chore(deps): Bump the all-dependencies group with 6 updates

[dependabot]

Bumps the all-dependencies group with 6 updates:

Package	From	To
actions/checkout	4.2.1	4.2.2
github/codeql-action	3.26.10	3.28.9
thehanimo/pr-title-checker	1.4.1	1.4.3
actions/setup-go	5.0.2	5.3.0
ianlewis/todo-issue-reopener	1.4.0	1.5.0
actions/upload-artifact	4.4.0	4.6.0

Updates actions/checkout from 4.2.1 to 4.2.2

Release notes

Sourced from actions/checkout's releases.

v4.2.2

What's Changed

• url-helper.ts now leverages well-known environment variables by @​jww3 in actions/checkout#1941
• Expand unit test coverage for isGhes by @​jww3 in actions/checkout#1946

Full Changelog: actions/checkout@v4.2.1...v4.2.2

Changelog

Sourced from actions/checkout's changelog.

Changelog

v4.2.2

• url-helper.ts now leverages well-known environment variables by @​jww3 in actions/checkout#1941
• Expand unit test coverage for isGhes by @​jww3 in actions/checkout#1946

v4.2.1

• Check out other refs/* by commit if provided, fall back to ref by @​orhantoy in actions/checkout#1924

v4.2.0

• Add Ref and Commit outputs by @​lucacome in actions/checkout#1180
• Dependency updates by @​dependabot- actions/checkout#1777, actions/checkout#1872

v4.1.7

• Bump the minor-npm-dependencies group across 1 directory with 4 updates by @​dependabot in actions/checkout#1739
• Bump actions/checkout from 3 to 4 by @​dependabot in actions/checkout#1697
• Check out other refs/* by commit by @​orhantoy in actions/checkout#1774
• Pin actions/checkout's own workflows to a known, good, stable version. by @​jww3 in actions/checkout#1776

v4.1.6

• Check platform to set archive extension appropriately by @​cory-miller in actions/checkout#1732

v4.1.5

• Update NPM dependencies by @​cory-miller in actions/checkout#1703
• Bump github/codeql-action from 2 to 3 by @​dependabot in actions/checkout#1694
• Bump actions/setup-node from 1 to 4 by @​dependabot in actions/checkout#1696
• Bump actions/upload-artifact from 2 to 4 by @​dependabot in actions/checkout#1695
• README: Suggest user.email to be 41898282+github-actions[bot]@users.noreply.github.com by @​cory-miller in actions/checkout#1707

v4.1.4

• Disable extensions.worktreeConfig when disabling sparse-checkout by @​jww3 in actions/checkout#1692
• Add dependabot config by @​cory-miller in actions/checkout#1688
• Bump the minor-actions-dependencies group with 2 updates by @​dependabot in actions/checkout#1693
• Bump word-wrap from 1.2.3 to 1.2.5 by @​dependabot in actions/checkout#1643

v4.1.3

• Check git version before attempting to disable sparse-checkout by @​jww3 in actions/checkout#1656
• Add SSH user parameter by @​cory-miller in actions/checkout#1685
• Update actions/checkout version in update-main-version.yml by @​jww3 in actions/checkout#1650

v4.1.2

• Fix: Disable sparse checkout whenever sparse-checkout option is not present @​dscho in actions/checkout#1598

v4.1.1

• Correct link to GitHub Docs by @​peterbe in actions/checkout#1511
• Link to release page from what's new section by @​cory-miller in actions/checkout#1514

v4.1.0

• Add support for partial checkout filters

... (truncated)

Commits

• 11bd719 Prepare 4.2.2 Release (#1953)
• e3d2460 Expand unit test coverage (#1946)
• 163217d url-helper.ts now leverages well-known environment variables. (#1941)
• See full diff in compare view

Updates github/codeql-action from 3.26.10 to 3.28.9

Release notes

Sourced from github/codeql-action's releases.

v3.28.9

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.28.9 - 07 Feb 2025

• Update default CodeQL bundle version to 2.20.4. #2753

See the full CHANGELOG.md for more information.

v3.28.8

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.28.8 - 29 Jan 2025

• Enable support for Kotlin 2.1.10 when running with CodeQL CLI v2.20.3. #2744

See the full CHANGELOG.md for more information.

v3.28.7

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.28.7 - 29 Jan 2025

No user facing changes.

See the full CHANGELOG.md for more information.

v3.28.6

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.28.6 - 27 Jan 2025

• Re-enable debug artifact upload for CLI versions 2.20.3 or greater. #2726

See the full CHANGELOG.md for more information.

v3.28.5

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.28.5 - 24 Jan 2025

... (truncated)

Changelog

Sourced from github/codeql-action's changelog.

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

[UNRELEASED]

• Update the action to prefer gtar over tar to make zstd archive extraction more robust. 2767

3.28.9 - 07 Feb 2025

• Update default CodeQL bundle version to 2.20.4. #2753

3.28.8 - 29 Jan 2025

• Enable support for Kotlin 2.1.10 when running with CodeQL CLI v2.20.3. #2744

3.28.7 - 29 Jan 2025

No user facing changes.

3.28.6 - 27 Jan 2025

• Re-enable debug artifact upload for CLI versions 2.20.3 or greater. #2726

3.28.5 - 24 Jan 2025

• Update default CodeQL bundle version to 2.20.3. #2717

3.28.4 - 23 Jan 2025

No user facing changes.

3.28.3 - 22 Jan 2025

• Update default CodeQL bundle version to 2.20.2. #2707
• Fix an issue downloading the CodeQL Bundle from a GitHub Enterprise Server instance which occurred when the CodeQL Bundle had been synced to the instance using the CodeQL Action sync tool and the Actions runner did not have Zstandard installed. #2710
• Uploading debug artifacts for CodeQL analysis is temporarily disabled. #2712

3.28.2 - 21 Jan 2025

No user facing changes.

3.28.1 - 10 Jan 2025

• CodeQL Action v2 is now deprecated, and is no longer updated or supported. For better performance, improved security, and new features, upgrade to v3. For more information, see this changelog post. #2677
• Update default CodeQL bundle version to 2.20.1. #2678

3.28.0 - 20 Dec 2024

• Bump the minimum CodeQL bundle version to 2.15.5. #2655

... (truncated)

Commits

• 9e8d078 Merge pull request #2757 from github/update-v3.28.9-24e1c2d33
• 43d9be6 Update changelog for v3.28.9
• 24e1c2d Merge pull request #2753 from github/update-bundle/codeql-bundle-v2.20.4
• 57a08c0 Add changelog note
• 52189d2 Update default bundle to codeql-bundle-v2.20.4
• 08bc0cf Merge pull request #2751 from github/henrymercer/fix-init-post-without-config
• cf7c687 Send init-post status report in absence of config
• ad42dbd Merge pull request #2750 from github/dependabot/npm_and_yarn/npm-768bd9b555
• a8f5935 Merge pull request #2749 from github/dependabot/github_actions/actions-29d379...
• 9660df3 Update checked-in dependencies
• Additional commits viewable in compare view

Updates thehanimo/pr-title-checker from 1.4.1 to 1.4.3

Release notes

Sourced from thehanimo/pr-title-checker's releases.

v1.4.3

No release notes provided.

v1.4.2

Transition to node 20

Commits

• 7fbfe05 Update README.md
• 62df0ca Merge pull request #51 from karpikpl/main
• 767e507 Merge pull request #52 from GetJobber/main
• 17e25bb Update README.md
• 86f65d3 Merge pull request #1 from GetJobber/upgrade-upload-artifact-to-v4
• fce987e Update check-release-drift.yml
• 64416c2 Updates to readme
• 704bcd3 Adding output - result of the check
• 1d8cd48 Merge pull request #46 from MoLow/patch-1
• 7bcfcff Update release-drift action to node v20
• Additional commits viewable in compare view

Updates actions/setup-go from 5.0.2 to 5.3.0

Release notes

Sourced from actions/setup-go's releases.

v5.3.0

What's Changed

• Use the new cache service: upgrade @actions/cache to ^4.0.0 by @​Link- in actions/setup-go#531
• Configure Dependabot settings by @​HarithaVattikuti in actions/setup-go#530
• Document update - permission section by @​HarithaVattikuti in actions/setup-go#533
• Bump actions/publish-immutable-action from 0.0.3 to 0.0.4 by @​dependabot in actions/setup-go#534

New Contributors

• @​Link- made their first contribution in actions/setup-go#531

Full Changelog: actions/setup-go@v5...v5.3.0

v5.2.0

What's Changed

• Leveraging the raw API to retrieve the version-manifest, as it does not impose a rate limit and hence facilitates unrestricted consumption without the need for a token for Github Enterprise Servers by @​Shegox in actions/setup-go#496

New Contributors

• @​Shegox made their first contribution in actions/setup-go#496

Full Changelog: actions/setup-go@v5...v5.2.0

v5.1.0

What's Changed

• Add workflow file for publishing releases to immutable action package by @​Jcambass in actions/setup-go#500
• Upgrade IA Publish by @​Jcambass in actions/setup-go#502
• Add architecture to cache key by @​Zxilly in actions/setup-go#493 This addresses issues with caching by adding the architecture (arch) to the cache key, ensuring that cache keys are accurate to prevent conflicts. Note: This change may break previous cache keys as they will no longer be compatible with the new format.
• Enhance workflows and Upgrade micromatch Dependency by @​priyagupta108 in actions/setup-go#510

Bug Fixes

• Revise isGhes logic by @​jww3 in actions/setup-go#511

New Contributors

• @​Zxilly made their first contribution in actions/setup-go#493
• @​Jcambass made their first contribution in actions/setup-go#500
• @​jww3 made their first contribution in actions/setup-go#511
• @​priyagupta108 made their first contribution in actions/setup-go#510

Full Changelog: actions/setup-go@v5...v5.1.0

Commits

• f111f33 Bump actions/publish-immutable-action from 0.0.3 to 0.0.4 (#534)
• 3d10edb Add new permission section (#533)
• 43e1389 Configure Dependabot settings (#530)
• f81f022 Use the new cache service: upgrade @actions/cache to ^4.0.0 (#531)
• 3041bf5 feat: fallback to "raw" endpoint for manifest when rate limit is reached (#496)
• 41dfa10 Enhance workflows and Upgrade micromatch Dependency (#510)
• 9419772 Revise isGhes logic (#511)
• d60b41a Merge pull request #502 from actions/Jcambass-patch-1
• e09f57f Upgrade IA Publish
• df1a117 Merge pull request #500 from actions/Jcambass-patch-1
• Additional commits viewable in compare view

Updates ianlewis/todo-issue-reopener from 1.4.0 to 1.5.0

Release notes

Sourced from ianlewis/todo-issue-reopener's releases.

v1.5.0

Updated in v1.5.0

• Updated the version of todos used to v0.11.0 (#1474).
• Fixed edge cases in vanityURLs feature (#1475).

What's Changed since v1.4.0

• chore: Sync with repo-template-ts by @​ianlewis in ianlewis/todo-issue-reopener#1481
• chore: Update todos to v0.11.0 by @​ianlewis in ianlewis/todo-issue-reopener#1578
• docs: Add contents: read permission by @​ianlewis in ianlewis/todo-issue-reopener#1594
• fix: vanityURLs feature by @​ianlewis in ianlewis/todo-issue-reopener#1605
• chore(deps-dev): Bump @​types/node from 20.17.19 to 22.13.4 by @​dependabot in ianlewis/todo-issue-reopener#1557
• chore(deps): Bump actions/checkout from 4.1.7 to 4.2.2 by @​dependabot in ianlewis/todo-issue-reopener#1354
• chore: group dependabot updates by @​ianlewis in ianlewis/todo-issue-reopener#1661
• chore(deps): Bump the all-dependencies group with 4 updates by @​dependabot in ianlewis/todo-issue-reopener#1672
• chore(deps-dev): Bump the development-dependencies group with 2 updates by @​dependabot in ianlewis/todo-issue-reopener#1678
• chore(deps): Bump codecov/codecov-action from 4.6.0 to 5.3.1 by @​dependabot in ianlewis/todo-issue-reopener#1550
• chore(deps): Bump uuid from 10.0.0 to 11.0.5 by @​dependabot in ianlewis/todo-issue-reopener#1551
• chore(release): v1.5.0 by @​ianlewis in ianlewis/todo-issue-reopener#1719

Full Changelog: ianlewis/todo-issue-reopener@v1.4.0...v1.5.0

Changelog

Sourced from ianlewis/todo-issue-reopener's changelog.

Changelog

All notable changes will be documented in this file.

The format is based on Keep a Changelog, and this project adheres to Semantic Versioning.

[1.5.0] - 2025-02-17

• Updated the version of todos used to v0.11.0 (#1474).
• Fixed edge cases in vanityURLs feature (#1475).

[1.4.0] - 2024-10-31

• Updated the version of todos used to v0.10.0.

[1.3.0] - 2024-08-13

• Updated the version of todos used to v0.9.0.

[1.2.1] - 2024-05-15

Fixed in 1.2.1

• Fixed the "error updating to TUF remote mirror: invalid key" error (#688).

[1.2.0] - 2024-02-21

Fixed in 1.2.0

• todo-issue-reopener no longer fails when issues referenced by TODOs do not exist (#553).

Updated in 1.2.0

• todos v0.8.0 is now used.

[1.1.0] - 2024-02-05

Updated in 1.1.0

• GitHub Marketplace branding was added.

[1.0.0] - 2024-02-03

Updated in 1.0.0

... (truncated)

Commits

• d55d48e chore(release): v1.5.0 (#1719)
• d7acf9e chore(deps): Bump uuid from 10.0.0 to 11.0.5 (#1551)
• 70ddd91 chore(deps): Bump codecov/codecov-action from 4.6.0 to 5.3.1 (#1550)
• 21f5f46 chore(deps-dev): Bump the development-dependencies group with 2 updates (#1678)
• e771975 chore(deps): Bump the all-dependencies group with 4 updates (#1672)
• 79874b0 chore: group dependabot updates (#1661)
• eca35aa chore(deps): Bump actions/checkout from 4.1.7 to 4.2.2 (#1354)
• 014a3a6 chore(deps-dev): Bump @​types/node from 20.17.19 to 22.13.4 (#1557)
• d77e522 fix: vanityURLs feature (#1605)
• ab9db4d docs: Add contents: read permission (#1594)
• Additional commits viewable in compare view

Updates actions/upload-artifact from 4.4.0 to 4.6.0

Release notes

Sourced from actions/upload-artifact's releases.

v4.6.0

What's Changed

• Expose env vars to control concurrency and timeout by @​yacaovsnc in actions/upload-artifact#662

Full Changelog: actions/upload-artifact@v4...v4.6.0

v4.5.0

What's Changed

• fix: deprecated Node.js version in action by @​hamirmahal in actions/upload-artifact#578
• Add new artifact-digest output by @​bdehamer in actions/upload-artifact#656

New Contributors

• @​hamirmahal made their first contribution in actions/upload-artifact#578
• @​bdehamer made their first contribution in actions/upload-artifact#656

Full Changelog: actions/upload-artifact@v4.4.3...v4.5.0

v4.4.3

What's Changed

• Undo indirect dependency updates from #627 by @​joshmgross in actions/upload-artifact#632

Full Changelog: actions/upload-artifact@v4.4.2...v4.4.3

v4.4.2

What's Changed

• Bump @actions/artifact to 2.1.11 by @​robherley in actions/upload-artifact#627
  • Includes fix for relative symlinks not resolving properly

Full Changelog: actions/upload-artifact@v4.4.1...v4.4.2

v4.4.1

What's Changed

• Add a section about hidden files by @​joshmgross in actions/upload-artifact#607
• Add workflow file for publishing releases to immutable action package by @​Jcambass in actions/upload-artifact#621
• Update @​actions/artifact to latest version, includes symlink and timeout fixes by @​robherley in actions/upload-artifact#625

New Contributors

• @​Jcambass made their first contribution in actions/upload-artifact#621

Full Changelog: actions/upload-artifact@v4.4.0...v4.4.1

Commits

• 65c4c4a Merge pull request #662 from actions/yacaovsnc/add_variable_for_concurrency_a...
• 0207619 move files back to satisfy licensed ci
• 1ecca81 licensed cache updates
• 9742269 Expose env vars to controll concurrency and timeout
• 6f51ac0 Merge pull request #656 from bdehamer/bdehamer/artifact-digest
• c40c16d add new artifact-digest output
• 735efb4 bump @​actions/artifact from 2.1.11 to 2.2.0
• 184d73b Merge pull request #578 from hamirmahal/fix/deprecated-nodejs-usage-in-action
• b4a0a98 Merge branch 'main' into fix/deprecated-nodejs-usage-in-action
• b4b15b8 Merge pull request #632 from actions/joshmgross/undo-dependency-changes
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[codecov-commenter]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 91.14%. Comparing base (f16ed41) to head (543b299).

Additional details and impacted files

@@           Coverage Diff           @@
##             main      #83   +/-   ##
=======================================
  Coverage   91.14%   91.14%           
=======================================
  Files           3        3           
  Lines         463      463           
=======================================
  Hits          422      422           
  Misses         30       30           
  Partials       11       11