chore(deps): Bump the actions group across 1 directory with 8 updates (#18)

Bumps the actions group with 8 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [actions/checkout](https://github.com/actions/checkout) | `4.1.1` |
`6.0.2` |
| [haskell-actions/setup](https://github.com/haskell-actions/setup) |
`2.7.5` | `2.10.3` |
| [actions/cache](https://github.com/actions/cache) | `4.0.2` | `5.0.3`
|
|
[actions/upload-pages-artifact](https://github.com/actions/upload-pages-artifact)
| `3.0.1` | `4.0.0` |
| [github/codeql-action](https://github.com/github/codeql-action) |
`4.31.9` | `4.32.0` |
| [erlef/setup-beam](https://github.com/erlef/setup-beam) | `1.17.5` |
`1.20.4` |
| [actions/github-script](https://github.com/actions/github-script) |
`7.0.1` | `8.0.0` |
|
[trufflesecurity/trufflehog](https://github.com/trufflesecurity/trufflehog)
| `3.92.4` | `3.92.5` |


Updates `actions/checkout` from 4.1.1 to 6.0.2
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/checkout/releases">actions/checkout's
releases</a>.</em></p>
<blockquote>
<h2>v6.0.2</h2>
<h2>What's Changed</h2>
<ul>
<li>Add orchestration_id to git user-agent when ACTIONS_ORCHESTRATION_ID
is set by <a
href="https://github.com/TingluoHuang"><code>@​TingluoHuang</code></a>
in <a
href="https://redirect.github.com/actions/checkout/pull/2355">actions/checkout#2355</a></li>
<li>Fix tag handling: preserve annotations and explicit fetch-tags by <a
href="https://github.com/ericsciple"><code>@​ericsciple</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2356">actions/checkout#2356</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/checkout/compare/v6.0.1...v6.0.2">https://github.com/actions/checkout/compare/v6.0.1...v6.0.2</a></p>
<h2>v6.0.1</h2>
<h2>What's Changed</h2>
<ul>
<li>Update all references from v5 and v4 to v6 by <a
href="https://github.com/ericsciple"><code>@​ericsciple</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2314">actions/checkout#2314</a></li>
<li>Add worktree support for persist-credentials includeIf by <a
href="https://github.com/ericsciple"><code>@​ericsciple</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2327">actions/checkout#2327</a></li>
<li>Clarify v6 README by <a
href="https://github.com/ericsciple"><code>@​ericsciple</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2328">actions/checkout#2328</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/checkout/compare/v6...v6.0.1">https://github.com/actions/checkout/compare/v6...v6.0.1</a></p>
<h2>v6.0.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Update README to include Node.js 24 support details and requirements
by <a href="https://github.com/salmanmkc"><code>@​salmanmkc</code></a>
in <a
href="https://redirect.github.com/actions/checkout/pull/2248">actions/checkout#2248</a></li>
<li>Persist creds to a separate file by <a
href="https://github.com/ericsciple"><code>@​ericsciple</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2286">actions/checkout#2286</a></li>
<li>v6-beta by <a
href="https://github.com/ericsciple"><code>@​ericsciple</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2298">actions/checkout#2298</a></li>
<li>update readme/changelog for v6 by <a
href="https://github.com/ericsciple"><code>@​ericsciple</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2311">actions/checkout#2311</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/checkout/compare/v5.0.0...v6.0.0">https://github.com/actions/checkout/compare/v5.0.0...v6.0.0</a></p>
<h2>v6-beta</h2>
<h2>What's Changed</h2>
<p>Updated persist-credentials to store the credentials under
<code>$RUNNER_TEMP</code> instead of directly in the local git
config.</p>
<p>This requires a minimum Actions Runner version of <a
href="https://github.com/actions/runner/releases/tag/v2.329.0">v2.329.0</a>
to access the persisted credentials for <a
href="https://docs.github.com/en/actions/tutorials/use-containerized-services/create-a-docker-container-action">Docker
container action</a> scenarios.</p>
<h2>v5.0.1</h2>
<h2>What's Changed</h2>
<ul>
<li>Port v6 cleanup to v5 by <a
href="https://github.com/ericsciple"><code>@​ericsciple</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2301">actions/checkout#2301</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/checkout/compare/v5...v5.0.1">https://github.com/actions/checkout/compare/v5...v5.0.1</a></p>
<h2>v5.0.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Update actions checkout to use node 24 by <a
href="https://github.com/salmanmkc"><code>@​salmanmkc</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2226">actions/checkout#2226</a></li>
<li>Prepare v5.0.0 release by <a
href="https://github.com/salmanmkc"><code>@​salmanmkc</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2238">actions/checkout#2238</a></li>
</ul>
<h2>⚠️ Minimum Compatible Runner Version</h2>
<p><strong>v2.327.1</strong><br />
<a
href="https://github.com/actions/runner/releases/tag/v2.327.1">Release
Notes</a></p>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/actions/checkout/blob/main/CHANGELOG.md">actions/checkout's
changelog</a>.</em></p>
<blockquote>
<h1>Changelog</h1>
<h2>v6.0.2</h2>
<ul>
<li>Fix tag handling: preserve annotations and explicit fetch-tags by <a
href="https://github.com/ericsciple"><code>@​ericsciple</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2356">actions/checkout#2356</a></li>
</ul>
<h2>v6.0.1</h2>
<ul>
<li>Add worktree support for persist-credentials includeIf by <a
href="https://github.com/ericsciple"><code>@​ericsciple</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2327">actions/checkout#2327</a></li>
</ul>
<h2>v6.0.0</h2>
<ul>
<li>Persist creds to a separate file by <a
href="https://github.com/ericsciple"><code>@​ericsciple</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2286">actions/checkout#2286</a></li>
<li>Update README to include Node.js 24 support details and requirements
by <a href="https://github.com/salmanmkc"><code>@​salmanmkc</code></a>
in <a
href="https://redirect.github.com/actions/checkout/pull/2248">actions/checkout#2248</a></li>
</ul>
<h2>v5.0.1</h2>
<ul>
<li>Port v6 cleanup to v5 by <a
href="https://github.com/ericsciple"><code>@​ericsciple</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2301">actions/checkout#2301</a></li>
</ul>
<h2>v5.0.0</h2>
<ul>
<li>Update actions checkout to use node 24 by <a
href="https://github.com/salmanmkc"><code>@​salmanmkc</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2226">actions/checkout#2226</a></li>
</ul>
<h2>v4.3.1</h2>
<ul>
<li>Port v6 cleanup to v4 by <a
href="https://github.com/ericsciple"><code>@​ericsciple</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2305">actions/checkout#2305</a></li>
</ul>
<h2>v4.3.0</h2>
<ul>
<li>docs: update README.md by <a
href="https://github.com/motss"><code>@​motss</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1971">actions/checkout#1971</a></li>
<li>Add internal repos for checking out multiple repositories by <a
href="https://github.com/mouismail"><code>@​mouismail</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1977">actions/checkout#1977</a></li>
<li>Documentation update - add recommended permissions to Readme by <a
href="https://github.com/benwells"><code>@​benwells</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2043">actions/checkout#2043</a></li>
<li>Adjust positioning of user email note and permissions heading by <a
href="https://github.com/joshmgross"><code>@​joshmgross</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2044">actions/checkout#2044</a></li>
<li>Update README.md by <a
href="https://github.com/nebuk89"><code>@​nebuk89</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2194">actions/checkout#2194</a></li>
<li>Update CODEOWNERS for actions by <a
href="https://github.com/TingluoHuang"><code>@​TingluoHuang</code></a>
in <a
href="https://redirect.github.com/actions/checkout/pull/2224">actions/checkout#2224</a></li>
<li>Update package dependencies by <a
href="https://github.com/salmanmkc"><code>@​salmanmkc</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/2236">actions/checkout#2236</a></li>
</ul>
<h2>v4.2.2</h2>
<ul>
<li><code>url-helper.ts</code> now leverages well-known environment
variables by <a href="https://github.com/jww3"><code>@​jww3</code></a>
in <a
href="https://redirect.github.com/actions/checkout/pull/1941">actions/checkout#1941</a></li>
<li>Expand unit test coverage for <code>isGhes</code> by <a
href="https://github.com/jww3"><code>@​jww3</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1946">actions/checkout#1946</a></li>
</ul>
<h2>v4.2.1</h2>
<ul>
<li>Check out other refs/* by commit if provided, fall back to ref by <a
href="https://github.com/orhantoy"><code>@​orhantoy</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1924">actions/checkout#1924</a></li>
</ul>
<h2>v4.2.0</h2>
<ul>
<li>Add Ref and Commit outputs by <a
href="https://github.com/lucacome"><code>@​lucacome</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1180">actions/checkout#1180</a></li>
<li>Dependency updates by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>- <a
href="https://redirect.github.com/actions/checkout/pull/1777">actions/checkout#1777</a>,
<a
href="https://redirect.github.com/actions/checkout/pull/1872">actions/checkout#1872</a></li>
</ul>
<h2>v4.1.7</h2>
<ul>
<li>Bump the minor-npm-dependencies group across 1 directory with 4
updates by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1739">actions/checkout#1739</a></li>
<li>Bump actions/checkout from 3 to 4 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1697">actions/checkout#1697</a></li>
<li>Check out other refs/* by commit by <a
href="https://github.com/orhantoy"><code>@​orhantoy</code></a> in <a
href="https://redirect.github.com/actions/checkout/pull/1774">actions/checkout#1774</a></li>
<li>Pin actions/checkout's own workflows to a known, good, stable
version. by <a href="https://github.com/jww3"><code>@​jww3</code></a> in
<a
href="https://redirect.github.com/actions/checkout/pull/1776">actions/checkout#1776</a></li>
</ul>
<h2>v4.1.6</h2>
<ul>
<li>Check platform to set archive extension appropriately by <a
href="https://github.com/cory-miller"><code>@​cory-miller</code></a> in
<a
href="https://redirect.github.com/actions/checkout/pull/1732">actions/checkout#1732</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/actions/checkout/commit/de0fac2e4500dabe0009e67214ff5f5447ce83dd"><code>de0fac2</code></a>
Fix tag handling: preserve annotations and explicit fetch-tags (<a
href="https://redirect.github.com/actions/checkout/issues/2356">#2356</a>)</li>
<li><a
href="https://github.com/actions/checkout/commit/064fe7f3312418007dea2b49a19844a9ee378f49"><code>064fe7f</code></a>
Add orchestration_id to git user-agent when ACTIONS_ORCHESTRATION_ID is
set (...</li>
<li><a
href="https://github.com/actions/checkout/commit/8e8c483db84b4bee98b60c0593521ed34d9990e8"><code>8e8c483</code></a>
Clarify v6 README (<a
href="https://redirect.github.com/actions/checkout/issues/2328">#2328</a>)</li>
<li><a
href="https://github.com/actions/checkout/commit/033fa0dc0b82693d8986f1016a0ec2c5e7d9cbb1"><code>033fa0d</code></a>
Add worktree support for persist-credentials includeIf (<a
href="https://redirect.github.com/actions/checkout/issues/2327">#2327</a>)</li>
<li><a
href="https://github.com/actions/checkout/commit/c2d88d3ecc89a9ef08eebf45d9637801dcee7eb5"><code>c2d88d3</code></a>
Update all references from v5 and v4 to v6 (<a
href="https://redirect.github.com/actions/checkout/issues/2314">#2314</a>)</li>
<li><a
href="https://github.com/actions/checkout/commit/1af3b93b6815bc44a9784bd300feb67ff0d1eeb3"><code>1af3b93</code></a>
update readme/changelog for v6 (<a
href="https://redirect.github.com/actions/checkout/issues/2311">#2311</a>)</li>
<li><a
href="https://github.com/actions/checkout/commit/71cf2267d89c5cb81562390fa70a37fa40b1305e"><code>71cf226</code></a>
v6-beta (<a
href="https://redirect.github.com/actions/checkout/issues/2298">#2298</a>)</li>
<li><a
href="https://github.com/actions/checkout/commit/069c6959146423d11cd0184e6accf28f9d45f06e"><code>069c695</code></a>
Persist creds to a separate file (<a
href="https://redirect.github.com/actions/checkout/issues/2286">#2286</a>)</li>
<li><a
href="https://github.com/actions/checkout/commit/ff7abcd0c3c05ccf6adc123a8cd1fd4fb30fb493"><code>ff7abcd</code></a>
Update README to include Node.js 24 support details and requirements (<a
href="https://redirect.github.com/actions/checkout/issues/2248">#2248</a>)</li>
<li><a
href="https://github.com/actions/checkout/commit/08c6903cd8c0fde910a37f88322edcfb5dd907a8"><code>08c6903</code></a>
Prepare v5.0.0 release (<a
href="https://redirect.github.com/actions/checkout/issues/2238">#2238</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/actions/checkout/compare/v4.1.1...de0fac2e4500dabe0009e67214ff5f5447ce83dd">compare
view</a></li>
</ul>
</details>
<br />

Updates `haskell-actions/setup` from 2.7.5 to 2.10.3
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/haskell-actions/setup/releases">haskell-actions/setup's
releases</a>.</em></p>
<blockquote>
<h2>v2.10.3</h2>
<p>Add Stack 3.9.1</p>
<h2>What's Changed</h2>
<ul>
<li>Add Stack 3.9.1 by <a
href="https://github.com/andreasabel"><code>@​andreasabel</code></a> in
<a
href="https://redirect.github.com/haskell-actions/setup/pull/138">haskell-actions/setup#138</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/haskell-actions/setup/compare/v2.10.2...v2.10.3">https://github.com/haskell-actions/setup/compare/v2.10.2...v2.10.3</a></p>
<h2>v2.10.2</h2>
<p>Remove GHCup vanilla channel from defaults</p>
<h2>What's Changed</h2>
<ul>
<li>Remove GHCup vanilla channel from defaults by <a
href="https://github.com/andreasabel"><code>@​andreasabel</code></a> in
<a
href="https://redirect.github.com/haskell-actions/setup/pull/137">haskell-actions/setup#137</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/haskell-actions/setup/compare/v2.10.1...v2.10.2">https://github.com/haskell-actions/setup/compare/v2.10.1...v2.10.2</a></p>
<h2>v2.10.1</h2>
<p>Move all ghcup-add-channel commands into same group</p>
<h2>What's Changed</h2>
<ul>
<li>Remove broken GHC 9.12.3 by <a
href="https://github.com/andreasabel"><code>@​andreasabel</code></a> in
<a
href="https://redirect.github.com/haskell-actions/setup/pull/133">haskell-actions/setup#133</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/haskell-actions/setup/compare/v2.10.0...v2.10.1">https://github.com/haskell-actions/setup/compare/v2.10.0...v2.10.1</a></p>
<h2>v2.10.0</h2>
<p>Use GHCup vanilla and prereleases channels by default</p>
<h2>What's Changed</h2>
<ul>
<li>Bump actions/checkout from 5 to 6 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/haskell-actions/setup/pull/128">haskell-actions/setup#128</a></li>
<li>Fix <a
href="https://redirect.github.com/haskell-actions/setup/issues/130">#130</a>:
support GHCup on 32bit architecture by <a
href="https://github.com/andreasabel"><code>@​andreasabel</code></a> in
<a
href="https://redirect.github.com/haskell-actions/setup/pull/131">haskell-actions/setup#131</a></li>
<li>Add GHCs 9.14.1 and 9.12.3 and Cabal 3.16.1.0 by <a
href="https://github.com/andreasabel"><code>@​andreasabel</code></a> in
<a
href="https://redirect.github.com/haskell-actions/setup/pull/132">haskell-actions/setup#132</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/haskell-actions/setup/compare/v2.9.0...v2.10.0">https://github.com/haskell-actions/setup/compare/v2.9.0...v2.10.0</a></p>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/haskell-actions/setup/commit/f9150cb1d140e9a9271700670baa38991e6fa25c"><code>f9150cb</code></a>
Add Stack 3.9.1</li>
<li><a
href="https://github.com/haskell-actions/setup/commit/dc63c94789664bb2910876ec3dfeeaa24d23b96b"><code>dc63c94</code></a>
Remove GHCup vanilla channel from defaults</li>
<li><a
href="https://github.com/haskell-actions/setup/commit/7786314267139caaaf743fbdb70341b116a8d25d"><code>7786314</code></a>
await addGhcupReleaseChannel</li>
<li><a
href="https://github.com/haskell-actions/setup/commit/57571745c639e06be44b0a6a5874b874eb8ba392"><code>5757174</code></a>
Move all ghcup-add-channel commands into same group</li>
<li><a
href="https://github.com/haskell-actions/setup/commit/ca45ec3f5855d88df81d141f6bbe87cf96aa7ede"><code>ca45ec3</code></a>
Remove broken GHC 9.12.3</li>
<li><a
href="https://github.com/haskell-actions/setup/commit/eb29c237a18b47554a426cb75d69844f689dc049"><code>eb29c23</code></a>
Use GHCup vanilla and prereleases channels by default</li>
<li><a
href="https://github.com/haskell-actions/setup/commit/243ff44acce6b550747dcb4b9fa8a960b76e3fb0"><code>243ff44</code></a>
Add GHCs 9.14.1 and 9.12.3 and Cabal 3.16.1.0</li>
<li><a
href="https://github.com/haskell-actions/setup/commit/0512451d82f3ca8c147db62e30464e7c4ca63d30"><code>0512451</code></a>
Fix <a
href="https://redirect.github.com/haskell-actions/setup/issues/130">#130</a>:
support GHCup on 32bit architecture (<a
href="https://redirect.github.com/haskell-actions/setup/issues/131">#131</a>)</li>
<li><a
href="https://github.com/haskell-actions/setup/commit/45e56529521e0883281fb118e14ccc2553c7938c"><code>45e5652</code></a>
Bump actions/checkout from 5 to 6</li>
<li><a
href="https://github.com/haskell-actions/setup/commit/0a703b53e0ecfe04a312712af19699c3d8a17c7a"><code>0a703b5</code></a>
Test: drop macos-13 (deprecated, does not support node 24)</li>
<li>Additional commits viewable in <a
href="https://github.com/haskell-actions/setup/compare/ec49483bfc012387b227434aba94f59a6ecd0900...f9150cb1d140e9a9271700670baa38991e6fa25c">compare
view</a></li>
</ul>
</details>
<br />

Updates `actions/cache` from 4.0.2 to 5.0.3
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/cache/releases">actions/cache's
releases</a>.</em></p>
<blockquote>
<h2>v5.0.3</h2>
<h2>What's Changed</h2>
<ul>
<li>Bump <code>@actions/cache</code> to v5.0.5 (Resolves: <a
href="https://github.com/actions/cache/security/dependabot/33">https://github.com/actions/cache/security/dependabot/33</a>)</li>
<li>Bump <code>@actions/core</code> to v2.0.3</li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/cache/compare/v5...v5.0.3">https://github.com/actions/cache/compare/v5...v5.0.3</a></p>
<h2>v.5.0.2</h2>
<h1>v5.0.2</h1>
<h2>What's Changed</h2>
<p>When creating cache entries, 429s returned from the cache service
will not be retried.</p>
<h2>v5.0.1</h2>
<blockquote>
<p>[!IMPORTANT]
<strong><code>actions/cache@v5</code> runs on the Node.js 24 runtime and
requires a minimum Actions Runner version of
<code>2.327.1</code>.</strong></p>
<p>If you are using self-hosted runners, ensure they are updated before
upgrading.</p>
</blockquote>
<hr />
<h1>v5.0.1</h1>
<h2>What's Changed</h2>
<ul>
<li>fix: update <code>@​actions/cache</code> for Node.js 24 punycode
deprecation by <a
href="https://github.com/salmanmkc"><code>@​salmanmkc</code></a> in <a
href="https://redirect.github.com/actions/cache/pull/1685">actions/cache#1685</a></li>
<li>prepare release v5.0.1 by <a
href="https://github.com/salmanmkc"><code>@​salmanmkc</code></a> in <a
href="https://redirect.github.com/actions/cache/pull/1686">actions/cache#1686</a></li>
</ul>
<h1>v5.0.0</h1>
<h2>What's Changed</h2>
<ul>
<li>Upgrade to use node24 by <a
href="https://github.com/salmanmkc"><code>@​salmanmkc</code></a> in <a
href="https://redirect.github.com/actions/cache/pull/1630">actions/cache#1630</a></li>
<li>Prepare v5.0.0 release by <a
href="https://github.com/salmanmkc"><code>@​salmanmkc</code></a> in <a
href="https://redirect.github.com/actions/cache/pull/1684">actions/cache#1684</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/cache/compare/v5...v5.0.1">https://github.com/actions/cache/compare/v5...v5.0.1</a></p>
<h2>v5.0.0</h2>
<blockquote>
<p>[!IMPORTANT]
<strong><code>actions/cache@v5</code> runs on the Node.js 24 runtime and
requires a minimum Actions Runner version of
<code>2.327.1</code>.</strong></p>
<p>If you are using self-hosted runners, ensure they are updated before
upgrading.</p>
</blockquote>
<hr />
<h2>What's Changed</h2>
<ul>
<li>Upgrade to use node24 by <a
href="https://github.com/salmanmkc"><code>@​salmanmkc</code></a> in <a
href="https://redirect.github.com/actions/cache/pull/1630">actions/cache#1630</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/actions/cache/blob/main/RELEASES.md">actions/cache's
changelog</a>.</em></p>
<blockquote>
<h1>Releases</h1>
<h2>How to prepare a release</h2>
<blockquote>
<p>[!NOTE]<br />
Relevant for maintainers with write access only.</p>
</blockquote>
<ol>
<li>Switch to a new branch from <code>main</code>.</li>
<li>Run <code>npm test</code> to ensure all tests are passing.</li>
<li>Update the version in <a
href="https://github.com/actions/cache/blob/main/package.json"><code>https://github.com/actions/cache/blob/main/package.json</code></a>.</li>
<li>Run <code>npm run build</code> to update the compiled files.</li>
<li>Update this <a
href="https://github.com/actions/cache/blob/main/RELEASES.md"><code>https://github.com/actions/cache/blob/main/RELEASES.md</code></a>
with the new version and changes in the <code>## Changelog</code>
section.</li>
<li>Run <code>licensed cache</code> to update the license report.</li>
<li>Run <code>licensed status</code> and resolve any warnings by
updating the <a
href="https://github.com/actions/cache/blob/main/.licensed.yml"><code>https://github.com/actions/cache/blob/main/.licensed.yml</code></a>
file with the exceptions.</li>
<li>Commit your changes and push your branch upstream.</li>
<li>Open a pull request against <code>main</code> and get it reviewed
and merged.</li>
<li>Draft a new release <a
href="https://github.com/actions/cache/releases">https://github.com/actions/cache/releases</a>
use the same version number used in <code>package.json</code>
<ol>
<li>Create a new tag with the version number.</li>
<li>Auto generate release notes and update them to match the changes you
made in <code>RELEASES.md</code>.</li>
<li>Toggle the set as the latest release option.</li>
<li>Publish the release.</li>
</ol>
</li>
<li>Navigate to <a
href="https://github.com/actions/cache/actions/workflows/release-new-action-version.yml">https://github.com/actions/cache/actions/workflows/release-new-action-version.yml</a>
<ol>
<li>There should be a workflow run queued with the same version
number.</li>
<li>Approve the run to publish the new version and update the major tags
for this action.</li>
</ol>
</li>
</ol>
<h2>Changelog</h2>
<h3>5.0.3</h3>
<ul>
<li>Bump <code>@actions/cache</code> to v5.0.5 (Resolves: <a
href="https://github.com/actions/cache/security/dependabot/33">https://github.com/actions/cache/security/dependabot/33</a>)</li>
<li>Bump <code>@actions/core</code> to v2.0.3</li>
</ul>
<h3>5.0.2</h3>
<ul>
<li>Bump <code>@actions/cache</code> to v5.0.3 <a
href="https://redirect.github.com/actions/cache/pull/1692">#1692</a></li>
</ul>
<h3>5.0.1</h3>
<ul>
<li>Update <code>@azure/storage-blob</code> to <code>^12.29.1</code> via
<code>@actions/cache@5.0.1</code> <a
href="https://redirect.github.com/actions/cache/pull/1685">#1685</a></li>
</ul>
<h3>5.0.0</h3>
<blockquote>
<p>[!IMPORTANT]
<code>actions/cache@v5</code> runs on the Node.js 24 runtime and
requires a minimum Actions Runner version of <code>2.327.1</code>.
If you are using self-hosted runners, ensure they are updated before
upgrading.</p>
</blockquote>
<h3>4.3.0</h3>
<ul>
<li>Bump <code>@actions/cache</code> to <a
href="https://redirect.github.com/actions/toolkit/pull/2132">v4.1.0</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/actions/cache/commit/cdf6c1fa76f9f475f3d7449005a359c84ca0f306"><code>cdf6c1f</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/cache/issues/1695">#1695</a>
from actions/Link-/prepare-5.0.3</li>
<li><a
href="https://github.com/actions/cache/commit/a1bee22673bee4afb9ce4e0a1dc3da1c44060b7d"><code>a1bee22</code></a>
Add review for the <code>@​actions/http-client</code> license</li>
<li><a
href="https://github.com/actions/cache/commit/46957638dc5c5ff0c34c0143f443c07d3a7c769f"><code>4695763</code></a>
Add licensed output</li>
<li><a
href="https://github.com/actions/cache/commit/dc73bb9f7bf74a733c05ccd2edfd1f2ac9e5f502"><code>dc73bb9</code></a>
Upgrade dependencies and address security warnings</li>
<li><a
href="https://github.com/actions/cache/commit/345d5c2f761565bace4b6da356737147e9041e3a"><code>345d5c2</code></a>
Add 5.0.3 builds</li>
<li><a
href="https://github.com/actions/cache/commit/8b402f58fbc84540c8b491a91e594a4576fec3d7"><code>8b402f5</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/cache/issues/1692">#1692</a>
from GhadimiR/main</li>
<li><a
href="https://github.com/actions/cache/commit/304ab5a0701ee61908ccb4b5822347949a2e2002"><code>304ab5a</code></a>
license for httpclient</li>
<li><a
href="https://github.com/actions/cache/commit/609fc19e67cd310e97eb36af42355843ffcb35be"><code>609fc19</code></a>
Update licensed record for cache</li>
<li><a
href="https://github.com/actions/cache/commit/b22231e43df11a67538c05e88835f1fa097599c5"><code>b22231e</code></a>
Build</li>
<li><a
href="https://github.com/actions/cache/commit/93150cdfb36a9d84d4e8628c8870bec84aedcf8a"><code>93150cd</code></a>
Add PR link to releases</li>
<li>Additional commits viewable in <a
href="https://github.com/actions/cache/compare/v4.0.2...cdf6c1fa76f9f475f3d7449005a359c84ca0f306">compare
view</a></li>
</ul>
</details>
<br />

Updates `actions/upload-pages-artifact` from 3.0.1 to 4.0.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/upload-pages-artifact/releases">actions/upload-pages-artifact's
releases</a>.</em></p>
<blockquote>
<h2>v4.0.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Potentially breaking change: hidden files (specifically dotfiles)
will not be included in the artifact by <a
href="https://github.com/tsusdere"><code>@​tsusdere</code></a> in <a
href="https://redirect.github.com/actions/upload-pages-artifact/pull/102">actions/upload-pages-artifact#102</a>
If you need to include dotfiles in your artifact: instead of using this
action, create your own artifact according to these requirements <a
href="https://github.com/actions/upload-pages-artifact?tab=readme-ov-file#artifact-validation">https://github.com/actions/upload-pages-artifact?tab=readme-ov-file#artifact-validation</a></li>
<li>Pin <code>actions/upload-artifact</code> to SHA by <a
href="https://github.com/heavymachinery"><code>@​heavymachinery</code></a>
in <a
href="https://redirect.github.com/actions/upload-pages-artifact/pull/127">actions/upload-pages-artifact#127</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/upload-pages-artifact/compare/v3.0.1...v4.0.0">https://github.com/actions/upload-pages-artifact/compare/v3.0.1...v4.0.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/actions/upload-pages-artifact/commit/7b1f4a764d45c48632c6b24a0339c27f5614fb0b"><code>7b1f4a7</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/upload-pages-artifact/issues/127">#127</a>
from heavymachinery/pin-sha</li>
<li><a
href="https://github.com/actions/upload-pages-artifact/commit/4cc19c7d3f3e6c87c68366501382a03c8b1ba6db"><code>4cc19c7</code></a>
Pin <code>actions/upload-artifact</code> to SHA</li>
<li><a
href="https://github.com/actions/upload-pages-artifact/commit/2d163be3ddce01512f3eea7ac5b7023b5d643ce1"><code>2d163be</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/upload-pages-artifact/issues/107">#107</a>
from KittyChiu/main</li>
<li><a
href="https://github.com/actions/upload-pages-artifact/commit/c70484322b1c476728dcd37fac23c4dea2a0c51a"><code>c704843</code></a>
fix: linted README</li>
<li><a
href="https://github.com/actions/upload-pages-artifact/commit/9605915f1d2fc79418cdce4d5fbe80511c457655"><code>9605915</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/upload-pages-artifact/issues/106">#106</a>
from KittyChiu/kittychiu/update-readme-1</li>
<li><a
href="https://github.com/actions/upload-pages-artifact/commit/e59cdfe6d6b061aab8f0619e759cded914f3ab03"><code>e59cdfe</code></a>
Update README.md</li>
<li><a
href="https://github.com/actions/upload-pages-artifact/commit/a2d67043267d885050434d297d3dd3a3a14fd899"><code>a2d6704</code></a>
doc: updated usage section in readme</li>
<li><a
href="https://github.com/actions/upload-pages-artifact/commit/984864e7b70fb5cb764344dc9c4b5c087662ef50"><code>984864e</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/upload-pages-artifact/issues/105">#105</a>
from actions/Jcambass-patch-1</li>
<li><a
href="https://github.com/actions/upload-pages-artifact/commit/45dc78884ca148c05eddcd8ac0a804d3365e9014"><code>45dc788</code></a>
Add workflow file for publishing releases to immutable action
package</li>
<li><a
href="https://github.com/actions/upload-pages-artifact/commit/efaad07812d4b9ad2e8667cd46426fdfb7c22e22"><code>efaad07</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/upload-pages-artifact/issues/102">#102</a>
from actions/hidden-files</li>
<li>Additional commits viewable in <a
href="https://github.com/actions/upload-pages-artifact/compare/56afc609e74202658d3ffba0e8f6dda462b719fa...7b1f4a764d45c48632c6b24a0339c27f5614fb0b">compare
view</a></li>
</ul>
</details>
<br />

Updates `github/codeql-action` from 4.31.9 to 4.32.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/releases">github/codeql-action's
releases</a>.</em></p>
<blockquote>
<h2>v4.32.0</h2>
<ul>
<li>Update default CodeQL bundle version to <a
href="https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.0">2.24.0</a>.
<a
href="https://redirect.github.com/github/codeql-action/pull/3425">#3425</a></li>
</ul>
<h2>v4.31.11</h2>
<ul>
<li>When running a Default Setup workflow with <a
href="https://docs.github.com/en/actions/how-tos/monitor-workflows/enable-debug-logging">Actions
debugging enabled</a>, the CodeQL Action will now use more unique names
when uploading logs from the Dependabot authentication proxy as workflow
artifacts. This ensures that the artifact names do not clash between
multiple jobs in a build matrix. <a
href="https://redirect.github.com/github/codeql-action/pull/3409">#3409</a></li>
<li>Improved error handling throughout the CodeQL Action. <a
href="https://redirect.github.com/github/codeql-action/pull/3415">#3415</a></li>
<li>Added experimental support for automatically excluding <a
href="https://docs.github.com/en/repositories/working-with-files/managing-files/customizing-how-changed-files-appear-on-github">generated
files</a> from the analysis. This feature is not currently enabled for
any analysis. In the future, it may be enabled by default for some
GitHub-managed analyses. <a
href="https://redirect.github.com/github/codeql-action/pull/3318">#3318</a></li>
<li>The changelog extracts that are included with releases of the CodeQL
Action are now shorter to avoid duplicated information from appearing in
Dependabot PRs. <a
href="https://redirect.github.com/github/codeql-action/pull/3403">#3403</a></li>
</ul>
<h2>v4.31.10</h2>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>4.31.10 - 12 Jan 2026</h2>
<ul>
<li>Update default CodeQL bundle version to 2.23.9. <a
href="https://redirect.github.com/github/codeql-action/pull/3393">#3393</a></li>
</ul>
<p>See the full <a
href="https://github.com/github/codeql-action/blob/v4.31.10/CHANGELOG.md">CHANGELOG.md</a>
for more information.</p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/github/codeql-action/blob/main/CHANGELOG.md">github/codeql-action's
changelog</a>.</em></p>
<blockquote>
<h1>CodeQL Action Changelog</h1>
<p>See the <a
href="https://github.com/github/codeql-action/releases">releases
page</a> for the relevant changes to the CodeQL CLI and language
packs.</p>
<h2>[UNRELEASED]</h2>
<p>No user facing changes.</p>
<h2>4.32.0 - 26 Jan 2026</h2>
<ul>
<li>Update default CodeQL bundle version to <a
href="https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.0">2.24.0</a>.
<a
href="https://redirect.github.com/github/codeql-action/pull/3425">#3425</a></li>
</ul>
<h2>4.31.11 - 23 Jan 2026</h2>
<ul>
<li>When running a Default Setup workflow with <a
href="https://docs.github.com/en/actions/how-tos/monitor-workflows/enable-debug-logging">Actions
debugging enabled</a>, the CodeQL Action will now use more unique names
when uploading logs from the Dependabot authentication proxy as workflow
artifacts. This ensures that the artifact names do not clash between
multiple jobs in a build matrix. <a
href="https://redirect.github.com/github/codeql-action/pull/3409">#3409</a></li>
<li>Improved error handling throughout the CodeQL Action. <a
href="https://redirect.github.com/github/codeql-action/pull/3415">#3415</a></li>
<li>Added experimental support for automatically excluding <a
href="https://docs.github.com/en/repositories/working-with-files/managing-files/customizing-how-changed-files-appear-on-github">generated
files</a> from the analysis. This feature is not currently enabled for
any analysis. In the future, it may be enabled by default for some
GitHub-managed analyses. <a
href="https://redirect.github.com/github/codeql-action/pull/3318">#3318</a></li>
<li>The changelog extracts that are included with releases of the CodeQL
Action are now shorter to avoid duplicated information from appearing in
Dependabot PRs. <a
href="https://redirect.github.com/github/codeql-action/pull/3403">#3403</a></li>
</ul>
<h2>4.31.10 - 12 Jan 2026</h2>
<ul>
<li>Update default CodeQL bundle version to 2.23.9. <a
href="https://redirect.github.com/github/codeql-action/pull/3393">#3393</a></li>
</ul>
<h2>4.31.9 - 16 Dec 2025</h2>
<p>No user facing changes.</p>
<h2>4.31.8 - 11 Dec 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.23.8. <a
href="https://redirect.github.com/github/codeql-action/pull/3354">#3354</a></li>
</ul>
<h2>4.31.7 - 05 Dec 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.23.7. <a
href="https://redirect.github.com/github/codeql-action/pull/3343">#3343</a></li>
</ul>
<h2>4.31.6 - 01 Dec 2025</h2>
<p>No user facing changes.</p>
<h2>4.31.5 - 24 Nov 2025</h2>
<ul>
<li>Update default CodeQL bundle version to 2.23.6. <a
href="https://redirect.github.com/github/codeql-action/pull/3321">#3321</a></li>
</ul>
<h2>4.31.4 - 18 Nov 2025</h2>
<p>No user facing changes.</p>
<h2>4.31.3 - 13 Nov 2025</h2>
<ul>
<li>CodeQL Action v3 will be deprecated in December 2026. The Action now
logs a warning for customers who are running v3 but could be running v4.
For more information, see <a
href="https://github.blog/changelog/2025-10-28-upcoming-deprecation-of-codeql-action-v3/">Upcoming
deprecation of CodeQL Action v3</a>.</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/github/codeql-action/commit/b20883b0cd1f46c72ae0ba6d1090936928f9fa30"><code>b20883b</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/3428">#3428</a>
from github/update-v4.32.0-e3b8227a2</li>
<li><a
href="https://github.com/github/codeql-action/commit/c9aa45dd0f8ba0b0433386779eb4798c2545156b"><code>c9aa45d</code></a>
Update changelog for v4.32.0</li>
<li><a
href="https://github.com/github/codeql-action/commit/e3b8227a28dee88b8eaf5597d892a0cea497e634"><code>e3b8227</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/3427">#3427</a>
from github/henrymercer/bump-for-new-minor-series</li>
<li><a
href="https://github.com/github/codeql-action/commit/8a01181ce209b3e3f51c6add1b9e1e744bdf0064"><code>8a01181</code></a>
Compare minor version number</li>
<li><a
href="https://github.com/github/codeql-action/commit/80e142568fc335997bbf78abac097448213bd9ae"><code>80e1425</code></a>
Bump minor version for CLI v2.24.0</li>
<li><a
href="https://github.com/github/codeql-action/commit/b748848f27bc46a97bbb965c606bbc298e760a9a"><code>b748848</code></a>
Bump the Action minor version number on new CodeQL minor version
series</li>
<li><a
href="https://github.com/github/codeql-action/commit/5e767eff5aa6e2b719f353611ff3c363d6225d18"><code>5e767ef</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/3425">#3425</a>
from github/update-bundle/codeql-bundle-v2.24.0</li>
<li><a
href="https://github.com/github/codeql-action/commit/975286947045be7e8b204a16b36b1b04b9feef86"><code>9752869</code></a>
Add changelog note</li>
<li><a
href="https://github.com/github/codeql-action/commit/c62c214723e7c0cdfb907bede6988df3a0640c7e"><code>c62c214</code></a>
Update default bundle to codeql-bundle-v2.24.0</li>
<li><a
href="https://github.com/github/codeql-action/commit/25a224b8085c21d4d61b7fc051468805fc3ac490"><code>25a224b</code></a>
Merge pull request <a
href="https://redirect.github.com/github/codeql-action/issues/3423">#3423</a>
from github/mbg/ci/yq-windows</li>
<li>Additional commits viewable in <a
href="https://github.com/github/codeql-action/compare/5d4e8d1aca955e8d8589aabd499c5cae939e33c7...b20883b0cd1f46c72ae0ba6d1090936928f9fa30">compare
view</a></li>
</ul>
</details>
<br />

Updates `erlef/setup-beam` from 1.17.5 to 1.20.4
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/erlef/setup-beam/releases">erlef/setup-beam's
releases</a>.</em></p>
<blockquote>
<h2>v1.20.4</h2>
<h2>What's Changed</h2>
<ul>
<li>Fix: more versioning around <code>nightly</code> and
<code>maint</code>/<code>main</code> by <a
href="https://github.com/paulo-ferraz-oliveira"><code>@​paulo-ferraz-oliveira</code></a>
in <a
href="https://redirect.github.com/erlef/setup-beam/pull/359">erlef/setup-beam#359</a></li>
</ul>
<h2>Dependabot updates</h2>
<ul>
<li>Bump eslint from 9.30.0 to 9.30.1 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/erlef/setup-beam/pull/362">erlef/setup-beam#362</a></li>
<li>Bump <code>@​eslint/js</code> from 9.30.0 to 9.30.1 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/erlef/setup-beam/pull/360">erlef/setup-beam#360</a></li>
<li>Bump globals from 16.2.0 to 16.3.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/erlef/setup-beam/pull/361">erlef/setup-beam#361</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/erlef/setup-beam/compare/v1.20.3...v1.20.4">https://github.com/erlef/setup-beam/compare/v1.20.3...v1.20.4</a></p>
<h2>v1.20.3</h2>
<h2>What's Changed</h2>
<ul>
<li>Handle <code>.tool-versions</code>' line break on Windows by <a
href="https://github.com/paulo-ferraz-oliveira"><code>@​paulo-ferraz-oliveira</code></a>
in <a
href="https://redirect.github.com/erlef/setup-beam/pull/357">erlef/setup-beam#357</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/erlef/setup-beam/compare/v1.20...v1.20.3">https://github.com/erlef/setup-beam/compare/v1.20...v1.20.3</a></p>
<h2>v1.20.2</h2>
<h2>What's Changed</h2>
<ul>
<li>Test for updated doc. on <code>latest</code> / ranges /
<code>-rc</code> by <a
href="https://github.com/paulo-ferraz-oliveira"><code>@​paulo-ferraz-oliveira</code></a>
in <a
href="https://redirect.github.com/erlef/setup-beam/pull/349">erlef/setup-beam#349</a></li>
<li>Bump eslint from 9.29.0 to 9.30.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/erlef/setup-beam/pull/354">erlef/setup-beam#354</a></li>
<li>Bump prettier from 3.6.0 to 3.6.2 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/erlef/setup-beam/pull/353">erlef/setup-beam#353</a></li>
<li>Bump <code>@​eslint/js</code> from 9.29.0 to 9.30.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/erlef/setup-beam/pull/352">erlef/setup-beam#352</a></li>
<li>Fix calculating <code>-otp-</code> major for Elixir by <a
href="https://github.com/paulo-ferraz-oliveira"><code>@​paulo-ferraz-oliveira</code></a>
in <a
href="https://redirect.github.com/erlef/setup-beam/pull/351">erlef/setup-beam#351</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/erlef/setup-beam/compare/v1.20...v1.20.2">https://github.com/erlef/setup-beam/compare/v1.20...v1.20.2</a></p>
<h2>v1.20.1</h2>
<h2>What's Changed</h2>
<ul>
<li>Add back deprecated runners with warning by <a
href="https://github.com/paulo-ferraz-oliveira"><code>@​paulo-ferraz-oliveira</code></a>
in <a
href="https://redirect.github.com/erlef/setup-beam/pull/348">erlef/setup-beam#348</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/erlef/setup-beam/compare/v1...v1.20.1">https://github.com/erlef/setup-beam/compare/v1...v1.20.1</a></p>
<h2>v1.20.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Fix broken link in <code>CODE_OF_CONDUCT.md</code> by <a
href="https://github.com/vkatsuba"><code>@​vkatsuba</code></a> in <a
href="https://redirect.github.com/erlef/setup-beam/pull/335">erlef/setup-beam#335</a></li>
<li>Improve output when failing to get a version from &quot;a
place&quot; by <a
href="https://github.com/paulo-ferraz-oliveira"><code>@​paulo-ferraz-oliveira</code></a>
in <a
href="https://redirect.github.com/erlef/setup-beam/pull/334">erlef/setup-beam#334</a></li>
<li>Support macOS via <a
href="https://github.com/erlef/otp_builds">https://github.com/erlef/otp_builds</a>
by <a
href="https://github.com/paulo-ferraz-oliveira"><code>@​paulo-ferraz-oliveira</code></a>
in <a
href="https://redirect.github.com/erlef/setup-beam/pull/332">erlef/setup-beam#332</a></li>
<li>Minor maintenance updates by <a
href="https://github.com/paulo-ferraz-oliveira"><code>@​paulo-ferraz-oliveira</code></a>
in <a
href="https://redirect.github.com/erlef/setup-beam/pull/336">erlef/setup-beam#336</a></li>
<li>Update 3rd party licenses (automation) by <a
href="https://github.com/github-actions"><code>@​github-actions</code></a>
in <a
href="https://redirect.github.com/erlef/setup-beam/pull/337">erlef/setup-beam#337</a></li>
<li>Act on CodeQL's suggestions for tightening security / improving
performance by <a
href="https://github.com/paulo-ferraz-oliveira"><code>@​paulo-ferraz-oliveira</code></a>
in <a
href="https://redirect.github.com/erlef/setup-beam/pull/338">erlef/setup-beam#338</a></li>
<li>Dependabot version updates by <a
href="https://github.com/paulo-ferraz-oliveira"><code>@​paulo-ferraz-oliveira</code></a>
in <a
href="https://redirect.github.com/erlef/setup-beam/pull/340">erlef/setup-beam#340</a></li>
<li>Match only on what we know should match (versions start with
numbers, after OTP-) by <a
href="https://github.com/paulo-ferraz-oliveira"><code>@​paulo-ferraz-oliveira</code></a>
in <a
href="https://redirect.github.com/erlef/setup-beam/pull/341">erlef/setup-beam#341</a></li>
</ul>
<h3><a
href="https://github.com/dependabot"><code>@​dependabot</code></a></h3>
<ul>
<li>Bump eslint from 9.27.0 to 9.28.0 in <a
href="https://redirect.github.com/erlef/setup-beam/pull/343">erlef/setup-beam#343</a></li>
<li>Bump <code>@​eslint/js</code> from 9.27.0 to 9.28.0 in <a
href="https://redirect.github.com/erlef/setup-beam/pull/342">erlef/setup-beam#342</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/erlef/setup-beam/commit/e6d7c94229049569db56a7ad5a540c051a010af9"><code>e6d7c94</code></a>
Automation: update setup-beam version output to fceaea9</li>
<li><a
href="https://github.com/erlef/setup-beam/commit/fceaea9f54d3e1728dcde37c9a0915bb4cfffeae"><code>fceaea9</code></a>
Fix: more versioning around <code>nightly</code> and
<code>maint</code>/<code>main</code> (<a
href="https://redirect.github.com/erlef/setup-beam/issues/359">#359</a>)</li>
<li><a
href="https://github.com/erlef/setup-beam/commit/2bb5b653d0dc50a139d649c97f117eb9afe7a2be"><code>2bb5b65</code></a>
Automation: update setup-beam version output to 1d4efdd</li>
<li><a
href="https://github.com/erlef/setup-beam/commit/1d4efdd2e925d87a724996fcb24daf76e8a6e79f"><code>1d4efdd</code></a>
Bump globals from 16.2.0 to 16.3.0 (<a
href="https://redirect.github.com/erlef/setup-beam/issues/361">#361</a>)</li>
<li><a
href="https://github.com/erlef/setup-beam/commit/73f047e3287cd08b822367defd635d37a0da60d3"><code>73f047e</code></a>
Automation: update setup-beam version output to 6dd8a1a</li>
<li><a
href="https://github.com/erlef/setup-beam/commit/6dd8a1a852cab582718c385599c7cb9c22f5d5af"><code>6dd8a1a</code></a>
Bump <code>@​eslint/js</code> from 9.30.0 to 9.30.1 (<a
href="https://redirect.github.com/erlef/setup-beam/issues/360">#360</a>)</li>
<li><a
href="https://github.com/erlef/setup-beam/commit/fd9a2e183fe60ca9731ee821a94a6a878cf63cb5"><code>fd9a2e1</code></a>
Automation: update setup-beam version output to 65085e3</li>
<li><a
href="https://github.com/erlef/setup-beam/commit/65085e37bcd79d7f8065964f111366eabf6f5be0"><code>65085e3</code></a>
Bump eslint from 9.30.0 to 9.30.1 (<a
href="https://redirect.github.com/erlef/setup-beam/issues/362">#362</a>)</li>
<li><a
href="https://github.com/erlef/setup-beam/commit/80c16595164d4aee66fe8c2a6beca905a73d0381"><code>80c1659</code></a>
Automation: update setup-beam version output to 8e7fdef</li>
<li><a
href="https://github.com/erlef/setup-beam/commit/8e7fdef09ffa3ea54328b5000c170a3b9b20ca96"><code>8e7fdef</code></a>
Automation: update setup-beam version output to 1fe9179</li>
<li>Additional commits viewable in <a
href="https://github.com/erlef/setup-beam/compare/2f0cc07b4b9bea248ae098aba9e1a8a1de5ec24c...e6d7c94229049569db56a7ad5a540c051a010af9">compare
view</a></li>
</ul>
</details>
<br />

Updates `actions/github-script` from 7.0.1 to 8.0.0
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/github-script/releases">actions/github-script's
releases</a>.</em></p>
<blockquote>
<h2>v8.0.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Update Node.js version support to 24.x by <a
href="https://github.com/salmanmkc"><code>@​salmanmkc</code></a> in <a
href="https://redirect.github.com/actions/github-script/pull/637">actions/github-script#637</a></li>
<li>README for updating actions/github-script from v7 to v8 by <a
href="https://github.com/sneha-krip"><code>@​sneha-krip</code></a> in <a
href="https://redirect.github.com/actions/github-script/pull/653">actions/github-script#653</a></li>
</ul>
<h2>⚠️ Minimum Compatible Runner Version</h2>
<p><strong>v2.327.1</strong><br />
<a
href="https://github.com/actions/runner/releases/tag/v2.327.1">Release
Notes</a></p>
<p>Make sure your runner is updated to this version or newer to use this
release.</p>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/salmanmkc"><code>@​salmanmkc</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/github-script/pull/637">actions/github-script#637</a></li>
<li><a
href="https://github.com/sneha-krip"><code>@​sneha-krip</code></a> made
their first contribution in <a
href="https://redirect.github.com/actions/github-script/pull/653">actions/github-script#653</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/github-script/compare/v7.1.0...v8.0.0">https://github.com/actions/github-script/compare/v7.1.0...v8.0.0</a></p>
<h2>v7.1.0</h2>
<h2>What's Changed</h2>
<ul>
<li>Upgrade husky to v9 by <a
href="https://github.com/benelan"><code>@​benelan</code></a> in <a
href="https://redirect.github.com/actions/github-script/pull/482">actions/github-script#482</a></li>
<li>Add workflow file for publishing releases to immutable action
package by <a
href="https://github.com/Jcambass"><code>@​Jcambass</code></a> in <a
href="https://redirect.github.com/actions/github-script/pull/485">actions/github-script#485</a></li>
<li>Upgrade IA Publish by <a
href="https://github.com/Jcambass"><code>@​Jcambass</code></a> in <a
href="https://redirect.github.com/actions/github-script/pull/486">actions/github-script#486</a></li>
<li>Fix workflow status badges by <a
href="https://github.com/joshmgross"><code>@​joshmgross</code></a> in <a
href="https://redirect.github.com/actions/github-script/pull/497">actions/github-script#497</a></li>
<li>Update usage of <code>actions/upload-artifact</code> by <a
href="https://github.com/joshmgross"><code>@​joshmgross</code></a> in <a
href="https://redirect.github.com/actions/github-script/pull/512">actions/github-script#512</a></li>
<li>Clear up package name confusion by <a
href="https://github.com/joshmgross"><code>@​joshmgross</code></a> in <a
href="https://redirect.github.com/actions/github-script/pull/514">actions/github-script#514</a></li>
<li>Update dependencies with <code>npm audit fix</code> by <a
href="https://github.com/joshmgross"><code>@​joshmgross</code></a> in <a
href="https://redirect.github.com/actions/github-script/pull/515">actions/github-script#515</a></li>
<li>Specify that the used script is JavaScript by <a
href="https://github.com/timotk"><code>@​timotk</code></a> in <a
href="https://redirect.github.com/actions/github-script/pull/478">actions/github-script#478</a></li>
<li>chore: Add Dependabot for NPM and Actions by <a
href="https://github.com/nschonni"><code>@​nschonni</code></a> in <a
href="https://redirect.github.com/actions/github-script/pull/472">actions/github-script#472</a></li>
<li>Define <code>permissions</code> in workflows and update actions by
<a href="https://github.com/joshmgross"><code>@​joshmgross</code></a> in
<a
href="https://redirect.github.com/actions/github-script/pull/531">actions/github-script#531</a></li>
<li>chore: Add Dependabot for .github/actions/install-dependencies by <a
href="https://github.com/nschonni"><code>@​nschonni</code></a> in <a
href="https://redirect.github.com/actions/github-script/pull/532">actions/github-script#532</a></li>
<li>chore: Remove .vscode settings by <a
href="https://github.com/nschonni"><code>@​nschonni</code></a> in <a
href="https://redirect.github.com/actions/github-script/pull/533">actions/github-script#533</a></li>
<li>ci: Use github/setup-licensed by <a
href="https://github.com/nschonni"><code>@​nschonni</code></a> in <a
href="https://redirect.github.com/actions/github-script/pull/473">actions/github-script#473</a></li>
<li>make octokit instance available as octokit on top of github, to make
it easier to seamlessly copy examples from GitHub rest api or octokit
documentations by <a
href="https://github.com/iamstarkov"><code>@​iamstarkov</code></a> in <a
href="https://redirect.github.com/actions/github-script/pull/508">actions/github-script#508</a></li>
<li>Remove <code>octokit</code> README updates for v7 by <a
href="https://github.com/joshmgross"><code>@​joshmgross</code></a> in <a
href="https://redirect.github.com/actions/github-script/pull/557">actions/github-script#557</a></li>
<li>docs: add &quot;exec&quot; usage examples by <a
href="https://github.com/neilime"><code>@​neilime</code></a> in <a
href="https://redirect.github.com/actions/github-script/pull/546">actions/github-script#546</a></li>
<li>Bump ruby/setup-ruby from 1.213.0 to 1.222.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/actions/github-script/pull/563">actions/github-script#563</a></li>
<li>Bump ruby/setup-ruby from 1.222.0 to 1.229.0 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/actions/github-script/pull/575">actions/github-script#575</a></li>
<li>Clearly document passing inputs to the <code>script</code> by <a
href="https://github.com/joshmgross"><code>@​joshmgross</code></a> in <a
href="https://redirect.github.com/actions/github-script/pull/603">actions/github-script#603</a></li>
<li>Update README.md by <a
href="https://github.com/nebuk89"><code>@​nebuk89</code></a> in <a
href="https://redirect.github.com/actions/github-script/pull/610">actions/github-script#610</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/benelan"><code>@​benelan</code></a> made
their first contribution in <a
href="https://redirect.github.com/actions/github-script/pull/482">actions/github-script#482</a></li>
<li><a href="https://github.com/Jcambass"><code>@​Jcambass</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/github-script/pull/485">actions/github-script#485</a></li>
<li><a href="https://github.com/timotk"><code>@​timotk</code></a> made
their first contribution in <a
href="https://redirect.github.com/actions/github-script/pull/478">actions/github-script#478</a></li>
<li><a
href="https://github.com/iamstarkov"><code>@​iamstarkov</code></a> made
their first contribution in <a
href="https://redirect.github.com/actions/github-script/pull/508">actions/github-script#508</a></li>
<li><a href="https://github.com/neilime"><code>@​neilime</code></a> made
their first contribution in <a
href="https://redirect.github.com/actions/github-script/pull/546">actions/github-script#546</a></li>
<li><a href="https://github.com/nebuk89"><code>@​nebuk89</code></a> made
their first contribution in <a
href="https://redirect.github.com/actions/github-script/pull/610">actions/github-script#610</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/github-script/compare/v7...v7.1.0">https://github.com/actions/github-script/compare/v7...v7.1.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/actions/github-script/commit/ed597411d8f924073f98dfc5c65a23a2325f34cd"><code>ed59741</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/github-script/issues/653">#653</a>
from actions/sneha-krip/readme-for-v8</li>
<li><a
href="https://github.com/actions/github-script/commit/2dc352e4baefd91bec0d06f6ae2f1045d1687ca3"><code>2dc352e</code></a>
Bold minimum Actions Runner version in README</li>
<li><a
href="https://github.com/actions/github-script/commit/01e118c8d0d22115597e46514b5794e7bc3d56f1"><code>01e118c</code></a>
Update README for Node 24 runtime requirements</li>
<li><a
href="https://github.com/actions/github-script/commit/8b222ac82eda86dcad7795c9d49b839f7bf5b18b"><code>8b222ac</code></a>
Apply suggestion from <a
href="https://github.com/salmanmkc"><code>@​salmanmkc</code></a></li>
<li><a
href="https://github.com/actions/github-script/commit/adc0eeac992408a7b276994ca87edde1c8ce4d25"><code>adc0eea</code></a>
README for updating actions/github-script from v7 to v8</li>
<li><a
href="https://github.com/actions/github-script/commit/20fe497b3fe0c7be8aae5c9df711ac716dc9c425"><code>20fe497</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/github-script/issues/637">#637</a>
from actions/node24</li>
<li><a
href="https://github.com/actions/github-script/commit/e7b7f222b11a03e8b695c4c7afba89a02ea20164"><code>e7b7f22</code></a>
update licenses</li>
<li><a
href="https://github.com/actions/github-script/commit/2c81ba05f308415d095291e6eeffe983d822345b"><code>2c81ba0</code></a>
Update Node.js version support to 24.x</li>
<li><a
href="https://github.com/actions/github-script/commit/f28e40c7f34bde8b3046d885e986cb6290c5673b"><code>f28e40c</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/github-script/issues/610">#610</a>
from actions/nebuk89-patch-1</li>
<li><a
href="https://github.com/actions/github-script/commit/1ae9958572fde544457e4d51aed5ea044e8936f3"><code>1ae9958</code></a>
Update README.md</li>
<li>Additional commits viewable in <a
href="https://github.com/actions/github-script/compare/60a0d83039c74a4aee543508d2ffcb1c3799cdea...ed597411d8f924073f98dfc5c65a23a2325f34cd">compare
view</a></li>
</ul>
</details>
<br />

Updates `trufflesecurity/trufflehog` from 3.92.4 to 3.92.5
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/trufflesecurity/trufflehog/releases">trufflesecurity/trufflehog's
releases</a>.</em></p>
<blockquote>
<h2>v3.92.5</h2>
<h2>What's Changed</h2>
<ul>
<li>[INS-206] Store Gitlab Project ID in secret location metadata by <a
href="https://github.com/mustansir14"><code>@​mustansir14</code></a> in
<a
href="https://redirect.github.com/trufflesecurity/trufflehog/pull/4601">trufflesecurity/trufflehog#4601</a></li>
<li>[INS-242] Add more validations to Custom Detector config by <a
href="https://github.com/mustansir14"><code>@​mustansir14</code></a> in
<a
href="https://redirect.github.com/trufflesecurity/trufflehog/pull/4642">trufflesecurity/trufflehog#4642</a></li>
<li>Fix syslog test failing due to hardcoded timestamp by <a
href="https://github.com/MuneebUllahKhan222"><code>@​MuneebUllahKhan222</code></a>
in <a
href="https://redirect.github.com/trufflesecurity/trufflehog/pull/4646">trufflesecurity/trufflehog#4646</a></li>
<li>[INS-120] Increase code coverage for Postman's source scanItem
function by <a
href="https://github.com/MuneebUllahKhan222"><code>@​MuneebUllahKhan222</code></a>
in <a
href="https://redirect.github.com/trufflesecurity/trufflehog/pull/4648">trufflesecurity/trufflehog#4648</a></li>
<li>[INS-232] Fix S3 Source &quot;panic: runtime error: index out of
range&quot; bug by <a
href="https://github.com/mustansir14"><code>@​mustansir14</code></a> in
<a
href="https://redirect.github.com/trufflesecurity/trufflehog/pull/4610">trufflesecurity/trufflehog#4610</a></li>
<li>[INS-170] Unify JDBC URL Parsing Across Detector and Analyzer
(Continued) by <a
href="https://github.com/mustansir14"><code>@​mustansir14</code></a> in
<a
href="https://redirect.github.com/trufflesecurity/trufflehog/pull/4606">trufflesecurity/trufflehog#4606</a></li>
<li>Add exponential backoff retry logic in Twilio detector by <a
href="https://github.com/shahzadhaider1"><code>@​shahzadhaider1</code></a>
in <a
href="https://redirect.github.com/trufflesecurity/trufflehog/pull/4652">trufflesecurity/trufflehog#4652</a></li>
<li>Fix typo in help description for Postman API metric by <a
href="https://github.com/shahzadhaider1"><code>@​shahzadhaider1</code></a>
in <a
href="https://redirect.github.com/trufflesecurity/trufflehog/pull/4656">trufflesecurity/trufflehog#4656</a></li>
<li>Rework JWT detector to better block local IPs by <a
href="https://github.com/bradlarsen"><code>@​bradlarsen</code></a> in <a
href="https://redirect.github.com/trufflesecurity/trufflehog/pull/4607">trufflesecurity/trufflehog#4607</a></li>
<li>Gitlab Source: Backoff from Scan2 which is experimental to legacy
pagination API call by <a
href="https://github.com/kashifkhan0771"><code>@​kashifkhan0771</code></a>
in <a
href="https://redirect.github.com/trufflesecurity/trufflehog/pull/4608">trufflesecurity/trufflehog#4608</a></li>
<li>fix: git commit date parsing for non-English locales by <a
href="https://github.com/GLEF1X"><code>@​GLEF1X</code></a> in <a
href="https://redirect.github.com/trufflesecurity/trufflehog/pull/4653">trufflesecurity/trufflehog#4653</a></li>
<li>fix: report accurate line numbers for chunked file scanning (<a
href="https://redirect.github.com/trufflesecurity/trufflehog/issues/1876">#1876</a>)
by <a href="https://github.com/GLEF1X"><code>@​GLEF1X</code></a> in <a
href="https://redirect.github.com/trufflesecurity/trufflehog/pull/4615">trufflesecurity/trufflehog#4615</a></li>
<li>Add Postman API monthly request limit metric by <a
href="https://github.com/shahzadhaider1"><code>@​shahzadhaider1</code></a>
in <a
href="https://redirect.github.com/trufflesecurity/trufflehog/pull/4667">trufflesecurity/trufflehog#4667</a></li>
<li>[INS-243] Fix jdbc detector detecting incomplete connection string
and fixed invalid… by <a
href="https://github.com/MuneebUllahKhan222"><code>@​MuneebUllahKhan222</code></a>
in <a
href="https://redirect.github.com/trufflesecurity/trufflehog/pull/4636">trufflesecurity/trufflehog#4636</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/GLEF1X"><code>@​GLEF1X</code></a> made
their first contribution in <a
href="https://redirect.github.com/trufflesecurity/trufflehog/pull/4653">trufflesecurity/trufflehog#4653</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/trufflesecurity/trufflehog/compare/v3.92.4...v3.92.5">https://github.com/trufflesecurity/trufflehog/compare/v3.92.4...v3.92.5</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/trufflesecurity/trufflehog/commit/116e7171542d2f1dad8810f00dcfacbe0b809183"><code>116e717</code></a>
[INS-243] Fix jdbc detector detecting incomplete connection string and
fixed ...</li>
<li><a
href="https://github.com/trufflesecurity/trufflehog/commit/b924c0bfbe821e54144a6172e4d4c0eb996c4cb5"><code>b924c0b</code></a>
added monthly requests limit to postman api request metrics collection
(<a
href="https://redirect.github.com/trufflesecurity/trufflehog/issues/4667">#4667</a>)</li>
<li><a
href="https://github.com/trufflesecurity/trufflehog/commit/f3eff52825b46da019dc3f68d7c3efb0d12fbd25"><code>f3eff52</code></a>
fix: report accurate line numbers for chunked file scanning (<a
href="https://redirect.github.com/trufflesecurity/trufflehog/issues/1876">#1876</a>)
(<a
href="https://redirect.github.com/trufflesecurity/trufflehog/issues/4615">#4615</a>)</li>
<li><a
href="https://github.com/trufflesecurity/trufflehog/commit/6a0bc788d2cadadc82df0a0d462c2c074f203790"><code>6a0bc78</code></a>
fix(git): use <code>--iso-strict</code> git arg to prevent locale issue
(<a
href="https://redirect.github.com/trufflesecurity/trufflehog/issues/4653">#4653</a>)</li>
<li><a
href="https://github.com/trufflesecurity/trufflehog/commit/fc3f35cedd93016c9458ef836c1b31f13d494fd7"><code>fc3f35c</code></a>
Gitlab Source: Backoff from Scan2 which is experimental to legacy
pagination ...</li>
<li><a
href="https://github.com/trufflesecurity/trufflehog/commit/728d71fbb3a928e64f29ee19c823aa679b33b028"><code>728d71f</code></a>
Rework JWT detector to better block local IPs; add HTTP instrumentation
(<a
href="https://redirect.github.com/trufflesecurity/trufflehog/issues/4607">#4607</a>)</li>
<li><a
href="https://github.com/trufflesecurity/trufflehog/commit/89cc34b8c42a503813ec4c15042900cf1bee0f2d"><code>89cc34b</code></a>
Fix typo in help description for Postman API metric (<a
href="https://redirect.github.com/trufflesecurity/trufflehog/issues/4656">#4656</a>)</li>
<li><a
href="https://github.com/trufflesecurity/trufflehog/commit/69045956f12223eecaffbae2d9c59468893dad9c"><code>6904595</code></a>
detectors/twilio: add exponential backoff retry logic (<a
href="https://redirect.github.com/trufflesecurity/trufflehog/issues/4652">#4652</a>)</li>
<li><a
href="https://github.com/trufflesecurity/trufflehog/commit/4e02afb0159d0de9be6ceaa2064177f1b16f5033"><code>4e02afb</code></a>
[INS-170] Unify JDBC URL Parsing Across Detector and Analyzer
(Continued) (<a
href="https://redirect.github.com/trufflesecurity/trufflehog/issues/4">#4</a>...</li>
<li><a
href="https://github.com/trufflesecurity/trufflehog/commit/964eab023ff111a9e4278296a5c4dc2ff083d61e"><code>964eab0</code></a>
[INS-232] Fix S3 Source &quot;panic: runtime error: inde…

Author: dependabot[bot]

.github/workflows/casket-pages.yml

@@ -20,22 +20,22 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout
-        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v4
 
       - name: Checkout casket-ssg
-        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v4
         with:
           repository: hyperpolymath/casket-ssg
           path: .casket-ssg
 
       - name: Setup GHCup
-        uses: haskell-actions/setup@ec49483bfc012387b227434aba94f59a6ecd0900 # v2
+        uses: haskell-actions/setup@f9150cb1d140e9a9271700670baa38991e6fa25c # v2
         with:
           ghc-version: '9.8.2'
           cabal-version: '3.10'
 
       - name: Cache Cabal
-        uses: actions/cache@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4
+        uses: actions/cache@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # v4
         with:
           path: |
             ~/.cabal/packages
@@ -82,7 +82,7 @@ jobs:
         uses: actions/configure-pages@983d7736d9b0ae728b81ab479565c72886d7745b # v5
 
       - name: Upload artifact
-        uses: actions/upload-pages-artifact@56afc609e74202658d3ffba0e8f6dda462b719fa # v3
+        uses: actions/upload-pages-artifact@7b1f4a764d45c48632c6b24a0339c27f5614fb0b # v4.0.0
         with:
           path: '_site'
 

.github/workflows/codeql.yml

@@ -26,15 +26,15 @@ jobs:
 
     steps:
       - name: Checkout
-        uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
 
       - name: Initialize CodeQL
-        uses: github/codeql-action/init@5d4e8d1aca955e8d8589aabd499c5cae939e33c7 # v3.28.1
+        uses: github/codeql-action/init@45cbd0c69e560cd9e7cd7f8c32362050c9b7ded2 # v3.28.1
         with:
           languages: ${{ matrix.language }}
           build-mode: ${{ matrix.build-mode }}
 
       - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@5d4e8d1aca955e8d8589aabd499c5cae939e33c7 # v3.28.1
+        uses: github/codeql-action/analyze@45cbd0c69e560cd9e7cd7f8c32362050c9b7ded2 # v3.28.1
         with:
           category: "/language:${{ matrix.language }}"

.github/workflows/generator-generic-ossf-slsa3-publish.yml

@@ -29,7 +29,7 @@ jobs:
       digests: ${{ steps.hash.outputs.digests }}
 
     steps:
-      - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
 
       # ========================================================
       #

.github/workflows/guix-nix-policy.yml

@@ -10,7 +10,7 @@ jobs:
     permissions:
       contents: read
     steps:
-      - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
       - name: Enforce Guix primary / Nix fallback
         run: |
           # Check for package manager files

.github/workflows/haskell.yml

@@ -16,14 +16,14 @@ jobs:
       contents: read
 
     steps:
-    - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+    - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
     - uses: actions/setup-haskell@28c8ff1d6cbeaed15ce310b1952dc19352a0a07d # v1.1.5
       with:
         ghc-version: '8.10.3'
         cabal-version: '3.2'
 
     - name: Cache
-      uses: actions/cache@9255dc7a253b0ccc959486e2bca901246202afeb # v5.0.1
+      uses: actions/cache@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # v5.0.3
       env:
         cache-name: cache-cabal
       with:

.github/workflows/hypatia-scan.yml

@@ -20,12 +20,12 @@ jobs:
 
     steps:
       - name: Checkout repository
-        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4
+        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v4
         with:
           fetch-depth: 0  # Full history for better pattern analysis
 
       - name: Setup Elixir for Hypatia scanner
-        uses: erlef/setup-beam@2f0cc07b4b9bea248ae098aba9e1a8a1de5ec24c # v1.18.2
+        uses: erlef/setup-beam@e6d7c94229049569db56a7ad5a540c051a010af9 # v1.18.2
         with:
           elixir-version: '1.19.4'
           otp-version: '28.3'
@@ -146,7 +146,7 @@ jobs:
 
       - name: Comment on PR with findings
         if: github.event_name == 'pull_request' && steps.scan.outputs.findings_count > 0
-        uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7
+        uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v7
         with:
           script: |
             const fs = require('fs');

.github/workflows/mirror.yml

@@ -14,7 +14,7 @@ jobs:
     runs-on: ubuntu-latest
     if: vars.GITLAB_MIRROR_ENABLED == 'true'
     steps:
-      - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v4
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v4
         with:
           fetch-depth: 0
 
@@ -32,7 +32,7 @@ jobs:
     runs-on: ubuntu-latest
     if: vars.BITBUCKET_MIRROR_ENABLED == 'true'
     steps:
-      - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v4
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v4
         with:
           fetch-depth: 0
 
@@ -50,7 +50,7 @@ jobs:
     runs-on: ubuntu-latest
     if: vars.CODEBERG_MIRROR_ENABLED == 'true'
     steps:
-      - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v4
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v4
         with:
           fetch-depth: 0
 
@@ -68,7 +68,7 @@ jobs:
     runs-on: ubuntu-latest
     if: vars.SOURCEHUT_MIRROR_ENABLED == 'true'
     steps:
-      - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v4
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v4
         with:
           fetch-depth: 0
 
@@ -86,7 +86,7 @@ jobs:
     runs-on: ubuntu-latest
     if: vars.DISROOT_MIRROR_ENABLED == 'true'
     steps:
-      - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v4
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v4
         with:
           fetch-depth: 0
 
@@ -104,7 +104,7 @@ jobs:
     runs-on: ubuntu-latest
     if: vars.GITEA_MIRROR_ENABLED == 'true'
     steps:
-      - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v4
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v4
         with:
           fetch-depth: 0
 
@@ -122,7 +122,7 @@ jobs:
     runs-on: ubuntu-latest
     if: vars.RADICLE_MIRROR_ENABLED == 'true'
     steps:
-      - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v4
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v4
         with:
           fetch-depth: 0
 

.github/workflows/npm-bun-blocker.yml

@@ -10,7 +10,7 @@ jobs:
     permissions:
       contents: read
     steps:
-      - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
       - name: Block npm/bun
         run: |
           if [ -f "package-lock.json" ] || [ -f "bun.lockb" ] || [ -f ".npmrc" ]; then

.github/workflows/php-security.yml

@@ -11,7 +11,7 @@ jobs:
     permissions:
       contents: read
     steps:
-      - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
       - name: PHP Security Scan
         run: |
           # Check for dangerous functions

.github/workflows/quality.yml

@@ -11,14 +11,14 @@ jobs:
     permissions:
       contents: read
     steps:
-      - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
 
       - name: Check file permissions
         run: |
           find . -type f -perm /111 -name "*.sh" | head -10 || true
       
       - name: Check for secrets
-        uses: trufflesecurity/trufflehog@ef6e76c3c4023279497fab4721ffa071a722fd05 # v3.92.4
+        uses: trufflesecurity/trufflehog@6961f2bace57ab32b23b3ba40f8f420f6bc7e004 # v3.93.3
         with:
           path: ./
           base: ${{ github.event.pull_request.base.sha || github.event.before }}
@@ -43,7 +43,7 @@ jobs:
     permissions:
       contents: read
     steps:
-      - uses: actions/checkout@8e8c483db84b4bee98b60c0593521ed34d9990e8 # v6.0.1
+      - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
       - name: Check documentation
         run: |
           MISSING=""