deps(deps): bump the github-actions group with 7 updates

[dependabot]

Bumps the github-actions group with 7 updates:

Package	From	To
actions/setup-node	4.0.1	4.0.2
actions/cache	3.3.3	4.0.0
github/codeql-action	3.23.0	3.24.0
actions/dependency-review-action	3.1.5	4.0.0
dorny/paths-filter	2.11.1	3.0.0
sigstore/cosign-installer	3.3.0	3.4.0
docker/metadata-action	5.5.0	5.5.1

Updates actions/setup-node from 4.0.1 to 4.0.2

Release notes

Sourced from actions/setup-node's releases.

v4.0.2

What's Changed

• Add support for volta.extends by @​ThisIsManta in actions/setup-node#921
• Add support for arm64 Windows by @​dmitry-shibanov in actions/setup-node#927

New Contributors

• @​ThisIsManta made their first contribution in actions/setup-node#921

Full Changelog: actions/setup-node@v4.0.1...v4.0.2

Commits

• 60edb5d Add support for arm64 Windows (#927)
• d86ebcd Add support for volta.extends (#921)
• See full diff in compare view

Updates actions/cache from 3.3.3 to 4.0.0

Release notes

Sourced from actions/cache's releases.

v4.0.0

What's Changed

• Update action to node20 by @​takost in actions/cache#1284
• feat: save-always flag by @​to-s in actions/cache#1242

New Contributors

• @​takost made their first contribution in actions/cache#1284
• @​to-s made their first contribution in actions/cache#1242

Full Changelog: actions/cache@v3...v4.0.0

Changelog

Sourced from actions/cache's changelog.

3.3.3

• Updates @​actions/cache to v3.2.3 to fix accidental mutated path arguments to getCacheVersion actions/toolkit#1378
• Additional audit fixes of npm package(s)

4.0.0

• Updated minimum runner version support from node 12 -> node 20

Commits

• 13aacd8 Merge pull request #1242 from to-s/main
• 53b35c5 Merge branch 'main' into main
• 65b8989 Merge pull request #1284 from takost/update-to-node-20
• d0be34d Fix dist
• 66cf064 Merge branch 'main' into update-to-node-20
• 1326563 Merge branch 'main' into main
• e718767 Fix format
• 0122982 Apply workaround for earlyExit
• 3185ecf Update "only-" actions to node20
• 25618a0 Bump version
• Additional commits viewable in compare view

Updates github/codeql-action from 3.23.0 to 3.24.0

Changelog

Sourced from github/codeql-action's changelog.

3.24.0 - 02 Feb 2024

• CodeQL Python analysis will no longer install dependencies on GitHub Enterprise Server, as is already the case for GitHub.com. See release notes for 3.23.0 for more details. #2106

3.23.2 - 26 Jan 2024

• On Linux, the maximum possible value for the --threads option now respects the CPU count as specified in cgroup files to more accurately reflect the number of available cores when running in containers. #2083
• Update default CodeQL bundle version to 2.16.1. #2096

3.23.1 - 17 Jan 2024

• Update default CodeQL bundle version to 2.16.0. #2073
• Change the retention period for uploaded debug artifacts to 7 days. Previously, this was whatever the repository default was. #2079

Commits

• e8893c5 Merge pull request #2113 from github/update-v3.24.0-2db032717
• 78d6c8e Update changelog for v3.24.0
• 2db0327 Merge pull request #2112 from github/henrymercer/status-report-handle-disk-fa...
• f9dea84 Status report: Handle failures determining disk usage
• 81eb6b2 Merge pull request #2108 from github/henrymercer/build-mode-input
• 483bef1 Merge pull request #2106 from github/rasmuswl/default-no-dep-inst
• b58c2f6 Detail requirements for different build modes
• f7d5324 Update wording for CHANGELOG.md
• 254b53d Merge branch 'main' into henrymercer/build-mode-input
• e345133 Merge pull request #2107 from github/henrymercer/refactor-config
• Additional commits viewable in compare view

Updates actions/dependency-review-action from 3.1.5 to 4.0.0

Release notes

Sourced from actions/dependency-review-action's releases.

v4.0.0

• Update action to Node 20 by @​takost in actions/dependency-review-action#639
• Dependabot updates, see the full changelog for more details.

New Contributors

• @​takost made their first contribution in actions/dependency-review-action#639

Full Changelog: actions/dependency-review-action@v3.1.5...v4.0.0

Commits

• 4901385 bump to 4.0.0
• dbf82a4 Merge pull request #639 from takost/takost/update-to-node-20
• 78aeb2a Merge pull request #663 from actions/dependabot/npm_and_yarn/typescript-eslin...
• 4e51000 Bump @​typescript-eslint/parser from 6.18.0 to 6.18.1
• 9560737 Merge pull request #661 from actions/dependabot/npm_and_yarn/typescript-eslin...
• 4125f47 Merge pull request #660 from actions/dependabot/npm_and_yarn/types/node-16.18.70
• 07cc93e Bump @​typescript-eslint/eslint-plugin from 6.18.0 to 6.18.1
• e2c203b Bump @​types/node from 16.18.62 to 16.18.70
• f0b304d Merge pull request #653 from actions/dependabot/npm_and_yarn/got-14.0.0
• e41543e Merge pull request #656 from actions/dependabot/npm_and_yarn/typescript-eslin...
• Additional commits viewable in compare view

Updates dorny/paths-filter from 2.11.1 to 3.0.0

Release notes

Sourced from dorny/paths-filter's releases.

v3.0.0

What's Changed

• Update README.md: added real world usage example by @​iamtodor in dorny/paths-filter#178
• Update Node.js to version 20 by @​danielhjacobs in dorny/paths-filter#206
• Update to nodejs 20 by @​dorny in dorny/paths-filter#210
• chore(deps): bump checkout action to v4 and use setup-node to setup node and cache npm deps by @​chenrui333 in dorny/paths-filter#211
• Update all dependencies by @​dorny in dorny/paths-filter#215

New Contributors

• @​iamtodor made their first contribution in dorny/paths-filter#178
• @​danielhjacobs made their first contribution in dorny/paths-filter#206
• @​chenrui333 made their first contribution in dorny/paths-filter#211

Full Changelog: dorny/paths-filter@v2.11.1...v3.0.0

Changelog

Sourced from dorny/paths-filter's changelog.

v3.0.0

• Update to Node.js 20
• Update all dependencies

Commits

• 0bc4621 Bump major version to v3
• 7267a85 Update CHANGELOG for v2.12.0
• e36f112 Merge pull request #215 from dorny/update-dependencies
• 2f74457 Update all dependencies
• 6761795 Update examples in README to use checkout@v4
• a35d8d6 Merge pull request #211 from chenrui333/node-20
• b5a5203 chore(deps): bump checkout action to v4 and use setup-node to setup node and ...
• 3c49e64 Merge pull request #210 from dorny/use-nodejs-20
• 8ec7be4 Update to nodejs 20
• 100a119 Revert back to node16
• Additional commits viewable in compare view

Updates sigstore/cosign-installer from 3.3.0 to 3.4.0

Release notes

Sourced from sigstore/cosign-installer's releases.

v3.4.0

What's Changed

• Use examples that work with multiple tags by @​jkreileder in sigstore/cosign-installer#155
• default cosign install to release v2.2.3 by @​cpanato in sigstore/cosign-installer#156

New Contributors

• @​jkreileder made their first contribution in sigstore/cosign-installer#155

Full Changelog: sigstore/cosign-installer@v3...v3.4.0

Commits

• e1523de default cosign install to release v2.2.3 (#156)
• b18d21a Use examples that work with multiple tags (#155)
• See full diff in compare view

Updates docker/metadata-action from 5.5.0 to 5.5.1

Release notes

Sourced from docker/metadata-action's releases.

v5.5.1

• Don't set cwd:// prefix for local bake files by @​crazy-max in docker/metadata-action#382

Full Changelog: docker/metadata-action@v5.5.0...v5.5.1

Commits

• 8e5442c Merge pull request #382 from crazy-max/dont-set-cwd-prefix
• eda41b7 chore: update generated content
• 388c08f don't set cwd:// prefix for local bake files
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

The following labels could not be found: ci, priority-low, maintenance.

[dependabot]

Superseded by #18.