chore: Bump the production-dependencies group across 1 directory with 6 updates

[dependabot]

Bumps the production-dependencies group with 6 updates in the / directory:

Package	From	To
actions/checkout	4.2.0	4.2.2
actions/setup-python	5.2.0	5.3.0
actions/cache	4.0.2	4.1.2
codecov/codecov-action	4.6.0	5.0.7
actions/upload-artifact	4.4.0	4.4.3
actions/dependency-review-action	4.3.4	4.5.0

Updates actions/checkout from 4.2.0 to 4.2.2

Release notes

Sourced from actions/checkout's releases.

v4.2.2

What's Changed

• url-helper.ts now leverages well-known environment variables by @​jww3 in actions/checkout#1941
• Expand unit test coverage for isGhes by @​jww3 in actions/checkout#1946

Full Changelog: actions/checkout@v4.2.1...v4.2.2

v4.2.1

What's Changed

• Check out other refs/* by commit if provided, fall back to ref by @​orhantoy in actions/checkout#1924

New Contributors

• @​Jcambass made their first contribution in actions/checkout#1919

Full Changelog: actions/checkout@v4.2.0...v4.2.1

Changelog

Sourced from actions/checkout's changelog.

v4.2.2

• url-helper.ts now leverages well-known environment variables by @​jww3 in actions/checkout#1941
• Expand unit test coverage for isGhes by @​jww3 in actions/checkout#1946

v4.2.1

• Check out other refs/* by commit if provided, fall back to ref by @​orhantoy in actions/checkout#1924

Commits

• 11bd719 Prepare 4.2.2 Release (#1953)
• e3d2460 Expand unit test coverage (#1946)
• 163217d url-helper.ts now leverages well-known environment variables. (#1941)
• eef6144 Prepare 4.2.1 release (#1925)
• 6b42224 Add workflow file for publishing releases to immutable action package (#1919)
• de5a000 Check out other refs/* by commit if provided, fall back to ref (#1924)
• See full diff in compare view

Updates actions/setup-python from 5.2.0 to 5.3.0

Release notes

Sourced from actions/setup-python's releases.

v5.3.0

What's Changed

• Add workflow file for publishing releases to immutable action package by @​Jcambass in actions/setup-python#941
• Upgrade IA publish by @​Jcambass in actions/setup-python#943

Bug Fixes:

• Normalise Line Endings to Ensure Cross-Platform Consistency by @​priya-kinthali in actions/setup-python#938
• Revise isGhes logic by @​jww3 in actions/setup-python#963
• Bump pillow from 7.2 to 10.2.0 by @​aparnajyothi-y in actions/setup-python#956

Enhancements:

• Enhance workflows and documentation updates by @​priya-kinthali in actions/setup-python#965
• Bump default versions to latest by @​jeffwidman in actions/setup-python#905

New Contributors

• @​Jcambass made their first contribution in actions/setup-python#941
• @​jww3 made their first contribution in actions/setup-python#963

Full Changelog: actions/setup-python@v5...v5.3.0

Commits

• 0b93645 Enhance workflows: Add macOS 13 support, upgrade publish-action, and update d...
• 9c76e71 Bump pillow from 7.2 to 10.2.0 in /tests/data (#956)
• f4c5a11 Revise isGhes logic (#963)
• 19dfb7b Bump default versions to latest (#905)
• e9675cc Merge pull request #943 from actions/Jcambass-patch-1
• 3226af6 Upgrade IA publish
• 70dcb22 Merge pull request #941 from actions/Jcambass-patch-1
• 65b48c7 Create publish-immutable-actions.yml
• 29a37be initial commit (#938)
• See full diff in compare view

Updates actions/cache from 4.0.2 to 4.1.2

Release notes

Sourced from actions/cache's releases.

v4.1.2

What's Changed

• Add Bun example by @​idleberg in actions/cache#1456
• Revise isGhes logic by @​jww3 in actions/cache#1474
• Bump braces from 3.0.2 to 3.0.3 by @​dependabot in actions/cache#1475
• Add dependabot.yml to enable automatic dependency upgrades by @​Link- in actions/cache#1476
• Bump actions/checkout from 3 to 4 by @​dependabot in actions/cache#1478
• Bump actions/stale from 3 to 9 by @​dependabot in actions/cache#1479
• Bump github/codeql-action from 2 to 3 by @​dependabot in actions/cache#1483
• Bump actions/setup-node from 3 to 4 by @​dependabot in actions/cache#1481
• Prepare 4.1.2 release by @​Link- in actions/cache#1477

New Contributors

• @​idleberg made their first contribution in actions/cache#1456
• @​jww3 made their first contribution in actions/cache#1474
• @​Link- made their first contribution in actions/cache#1476

Full Changelog: actions/cache@v4...v4.1.2

v4.1.1

What's Changed

• Restore original behavior of cache-hit output by @​joshmgross in actions/cache#1467

Full Changelog: actions/cache@v4.1.0...v4.1.1

v4.1.0

What's Changed

• Fix cache-hit output when cache missed by @​fchimpan in actions/cache#1404
• Deprecate save-always input by @​joshmgross in actions/cache#1452

New Contributors

• @​ottlinger made their first contribution in actions/cache#1437
• @​Olegt0rr made their first contribution in actions/cache#1377
• @​fchimpan made their first contribution in actions/cache#1404
• @​x612skm made their first contribution in actions/cache#1434
• @​todgru made their first contribution in actions/cache#1311
• @​Jcambass made their first contribution in actions/cache#1463
• @​mackey0225 made their first contribution in actions/cache#1462
• @​quatquatt made their first contribution in actions/cache#1445

Full Changelog: actions/cache@v4.0.2...v4.1.0

Changelog

Sourced from actions/cache's changelog.

4.1.2

• Add GitHub Enterprise Cloud instances hostname filters to inform API endpoint choices - #1474
• Security fix: Bump braces from 3.0.2 to 3.0.3 - #1475

4.1.1

• Restore original behavior of cache-hit output - #1467

4.1.0

• Ensure cache-hit output is set when a cache is missed - #1404
• Deprecate save-always input - #1452

Commits

• 6849a64 Release 4.1.2 #1477
• 5a1720c Merge branch 'Link-/prep-4.1.2' of https://github.com/actions/cache into Link...
• d9fef48 Merge branch 'main' into Link-/prep-4.1.2
• a50e8d0 Merge branch 'main' into Link-/prep-4.1.2
• acc9ae5 Merge pull request #1481 from actions/dependabot/github_actions/actions/setup...
• 1ea5f18 Merge branch 'main' into Link-/prep-4.1.2
• cc679ff Merge branch 'main' into dependabot/github_actions/actions/setup-node-4
• 366d43d Merge pull request #1483 from actions/dependabot/github_actions/github/codeql...
• 02bf319 Bump github/codeql-action from 2 to 3
• 6f6220b Merge branch 'main' into dependabot/github_actions/actions/setup-node-4
• Additional commits viewable in compare view

Updates codecov/codecov-action from 4.6.0 to 5.0.7

Release notes

Sourced from codecov/codecov-action's releases.

v5.0.7

What's Changed

• fix: use HEAD_REPO by @​thomasrockhu-codecov in codecov/codecov-action#1690
• chore(release): 5.0.7 by @​thomasrockhu-codecov in codecov/codecov-action#1691

Full Changelog: codecov/codecov-action@v5.0.6...v5.0.7

v5.0.6

What's Changed

• fix: update CODECOV_TOKEN and fix tokenless by @​thomasrockhu-codecov in codecov/codecov-action#1688
• chore(release): 5.0.6 by @​thomasrockhu-codecov in codecov/codecov-action#1689

Full Changelog: codecov/codecov-action@v5.0.5...v5.0.6

v5.0.5

What's Changed

• chore(release): wrapper-0.0.27 by @​codecov-releaser-app in codecov/codecov-action#1685
• chore(release): 5.0.5 by @​thomasrockhu-codecov in codecov/codecov-action#1686

New Contributors

• @​codecov-releaser-app made their first contribution in codecov/codecov-action#1685

Full Changelog: codecov/codecov-action@v5.0.4...v5.0.5

v5.0.4

What's Changed

• fix: add action version by @​thomasrockhu-codecov in codecov/codecov-action#1678
• fix: strip out a trailing /n from input tokens by @​thomasrockhu-codecov in codecov/codecov-action#1679
• chore(deps): bump wrapper to 0.0.26 by @​thomasrockhu-codecov in codecov/codecov-action#1681
• chore(release): 5.0.4 by @​thomasrockhu-codecov in codecov/codecov-action#1682

Full Changelog: codecov/codecov-action@v5.0.3...v5.0.4

v5.0.3

What's Changed

• fix: typo in inputs.disable_safe_directory by @​mkroening in codecov/codecov-action#1666
• build(deps): bump github/codeql-action from 3.27.0 to 3.27.4 by @​dependabot in codecov/codecov-action#1665
• fix: bump to v5 and update README by @​thomasrockhu-codecov in codecov/codecov-action#1655
• fix: update CHANGELOG and automate by @​thomasrockhu-codecov in codecov/codecov-action#1674
• fix: prevent always setting tokenless to be true by @​thomasrockhu-codecov in codecov/codecov-action#1673
• fix: use double-quotes for OIDC by @​thomasrockhu-codecov in codecov/codecov-action#1669
• fix: update OIDC audience by @​thomasrockhu-codecov in codecov/codecov-action#1675
• chore(release): 5.0.3 by @​thomasrockhu-codecov in codecov/codecov-action#1676

Full Changelog: codecov/codecov-action@v5.0.2...v5.0.3

... (truncated)

Changelog

Sourced from codecov/codecov-action's changelog.

v5.0.7

What's Changed

• fix: use HEAD_REPO by @​thomasrockhu-codecov in codecov/codecov-action#1690

Full Changelog: https://github.com/codecov/codecov-action/compare/v5.0.6..v5.0.7

v5.0.6

What's Changed

• fix: update CODECOV_TOKEN and fix tokenless by @​thomasrockhu-codecov in codecov/codecov-action#1688

Full Changelog: https://github.com/codecov/codecov-action/compare/v5.0.5..v5.0.6

v5.0.5

What's Changed

• chore(release): wrapper-0.0.27 by @​app/codecov-releaser-app in codecov/codecov-action#1685

Full Changelog: https://github.com/codecov/codecov-action/compare/v5.0.4..v5.0.5

v5.0.4

What's Changed

• chore(deps): bump wrapper to 0.0.26 by @​thomasrockhu-codecov in codecov/codecov-action#1681
• fix: strip out a trailing /n from input tokens by @​thomasrockhu-codecov in codecov/codecov-action#1679
• fix: add action version by @​thomasrockhu-codecov in codecov/codecov-action#1678

Full Changelog: https://github.com/codecov/codecov-action/compare/v5.0.3..v5.0.4

v5.0.3

What's Changed

• fix: update OIDC audience by @​thomasrockhu-codecov in codecov/codecov-action#1675
• fix: use double-quotes for OIDC by @​thomasrockhu-codecov in codecov/codecov-action#1669
• fix: prevent always setting tokenless to be true by @​thomasrockhu-codecov in codecov/codecov-action#1673
• fix: update CHANGELOG and automate by @​thomasrockhu-codecov in codecov/codecov-action#1674
• fix: bump to v5 and update README by @​thomasrockhu-codecov in codecov/codecov-action#1655
• build(deps): bump github/codeql-action from 3.27.0 to 3.27.4 by @​app/dependabot in codecov/codecov-action#1665
• fix: typo in inputs.disable_safe_directory by @​mkroening in codecov/codecov-action#1666

Full Changelog: https://github.com/codecov/codecov-action/compare/v5.0.2..v5.0.3

v5.0.2

What's Changed

• fix: override commit and pr values for PR cases by @​thomasrockhu-codecov in codecov/codecov-action#1657

Full Changelog: codecov/codecov-action@v5.0.1...v5.0.2

... (truncated)

Commits

• 015f24e chore(release): 5.0.7 (#1691)
• a76271d fix: use HEAD_REPO (#1690)
• d168679 chore(release): 5.0.6 (#1689)
• 373fd71 fix: update CODECOV_TOKEN and fix tokenless (#1688)
• 288befb chore(release): 5.0.5 (#1686)
• 7e69d37 chore(release): wrapper-0.0.27 (#1685)
• 985343d chore(release): 5.0.4 (#1682)
• 31d1900 chore(deps): bump wrapper to 0.0.26 (#1681)
• 095cfe0 fix: strip out a trailing /n from input tokens (#1679)
• b542d5a fix: add action version (#1678)
• Additional commits viewable in compare view

Updates actions/upload-artifact from 4.4.0 to 4.4.3

Release notes

Sourced from actions/upload-artifact's releases.

v4.4.3

What's Changed

• Undo indirect dependency updates from #627 by @​joshmgross in actions/upload-artifact#632

Full Changelog: actions/upload-artifact@v4.4.2...v4.4.3

v4.4.2

What's Changed

• Bump @actions/artifact to 2.1.11 by @​robherley in actions/upload-artifact#627
  • Includes fix for relative symlinks not resolving properly

Full Changelog: actions/upload-artifact@v4.4.1...v4.4.2

v4.4.1

What's Changed

• Add a section about hidden files by @​joshmgross in actions/upload-artifact#607
• Add workflow file for publishing releases to immutable action package by @​Jcambass in actions/upload-artifact#621
• Update @​actions/artifact to latest version, includes symlink and timeout fixes by @​robherley in actions/upload-artifact#625

New Contributors

• @​Jcambass made their first contribution in actions/upload-artifact#621

Full Changelog: actions/upload-artifact@v4.4.0...v4.4.1

Commits

• b4b15b8 Merge pull request #632 from actions/joshmgross/undo-dependency-changes
• 92b01eb Undo indirect dependency updates from #627
• 8448086 Merge pull request #627 from actions/robherley/v4.4.2
• b1d4642 add explicit relative and absolute symlinks to workflow
• d50e660 bump version
• aabe6f8 build with @​actions/artifact v2.1.11
• 604373d Merge pull request #625 from actions/robherley/artifact-2.1.10
• 0150148 paste right core version
• a009b25 update licenses
• 9f6f6f4 update @​actions/core and @​actions/artifact to latest versions
• Additional commits viewable in compare view

Updates actions/dependency-review-action from 4.3.4 to 4.5.0

Release notes

Sourced from actions/dependency-review-action's releases.

v4.5.0

What's Changed

• Bump got from 14.4.2 to 14.4.3 by @​dependabot in actions/dependency-review-action#844
• Bump nodemon from 3.1.0 to 3.1.7 by @​dependabot in actions/dependency-review-action#847
• Bump @​vercel/ncc from 0.38.1 to 0.38.3 by @​dependabot in actions/dependency-review-action#849
• Overriding the cross-spawn dependency to use a safe version by @​Ahmed3lmallah in actions/dependency-review-action#850
• fix: add summary comment on failure when warn-only: true by @​ebickle in actions/dependency-review-action#827
• Prepare for 4.5.0 release by @​Ahmed3lmallah in actions/dependency-review-action#851

New Contributors

• @​ebickle made their first contribution in actions/dependency-review-action#827

Full Changelog: actions/dependency-review-action@v4...v4.5.0

v4.4.0

What's Changed

• Fix for merge_group event bug by @​Ahmed3lmallah in actions/dependency-review-action#846

Full Changelog: actions/dependency-review-action@v4.3.5...v4.4.0

v4.3.5

What's Changed

• fix: getRefs function to handle merge_group events by @​louis-bompart in actions/dependency-review-action#766
• Create pull_request_template.md by @​jonjanego in actions/dependency-review-action#794
• Update CONTRIBUTING.md by @​jonjanego in actions/dependency-review-action#793
• Bump @​types/node from 20.11.28 to 20.16.0 by @​dependabot in actions/dependency-review-action#815
• Upgrade transitive micromatch library by @​elireisman in actions/dependency-review-action#829
• Do not list changed dependencies in summary by @​hmaurer in actions/dependency-review-action#828
• Update stale.yaml by @​jonjanego in actions/dependency-review-action#832
• Bump got from 14.4.1 to 14.4.2 by @​dependabot in actions/dependency-review-action#822
• Bump eslint-plugin-jest and ts-jest by @​Ahmed3lmallah in actions/dependency-review-action#840

New Contributors

• @​louis-bompart made their first contribution in actions/dependency-review-action#766
• @​Ahmed3lmallah made their first contribution in actions/dependency-review-action#840

Full Changelog: actions/dependency-review-action@v4.3.4...v4.3.5

Commits

• 3b139cf Merge pull request #851 from actions/ahmed3lmallah/prepare-for-4.5.0-release
• d6807b6 updating generated code
• c89b41f addressing lint issues
• eee97d8 incrementing project version
• 9d10182 Merge pull request #827 from ebickle/fix/comment-warn-only
• 9192be9 Merge pull request #850 from actions/ahmed3lmallah/adressing-CVE-2024-21538
• 2fc8e23 Using cross-spawn safe version
• fb86db2 fix: resolve race conditions in async core.group calls
• 0a198ab fix: replace integer failureCount with boolean
• fc499fc Merge branch 'main' into fix/comment-warn-only
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 98.68%. Comparing base (039619f) to head (0823c94).

Additional details and impacted files

@@           Coverage Diff            @@
##           develop     #195   +/-   ##
========================================
  Coverage    98.68%   98.68%           
========================================
  Files            4        4           
  Lines           76       76           
  Branches         9        9           
========================================
  Hits            75       75           
  Misses           1        1           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[dependabot]

Superseded by #197.