[v8](gha): Bump the dependencies group across 1 directory with 4 updates

.github/workflows/check-cves.yml

@@ -14,7 +14,7 @@ jobs:
 
     - name: Scan current project
       id: scan
-      uses: anchore/scan-action@v6
+      uses: anchore/scan-action@v7
       with:
         path: "."
         add-cpes-if-none: true
@@ -26,7 +26,7 @@ jobs:
       if: always()
 
     - name: Archive CVE scan results
-      uses: actions/upload-artifact@v4
+      uses: actions/upload-artifact@v5
       if: always()
       with:
         name: cve-scan-results-${{ github.sha }}-${{ github.run_id }}-${{ github.run_number }}

.github/workflows/release-build-sign-upload.yml

@@ -169,7 +169,7 @@ jobs:
         make out/cf-cli_linux_arm64
 
     - name: Store Linux Binaries
-      uses: actions/upload-artifact@v4
+      uses: actions/upload-artifact@v5
       with:
         if-no-files-found: error
         name: cf-cli-linux-binaries
@@ -274,7 +274,7 @@ jobs:
       working-directory: signed-redhat-installer
 
     - name: Store Signed Linux RPM Packages
-      uses: actions/upload-artifact@v4
+      uses: actions/upload-artifact@v5
       with:
         if-no-files-found: error
         name: cf-cli-linux-rpm-packages
@@ -375,7 +375,7 @@ jobs:
       working-directory: packaged-deb
 
     - name: Store Debian Packages
-      uses: actions/upload-artifact@v4
+      uses: actions/upload-artifact@v5
       with:
         if-no-files-found: error
         name: cf-cli-linux-deb-packages
@@ -465,7 +465,7 @@ jobs:
         make out/cf-cli_macosarm
 
     - name: Store macOS Binaries
-      uses: actions/upload-artifact@v4
+      uses: actions/upload-artifact@v5
       with:
         if-no-files-found: error
         name: cf-cli-macos-binaries
@@ -604,7 +604,7 @@ jobs:
           "signed-macos-installer/cf${VERSION_MAJOR}-cli-installer_${VERSION_BUILD}_macosarm.pkg"
 
     - name: Store macOS Signed Packages
-      uses: actions/upload-artifact@v4
+      uses: actions/upload-artifact@v5
       with:
         if-no-files-found: error
         name: cf-cli-macos-packages
@@ -690,7 +690,7 @@ jobs:
           New-Item -ItemType SymbolicLink -Target .\out\cf-cli_winx64.exe -Path .\out\cf-cli_winx64-link.exe
 
       - name: Save signed binaries as a GitHub Action Artifact
-        uses: actions/upload-artifact@v4
+        uses: actions/upload-artifact@v5
         with:
           name: cf-cli-windows-binaries
           if-no-files-found: error
@@ -735,7 +735,7 @@ jobs:
           Get-ChildItem "${env:RUNNER_TEMP}"
 
       - name: Save installer and dist files as a GitHub Action Artifact
-        uses: actions/upload-artifact@v4
+        uses: actions/upload-artifact@v5
         with:
           name: cf-cli-windows-packages
           if-no-files-found: error
@@ -770,7 +770,7 @@ jobs:
       uses: actions/checkout@v5
 
     - name: Download signed artifacts
-      uses: actions/download-artifact@v5
+      uses: actions/download-artifact@v6
       with:
         path: signed # download all artifacts to 'signed/'
 
@@ -856,7 +856,7 @@ jobs:
           signed/winx64/*zip
 
     - name: Store Artifacts
-      uses: actions/upload-artifact@v4
+      uses: actions/upload-artifact@v5
       with:
         if-no-files-found: error
         name: final-artifacts
@@ -889,7 +889,7 @@ jobs:
     steps:
 
     - name: Download Signed Linux Packages
-      uses: actions/download-artifact@v5
+      uses: actions/download-artifact@v6
       with:
         name: cf-cli-linux-rpm-packages
 
@@ -916,7 +916,7 @@ jobs:
     steps:
 
     - name: Download Signed Linux Packages
-      uses: actions/download-artifact@v5
+      uses: actions/download-artifact@v6
       with:
         name: cf-cli-linux-deb-packages
 
@@ -944,7 +944,7 @@ jobs:
     steps:
 
     - name: Download Signed macOS Packages
-      uses: actions/download-artifact@v5
+      uses: actions/download-artifact@v6
       with:
         name: cf-cli-macos-packages
 
@@ -968,7 +968,7 @@ jobs:
     steps:
 
     - name: Download Signed Windows Binaries
-      uses: actions/download-artifact@v5
+      uses: actions/download-artifact@v6
       with:
         name: cf-cli-windows-binaries
 
@@ -978,7 +978,7 @@ jobs:
         Get-AuthenticodeSignature -Verbose -ErrorAction Stop .\cf-cli_winx64.exe
 
     - name: Download Signed Windows Binaries
-      uses: actions/download-artifact@v5
+      uses: actions/download-artifact@v6
       with:
         name: cf-cli-windows-packages
 
@@ -1008,7 +1008,7 @@ jobs:
     - s3-upload
     steps:
     - name: Download signed artifacts
-      uses: actions/download-artifact@v5
+      uses: actions/download-artifact@v6
       with:
         name: final-artifacts
         path: ${{ env.ARTIFACTS_DIR }}

.github/workflows/release-update-repos.yml

@@ -385,7 +385,7 @@ jobs:
     #     ls -R
     #
     # - name: Backup current Linux RPM repodata
-    #   uses: actions/upload-artifact@v4
+    #   uses: actions/upload-artifact@v5
     #   with:
     #     if-no-files-found: error
     #     name: cf-cli-linux-rpm-repodata-backup
@@ -428,7 +428,7 @@ jobs:
       run: ls -R
 
     - name: Store Linux RPM repodata
-      uses: actions/upload-artifact@v4
+      uses: actions/upload-artifact@v5
       with:
         if-no-files-found: error
         name: cf-cli-linux-rpm-repodata

.github/workflows/util-code-quality.yml

@@ -25,15 +25,15 @@ jobs:
         uses: actions/checkout@v5
 
       - name: Initialize CodeQL
-        uses: github/codeql-action/init@v3
+        uses: github/codeql-action/init@v4
         with:
           languages: go
           config-file: ./.github/codeql/codeql-config.yml
 
       - name: Autobuild
-        uses: github/codeql-action/autobuild@v3
+        uses: github/codeql-action/autobuild@v4
 
       - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@v3
+        uses: github/codeql-action/analyze@v4
 
 # vim: set sw=2 ts=2 sts=2 et tw=78 foldlevel=2 fdm=indent nospell: