build(deps): bump the github-actions group across 1 directory with 8 updates

[dependabot]

Bumps the github-actions group with 8 updates in the / directory:

Package	From	To
dependabot/fetch-metadata	2.3.0	2.4.0
actions/checkout	4.2.2	5.0.0
github/codeql-action	3.28.13	4.31.2
actions/setup-go	5.4.0	6.0.0
dorny/paths-filter	2.11.1	3.0.2
golangci/golangci-lint-action	7.0.0	8.0.0
ossf/scorecard-action	2.4.1	2.4.3
actions/upload-artifact	4.6.2	5.0.0

Updates dependabot/fetch-metadata from 2.3.0 to 2.4.0

Release notes

Sourced from dependabot/fetch-metadata's releases.

v2.4.0

What's Changed

• Bump actions/create-github-app-token from 1.11.0 to 1.11.3 by @​dependabot in dependabot/fetch-metadata#598
• Bump @​vercel/ncc from 0.38.1 to 0.38.3 by @​dependabot in dependabot/fetch-metadata#578
• Add missing @octokit/request-error to package.json by @​jeffwidman in dependabot/fetch-metadata#605
• Bump to ESLint 9 by @​jeffwidman in dependabot/fetch-metadata#606
• Stop using a node16 devcontainer image by @​jeffwidman in dependabot/fetch-metadata#608
• Make typescript compile to "es2022" by @​jeffwidman in dependabot/fetch-metadata#609
• Bump the dev-dependencies group across 1 directory with 8 updates by @​dependabot in dependabot/fetch-metadata#607
• Tidy up examples slightly by @​jeffwidman in dependabot/fetch-metadata#611
• Fixup some anchor tags that weren't deeplinking by @​jeffwidman in dependabot/fetch-metadata#614
• Remove unnecessary hardcoding of ref by @​jeffwidman in dependabot/fetch-metadata#617
• Bump actions/create-github-app-token from 1.11.3 to 2.0.2 by @​dependabot in dependabot/fetch-metadata#616
• Enable caching of npm install/npm ci for setup-node action by @​jeffwidman in dependabot/fetch-metadata#618
• Add workflow to publish new version of immutable action on every release by @​jeffwidman in dependabot/fetch-metadata#623
• Bump actions/create-github-app-token from 2.0.2 to 2.0.6 by @​dependabot in dependabot/fetch-metadata#621
• v2.4.0 by @​fetch-metadata-action-automation in dependabot/fetch-metadata#594

Full Changelog: dependabot/fetch-metadata@v2...v2.4.0

Commits

• 08eff52 v2.4.0 (#594)
• 821b654 Merge pull request #621 from dependabot/dependabot/github_actions/actions/cre...
• 2c22a37 Bump actions/create-github-app-token from 2.0.2 to 2.0.6
• 6ad01a0 Add workflow to publish new version of immutable action on every release (#623)
• 8ca800c Enable caching of npm install/npm ci for setup-node action (#618)
• 6787635 Merge pull request #616 from dependabot/dependabot/github_actions/actions/cre...
• a09d4af Bump actions/create-github-app-token from 1.11.3 to 2.0.2
• 3a5ce46 Remove unnecessary hardcoding of ref (#617)
• 798f45c Fixup some anchor tags that weren't deeplinking (#614)
• 6c031ac Tidy up examples slightly (#611)
• Additional commits viewable in compare view

Updates actions/checkout from 4.2.2 to 5.0.0

Release notes

Sourced from actions/checkout's releases.

v5.0.0

What's Changed

• Update actions checkout to use node 24 by @​salmanmkc in actions/checkout#2226
• Prepare v5.0.0 release by @​salmanmkc in actions/checkout#2238

⚠️ Minimum Compatible Runner Version

v2.327.1
Release Notes

Make sure your runner is updated to this version or newer to use this release.

Full Changelog: actions/checkout@v4...v5.0.0

v4.3.0

What's Changed

• docs: update README.md by @​motss in actions/checkout#1971
• Add internal repos for checking out multiple repositories by @​mouismail in actions/checkout#1977
• Documentation update - add recommended permissions to Readme by @​benwells in actions/checkout#2043
• Adjust positioning of user email note and permissions heading by @​joshmgross in actions/checkout#2044
• Update README.md by @​nebuk89 in actions/checkout#2194
• Update CODEOWNERS for actions by @​TingluoHuang in actions/checkout#2224
• Update package dependencies by @​salmanmkc in actions/checkout#2236
• Prepare release v4.3.0 by @​salmanmkc in actions/checkout#2237

New Contributors

• @​motss made their first contribution in actions/checkout#1971
• @​mouismail made their first contribution in actions/checkout#1977
• @​benwells made their first contribution in actions/checkout#2043
• @​nebuk89 made their first contribution in actions/checkout#2194
• @​salmanmkc made their first contribution in actions/checkout#2236

Full Changelog: actions/checkout@v4...v4.3.0

Changelog

Sourced from actions/checkout's changelog.

Changelog

V5.0.0

• Update actions checkout to use node 24 by @​salmanmkc in actions/checkout#2226

V4.3.0

• docs: update README.md by @​motss in actions/checkout#1971
• Add internal repos for checking out multiple repositories by @​mouismail in actions/checkout#1977
• Documentation update - add recommended permissions to Readme by @​benwells in actions/checkout#2043
• Adjust positioning of user email note and permissions heading by @​joshmgross in actions/checkout#2044
• Update README.md by @​nebuk89 in actions/checkout#2194
• Update CODEOWNERS for actions by @​TingluoHuang in actions/checkout#2224
• Update package dependencies by @​salmanmkc in actions/checkout#2236

v4.2.2

• url-helper.ts now leverages well-known environment variables by @​jww3 in actions/checkout#1941
• Expand unit test coverage for isGhes by @​jww3 in actions/checkout#1946

v4.2.1

• Check out other refs/* by commit if provided, fall back to ref by @​orhantoy in actions/checkout#1924

v4.2.0

• Add Ref and Commit outputs by @​lucacome in actions/checkout#1180
• Dependency updates by @​dependabot- actions/checkout#1777, actions/checkout#1872

v4.1.7

• Bump the minor-npm-dependencies group across 1 directory with 4 updates by @​dependabot in actions/checkout#1739
• Bump actions/checkout from 3 to 4 by @​dependabot in actions/checkout#1697
• Check out other refs/* by commit by @​orhantoy in actions/checkout#1774
• Pin actions/checkout's own workflows to a known, good, stable version. by @​jww3 in actions/checkout#1776

v4.1.6

• Check platform to set archive extension appropriately by @​cory-miller in actions/checkout#1732

v4.1.5

• Update NPM dependencies by @​cory-miller in actions/checkout#1703
• Bump github/codeql-action from 2 to 3 by @​dependabot in actions/checkout#1694
• Bump actions/setup-node from 1 to 4 by @​dependabot in actions/checkout#1696
• Bump actions/upload-artifact from 2 to 4 by @​dependabot in actions/checkout#1695
• README: Suggest user.email to be 41898282+github-actions[bot]@users.noreply.github.com by @​cory-miller in actions/checkout#1707

v4.1.4

• Disable extensions.worktreeConfig when disabling sparse-checkout by @​jww3 in actions/checkout#1692
• Add dependabot config by @​cory-miller in actions/checkout#1688
• Bump the minor-actions-dependencies group with 2 updates by @​dependabot in actions/checkout#1693
• Bump word-wrap from 1.2.3 to 1.2.5 by @​dependabot in actions/checkout#1643

v4.1.3

... (truncated)

Commits

• 08c6903 Prepare v5.0.0 release (#2238)
• 9f26565 Update actions checkout to use node 24 (#2226)
• 08eba0b Prepare release v4.3.0 (#2237)
• 631c7dc Update package dependencies (#2236)
• 8edcb1b Update CODEOWNERS for actions (#2224)
• 09d2aca Update README.md (#2194)
• 85e6279 Adjust positioning of user email note and permissions heading (#2044)
• 009b9ae Documentation update - add recommended permissions to Readme (#2043)
• cbb7224 Update README.md (#1977)
• 3b9b8c8 docs: update README.md (#1971)
• See full diff in compare view

Updates github/codeql-action from 3.28.13 to 4.31.2

Release notes

Sourced from github/codeql-action's releases.

v4.31.2

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

4.31.2 - 30 Oct 2025

No user facing changes.

See the full CHANGELOG.md for more information.

v4.31.1

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

4.31.1 - 30 Oct 2025

• The add-snippets input has been removed from the analyze action. This input has been deprecated since CodeQL Action 3.26.4 in August 2024 when this removal was announced.

See the full CHANGELOG.md for more information.

v4.31.0

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

4.31.0 - 24 Oct 2025

• Bump minimum CodeQL bundle version to 2.17.6. #3223
• When SARIF files are uploaded by the analyze or upload-sarif actions, the CodeQL Action automatically performs post-processing steps to prepare the data for the upload. Previously, these post-processing steps were only performed before an upload took place. We are now changing this so that the post-processing steps will always be performed, even when the SARIF files are not uploaded. This does not change anything for the upload-sarif action. For analyze, this may affect Advanced Setup for CodeQL users who specify a value other than always for the upload input. #3222

See the full CHANGELOG.md for more information.

v4.30.9

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

4.30.9 - 17 Oct 2025

• Update default CodeQL bundle version to 2.23.3. #3205
• Experimental: A new setup-codeql action has been added which is similar to init, except it only installs the CodeQL CLI and does not initialize a database. Do not use this in production as it is part of an internal experiment and subject to change at any time. #3204

See the full CHANGELOG.md for more information.

v4.30.8

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

... (truncated)

Changelog

Sourced from github/codeql-action's changelog.

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

[UNRELEASED]

No user facing changes.

4.31.2 - 30 Oct 2025

No user facing changes.

4.31.1 - 30 Oct 2025

• The add-snippets input has been removed from the analyze action. This input has been deprecated since CodeQL Action 3.26.4 in August 2024 when this removal was announced.

4.31.0 - 24 Oct 2025

• Bump minimum CodeQL bundle version to 2.17.6. #3223
• When SARIF files are uploaded by the analyze or upload-sarif actions, the CodeQL Action automatically performs post-processing steps to prepare the data for the upload. Previously, these post-processing steps were only performed before an upload took place. We are now changing this so that the post-processing steps will always be performed, even when the SARIF files are not uploaded. This does not change anything for the upload-sarif action. For analyze, this may affect Advanced Setup for CodeQL users who specify a value other than always for the upload input. #3222

4.30.9 - 17 Oct 2025

• Update default CodeQL bundle version to 2.23.3. #3205
• Experimental: A new setup-codeql action has been added which is similar to init, except it only installs the CodeQL CLI and does not initialize a database. Do not use this in production as it is part of an internal experiment and subject to change at any time. #3204

4.30.8 - 10 Oct 2025

No user facing changes.

4.30.7 - 06 Oct 2025

• [v4+ only] The CodeQL Action now runs on Node.js v24. #3169

3.30.6 - 02 Oct 2025

• Update default CodeQL bundle version to 2.23.2. #3168

3.30.5 - 26 Sep 2025

• We fixed a bug that was introduced in 3.30.4 with upload-sarif which resulted in files without a .sarif extension not getting uploaded. #3160

3.30.4 - 25 Sep 2025

• We have improved the CodeQL Action's ability to validate that the workflow it is used in does not use different versions of the CodeQL Action for different workflow steps. Mixing different versions of the CodeQL Action in the same workflow is unsupported and can lead to unpredictable results. A warning will now be emitted from the codeql-action/init step if different versions of the CodeQL Action are detected in the workflow file. Additionally, an error will now be thrown by the other CodeQL Action steps if they load a configuration file that was generated by a different version of the codeql-action/init step. #3099 and #3100
• We added support for reducing the size of dependency caches for Java analyses, which will reduce cache usage and speed up workflows. This will be enabled automatically at a later time. #3107
• You can now run the latest CodeQL nightly bundle by passing tools: nightly to the init action. In general, the nightly bundle is unstable and we only recommend running it when directed by GitHub staff. #3130
• Update default CodeQL bundle version to 2.23.1. #3118

3.30.3 - 10 Sep 2025

... (truncated)

Commits

• 0499de3 Merge pull request #3261 from github/henrymercer/setup-python
• 3b96745 Set up Python in mergeback workflow
• 8a06050 Merge pull request #3259 from github/update-v4.31.2-9576b5cbe
• 752a642 Update changelog for v4.31.2
• 9576b5c Merge pull request #3258 from github/mbg/enablement-errors/case-insensitive
• cc88437 Merge pull request #3257 from github/henrymercer/ubuntu-slim
• f0e9bf0 Make isEnablementError case-insensitive
• 2a3599c Run lightweight workflows on ubuntu-slim
• 514ff4d Merge pull request #3256 from github/henrymercer/resolve-bad-merge
• aab1c2f Merge pull request #3253 from github/mergeback/v4.31.1-to-main-5fe9434c
• Additional commits viewable in compare view

Updates actions/setup-go from 5.4.0 to 6.0.0

Release notes

Sourced from actions/setup-go's releases.

v6.0.0

What's Changed

Breaking Changes

• Improve toolchain handling to ensure more reliable and consistent toolchain selection and management by @​matthewhughes934 in actions/setup-go#460
• Upgrade Nodejs runtime from node20 to node 24 by @​salmanmkc in actions/setup-go#624

Make sure your runner is on version v2.327.1 or later to ensure compatibility with this release. See Release Notes

Dependency Upgrades

• Upgrade @​types/jest from 29.5.12 to 29.5.14 by @​dependabot[bot] in actions/setup-go#589
• Upgrade @​actions/tool-cache from 2.0.1 to 2.0.2 by @​dependabot[bot] in actions/setup-go#591
• Upgrade @​typescript-eslint/parser from 8.31.1 to 8.35.1 by @​dependabot[bot] in actions/setup-go#590
• Upgrade undici from 5.28.5 to 5.29.0 by @​dependabot[bot] in actions/setup-go#594
• Upgrade typescript from 5.4.2 to 5.8.3 by @​dependabot[bot] in actions/setup-go#538
• Upgrade eslint-plugin-jest from 28.11.0 to 29.0.1 by @​dependabot[bot] in actions/setup-go#603
• Upgrade form-data to bring in fix for critical vulnerability by @​matthewhughes934 in actions/setup-go#618
• Upgrade actions/checkout from 4 to 5 by @​dependabot[bot] in actions/setup-go#631

New Contributors

• @​matthewhughes934 made their first contribution in actions/setup-go#618
• @​salmanmkc made their first contribution in actions/setup-go#624

Full Changelog: actions/setup-go@v5...v6.0.0

v5.5.0

What's Changed

Bug fixes:

• Update self-hosted environment validation by @​priyagupta108 in actions/setup-go#556
• Add manifest validation and improve error handling by @​priyagupta108 in actions/setup-go#586
• Update template link by @​jsoref in actions/setup-go#527

Dependency updates:

• Upgrade @​action/cache from 4.0.2 to 4.0.3 by @​aparnajyothi-y in actions/setup-go#574
• Upgrade @​actions/glob from 0.4.0 to 0.5.0 by @​dependabot in actions/setup-go#573
• Upgrade ts-jest from 29.1.2 to 29.3.2 by @​dependabot in actions/setup-go#582
• Upgrade eslint-plugin-jest from 27.9.0 to 28.11.0 by @​dependabot in actions/setup-go#537

New Contributors

• @​jsoref made their first contribution in actions/setup-go#527

Full Changelog: actions/setup-go@v5...v5.5.0

Commits

• 4469467 Bump actions/checkout from 4 to 5 (#631)
• e093d1e Node 24 upgrade (#624)
• 1d76b95 Improve toolchain handling (#460)
• e75c3e8 Bump form-data to bring in fix for critical vulnerability (#618)
• 8e57b58 Bump eslint-plugin-jest from 28.11.0 to 29.0.1 (#603)
• 7c0b336 Bump typescript from 5.4.2 to 5.8.3 (#538)
• 6f26dcc Bump undici from 5.28.5 to 5.29.0 (#594)
• 8d4083a Bump @​typescript-eslint/parser from 5.62.0 to 8.32.0 (#590)
• fa96338 Bump @​actions/tool-cache from 2.0.1 to 2.0.2 (#591)
• 4de67c0 Bump @​types/jest from 29.5.12 to 29.5.14 (#589)
• Additional commits viewable in compare view

Updates dorny/paths-filter from 2.11.1 to 3.0.2

Release notes

Sourced from dorny/paths-filter's releases.

v3.0.2

What's Changed

• feat: add config parameter for predicate quantifier by @​petermetz in dorny/paths-filter#224

New Contributors

• @​petermetz made their first contribution in dorny/paths-filter#224

Full Changelog: dorny/paths-filter@v3...v3.0.2

v3.0.1

What's Changed

• Compare base and ref when token is empty by @​frouioui in dorny/paths-filter#133

New Contributors

• @​frouioui made their first contribution in dorny/paths-filter#133

Full Changelog: dorny/paths-filter@v3...v3.0.1

v3.0.0

What's Changed

• Update README.md: added real world usage example by @​iamtodor in dorny/paths-filter#178
• Update Node.js to version 20 by @​danielhjacobs in dorny/paths-filter#206
• Update to nodejs 20 by @​dorny in dorny/paths-filter#210
• chore(deps): bump checkout action to v4 and use setup-node to setup node and cache npm deps by @​chenrui333 in dorny/paths-filter#211
• Update all dependencies by @​dorny in dorny/paths-filter#215

New Contributors

• @​iamtodor made their first contribution in dorny/paths-filter#178
• @​danielhjacobs made their first contribution in dorny/paths-filter#206
• @​chenrui333 made their first contribution in dorny/paths-filter#211

Full Changelog: dorny/paths-filter@v2.11.1...v3.0.0

Changelog

Sourced from dorny/paths-filter's changelog.

Changelog

v3.0.2

• Add config parameter for predicate quantifier

v3.0.1

• Compare base and ref when token is empty

v3.0.0

• Update to Node.js 20
• Update all dependencies

v2.11.1

• Update @​actions/core to v1.10.0 - Fixes warning about deprecated set-output
• Document need for pull-requests: read permission
• Updating to actions/checkout@v3

v2.11.0

• Set list-files input parameter as not required
• Update Node.js
• Fix incorrect handling of Unicode characters in exec()
• Use Octokit pagination
• Updates real world links

v2.10.2

• Fix getLocalRef() returns wrong ref

v2.10.1

• Improve robustness of change detection

v2.10.0

• Add ref input parameter
• Fix change detection in PR when pullRequest.changed_files is incorrect

v2.9.3

• Fix change detection when base is a tag

v2.9.2

• Fix fetching git history

v2.9.1

• Fix fetching git history + fallback to unshallow repo

v2.9.0

• Add list-files: csv format

v2.8.0

• Add count output variable
• Fix log grouping of changes

... (truncated)

Commits

• de90cc6 Update dist and CHANGELOG for v3.0.2
• cf89abd Merge pull request #224 from petermetz/feat-filter-predicate-quantifier
• f90d526 feat: add config parameter for predicate quantifier
• ebc4d7e Update CHANGELOG for v3.0.1
• 45f16f1 Merge pull request #133 from frouioui/main
• 5da0e4c Merge branch 'master'
• 1441771 Update README.md
• 0bc4621 Bump major version to v3
• 7267a85 Update CHANGELOG for v2.12.0
• e36f112 Merge pull request #215 from dorny/update-dependencies
• Additional commits viewable in compare view

Updates golangci/golangci-lint-action from 7.0.0 to 8.0.0

Release notes

Sourced from golangci/golangci-lint-action's releases.

v8.0.0

Requires golangci-lint version >= v2.1.0

What's Changed

Changes

• feat: use absolute paths by default when using working-directory option by @​ldez in golangci/golangci-lint-action#1231

Full Changelog: golangci/golangci-lint-action@v7...v8.0.0

v7.0.1

What's Changed

Documentation

• docs: add note about github.workspace by @​mattjohnsonpint in golangci/golangci-lint-action#1218
• docs: clarify that ’args: --path-mode=abs’ is needed for working-directory by @​HaraldNordgren in golangci/golangci-lint-action#1230

Dependencies

• build(deps): bump the dependencies group across 1 directory with 3 updates by @​dependabot in golangci/golangci-lint-action#1213
• build(deps-dev): bump the dev-dependencies group with 3 updates by @​dependabot in golangci/golangci-lint-action#1215
• build(deps-dev): bump the dev-dependencies group with 4 updates by @​dependabot in golangci/golangci-lint-action#1220
• build(deps): bump @​types/node from 22.13.14 to 22.14.0 in the dependencies group by @​dependabot in golangci/golangci-lint-action#1221
• build(deps-dev): bump the dev-dependencies group with 3 updates by @​dependabot in golangci/golangci-lint-action#1224
• build(deps): bump @​types/node from 22.14.0 to 22.14.1 in the dependencies group by @​dependabot in golangci/golangci-lint-action#1225
• build(deps-dev): bump the dev-dependencies group with 2 updates by @​dependabot in golangci/golangci-lint-action#1227

New Contributors

• @​mattjohnsonpint made their first contribution in golangci/golangci-lint-action#1218
• @​HaraldNordgren made their first contribution in golangci/golangci-lint-action#1230

Full Changelog: golangci/golangci-lint-action@v7.0.0...v7.0.1

Commits

• 4afd733 8.0.0
• 7774f98 feat: use absolute paths by default when using working-directory option (#1231)
• 9fae48a 7.0.1
• 16ece5e docs: clarify that ’args: --path-mode=abs’ is needed for working-directory (...
• a3942e2 build(deps-dev): bump the dev-dependencies group with 2 updates (#1227)
• 7ecb048 build(deps): bump @​types/node from 22.14.0 to 22.14.1 in the dependencies gro...
• 63a0d0e build(deps-dev): bump the dev-dependencies group with 3 updates (#1224)
• c2427fe docs: update problem matchers section
• 642f8ee build(deps): bump @​types/node from 22.13.14 to 22.14.0 in the dependencies gr...
• d84be92 build(deps-dev): bump the dev-dependencies group with 4 updates (#1220)
• Additional commits viewable in compare view

Updates ossf/scorecard-action from 2.4.1 to 2.4.3

Release notes

Sourced from ossf/scorecard-action's releases.

v2.4.3

What's Changed

This update bumps the Scorecard version to the v5.3.0 release. For a complete list of changes, please refer to the Scorecard v5.3.0 release notes.

Documentation

• docs: clarify GITHUB_TOKEN permissions needed for private repos by @​pankajtaneja5 in ossf/scorecard-action#1574
• 📖 Fix recommended command to test the image in development by @​deivid-rodriguez in ossf/scorecard-action#1583

Other

• add missing top-level token permissions to workflows by @​timothyklee in ossf/scorecard-action#1566
• setup codeowners for requesting reviews by @​spencerschrock in ossf/scorecard-action#1576
• 🌱 Improve printing options by @​deivid-rodriguez in ossf/scorecard-action#1584

New Contributors

• @​timothyklee made their first contribution in ossf/scorecard-action#1566
• @​pankajtaneja5 made their first contribution in ossf/scorecard-action#1574
• @​deivid-rodriguez made their first contribution in ossf/scorecard-action#1584

Full Changelog: ossf/scorecard-action@v2.4.2...v2.4.3

v2.4.2

What's Changed

This update bumps the Scorecard version to the v5.2.1 release. For a complete list of changes, please refer to the Scorecard v5.2.0 and v5.2.1 release notes.

Full Changelog: ossf/scorecard-action@v2.4.1...v2.4.2

Commits

• 4eaacf0 bump docker to ghcr v2.4.3 (#1587)
• 42e3a01 🌱 Bump the github-actions group with 3 updates (#1585)
• 88c07ac 🌱 Bump github.com/sigstore/cosign/v2 from 2.5.2 to 2.6.0 (#1579)
• 6c690f2 Bump github.com/ossf/scorecard/v5 from v5.2.1 to v5.3.0 (#1586)
• 92083b5 📖 Fix recommended command to test the image in development (#1583)
• 7975ea6 🌱 Bump the docker-images group across 1 directory with 2 updates (#1...
• 0d1a743 🌱 Bump github.com/spf13/cobra from 1.9.1 to 1.10.1 (#1575)
• 46e6e0c 🌱 Bump the github-actions group with 2 updates (#1580)
• c3f1350 🌱 Improve printing options (#1584)
• 43e475b 🌱 Bump golang.org/x/net from 0.42.0 to 0.44.0 (#1578)
• Additional commits viewable in compare view

Updates actions/upload-artifact from 4.6.2 to 5.0.0

Release notes

Sourced from actions/upload-artifact's releases.

v5.0.0

What's Changed

BREAKING CHANGE: this update supports Node v24.x. This is not a breaking change per-se but we're treating it as such.

• Update README.md by @​GhadimiR in actions/upload-artifact#681
• Update README.md by @​nebuk89 in actions/upload-artifact#712
• Readme: spell out the first use of GHES by @​danwkennedy in actions/upload-artifact#727
• Update GHES guidance to include reference to Node 20 version by @​patrikpolyak in actions/upload-artifact#725
• Bump @actions/artifact to v4.0.0
• Prepare v5.0.0 by @​danwkennedy in actions/upload-artifact#734

New Contributors

• @​GhadimiR made their first contribution in actions/upload-artifact#681
• @​nebuk89 made their first contribution in actions/upload-artifact#712
• @​danwkennedy made their first contribution in actions/upload-artifact#727
• @​patrikpolyak made their first contribution in actions/upload-artifact#725

Full Changelog: actions/upload-artifact@v4...v5.0.0

Commits

• 330a01c Merge pull request #734 from actions/danwkennedy/prepare-5.0.0