chore: security workflows consolidation and github actions upgrade#2023
Conversation
|
This pull request sets up GitHub code scanning for this repository. Once the scans have completed and the checks have passed, the analysis results for this pull request branch will appear on this overview. Once you merge this pull request, the 'Security' tab will show more code scanning analysis results (for example, for the default branch). Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results. For more information about GitHub code scanning, check out the documentation. |
|
Codecov Report✅ All modified and coverable lines are covered by tests. 📢 Thoughts on this report? Let us know! |
49a28a7 to
0b2bfbc
Compare
This PR contains the following updates: | Package | Type | Update | Change | |---|---|---|---| | [actions/checkout](https://redirect.github.com/actions/checkout) | action | patch | `v6.0.1` → `v6.0.2` | | [actions/setup-python](https://redirect.github.com/actions/setup-python) | action | minor | `v6.1.0` → `v6.2.0` | | [astral-sh/setup-uv](https://redirect.github.com/astral-sh/setup-uv) | action | minor | `v7.1.6` → `v7.2.1` | | [github/codeql-action](https://redirect.github.com/github/codeql-action) | action | minor | `v4.31.9` → `v4.32.1` | | open-edge-platform/geti-ci | action | digest | `d30e322` → `eee8dda` | | [renovatebot/github-action](https://redirect.github.com/renovatebot/github-action) | action | major | `v44.2.2` → `v46.0.1` | | [step-security/harden-runner](https://redirect.github.com/step-security/harden-runner) | action | patch | `v2.14.0` → `v2.14.1` | --- ### Release Notes <details> <summary>actions/checkout (actions/checkout)</summary> ### [`v6.0.2`](https://redirect.github.com/actions/checkout/blob/HEAD/CHANGELOG.md#v602) [Compare Source](https://redirect.github.com/actions/checkout/compare/v6.0.1...v6.0.2) - Fix tag handling: preserve annotations and explicit fetch-tags by [@​ericsciple](https://redirect.github.com/ericsciple) in [#​2356](https://redirect.github.com/actions/checkout/pull/2356) </details> <details> <summary>actions/setup-python (actions/setup-python)</summary> ### [`v6.2.0`](https://redirect.github.com/actions/setup-python/releases/tag/v6.2.0) [Compare Source](https://redirect.github.com/actions/setup-python/compare/v6.1.0...v6.2.0) ##### What's Changed ##### Dependency Upgrades - Upgrade dependencies to Node 24 compatible versions by [@​salmanmkc](https://redirect.github.com/salmanmkc) in [#​1259](https://redirect.github.com/actions/setup-python/pull/1259) - Upgrade urllib3 from 2.5.0 to 2.6.3 in `/__tests__/data` by [@​dependabot](https://redirect.github.com/dependabot) in [#​1253](https://redirect.github.com/actions/setup-python/pull/1253) and [#​1264](https://redirect.github.com/actions/setup-python/pull/1264) **Full Changelog**: <https://github.com/actions/setup-python/compare/v6...v6.2.0> </details> <details> <summary>astral-sh/setup-uv (astral-sh/setup-uv)</summary> ### [`v7.2.1`](https://redirect.github.com/astral-sh/setup-uv/releases/tag/v7.2.1): 🌈 update known checksums up to 0.9.28 [Compare Source](https://redirect.github.com/astral-sh/setup-uv/compare/v7.2.0...v7.2.1) ##### Changes ##### 🧰 Maintenance - chore: update known checksums for 0.9.28 @​[github-actions\[bot\]](https://redirect.github.com/apps/github-actions) ([#​744](https://redirect.github.com/astral-sh/setup-uv/issues/744)) - chore: update known checksums for 0.9.27 @​[github-actions\[bot\]](https://redirect.github.com/apps/github-actions) ([#​742](https://redirect.github.com/astral-sh/setup-uv/issues/742)) - chore: update known checksums for 0.9.26 @​[github-actions\[bot\]](https://redirect.github.com/apps/github-actions) ([#​734](https://redirect.github.com/astral-sh/setup-uv/issues/734)) - chore: update known checksums for 0.9.25 @​[github-actions\[bot\]](https://redirect.github.com/apps/github-actions) ([#​733](https://redirect.github.com/astral-sh/setup-uv/issues/733)) - chore: update known checksums for 0.9.24 @​[github-actions\[bot\]](https://redirect.github.com/apps/github-actions) ([#​730](https://redirect.github.com/astral-sh/setup-uv/issues/730)) ##### 📚 Documentation - Clarify impact of using actions/setup-python [@​eifinger](https://redirect.github.com/eifinger) ([#​732](https://redirect.github.com/astral-sh/setup-uv/issues/732)) ##### ⬆️ Dependency updates - Bump zizmorcore/zizmor-action from 0.3.0 to 0.4.1 @​[dependabot\[bot\]](https://redirect.github.com/apps/dependabot) ([#​741](https://redirect.github.com/astral-sh/setup-uv/issues/741)) ### [`v7.2.0`](https://redirect.github.com/astral-sh/setup-uv/releases/tag/v7.2.0): 🌈 add outputs python-version and python-cache-hit [Compare Source](https://redirect.github.com/astral-sh/setup-uv/compare/v7.1.6...v7.2.0) ##### Changes Among some minor typo fixes and quality of life features for developers of actions the main feature of this release are new outputs: - **python-version:** The Python version that was set (same content as existing `UV_PYTHON`) - **python-cache-hit:** A boolean value to indicate the Python cache entry was found While implementing this it became clear, that it is easier to handle the Python binaries in a separate cache entry. The added benefit for users is that the "normal" cache containing the dependencies can be used in all runs no matter if these cache the Python binaries or not. > \[!NOTE]\ > This release will invalidate caches that contain the Python binaries. This happens a single time. ##### 🐛 Bug fixes - chore: remove stray space from UV\_PYTHON\_INSTALL\_DIR message [@​akx](https://redirect.github.com/akx) ([#​720](https://redirect.github.com/astral-sh/setup-uv/issues/720)) ##### 🚀 Enhancements - add outputs python-version and python-cache-hit [@​eifinger](https://redirect.github.com/eifinger) ([#​728](https://redirect.github.com/astral-sh/setup-uv/issues/728)) - Add action typings with validation [@​krzema12](https://redirect.github.com/krzema12) ([#​721](https://redirect.github.com/astral-sh/setup-uv/issues/721)) ##### 🧰 Maintenance - fix: use uv\_build backend for old-python-constraint-project [@​eifinger](https://redirect.github.com/eifinger) ([#​729](https://redirect.github.com/astral-sh/setup-uv/issues/729)) - chore: update known checksums for 0.9.22 @​[github-actions\[bot\]](https://redirect.github.com/apps/github-actions) ([#​727](https://redirect.github.com/astral-sh/setup-uv/issues/727)) - chore: update known checksums for 0.9.21 @​[github-actions\[bot\]](https://redirect.github.com/apps/github-actions) ([#​726](https://redirect.github.com/astral-sh/setup-uv/issues/726)) - chore: update known checksums for 0.9.20 @​[github-actions\[bot\]](https://redirect.github.com/apps/github-actions) ([#​725](https://redirect.github.com/astral-sh/setup-uv/issues/725)) - chore: update known checksums for 0.9.18 @​[github-actions\[bot\]](https://redirect.github.com/apps/github-actions) ([#​718](https://redirect.github.com/astral-sh/setup-uv/issues/718)) ##### ⬆️ Dependency updates - Bump peter-evans/create-pull-request from 7.0.9 to 8.0.0 @​[dependabot\[bot\]](https://redirect.github.com/apps/dependabot) ([#​719](https://redirect.github.com/astral-sh/setup-uv/issues/719)) - Bump github/codeql-action from 4.31.6 to 4.31.9 @​[dependabot\[bot\]](https://redirect.github.com/apps/dependabot) ([#​723](https://redirect.github.com/astral-sh/setup-uv/issues/723)) </details> <details> <summary>github/codeql-action (github/codeql-action)</summary> ### [`v4.32.1`](https://redirect.github.com/github/codeql-action/releases/tag/v4.32.1) [Compare Source](https://redirect.github.com/github/codeql-action/compare/v4.32.0...v4.32.1) - A warning is now shown in Default Setup workflow logs if a [private package registry is configured](https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries) using a GitHub Personal Access Token (PAT), but no username is configured. [#​3422](https://redirect.github.com/github/codeql-action/pull/3422) - Fixed a bug which caused the CodeQL Action to fail when repository properties cannot successfully be retrieved. [#​3421](https://redirect.github.com/github/codeql-action/pull/3421) ### [`v4.32.0`](https://redirect.github.com/github/codeql-action/releases/tag/v4.32.0) [Compare Source](https://redirect.github.com/github/codeql-action/compare/v4.31.11...v4.32.0) - Update default CodeQL bundle version to [2.24.0](https://redirect.github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.0). [#​3425](https://redirect.github.com/github/codeql-action/pull/3425) ### [`v4.31.11`](https://redirect.github.com/github/codeql-action/releases/tag/v4.31.11) [Compare Source](https://redirect.github.com/github/codeql-action/compare/v4.31.10...v4.31.11) - When running a Default Setup workflow with [Actions debugging enabled](https://docs.github.com/en/actions/how-tos/monitor-workflows/enable-debug-logging), the CodeQL Action will now use more unique names when uploading logs from the Dependabot authentication proxy as workflow artifacts. This ensures that the artifact names do not clash between multiple jobs in a build matrix. [#​3409](https://redirect.github.com/github/codeql-action/pull/3409) - Improved error handling throughout the CodeQL Action. [#​3415](https://redirect.github.com/github/codeql-action/pull/3415) - Added experimental support for automatically excluding [generated files](https://docs.github.com/en/repositories/working-with-files/managing-files/customizing-how-changed-files-appear-on-github) from the analysis. This feature is not currently enabled for any analysis. In the future, it may be enabled by default for some GitHub-managed analyses. [#​3318](https://redirect.github.com/github/codeql-action/pull/3318) - The changelog extracts that are included with releases of the CodeQL Action are now shorter to avoid duplicated information from appearing in Dependabot PRs. [#​3403](https://redirect.github.com/github/codeql-action/pull/3403) ### [`v4.31.10`](https://redirect.github.com/github/codeql-action/releases/tag/v4.31.10) [Compare Source](https://redirect.github.com/github/codeql-action/compare/v4.31.9...v4.31.10) ##### CodeQL Action Changelog See the [releases page](https://redirect.github.com/github/codeql-action/releases) for the relevant changes to the CodeQL CLI and language packs. ##### 4.31.10 - 12 Jan 2026 - Update default CodeQL bundle version to 2.23.9. [#​3393](https://redirect.github.com/github/codeql-action/pull/3393) See the full [CHANGELOG.md](https://redirect.github.com/github/codeql-action/blob/v4.31.10/CHANGELOG.md) for more information. </details> <details> <summary>renovatebot/github-action (renovatebot/github-action)</summary> ### [`v46.0.1`](https://redirect.github.com/renovatebot/github-action/releases/tag/v46.0.1) [Compare Source](https://redirect.github.com/renovatebot/github-action/compare/v46.0.0...v46.0.1) ##### Miscellaneous Chores - **deps:** update dependency [@​tsconfig/strictest](https://redirect.github.com/tsconfig/strictest) to v2.0.8 ([#​959](https://redirect.github.com/renovatebot/github-action/issues/959)) ([6ba4a5c](https://redirect.github.com/renovatebot/github-action/commit/6ba4a5c49bdc84e5abe747dbed81d165c999671b)) - **deps:** update dependency prettier-plugin-packagejson to v3 ([#​999](https://redirect.github.com/renovatebot/github-action/issues/999)) ([bce6a9f](https://redirect.github.com/renovatebot/github-action/commit/bce6a9f3a2fda6ad56daafcf36a91a1f46d1257e)) - **deps:** update dependency renovatebot/github-action to v46 ([#​1011](https://redirect.github.com/renovatebot/github-action/issues/1011)) ([4d7de57](https://redirect.github.com/renovatebot/github-action/commit/4d7de5784c7b92e319fd32b1af7a8d38fe64460b)) - **deps:** update prettier packages ([#​988](https://redirect.github.com/renovatebot/github-action/issues/988)) ([8a6192f](https://redirect.github.com/renovatebot/github-action/commit/8a6192ff3afc4d35378faa05f1263bd5d581f0e3)) ##### Build System - **deps:** lock file maintenance ([2fec032](https://redirect.github.com/renovatebot/github-action/commit/2fec0324c9ed9958e191c1584cbbe6393bd4201f)) ##### Continuous Integration - **deps:** update ghcr.io/renovatebot/renovate docker tag to v43.0.6 ([d361423](https://redirect.github.com/renovatebot/github-action/commit/d361423d7ca6c8b6aecac06de635f3eab4c50fba)) - **deps:** update ghcr.io/renovatebot/renovate docker tag to v43.0.8 ([c0ab525](https://redirect.github.com/renovatebot/github-action/commit/c0ab525a8c1ce24e8cfd103da4fc815757517cea)) - **deps:** update ghcr.io/renovatebot/renovate docker tag to v43.0.9 ([9f55a79](https://redirect.github.com/renovatebot/github-action/commit/9f55a793098a593ef48e940e86d2ef8a6d2aaef3)) ### [`v46.0.0`](https://redirect.github.com/renovatebot/github-action/releases/tag/v46.0.0) [Compare Source](https://redirect.github.com/renovatebot/github-action/compare/v45.0.3...v46.0.0) ##### ⚠ BREAKING CHANGES - **deps:** Update ghcr.io/renovatebot/renovate Docker tag to v43 ([#​993](https://redirect.github.com/renovatebot/github-action/issues/993)) ##### Features - **deps:** Update ghcr.io/renovatebot/renovate Docker tag to v43 ([#​993](https://redirect.github.com/renovatebot/github-action/issues/993)) ([ae99b37](https://redirect.github.com/renovatebot/github-action/commit/ae99b3785a62172a73624ed1b9675e3253859a7b)) ### [`v45.0.3`](https://redirect.github.com/renovatebot/github-action/releases/tag/v45.0.3) [Compare Source](https://redirect.github.com/renovatebot/github-action/compare/v45.0.2...v45.0.3) ##### Bug Fixes - **deps:** update dependency [@​actions/core](https://redirect.github.com/actions/core) to v3 ([#​1008](https://redirect.github.com/renovatebot/github-action/issues/1008)) ([d724dd3](https://redirect.github.com/renovatebot/github-action/commit/d724dd314fec182f6a6763dc421f460bc8161514)) ### [`v45.0.2`](https://redirect.github.com/renovatebot/github-action/releases/tag/v45.0.2) [Compare Source](https://redirect.github.com/renovatebot/github-action/compare/v45.0.1...v45.0.2) ##### Bug Fixes - **deps:** update dependency [@​actions/exec](https://redirect.github.com/actions/exec) to v3 ([#​1009](https://redirect.github.com/renovatebot/github-action/issues/1009)) ([e098430](https://redirect.github.com/renovatebot/github-action/commit/e098430c9cb1d90887f879b0a0a7d4179bbb0c13)) ##### Miscellaneous Chores - **deps:** replace dependency [@​tsconfig/node20](https://redirect.github.com/tsconfig/node20) with [@​tsconfig/node22](https://redirect.github.com/tsconfig/node22) ([#​1010](https://redirect.github.com/renovatebot/github-action/issues/1010)) ([df519dc](https://redirect.github.com/renovatebot/github-action/commit/df519dcd60c57f54daf148ccbc3127b040e77977)) - **deps:** update dependency [@​tsconfig/node22](https://redirect.github.com/tsconfig/node22) to v22.0.5 ([29e7d61](https://redirect.github.com/renovatebot/github-action/commit/29e7d615e01933658c14b6943d39bceed217e12c)) ### [`v45.0.1`](https://redirect.github.com/renovatebot/github-action/releases/tag/v45.0.1) [Compare Source](https://redirect.github.com/renovatebot/github-action/compare/v45.0.0...v45.0.1) ##### Bug Fixes - **deps:** update dependency [@​actions/core](https://redirect.github.com/actions/core) to v2 ([#​1005](https://redirect.github.com/renovatebot/github-action/issues/1005)) ([ffd1bc7](https://redirect.github.com/renovatebot/github-action/commit/ffd1bc72a666c7cc29569b7688cca376dd91fddb)) - **deps:** update dependency [@​actions/exec](https://redirect.github.com/actions/exec) to v2 ([#​1007](https://redirect.github.com/renovatebot/github-action/issues/1007)) ([8680378](https://redirect.github.com/renovatebot/github-action/commit/86803785c4bf9fba44efff62d01c2cd99ed35b82)) ##### Miscellaneous Chores - **deps:** update dependency [@​types/node](https://redirect.github.com/types/node) to v24 ([#​976](https://redirect.github.com/renovatebot/github-action/issues/976)) ([d2b9da6](https://redirect.github.com/renovatebot/github-action/commit/d2b9da6597028229837625c6da3c9f31d47d25b3)) - **deps:** update dependency globals to v17 ([#​1001](https://redirect.github.com/renovatebot/github-action/issues/1001)) ([f391c83](https://redirect.github.com/renovatebot/github-action/commit/f391c83282f19ca8fee9cbf91e562a449e441f3e)) - **deps:** update dependency renovatebot/github-action to v45 ([#​1006](https://redirect.github.com/renovatebot/github-action/issues/1006)) ([19b5bd8](https://redirect.github.com/renovatebot/github-action/commit/19b5bd8e8d1f6fde5487dc2504029ea599673e6b)) - **renovate:** fix config ([#​998](https://redirect.github.com/renovatebot/github-action/issues/998)) ([dffa4d4](https://redirect.github.com/renovatebot/github-action/commit/dffa4d470d5e18f50245b958b6d5246d88434905)) - **renovate:** group all renovate major updates ([#​1003](https://redirect.github.com/renovatebot/github-action/issues/1003)) ([969380c](https://redirect.github.com/renovatebot/github-action/commit/969380c2b49e94b0b6afde3330fbb5d141e6043b)) ##### Continuous Integration - fix renovate comment for grouping ([#​1004](https://redirect.github.com/renovatebot/github-action/issues/1004)) ([a07086a](https://redirect.github.com/renovatebot/github-action/commit/a07086ad34eb188e9864831ed9710574c3b1d6e2)) ### [`v45.0.0`](https://redirect.github.com/renovatebot/github-action/releases/tag/v45.0.0) [Compare Source](https://redirect.github.com/renovatebot/github-action/compare/v44.2.6...v45.0.0) ##### ⚠ BREAKING CHANGES - Require node v24 ([#​989](https://redirect.github.com/renovatebot/github-action/issues/989)) ##### Features - Require node v24 ([#​989](https://redirect.github.com/renovatebot/github-action/issues/989)) ([569b928](https://redirect.github.com/renovatebot/github-action/commit/569b92826f6a7e3df94e82f5dad229063ff7d6d7)) ##### Miscellaneous Chores - allow js explicit ([#​991](https://redirect.github.com/renovatebot/github-action/issues/991)) ([5b01b35](https://redirect.github.com/renovatebot/github-action/commit/5b01b3588fa5db5a944177e7cfa40aaab600e886)) - **deps:** update actions/cache action to v5.0.3 ([5075ddc](https://redirect.github.com/renovatebot/github-action/commit/5075ddc5f208d54794cbd95d08e0c1a8ff53e9e6)) - **deps:** update dependency typescript-eslint to v8.53.1 ([066c0b5](https://redirect.github.com/renovatebot/github-action/commit/066c0b536ae0443e21d16dc65649f83d308de162)) - **deps:** update pnpm to v10.28.1 ([c0fa679](https://redirect.github.com/renovatebot/github-action/commit/c0fa67965700b9f30489700e7973b6dce85b2f1e)) - **renovate:** group all Renovate updates together ([#​992](https://redirect.github.com/renovatebot/github-action/issues/992)) ([253db8a](https://redirect.github.com/renovatebot/github-action/commit/253db8a282b831ac1e65973118fbdd60127a5bd6)) - **renovater:** exclude major from docs grouping ([#​996](https://redirect.github.com/renovatebot/github-action/issues/996)) ([4dfbc50](https://redirect.github.com/renovatebot/github-action/commit/4dfbc50e4cd57a07cbc4e677d553416802052323)) ##### Continuous Integration - add auto reviewer ([#​990](https://redirect.github.com/renovatebot/github-action/issues/990)) ([5aaf050](https://redirect.github.com/renovatebot/github-action/commit/5aaf05075dbb328cdfe10e0d2f205fdaf6fc88e2)) - **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.92.10 ([b74d2be](https://redirect.github.com/renovatebot/github-action/commit/b74d2be509260ab0942b9c20d17d1f2e92ca36bb)) - **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.92.11 ([6eb6ef2](https://redirect.github.com/renovatebot/github-action/commit/6eb6ef2c88dc495e6545063fa18b2ba5959cdc98)) - **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.92.5 ([7996fff](https://redirect.github.com/renovatebot/github-action/commit/7996fff47b57d15d883cdafa60896733fbf2caf3)) - **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.92.9 ([df65844](https://redirect.github.com/renovatebot/github-action/commit/df6584424320266dff91a05b337e8c271e36631c)) - **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.94.6 ([4990c24](https://redirect.github.com/renovatebot/github-action/commit/4990c2463a605b5d268739c2e0e3acd35bdb22de)) - **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.94.7 ([e9974c0](https://redirect.github.com/renovatebot/github-action/commit/e9974c0c75a032401fe5155716049b7d67e113a7)) - **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.95.0 ([21d8fc4](https://redirect.github.com/renovatebot/github-action/commit/21d8fc497ef3a5b2bf20231f60e3b19c64761e24)) - **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.95.1 ([9332c36](https://redirect.github.com/renovatebot/github-action/commit/9332c36063d686fedea4e0169b6365b92e828619)) - **deps:** update renovate docker tag to v42.92.10 ([d798112](https://redirect.github.com/renovatebot/github-action/commit/d79811201e6072dbaa766f14308ab8ee6d09f25c)) - **deps:** update renovate docker tag to v42.92.11 ([a058a2f](https://redirect.github.com/renovatebot/github-action/commit/a058a2fe1e17f63d76fb171471c0ea30dfcc822a)) - **deps:** update renovate docker tag to v42.94.6 ([68f0c4c](https://redirect.github.com/renovatebot/github-action/commit/68f0c4cd667b2b492ea1bc05de732c6952473b53)) - **deps:** update renovate docker tag to v42.94.7 ([30bf1bf](https://redirect.github.com/renovatebot/github-action/commit/30bf1bf6d608f685d2e6a14476ea48f04153ab96)) - **deps:** update renovate docker tag to v42.95.1 ([416d47f](https://redirect.github.com/renovatebot/github-action/commit/416d47fe4291763dcc05040d390951994fa5c74b)) ### [`v44.2.6`](https://redirect.github.com/renovatebot/github-action/releases/tag/v44.2.6) [Compare Source](https://redirect.github.com/renovatebot/github-action/compare/v44.2.5...v44.2.6) ##### Documentation - update references to actions/checkout to v6.0.2 ([c493b2d](https://redirect.github.com/renovatebot/github-action/commit/c493b2df50126f1ed2a7584b5609028477004d10)) - update references to ghcr.io/renovatebot/renovate to v42.92.4 ([75fe498](https://redirect.github.com/renovatebot/github-action/commit/75fe4986fc09e12ee7e38caae4181b5e3e80cc93)) - update references to renovatebot/github-action to v44.2.5 ([8627919](https://redirect.github.com/renovatebot/github-action/commit/862791922488c9b10d6ffa62da1d21abe38f7cb5)) ##### Miscellaneous Chores - **deps:** update dependency [@​types/node](https://redirect.github.com/types/node) to v20.19.29 ([b8ce015](https://redirect.github.com/renovatebot/github-action/commit/b8ce01539a8a2d7b455ad8cdab9c8495a999accf)) - **deps:** update dependency [@​types/node](https://redirect.github.com/types/node) to v20.19.30 ([c2d6419](https://redirect.github.com/renovatebot/github-action/commit/c2d6419e25b9a8dee75f9d9e171d4025c7c191fa)) - **deps:** update dependency prettier to v3.8.0 ([d0197d9](https://redirect.github.com/renovatebot/github-action/commit/d0197d9a2eecb4144b83b40182b0ed0ccbef2ad7)) - **deps:** update dependency prettier-plugin-packagejson to v2.5.21 ([0725f72](https://redirect.github.com/renovatebot/github-action/commit/0725f725f5d81d9f4778460fb2cd6c496780bfcc)) - **deps:** update dependency typescript-eslint to v8.53.0 ([c3071bc](https://redirect.github.com/renovatebot/github-action/commit/c3071bc0c8635c1307f07ce75e2108efd93e21b7)) ##### Build System - **deps:** lock file maintenance ([8267212](https://redirect.github.com/renovatebot/github-action/commit/8267212ee8fc6a4bb5bf6118249caf977a159b12)) ##### Continuous Integration - **deps:** update actions/checkout action to v6.0.2 ([bca8c02](https://redirect.github.com/renovatebot/github-action/commit/bca8c029ef60bf8ceb262a139e7ab7be13c992b6)) - **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.85.4 ([52745be](https://redirect.github.com/renovatebot/github-action/commit/52745be575dfffffd5782383db2e88caa73ce0fe)) - **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.85.5 ([6ebcfac](https://redirect.github.com/renovatebot/github-action/commit/6ebcfac57b64780ca3cd43778ed7826806cfc052)) - **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.85.6 ([e3e66f1](https://redirect.github.com/renovatebot/github-action/commit/e3e66f1d2a89ce8cedc8a5a743f88dee57704b64)) - **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.85.7 ([312511e](https://redirect.github.com/renovatebot/github-action/commit/312511e6cacb2bd13d042c31ebfd3a3282ecf173)) - **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.85.8 ([d94ec39](https://redirect.github.com/renovatebot/github-action/commit/d94ec392f99a446b4102a7478f0a52bab8a7f66e)) - **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.86.0 ([3bab076](https://redirect.github.com/renovatebot/github-action/commit/3bab076751c5b9c5459fdcf888ab1504f190fe71)) - **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.86.1 ([48d3490](https://redirect.github.com/renovatebot/github-action/commit/48d349050ac2cc1fc962d1cda3fc498d63754a38)) - **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.87.0 ([bbd25ac](https://redirect.github.com/renovatebot/github-action/commit/bbd25ac6ff9369fab986d3b7ad3ffc8bc1294c70)) - **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.88.2 ([d587065](https://redirect.github.com/renovatebot/github-action/commit/d58706580f28a0a8103e7a83f033bb8575431aca)) - **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.89.2 ([9d5f277](https://redirect.github.com/renovatebot/github-action/commit/9d5f277e432f618e6eda1c554bcdb9ee90e7b9b6)) - **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.89.4 ([f7d4fc7](https://redirect.github.com/renovatebot/github-action/commit/f7d4fc73fef5c8989b1a177527de0036f111ae03)) - **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.90.0 ([28f1aa9](https://redirect.github.com/renovatebot/github-action/commit/28f1aa9045dfa99e260cd5efd71d0b93d6a1f3c4)) - **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.90.1 ([fe77734](https://redirect.github.com/renovatebot/github-action/commit/fe777345b0c2584d17c82528f4b08b3a0a0438c0)) - **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.90.2 ([6e8ea66](https://redirect.github.com/renovatebot/github-action/commit/6e8ea66de8e70481d0bdbaed9a826eb391d1fd1b)) - **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.92.0 ([#​987](https://redirect.github.com/renovatebot/github-action/issues/987)) ([0d4c9d2](https://redirect.github.com/renovatebot/github-action/commit/0d4c9d226942f8e710bec406b7c07aefbb55d526)) - **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.92.1 ([c4feabe](https://redirect.github.com/renovatebot/github-action/commit/c4feabe257cbd8981b68fbe7db059812746ab449)) - **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.92.2 ([be0a612](https://redirect.github.com/renovatebot/github-action/commit/be0a61256e3f9d7baa8abf07c03a3400dfc1306e)) - **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.92.3 ([fd97c3a](https://redirect.github.com/renovatebot/github-action/commit/fd97c3ac4d776c76c0596595af1cb11bbd20334c)) - **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.92.4 ([5ec2068](https://redirect.github.com/renovatebot/github-action/commit/5ec2068dacb1060fcce91378a45de5631874d907)) - **deps:** update renovate docker tag to v42.85.3 ([f0b16d5](https://redirect.github.com/renovatebot/github-action/commit/f0b16d522df9b7184c324e3c34dc9d363a6a139f)) - **deps:** update renovate docker tag to v42.85.4 ([19046c0](https://redirect.github.com/renovatebot/github-action/commit/19046c0b1c3a98246153121860130c8afaea26ac)) - **deps:** update renovate docker tag to v42.85.5 ([2523d2e](https://redirect.github.com/renovatebot/github-action/commit/2523d2e45a8a88fbfc43b2d24b19cd9c9bd15280)) - **deps:** update renovate docker tag to v42.85.6 ([7ffd65f](https://redirect.github.com/renovatebot/github-action/commit/7ffd65f43cbfb3c147cd06c59b52bb72c0fa7e45)) - **deps:** update renovate docker tag to v42.85.7 ([4171b3b](https://redirect.github.com/renovatebot/github-action/commit/4171b3b9ef1391132adc1c065bedaf5f63a5c628)) - **deps:** update renovate docker tag to v42.85.8 ([1c5ac30](https://redirect.github.com/renovatebot/github-action/commit/1c5ac30c32fe1e3683db47e91763cbcf2ddf7aeb)) - **deps:** update renovate docker tag to v42.86.0 ([0256625](https://redirect.github.com/renovatebot/github-action/commit/0256625e586c6a017967cd898dd2b41744fd4e5b)) - **deps:** update renovate docker tag to v42.86.1 ([5430625](https://redirect.github.com/renovatebot/github-action/commit/5430625a62960a83ffeebc8cf1fb09147b9fec68)) - **deps:** update renovate docker tag to v42.87.0 ([c8fd526](https://redirect.github.com/renovatebot/github-action/commit/c8fd5266dcbd52e3c1285f6dbc4ca0aae4d4c0e7)) - **deps:** update renovate docker tag to v42.88.2 ([32fbc45](https://redirect.github.com/renovatebot/github-action/commit/32fbc452d90c7c10413b234d0de0da4555cf4973)) - **deps:** update renovate docker tag to v42.89.2 ([f5b09cb](https://redirect.github.com/renovatebot/github-action/commit/f5b09cb510af71a0787f72be7d699abc4ebfbd93)) - **deps:** update renovate docker tag to v42.89.3 ([2128873](https://redirect.github.com/renovatebot/github-action/commit/21288739c342d5148a6147881e9e516ab739ef36)) - **deps:** update renovate docker tag to v42.89.4 ([80dcf09](https://redirect.github.com/renovatebot/github-action/commit/80dcf09c980662d8f4fe902bd609fa3719f2cf3c)) - **deps:** update renovate docker tag to v42.90.0 ([481c844](https://redirect.github.com/renovatebot/github-action/commit/481c84412238aea7f4e1f50fb4c3b66c24b28be7)) - **deps:** update renovate docker tag to v42.90.2 ([65f6aaf](https://redirect.github.com/renovatebot/github-action/commit/65f6aaf7f047eef7286c354a39bafa2d5dcfef7d)) - **deps:** update renovate docker tag to v42.92.0 ([7cf9d8e](https://redirect.github.com/renovatebot/github-action/commit/7cf9d8ea17208ebd9a44cc531e5fa3cdee144c1c)) - **deps:** update renovate docker tag to v42.92.1 ([e39ac1d](https://redirect.github.com/renovatebot/github-action/commit/e39ac1d6a04cb7b1376eab09c5bcac931b1c54d0)) - **deps:** update renovate docker tag to v42.92.2 ([39f256b](https://redirect.github.com/renovatebot/github-action/commit/39f256bd8ba89b3fbeb226aeb6ac403515c24eaa)) - **deps:** update renovate docker tag to v42.92.3 ([67fe0c3](https://redirect.github.com/renovatebot/github-action/commit/67fe0c36c9262933eb0cb7c1e337b193582a18ec)) - **deps:** update renovate docker tag to v42.92.4 ([9216196](https://redirect.github.com/renovatebot/github-action/commit/9216196086fde6845d30aff0ea5e8d0497ae717e)) ### [`v44.2.5`](https://redirect.github.com/renovatebot/github-action/releases/tag/v44.2.5) [Compare Source](https://redirect.github.com/renovatebot/github-action/compare/v44.2.4...v44.2.5) ##### Documentation - update references to ghcr.io/renovatebot/renovate to v42.84.2 ([bee68c6](https://redirect.github.com/renovatebot/github-action/commit/bee68c6b42e9d7a194c88cdf869a453e0c2f4cf0)) - update references to renovatebot/github-action to v44.2.4 ([155b66f](https://redirect.github.com/renovatebot/github-action/commit/155b66f279faa124e70467aca245188cc64831e7)) ##### Miscellaneous Chores - **deps:** update actions/cache action to v5.0.2 ([6b82695](https://redirect.github.com/renovatebot/github-action/commit/6b82695fd98bcc86e02fed1139beb3cd38a16807)) - **deps:** update actions/setup-node action to v6.2.0 ([13b6940](https://redirect.github.com/renovatebot/github-action/commit/13b6940c1cde6aecf007d48cbede634d5eba2844)) - **deps:** update commitlint monorepo to v20.3.1 ([9725b51](https://redirect.github.com/renovatebot/github-action/commit/9725b51221820e783c5a9315501edffe1592e540)) - **deps:** update dependency [@​types/node](https://redirect.github.com/types/node) to v20.19.28 ([afd25d6](https://redirect.github.com/renovatebot/github-action/commit/afd25d6eb6dd02957f87b97325e7771483510e3a)) - **deps:** update dependency typescript-eslint to v8.52.0 ([5440251](https://redirect.github.com/renovatebot/github-action/commit/54402511510b73e7cee73738a38d8274c808e045)) - **deps:** update node.js to v24.13.0 ([abda118](https://redirect.github.com/renovatebot/github-action/commit/abda118d56c972a29531bf8e0cbb3a7cd470e670)) - **deps:** update pnpm to v10.28.0 ([7e73d9a](https://redirect.github.com/renovatebot/github-action/commit/7e73d9ab182234cbf9483b9bb47e53d12e0a2dc1)) ##### Build System - **deps:** lock file maintenance ([40d0e4f](https://redirect.github.com/renovatebot/github-action/commit/40d0e4f770aee3d5e3234187bfeed232c6b6eabd)) ##### Continuous Integration - **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.79.2 ([0c847db](https://redirect.github.com/renovatebot/github-action/commit/0c847dbd22f599545e06bbae7f15a13aa9c916e1)) - **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.80.0 ([ce838c6](https://redirect.github.com/renovatebot/github-action/commit/ce838c6ff6983f1902e108a1a8e8815423a296b7)) - **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.80.1 ([28448a0](https://redirect.github.com/renovatebot/github-action/commit/28448a032e6f5f285bafea4d6f64792a0315caa3)) - **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.80.2 ([34d045f](https://redirect.github.com/renovatebot/github-action/commit/34d045f6ec248e0556899059778f012a0d1dde00)) - **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.81.0 ([cad1a9f](https://redirect.github.com/renovatebot/github-action/commit/cad1a9f9a484883e23096d7eb2dcc0baa6be2a8f)) - **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.81.1 ([61f6467](https://redirect.github.com/renovatebot/github-action/commit/61f6467333e91510488ec4cfe27a7315a36e8436)) - **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.81.11 ([827eecb](https://redirect.github.com/renovatebot/github-action/commit/827eecb12bcd4e43675ba7c80c198ef8e6ba0641)) - **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.81.13 ([4dad087](https://redirect.github.com/renovatebot/github-action/commit/4dad0877aece9841117077d650458766ba4af791)) - **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.81.15 ([2fbf483](https://redirect.github.com/renovatebot/github-action/commit/2fbf483c4dbb7cbc4ff8c7614430e8a8eb2dfded)) - **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.81.2 ([341e799](https://redirect.github.com/renovatebot/github-action/commit/341e799bcee0866618f10fc29997ecfdf19322c6)) - **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.81.3 ([c1e52d7](https://redirect.github.com/renovatebot/github-action/commit/c1e52d7db30ea5541c88adcf193b47d052f47efa)) - **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.81.4 ([c837398](https://redirect.github.com/renovatebot/github-action/commit/c837398dd077e77b797a122b46f8327b85d85d9c)) - **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.81.5 ([d3ef4cc](https://redirect.github.com/renovatebot/github-action/commit/d3ef4cc6785a50acf6fd88095a088247ecf9e681)) - **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.81.7 ([7db10dc](https://redirect.github.com/renovatebot/github-action/commit/7db10dc83896f6a83536cf612aa3fc1fd2100486)) - **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.81.8 ([9a4c598](https://redirect.github.com/renovatebot/github-action/commit/9a4c5980681b14a22581c0107addcb3c2c13cc24)) - **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.82.1 ([91336be](https://redirect.github.com/renovatebot/github-action/commit/91336be3d3da073197cf85dd4f789d14e45213e4)) - **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.82.3 ([50179b9](https://redirect.github.com/renovatebot/github-action/commit/50179b9570bf017940ba8de9e49b694b4872a1fd)) - **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.83.0 ([584d04a](https://redirect.github.com/renovatebot/github-action/commit/584d04a136e07ce648ce8b9f2b766c0bfd41daa3)) - **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.83.1 ([5050627](https://redirect.github.com/renovatebot/github-action/commit/50506271a36aefe00f6d9cbcbaa27eed0d4c8b64)) - **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.84.0 ([37f4ae6](https://redirect.github.com/renovatebot/github-action/commit/37f4ae6101b45701a0441f4f7cb656246160892f)) - **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.84.2 ([213c451](https://redirect.github.com/renovatebot/github-action/commit/213c451fb3d5eb3efbcb5b585980df7ef5f13fc0)) - **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.85.3 ([e3f9bec](https://redirect.github.com/renovatebot/github-action/commit/e3f9bec661d5636df1fe718ca9c2ad8f61e34599)) - **deps:** update renovate docker tag to v42.79.2 ([866508e](https://redirect.github.com/renovatebot/github-action/commit/866508e644ffae175ce95724c6c071467ea6732e)) - **deps:** update renovate docker tag to v42.80.0 ([fd69857](https://redirect.github.com/renovatebot/github-action/commit/fd6985724493e66e8b0d11f1b40b6666ef7ce923)) - **deps:** update renovate docker tag to v42.80.1 ([415ac31](https://redirect.github.com/renovatebot/github-action/commit/415ac314d9facdd317633c7313e37c513cf9d77a)) - **deps:** update renovate docker tag to v42.80.2 ([616daf5](https://redirect.github.com/renovatebot/github-action/commit/616daf590f51095778845ef7848a6aac892a7edd)) - **deps:** update renovate docker tag to v42.81.0 ([d0f3cb0](https://redirect.github.com/renovatebot/github-action/commit/d0f3cb0f685d8f4193bed0dbf322da991805bd10)) - **deps:** update renovate docker tag to v42.81.1 ([d61fab0](https://redirect.github.com/renovatebot/github-action/commit/d61fab04d170a491e5a90042de2a02774ce35817)) - **deps:** update renovate docker tag to v42.81.11 ([7e3ecb9](https://redirect.github.com/renovatebot/github-action/commit/7e3ecb996d47d569b5596f013ad6d25f3e2d2d45)) - **deps:** update renovate docker tag to v42.81.13 ([56dbe58](https://redirect.github.com/renovatebot/github-action/commit/56dbe580daf517487a72893f584cd6ae22f2b8f6)) - **deps:** update renovate docker tag to v42.81.2 ([b0e457c](https://redirect.github.com/renovatebot/github-action/commit/b0e457ce30da3f52984c6908a96940d909e8fe5a)) - **deps:** update renovate docker tag to v42.81.3 ([21dcf73](https://redirect.github.com/renovatebot/github-action/commit/21dcf73de6c8bca93e903ae7d7ecbcdf8d9757fc)) - **deps:** update renovate docker tag to v42.81.4 ([211b1b5](https://redirect.github.com/renovatebot/github-action/commit/211b1b5bed7595cad455ac5538924028da6aac24)) - **deps:** update renovate docker tag to v42.81.5 ([19894e9](https://redirect.github.com/renovatebot/github-action/commit/19894e9e4f162eaa70d88aba3efe4ab2fd705b0b)) - **deps:** update renovate docker tag to v42.81.7 ([877c171](https://redirect.github.com/renovatebot/github-action/commit/877c17183a2f7c1b465ccd2ac9347a18daa38b61)) - **deps:** update renovate docker tag to v42.81.8 ([f0ffaaa](https://redirect.github.com/renovatebot/github-action/commit/f0ffaaa8f34633168a5d24421c8b5dece47f0c78)) - **deps:** update renovate docker tag to v42.82.1 ([7deb14c](https://redirect.github.com/renovatebot/github-action/commit/7deb14cb296ffcac5eba067c6cc39d2082aeacad)) - **deps:** update renovate docker tag to v42.82.3 ([911651e](https://redirect.github.com/renovatebot/github-action/commit/911651e5cf0dd10e3af942e6e2401da49beb356f)) - **deps:** update renovate docker tag to v42.83.0 ([#​986](https://redirect.github.com/renovatebot/github-action/issues/986)) ([2c196f3](https://redirect.github.com/renovatebot/github-action/commit/2c196f3458186d45413e50630d138d9ea36ca058)) - **deps:** update renovate docker tag to v42.83.1 ([690cf78](https://redirect.github.com/renovatebot/github-action/commit/690cf78d306309db19976963ba0c0de910e2ba2a)) - **deps:** update renovate docker tag to v42.84.0 ([dc4c585](https://redirect.github.com/renovatebot/github-action/commit/dc4c585b88109bea01ca360b9dffdc5fe79ca3a6)) - **deps:** update renovate docker tag to v42.84.2 ([55f2982](https://redirect.github.com/renovatebot/github-action/commit/55f2982c578af4b1b524049e2a61c472f3fe8f0c)) ### [`v44.2.4`](https://redirect.github.com/renovatebot/github-action/releases/tag/v44.2.4) [Compare Source](https://redirect.github.com/renovatebot/github-action/compare/v44.2.3...v44.2.4) ##### Documentation - update references to ghcr.io/renovatebot/renovate to v42.78.2 ([73927c7](https://redirect.github.com/renovatebot/github-action/commit/73927c7be00603a8b4730e01972e84f45f13e0ab)) - update references to renovatebot/github-action to v44.2.3 ([954e659](https://redirect.github.com/renovatebot/github-action/commit/954e6598f4780a11d86a5e420798d45d1db3a91e)) ##### Miscellaneous Chores - **deps:** update commitlint monorepo to v20.3.0 ([d78356e](https://redirect.github.com/renovatebot/github-action/commit/d78356e959dbc4b4131b1e178a5b175afc9caee6)) - **deps:** update dependency typescript-eslint to v8.51.0 ([2d66e07](https://redirect.github.com/renovatebot/github-action/commit/2d66e071df4b73f98f9705dda06834862e9ada8f)) - **deps:** update pnpm to v10.27.0 ([218102a](https://redirect.github.com/renovatebot/github-action/commit/218102a5af48b691d9688cc99cf486e197ef8f07)) ##### Build System - **deps:** lock file maintenance ([bc3dd85](https://redirect.github.com/renovatebot/github-action/commit/bc3dd85978ee68d4d4aaec85d77bf8888d6327fd)) ##### Continuous Integration - **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.71.2 ([d6fad5d](https://redirect.github.com/renovatebot/github-action/commit/d6fad5d2e15ce8f7c3ef5b21ae139734203f62bc)) - **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.71.3 ([b7dc84e](https://redirect.github.com/renovatebot/github-action/commit/b7dc84e40afd9b200a4e55e755bd923bd9045972)) - **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.71.4 ([944ec86](https://redirect.github.com/renovatebot/github-action/commit/944ec86e89e800c14d3aa312b9daeb0f7a77f3b1)) - **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.72.0 ([3ab930c](https://redirect.github.com/renovatebot/github-action/commit/3ab930c2ac265d58b0788ab56aca82bfc69f6427)) - **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.74.1 ([92bf334](https://redirect.github.com/renovatebot/github-action/commit/92bf334c35b929e23a23ed94fd3fb5b11ff943d3)) - **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.74.2 ([a4c0964](https://redirect.github.com/renovatebot/github-action/commit/a4c096439bfc89fd4cc32066bd551bcf976595b9)) - **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.74.3 ([fe61c45](https://redirect.github.com/renovatebot/github-action/commit/fe61c4590fb1c9fcd5702da6c2e5d3359b04b440)) - **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.74.5 ([3c17b91](https://redirect.github.com/renovatebot/github-action/commit/3c17b91350f6270c916eda0f05edf0623f776b45)) - **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.74.6 ([4dbd3e7](https://redirect.github.com/renovatebot/github-action/commit/4dbd3e796f418067a01beeb3154adff3f47bf69d)) - **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.74.7 ([b0ca42a](https://redirect.github.com/renovatebot/github-action/commit/b0ca42af510638d86e4067d81a5621d3aeaf1ce5)) - **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.75.0 ([ea73cb1](https://redirect.github.com/renovatebot/github-action/commit/ea73cb1bd108c9b3797d6809dac497464ebf46db)) - **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.75.1 ([06b32e3](https://redirect.github.com/renovatebot/github-action/commit/06b32e359685ff955eedd33ef45d005c0db8c914)) - **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.76.0 ([f1aee6d](https://redirect.github.com/renovatebot/github-action/commit/f1aee6d1b980a3806b0bfbe99ca4bec2c1e74d35)) - **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.76.2 ([1553f89](https://redirect.github.com/renovatebot/github-action/commit/1553f89559636ff27edb5807ea174b4521f01df1)) - **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.76.3 ([b1da167](https://redirect.github.com/renovatebot/github-action/commit/b1da1679acf44d8d7575717b4d249f157d259b30)) - **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.76.4 ([8af1825](https://redirect.github.com/renovatebot/github-action/commit/8af182566182744ba07c19988abe768b844266d8)) - **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.76.5 ([f54c19e](https://redirect.github.com/renovatebot/github-action/commit/f54c19eeb39126feb3c4d9f9aef2541d77cc51c1)) - **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.78.0 ([502f344](https://redirect.github.com/renovatebot/github-action/commit/502f3445625a72fcb40034cdce9ddd4f05ec413d)) - **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.78.1 ([ed6fad8](https://redirect.github.com/renovatebot/github-action/commit/ed6fad858bbac29b3413eab79d608ed65ee5e786)) - **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.78.2 ([c0cccbb](https://redirect.github.com/renovatebot/github-action/commit/c0cccbb67ae860a674cd097584a27d09d58609f0)) - **deps:** update renovate docker tag to v42.71.2 ([619d0d5](https://redirect.github.com/renovatebot/github-action/commit/619d0d5ea6a33d3e2c4cdb90f8d54db41b1bf146)) - **deps:** update renovate docker tag to v42.71.3 ([bebaad8](https://redirect.github.com/renovatebot/github-action/commit/bebaad8609a7719f3b392386ee3b1cd52ba93d11)) - **deps:** update renovate docker tag to v42.71.4 ([827ef45](https://redirect.github.com/renovatebot/github-action/commit/827ef45f70f92a89d5752654a98108314d72fd7d)) - **deps:** update renovate docker tag to v42.72.0 ([1444bca](https://redirect.github.com/renovatebot/github-action/commit/1444bcab8b47f38e3050b62964111ff757f2223b)) - **deps:** update renovate docker tag to v42.74.1 ([dc12d57](https://redirect.github.com/renovatebot/github-action/commit/dc12d57cb9711924bba9369485bc20d91f6c7214)) - **deps:** update renovate docker tag to v42.74.2 ([c995eac](https://redirect.github.com/renovatebot/github-action/commit/c995eac1d02a23e4855cf02cfdffa6487945d69e)) - **deps:** update renovate docker tag to v42.74.3 ([56f6b97](https://redirect.github.com/renovatebot/github-action/commit/56f6b97043c24697795634e4c1533f182b99b11f)) - **deps:** update renovate docker tag to v42.74.5 ([66e50c8](https://redirect.github.com/renovatebot/github-action/commit/66e50c8991ff07946760c3150126dabb739b7ca4)) - **deps:** update renovate docker tag to v42.74.6 ([f6dc4d0](https://redirect.github.com/renovatebot/github-action/commit/f6dc4d0850d581f22414fbe41c663d186358ffc2)) - **deps:** update renovate docker tag to v42.74.7 ([0565b9d](https://redirect.github.com/renovatebot/github-action/commit/0565b9d00a7405265b3bc113cc0de11c0db4c931)) - **deps:** update renovate docker tag to v42.75.0 ([d7cae0f](https://redirect.github.com/renovatebot/github-action/commit/d7cae0fe8666475178bcd461b9462e1c50275c09)) - **deps:** update renovate docker tag to v42.75.1 ([003df67](https://redirect.github.com/renovatebot/github-action/commit/003df6787ef7f5c65bc6f6832ebdb7bd51c296f1)) - **deps:** update renovate docker tag to v42.76.0 ([70878eb](https://redirect.github.com/renovatebot/github-action/commit/70878ebdae0a144a343468b06cb207374cd6d5bd)) - **deps:** update renovate docker tag to v42.76.2 ([57308dd](https://redirect.github.com/renovatebot/github-action/commit/57308dd727ceeae15bba05e385328362b81cb548)) - **deps:** update renovate docker tag to v42.76.3 ([3fba8a9](https://redirect.github.com/renovatebot/github-action/commit/3fba8a978b01bea93e9aef43049dfc8b517ddf19)) - **deps:** update renovate docker tag to v42.76.4 ([d1aa322](https://redirect.github.com/renovatebot/github-action/commit/d1aa322c4d350b99b319ff608cd16bc110fafe18)) - **deps:** update renovate docker tag to v42.76.5 ([6eb7831](https://redirect.github.com/renovatebot/github-action/commit/6eb783190bae8d5e13580c8bf2a064971d8aea94)) - **deps:** update renovate docker tag to v42.78.0 ([e1424c9](https://redirect.github.com/renovatebot/github-action/commit/e1424c9600bb087f0d6b082ca71defd4502d4b92)) - **deps:** update renovate docker tag to v42.78.1 ([fe39a9a](https://redirect.github.com/renovatebot/github-action/commit/fe39a9a20f31c7ac4cdc5716e52f1b68a66dc744)) - **deps:** update renovate docker tag to v42.78.2 ([d6327fa](https://redirect.github.com/renovatebot/github-action/commit/d6327fad525ac4db642391abe8298c03ee493469)) ### [`v44.2.3`](https://redirect.github.com/renovatebot/github-action/releases/tag/v44.2.3) [Compare Source](https://redirect.github.com/renovatebot/github-action/compare/v44.2.2...v44.2.3) ##### Documentation - update references to ghcr.io/renovatebot/renovate to v42.71.0 ([2e1a0f9](https://redirect.github.com/renovatebot/github-action/commit/2e1a0f9c75dccf03287d41410b8a4789a044d988)) - update references to renovatebot/github-action to v44.2.2 ([842ebb2](https://redirect.github.com/renovatebot/github-action/commit/842ebb2cb9731416d8335e33aa5d26052770b076)) ##### Miscellaneous Chores - **deps:** update dependency typescript-eslint to v8.50.1 ([d8c97fc](https://redirect.github.com/renovatebot/github-action/commit/d8c97fc1bd9291d28d21a20cc7c1c86f5abc1cc0)) - **deps:** update pnpm to v10.26.2 ([c51011e](https://redirect.github.com/renovatebot/github-action/commit/c51011e4269e1522f2edd82c75f1e27282fc75c7)) ##### Build System - **deps:** lock file maintenance ([84a386f](https://redirect.github.com/renovatebot/github-action/commit/84a386f5d4912e8f09ae25deb557aeb016d697b9)) ##### Continuous Integration - **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.66.12 ([544013d](https://redirect.github.com/renovatebot/github-action/commit/544013de27307d8bc7bb8739db0c35436acfc33c)) - **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.66.13 ([f0bf83f](https://redirect.github.com/renovatebot/github-action/commit/f0bf83fa878b98ac9747c76b1cf585e771326d91)) - **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.66.14 ([c594a5a](https://redirect.github.com/renovatebot/github-action/commit/c594a5ad74736cbed684d7210801a652384b73b1)) - **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.68.0 ([21c9d59](https://redirect.github.com/renovatebot/github-action/commit/21c9d591bb2e2998cf451a32fd1b979fce11deb4)) - **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.68.1 ([f425754](https://redirect.github.com/renovatebot/github-action/commit/f4257548aa36770c6b01a6166bbfc74cd5eb8648)) - **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.68.4 ([45e917f](https://redirect.github.com/renovatebot/github-action/commit/45e917fd0f8fc84a0c7da09deed8e0a7682bd4ab)) - **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.68.5 ([387e335](https://redirect.github.com/renovatebot/github-action/commit/387e3357344da65ca0dce962cfaf96cec8d8da4d)) - **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.69.1 ([28fe39e](https://redirect.github.com/renovatebot/github-action/commit/28fe39e962653c8c99902dea0ab18332278a9d02)) - **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.69.2 ([3f20abe](https://redirect.github.com/renovatebot/github-action/commit/3f20abef11086471973991294efde8f7b582f6ba)) - **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.70.0 ([805577b](https://redirect.github.com/renovatebot/github-action/commit/805577b996bd1ebd23a5cd9172dfa68f56ed7936)) - **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.70.2 ([822f674](https://redirect.github.com/renovatebot/github-action/commit/822f6742b7e21a75af1d283cd31341cd87a5efbf)) - **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.70.3 ([114b33b](https://redirect.github.com/renovatebot/github-action/commit/114b33b492426d42c1476444a97564fb339ea5a9)) - **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.71.0 ([177dca0](https://redirect.github.com/renovatebot/github-action/commit/177dca0421dfbb2f7b6c95423ecbfd95239df4e5)) - **deps:** update renovate docker tag to v42.66.12 ([0a66490](https://redirect.github.com/renovatebot/github-action/commit/0a6649057e131a302104ecc893f7cc15b614faab)) - **deps:** update renovate docker tag to v42.66.13 ([56997a6](https://redirect.github.com/renovatebot/github-action/commit/56997a64ac163724fff968c8457fee6ab988f471)) - **deps:** update renovate docker tag to v42.66.14 ([319456c](https://redirect.github.com/renovatebot/github-action/commit/319456c81c30f6399938d881853a894045e623ef)) - **deps:** update renovate docker tag to v42.68.0 ([a4bb308](https://redirect.github.com/renovatebot/github-action/commit/a4bb3084a4ef1bbdce02e67b2229ccecbc266ba0)) - **deps:** update renovate docker tag to v42.68.4 ([325177b](https://redirect.github.com/renovatebot/github-action/commit/325177b6281b7ebe424e0eea6d4b79977811ccf2)) - **deps:** update renovate docker tag to v42.68.5 ([2ff242c](https://redirect.github.com/renovatebot/github-action/commit/2ff242cd23c7c3dc7e93ec394846219c666b310d)) - **deps:** update renovate docker tag to v42.69.1 ([cd90faa](https://redirect.github.com/renovatebot/github-action/commit/cd90faa22bd373d680bd60019fee67fbbbb9da67)) - **deps:** update renovate docker tag to v42.69.2 ([05aba88](https://redirect.github.com/renovatebot/github-action/commit/05aba882af8dccac3192d9c7e79a398c4b91fa1d)) - **deps:** update renovate docker tag to v42.70.0 ([6fe3c0a](https://redirect.github.com/renovatebot/github-action/commit/6fe3c0a2cddaa66a4eeccf2a6e1a48ae4ed894d8)) - **deps:** update renovate docker tag to v42.70.2 ([1d95636](https://redirect.github.com/renovatebot/github-action/commit/1d956362670e88593d79285dbb0474152ca3a319)) - **deps:** update renovate docker tag to v42.70.3 ([1e1b89a](https://redirect.github.com/renovatebot/github-action/commit/1e1b89aded4bb048c459edd6a5dfb32714555d18)) - **deps:** update renovate docker tag to v42.71.0 ([a9bef4c](https://redirect.github.com/renovatebot/github-action/commit/a9bef4c8a03ca169626d29f0e7dc17be910a5c42)) </details> <details> <summary>step-security/harden-runner (step-security/harden-runner)</summary> ### [`v2.14.1`](https://redirect.github.com/step-security/harden-runner/releases/tag/v2.14.1) [Compare Source](https://redirect.github.com/step-security/harden-runner/compare/v2.14.0...v2.14.1) ##### What's Changed 1. In some self-hosted environments, the agent could briefly fall back to public DNS resolvers during startup if the system DNS was not yet available. This behavior was unintended for GitHub-hosted runners and has now been fixed to prevent any use of public DNS resolvers. 2. Fixed npm audit vulnerabilities **Full Changelog**: <https://github.com/step-security/harden-runner/compare/v2.14.0...v2.14.1> </details> --- ### Configuration 📅 **Schedule**: Branch creation - On day 1 of the month ( * * 1 * * ) (UTC), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 👻 **Immortal**: This PR will be recreated if closed unmerged. Get [config help](https://redirect.github.com/renovatebot/renovate/discussions) if that's undesired. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://redirect.github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0Mi45NS4yIiwidXBkYXRlZEluVmVyIjoiNDIuOTUuMiIsInRhcmdldEJyYW5jaCI6ImRldmVsb3AiLCJsYWJlbHMiOltdfQ==--> Signed-off-by: oep-renovate[bot] <212772560+oep-renovate[bot]@users.noreply.github.com> Co-authored-by: oep-renovate[bot] <212772560+oep-renovate[bot]@users.noreply.github.com>
90a1b34 to
736b847
Compare
Signed-off-by: oep-renovate[bot] <212772560+oep-renovate[bot]@users.noreply.github.com>
736b847 to
bd88192
Compare
Signed-off-by: Barabanov, Alexander <alexander.barabanov@intel.com>
Signed-off-by: Barabanov, Alexander <alexander.barabanov@intel.com>
Signed-off-by: Barabanov, Alexander <alexander.barabanov@intel.com>
Edited/Blocked NotificationRenovate will not automatically rebase this PR, because it does not recognize the last commit author and assumes somebody else may have edited the PR. You can manually request rebase by checking the rebase/retry box above. |
There was a problem hiding this comment.
Pull request overview
Updates pinned GitHub Actions dependencies across workflows and adjusts security scanning workflows to run in more PR/merge-queue contexts while reducing duplication.
Changes:
- Bumped pinned SHAs for multiple GitHub Actions (checkout, setup-python, setup-uv, harden-runner, CodeQL upload, Renovate action, and open-edge-platform/geti-ci actions).
- Extended
security-scan.ymltriggers to includepull_requestandmerge_group, and made scan behavior conditional on event type. - Refactored
security-scan.ymlsteps using YAML anchors and removed PR-only Zizmor/Bandit jobs fromlinter.yml.
Reviewed changes
Copilot reviewed 12 out of 12 changed files in this pull request and generated 6 comments.
Show a summary per file
| File | Description |
|---|---|
| .github/workflows/security-scan.yml | Adds PR/merge-group triggers, introduces anchors for repeated steps, and makes scan scope/fail behavior conditional. |
| .github/workflows/scorecard.yml | Updates pinned SHAs for harden-runner, checkout, and CodeQL SARIF upload. |
| .github/workflows/renovate.yml | Updates pinned SHAs for checkout and renovatebot/github-action. |
| .github/workflows/renovate-config-validator.yml | Updates pinned SHA for checkout. |
| .github/workflows/publish_to_pypi.yml | Updates pinned SHAs for harden-runner, checkout, and setup-python. |
| .github/workflows/pr_check.yml | Updates pinned SHAs for harden-runner, checkout, and setup-uv. |
| .github/workflows/linter.yml | Updates pinned SHAs and removes PR-only Zizmor/Bandit jobs (likely moved to security-scan). |
| .github/workflows/docs_stable.yml | Updates pinned SHAs for harden-runner, checkout, and setup-uv. |
| .github/workflows/docs_latest.yml | Updates pinned SHAs for harden-runner, checkout, and setup-uv. |
| .github/workflows/dependency-review.yml | Updates pinned SHAs for harden-runner and checkout. |
| .github/workflows/collect-sbom-library.yaml | Updates pinned SHAs for checkout and collect-sbom-library action. |
| .github/workflows/codeql.yml | Updates pinned SHAs for harden-runner, checkout, and CodeQL init/analyze steps. |
💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.
Signed-off-by: Barabanov, Alexander <alexander.barabanov@intel.com>
Signed-off-by: Barabanov, Alexander <alexander.barabanov@intel.com>
This PR consolidates security workflows into one workflow and contains the following updates:
v6.0.1→v6.0.2v6.1.0→v6.2.0v7.1.6→v7.3.0v4.31.9→v4.32.2d30e322→3a4b81ev44.2.2→v46.0.2v2.14.0→v2.14.2Release Notes
actions/checkout (actions/checkout)
v6.0.2Compare Source
actions/setup-python (actions/setup-python)
v6.2.0Compare Source
What's Changed
Dependency Upgrades
/__tests__/databy @dependabot in #1253 and #1264Full Changelog: actions/setup-python@v6...v6.2.0
astral-sh/setup-uv (astral-sh/setup-uv)
v7.3.0: 🌈 New features and bug fixes for activate-environmentCompare Source
Changes
This release contains a few bug fixes and a new feature for the activate-environment functionality.
🐛 Bug fixes
🚀 Enhancements
🧰 Maintenance
📚 Documentation
⬆️ Dependency updates
v7.2.1: 🌈 update known checksums up to 0.9.28Compare Source
Changes
🧰 Maintenance
📚 Documentation
⬆️ Dependency updates
v7.2.0: 🌈 add outputs python-version and python-cache-hitCompare Source
Changes
Among some minor typo fixes and quality of life features for developers of actions the main feature of this release are new outputs:
UV_PYTHON)While implementing this it became clear, that it is easier to handle the Python binaries in a separate cache entry. The added benefit for users is that the "normal" cache containing the dependencies can be used in all runs no matter if these cache the Python binaries or not.
🐛 Bug fixes
🚀 Enhancements
🧰 Maintenance
⬆️ Dependency updates
github/codeql-action (github/codeql-action)
v4.32.2Compare Source
v4.32.1Compare Source
v4.32.0Compare Source
v4.31.11Compare Source
v4.31.10Compare Source
CodeQL Action Changelog
See the releases page for the relevant changes to the CodeQL CLI and language packs.
4.31.10 - 12 Jan 2026
See the full CHANGELOG.md for more information.
renovatebot/github-action (renovatebot/github-action)
v46.0.2Compare Source
Documentation
Miscellaneous Chores
Build System
Continuous Integration
v46.0.1Compare Source
Miscellaneous Chores
Build System
Continuous Integration
v46.0.0Compare Source
⚠ BREAKING CHANGES
Features
v45.0.3Compare Source
Bug Fixes
v45.0.2Compare Source
Bug Fixes
Miscellaneous Chores
v45.0.1Compare Source
Bug Fixes
Miscellaneous Chores
Continuous Integration
v45.0.0Compare Source
⚠ BREAKING CHANGES
Features
Miscellaneous Chores
Continuous Integration
v44.2.6Compare Source
Documentation
Miscellaneous Chores
Build System
Continuous Integration
v44.2.5Compare Source
Documentation
Miscellaneous Chores
Build System
Continuous Integration
v44.2.4Compare Source
Documentation
Miscellaneous Chores
Build System
Continuous Integration
Configuration
📅 Schedule: Branch creation - On day 1 of the month ( * * 1 * * ) (UTC), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.
This PR has been generated by Renovate Bot.