Bump the all-actions group with 5 updates

[dependabot]

Bumps the all-actions group with 5 updates:

Package	From	To
actions/checkout	2	4
actions/setup-dotnet	1	4
actions/setup-node	1	4
zaproxy/action-baseline	0.4.0	0.11.0
SonarSource/sonarcloud-github-action	1.6	2.1

Updates actions/checkout from 2 to 4

Release notes

Sourced from actions/checkout's releases.

v4.0.0

What's Changed

• Update default runtime to node20 by @​takost in actions/checkout#1436
• Support fetching without the --progress option by @​simonbaird in actions/checkout#1067
• Release 4.0.0 by @​takost in actions/checkout#1447

New Contributors

• @​takost made their first contribution in actions/checkout#1436
• @​simonbaird made their first contribution in actions/checkout#1067

Full Changelog: actions/checkout@v3...v4.0.0

v3.6.0

What's Changed

• Mark test scripts with Bash'isms to be run via Bash by @​dscho in actions/checkout#1377
• Add option to fetch tags even if fetch-depth > 0 by @​RobertWieczoreck in actions/checkout#579
• Release 3.6.0 by @​luketomlinson in actions/checkout#1437

New Contributors

• @​RobertWieczoreck made their first contribution in actions/checkout#579
• @​luketomlinson made their first contribution in actions/checkout#1437

Full Changelog: actions/checkout@v3.5.3...v3.6.0

v3.5.3

What's Changed

• Fix: Checkout Issue in self hosted runner due to faulty submodule check-ins by @​megamanics in actions/checkout#1196
• Fix typos found by codespell by @​DimitriPapadopoulos in actions/checkout#1287
• Add support for sparse checkouts by @​dscho and @​dfdez in actions/checkout#1369
• Release v3.5.3 by @​TingluoHuang in actions/checkout#1376

New Contributors

• @​megamanics made their first contribution in actions/checkout#1196
• @​DimitriPapadopoulos made their first contribution in actions/checkout#1287
• @​dfdez made their first contribution in actions/checkout#1369

Full Changelog: actions/checkout@v3...v3.5.3

v3.5.2

What's Changed

• Fix: Use correct API url / endpoint in GHES by @​fhammerl in actions/checkout#1289 based on #1286 by @​1newsr

Full Changelog: actions/checkout@v3.5.1...v3.5.2

v3.5.1

What's Changed

• Improve checkout performance on Windows runners by upgrading @​actions/github dependency by @​BrettDong in actions/checkout#1246

New Contributors

• @​BrettDong made their first contribution in actions/checkout#1246

... (truncated)

Changelog

Sourced from actions/checkout's changelog.

Changelog

v4.1.0

• Add support for partial checkout filters

v4.0.0

• Support fetching without the --progress option
• Update to node20

v3.6.0

• Fix: Mark test scripts with Bash'isms to be run via Bash
• Add option to fetch tags even if fetch-depth > 0

v3.5.3

• Fix: Checkout fail in self-hosted runners when faulty submodule are checked-in
• Fix typos found by codespell
• Add support for sparse checkouts

v3.5.2

• Fix api endpoint for GHES

v3.5.1

• Fix slow checkout on Windows

v3.5.0

• Add new public key for known_hosts

v3.4.0

• Upgrade codeql actions to v2
• Upgrade dependencies
• Upgrade @​actions/io

v3.3.0

• Implement branch list using callbacks from exec function
• Add in explicit reference to private checkout options
• [Fix comment typos (that got added in #770)](actions/checkout#1057)

v3.2.0

• Add GitHub Action to perform release
• Fix status badge
• Replace datadog/squid with ubuntu/squid Docker image
• Wrap pipeline commands for submoduleForeach in quotes
• Update @​actions/io to 1.1.2
• Upgrading version to 3.2.0

v3.1.0

• Use @​actions/core saveState and getState
• Add github-server-url input

v3.0.2

... (truncated)

Commits

• b4ffde6 Link to release page from what's new section (#1514)
• 8530928 Correct link to GitHub Docs (#1511)
• 7cdaf2f Update CODEOWNERS to Launch team (#1510)
• 8ade135 Prepare 4.1.0 release (#1496)
• c533a0a Add support for partial checkout filters (#1396)
• 72f2cec Update README.md for V4 (#1452)
• 3df4ab1 Release 4.0.0 (#1447)
• 8b5e8b7 Support fetching without the --progress option (#1067)
• 97a652b Update default runtime to node20 (#1436)
• f43a0e5 Release 3.6.0 (#1437)
• Additional commits viewable in compare view

Updates actions/setup-dotnet from 1 to 4

Release notes

Sourced from actions/setup-dotnet's releases.

v4.0.0

What's Changed

In the scope of this release, the version of the Node.js runtime was updated to 20. The majority of dependencies were updated to the latest versions. From now on, the code for the setup-dotnet will run on Node.js 20 instead of Node.js 16.

Breaking changes

Update Node.js runtime to version 20 by @​harithavattikuti in #484

Non-breaking changes

• Refactor installer by @​nikolai-laevskii in actions/setup-dotnet#432
• Allow json comments by @​nikolai-laevskii in actions/setup-dotnet#431
• Sequential version install fix by @​nikolai-laevskii in actions/setup-dotnet#433 setup-dotnet@v3 used to overwrite dotnet executable on each action run, which was causing action to fail on some occasions due to executable being still in use. In setup-dotnet@v4 we solved this issue by adding another install-script run that installs LTS version of dotnet executable and uses it for all subsequent dotnet installations. The first install-script run conducts the actual download only once per workflow.
• Update fast-xml-parser and dotnet installer scripts by @​IvanZosimov in actions/setup-dotnet#437
• Update dependencies by @​IvanZosimov in actions/setup-dotnet#440
• Bump word-wrap from 1.2.3 to 1.2.4 by @​dependabot in actions/setup-dotnet#444
• Update installers by @​nikolai-laevskii in actions/setup-dotnet#462
• Update semver by @​dmitry-shibanov in actions/setup-dotnet#468

New Contributors

• @​HarithaVattikuti made their first contribution in actions/setup-dotnet#484

Full Changelog: actions/setup-dotnet@v3...v4.0.0

v3.2.0

What's Changed

In scope of this minor release, the ability to cache the NuGet global-packages folder was added in actions/setup-dotnet#303 by @​nogic1008

For caching, the action uses the @​toolkit/cache library under the hood, which in turn allows getting rid of configuring the @​actions/cache action separately.

Such input parameters as cache and cache-dependency-path were added. The cache input is optional, and caching is turned off by default, cache-dependency-path is used to specify the path to a dependency file - packages.lock.json.

Example of use-case:

- uses: actions/setup-dotnet@v3
  with:
    dotnet-version: 6.x
    cache: true
    cache-dependency-path: subdir/packages.lock.json

More details can be found in the action's documentation.

Full Changelog: actions/setup-dotnet@v3...v3.2.0

v3.1.0

What's Changed

... (truncated)

Commits

• 4d6c8fc Upgrade Node to v20 (#484)
• 2216f56 Update semver (#468)
• 736bc6d Merge pull request #462 from akv-platform/update-installers
• f5526c2 Update installers
• 4dba25f Bump word-wrap from 1.2.3 to 1.2.4 (#444)
• ada8800 Bump semver from 6.3.0 to 6.3.1 (#443)
• e174912 Update dependencies (#440)
• a6be55a Update fast-xml-parser and dotnet installer scripts (#437)
• 9b40770 Merge pull request #433 from akv-platform/sequential-version-install-fix
• 4827734 Reduce number of e2e tests
• Additional commits viewable in compare view

Updates actions/setup-node from 1 to 4

Release notes

Sourced from actions/setup-node's releases.

v4.0.0

What's Changed

In scope of this release we changed version of node runtime for action from node16 to node20 and updated dependencies in actions/setup-node#866

Besides, release contains such changes as:

• Upgrade actions/checkout to v4 by @​gmembre-zenika in actions/setup-node#868
• Update actions/checkout for documentation and yaml by @​dmitry-shibanov in actions/setup-node#876

New Contributors

• @​gmembre-zenika made their first contribution in actions/setup-node#868

Full Changelog: actions/setup-node@v3...v4.0.0

v3.8.2

What's Changed

• Update semver by @​dmitry-shibanov in actions/setup-node#861
• Update temp directory creation by @​nikolai-laevskii in actions/setup-node#859
• Bump @​babel/traverse from 7.15.4 to 7.23.2 by @​dependabot in actions/setup-node#870
• Add notice about binaries not being updated yet by @​nikolai-laevskii in actions/setup-node#872
• Update toolkit cache and core by @​dmitry-shibanov and @​seongwon-privatenote in actions/setup-node#875

Full Changelog: actions/setup-node@v3...v3.8.2

v3.8.1

What's Changed

In scope of this release, the filter was removed within the cache-save step by @​dmitry-shibanov in actions/setup-node#831. It is filtered and checked in the toolkit/cache library.

Full Changelog: actions/setup-node@v3...v3.8.1

v3.8.0

What's Changed

Bug fixes:

• Add check for existing paths by @​dmitry-shibanov in actions/setup-node#803
• Resolve SymbolicLink by @​dmitry-shibanov in actions/setup-node#809
• Change passing logic for cache input by @​dmitry-shibanov in actions/setup-node#816
• Fix armv7 cache issue by @​louislam in actions/setup-node#794
• Update check-dist workflow name by @​sinchang in actions/setup-node#710

Feature implementations:

• feat: handling the case where "node" is used for tool-versions file. by @​xytis in actions/setup-node#812

Documentation changes:

• Refer to semver package name in README.md by @​olleolleolle in actions/setup-node#808

Update dependencies:

• Update toolkit cache to fix zstd by @​dmitry-shibanov in actions/setup-node#804
• Bump tough-cookie and @​azure/ms-rest-js by @​dependabot in actions/setup-node#802
• Bump semver from 6.1.2 to 6.3.1 by @​dependabot in actions/setup-node#807

... (truncated)

Commits

• 60edb5d Add support for arm64 Windows (#927)
• d86ebcd Add support for volta.extends (#921)
• b39b52d Fix node-version-file interprets entire package.json as a version (#865)
• 7247617 Add package.json to node-version-file list of examples. (#879)
• f3ec4ca Fix README.md (#898)
• ec97f37 Add fix for cache (#917)
• 5ef044f Update reusable workflows to use Node.js v20 (#889)
• c45882a update to setup-node@v4 in docs (#884)
• ee36e8b Ignore engines check in Yarn 1 e2e-cache tests (#882)
• 8f152de Update actions/checkout for documentation and yaml (#876)
• Additional commits viewable in compare view

Updates zaproxy/action-baseline from 0.4.0 to 0.11.0

Release notes

Sourced from zaproxy/action-baseline's releases.

Version 0.11.0

Changed

• Run with node20. #114

Version 0.10.0

Added

• Support for authentication environment variables.

Fixed

• Update Crowdin link.

Version 0.9.0

Changed

• The default Docker image was changed to ghcr.io/zaproxy/zaproxy:stable.

Version 0.8.2

Fixed

• Fix an issue introduced in the previous release that prevented the use of the default GitHub authentication token to raise issues.

Version 0.8.1

Fixed

• Check issues with authenticated user. #17

Version 0.8.0

Added

• An input (artifact_name) used to name the artifact that contains the ZAP reports. #45

Changed

• Run action with Node 16.
• Update dependencies.

Version 0.7.0

Changed

• Update dependencies.

Fixed

• Use default zap user rather than root to allow the Ajax Spider to run.

Version 0.6.1

Changed

• Revert previous change (not into effect), no longer needed.

Version 0.6.0

Changed

• Disabled the automation framework while we investigate a problem with it.

Version 0.5.0

Added

• An input (allow_issue_writing) to choose if a GitHub issue should be raised or not. #56

... (truncated)

Changelog

Sourced from zaproxy/action-baseline's changelog.

[0.11.0] - 2024-01-25

Changed

• Run with node20. #114

[0.10.0] - 2023-10-31

Added

• Support for authentication environment variables.

Fixed

• Update Crowdin link.

[0.9.0] - 2023-08-02

Changed

• The default Docker image was changed to ghcr.io/zaproxy/zaproxy:stable.

[0.8.2] - 2023-07-04

Fixed

• Fix an issue introduced in the previous release that prevented the use of the default GitHub authentication token to raise issues.

[0.8.1] - 2023-07-03

Fixed

• Check issues with authenticated user. #17

[0.8.0] - 2023-06-30

Added

• An input (artifact_name) used to name the artifact that contains the ZAP reports. #45

Changed

• Run action with Node 16.
• Update dependencies.

[0.7.0] - 2022-05-23

Changed

• Update dependencies.

Fixed

• Use default zap user rather than root to allow the Ajax Spider to run.

[0.6.1] - 2021-10-08

Changed

• Revert previous change (not into effect), no longer needed.

[0.6.0] - 2021-10-08

Changed

• Disabled the automation framework while we investigate a problem with it.

[0.5.0] - 2021-09-14

Added

• An input (allow_issue_writing) to choose if a GitHub issue should be raised or not. #56

... (truncated)

Commits

• c5fd818 Merge pull request #116 from thc202/release-v0.11.0
• 0995b56 Release v0.11.0
• 1769d62 Merge pull request #115 from thc202/node20
• 3a9834a Run with node20
• c910ea6 Merge pull request #113 from thc202/update-changelog
• 611dcb3 Prepare next dev version
• 1e1871e Merge pull request #112 from thc202/auth-env-vars
• 22e8c71 Pass ZAP auth env vars and release v0.10.0
• 32502a8 Merge pull request #109 from thc202/update-link
• d2cc125 Update Crowdin link
• Additional commits viewable in compare view

Updates SonarSource/sonarcloud-github-action from 1.6 to 2.1

Release notes

Sourced from SonarSource/sonarcloud-github-action's releases.

Fix permissions of .scannerwork directory after scan

v2.1.0

Update README

No release notes provided.

Update README

No release notes provided.

Update scanner base image to sonar-scanner-cli:5.0

No release notes provided.

Update versions of the actions which run on Node16

Update scanner base image to sonar-scanner-cli:4.8

• Update scanner base image to sonar-scanner-cli:4.8

Update README to mention SonarCloud Scan for C and C++

Update README to mention SonarCloud Scan for C and C++

Update scanner base image to sonar-scanner-cli:4.7

• Update scanner base image to sonar-scanner-cli:4.7
• Perform Maven/Gradle check in the projectBaseDir

Commits

• 49e6cd3 Update README.md about manually cleaning the work directory
• 5f0b535 Check for existance of .scannerwork in cleanup script
• fb9ead3 chown only .scannerwork
• e2a1ee7 Fix permissions of .scannerwork directory (#57)
• 5ee47de Update README with new Clean Code wording and link from Marketing (#56)
• c25d2e7 SC-9154 Update links in README
• a244ec8 SC-9154 Update SonarCloud GitHub Action docs (#54)
• 4b4d763 Update scanner cli version to 5.0 (#51)
• 9c0534d Delete .travis.yml
• 5875562 SC-6662 update README to use v3 of actions
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions