Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bump tough-cookie and @azure/ms-rest-js #392

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Jul 9, 2023

Bumps tough-cookie and @azure/ms-rest-js. These dependencies needed to be updated together.
Updates tough-cookie from 4.0.0 to 4.1.3

Release notes

Sourced from tough-cookie's releases.

4.1.3

Security fix for Prototype Pollution discovery in #282. This is a minor release, although output from the inspect utility is affected by this change, we felt this change was important enough to be pushed into the next patch.

4.1.2 -- Patch and Bugfix Release

What's Changed

Full Changelog: salesforce/tough-cookie@v4.1.1...v4.1.2

4.1.1

Patch Release

What's Changed

Full Changelog: salesforce/tough-cookie@v4.1.0...v4.1.1

4.1.0

v4.1.0

Minor release, focused mainly on resolving reported issues and some minor feature work.

What's Changed

... (truncated)

Commits
  • 4ff4d29 4.1.3 release preparation, update the package and lib/version to 4.1.3. (#284)
  • 12d4747 Prevent prototype pollution in cookie memstore (#283)
  • f06b72d Fix documentation for store.findCookies, missing allowSpecialUseDomain proper...
  • b1a8898 fix: allow set cookies with localhost (#253)
  • ec70796 4.1.1 Patch -- allow special use domains by default (#250)
  • d4ac580 fix: allow special use domains by default (#249)
  • 79c2f7d 4.1.0 release to NPM (#245)
  • 4fafc17 Prepare tough-cookie 4.1 for publishing (updated GitHub actions, move Dockerf...
  • aa4396d fix: distinguish between no samesite and samesite=none (#240)
  • b8d7511 Modernize README (#234)
  • Additional commits viewable in compare view

Updates @azure/ms-rest-js from 2.6.6 to 2.7.0

Changelog

Sourced from @​azure/ms-rest-js's changelog.

2.7.0 - (2023-07-06)

  • Remove cookie support from nodeFetchHttpClient to address a security issue with the tough-cookie package.
Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot dependabot bot requested a review from a team as a code owner July 9, 2023 09:19
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Jul 9, 2023
@dmitry-shibanov
Copy link
Contributor

@dependabot rebase

Bumps [tough-cookie](https://github.com/salesforce/tough-cookie) and [@azure/ms-rest-js](https://github.com/Azure/ms-rest-js). These dependencies needed to be updated together.

Updates `tough-cookie` from 4.0.0 to 4.1.3
- [Release notes](https://github.com/salesforce/tough-cookie/releases)
- [Changelog](https://github.com/salesforce/tough-cookie/blob/master/CHANGELOG.md)
- [Commits](salesforce/tough-cookie@v4.0.0...v4.1.3)

Updates `@azure/ms-rest-js` from 2.6.6 to 2.7.0
- [Changelog](https://github.com/Azure/ms-rest-js/blob/master/Changelog.md)
- [Commits](https://github.com/Azure/ms-rest-js/commits)

---
updated-dependencies:
- dependency-name: tough-cookie
  dependency-type: indirect
- dependency-name: "@azure/ms-rest-js"
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/npm_and_yarn/tough-cookie-and-azure/ms-rest-js-4.1.3 branch from 2bb0f27 to 3bc8a8c Compare July 17, 2023 08:04
@dmitry-shibanov dmitry-shibanov merged commit db8764c into main Jul 17, 2023
@dmitry-shibanov dmitry-shibanov deleted the dependabot/npm_and_yarn/tough-cookie-and-azure/ms-rest-js-4.1.3 branch July 17, 2023 09:41
ianlewis referenced this pull request in slsa-framework/slsa-verifier Aug 8, 2023
[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Type | Update | Change |
|---|---|---|---|
| [actions/setup-go](https://togithub.com/actions/setup-go) | action |
minor | `v4.0.1` -> `v4.1.0` |
| [github/codeql-action](https://togithub.com/github/codeql-action) |
action | minor | `v2.20.4` -> `v2.21.3` |
|
[slsa-framework/slsa-github-generator](https://togithub.com/slsa-framework/slsa-github-generator)
| action | minor | `v1.7.0` -> `v1.8.0` |

---

### ⚠ Dependency Lookup Warnings ⚠

Warnings were logged while processing this repo. Please check the
Dependency Dashboard for more information.

---

### Release Notes

<details>
<summary>actions/setup-go (actions/setup-go)</summary>

###
[`v4.1.0`](https://togithub.com/actions/setup-go/releases/tag/v4.1.0)

[Compare
Source](https://togithub.com/actions/setup-go/compare/v4.0.1...v4.1.0)

##### What's Changed

In scope of this release, slow installation on Windows was fixed by
[@&#8203;dsame](https://togithub.com/dsame) in
[https://github.com/actions/setup-go/pull/393](https://togithub.com/actions/setup-go/pull/393)
and OS version was added to `primaryKey` for Ubuntu runners to avoid
conflicts
([https://github.com/actions/setup-go/pull/383](https://togithub.com/actions/setup-go/pull/383))

This release also includes the following changes:

- Remove implicit dependencies by
[@&#8203;nikolai-laevskii](https://togithub.com/nikolai-laevskii) in
[https://github.com/actions/setup-go/pull/378](https://togithub.com/actions/setup-go/pull/378)
- Update action.yml by [@&#8203;mkelly](https://togithub.com/mkelly) in
[https://github.com/actions/setup-go/pull/379](https://togithub.com/actions/setup-go/pull/379)
- Added a description that go-version should be specified as a string
type by [@&#8203;n3xem](https://togithub.com/n3xem) in
[https://github.com/actions/setup-go/pull/367](https://togithub.com/actions/setup-go/pull/367)
- Add note about YAML parsing versions by
[@&#8203;dmitry-shibanov](https://togithub.com/dmitry-shibanov) in
[https://github.com/actions/setup-go/pull/382](https://togithub.com/actions/setup-go/pull/382)
- Automatic update of configuration files from 05/23/2023 by
[@&#8203;github-actions](https://togithub.com/github-actions) in
[https://github.com/actions/setup-go/pull/377](https://togithub.com/actions/setup-go/pull/377)
- Bump tough-cookie and
[@&#8203;azure/ms-rest-js](https://togithub.com/azure/ms-rest-js) by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/actions/setup-go/pull/392](https://togithub.com/actions/setup-go/pull/392)
- Bump word-wrap from 1.2.3 to 1.2.4 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/actions/setup-go/pull/397](https://togithub.com/actions/setup-go/pull/397)
- Bump semver from 6.3.0 to 6.3.1 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/actions/setup-go/pull/396](https://togithub.com/actions/setup-go/pull/396)

##### New Contributors

- [@&#8203;mkelly](https://togithub.com/mkelly) made their first
contribution in
[https://github.com/actions/setup-go/pull/379](https://togithub.com/actions/setup-go/pull/379)
- [@&#8203;n3xem](https://togithub.com/n3xem) made their first
contribution in
[https://github.com/actions/setup-go/pull/367](https://togithub.com/actions/setup-go/pull/367)

**Full Changelog**:
actions/setup-go@v4...v4.1.0

</details>

<details>
<summary>github/codeql-action (github/codeql-action)</summary>

###
[`v2.21.3`](https://togithub.com/github/codeql-action/compare/v2.21.2...v2.21.3)

[Compare
Source](https://togithub.com/github/codeql-action/compare/v2.21.2...v2.21.3)

###
[`v2.21.2`](https://togithub.com/github/codeql-action/compare/v2.21.1...v2.21.2)

[Compare
Source](https://togithub.com/github/codeql-action/compare/v2.21.1...v2.21.2)

###
[`v2.21.1`](https://togithub.com/github/codeql-action/compare/v2.21.0...v2.21.1)

[Compare
Source](https://togithub.com/github/codeql-action/compare/v2.21.0...v2.21.1)

###
[`v2.21.0`](https://togithub.com/github/codeql-action/compare/v2.20.4...v2.21.0)

[Compare
Source](https://togithub.com/github/codeql-action/compare/v2.20.4...v2.21.0)

</details>

<details>
<summary>slsa-framework/slsa-github-generator
(slsa-framework/slsa-github-generator)</summary>

###
[`v1.8.0`](https://togithub.com/slsa-framework/slsa-github-generator/blob/HEAD/CHANGELOG.md#v180)

[Compare
Source](https://togithub.com/slsa-framework/slsa-github-generator/compare/v1.7.0...v1.8.0)

Release \[v1.8.0] includes bug fixes and new features.

See the [full change
list](https://togithub.com/slsa-framework/slsa-github-generator/compare/v1.7.0...v1.8.0).

##### v1.8.0: Generic Generator

-   **Added**: A new

[`base64-subjects-as-file`](https://togithub.com/slsa-framework/slsa-github-generator/blob/v1.8.0/internal/builders/generic/README.md#workflow-inputs)
    was added to allow for specifying a large subject list.

##### v1.8.0: Node.js Builder (beta)

-   **Fixed**: Publishing for non-scoped packages was fixed (See

[#&#8203;2359](https://togithub.com/slsa-framework/slsa-github-generator/issues/2359))
- **Fixed**: Documentation was updated to clarify that the GitHub
Actions
    `deployment` event is not supported.
- **Changed**: The file extension for the generated provenance file was
changed
from `.sigstore` to `.build.slsa` in order to make it easier to identify
    provenance files regardless of file format.
- **Fixed**: The publish action was fixed to address an issue with the
package
    name when using Node 16.

</details>

---

### Configuration

📅 **Schedule**: Branch creation - "every weekend" (UTC), Automerge - At
any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

👻 **Immortal**: This PR will be recreated if closed unmerged. Get
[config help](https://togithub.com/renovatebot/renovate/discussions) if
that's undesired.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View
repository job log
[here](https://developer.mend.io/github/slsa-framework/slsa-verifier).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNi4xMS4wIiwidXBkYXRlZEluVmVyIjoiMzYuMjcuMSIsInRhcmdldEJyYW5jaCI6Im1haW4ifQ==-->

Signed-off-by: Mend Renovate <bot@renovateapp.com>
v1v added a commit to v1v/setup-go that referenced this pull request Aug 15, 2023
…sion

* upstream/main: (47 commits)
  Fix Install on Windows is very slow (actions#393)
  Bump word-wrap from 1.2.3 to 1.2.4
  Fix licensing for Semver 6.3.1
  Rebuild after updating Semver
  Bump semver from 6.3.0 to 6.3.1
  Bump tough-cookie and @azure/ms-rest-js (actions#392)
  Limit to Linux only
  Add imageOS to primaryKey
  Add note about YAML parsing versions (actions#382)
  Added a description that go-version should be specified as a string type (actions#367)
  Update action.yml (actions#379)
  Move eslint-plugin-node to dev dependencies
  Install eslint-plugin-node
  Update configuration files
  Bump @actions/cache dependency to v3.2.1 (actions#374)
  Update xml2js (actions#370)
  Fix glob bug in package.json scripts section (actions#359)
  update README fo v4 (actions#354)
  Update configuration files (actions#348)
  Add Go bin if go-version input is empty (actions#351)
  ...
another-rex referenced this pull request in google/osv-scanner Aug 21, 2023
[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Type | Update | Change |
|---|---|---|---|
| [actions/setup-go](https://togithub.com/actions/setup-go) | action |
minor | `v4.0.1` -> `v4.1.0` |

---

### Release Notes

<details>
<summary>actions/setup-go (actions/setup-go)</summary>

###
[`v4.1.0`](https://togithub.com/actions/setup-go/releases/tag/v4.1.0)

[Compare
Source](https://togithub.com/actions/setup-go/compare/v4.0.1...v4.1.0)

##### What's Changed

In scope of this release, slow installation on Windows was fixed by
[@&#8203;dsame](https://togithub.com/dsame) in
[https://github.com/actions/setup-go/pull/393](https://togithub.com/actions/setup-go/pull/393)
and OS version was added to `primaryKey` for Ubuntu runners to avoid
conflicts
([https://github.com/actions/setup-go/pull/383](https://togithub.com/actions/setup-go/pull/383))

This release also includes the following changes:

- Remove implicit dependencies by
[@&#8203;nikolai-laevskii](https://togithub.com/nikolai-laevskii) in
[https://github.com/actions/setup-go/pull/378](https://togithub.com/actions/setup-go/pull/378)
- Update action.yml by [@&#8203;mkelly](https://togithub.com/mkelly) in
[https://github.com/actions/setup-go/pull/379](https://togithub.com/actions/setup-go/pull/379)
- Added a description that go-version should be specified as a string
type by [@&#8203;n3xem](https://togithub.com/n3xem) in
[https://github.com/actions/setup-go/pull/367](https://togithub.com/actions/setup-go/pull/367)
- Add note about YAML parsing versions by
[@&#8203;dmitry-shibanov](https://togithub.com/dmitry-shibanov) in
[https://github.com/actions/setup-go/pull/382](https://togithub.com/actions/setup-go/pull/382)
- Automatic update of configuration files from 05/23/2023 by
[@&#8203;github-actions](https://togithub.com/github-actions) in
[https://github.com/actions/setup-go/pull/377](https://togithub.com/actions/setup-go/pull/377)
- Bump tough-cookie and
[@&#8203;azure/ms-rest-js](https://togithub.com/azure/ms-rest-js) by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/actions/setup-go/pull/392](https://togithub.com/actions/setup-go/pull/392)
- Bump word-wrap from 1.2.3 to 1.2.4 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/actions/setup-go/pull/397](https://togithub.com/actions/setup-go/pull/397)
- Bump semver from 6.3.0 to 6.3.1 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/actions/setup-go/pull/396](https://togithub.com/actions/setup-go/pull/396)

##### New Contributors

- [@&#8203;mkelly](https://togithub.com/mkelly) made their first
contribution in
[https://github.com/actions/setup-go/pull/379](https://togithub.com/actions/setup-go/pull/379)
- [@&#8203;n3xem](https://togithub.com/n3xem) made their first
contribution in
[https://github.com/actions/setup-go/pull/367](https://togithub.com/actions/setup-go/pull/367)

**Full Changelog**:
actions/setup-go@v4...v4.1.0

</details>

---

### Configuration

📅 **Schedule**: Branch creation - "before 6am on monday" in timezone
Australia/Sydney, Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View
repository job log
[here](https://developer.mend.io/github/google/osv-scanner).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNi40My4yIiwidXBkYXRlZEluVmVyIjoiMzYuNDMuMiIsInRhcmdldEJyYW5jaCI6Im1haW4ifQ==-->
ianlewis referenced this pull request in slsa-framework/slsa-github-generator Oct 23, 2023
[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Type | Update | Change |
|---|---|---|---|
| actions/checkout | action | digest | `96f5310` -> `b4ffde6` |
| [actions/checkout](https://togithub.com/actions/checkout) | action |
minor | `v4.0.0` -> `v4.1.1` |
| [actions/setup-go](https://togithub.com/actions/setup-go) | action |
minor | `v4.0.1` -> `v4.1.0` |
| [actions/setup-java](https://togithub.com/actions/setup-java) | action
| minor | `v3.12.0` -> `v3.13.0` |
| [actions/setup-node](https://togithub.com/actions/setup-node) | action
| minor | `v3.7.0` -> `v3.8.1` |
| [actions/setup-node](https://togithub.com/actions/setup-node) | action
| digest | `e33196f` -> `5e21ff4` |
|
[actions/upload-artifact](https://togithub.com/actions/upload-artifact)
| action | patch | `v3.1.2` -> `v3.1.3` |
| [github/codeql-action](https://togithub.com/github/codeql-action) |
action | minor | `v2.21.2` -> `v2.22.4` |
|
[gradle/gradle-build-action](https://togithub.com/gradle/gradle-build-action)
| action | minor | `v2.7.0` -> `v2.9.0` |
| [ossf/scorecard-action](https://togithub.com/ossf/scorecard-action) |
action | minor | `v2.2.0` -> `v2.3.0` |
|
[sigstore/cosign-installer](https://togithub.com/sigstore/cosign-installer)
| action | patch | `v3.1.1` -> `v3.1.2` |

---

> [!WARNING]
> Some dependencies could not be looked up. Check the Dependency
Dashboard for more information.

---

### Release Notes

<details>
<summary>actions/checkout (actions/checkout)</summary>

###
[`v4.1.1`](https://togithub.com/actions/checkout/releases/tag/v4.1.1)

[Compare
Source](https://togithub.com/actions/checkout/compare/v4.1.0...v4.1.1)

##### What's Changed

- Update CODEOWNERS to Launch team by
[@&#8203;joshmgross](https://togithub.com/joshmgross) in
[https://github.com/actions/checkout/pull/1510](https://togithub.com/actions/checkout/pull/1510)
- Correct link to GitHub Docs by
[@&#8203;peterbe](https://togithub.com/peterbe) in
[https://github.com/actions/checkout/pull/1511](https://togithub.com/actions/checkout/pull/1511)
- Link to release page from what's new section by
[@&#8203;cory-miller](https://togithub.com/cory-miller) in
[https://github.com/actions/checkout/pull/1514](https://togithub.com/actions/checkout/pull/1514)

##### New Contributors

- [@&#8203;joshmgross](https://togithub.com/joshmgross) made their first
contribution in
[https://github.com/actions/checkout/pull/1510](https://togithub.com/actions/checkout/pull/1510)
- [@&#8203;peterbe](https://togithub.com/peterbe) made their first
contribution in
[https://github.com/actions/checkout/pull/1511](https://togithub.com/actions/checkout/pull/1511)

**Full Changelog**:
actions/checkout@v4...v4.1.1

###
[`v4.1.0`](https://togithub.com/actions/checkout/blob/HEAD/CHANGELOG.md#v410)

[Compare
Source](https://togithub.com/actions/checkout/compare/v4.0.0...v4.1.0)

- [Add support for partial checkout
filters](https://togithub.com/actions/checkout/pull/1396)

</details>

<details>
<summary>actions/setup-go (actions/setup-go)</summary>

###
[`v4.1.0`](https://togithub.com/actions/setup-go/releases/tag/v4.1.0)

[Compare
Source](https://togithub.com/actions/setup-go/compare/v4.0.1...v4.1.0)

#### What's Changed

In scope of this release, slow installation on Windows was fixed by
[@&#8203;dsame](https://togithub.com/dsame) in
[https://github.com/actions/setup-go/pull/393](https://togithub.com/actions/setup-go/pull/393)
and OS version was added to `primaryKey` for Ubuntu runners to avoid
conflicts
([https://github.com/actions/setup-go/pull/383](https://togithub.com/actions/setup-go/pull/383))

This release also includes the following changes:

- Remove implicit dependencies by
[@&#8203;nikolai-laevskii](https://togithub.com/nikolai-laevskii) in
[https://github.com/actions/setup-go/pull/378](https://togithub.com/actions/setup-go/pull/378)
- Update action.yml by [@&#8203;mkelly](https://togithub.com/mkelly) in
[https://github.com/actions/setup-go/pull/379](https://togithub.com/actions/setup-go/pull/379)
- Added a description that go-version should be specified as a string
type by [@&#8203;n3xem](https://togithub.com/n3xem) in
[https://github.com/actions/setup-go/pull/367](https://togithub.com/actions/setup-go/pull/367)
- Add note about YAML parsing versions by
[@&#8203;dmitry-shibanov](https://togithub.com/dmitry-shibanov) in
[https://github.com/actions/setup-go/pull/382](https://togithub.com/actions/setup-go/pull/382)
- Automatic update of configuration files from 05/23/2023 by
[@&#8203;github-actions](https://togithub.com/github-actions) in
[https://github.com/actions/setup-go/pull/377](https://togithub.com/actions/setup-go/pull/377)
- Bump tough-cookie and
[@&#8203;azure/ms-rest-js](https://togithub.com/azure/ms-rest-js) by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/actions/setup-go/pull/392](https://togithub.com/actions/setup-go/pull/392)
- Bump word-wrap from 1.2.3 to 1.2.4 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/actions/setup-go/pull/397](https://togithub.com/actions/setup-go/pull/397)
- Bump semver from 6.3.0 to 6.3.1 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/actions/setup-go/pull/396](https://togithub.com/actions/setup-go/pull/396)

#### New Contributors

- [@&#8203;mkelly](https://togithub.com/mkelly) made their first
contribution in
[https://github.com/actions/setup-go/pull/379](https://togithub.com/actions/setup-go/pull/379)
- [@&#8203;n3xem](https://togithub.com/n3xem) made their first
contribution in
[https://github.com/actions/setup-go/pull/367](https://togithub.com/actions/setup-go/pull/367)

**Full Changelog**:
actions/setup-go@v4...v4.1.0

</details>

<details>
<summary>actions/setup-java (actions/setup-java)</summary>

###
[`v3.13.0`](https://togithub.com/actions/setup-java/releases/tag/v3.13.0)

[Compare
Source](https://togithub.com/actions/setup-java/compare/v3.12.0...v3.13.0)

##### What's changed

In the scope of this release, support for Dragonwell JDK was added by
[@&#8203;Accelerator1996](https://togithub.com/Accelerator1996) in
[https://github.com/actions/setup-java/pull/532](https://togithub.com/actions/setup-java/pull/532)

```yaml
steps:
 - name: Checkout
   uses: actions/checkout@v3
 - name: Setup-java
   uses: actions/setup-java@v3
   with:
     distribution: 'dragonwell'
     java-version: '17'
```

Several inaccuracies were also fixed:

- Fix XML namespaces wrongly using https by
[@&#8203;gnodet](https://togithub.com/gnodet) in
[https://github.com/actions/setup-java/pull/503](https://togithub.com/actions/setup-java/pull/503)
- Fix typo and remove unintentional(?) word by
[@&#8203;CyberFlameGO](https://togithub.com/CyberFlameGO) in
[https://github.com/actions/setup-java/pull/518](https://togithub.com/actions/setup-java/pull/518)
- Fix usage link within the README.md file by
[@&#8203;dassiorleando](https://togithub.com/dassiorleando) in
[https://github.com/actions/setup-java/pull/525](https://togithub.com/actions/setup-java/pull/525)

##### New Contributors

- [@&#8203;CyberFlameGO](https://togithub.com/CyberFlameGO) made their
first contribution in
[https://github.com/actions/setup-java/pull/518](https://togithub.com/actions/setup-java/pull/518)
- [@&#8203;dassiorleando](https://togithub.com/dassiorleando) made their
first contribution in
[https://github.com/actions/setup-java/pull/525](https://togithub.com/actions/setup-java/pull/525)
- [@&#8203;gnodet](https://togithub.com/gnodet) made their first
contribution in
[https://github.com/actions/setup-java/pull/503](https://togithub.com/actions/setup-java/pull/503)
- [@&#8203;Accelerator1996](https://togithub.com/Accelerator1996) made
their first contribution in
[https://github.com/actions/setup-java/pull/532](https://togithub.com/actions/setup-java/pull/532)

**Full Changelog**:
actions/setup-java@v3...v3.13.0

</details>

<details>
<summary>actions/setup-node (actions/setup-node)</summary>

###
[`v3.8.1`](https://togithub.com/actions/setup-node/releases/tag/v3.8.1)

[Compare
Source](https://togithub.com/actions/setup-node/compare/v3.8.0...v3.8.1)

#### What's Changed

In scope of this release, the filter was removed within the cache-save
step by [@&#8203;dmitry-shibanov](https://togithub.com/dmitry-shibanov)
in
[https://github.com/actions/setup-node/pull/831](https://togithub.com/actions/setup-node/pull/831).
It is filtered and checked in the toolkit/cache library.

**Full Changelog**:
actions/setup-node@v3...v3.8.1

###
[`v3.8.0`](https://togithub.com/actions/setup-node/releases/tag/v3.8.0)

[Compare
Source](https://togithub.com/actions/setup-node/compare/v3.7.0...v3.8.0)

##### What's Changed

##### Bug fixes:

- Add check for existing paths by
[@&#8203;dmitry-shibanov](https://togithub.com/dmitry-shibanov) in
[https://github.com/actions/setup-node/pull/803](https://togithub.com/actions/setup-node/pull/803)
- Resolve SymbolicLink by
[@&#8203;dmitry-shibanov](https://togithub.com/dmitry-shibanov) in
[https://github.com/actions/setup-node/pull/809](https://togithub.com/actions/setup-node/pull/809)
- Change passing logic for cache input by
[@&#8203;dmitry-shibanov](https://togithub.com/dmitry-shibanov) in
[https://github.com/actions/setup-node/pull/816](https://togithub.com/actions/setup-node/pull/816)
- Fix armv7 cache issue by
[@&#8203;louislam](https://togithub.com/louislam) in
[https://github.com/actions/setup-node/pull/794](https://togithub.com/actions/setup-node/pull/794)
- Update check-dist workflow name by
[@&#8203;sinchang](https://togithub.com/sinchang) in
[https://github.com/actions/setup-node/pull/710](https://togithub.com/actions/setup-node/pull/710)

##### Feature implementations:

- feat: handling the case where "node" is used for tool-versions file.
by [@&#8203;xytis](https://togithub.com/xytis) in
[https://github.com/actions/setup-node/pull/812](https://togithub.com/actions/setup-node/pull/812)

##### Documentation changes:

- Refer to semver package name in README.md by
[@&#8203;olleolleolle](https://togithub.com/olleolleolle) in
[https://github.com/actions/setup-node/pull/808](https://togithub.com/actions/setup-node/pull/808)

##### Update dependencies:

- Update toolkit cache to fix zstd by
[@&#8203;dmitry-shibanov](https://togithub.com/dmitry-shibanov) in
[https://github.com/actions/setup-node/pull/804](https://togithub.com/actions/setup-node/pull/804)
- Bump tough-cookie and
[@&#8203;azure/ms-rest-js](https://togithub.com/azure/ms-rest-js) by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/actions/setup-node/pull/802](https://togithub.com/actions/setup-node/pull/802)
- Bump semver from 6.1.2 to 6.3.1 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/actions/setup-node/pull/807](https://togithub.com/actions/setup-node/pull/807)
- Bump word-wrap from 1.2.3 to 1.2.4 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/actions/setup-node/pull/815](https://togithub.com/actions/setup-node/pull/815)

##### New Contributors

- [@&#8203;olleolleolle](https://togithub.com/olleolleolle) made their
first contribution in
[https://github.com/actions/setup-node/pull/808](https://togithub.com/actions/setup-node/pull/808)
- [@&#8203;louislam](https://togithub.com/louislam) made their first
contribution in
[https://github.com/actions/setup-node/pull/794](https://togithub.com/actions/setup-node/pull/794)
- [@&#8203;sinchang](https://togithub.com/sinchang) made their first
contribution in
[https://github.com/actions/setup-node/pull/710](https://togithub.com/actions/setup-node/pull/710)
- [@&#8203;xytis](https://togithub.com/xytis) made their first
contribution in
[https://github.com/actions/setup-node/pull/812](https://togithub.com/actions/setup-node/pull/812)

**Full Changelog**:
actions/setup-node@v3...v3.8.0

</details>

<details>
<summary>actions/upload-artifact (actions/upload-artifact)</summary>

###
[`v3.1.3`](https://togithub.com/actions/upload-artifact/releases/tag/v3.1.3)

[Compare
Source](https://togithub.com/actions/upload-artifact/compare/v3.1.2...v3.1.3)

#### What's Changed

- chore(github): remove trailing whitespaces by
[@&#8203;ljmf00](https://togithub.com/ljmf00) in
[https://github.com/actions/upload-artifact/pull/313](https://togithub.com/actions/upload-artifact/pull/313)
- Bump [@&#8203;actions/artifact](https://togithub.com/actions/artifact)
version to v1.1.2 by
[@&#8203;bethanyj28](https://togithub.com/bethanyj28) in
[https://github.com/actions/upload-artifact/pull/436](https://togithub.com/actions/upload-artifact/pull/436)

**Full Changelog**:
actions/upload-artifact@v3...v3.1.3

</details>

<details>
<summary>github/codeql-action (github/codeql-action)</summary>

###
[`v2.22.4`](https://togithub.com/github/codeql-action/compare/v2.22.3...v2.22.4)

[Compare
Source](https://togithub.com/github/codeql-action/compare/v2.22.3...v2.22.4)

###
[`v2.22.3`](https://togithub.com/github/codeql-action/compare/v2.22.2...v2.22.3)

[Compare
Source](https://togithub.com/github/codeql-action/compare/v2.22.2...v2.22.3)

###
[`v2.22.2`](https://togithub.com/github/codeql-action/compare/v2.22.1...v2.22.2)

[Compare
Source](https://togithub.com/github/codeql-action/compare/v2.22.1...v2.22.2)

###
[`v2.22.1`](https://togithub.com/github/codeql-action/compare/v2.22.0...v2.22.1)

[Compare
Source](https://togithub.com/github/codeql-action/compare/v2.22.0...v2.22.1)

###
[`v2.22.0`](https://togithub.com/github/codeql-action/compare/v2.21.9...v2.22.0)

[Compare
Source](https://togithub.com/github/codeql-action/compare/v2.21.9...v2.22.0)

###
[`v2.21.9`](https://togithub.com/github/codeql-action/compare/v2.21.8...v2.21.9)

[Compare
Source](https://togithub.com/github/codeql-action/compare/v2.21.8...v2.21.9)

###
[`v2.21.8`](https://togithub.com/github/codeql-action/compare/v2.21.7...v2.21.8)

[Compare
Source](https://togithub.com/github/codeql-action/compare/v2.21.7...v2.21.8)

###
[`v2.21.7`](https://togithub.com/github/codeql-action/compare/v2.21.6...v2.21.7)

[Compare
Source](https://togithub.com/github/codeql-action/compare/v2.21.6...v2.21.7)

###
[`v2.21.6`](https://togithub.com/github/codeql-action/compare/v2.21.5...v2.21.6)

[Compare
Source](https://togithub.com/github/codeql-action/compare/v2.21.5...v2.21.6)

###
[`v2.21.5`](https://togithub.com/github/codeql-action/compare/v2.21.4...v2.21.5)

[Compare
Source](https://togithub.com/github/codeql-action/compare/v2.21.4...v2.21.5)

###
[`v2.21.4`](https://togithub.com/github/codeql-action/compare/v2.21.3...v2.21.4)

[Compare
Source](https://togithub.com/github/codeql-action/compare/v2.21.3...v2.21.4)

###
[`v2.21.3`](https://togithub.com/github/codeql-action/compare/v2.21.2...v2.21.3)

[Compare
Source](https://togithub.com/github/codeql-action/compare/v2.21.2...v2.21.3)

</details>

<details>
<summary>gradle/gradle-build-action
(gradle/gradle-build-action)</summary>

###
[`v2.9.0`](https://togithub.com/gradle/gradle-build-action/releases/tag/v2.9.0)

[Compare
Source](https://togithub.com/gradle/gradle-build-action/compare/v2.8.1...v2.9.0)

The GitHub
[dependency-review-action](https://togithub.com/actions/dependency-review-action)
helps you understand dependency changes (and the security impact of
these changes) for a pull request. This release updates the GItHub
Dependency Graph support to be compatible with the
`dependency-review-action`.

See [the
documentation](https://togithub.com/gradle/gradle-build-action#integrating-the-dependency-review-action)
for detailed examples.

##### Changelog

- \[FIX] Use correct SHA for `pull-request` events
[#&#8203;882](https://togithub.com/gradle/gradle-build-action/issues/882)
- \[FIX] Avoid generating dependency graph during cache cleanup
[#&#8203;905](https://togithub.com/gradle/gradle-build-action/issues/905)
-   \[NEW] Improve warning on failure to submit dependency graph
- \[NEW] Compatibility with GitHub `dependency-review-action`
[#&#8203;879](https://togithub.com/gradle/gradle-build-action/issues/879)

**Full-changelog**:
gradle/gradle-build-action@v2.8.1...v2.9.0

###
[`v2.8.1`](https://togithub.com/gradle/gradle-build-action/releases/tag/v2.8.1)

[Compare
Source](https://togithub.com/gradle/gradle-build-action/compare/v2.8.0...v2.8.1)

Fixes an issue that prevented Dependency Graph submission when running
on GitHub Enterprise Server.

##### Fixes

- Incorrect endpoint used to submit Dependency Graph on GitHub
Enterprise
[#&#8203;885](https://togithub.com/gradle/gradle-build-action/issues/885)

##### Changelog

###
[`v2.8.0`](https://togithub.com/gradle/gradle-build-action/releases/tag/v2.8.0)

[Compare
Source](https://togithub.com/gradle/gradle-build-action/compare/v2.7.1...v2.8.0)

The `v2.8.0` release of the `gradle-build-action` introduces an easy
mechanism to connect to Gradle Enterprise, as well improved support for
self-hosted GitHub Actions runners.

##### Automatic injection of Gradle Enterprise connectivity

It is now possible to connect a Gradle build to Gradle Enterprise
without changing any of the Gradle project sources. This is achieved
through Gradle Enterprise injection, where an init-script will apply the
Gradle Enterprise plugin and associated configuration.

This feature can be useful to easily trial Gradle Enterprise on a
project, or to centralize Gradle Enterprise configuration for all GitHub
Actions workflows in an organization.

See [Gradle Enterprise injection in the
README](https://togithub.com/gradle/gradle-build-action/blob/v2.8.0/README.md#gradle-enterprise-plugin-injection)
for more info.

##### Restore Gradle User Home when directory already exists

Previously, the Gradle User Home would not be restored if the directory
already exists. This wasn't normally an issue with GitHub-hosted
runners, but limited the usefulness of the action for persistent,
self-hosted runners.

This behaviour has been improved in this release:

- The Job Summary now includes a useful error message when Gradle User
Home was not restored because the directory already exists.
- The action can now be configured to restore the Gradle User Home when
the directory already exists, overwriting existing content with content
from the GitHub Actions cache. See
https://github.com/gradle/gradle-build-action#overwriting-an-existing-gradle-user-home
for more details.

##### Changes

**Issues fixed**:
https://github.com/gradle/gradle-build-action/issues?q=milestone%3A2.8.0+is%3Aclosed
**Full changelog**:
gradle/gradle-build-action@v2.7.1...v2.8.0

###
[`v2.7.1`](https://togithub.com/gradle/gradle-build-action/releases/tag/v2.7.1)

[Compare
Source](https://togithub.com/gradle/gradle-build-action/compare/v2.7.0...v2.7.1)

This release contains no code changes, only dependency updates and
documentation improvements.

##### Changelog

</details>

<details>
<summary>ossf/scorecard-action (ossf/scorecard-action)</summary>

###
[`v2.3.0`](https://togithub.com/ossf/scorecard-action/releases/tag/v2.3.0)

[Compare
Source](https://togithub.com/ossf/scorecard-action/compare/v2.2.0...v2.3.0)

#### What's Changed

- 🌱 Bump github.com/ossf/scorecard/v4 from v4.11.0 to v4.13.0
by [@&#8203;spencerschrock](https://togithub.com/spencerschrock) in
[https://github.com/ossf/scorecard-action/pull/1270](https://togithub.com/ossf/scorecard-action/pull/1270)
- For a full changelist of what this includes, see the
[v4.12.0](https://togithub.com/ossf/scorecard/releases/tag/v4.12.0) and
[v4.13.0](https://togithub.com/ossf/scorecard/releases/tag/v4.13.0)
release notes
- ✨ Send rekor tlog index to webapp when publishing results by
[@&#8203;spencerschrock](https://togithub.com/spencerschrock) in
[https://github.com/ossf/scorecard-action/pull/1169](https://togithub.com/ossf/scorecard-action/pull/1169)
- 🐛 Prevent url clipping for GHES instances by
[@&#8203;rajbos](https://togithub.com/rajbos) in
[https://github.com/ossf/scorecard-action/pull/1225](https://togithub.com/ossf/scorecard-action/pull/1225)

##### Documentation

- 📖 Update access rights needed to see the results in code scanning
by [@&#8203;rajbos](https://togithub.com/rajbos) in
[https://github.com/ossf/scorecard-action/pull/1229](https://togithub.com/ossf/scorecard-action/pull/1229)
- 📖 Add package comments. by
[@&#8203;spencerschrock](https://togithub.com/spencerschrock) in
[https://github.com/ossf/scorecard-action/pull/1221](https://togithub.com/ossf/scorecard-action/pull/1221)
- 📖 Add SECURITY.md file by
[@&#8203;david-a-wheeler](https://togithub.com/david-a-wheeler) in
[https://github.com/ossf/scorecard-action/pull/1250](https://togithub.com/ossf/scorecard-action/pull/1250)
- 📖 Fix typo in token input docs by
[@&#8203;aabouzaid](https://togithub.com/aabouzaid) in
[https://github.com/ossf/scorecard-action/pull/1258](https://togithub.com/ossf/scorecard-action/pull/1258)

#### New Contributors

- [@&#8203;david-a-wheeler](https://togithub.com/david-a-wheeler) made
their first contribution in
[https://github.com/ossf/scorecard-action/pull/1250](https://togithub.com/ossf/scorecard-action/pull/1250)
- [@&#8203;aabouzaid](https://togithub.com/aabouzaid) made their first
contribution in
[https://github.com/ossf/scorecard-action/pull/1258](https://togithub.com/ossf/scorecard-action/pull/1258)

**Full Changelog**:
ossf/scorecard-action@v2.2.0...v2.3.0

</details>

<details>
<summary>sigstore/cosign-installer (sigstore/cosign-installer)</summary>

###
[`v3.1.2`](https://togithub.com/sigstore/cosign-installer/releases/tag/v3.1.2)

[Compare
Source](https://togithub.com/sigstore/cosign-installer/compare/v3.1.1...v3.1.2)

#### What's Changed

- Fix build and push step Readme missing id by
[@&#8203;hbenali](https://togithub.com/hbenali) in
[https://github.com/sigstore/cosign-installer/pull/138](https://togithub.com/sigstore/cosign-installer/pull/138)
- bump cosign to v2.2.0 by
[@&#8203;cpanato](https://togithub.com/cpanato) in
[https://github.com/sigstore/cosign-installer/pull/142](https://togithub.com/sigstore/cosign-installer/pull/142)

#### New Contributors

- [@&#8203;hbenali](https://togithub.com/hbenali) made their first
contribution in
[https://github.com/sigstore/cosign-installer/pull/138](https://togithub.com/sigstore/cosign-installer/pull/138)

**Full Changelog**:
sigstore/cosign-installer@v3...v3.1.2

</details>

---

### Configuration

📅 **Schedule**: Branch creation - "every weekend" (UTC), Automerge - At
any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

👻 **Immortal**: This PR will be recreated if closed unmerged. Get
[config help](https://togithub.com/renovatebot/renovate/discussions) if
that's undesired.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View
repository job log
[here](https://developer.mend.io/github/slsa-framework/slsa-github-generator).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy44LjEiLCJ1cGRhdGVkSW5WZXIiOiIzNy4xOS4yIiwidGFyZ2V0QnJhbmNoIjoibWFpbiJ9-->

Signed-off-by: Mend Renovate <bot@renovateapp.com>
julioc-lopez pushed a commit to julioc-lopez/zk that referenced this pull request Dec 8, 2023
Bumps actions/setup-go from 4 to 5.

Release notes
Sourced from actions/setup-go's releases.

v5.0.0
What's Changed
In scope of this release, we change Nodejs runtime from node16 to node20 (actions/setup-go#421). Moreover, we update some dependencies to the latest versions (actions/setup-go#445).

Besides, this release contains such changes as:

Fix hosted tool cache usage on windows by @​galargh in actions/setup-go#411
Improve documentation regarding dependencies caching by @​artemgavrilov in actions/setup-go#417
New Contributors
@​galargh made their first contribution in actions/setup-go#411
@​artemgavrilov made their first contribution in actions/setup-go#417
@​chenrui333 made their first contribution in actions/setup-go#421
Full Changelog: actions/setup-go@v4...v5.0.0

v4.1.0
What's Changed
In scope of this release, slow installation on Windows was fixed by @​dsame in actions/setup-go#393 and OS version was added to primaryKey for Ubuntu runners to avoid conflicts (actions/setup-go#383)

This release also includes the following changes:

Remove implicit dependencies by @​nikolai-laevskii in actions/setup-go#378
Update action.yml by @​mkelly in actions/setup-go#379
Added a description that go-version should be specified as a string type by @​n3xem in actions/setup-go#367
Add note about YAML parsing versions by @​dmitry-shibanov in actions/setup-go#382
Automatic update of configuration files from 05/23/2023 by @​github-actions in actions/setup-go#377
Bump tough-cookie and @​azure/ms-rest-js by @​dependabot in actions/setup-go#392
Bump word-wrap from 1.2.3 to 1.2.4 by @​dependabot in actions/setup-go#397
Bump semver from 6.3.0 to 6.3.1 by @​dependabot in actions/setup-go#396
New Contributors
@​mkelly made their first contribution in actions/setup-go#379
@​n3xem made their first contribution in actions/setup-go#367
Full Changelog: actions/setup-go@v4...v4.1.0

v4.0.1
What's Changed
Update documentation for v4 by @​dsame in actions/setup-go#354
Fix glob bug in the package.json scripts section by @​IvanZosimov in actions/setup-go#359
Bump xml2js dependency by @​dmitry-shibanov in actions/setup-go#370
Bump @actions/cache dependency to v3.2.1 by @​nikolai-laevskii in actions/setup-go#374
New Contributors
@​nikolai-laevskii made their first contribution in actions/setup-go#374
Full Changelog: actions/setup-go@v4...v4.0.1
julioc-lopez pushed a commit to julioc-lopez/zk that referenced this pull request Dec 8, 2023
Bumps actions/setup-go from 4 to 5.

Release notes
Sourced from actions/setup-go's releases.

v5.0.0
What's Changed
In scope of this release, we change Nodejs runtime from node16 to node20 (actions/setup-go#421). Moreover, we update some dependencies to the latest versions (actions/setup-go#445).

Besides, this release contains such changes as:

Fix hosted tool cache usage on windows by @​galargh in actions/setup-go#411
Improve documentation regarding dependencies caching by @​artemgavrilov in actions/setup-go#417
New Contributors
@​galargh made their first contribution in actions/setup-go#411
@​artemgavrilov made their first contribution in actions/setup-go#417
@​chenrui333 made their first contribution in actions/setup-go#421
Full Changelog: actions/setup-go@v4...v5.0.0

v4.1.0
What's Changed
In scope of this release, slow installation on Windows was fixed by @​dsame in actions/setup-go#393 and OS version was added to primaryKey for Ubuntu runners to avoid conflicts (actions/setup-go#383)

This release also includes the following changes:

Remove implicit dependencies by @​nikolai-laevskii in actions/setup-go#378
Update action.yml by @​mkelly in actions/setup-go#379
Added a description that go-version should be specified as a string type by @​n3xem in actions/setup-go#367
Add note about YAML parsing versions by @​dmitry-shibanov in actions/setup-go#382
Automatic update of configuration files from 05/23/2023 by @​github-actions in actions/setup-go#377
Bump tough-cookie and @​azure/ms-rest-js by @​dependabot in actions/setup-go#392
Bump word-wrap from 1.2.3 to 1.2.4 by @​dependabot in actions/setup-go#397
Bump semver from 6.3.0 to 6.3.1 by @​dependabot in actions/setup-go#396
New Contributors
@​mkelly made their first contribution in actions/setup-go#379
@​n3xem made their first contribution in actions/setup-go#367
Full Changelog: actions/setup-go@v4...v4.1.0

v4.0.1
What's Changed
Update documentation for v4 by @​dsame in actions/setup-go#354
Fix glob bug in the package.json scripts section by @​IvanZosimov in actions/setup-go#359
Bump xml2js dependency by @​dmitry-shibanov in actions/setup-go#370
Bump @actions/cache dependency to v3.2.1 by @​nikolai-laevskii in actions/setup-go#374
New Contributors
@​nikolai-laevskii made their first contribution in actions/setup-go#374
Full Changelog: actions/setup-go@v4...v4.0.1
julioc-lopez pushed a commit to julioc-lopez/zk that referenced this pull request Dec 8, 2023
Bumps actions/setup-go from 4 to 5.

Release notes
Sourced from actions/setup-go's releases.

v5.0.0
What's Changed
In scope of this release, we change Nodejs runtime from node16 to node20 (actions/setup-go#421). Moreover, we update some dependencies to the latest versions (actions/setup-go#445).

Besides, this release contains such changes as:

Fix hosted tool cache usage on windows by @​galargh in actions/setup-go#411
Improve documentation regarding dependencies caching by @​artemgavrilov in actions/setup-go#417
New Contributors
@​galargh made their first contribution in actions/setup-go#411
@​artemgavrilov made their first contribution in actions/setup-go#417
@​chenrui333 made their first contribution in actions/setup-go#421
Full Changelog: actions/setup-go@v4...v5.0.0

v4.1.0
What's Changed
In scope of this release, slow installation on Windows was fixed by @​dsame in actions/setup-go#393 and OS version was added to primaryKey for Ubuntu runners to avoid conflicts (actions/setup-go#383)

This release also includes the following changes:

Remove implicit dependencies by @​nikolai-laevskii in actions/setup-go#378
Update action.yml by @​mkelly in actions/setup-go#379
Added a description that go-version should be specified as a string type by @​n3xem in actions/setup-go#367
Add note about YAML parsing versions by @​dmitry-shibanov in actions/setup-go#382
Automatic update of configuration files from 05/23/2023 by @​github-actions in actions/setup-go#377
Bump tough-cookie and @​azure/ms-rest-js by @​dependabot in actions/setup-go#392
Bump word-wrap from 1.2.3 to 1.2.4 by @​dependabot in actions/setup-go#397
Bump semver from 6.3.0 to 6.3.1 by @​dependabot in actions/setup-go#396
New Contributors
@​mkelly made their first contribution in actions/setup-go#379
@​n3xem made their first contribution in actions/setup-go#367
Full Changelog: actions/setup-go@v4...v4.1.0

v4.0.1
What's Changed
Update documentation for v4 by @​dsame in actions/setup-go#354
Fix glob bug in the package.json scripts section by @​IvanZosimov in actions/setup-go#359
Bump xml2js dependency by @​dmitry-shibanov in actions/setup-go#370
Bump @actions/cache dependency to v3.2.1 by @​nikolai-laevskii in actions/setup-go#374
New Contributors
@​nikolai-laevskii made their first contribution in actions/setup-go#374
Full Changelog: actions/setup-go@v4...v4.0.1
julioc-lopez pushed a commit to julioc-lopez/zk that referenced this pull request Jan 9, 2024
Bumps actions/setup-go from 4 to 5.

Release notes
Sourced from actions/setup-go's releases.

v5.0.0
What's Changed
In scope of this release, we change Nodejs runtime from node16 to node20 (actions/setup-go#421). Moreover, we update some dependencies to the latest versions (actions/setup-go#445).

Besides, this release contains such changes as:

Fix hosted tool cache usage on windows by @​galargh in actions/setup-go#411
Improve documentation regarding dependencies caching by @​artemgavrilov in actions/setup-go#417
New Contributors
@​galargh made their first contribution in actions/setup-go#411
@​artemgavrilov made their first contribution in actions/setup-go#417
@​chenrui333 made their first contribution in actions/setup-go#421
Full Changelog: actions/setup-go@v4...v5.0.0

v4.1.0
What's Changed
In scope of this release, slow installation on Windows was fixed by @​dsame in actions/setup-go#393 and OS version was added to primaryKey for Ubuntu runners to avoid conflicts (actions/setup-go#383)

This release also includes the following changes:

Remove implicit dependencies by @​nikolai-laevskii in actions/setup-go#378
Update action.yml by @​mkelly in actions/setup-go#379
Added a description that go-version should be specified as a string type by @​n3xem in actions/setup-go#367
Add note about YAML parsing versions by @​dmitry-shibanov in actions/setup-go#382
Automatic update of configuration files from 05/23/2023 by @​github-actions in actions/setup-go#377
Bump tough-cookie and @​azure/ms-rest-js by @​dependabot in actions/setup-go#392
Bump word-wrap from 1.2.3 to 1.2.4 by @​dependabot in actions/setup-go#397
Bump semver from 6.3.0 to 6.3.1 by @​dependabot in actions/setup-go#396
New Contributors
@​mkelly made their first contribution in actions/setup-go#379
@​n3xem made their first contribution in actions/setup-go#367
Full Changelog: actions/setup-go@v4...v4.1.0

v4.0.1
What's Changed
Update documentation for v4 by @​dsame in actions/setup-go#354
Fix glob bug in the package.json scripts section by @​IvanZosimov in actions/setup-go#359
Bump xml2js dependency by @​dmitry-shibanov in actions/setup-go#370
Bump @actions/cache dependency to v3.2.1 by @​nikolai-laevskii in actions/setup-go#374
New Contributors
@​nikolai-laevskii made their first contribution in actions/setup-go#374
Full Changelog: actions/setup-go@v4...v4.0.1
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants