chore(deps): bump the github-actions group across 1 directory with 5 updates

[dependabot]

Bumps the github-actions group with 5 updates in the / directory:

Package	From	To
actions/checkout	3	4
actions/setup-go	3	5
golangci/golangci-lint-action	3	6
actions/stale	4	9
codecov/codecov-action	4	5

Updates actions/checkout from 3 to 4

Release notes

Sourced from actions/checkout's releases.

v4.0.0

What's Changed

• Update default runtime to node20 by @​takost in actions/checkout#1436
• Support fetching without the --progress option by @​simonbaird in actions/checkout#1067
• Release 4.0.0 by @​takost in actions/checkout#1447

New Contributors

• @​takost made their first contribution in actions/checkout#1436
• @​simonbaird made their first contribution in actions/checkout#1067

Full Changelog: actions/checkout@v3...v4.0.0

v3.6.0

What's Changed

• Mark test scripts with Bash'isms to be run via Bash by @​dscho in actions/checkout#1377
• Add option to fetch tags even if fetch-depth > 0 by @​RobertWieczoreck in actions/checkout#579
• Release 3.6.0 by @​luketomlinson in actions/checkout#1437

New Contributors

• @​RobertWieczoreck made their first contribution in actions/checkout#579
• @​luketomlinson made their first contribution in actions/checkout#1437

Full Changelog: actions/checkout@v3.5.3...v3.6.0

v3.5.3

What's Changed

• Fix: Checkout Issue in self hosted runner due to faulty submodule check-ins by @​megamanics in actions/checkout#1196
• Fix typos found by codespell by @​DimitriPapadopoulos in actions/checkout#1287
• Add support for sparse checkouts by @​dscho and @​dfdez in actions/checkout#1369
• Release v3.5.3 by @​TingluoHuang in actions/checkout#1376

New Contributors

• @​megamanics made their first contribution in actions/checkout#1196
• @​DimitriPapadopoulos made their first contribution in actions/checkout#1287
• @​dfdez made their first contribution in actions/checkout#1369

Full Changelog: actions/checkout@v3...v3.5.3

v3.5.2

What's Changed

• Fix: Use correct API url / endpoint in GHES by @​fhammerl in actions/checkout#1289 based on #1286 by @​1newsr

Full Changelog: actions/checkout@v3.5.1...v3.5.2

v3.5.1

What's Changed

• Improve checkout performance on Windows runners by upgrading @​actions/github dependency by @​BrettDong in actions/checkout#1246

New Contributors

• @​BrettDong made their first contribution in actions/checkout#1246

... (truncated)

Changelog

Sourced from actions/checkout's changelog.

Changelog

v4.2.2

• url-helper.ts now leverages well-known environment variables by @​jww3 in actions/checkout#1941
• Expand unit test coverage for isGhes by @​jww3 in actions/checkout#1946

v4.2.1

• Check out other refs/* by commit if provided, fall back to ref by @​orhantoy in actions/checkout#1924

v4.2.0

• Add Ref and Commit outputs by @​lucacome in actions/checkout#1180
• Dependency updates by @​dependabot- actions/checkout#1777, actions/checkout#1872

v4.1.7

• Bump the minor-npm-dependencies group across 1 directory with 4 updates by @​dependabot in actions/checkout#1739
• Bump actions/checkout from 3 to 4 by @​dependabot in actions/checkout#1697
• Check out other refs/* by commit by @​orhantoy in actions/checkout#1774
• Pin actions/checkout's own workflows to a known, good, stable version. by @​jww3 in actions/checkout#1776

v4.1.6

• Check platform to set archive extension appropriately by @​cory-miller in actions/checkout#1732

v4.1.5

• Update NPM dependencies by @​cory-miller in actions/checkout#1703
• Bump github/codeql-action from 2 to 3 by @​dependabot in actions/checkout#1694
• Bump actions/setup-node from 1 to 4 by @​dependabot in actions/checkout#1696
• Bump actions/upload-artifact from 2 to 4 by @​dependabot in actions/checkout#1695
• README: Suggest user.email to be 41898282+github-actions[bot]@users.noreply.github.com by @​cory-miller in actions/checkout#1707

v4.1.4

• Disable extensions.worktreeConfig when disabling sparse-checkout by @​jww3 in actions/checkout#1692
• Add dependabot config by @​cory-miller in actions/checkout#1688
• Bump the minor-actions-dependencies group with 2 updates by @​dependabot in actions/checkout#1693
• Bump word-wrap from 1.2.3 to 1.2.5 by @​dependabot in actions/checkout#1643

v4.1.3

• Check git version before attempting to disable sparse-checkout by @​jww3 in actions/checkout#1656
• Add SSH user parameter by @​cory-miller in actions/checkout#1685
• Update actions/checkout version in update-main-version.yml by @​jww3 in actions/checkout#1650

v4.1.2

• Fix: Disable sparse checkout whenever sparse-checkout option is not present @​dscho in actions/checkout#1598

v4.1.1

• Correct link to GitHub Docs by @​peterbe in actions/checkout#1511
• Link to release page from what's new section by @​cory-miller in actions/checkout#1514

v4.1.0

• Add support for partial checkout filters

... (truncated)

Commits

• 11bd719 Prepare 4.2.2 Release (#1953)
• e3d2460 Expand unit test coverage (#1946)
• 163217d url-helper.ts now leverages well-known environment variables. (#1941)
• eef6144 Prepare 4.2.1 release (#1925)
• 6b42224 Add workflow file for publishing releases to immutable action package (#1919)
• de5a000 Check out other refs/* by commit if provided, fall back to ref (#1924)
• d632683 Prepare 4.2.0 release (#1878)
• 6d193bf Bump braces from 3.0.2 to 3.0.3 (#1777)
• db0cee9 Bump the minor-npm-dependencies group across 1 directory with 4 updates (#1872)
• b684943 Add Ref and Commit outputs (#1180)
• Additional commits viewable in compare view

Updates actions/setup-go from 3 to 5

Release notes

Sourced from actions/setup-go's releases.

v5.0.0

What's Changed

In scope of this release, we change Nodejs runtime from node16 to node20 (actions/setup-go#421). Moreover, we update some dependencies to the latest versions (actions/setup-go#445).

Besides, this release contains such changes as:

• Fix hosted tool cache usage on windows by @​galargh in actions/setup-go#411
• Improve documentation regarding dependencies caching by @​artemgavrilov in actions/setup-go#417

New Contributors

• @​galargh made their first contribution in actions/setup-go#411
• @​artemgavrilov made their first contribution in actions/setup-go#417
• @​chenrui333 made their first contribution in actions/setup-go#421

Full Changelog: actions/setup-go@v4...v5.0.0

v4.1.0

What's Changed

In scope of this release, slow installation on Windows was fixed by @​dsame in actions/setup-go#393 and OS version was added to primaryKey for Ubuntu runners to avoid conflicts (actions/setup-go#383)

This release also includes the following changes:

• Remove implicit dependencies by @​nikolai-laevskii in actions/setup-go#378
• Update action.yml by @​mkelly in actions/setup-go#379
• Added a description that go-version should be specified as a string type by @​n3xem in actions/setup-go#367
• Add note about YAML parsing versions by @​dmitry-shibanov in actions/setup-go#382
• Automatic update of configuration files from 05/23/2023 by @​github-actions in actions/setup-go#377
• Bump tough-cookie and @​azure/ms-rest-js by @​dependabot in actions/setup-go#392
• Bump word-wrap from 1.2.3 to 1.2.4 by @​dependabot in actions/setup-go#397
• Bump semver from 6.3.0 to 6.3.1 by @​dependabot in actions/setup-go#396

New Contributors

• @​mkelly made their first contribution in actions/setup-go#379
• @​n3xem made their first contribution in actions/setup-go#367

Full Changelog: actions/setup-go@v4...v4.1.0

v4.0.1

What's Changed

• Update documentation for v4 by @​dsame in actions/setup-go#354
• Fix glob bug in the package.json scripts section by @​IvanZosimov in actions/setup-go#359
• Bump xml2js dependency by @​dmitry-shibanov in actions/setup-go#370
• Bump @actions/cache dependency to v3.2.1 by @​nikolai-laevskii in actions/setup-go#374

New Contributors

• @​nikolai-laevskii made their first contribution in actions/setup-go#374

Full Changelog: actions/setup-go@v4...v4.0.1

v4.0.0

In scope of release we enable cache by default. The action won’t throw an error if the cache can’t be restored or saved. The action will throw a warning message but it won’t stop a build process. The cache can be disabled by specifying cache: false.

</tr></table> 

... (truncated)

Commits

• 41dfa10 Enhance workflows and Upgrade micromatch Dependency (#510)
• 9419772 Revise isGhes logic (#511)
• d60b41a Merge pull request #502 from actions/Jcambass-patch-1
• e09f57f Upgrade IA Publish
• df1a117 Merge pull request #500 from actions/Jcambass-patch-1
• 49582f6 Add workflow file for publishing releases to immutable action package
• b26d402 fix: add arch to cache key (#493)
• 0a12ed9 Bump braces from 3.0.2 to 3.0.3 (#487)
• 4ab57d7 Fix versions check failure (#479)
• cdcb360 Remove the description of the old go.mod specification (#458)
• Additional commits viewable in compare view

Updates golangci/golangci-lint-action from 3 to 6

Release notes

Sourced from golangci/golangci-lint-action's releases.

v6.0.0

What's Changed

This version removes annotations option (because it was useless), and removes the default output format (github-actions). The annotations are still produced but with another approach.

Changes

• feat: rewrite format handling by @​ldez in golangci/golangci-lint-action#1038

Dependencies

• build(deps-dev): bump @​typescript-eslint/eslint-plugin from 7.7.1 to 7.8.0 by @​dependabot in golangci/golangci-lint-action#1034
• build(deps): bump @​types/node from 20.12.7 to 20.12.8 by @​dependabot in golangci/golangci-lint-action#1036
• build(deps-dev): bump @​typescript-eslint/parser from 7.7.1 to 7.8.0 by @​dependabot in golangci/golangci-lint-action#1035

Full Changelog: golangci/golangci-lint-action@v5.3.0...v6.0.0

v5.3.0

What's Changed

Changes

• feat: uses 2 dots compare syntax for push diff by @​ldez in golangci/golangci-lint-action#1030
• feat: add option to control cache invalidation interval by @​ldez in golangci/golangci-lint-action#1031
• feat: use OS and working-directory as cache key by @​ldez in golangci/golangci-lint-action#1032
• feat: improve log about pwd/cwd by @​ldez in golangci/golangci-lint-action#1033

Full Changelog: golangci/golangci-lint-action@v5.2.0...v5.3.0

v5.2.0

What's Changed

Changes

• feat: add an option to enable/disable annotations by @​ldez

Full Changelog: golangci/golangci-lint-action@v5.1.0...v5.2.0

v5.1.0

What's Changed

Changes

• feat: support for pull and merge_group events with the option only-new-issues by @​ldez in golangci/golangci-lint-action#1029

Dependencies

• build(deps-dev): bump @​typescript-eslint/parser from 7.7.0 to 7.7.1 by @​dependabot in golangci/golangci-lint-action#1027
• build(deps-dev): bump @​typescript-eslint/eslint-plugin from 7.7.0 to 7.7.1 by @​dependabot in golangci/golangci-lint-action#1028

... (truncated)

Commits

• 971e284 build(deps-dev): bump the dev-dependencies group with 3 updates (#1108)
• bbe7eb5 build(deps): bump @​types/node from 22.5.5 to 22.7.4 in the dependencies group...
• ebae5ce build(deps-dev): bump the dev-dependencies group with 3 updates (#1105)
• 06c3f3a build(deps): bump @​types/node from 22.5.4 to 22.5.5 in the dependencies group...
• 56689d8 build(deps-dev): bump the dev-dependencies group with 3 updates (#1103)
• c7bab6f fix: clean go install output (#1102)
• 33f56cc build(deps-dev): bump the dev-dependencies group with 3 updates (#1099)
• e954224 build(deps): bump @​types/node from 22.5.2 to 22.5.4 in the dependencies group...
• 68de804 build(deps): bump @​types/node from 22.5.1 to 22.5.2 in the dependencies group...
• 22a3756 build(deps-dev): bump the dev-dependencies group with 2 updates (#1097)
• Additional commits viewable in compare view

Updates actions/stale from 4 to 9

Release notes

Sourced from actions/stale's releases.

v9.0.0

Breaking Changes

1. Action is now stateful: If the action ends because of operations-per-run then the next run will start from the first unprocessed issue skipping the issues processed during the previous run(s). The state is reset when all the issues are processed. This should be considered for scheduling workflow runs.
2. Version 9 of this action updated the runtime to Node.js 20. All scripts are now run with Node.js 20 instead of Node.js 16 and are affected by any breaking changes between Node.js 16 and 20.

What Else Changed

1. Performance optimization that removes unnecessary API calls by @​dsame #1033 fixes #792
2. Logs displaying current github API rate limit by @​dsame #1032 addresses #1029

For more information, please read the action documentation and its section about statefulness

New Contributors

• @​jmeridth made their first contribution in actions/stale#984
• @​nikolai-laevskii made their first contribution in actions/stale#1020
• @​dusan-trickovic made their first contribution in actions/stale#1056
• @​aparnajyothi-y made their first contribution in actions/stale#1110

Full Changelog: actions/stale@v8...v9.0.0

v8.0.0

⚠️ This version contains breaking changes ⚠️

What's Changed

• New option labels-to-remove-when-stale enables users to specify list of comma delimited labels that will be removed when the issue or PR becomes stale by @​panticmilos actions/stale#770
• Skip deleting the branch in the upstream of a forked repo by @​dsame actions/stale#913
• abort the build on the error by @​dsame in actions/stale#935

Breaking Changes

• In this release we prevent scenarios when the build is not interrupted on some exceptions, which led to successful builds when they are supposed to fail

Example

name: 'Remove labels when the issue or PR becomes stale'
on:
  schedule:
    - cron: '30 1 * * *'
permissions:
pull-requests: write
jobs:
stale:
runs-on: ubuntu-latest
steps:
- uses: actions/stale@v8
with:
labels-to-remove-when-stale: 'label1,label2'

v7.0.0

... (truncated)

Changelog

Sourced from actions/stale's changelog.

Changelog

[7.0.0]

⚠️ Breaking change ⚠️

• Allow daysBeforeStale options to be float by @​irega in actions/stale#841
• Use cache in check-dist.yml by @​jongwooo in actions/stale#876
• fix print outputs step in existing workflows by @​irega in actions/stale#859
• Update issue and PR templates, add/delete workflow files by @​IvanZosimov in actions/stale#880
• Update how stale handles exempt items by @​johnsudol in actions/stale#874

[6.0.1]

Update @​actions/core to v1.10.0 (#839)

[6.0.0]

⚠️ Breaking change ⚠️

Issues/PRs default close-issue-reason is now not_planned(#789)

[5.1.0]

Don't process stale issues right after they're marked stale [Add close-issue-reason option]#764#772 Various dependabot/dependency updates

Commits

• 28ca103 Upgrade Node to v20 (#1110)
• b69b346 build(deps-dev): bump @​types/node from 18.16.18 to 20.5.1 (#1079)
• 88a6f4f build(deps-dev): bump typescript from 5.1.3 to 5.2.2 (#1083)
• 796531a Merge pull request #1080 from akv-platform/fix-delete-cache
• 8986f62 Don not try to delete cache if it does not exists
• cab99b3 fix typo proceeded/processed
• 184e7af Merge pull request #1064 from actions/dependabot/npm_and_yarn/typescript-esli...
• 523885c chore: update eslint-plugin, parser and eslint-plugin-jest
• 2487a1d build(deps-dev): bump @​typescript-eslint/eslint-plugin
• 60c722e Merge pull request #1063 from actions/dependabot/npm_and_yarn/jest-29.6.2
• Additional commits viewable in compare view

Updates codecov/codecov-action from 4 to 5

Release notes

Sourced from codecov/codecov-action's releases.

v5.0.0

v5 Release

v5 of the Codecov GitHub Action will use the Codecov Wrapper to encapsulate the CLI. This will help ensure that the Action gets updates quicker.

Migration Guide

The v5 release also coincides with the opt-out feature for tokens for public repositories. In the Global Upload Token section of the settings page of an organization in codecov.io, you can set the ability for Codecov to receive a coverage reports from any source. This will allow contributors or other members of a repository to upload without needing access to the Codecov token. For more details see how to upload without a token.

[!WARNING]
The following arguments have been changed

• file (this has been deprecated in favor of files)
• plugin (this has been deprecated in favor of plugins)

The following arguments have been added:

• binary
• gcov_args
• gcov_executable
• gcov_ignore
• gcov_include
• report_type
• skip_validation
• swift_project

You can see their usage in the action.yml file.

What's Changed

• chore(deps): bump to eslint9+ and remove eslint-config-google by @​thomasrockhu-codecov in codecov/codecov-action#1591
• build(deps-dev): bump @​octokit/webhooks-types from 7.5.1 to 7.6.1 by @​dependabot in codecov/codecov-action#1595
• build(deps-dev): bump typescript from 5.6.2 to 5.6.3 by @​dependabot in codecov/codecov-action#1604
• build(deps-dev): bump @​typescript-eslint/parser from 8.8.0 to 8.8.1 by @​dependabot in codecov/codecov-action#1601
• build(deps): bump @​actions/core from 1.11.0 to 1.11.1 by @​dependabot in codecov/codecov-action#1597
• build(deps): bump github/codeql-action from 3.26.9 to 3.26.11 by @​dependabot in codecov/codecov-action#1596
• build(deps-dev): bump @​typescript-eslint/eslint-plugin from 8.8.0 to 8.8.1 by @​dependabot in codecov/codecov-action#1600
• build(deps-dev): bump eslint from 9.11.1 to 9.12.0 by @​dependabot in codecov/codecov-action#1598
• build(deps): bump github/codeql-action from 3.26.11 to 3.26.12 by @​dependabot in codecov/codecov-action#1609
• build(deps): bump actions/checkout from 4.2.0 to 4.2.1 by @​dependabot in codecov/codecov-action#1608
• build(deps): bump actions/upload-artifact from 4.4.0 to 4.4.3 by @​dependabot in codecov/codecov-action#1607
• build(deps-dev): bump @​typescript-eslint/parser from 8.8.1 to 8.9.0 by @​dependabot in codecov/codecov-action#1612
• build(deps-dev): bump @​typescript-eslint/eslint-plugin from 8.8.1 to 8.9.0 by @​dependabot in codecov/codecov-action#1611
• build(deps-dev): bump @​typescript-eslint/eslint-plugin from 8.9.0 to 8.10.0 by @​dependabot in codecov/codecov-action#1615
• build(deps-dev): bump eslint from 9.12.0 to 9.13.0 by @​dependabot in codecov/codecov-action#1618
• build(deps): bump github/codeql-action from 3.26.12 to 3.26.13 by @​dependabot in codecov/codecov-action#1617
• build(deps-dev): bump @​typescript-eslint/parser from 8.9.0 to 8.10.0 by @​dependabot in codecov/codecov-action#1614
• build(deps-dev): bump @​typescript-eslint/eslint-plugin from 8.10.0 to 8.11.0 by @​dependabot in codecov/codecov-action#1620
• build(deps-dev): bump @​typescript-eslint/parser from 8.10.0 to 8.11.0 by @​dependabot in codecov/codecov-action#1619
• build(deps-dev): bump @​types/jest from 29.5.13 to 29.5.14 by @​dependabot in codecov/codecov-action#1622
• build(deps): bump actions/checkout from 4.2.1 to 4.2.2 by @​dependabot in codecov/codecov-action#1625
• build(deps): bump github/codeql-action from 3.26.13 to 3.27.0 by @​dependabot in codecov/codecov-action#1624
• build(deps-dev): bump @​typescript-eslint/eslint-plugin from 8.11.0 to 8.12.1 by @​dependabot in codecov/codecov-action#1626
• build(deps-dev): bump @​typescript-eslint/eslint-plugin from 8.12.1 to 8.12.2 by @​dependabot in codecov/codecov-action#1629

... (truncated)

Changelog

Sourced from codecov/codecov-action's changelog.

4.0.0-beta.2

Fixes

• #1085 not adding -n if empty to do-upload command

4.0.0-beta.1

v4 represents a move from the universal uploader to the Codecov CLI. Although this will unlock new features for our users, the CLI is not yet at feature parity with the universal uploader.

Breaking Changes

• No current support for aarch64 and alpine architectures.
• Tokenless uploading is unsuported
• Various arguments to the Action have been removed

3.1.4

Fixes

• #967 Fix typo in README.md
• #971 fix: add back in working dir
• #969 fix: CLI option names for uploader

Dependencies

• #970 build(deps-dev): bump @​types/node from 18.15.12 to 18.16.3
• #979 build(deps-dev): bump @​types/node from 20.1.0 to 20.1.2
• #981 build(deps-dev): bump @​types/node from 20.1.2 to 20.1.4

3.1.3

Fixes

• #960 fix: allow for aarch64 build

Dependencies

• #957 build(deps-dev): bump jest-junit from 15.0.0 to 16.0.0
• #958 build(deps): bump openpgp from 5.7.0 to 5.8.0
• #959 build(deps-dev): bump @​types/node from 18.15.10 to 18.15.12

3.1.2

Fixes

• #718 Update README.md
• #851 Remove unsupported path_to_write_report argument
• #898 codeql-analysis.yml
• #901 Update README to contain correct information - inputs and negate feature
• #955 fix: add in all the extra arguments for uploader

Dependencies

• #819 build(deps): bump openpgp from 5.4.0 to 5.5.0
• #835 build(deps): bump node-fetch from 3.2.4 to 3.2.10
• #840 build(deps): bump ossf/scorecard-action from 1.1.1 to 2.0.4
• #841 build(deps): bump @​actions/core from 1.9.1 to 1.10.0
• #843 build(deps): bump @​actions/github from 5.0.3 to 5.1.1
• #869 build(deps): bump node-fetch from 3.2.10 to 3.3.0
• #872 build(deps-dev): bump jest-junit from 13.2.0 to 15.0.0
• #879 build(deps): bump decode-uri-component from 0.2.0 to 0.2.2

... (truncated)

Commits

• 5c47607 fix: override commit and pr values for PR cases (#1657)
• 3b1354a chore(release): 5.0.1 (#1656)
• 2e2a9c6 fix: update tokenless branch logic (#1650)
• cfc521b Update README.md
• 0642541 fix: use marketplace v5 badge (#1646)
• 9688725 Update README.md
• 2112eae chore(deps): bump wrapper to 0.0.23 (#1644)
• 193421c fixL use the correct source (#1642)
• 6018df7 fix: update container builds (#1640)
• eff1a64 fix: add missing vars (#1638)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[codecov-commenter]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 87.76%. Comparing base (fd60614) to head (d39c4db).

Additional details and impacted files

@@            Coverage Diff             @@
##           master     #770      +/-   ##
==========================================
- Coverage   87.79%   87.76%   -0.03%     
==========================================
  Files         215      215              
  Lines        7258     7258              
==========================================
- Hits         6372     6370       -2     
- Misses        741      742       +1     
- Partials      145      146       +1     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.