1067

Full Changelog: actions/checkout@v3...v4.0.0

v3.6.0

What's Changed

• Mark test scripts with Bash'isms to be run via Bash by @​dscho in actions/checkout#1377
• Add option to fetch tags even if fetch-depth > 0 by @​RobertWieczoreck in actions/checkout#579
• Release 3.6.0 by @​luketomlinson in actions/checkout#1437

New Contributors

• @​RobertWieczoreck made their first contribution in actions/checkout#579
• @​luketomlinson made their first contribution in actions/checkout#1437

Full Changelog: actions/checkout@v3.5.3...v3.6.0

v3.5.3

What's Changed

• Fix: Checkout Issue in self hosted runner due to faulty submodule check-ins by @​megamanics in actions/checkout#1196
• Fix typos found by codespell by @​DimitriPapadopoulos in actions/checkout#1287
• Add support for sparse checkouts by @​dscho and @​dfdez in actions/checkout#1369
• Release v3.5.3 by @​TingluoHuang in actions/checkout#1376

New Contributors

• @​megamanics made their first contribution in actions/checkout#1196
• @​DimitriPapadopoulos made their first contribution in actions/checkout#1287
• @​dfdez made their first contribution in actions/checkout#1369

Full Changelog: actions/checkout@v3...v3.5.3

v3.5.2

What's Changed

• Fix: Use correct API url / endpoint in GHES by @​fhammerl in actions/checkout#1289 based on #1286 by @​1newsr

Full Changelog: actions/checkout@v3.5.1...v3.5.2

v3.5.1

What's Changed

• Improve checkout performance on Windows runners by upgrading @​actions/github dependency by @​BrettDong in actions/checkout#1246

New Contributors

• @​BrettDong made their first contribution in actions/checkout#1246

... (truncated)

Commits

• 692973e Prepare 4.1.7 release (#1775)
• 6ccd57f Pin actions/checkout's own workflows to a known, good, stable version. (#1776)
• b17fe1e Handle hidden refs (#1774)
• b80ff79 Bump actions/checkout from 3 to 4 (#1697)
• b1ec302 Bump the minor-npm-dependencies group across 1 directory with 4 updates (#1739)
• a5ac7e5 Update for 4.1.6 release (#1733)
• 24ed1a3 Check platform for extension (#1732)
• 44c2b7a README: Suggest user.email to be `41898282+github-actions[bot]@​users.norepl...
• 8459bc0 Bump actions/upload-artifact from 2 to 4 (#1695)
• 3f603f6 Bump actions/setup-node from 1 to 4 (#1696)
• Additional commits viewable in compare view

Updates actions/setup-go from 3.3.0 to 5.0.2

Release notes

Sourced from actions/setup-go's releases.

v5.0.2

What's Changed

Bug fixes:

• Fix versions check failure by @​HarithaVattikuti in actions/setup-go#479

Dependency updates:

• Bump braces from 3.0.2 to 3.0.3 and undici from 5.28.3 to 5.28.4 by @​dependabot in actions/setup-go#487

New Contributors

• @​HarithaVattikuti made their first contribution in actions/setup-go#479

Full Changelog: actions/setup-go@v5...v5.0.2

v5.0.1

What's Changed

• Bump undici from 5.28.2 to 5.28.3 and dependencies upgrade by @​dependabot , @​HarithaVattikuti in actions/setup-go#465
• Update documentation with latest V5 release notes by @​ab in actions/setup-go#459
• Update version documentation by @​178inaba in actions/setup-go#458
• Documentation update of actions/setup-go to v5 by @​chenrui333 in actions/setup-go#449

New Contributors

• @​ab made their first contribution in actions/setup-go#459

Full Changelog: actions/setup-go@v5.0.0...v5.0.1

v5.0.0

What's Changed

In scope of this release, we change Nodejs runtime from node16 to node20 (actions/setup-go#421). Moreover, we update some dependencies to the latest versions (actions/setup-go#445).

Besides, this release contains such changes as:

• Fix hosted tool cache usage on windows by @​galargh in actions/setup-go#411
• Improve documentation regarding dependencies caching by @​artemgavrilov in actions/setup-go#417

New Contributors

• @​galargh made their first contribution in actions/setup-go#411
• @​artemgavrilov made their first contribution in actions/setup-go#417
• @​chenrui333 made their first contribution in actions/setup-go#421

Full Changelog: actions/setup-go@v4...v5.0.0

v4.1.0

What's Changed

In scope of this release, slow installation on Windows was fixed by @​dsame in actions/setup-go#393 and OS version was added to primaryKey for Ubuntu runners to avoid conflicts (actions/setup-go#383)

This release also includes the following changes:

• Remove implicit dependencies by @​nikolai-laevskii in actions/setup-go#378
• Update action.yml by @​mkelly in actions/setup-go#379
• Added a description that go-version should be specified as a string type by @​n3xem in actions/setup-go#367
• Add note about YAML parsing versions by @​dmitry-shibanov in actions/setup-go#382

... (truncated)

Commits

• 0a12ed9 Bump braces from 3.0.2 to 3.0.3 (#487)
• 4ab57d7 Fix versions check failure (#479)
• cdcb360 Remove the description of the old go.mod specification (#458)
• 99176a8 Update README.md with V5 release notes (#459)
• be1aa11 Bump undici from 5.28.2 to 5.28.3 (#465)
• 6c1fd22 docs: bump actions/setup-go to v5 (#449)
• 0c52d54 Update dependencies for node20 (#445)
• bfd2fb3 Merge pull request #421 from chenrui333/node20-runtime
• 3d65fa5 feat: bump to use actions/checkout@v4
• 8a505c9 feat: bump to use node20 runtime
• Additional commits viewable in compare view

Updates golangci/golangci-lint-action from 3.2.0 to 6.0.1

Release notes

Sourced from golangci/golangci-lint-action's releases.

v6.0.1

What's Changed

Changes

• fix: use 3-dots syntax for diff on push by @​ldez in golangci/golangci-lint-action#1040

Full Changelog: golangci/golangci-lint-action@v6.0.0...v6.0.1

v6.0.0

What's Changed

This version removes annotations option (because it was useless), and removes the default output format (github-actions). The annotations are still produced but with another approach.

Changes

• feat: rewrite format handling by @​ldez in golangci/golangci-lint-action#1038

Dependencies

• build(deps-dev): bump @​typescript-eslint/eslint-plugin from 7.7.1 to 7.8.0 by @​dependabot in golangci/golangci-lint-action#1034
• build(deps): bump @​types/node from 20.12.7 to 20.12.8 by @​dependabot in golangci/golangci-lint-action#1036
• build(deps-dev): bump @​typescript-eslint/parser from 7.7.1 to 7.8.0 by @​dependabot in golangci/golangci-lint-action#1035

Full Changelog: golangci/golangci-lint-action@v5.3.0...v6.0.0

v5.3.0

What's Changed

Changes

• feat: uses 2 dots compare syntax for push diff by @​ldez in golangci/golangci-lint-action#1030
• feat: add option to control cache invalidation interval by @​ldez in golangci/golangci-lint-action#1031
• feat: use OS and working-directory as cache key by @​ldez in golangci/golangci-lint-action#1032
• feat: improve log about pwd/cwd by @​ldez in golangci/golangci-lint-action#1033

Full Changelog: golangci/golangci-lint-action@v5.2.0...v5.3.0

v5.2.0

What's Changed

Changes

• feat: add an option to enable/disable annotations by @​ldez

Full Changelog: golangci/golangci-lint-action@v5.1.0...v5.2.0

... (truncated)

Commits

• a4f60bb fix: use 3-dots syntax for diff on push (#1040)
• 5815a4b doc: improve readme
• 23faadf doc: improve readme
• b556f25 doc: improve readme
• 789f114 feat: rewrite format handling (#1038)
• d36b91c build(deps-dev): bump @​typescript-eslint/parser from 7.7.1 to 7.8.0 (#1035)
• a9eb115 build(deps): bump @​types/node from 20.12.7 to 20.12.8 (#1036)
• bd4fa7c build(deps-dev): bump @​typescript-eslint/eslint-plugin from 7.7.1 to 7.8.0 (#...
• 38e1018 feat: improve log about pwd/cwd (#1033)
• 21e9e6b feat: use OS and working-directory as cache key (#1032)
• Additional commits viewable in compare view

Updates svenstaro/upload-release-action from 2.2.1 to 2.9.0

Release notes

Sourced from svenstaro/upload-release-action's releases.

2.9.0

• Allow seeting a release as draft #112 (thanks @​ShonP40)

2.8.0

• Bump all deps
• Update to node 20

2.7.0

• Allow setting an explicit target_commitish #46 (thanks @​Spikatrix)

2.6.1

• Do not overwrite body or name if empty #108 (thanks @​regevbr)

2.6.0

• Add make_latest input parameter. Can be set to false to prevent the created release from being marked as the latest release for the repository #100 (thanks @​brandonkelly)
• Don't try to upload empty files #102 (thanks @​Loyalsoldier)
• Bump all deps #105
• overwrite option also overwrites name and body #106 (thanks @​regevbr)
• Add promote option to allow prereleases to be promoted #74 (thanks @​regevbr)

2.5.0

• Add retry to upload release #96 (thanks @​sonphantrung)

2.4.1

• Modernize octokit usage

2.4.0

• Update to node 16
• Bump most dependencies

2.3.0

• Now defaults repo_token to ${{ github.token }} and tag to ${{ github.ref }} #69 (thanks @​leighmcculloch)

Changelog

Sourced from svenstaro/upload-release-action's changelog.

Changelog

[2.9.0] - 2024-02-22

• Allow seeting a release as draft #112 (thanks @​ShonP40)

[2.8.0] - 2024-02-21

• Bump all deps
• Update to node 20

[2.7.0] - 2023-07-28

• Allow setting an explicit target_commitish #46 (thanks @​Spikatrix)

[2.6.1] - 2023-05-31

• Do not overwrite body or name if empty #108 (thanks @​regevbr)

[2.6.0] - 2023-05-23

• Add make_latest input parameter. Can be set to false to prevent the created release from being marked as the latest release for the repository #100 (thanks @​brandonkelly)
• Don't try to upload empty files #102 (thanks @​Loyalsoldier)
• Bump all deps #105
• overwrite option also overwrites name and body #106 (thanks @​regevbr)
• Add promote option to allow prereleases to be promoted #74 (thanks @​regevbr)

[2.5.0] - 2023-02-21

• Add retry to upload release #96 (thanks @​sonphantrung)

[2.4.1] - 2023-02-01

• Modernize octokit usage

[2.4.0] - 2023-01-09

• Update to node 16
• Bump most dependencies

[2.3.0] - 2022-06-05

• Now defaults repo_token to ${{ github.token }} and tag to ${{ github.ref }} #69 (thanks @​leighmcculloch)

[2.2.1] - 2020-12-16

• Added support for the GitHub pagination API for repositories with many releases #36 (thanks @​djpohly)

[2.2.0] - 2020-10-07

• Add support for ceating a new release in a foreign repository #25 (thanks @​kittaakos)
• Upgrade all deps

[2.1.1] - 2020-09-25

• Fix release_name option #27 (thanks @​kittaakos)

[2.1.0] - 2020-08-10

• Strip refs/heads/ from the input tag #23 (thanks @​OmarEmaraDev)

[2.0.0] - 2020-07-03

• Add prerelease input parameter. Setting this marks the created release as a pre-release.

... (truncated)

Commits

• 04733e0 This is 2.9.0
• 7b5b755 Add CHANGELOG entry for #112
• 17449a2 Add draft release support (fixes #19)
• ec2ff03 Amend CHANGELOG
• ff23fb2 This is 2.8.0
• 8e43835 Bump all deps
• fe68892 Merge pull request #113 from svenstaro/dependabot/npm_and_yarn/babel/traverse...
• a13e7b5 Merge pull request #116 from der-eismann/update-to-node20
• a4bae28 Update to node20
• c19ddf4 Bump @​babel/traverse from 7.22.8 to 7.23.2
• Additional commits viewable in compare view

Updates actions/cache from 3 to 4

Release notes

Sourced from actions/cache's releases.

v4.0.0

What's Changed

• Update action to node20 by @​takost in actions/cache#1284
• feat: save-always flag by @​to-s in actions/cache#1242

New Contributors

• @​takost made their first contribution in actions/cache#1284
• @​to-s made their first contribution in actions/cache#1242

Full Changelog: actions/cache@v3...v4.0.0

v3.3.3

What's Changed

• Cache v3.3.3 by @​robherley in actions/cache#1302

New Contributors

• @​robherley made their first contribution in actions/cache#1302

Full Changelog: actions/cache@v3...v3.3.3

v3.3.2

What's Changed

• Fixed readme with new segment timeout values by @​kotewar in actions/cache#1133
• Readme fixes by @​kotewar in actions/cache#1134
• Updated description of the lookup-only input for main action by @​kotewar in actions/cache#1130
• Change two new actions mention as quoted text by @​bishal-pdMSFT in actions/cache#1131
• Update Cross-OS Caching tips by @​pdotl in actions/cache#1122
• Bazel example (Take #2️⃣) by @​vorburger in actions/cache#1132
• Remove actions to add new PRs and issues to a project board by @​jorendorff in actions/cache#1187
• Consume latest toolkit and fix dangling promise bug by @​chkimes in actions/cache#1217
• Bump action version to 3.3.2 by @​bethanyj28 in actions/cache#1236

New Contributors

• @​vorburger made their first contribution in actions/cache#1132
• @​jorendorff made their first contribution in actions/cache#1187
• @​chkimes made their first contribution in actions/cache#1217
• @​bethanyj28 made their first contribution in actions/cache#1236

Full Changelog: actions/cache@v3...v3.3.2

v3.3.1

What's Changed

• Reduced download segment size to 128 MB and timeout to 10 minutes by @​kotewar in actions/cache#1129

Full Changelog: actions/cache@v3...v3.3.1

v3.3.0

What's Changed

• Bug: Permission is missing in cache delete example by @​kotokaze in actions/cache#1123

... (truncated)

Changelog

Sourced from actions/cache's changelog.

Releases

4.0.2

• Fixed restore fail-on-cache-miss not working.

4.0.1

• Updated isGhes check

4.0.0

• Updated minimum runner version support from node 12 -> node 20

3.3.3

• Updates @​actions/cache to v3.2.3 to fix accidental mutated path arguments to getCacheVersion actions/toolkit#1378
• Additional audit fixes of npm package(s)

3.3.2

• Fixes bug with Azure SDK causing blob downloads to get stuck.

3.3.1

• Reduced segment size to 128MB and segment timeout to 10 minutes to fail fast in case the cache download is stuck.

3.3.0

• Added option to lookup cache without downloading it.

3.2.6

• Fix zstd not being used after zstd version upgrade to 1.5.4 on hosted runners.

3.2.5

• Added fix to prevent from setting MYSYS environment variable globally.

3.2.4

• Added option to fail job on cache miss.

3.2.3

• Support cross os caching on Windows as an opt-in feature.
• Fix issue with symlink restoration on Windows for cross-os caches.

3.2.2

... (truncated)

Commits

• 0c45773 Merge pull request #1327 from cdce8p/fix-fail-on-cache-miss
• 8a55f83 Add test case for process exit
• 3884cac Bump version
• e29dad3 Fix fail-on-cache-miss not working
• ab5e6d0 Merge pull request #1341 from bethanyj28/main
• 89c7d86 licensed cache
• d2c84da update @​actions/cache
• 37e7d4e Merge pull request #1340 from actions/bethanyj28/update-publish-flow
• a18323f add release action
• a2ed59d Merge pull request #1305 from actions/yacaovsnc/update_examples
• Additional commits viewable in compare view

Updates docker/login-action from 1.14.0 to 3.2.0

Release notes

Sourced from docker/login-action's releases.

v3.2.0

• Improve missing username/password by @​Frankkkkk in docker/login-action#706
• Bump @​docker/actions-toolkit from 0.18.0 to 0.24.0 in docker/login-action#715 docker/login-action#721
• Bump aws-sdk-dependencies to 3.583.0 in docker/login-action#720
• Bump undici from 5.28.3 to 5.28.4 in docker/login-action#694

Full Changelog: docker/login-action@v3.1.0...v3.2.0

v3.1.0

• Bump @​babel/traverse from 7.17.3 to 7.23.2 in docker/login-action#618
• Bump @​docker/actions-toolkit from 0.12.0 to 0.18.0 in docker/login-action#616 docker/login-action#636 docker/login-action#682
• Bump aws-sdk dependencies to 3.529.1 in docker/login-action#624 docker/login-action#685
• Bump http-proxy-agent to 7.0.2 in docker/login-action#676
• Bump https-proxy-agent to 7.0.4 in docker/login-action#676
• Bump undici from 5.26.5 to 5.28.3 in docker/login-action#677

Full Changelog: docker/login-action@v3.0.0...v3.1.0

v3.0.0

• Node 20 as default runtime (requires Actions Runner v2.308.0 or later) by @​crazy-max in docker/login-action#593
• Bump @​actions/core from 1.10.0 to 1.10.1 in docker/login-action#598
• Bump @​aws-sdk/client-ecr and @​aws-sdk/client-ecr-public to 3.410.0 in docker/login-action#555 docker/login-action#560 docker/login-action#582 docker/login-action#599
• Bump semver from 6.3.0 to 6.3.1 in docker/login-action#556
• Bump https-proxy-agent to 7.0.2 docker/login-action#561 docker/login-action#588

Full Changelog: docker/login-action@v2.2.0...v3.0.0

v2.2.0

• Switch to actions-toolkit implementation by @​crazy-max in docker/login-action#409 docker/login-action#470 docker/login-action#476
• Bump @​aws-sdk/client-ecr and @​aws-sdk/client-ecr-public to 3.347.1 in docker/login-action#524 docker/login-action#364 docker/login-action#363
• Bump minimatch from 3.0.4 to 3.1.2 in docker/login-action#354
• Bump json5 from 2.2.0 to 2.2.3 in docker/login-action#378
• Bump http-proxy-agent from 5.0.0 to 7.0.0 in docker/login-action#509
• Bump https-proxy-agent from 5.0.1 to 7.0.0 in docker/login-action#508

Full Changelog: docker/login-action@v2.1.0...v2.2.0

v2.1.0

• Ensure AWS temp credentials are redacted in workflow logs by @​crazy-max (#275)
• Bump @​actions/core from 1.6.0 to 1.10.0 (#252 #292)
• Bump @​aws-sdk/client-ecr from 3.53.0 to 3.186.0 (#298)
• Bump @​aws-sdk/client-ecr-public from 3.53.0 to 3.186.0 (#299)

Full Changelog: docker/login-action@v2.0.0...v2.1.0

v2.0.0

• Node 16 as default runtime by @​crazy-max (#161)
  • This requires a minimum Actions Runner version of v2.285.0, which is by default available in GHES 3.4 or later.
• chore: update dev dependencies and workflow by @​crazy-max (#170)
• Bump @​actions/exec from 1.1.0 to 1.1.1 (#167)

... (truncated)

Commits

• 0d4c9c5 Merge pull request #722 from crazy-max/update-readme
• b29e14f add contributing section to README
• 218a70c Merge pull request #721 from docker/dependabot/npm_and_yarn/docker/actions-to...
• b820080 build(deps): bump @​docker/actions-toolkit from 0.23.0 to 0.24.0
• 27530a9 Merge pull request #720 from docker/dependabot/npm_and_yarn/aws-sdk-dependenc...
• d072a60 chore: update generated content
• 7c627b5 build(deps): bump the aws-sdk-dependencies group across 1 directory with 2 up...
• 787cfc6 Merge pull request #694 from docker/dependabot/npm_and_yarn/undici-5.28.4
• 8e66e91 chore: update generated content
• 5ba5e97 build(deps): bump undici from 5.28.3 to 5.28.4
• Additional commits viewable in compare view

Updates tibdex/github-app-token from 1 to 2

Release notes

Sourced from tibdex/github-app-token's releases.

v2.0.0

• BREAKING: replaces the installation_id and repository inputs with installation_retrieval_mode and installation_retrieval_payload to also support organization and user installation.
• switches to node20.
• adds a repositories input to scope the created token to a subset of repositories.
• revokes the created token at the end of the job with a post script.

v1.9.0

No release notes provided.

v1.8.2

No release notes provided.

v1.8.1

No release notes provided.

v1.8.0

No release notes provided.

v1.7.0

No release notes provided.

v1.6.0

No release notes provided.

v1.5.2

No release notes provided.

v1.5.1

No release notes provided.

v1.5.0

No release notes provided.

v1.4.0

No release notes provided.

v1.3.0

No release notes provided.

v1.2.0

No release notes provided.

v1.1.1

No release notes provided.

v1.1.0

No release notes provided.

v1.0.2

No release notes provided.

Commits

• 3beb63f release v2.1.0
• 3eb77c7 Add option to not revoke token (#95)
• 9571738 Add support for organization and user installation retrieval and repository s...
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

Superseded by #17.