From 697285f3b5fa8cd180011aa791ffaa034c556f8d Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Tue, 9 Jan 2024 16:34:48 +0000
Subject: [PATCH] build(deps): bump the actions group with 4 updates

Bumps the actions group with 4 updates: [actions/upload-artifact](https://github.com/actions/upload-artifact), [actions/checkout](https://github.com/actions/checkout), [actions/setup-python](https://github.com/actions/setup-python) and [actions/download-artifact](https://github.com/actions/download-artifact).


Updates `actions/upload-artifact` from 3 to 4
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](https://github.com/actions/upload-artifact/compare/v3...v4)

Updates `actions/checkout` from 3 to 4
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v3...v4)

Updates `actions/setup-python` from 4 to 5
- [Release notes](https://github.com/actions/setup-python/releases)
- [Commits](https://github.com/actions/setup-python/compare/v4...v5)

Updates `actions/download-artifact` from 3 to 4
- [Release notes](https://github.com/actions/download-artifact/releases)
- [Commits](https://github.com/actions/download-artifact/compare/v3...v4)

---
updated-dependencies:
- dependency-name: actions/upload-artifact
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: actions
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: actions
- dependency-name: actions/setup-python
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: actions
- dependency-name: actions/download-artifact
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: actions
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 .github/workflows/ci.yml       |  4 ++--
 .github/workflows/release.yml  |  2 +-
 .github/workflows/selftest.yml | 26 +++++++++++++-------------
 .github/workflows/semgrep.yml  |  2 +-
 action.yml                     |  2 +-
 5 files changed, 18 insertions(+), 18 deletions(-)

diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml
index bef3871..7fe68e7 100644
--- a/.github/workflows/ci.yml
+++ b/.github/workflows/ci.yml
@@ -10,8 +10,8 @@ jobs:
   lint:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v3
-      - uses: actions/setup-python@v4
+      - uses: actions/checkout@v4
+      - uses: actions/setup-python@v5
         with:
           python-version: "3.x"
       - name: lint
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 3183fc3..70297e2 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -16,7 +16,7 @@ jobs:
   release:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
 
       - name: sign
         uses: ./
diff --git a/.github/workflows/selftest.yml b/.github/workflows/selftest.yml
index d213d33..44496c2 100644
--- a/.github/workflows/selftest.yml
+++ b/.github/workflows/selftest.yml
@@ -22,8 +22,8 @@ jobs:
     runs-on: ${{ matrix.os }}
     if: (github.event_name != 'pull_request') || !github.event.pull_request.head.repo.fork
     steps:
-      - uses: actions/checkout@v3
-      - uses: actions/setup-python@v4
+      - uses: actions/checkout@v4
+      - uses: actions/setup-python@v5
         if: ${{ matrix.os != 'ubuntu-latest' }}
         with:
           python-version: "3.x"
@@ -49,7 +49,7 @@ jobs:
           - "/tmp/extremely-nonexistent-file"
     if: (github.event_name != 'pull_request') || !github.event.pull_request.head.repo.fork
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
       - name: Sign artifact and publish signature
         continue-on-error: true
         uses: ./
@@ -70,7 +70,7 @@ jobs:
     runs-on: ubuntu-latest
     if: (github.event_name != 'pull_request') || !github.event.pull_request.head.repo.fork
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
       - name: Sign artifact and publish signature
         uses: ./
         id: sigstore-python
@@ -86,7 +86,7 @@ jobs:
     runs-on: ubuntu-latest
     if: (github.event_name != 'pull_request') || !github.event.pull_request.head.repo.fork
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
       - name: Sign artifacts and publish signatures
         uses: ./
         id: sigstore-python
@@ -106,7 +106,7 @@ jobs:
       TEST_DIR: test
     if: (github.event_name != 'pull_request') || !github.event.pull_request.head.repo.fork
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
       - name: Sign artifacts and publish signatures
         continue-on-error: true
         uses: ./
@@ -130,7 +130,7 @@ jobs:
     runs-on: ubuntu-latest
     if: (github.event_name != 'pull_request') || !github.event.pull_request.head.repo.fork
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
       - name: Sign artifacts and publish signatures
         uses: ./
         id: sigstore-python
@@ -153,7 +153,7 @@ jobs:
     runs-on: ubuntu-latest
     if: (github.event_name != 'pull_request') || !github.event.pull_request.head.repo.fork
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
       - name: Sign artifact and publish signature
         uses: ./
         id: sigstore-python
@@ -162,7 +162,7 @@ jobs:
           staging: true
           upload-signing-artifacts: true
           internal-be-careful-debug: true
-      - uses: actions/download-artifact@v3
+      - uses: actions/download-artifact@v4
         with:
           name: "signing-artifacts-${{ github.job }}"
           path: ./test/uploaded
@@ -176,7 +176,7 @@ jobs:
     runs-on: ubuntu-latest
     if: (github.event_name != 'pull_request') || !github.event.pull_request.head.repo.fork
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
       - name: Sign artifact and publish signature
         uses: ./
         id: sigstore-python
@@ -197,7 +197,7 @@ jobs:
     runs-on: ubuntu-latest
     if: (github.event_name != 'pull_request') || !github.event.pull_request.head.repo.fork
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
       - name: Sign artifact and publish signature
         uses: ./
         id: sigstore-python
@@ -233,7 +233,7 @@ jobs:
 
     if: (github.event_name != 'pull_request') || !github.event.pull_request.head.repo.fork
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
       - name: Sign artifact and publish signature
         continue-on-error: true
         uses: ./
@@ -259,7 +259,7 @@ jobs:
     runs-on: ubuntu-latest
     if: (github.event_name != 'pull_request') || !github.event.pull_request.head.repo.fork
     steps:
-      - uses: actions/checkout@v3
+      - uses: actions/checkout@v4
       - name: Get OIDC token
         id: get-oidc-token
         run: |
diff --git a/.github/workflows/semgrep.yml b/.github/workflows/semgrep.yml
index 08e15a6..1df680c 100644
--- a/.github/workflows/semgrep.yml
+++ b/.github/workflows/semgrep.yml
@@ -18,5 +18,5 @@ jobs:
     container:
       image: returntocorp/semgrep
     steps:
-    - uses: actions/checkout@v3
+    - uses: actions/checkout@v4
     - run: semgrep ci
diff --git a/action.yml b/action.yml
index b20d943..70a8702 100644
--- a/action.yml
+++ b/action.yml
@@ -132,7 +132,7 @@ runs:
         GHA_SIGSTORE_PYTHON_INPUTS: "${{ inputs.inputs }}"
       shell: bash
 
-    - uses: actions/upload-artifact@v3
+    - uses: actions/upload-artifact@v4
       if: inputs.upload-signing-artifacts == 'true'
       with:
         name: "signing-artifacts-${{ github.job }}"