From fb912b97c0e98b380f9ebf9e70e81ece23e3fdb2 Mon Sep 17 00:00:00 2001
From: "renovate[bot]" <29139614+renovate[bot]@users.noreply.github.com>
Date: Thu, 29 Feb 2024 09:17:35 -0800
Subject: [PATCH] Update github-actions deps (major) (#9426)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
[](https://renovatebot.com)
This PR contains the following updates:
| Package | Type | Update | Change |
|---|---|---|---|
| [actions/checkout](https://togithub.com/actions/checkout) | action |
major | `v3.6.0` -> `v4.1.1` |
|
[actions/upload-artifact](https://togithub.com/actions/upload-artifact)
| action | major | `v3.1.3` -> `v4.3.1` |
| [github/codeql-action](https://togithub.com/github/codeql-action) |
action | major | `v2.24.5` -> `v3.24.6` |
---
### Release Notes
actions/checkout (actions/checkout)
###
[`v4.1.1`](https://togithub.com/actions/checkout/releases/tag/v4.1.1)
[Compare
Source](https://togithub.com/actions/checkout/compare/v4.1.0...v4.1.1)
##### What's Changed
- Update CODEOWNERS to Launch team by
[@joshmgross](https://togithub.com/joshmgross) in
[https://github.com/actions/checkout/pull/1510](https://togithub.com/actions/checkout/pull/1510)
- Correct link to GitHub Docs by
[@peterbe](https://togithub.com/peterbe) in
[https://github.com/actions/checkout/pull/1511](https://togithub.com/actions/checkout/pull/1511)
- Link to release page from what's new section by
[@cory-miller](https://togithub.com/cory-miller) in
[https://github.com/actions/checkout/pull/1514](https://togithub.com/actions/checkout/pull/1514)
##### New Contributors
- [@joshmgross](https://togithub.com/joshmgross) made their first
contribution in
[https://github.com/actions/checkout/pull/1510](https://togithub.com/actions/checkout/pull/1510)
- [@peterbe](https://togithub.com/peterbe) made their first
contribution in
[https://github.com/actions/checkout/pull/1511](https://togithub.com/actions/checkout/pull/1511)
**Full Changelog**:
https://github.com/actions/checkout/compare/v4.1.0...v4.1.1
###
[`v4.1.0`](https://togithub.com/actions/checkout/blob/HEAD/CHANGELOG.md#v410)
[Compare
Source](https://togithub.com/actions/checkout/compare/v4.0.0...v4.1.0)
- [Add support for partial checkout
filters](https://togithub.com/actions/checkout/pull/1396)
###
[`v4.0.0`](https://togithub.com/actions/checkout/blob/HEAD/CHANGELOG.md#v400)
[Compare
Source](https://togithub.com/actions/checkout/compare/v3.6.0...v4.0.0)
- [Support fetching without the --progress
option](https://togithub.com/actions/checkout/pull/1067)
- [Update to node20](https://togithub.com/actions/checkout/pull/1436)
actions/upload-artifact (actions/upload-artifact)
###
[`v4.3.1`](https://togithub.com/actions/upload-artifact/releases/tag/v4.3.1)
[Compare
Source](https://togithub.com/actions/upload-artifact/compare/v4.3.0...v4.3.1)
- Bump
[@actions/artifacts](https://togithub.com/actions/artifacts) to
latest version to include [updated GHES host
check](https://togithub.com/actions/toolkit/pull/1648)
###
[`v4.3.0`](https://togithub.com/actions/upload-artifact/releases/tag/v4.3.0)
[Compare
Source](https://togithub.com/actions/upload-artifact/compare/v4.2.0...v4.3.0)
##### What's Changed
- Reorganize upload code in prep for merge logic & add more tests by
[@robherley](https://togithub.com/robherley) in
[https://github.com/actions/upload-artifact/pull/504](https://togithub.com/actions/upload-artifact/pull/504)
- Add sub-action to merge artifacts by
[@robherley](https://togithub.com/robherley) in
[https://github.com/actions/upload-artifact/pull/505](https://togithub.com/actions/upload-artifact/pull/505)
**Full Changelog**:
https://github.com/actions/upload-artifact/compare/v4...v4.3.0
###
[`v4.2.0`](https://togithub.com/actions/upload-artifact/releases/tag/v4.2.0)
[Compare
Source](https://togithub.com/actions/upload-artifact/compare/v4.1.0...v4.2.0)
##### What's Changed
- Ability to overwrite an Artifact by
[@robherley](https://togithub.com/robherley) in
[https://github.com/actions/upload-artifact/pull/501](https://togithub.com/actions/upload-artifact/pull/501)
**Full Changelog**:
https://github.com/actions/upload-artifact/compare/v4...v4.2.0
###
[`v4.1.0`](https://togithub.com/actions/upload-artifact/releases/tag/v4.1.0)
[Compare
Source](https://togithub.com/actions/upload-artifact/compare/v4.0.0...v4.1.0)
#### What's Changed
- Add migrations docs by
[@robherley](https://togithub.com/robherley) in
[https://github.com/actions/upload-artifact/pull/482](https://togithub.com/actions/upload-artifact/pull/482)
- Update README.md by
[@samuelwine](https://togithub.com/samuelwine) in
[https://github.com/actions/upload-artifact/pull/492](https://togithub.com/actions/upload-artifact/pull/492)
- Support artifact-url output by
[@konradpabjan](https://togithub.com/konradpabjan) in
[https://github.com/actions/upload-artifact/pull/496](https://togithub.com/actions/upload-artifact/pull/496)
- Update readme to reflect new 500 artifact per job limit by
[@robherley](https://togithub.com/robherley) in
[https://github.com/actions/upload-artifact/pull/497](https://togithub.com/actions/upload-artifact/pull/497)
#### New Contributors
- [@samuelwine](https://togithub.com/samuelwine) made their first
contribution in
[https://github.com/actions/upload-artifact/pull/492](https://togithub.com/actions/upload-artifact/pull/492)
**Full Changelog**:
https://github.com/actions/upload-artifact/compare/v4...v4.1.0
###
[`v4.0.0`](https://togithub.com/actions/upload-artifact/releases/tag/v4.0.0)
[Compare
Source](https://togithub.com/actions/upload-artifact/compare/v3.1.3...v4.0.0)
#### What's Changed
The release of upload-artifact@v4 and download-artifact@v4 are major
changes to the backend architecture of Artifacts. They have numerous
performance and behavioral improvements.
For more information, see the
[@actions/artifact](https://togithub.com/actions/toolkit/tree/main/packages/artifact)
documentation.
#### New Contributors
- [@vmjoseph](https://togithub.com/vmjoseph) made their first
contribution in
[https://github.com/actions/upload-artifact/pull/464](https://togithub.com/actions/upload-artifact/pull/464)
**Full Changelog**:
https://github.com/actions/upload-artifact/compare/v3...v4.0.0
github/codeql-action (github/codeql-action)
###
[`v3.24.6`](https://togithub.com/github/codeql-action/compare/v3.24.5...v3.24.6)
[Compare
Source](https://togithub.com/github/codeql-action/compare/v3.24.5...v3.24.6)
###
[`v3.24.5`](https://togithub.com/github/codeql-action/compare/v3.24.4...v3.24.5)
[Compare
Source](https://togithub.com/github/codeql-action/compare/v3.24.4...v3.24.5)
###
[`v3.24.4`](https://togithub.com/github/codeql-action/compare/v3.24.3...v3.24.4)
[Compare
Source](https://togithub.com/github/codeql-action/compare/v3.24.3...v3.24.4)
###
[`v3.24.3`](https://togithub.com/github/codeql-action/compare/v3.24.2...v3.24.3)
[Compare
Source](https://togithub.com/github/codeql-action/compare/v3.24.2...v3.24.3)
###
[`v3.24.2`](https://togithub.com/github/codeql-action/compare/v3.24.1...v3.24.2)
[Compare
Source](https://togithub.com/github/codeql-action/compare/v3.24.1...v3.24.2)
###
[`v3.24.1`](https://togithub.com/github/codeql-action/compare/v3.24.0...v3.24.1)
[Compare
Source](https://togithub.com/github/codeql-action/compare/v3.24.0...v3.24.1)
###
[`v3.24.0`](https://togithub.com/github/codeql-action/compare/v3.23.2...v3.24.0)
[Compare
Source](https://togithub.com/github/codeql-action/compare/v3.23.2...v3.24.0)
###
[`v3.23.2`](https://togithub.com/github/codeql-action/compare/v3.23.1...v3.23.2)
[Compare
Source](https://togithub.com/github/codeql-action/compare/v3.23.1...v3.23.2)
###
[`v3.23.1`](https://togithub.com/github/codeql-action/compare/v3.23.0...v3.23.1)
[Compare
Source](https://togithub.com/github/codeql-action/compare/v3.23.0...v3.23.1)
###
[`v3.23.0`](https://togithub.com/github/codeql-action/compare/v3.22.12...v3.23.0)
[Compare
Source](https://togithub.com/github/codeql-action/compare/v3.22.12...v3.23.0)
###
[`v3.22.12`](https://togithub.com/github/codeql-action/compare/v3.22.11...v3.22.12)
[Compare
Source](https://togithub.com/github/codeql-action/compare/v3.22.11...v3.22.12)
###
[`v3.22.11`](https://togithub.com/github/codeql-action/compare/v2.22.11...v3.22.11)
[Compare
Source](https://togithub.com/github/codeql-action/compare/v2.24.5...v3.22.11)
---
### Configuration
📅 **Schedule**: Branch creation - "on tuesday" (UTC), Automerge - At any
time (no schedule defined).
🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.
â™» **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.
👻 **Immortal**: This PR will be recreated if closed unmerged. Get
[config help](https://togithub.com/renovatebot/renovate/discussions) if
that's undesired.
---
- [ ] If you want to rebase/retry this PR, check
this box
---
This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View
repository job log
[here](https://developer.mend.io/github/open-telemetry/opentelemetry-collector).
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
---
.github/workflows/scorecard.yml | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml
index c7486b9712c..2b8b2e72658 100644
--- a/.github/workflows/scorecard.yml
+++ b/.github/workflows/scorecard.yml
@@ -29,7 +29,7 @@ jobs:
steps:
- name: "Checkout code"
- uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0
+ uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
with:
persist-credentials: false
@@ -56,7 +56,7 @@ jobs:
# Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF
# format to the repository Actions tab.
- name: "Upload artifact"
- uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3
+ uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1
with:
name: SARIF file
path: results.sarif
@@ -64,6 +64,6 @@ jobs:
# Upload the results to GitHub's code scanning dashboard.
- name: "Upload to code-scanning"
- uses: github/codeql-action/upload-sarif@a56a03b370b87b26fde6d680755f818cfda0372b # v2.24.5
+ uses: github/codeql-action/upload-sarif@8a470fddafa5cbb6266ee11b37ef4d8aae19c571 # v3.24.6
with:
sarif_file: results.sarif