chore(deps): update github-actions (#3991)

This PR contains the following updates:

| Package | Type | Update | Change |
|---|---|---|---|
| actions/checkout | action | digest | `9a9194f` -> `cbb7224` |
| [actions/checkout](https://redirect.github.com/actions/checkout) |
action | minor | `v4.1.7` -> `v4.2.2` |
| [actions/setup-go](https://redirect.github.com/actions/setup-go) |
action | minor | `v5.0.2` -> `v5.2.0` |
| [actions/setup-java](https://redirect.github.com/actions/setup-java) |
action | minor | `v4.2.1` -> `v4.5.0` |
| [actions/setup-node](https://redirect.github.com/actions/setup-node) |
action | minor | `v4.0.3` -> `v4.1.0` |
| [actions/setup-node](https://redirect.github.com/actions/setup-node) |
action | digest | `1e60f62` -> `39370e3` |
|
[actions/upload-artifact](https://redirect.github.com/actions/upload-artifact)
| action | minor | `v4.3.5` -> `v4.4.3` |
|
[geekyeggo/delete-artifact](https://redirect.github.com/geekyeggo/delete-artifact)
| action | minor | `v5.0.0` -> `v5.1.0` |
|
[github/codeql-action](https://redirect.github.com/github/codeql-action)
| action | minor | `v3.25.15` -> `v3.27.9` |
|
[google-github-actions/auth](https://redirect.github.com/google-github-actions/auth)
| action | patch | `v2.1.3` -> `v2.1.7` |
|
[ianlewis/todo-issue-reopener](https://redirect.github.com/ianlewis/todo-issue-reopener)
| action | minor | `v1.2.1` -> `v1.4.0` |
|
[sigstore/cosign-installer](https://redirect.github.com/sigstore/cosign-installer)
| action | minor | `v3.5.0` -> `v3.7.0` |
|
[softprops/action-gh-release](https://redirect.github.com/softprops/action-gh-release)
| action | minor | `v2.0.8` -> `v2.2.0` |
|
[thehanimo/pr-title-checker](https://redirect.github.com/thehanimo/pr-title-checker)
| action | patch | `v1.4.2` -> `v1.4.3` |

---

> [!WARNING]
> Some dependencies could not be looked up. Check the Dependency
Dashboard for more information.

---

### Release Notes

<details>
<summary>actions/checkout (actions/checkout)</summary>

###
[`v4.2.2`](https://redirect.github.com/actions/checkout/blob/HEAD/CHANGELOG.md#v422)

[Compare
Source](https://redirect.github.com/actions/checkout/compare/v4.2.1...v4.2.2)

- `url-helper.ts` now leverages well-known environment variables by
[@&#8203;jww3](https://redirect.github.com/jww3) in
[https://github.com/actions/checkout/pull/1941](https://redirect.github.com/actions/checkout/pull/1941)
- Expand unit test coverage for `isGhes` by
[@&#8203;jww3](https://redirect.github.com/jww3) in
[https://github.com/actions/checkout/pull/1946](https://redirect.github.com/actions/checkout/pull/1946)

###
[`v4.2.1`](https://redirect.github.com/actions/checkout/blob/HEAD/CHANGELOG.md#v421)

[Compare
Source](https://redirect.github.com/actions/checkout/compare/v4.2.0...v4.2.1)

- Check out other refs/\* by commit if provided, fall back to ref by
[@&#8203;orhantoy](https://redirect.github.com/orhantoy) in
[https://github.com/actions/checkout/pull/1924](https://redirect.github.com/actions/checkout/pull/1924)

###
[`v4.2.0`](https://redirect.github.com/actions/checkout/blob/HEAD/CHANGELOG.md#v420)

[Compare
Source](https://redirect.github.com/actions/checkout/compare/v4.1.7...v4.2.0)

- Add Ref and Commit outputs by
[@&#8203;lucacome](https://redirect.github.com/lucacome) in
[https://github.com/actions/checkout/pull/1180](https://redirect.github.com/actions/checkout/pull/1180)
- Dependency updates by
[@&#8203;dependabot-](https://redirect.github.com/dependabot-)
[https://github.com/actions/checkout/pull/1777](https://redirect.github.com/actions/checkout/pull/1777),
[https://github.com/actions/checkout/pull/1872](https://redirect.github.com/actions/checkout/pull/1872)

</details>

<details>
<summary>actions/setup-go (actions/setup-go)</summary>

###
[`v5.2.0`](https://redirect.github.com/actions/setup-go/releases/tag/v5.2.0)

[Compare
Source](https://redirect.github.com/actions/setup-go/compare/v5.1.0...v5.2.0)

#### What's Changed

- Leveraging the raw API to retrieve the version-manifest, as it does
not impose a rate limit and hence facilitates unrestricted consumption
without the need for a token for Github Enterprise Servers by
[@&#8203;Shegox](https://redirect.github.com/Shegox) in
[https://github.com/actions/setup-go/pull/496](https://redirect.github.com/actions/setup-go/pull/496)

#### New Contributors

- [@&#8203;Shegox](https://redirect.github.com/Shegox) made their first
contribution in
[https://github.com/actions/setup-go/pull/496](https://redirect.github.com/actions/setup-go/pull/496)

**Full Changelog**:
actions/setup-go@v5...v5.2.0

###
[`v5.1.0`](https://redirect.github.com/actions/setup-go/releases/tag/v5.1.0)

[Compare
Source](https://redirect.github.com/actions/setup-go/compare/v5.0.2...v5.1.0)

##### What's Changed

- Add workflow file for publishing releases to immutable action package
by [@&#8203;Jcambass](https://redirect.github.com/Jcambass) in
[https://github.com/actions/setup-go/pull/500](https://redirect.github.com/actions/setup-go/pull/500)
- Upgrade IA Publish by
[@&#8203;Jcambass](https://redirect.github.com/Jcambass) in
[https://github.com/actions/setup-go/pull/502](https://redirect.github.com/actions/setup-go/pull/502)
- Add architecture to cache key by
[@&#8203;Zxilly](https://redirect.github.com/Zxilly) in
[https://github.com/actions/setup-go/pull/493](https://redirect.github.com/actions/setup-go/pull/493)
This addresses issues with caching by adding the architecture (arch) to
the cache key, ensuring that cache keys are accurate to prevent
conflicts.
Note: This change may break previous cache keys as they will no longer
be compatible with the new format.
- Enhance workflows and Upgrade micromatch Dependency by
[@&#8203;priyagupta108](https://redirect.github.com/priyagupta108) in
[https://github.com/actions/setup-go/pull/510](https://redirect.github.com/actions/setup-go/pull/510)

**Bug Fixes**

- Revise `isGhes` logic by
[@&#8203;jww3](https://redirect.github.com/jww3) in
[https://github.com/actions/setup-go/pull/511](https://redirect.github.com/actions/setup-go/pull/511)

##### New Contributors

- [@&#8203;Zxilly](https://redirect.github.com/Zxilly) made their first
contribution in
[https://github.com/actions/setup-go/pull/493](https://redirect.github.com/actions/setup-go/pull/493)
- [@&#8203;Jcambass](https://redirect.github.com/Jcambass) made their
first contribution in
[https://github.com/actions/setup-go/pull/500](https://redirect.github.com/actions/setup-go/pull/500)
- [@&#8203;jww3](https://redirect.github.com/jww3) made their first
contribution in
[https://github.com/actions/setup-go/pull/511](https://redirect.github.com/actions/setup-go/pull/511)
- [@&#8203;priyagupta108](https://redirect.github.com/priyagupta108)
made their first contribution in
[https://github.com/actions/setup-go/pull/510](https://redirect.github.com/actions/setup-go/pull/510)

**Full Changelog**:
actions/setup-go@v5...v5.1.0

</details>

<details>
<summary>actions/setup-java (actions/setup-java)</summary>

###
[`v4.5.0`](https://redirect.github.com/actions/setup-java/releases/tag/v4.5.0)

[Compare
Source](https://redirect.github.com/actions/setup-java/compare/v4.4.0...v4.5.0)

#### What's Changed

- Upgrade IA Publish by
[@&#8203;Jcambass](https://redirect.github.com/Jcambass) in
[#&#8203;686](https://redirect.github.com/actions/setup-java/issues/686)

##### Bug fixes:

- Improve archive extraction on windows runners without powershell core
and Update micromatch dependency by
[@&#8203;priyagupta108](https://redirect.github.com/priyagupta108) in
[#&#8203;689](https://redirect.github.com/actions/setup-java/issues/689)
- Update workflows for GraalVM and Version Enhancements by
[@&#8203;mahabaleshwars](https://redirect.github.com/mahabaleshwars) in
[#&#8203;699](https://redirect.github.com/actions/setup-java/issues/699)
- Refine `isGhes` logic by
[@&#8203;jww3](https://redirect.github.com/jww3) in
[#&#8203;697](https://redirect.github.com/actions/setup-java/issues/697)

##### New Contributors:

- [@&#8203;priyagupta108](https://redirect.github.com/priyagupta108)
made their first contribution in
[https://github.com/actions/setup-java/pull/689](https://redirect.github.com/actions/setup-java/pull/689)
- [@&#8203;jww3](https://redirect.github.com/jww3) made their first
contribution in
[https://github.com/actions/setup-java/pull/697](https://redirect.github.com/actions/setup-java/pull/697)

**Full Changelog**:
actions/setup-java@v4...v4.5.0

###
[`v4.4.0`](https://redirect.github.com/actions/setup-java/releases/tag/v4.4.0)

[Compare
Source](https://redirect.github.com/actions/setup-java/compare/v4.3.0...v4.4.0)

##### What's Changed

**Add-ons :**

- Add support for Oracle GraalVM by
[@&#8203;fniephaus](https://redirect.github.com/fniephaus) in
[https://github.com/actions/setup-java/pull/501](https://redirect.github.com/actions/setup-java/pull/501)

<!---->

    steps:
     - name: Checkout
       uses: actions/checkout@v4
     - name: Setup-java
       uses: actions/setup-java@v4
       with:
         distribution: 'graalvm'
         java-version: '21'

- Add workflow file for publishing releases to immutable action package
by [@&#8203;Jcambass](https://redirect.github.com/Jcambass) in
[https://github.com/actions/setup-java/pull/684](https://redirect.github.com/actions/setup-java/pull/684)

**Bug fixes :**

- Add architecture to cache key by
[@&#8203;Zxilly](https://redirect.github.com/Zxilly) in
[https://github.com/actions/setup-java/pull/664](https://redirect.github.com/actions/setup-java/pull/664)
This addresses issues with caching by adding the architecture (arch) to
the cache key, ensuring that cache keys are accurate to prevent
conflicts.
Note: This change may break previous cache keys as they will no longer
be compatible with the new format.
- Resolve check failures by
[@&#8203;aparnajyothi-y](https://redirect.github.com/aparnajyothi-y) in
[https://github.com/actions/setup-java/pull/687](https://redirect.github.com/actions/setup-java/pull/687)

##### New Contributors

- [@&#8203;Jcambass](https://redirect.github.com/Jcambass) made their
first contribution in
[https://github.com/actions/setup-java/pull/684](https://redirect.github.com/actions/setup-java/pull/684)
- [@&#8203;Zxilly](https://redirect.github.com/Zxilly) made their first
contribution in
[https://github.com/actions/setup-java/pull/664](https://redirect.github.com/actions/setup-java/pull/664)

**Full Changelog**:
actions/setup-java@v4...v4.4.0

###
[`v4.3.0`](https://redirect.github.com/actions/setup-java/compare/v4.2.2...v4.3.0)

[Compare
Source](https://redirect.github.com/actions/setup-java/compare/v4.2.2...v4.3.0)

###
[`v4.2.2`](https://redirect.github.com/actions/setup-java/releases/tag/v4.2.2)

[Compare
Source](https://redirect.github.com/actions/setup-java/compare/v4.2.1...v4.2.2)

##### What's Changed

##### 

Bug fixes:

- Fix macos latest check failures by
[@&#8203;HarithaVattikuti](https://redirect.github.com/HarithaVattikuti)
in
[https://github.com/actions/setup-java/pull/634](https://redirect.github.com/actions/setup-java/pull/634)
- Fix dragonwell distribution parsing issues by
[@&#8203;Accelerator1996](https://redirect.github.com/Accelerator1996)
in
[https://github.com/actions/setup-java/pull/643](https://redirect.github.com/actions/setup-java/pull/643)

##### Documentation changes

- Update advanced documentation for java-version-file by
[@&#8203;mahabaleshwars](https://redirect.github.com/mahabaleshwars) in
[https://github.com/actions/setup-java/pull/622](https://redirect.github.com/actions/setup-java/pull/622)

##### Dependency updates:

- Bump undici from 5.28.3 to 5.28.4 and other dependency updates by
[@&#8203;dependabot](https://redirect.github.com/dependabot) in
[https://github.com/actions/setup-java/pull/616](https://redirect.github.com/actions/setup-java/pull/616)

**Full Changelog**:
actions/setup-java@v4...v4.2.2

</details>

<details>
<summary>actions/setup-node (actions/setup-node)</summary>

###
[`v4.1.0`](https://redirect.github.com/actions/setup-node/compare/v4.0.4...v4.1.0)

[Compare
Source](https://redirect.github.com/actions/setup-node/compare/v4.0.4...v4.1.0)

###
[`v4.0.4`](https://redirect.github.com/actions/setup-node/compare/v4.0.3...v4.0.4)

[Compare
Source](https://redirect.github.com/actions/setup-node/compare/v4.0.3...v4.0.4)

</details>

<details>
<summary>actions/upload-artifact (actions/upload-artifact)</summary>

###
[`v4.4.3`](https://redirect.github.com/actions/upload-artifact/releases/tag/v4.4.3)

[Compare
Source](https://redirect.github.com/actions/upload-artifact/compare/v4.4.2...v4.4.3)

##### What's Changed

- Undo indirect dependency updates from
[#&#8203;627](https://redirect.github.com/actions/upload-artifact/issues/627)
by [@&#8203;joshmgross](https://redirect.github.com/joshmgross) in
[https://github.com/actions/upload-artifact/pull/632](https://redirect.github.com/actions/upload-artifact/pull/632)

**Full Changelog**:
actions/upload-artifact@v4.4.2...v4.4.3

###
[`v4.4.2`](https://redirect.github.com/actions/upload-artifact/releases/tag/v4.4.2)

[Compare
Source](https://redirect.github.com/actions/upload-artifact/compare/v4.4.1...v4.4.2)

##### What's Changed

- Bump `@actions/artifact` to 2.1.11 by
[@&#8203;robherley](https://redirect.github.com/robherley) in
[https://github.com/actions/upload-artifact/pull/627](https://redirect.github.com/actions/upload-artifact/pull/627)
    -   Includes fix for relative symlinks not resolving properly

**Full Changelog**:
actions/upload-artifact@v4.4.1...v4.4.2

###
[`v4.4.1`](https://redirect.github.com/actions/upload-artifact/releases/tag/v4.4.1)

[Compare
Source](https://redirect.github.com/actions/upload-artifact/compare/v4.4.0...v4.4.1)

##### What's Changed

- Add a section about hidden files by
[@&#8203;joshmgross](https://redirect.github.com/joshmgross) in
[https://github.com/actions/upload-artifact/pull/607](https://redirect.github.com/actions/upload-artifact/pull/607)
- Add workflow file for publishing releases to immutable action package
by [@&#8203;Jcambass](https://redirect.github.com/Jcambass) in
[https://github.com/actions/upload-artifact/pull/621](https://redirect.github.com/actions/upload-artifact/pull/621)
- Update
[@&#8203;actions/artifact](https://redirect.github.com/actions/artifact)
to latest version, includes symlink and timeout fixes by
[@&#8203;robherley](https://redirect.github.com/robherley) in
[https://github.com/actions/upload-artifact/pull/625](https://redirect.github.com/actions/upload-artifact/pull/625)

##### New Contributors

- [@&#8203;Jcambass](https://redirect.github.com/Jcambass) made their
first contribution in
[https://github.com/actions/upload-artifact/pull/621](https://redirect.github.com/actions/upload-artifact/pull/621)

**Full Changelog**:
actions/upload-artifact@v4.4.0...v4.4.1

###
[`v4.4.0`](https://redirect.github.com/actions/upload-artifact/compare/v4.3.6...v4.4.0)

[Compare
Source](https://redirect.github.com/actions/upload-artifact/compare/v4.3.6...v4.4.0)

###
[`v4.3.6`](https://redirect.github.com/actions/upload-artifact/compare/v4.3.5...v4.3.6)

[Compare
Source](https://redirect.github.com/actions/upload-artifact/compare/v4.3.5...v4.3.6)

</details>

<details>
<summary>geekyeggo/delete-artifact (geekyeggo/delete-artifact)</summary>

###
[`v5.1.0`](https://redirect.github.com/GeekyEggo/delete-artifact/releases/tag/v5.1.0)

[Compare
Source](https://redirect.github.com/geekyeggo/delete-artifact/compare/v5.0.0...v5.1.0)

-   Mark deprecated token parameter as optional.
-   Bump undici dependency.

</details>

<details>
<summary>github/codeql-action (github/codeql-action)</summary>

###
[`v3.27.9`](https://redirect.github.com/github/codeql-action/releases/tag/v3.27.9)

[Compare
Source](https://redirect.github.com/github/codeql-action/compare/v3.27.8...v3.27.9)

##### CodeQL Action Changelog

See the [releases
page](https://redirect.github.com/github/codeql-action/releases) for the
relevant changes to the CodeQL CLI and language packs.

Note that the only difference between `v2` and `v3` of the CodeQL Action
is the node version they support, with `v3` running on node 20 while we
continue to release `v2` to support running on node 16. For example
`3.22.11` was the first `v3` release and is functionally identical to
`2.22.11`. This approach ensures an easy way to track exactly which
features are included in different versions, indicated by the minor and
patch version numbers.

##### 3.27.9 - 12 Dec 2024

No user facing changes.

See the full
[CHANGELOG.md](https://redirect.github.com/github/codeql-action/blob/v3.27.9/CHANGELOG.md)
for more information.

###
[`v3.27.8`](https://redirect.github.com/github/codeql-action/compare/v3.27.7...v3.27.8)

[Compare
Source](https://redirect.github.com/github/codeql-action/compare/v3.27.7...v3.27.8)

###
[`v3.27.7`](https://redirect.github.com/github/codeql-action/releases/tag/v3.27.7)

[Compare
Source](https://redirect.github.com/github/codeql-action/compare/v3.27.6...v3.27.7)

##### CodeQL Action Changelog

See the [releases
page](https://redirect.github.com/github/codeql-action/releases) for the
relevant changes to the CodeQL CLI and language packs.

Note that the only difference between `v2` and `v3` of the CodeQL Action
is the node version they support, with `v3` running on node 20 while we
continue to release `v2` to support running on node 16. For example
`3.22.11` was the first `v3` release and is functionally identical to
`2.22.11`. This approach ensures an easy way to track exactly which
features are included in different versions, indicated by the minor and
patch version numbers.

##### 3.27.7 - 10 Dec 2024

- We are rolling out a change in December 2024 that will extract the
CodeQL bundle directly to the toolcache to improve performance.
[#&#8203;2631](https://redirect.github.com/github/codeql-action/pull/2631)
- Update default CodeQL bundle version to 2.20.0.
[#&#8203;2636](https://redirect.github.com/github/codeql-action/pull/2636)

See the full
[CHANGELOG.md](https://redirect.github.com/github/codeql-action/blob/v3.27.7/CHANGELOG.md)
for more information.

###
[`v3.27.6`](https://redirect.github.com/github/codeql-action/compare/v3.27.5...v3.27.6)

[Compare
Source](https://redirect.github.com/github/codeql-action/compare/v3.27.5...v3.27.6)

###
[`v3.27.5`](https://redirect.github.com/github/codeql-action/compare/v3.27.4...v3.27.5)

[Compare
Source](https://redirect.github.com/github/codeql-action/compare/v3.27.4...v3.27.5)

###
[`v3.27.4`](https://redirect.github.com/github/codeql-action/releases/tag/v3.27.4)

[Compare
Source](https://redirect.github.com/github/codeql-action/compare/v3.27.3...v3.27.4)

##### CodeQL Action Changelog

See the [releases
page](https://redirect.github.com/github/codeql-action/releases) for the
relevant changes to the CodeQL CLI and language packs.

Note that the only difference between `v2` and `v3` of the CodeQL Action
is the node version they support, with `v3` running on node 20 while we
continue to release `v2` to support running on node 16. For example
`3.22.11` was the first `v3` release and is functionally identical to
`2.22.11`. This approach ensures an easy way to track exactly which
features are included in different versions, indicated by the minor and
patch version numbers.

##### 3.27.4 - 14 Nov 2024

No user facing changes.

See the full
[CHANGELOG.md](https://redirect.github.com/github/codeql-action/blob/v3.27.4/CHANGELOG.md)
for more information.

###
[`v3.27.3`](https://redirect.github.com/github/codeql-action/releases/tag/v3.27.3)

[Compare
Source](https://redirect.github.com/github/codeql-action/compare/v3.27.2...v3.27.3)

##### CodeQL Action Changelog

See the [releases
page](https://redirect.github.com/github/codeql-action/releases) for the
relevant changes to the CodeQL CLI and language packs.

Note that the only difference between `v2` and `v3` of the CodeQL Action
is the node version they support, with `v3` running on node 20 while we
continue to release `v2` to support running on node 16. For example
`3.22.11` was the first `v3` release and is functionally identical to
`2.22.11`. This approach ensures an easy way to track exactly which
features are included in different versions, indicated by the minor and
patch version numbers.

##### 3.27.3 - 12 Nov 2024

No user facing changes.

See the full
[CHANGELOG.md](https://redirect.github.com/github/codeql-action/blob/v3.27.3/CHANGELOG.md)
for more information.

###
[`v3.27.2`](https://redirect.github.com/github/codeql-action/releases/tag/v3.27.2)

[Compare
Source](https://redirect.github.com/github/codeql-action/compare/v3.27.1...v3.27.2)

##### CodeQL Action Changelog

See the [releases
page](https://redirect.github.com/github/codeql-action/releases) for the
relevant changes to the CodeQL CLI and language packs.

Note that the only difference between `v2` and `v3` of the CodeQL Action
is the node version they support, with `v3` running on node 20 while we
continue to release `v2` to support running on node 16. For example
`3.22.11` was the first `v3` release and is functionally identical to
`2.22.11`. This approach ensures an easy way to track exactly which
features are included in different versions, indicated by the minor and
patch version numbers.

##### 3.27.2 - 12 Nov 2024

- Fixed an issue where setting up the CodeQL tools would sometimes fail
with the message "Invalid value 'undefined' for header 'authorization'".
[#&#8203;2590](https://redirect.github.com/github/codeql-action/pull/2590)

See the full
[CHANGELOG.md](https://redirect.github.com/github/codeql-action/blob/v3.27.2/CHANGELOG.md)
for more information.

###
[`v3.27.1`](https://redirect.github.com/github/codeql-action/releases/tag/v3.27.1)

[Compare
Source](https://redirect.github.com/github/codeql-action/compare/v3.27.0...v3.27.1)

##### CodeQL Action Changelog

See the [releases
page](https://redirect.github.com/github/codeql-action/releases) for the
relevant changes to the CodeQL CLI and language packs.

Note that the only difference between `v2` and `v3` of the CodeQL Action
is the node version they support, with `v3` running on node 20 while we
continue to release `v2` to support running on node 16. For example
`3.22.11` was the first `v3` release and is functionally identical to
`2.22.11`. This approach ensures an easy way to track exactly which
features are included in different versions, indicated by the minor and
patch version numbers.

##### 3.27.1 - 08 Nov 2024

- The CodeQL Action now downloads bundles compressed using Zstandard on
GitHub Enterprise Server when using Linux or macOS runners. This speeds
up the installation of the CodeQL tools. This feature is already
available to GitHub.com users.
[#&#8203;2573](https://redirect.github.com/github/codeql-action/pull/2573)
- Update default CodeQL bundle version to 2.19.3.
[#&#8203;2576](https://redirect.github.com/github/codeql-action/pull/2576)

See the full
[CHANGELOG.md](https://redirect.github.com/github/codeql-action/blob/v3.27.1/CHANGELOG.md)
for more information.

###
[`v3.27.0`](https://redirect.github.com/github/codeql-action/releases/tag/v3.27.0)

[Compare
Source](https://redirect.github.com/github/codeql-action/compare/v3.26.13...v3.27.0)

##### CodeQL Action Changelog

See the [releases
page](https://redirect.github.com/github/codeql-action/releases) for the
relevant changes to the CodeQL CLI and language packs.

Note that the only difference between `v2` and `v3` of the CodeQL Action
is the node version they support, with `v3` running on node 20 while we
continue to release `v2` to support running on node 16. For example
`3.22.11` was the first `v3` release and is functionally identical to
`2.22.11`. This approach ensures an easy way to track exactly which
features are included in different versions, indicated by the minor and
patch version numbers.

##### 3.27.0 - 22 Oct 2024

- Bump the minimum CodeQL bundle version to 2.14.6.
[#&#8203;2549](https://redirect.github.com/github/codeql-action/pull/2549)
- Fix an issue where the `upload-sarif` Action would fail with
"upload-sarif post-action step failed: Input required and not supplied:
token" when called in a composite Action that had a different set of
inputs to the ones expected by the `upload-sarif` Action.
[#&#8203;2557](https://redirect.github.com/github/codeql-action/pull/2557)
- Update default CodeQL bundle version to 2.19.2.
[#&#8203;2552](https://redirect.github.com/github/codeql-action/pull/2552)

See the full
[CHANGELOG.md](https://redirect.github.com/github/codeql-action/blob/v3.27.0/CHANGELOG.md)
for more information.

###
[`v3.26.13`](https://redirect.github.com/github/codeql-action/compare/v3.26.12...v3.26.13)

[Compare
Source](https://redirect.github.com/github/codeql-action/compare/v3.26.12...v3.26.13)

###
[`v3.26.12`](https://redirect.github.com/github/codeql-action/compare/v3.26.11...v3.26.12)

[Compare
Source](https://redirect.github.com/github/codeql-action/compare/v3.26.11...v3.26.12)

###
[`v3.26.11`](https://redirect.github.com/github/codeql-action/compare/v3.26.10...v3.26.11)

[Compare
Source](https://redirect.github.com/github/codeql-action/compare/v3.26.10...v3.26.11)

###
[`v3.26.10`](https://redirect.github.com/github/codeql-action/compare/v3.26.9...v3.26.10)

[Compare
Source](https://redirect.github.com/github/codeql-action/compare/v3.26.9...v3.26.10)

###
[`v3.26.9`](https://redirect.github.com/github/codeql-action/compare/v3.26.8...v3.26.9)

[Compare
Source](https://redirect.github.com/github/codeql-action/compare/v3.26.8...v3.26.9)

###
[`v3.26.8`](https://redirect.github.com/github/codeql-action/compare/v3.26.7...v3.26.8)

[Compare
Source](https://redirect.github.com/github/codeql-action/compare/v3.26.7...v3.26.8)

###
[`v3.26.7`](https://redirect.github.com/github/codeql-action/compare/v3.26.6...v3.26.7)

[Compare
Source](https://redirect.github.com/github/codeql-action/compare/v3.26.6...v3.26.7)

###
[`v3.26.6`](https://redirect.github.com/github/codeql-action/compare/v3.26.5...v3.26.6)

[Compare
Source](https://redirect.github.com/github/codeql-action/compare/v3.26.5...v3.26.6)

###
[`v3.26.5`](https://redirect.github.com/github/codeql-action/compare/v3.26.4...v3.26.5)

[Compare
Source](https://redirect.github.com/github/codeql-action/compare/v3.26.4...v3.26.5)

###
[`v3.26.4`](https://redirect.github.com/github/codeql-action/compare/v3.26.3...v3.26.4)

[Compare
Source](https://redirect.github.com/github/codeql-action/compare/v3.26.3...v3.26.4)

###
[`v3.26.3`](https://redirect.github.com/github/codeql-action/compare/v3.26.2...v3.26.3)

[Compare
Source](https://redirect.github.com/github/codeql-action/compare/v3.26.2...v3.26.3)

###
[`v3.26.2`](https://redirect.github.com/github/codeql-action/compare/v3.26.1...v3.26.2)

[Compare
Source](https://redirect.github.com/github/codeql-action/compare/v3.26.1...v3.26.2)

###
[`v3.26.1`](https://redirect.github.com/github/codeql-action/compare/v3.26.0...v3.26.1)

[Compare
Source](https://redirect.github.com/github/codeql-action/compare/v3.26.0...v3.26.1)

###
[`v3.26.0`](https://redirect.github.com/github/codeql-action/compare/v3.25.15...v3.26.0)

[Compare
Source](https://redirect.github.com/github/codeql-action/compare/v3.25.15...v3.26.0)

</details>

<details>
<summary>google-github-actions/auth
(google-github-actions/auth)</summary>

###
[`v2.1.7`](https://redirect.github.com/google-github-actions/auth/releases/tag/v2.1.7)

[Compare
Source](https://redirect.github.com/google-github-actions/auth/compare/v2.1.6...v2.1.7)

#### What's Changed

- fix: update relase workflows by
[@&#8203;verbanicm](https://redirect.github.com/verbanicm) in
[https://github.com/google-github-actions/auth/pull/452](https://redirect.github.com/google-github-actions/auth/pull/452)
- Release: v2.1.7 by
[@&#8203;google-github-actions-bot](https://redirect.github.com/google-github-actions-bot)
in
[https://github.com/google-github-actions/auth/pull/453](https://redirect.github.com/google-github-actions/auth/pull/453)

**Full Changelog**:
google-github-actions/auth@v2.1.6...v2.1.7

###
[`v2.1.6`](https://redirect.github.com/google-github-actions/auth/releases/tag/v2.1.6)

[Compare
Source](https://redirect.github.com/google-github-actions/auth/compare/v2.1.5...v2.1.6)

##### What's Changed

- Recommend `gcloud storage` over `gsutil` by
[@&#8203;sethvargo](https://redirect.github.com/sethvargo) in
[https://github.com/google-github-actions/auth/pull/438](https://redirect.github.com/google-github-actions/auth/pull/438)
- Add missing log line by
[@&#8203;sethvargo](https://redirect.github.com/sethvargo) in
[https://github.com/google-github-actions/auth/pull/448](https://redirect.github.com/google-github-actions/auth/pull/448)
- Release: v2.1.6 by
[@&#8203;google-github-actions-bot](https://redirect.github.com/google-github-actions-bot)
in
[https://github.com/google-github-actions/auth/pull/449](https://redirect.github.com/google-github-actions/auth/pull/449)

**Full Changelog**:
google-github-actions/auth@v2.1.5...v2.1.6

###
[`v2.1.5`](https://redirect.github.com/google-github-actions/auth/releases/tag/v2.1.5)

[Compare
Source](https://redirect.github.com/google-github-actions/auth/compare/v2.1.4...v2.1.5)

##### What's Changed

- Document ID Token lifetimes by
[@&#8203;sethvargo](https://redirect.github.com/sethvargo) in
[https://github.com/google-github-actions/auth/pull/433](https://redirect.github.com/google-github-actions/auth/pull/433)
- fix !project_id error message typo by
[@&#8203;seth-acuitymd](https://redirect.github.com/seth-acuitymd) in
[https://github.com/google-github-actions/auth/pull/435](https://redirect.github.com/google-github-actions/auth/pull/435)
- Update deps by
[@&#8203;sethvargo](https://redirect.github.com/sethvargo) in
[https://github.com/google-github-actions/auth/pull/436](https://redirect.github.com/google-github-actions/auth/pull/436)
- Release: v2.1.5 by
[@&#8203;google-github-actions-bot](https://redirect.github.com/google-github-actions-bot)
in
[https://github.com/google-github-actions/auth/pull/437](https://redirect.github.com/google-github-actions/auth/pull/437)

##### New Contributors

- [@&#8203;seth-acuitymd](https://redirect.github.com/seth-acuitymd)
made their first contribution in
[https://github.com/google-github-actions/auth/pull/435](https://redirect.github.com/google-github-actions/auth/pull/435)

**Full Changelog**:
google-github-actions/auth@v2.1.4...v2.1.5

###
[`v2.1.4`](https://redirect.github.com/google-github-actions/auth/releases/tag/v2.1.4)

[Compare
Source](https://redirect.github.com/google-github-actions/auth/compare/v2.1.3...v2.1.4)

#### What's Changed

- security: bump braces from 3.0.2 to 3.0.3 in the npm_and_yarn group by
[@&#8203;dependabot](https://redirect.github.com/dependabot) in
[https://github.com/google-github-actions/auth/pull/420](https://redirect.github.com/google-github-actions/auth/pull/420)
- Update spelling and workflow versions by
[@&#8203;sethvargo](https://redirect.github.com/sethvargo) in
[https://github.com/google-github-actions/auth/pull/422](https://redirect.github.com/google-github-actions/auth/pull/422)
- Update deps by
[@&#8203;sethvargo](https://redirect.github.com/sethvargo) in
[https://github.com/google-github-actions/auth/pull/430](https://redirect.github.com/google-github-actions/auth/pull/430)
- Release: v2.1.4 by
[@&#8203;google-github-actions-bot](https://redirect.github.com/google-github-actions-bot)
in
[https://github.com/google-github-actions/auth/pull/431](https://redirect.github.com/google-github-actions/auth/pull/431)

**Full Changelog**:
google-github-actions/auth@v2.1.3...v2.1.4

</details>

<details>
<summary>ianlewis/todo-issue-reopener
(ianlewis/todo-issue-reopener)</summary>

###
[`v1.4.0`](https://redirect.github.com/ianlewis/todo-issue-reopener/releases/tag/v1.4.0)

[Compare
Source](https://redirect.github.com/ianlewis/todo-issue-reopener/compare/v1.3.0...v1.4.0)

#### Updated in 1.4.0

-   Updated the version of `todos` used to v0.10.0.

#### All Changes Since v1.3.0

- chore(deps-dev): Bump eslint-plugin-prettier from 5.1.3 to 5.2.1 by
[@&#8203;dependabot](https://redirect.github.com/dependabot) in
[https://github.com/ianlewis/todo-issue-reopener/pull/1141](https://redirect.github.com/ianlewis/todo-issue-reopener/pull/1141)
- chore(deps): Bump uuid from 7.0.3 to 10.0.0 by
[@&#8203;dependabot](https://redirect.github.com/dependabot) in
[https://github.com/ianlewis/todo-issue-reopener/pull/1148](https://redirect.github.com/ianlewis/todo-issue-reopener/pull/1148)
- chore(deps): Bump actions/upload-artifact from 4.3.6 to 4.4.0 by
[@&#8203;dependabot](https://redirect.github.com/dependabot) in
[https://github.com/ianlewis/todo-issue-reopener/pull/1170](https://redirect.github.com/ianlewis/todo-issue-reopener/pull/1170)
- chore(deps-dev): Bump
[@&#8203;typescript-eslint/eslint-plugin](https://redirect.github.com/typescript-eslint/eslint-plugin)
from 8.0.1 to 8.8.0 by
[@&#8203;dependabot](https://redirect.github.com/dependabot) in
[https://github.com/ianlewis/todo-issue-reopener/pull/1194](https://redirect.github.com/ianlewis/todo-issue-reopener/pull/1194)
- chore(deps): Bump actions/setup-node from 4.0.2 to 4.0.4 by
[@&#8203;dependabot](https://redirect.github.com/dependabot) in
[https://github.com/ianlewis/todo-issue-reopener/pull/1208](https://redirect.github.com/ianlewis/todo-issue-reopener/pull/1208)
- chore(deps): Bump github/codeql-action from 3.26.0 to 3.26.13 by
[@&#8203;dependabot](https://redirect.github.com/dependabot) in
[https://github.com/ianlewis/todo-issue-reopener/pull/1267](https://redirect.github.com/ianlewis/todo-issue-reopener/pull/1267)
- chore(deps-dev): Bump
[@&#8203;typescript-eslint/eslint-plugin](https://redirect.github.com/typescript-eslint/eslint-plugin)
from 8.8.0 to 8.10.0 by
[@&#8203;dependabot](https://redirect.github.com/dependabot) in
[https://github.com/ianlewis/todo-issue-reopener/pull/1241](https://redirect.github.com/ianlewis/todo-issue-reopener/pull/1241)
- chore(deps): Bump codecov/codecov-action from 4.5.0 to 4.6.0 by
[@&#8203;dependabot](https://redirect.github.com/dependabot) in
[https://github.com/ianlewis/todo-issue-reopener/pull/1206](https://redirect.github.com/ianlewis/todo-issue-reopener/pull/1206)
- chore(deps-dev): Bump
[@&#8203;typescript-eslint/parser](https://redirect.github.com/typescript-eslint/parser)
from 8.0.1 to 8.10.0 by
[@&#8203;dependabot](https://redirect.github.com/dependabot) in
[https://github.com/ianlewis/todo-issue-reopener/pull/1240](https://redirect.github.com/ianlewis/todo-issue-reopener/pull/1240)
- chore(deps): Bump yaml from 2.4.0 to 2.6.0 by
[@&#8203;ianlewis](https://redirect.github.com/ianlewis) in
[https://github.com/ianlewis/todo-issue-reopener/pull/1319](https://redirect.github.com/ianlewis/todo-issue-reopener/pull/1319)
- chore(deps): Update todos version to v0.10.0 by
[@&#8203;ianlewis](https://redirect.github.com/ianlewis) in
[https://github.com/ianlewis/todo-issue-reopener/pull/1330](https://redirect.github.com/ianlewis/todo-issue-reopener/pull/1330)
- chore(release): v1.4.0 by
[@&#8203;ianlewis](https://redirect.github.com/ianlewis) in
[https://github.com/ianlewis/todo-issue-reopener/pull/1341](https://redirect.github.com/ianlewis/todo-issue-reopener/pull/1341)

**Full Changelog**:
ianlewis/todo-issue-reopener@v1.3.0...v1.4.0

###
[`v1.3.0`](https://redirect.github.com/ianlewis/todo-issue-reopener/releases/tag/v1.3.0)

[Compare
Source](https://redirect.github.com/ianlewis/todo-issue-reopener/compare/v1.2.1...v1.3.0)

#### Updated in 1.3.0

-   Updated the version of `todos` used to v0.9.0.

#### All Changes

- chore(deps): Bump codecov/codecov-action from 4.4.0 to 4.5.0 by
[@&#8203;dependabot](https://redirect.github.com/dependabot) in
[https://github.com/ianlewis/todo-issue-reopener/pull/922](https://redirect.github.com/ianlewis/todo-issue-reopener/pull/922)
- chore(deps): Bump actions/checkout from 4.1.1 to 4.1.7 by
[@&#8203;dependabot](https://redirect.github.com/dependabot) in
[https://github.com/ianlewis/todo-issue-reopener/pull/923](https://redirect.github.com/ianlewis/todo-issue-reopener/pull/923)
- chore(deps-dev): Bump ts-jest from 29.1.2 to 29.2.4 by
[@&#8203;dependabot](https://redirect.github.com/dependabot) in
[https://github.com/ianlewis/todo-issue-reopener/pull/940](https://redirect.github.com/ianlewis/todo-issue-reopener/pull/940)
- chore(deps-dev): Bump
[@&#8203;types/node](https://redirect.github.com/types/node) from
20.11.15 to 22.0.2 by
[@&#8203;dependabot](https://redirect.github.com/dependabot) in
[https://github.com/ianlewis/todo-issue-reopener/pull/959](https://redirect.github.com/ianlewis/todo-issue-reopener/pull/959)
- chore: Update todos version by
[@&#8203;ianlewis](https://redirect.github.com/ianlewis) in
[https://github.com/ianlewis/todo-issue-reopener/pull/988](https://redirect.github.com/ianlewis/todo-issue-reopener/pull/988)
- chore(deps-dev): Bump prettier from 3.0.1 to 3.3.3 by
[@&#8203;dependabot](https://redirect.github.com/dependabot) in
[https://github.com/ianlewis/todo-issue-reopener/pull/952](https://redirect.github.com/ianlewis/todo-issue-reopener/pull/952)
- chore(deps): Bump ossf/scorecard-action from 2.3.1 to 2.4.0 by
[@&#8203;dependabot](https://redirect.github.com/dependabot) in
[https://github.com/ianlewis/todo-issue-reopener/pull/970](https://redirect.github.com/ianlewis/todo-issue-reopener/pull/970)
- chore(deps): Bump actions/upload-artifact from 4.3.3 to 4.3.6 by
[@&#8203;dependabot](https://redirect.github.com/dependabot) in
[https://github.com/ianlewis/todo-issue-reopener/pull/1016](https://redirect.github.com/ianlewis/todo-issue-reopener/pull/1016)
- chore(deps): Bump github/codeql-action from 3.25.5 to 3.26.0 by
[@&#8203;dependabot](https://redirect.github.com/dependabot) in
[https://github.com/ianlewis/todo-issue-reopener/pull/1020](https://redirect.github.com/ianlewis/todo-issue-reopener/pull/1020)
- chore(deps-dev): Bump
[@&#8203;types/node](https://redirect.github.com/types/node) from 22.0.2
to 22.1.0 by
[@&#8203;dependabot](https://redirect.github.com/dependabot) in
[https://github.com/ianlewis/todo-issue-reopener/pull/1022](https://redirect.github.com/ianlewis/todo-issue-reopener/pull/1022)
- chore(deps): Update typescript by
[@&#8203;ianlewis](https://redirect.github.com/ianlewis) in
[https://github.com/ianlewis/todo-issue-reopener/pull/1108](https://redirect.github.com/ianlewis/todo-issue-reopener/pull/1108)
- chore(release): v1.3.0 by
[@&#8203;ianlewis](https://redirect.github.com/ianlewis) in
[https://github.com/ianlewis/todo-issue-reopener/pull/1129](https://redirect.github.com/ianlewis/todo-issue-reopener/pull/1129)

**Full Changelog**:
ianlewis/todo-issue-reopener@v1.2.1...v1.3.0

</details>

<details>
<summary>sigstore/cosign-installer (sigstore/cosign-installer)</summary>

###
[`v3.7.0`](https://redirect.github.com/sigstore/cosign-installer/releases/tag/v3.7.0)

[Compare
Source](https://redirect.github.com/sigstore/cosign-installer/compare/v3.6.0...v3.7.0)

#### What's Changed

- Bump actions/checkout from 4.1.7 to 4.2.0 by
[@&#8203;dependabot](https://redirect.github.com/dependabot) in
[https://github.com/sigstore/cosign-installer/pull/172](https://redirect.github.com/sigstore/cosign-installer/pull/172)
- bump for latest cosign v2.4.1 release by
[@&#8203;bobcallaway](https://redirect.github.com/bobcallaway) in
[https://github.com/sigstore/cosign-installer/pull/173](https://redirect.github.com/sigstore/cosign-installer/pull/173)

**Full Changelog**:
sigstore/cosign-installer@v3.6.0...v3.7.0

###
[`v3.6.0`](https://redirect.github.com/sigstore/cosign-installer/releases/tag/v3.6.0)

[Compare
Source](https://redirect.github.com/sigstore/cosign-installer/compare/v3.5.0...v3.6.0)

#### What's Changed

- Bump actions/checkout from 4.1.2 to 4.1.3 by
[@&#8203;dependabot](https://redirect.github.com/dependabot) in
[https://github.com/sigstore/cosign-installer/pull/161](https://redirect.github.com/sigstore/cosign-installer/pull/161)
- Bump actions/checkout from 4.1.3 to 4.1.4 by
[@&#8203;dependabot](https://redirect.github.com/dependabot) in
[https://github.com/sigstore/cosign-installer/pull/162](https://redirect.github.com/sigstore/cosign-installer/pull/162)
- Bump actions/setup-go from 5.0.0 to 5.0.1 by
[@&#8203;dependabot](https://redirect.github.com/dependabot) in
[https://github.com/sigstore/cosign-installer/pull/163](https://redirect.github.com/sigstore/cosign-installer/pull/163)
- Bump actions/checkout from 4.1.4 to 4.1.5 by
[@&#8203;dependabot](https://redirect.github.com/dependabot) in
[https://github.com/sigstore/cosign-installer/pull/164](https://redirect.github.com/sigstore/cosign-installer/pull/164)
- Bump actions/checkout from 4.1.5 to 4.1.6 by
[@&#8203;dependabot](https://redirect.github.com/dependabot) in
[https://github.com/sigstore/cosign-installer/pull/165](https://redirect.github.com/sigstore/cosign-installer/pull/165)
- Bump actions/checkout from 4.1.6 to 4.1.7 by
[@&#8203;dependabot](https://redirect.github.com/dependabot) in
[https://github.com/sigstore/cosign-installer/pull/166](https://redirect.github.com/sigstore/cosign-installer/pull/166)
- Bump actions/setup-go from 5.0.1 to 5.0.2 by
[@&#8203;dependabot](https://redirect.github.com/dependabot) in
[https://github.com/sigstore/cosign-installer/pull/167](https://redirect.github.com/sigstore/cosign-installer/pull/167)
- pin public key used for verification by
[@&#8203;bobcallaway](https://redirect.github.com/bobcallaway) in
[https://github.com/sigstore/cosign-installer/pull/169](https://redirect.github.com/sigstore/cosign-installer/pull/169)
- bump default version to v2.4.0 release by
[@&#8203;bobcallaway](https://redirect.github.com/bobcallaway) in
[https://github.com/sigstore/cosign-installer/pull/168](https://redirect.github.com/sigstore/cosign-installer/pull/168)
- update readme for new release by
[@&#8203;bobcallaway](https://redirect.github.com/bobcallaway) in
[https://github.com/sigstore/cosign-installer/pull/170](https://redirect.github.com/sigstore/cosign-installer/pull/170)

**Full Changelog**:
sigstore/cosign-installer@v3...v3.6.0

</details>

<details>
<summary>softprops/action-gh-release
(softprops/action-gh-release)</summary>

###
[`v2.2.0`](https://redirect.github.com/softprops/action-gh-release/releases/tag/v2.2.0)

[Compare
Source](https://redirect.github.com/softprops/action-gh-release/compare/v2.1.0...v2.2.0)

##### What's Changed

##### Exciting New Features 🎉

- feat: read the release assets asynchronously by
[@&#8203;xen0n](https://redirect.github.com/xen0n) in
[https://github.com/softprops/action-gh-release/pull/552](https://redirect.github.com/softprops/action-gh-release/pull/552)

##### Bug fixes 🐛

- fix(docs): clarify the default for tag_name by
[@&#8203;alexeagle](https://redirect.github.com/alexeagle) in
[https://github.com/softprops/action-gh-release/pull/544](https://redirect.github.com/softprops/action-gh-release/pull/544)

##### Other Changes 🔄

- chore(deps): bump typescript from 5.6.3 to 5.7.2 by
[@&#8203;dependabot](https://redirect.github.com/dependabot) in
[https://github.com/softprops/action-gh-release/pull/548](https://redirect.github.com/softprops/action-gh-release/pull/548)
- chore(deps): bump
[@&#8203;types/node](https://redirect.github.com/types/node) from 22.9.0
to 22.9.4 by
[@&#8203;dependabot](https://redirect.github.com/dependabot) in
[https://github.com/softprops/action-gh-release/pull/547](https://redirect.github.com/softprops/action-gh-release/pull/547)
- chore(deps): bump cross-spawn from 7.0.3 to 7.0.6 by
[@&#8203;dependabot](https://redirect.github.com/dependabot) in
[https://github.com/softprops/action-gh-release/pull/545](https://redirect.github.com/softprops/action-gh-release/pull/545)
- chore(deps): bump
[@&#8203;vercel/ncc](https://redirect.github.com/vercel/ncc) from 0.38.2
to 0.38.3 by
[@&#8203;dependabot](https://redirect.github.com/dependabot) in
[https://github.com/softprops/action-gh-release/pull/543](https://redirect.github.com/softprops/action-gh-release/pull/543)
- chore(deps): bump prettier from 3.3.3 to 3.4.1 by
[@&#8203;dependabot](https://redirect.github.com/dependabot) in
[https://github.com/softprops/action-gh-release/pull/550](https://redirect.github.com/softprops/action-gh-release/pull/550)
- chore(deps): bump
[@&#8203;types/node](https://redirect.github.com/types/node) from 22.9.4
to 22.10.1 by
[@&#8203;dependabot](https://redirect.github.com/dependabot) in
[https://github.com/softprops/action-gh-release/pull/551](https://redirect.github.com/softprops/action-gh-release/pull/551)
- chore(deps): bump prettier from 3.4.1 to 3.4.2 by
[@&#8203;dependabot](https://redirect.github.com/dependabot) in
[https://github.com/softprops/action-gh-release/pull/554](https://redirect.github.com/softprops/action-gh-release/pull/554)

##### New Contributors

- [@&#8203;alexeagle](https://redirect.github.com/alexeagle) made their
first contribution in
[https://github.com/softprops/action-gh-release/pull/544](https://redirect.github.com/softprops/action-gh-release/pull/544)
- [@&#8203;xen0n](https://redirect.github.com/xen0n) made their first
contribution in
[https://github.com/softprops/action-gh-release/pull/552](https://redirect.github.com/softprops/action-gh-release/pull/552)

**Full Changelog**:
softprops/action-gh-release@v2.1.0...v2.2.0

###
[`v2.1.0`](https://redirect.github.com/softprops/action-gh-release/releases/tag/v2.1.0)

[Compare
Source](https://redirect.github.com/softprops/action-gh-release/compare/v2.0.9...v2.1.0)

<!-- Release notes generated using configuration in .github/release.yml
at master -->

#### What's Changed

##### Exciting New Features 🎉

- feat: add support for release assets with multiple spaces within the
name by [@&#8203;dukhine](https://redirect.github.com/dukhine) in
[https://github.com/softprops/action-gh-release/pull/518](https://redirect.github.com/softprops/action-gh-release/pull/518)
- feat: preserve upload order by
[@&#8203;richarddd](https://redirect.github.com/richarddd) in
[https://github.com/softprops/action-gh-release/pull/500](https://redirect.github.com/softprops/action-gh-release/pull/500)

##### Other Changes 🔄

- chore(deps): bump
[@&#8203;types/node](https://redirect.github.com/types/node) from 22.8.2
to 22.8.7 by
[@&#8203;dependabot](https://redirect.github.com/dependabot) in
[https://github.com/softprops/action-gh-release/pull/539](https://redirect.github.com/softprops/action-gh-release/pull/539)

#### New Contributors

- [@&#8203;dukhine](https://redirect.github.com/dukhine) made their
first contribution in
[https://github.com/softprops/action-gh-release/pull/518](https://redirect.github.com/softprops/action-gh-release/pull/518)
- [@&#8203;richarddd](https://redirect.github.com/richarddd) made their
first contribution in
[https://github.com/softprops/action-gh-release/pull/500](https://redirect.github.com/softprops/action-gh-release/pull/500)

**Full Changelog**:
softprops/action-gh-release@v2...v2.1.0

###
[`v2.0.9`](https://redirect.github.com/softprops/action-gh-release/releases/tag/v2.0.9)

[Compare
Source](https://redirect.github.com/softprops/action-gh-release/compare/v2.0.8...v2.0.9)

<!-- Release notes generated using configuration in .github/release.yml
at master -->

#### What's Changed

-   maintenance release with updated dependencies

#### New Contributors

- [@&#8203;kbakdev](https://redirect.github.com/kbakdev) made their
first contribution in
[https://github.com/softprops/action-gh-release/pull/521](https://redirect.github.com/softprops/action-gh-release/pull/521)

**Full Changelog**:
softprops/action-gh-release@v2...v2.0.9

</details>

<details>
<summary>thehanimo/pr-title-checker
(thehanimo/pr-title-checker)</summary>

###
[`v1.4.3`](https://redirect.github.com/thehanimo/pr-title-checker/compare/v1.4.2...v1.4.3)

[Compare
Source](https://redirect.github.com/thehanimo/pr-title-checker/compare/v1.4.2...v1.4.3)

</details>

---

### Configuration

📅 **Schedule**: Branch creation - "* 0-3 1 * *" (UTC), Automerge - At
any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

👻 **Immortal**: This PR will be recreated if closed unmerged. Get
[config
help](https://redirect.github.com/renovatebot/renovate/discussions) if
that's undesired.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR was generated by [Mend Renovate](https://mend.io/renovate/).
View the [repository job
log](https://developer.mend.io/github/slsa-framework/slsa-github-generator).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOC4xMzUuMiIsInVwZGF0ZWRJblZlciI6IjM5LjU4LjEiLCJ0YXJnZXRCcmFuY2giOiJtYWluIiwibGFiZWxzIjpbXX0=-->

Signed-off-by: Mend Renovate <[email protected]>

Author: renovate-bot

.github/actions/generate-builder/action.yml

@@ -76,7 +76,7 @@ runs:
         token: ${{ inputs.token }}
 
     - name: Set up Go environment
-      uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2
+      uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5.2.0
       with:
         go-version: ${{ inputs.go-version }}
 

.github/actions/secure-builder-checkout/action.yaml

@@ -37,7 +37,7 @@ runs:
     # and has an associated release. This will require exceptions
     # for e2e tests.
     - name: Checkout the repository
-      uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+      uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
       with:
         repository: ${{ inputs.repository }}
         ref: ${{ inputs.ref }}

.github/actions/secure-project-checkout-go/action.yml

@@ -65,7 +65,7 @@ runs:
         fi
 
     - name: Set up Go environment
-      uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2
+      uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5.2.0
       with:
         go-version: ${{ steps.validate.outputs.go_version }}
         go-version-file: ${{ steps.validate.outputs.go_version_file }}

.github/actions/secure-project-checkout-node/action.yml

@@ -41,6 +41,6 @@ runs:
         path: ${{ inputs.path }}
 
     - name: Set up Node environment
-      uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v4.0.3
+      uses: actions/setup-node@39370e3970a6d050c480ffad4ff0ed4d3fdee5af # v4.1.0
       with:
         node-version: ${{ inputs.node-version }}

.github/actions/secure-project-checkout/action.yaml

@@ -40,7 +40,7 @@ runs:
   using: "composite"
   steps:
     - name: Checkout the repository
-      uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+      uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
       with:
         fetch-depth: ${{ inputs.fetch-depth }}
         ref: ${{ inputs.checkout-sha1 }}

.github/actions/secure-upload-artifact/action.yml

@@ -37,7 +37,7 @@ runs:
         path: "${{ inputs.path }}"
 
     - name: Upload the artifact
-      uses: actions/upload-artifact@89ef406dd8d7e03cfd12d9e0a4a378f454709029 # v4.3.5
+      uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3
       with:
         name: "${{ inputs.name }}"
         path: "${{ inputs.path }}"

.github/workflows/builder_container-based_slsa3.yml

@@ -209,7 +209,7 @@ jobs:
           allow-private-repository: ${{ inputs.rekor-log-public }}
 
       - name: Upload builder
-        uses: actions/upload-artifact@89ef406dd8d7e03cfd12d9e0a4a378f454709029 # v4.3.5
+        uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3
         with:
           name: "${{ env.BUILDER_BINARY }}-${{ needs.rng.outputs.value }}"
           path: "${{ env.BUILDER_BINARY }}"
@@ -228,7 +228,7 @@ jobs:
     runs-on: ubuntu-latest
     needs: [rng, detect-env, generate-builder]
     steps:
-      - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
       - name: Checkout builder repository
         uses: slsa-framework/slsa-github-generator/.github/actions/secure-builder-checkout@main
         with:
@@ -306,7 +306,7 @@ jobs:
       - id: auth
         name: Authenticate to Google Cloud
         if: inputs.gcp-workload-identity-provider != ''
-        uses: google-github-actions/auth@71fee32a0bb7e97b4d33d548e7d957010649d8fa # v2.1.3
+        uses: google-github-actions/auth@6fc4af4b145ae7821d527454aa9bd537d1f2dc5f # v2.1.7
         with:
           token_format: "access_token"
           workload_identity_provider: ${{ inputs.gcp-workload-identity-provider }}
@@ -372,7 +372,7 @@ jobs:
           set-executable: true
 
       - name: Checkout the source repository
-        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
         with:
           fetch-depth: 1
           persist-credentials: false
@@ -462,7 +462,7 @@ jobs:
         # TODO(https://github.com/slsa-framework/slsa-github-generator/issues/1655): Use a
         # secure upload or verify this against the SLSA layout file.
         id: upload-artifacts
-        uses: actions/upload-artifact@89ef406dd8d7e03cfd12d9e0a4a378f454709029 # v4.3.5
+        uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3
         with:
           name: ${{ steps.build.outputs.build-outputs-name }}
           path: /tmp/build-outputs-${{ needs.rng.outputs.value }}
@@ -535,7 +535,7 @@ jobs:
       - name: Upload unsigned intoto attestations file for pull request
         if: ${{ github.event_name == 'pull_request' }}
         id: upload-unsigned
-        uses: actions/upload-artifact@89ef406dd8d7e03cfd12d9e0a4a378f454709029 # v4.3.5
+        uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3
         with:
           name: "${{ env.OUTPUT_FOLDER }}-${{ needs.rng.outputs.value }}"
           path: "attestations-${{ needs.rng.outputs.value }}"
@@ -556,7 +556,7 @@ jobs:
       - name: Upload the signed attestations
         id: upload-signed
         if: ${{ github.event_name != 'pull_request' }}
-        uses: actions/upload-artifact@89ef406dd8d7e03cfd12d9e0a4a378f454709029 # v4.3.5
+        uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3
         with:
           name: "${{ env.OUTPUT_FOLDER }}-${{ needs.rng.outputs.value }}"
           path: "${{ env.OUTPUT_FOLDER }}-${{ needs.rng.outputs.value }}"
@@ -598,7 +598,7 @@ jobs:
           path: "${{ needs.provenance.outputs.provenance-name }}"
 
       - name: Upload provenance new tag
-        uses: softprops/action-gh-release@c062e08bd532815e2082a85e87e3ef29c3e6d191 # v2.0.8
+        uses: softprops/action-gh-release@7b4da11513bf3f43f9999e90eabced41ab8bb048 # v2.2.0
         if: startsWith(github.ref, 'refs/tags/') && inputs.upload-tag-name == ''
         id: release-new-tags
         with:
@@ -609,7 +609,7 @@ jobs:
           draft: ${{ inputs.draft-release }}
 
       - name: Upload provenance tag name
-        uses: softprops/action-gh-release@c062e08bd532815e2082a85e87e3ef29c3e6d191 # v2.0.8
+        uses: softprops/action-gh-release@7b4da11513bf3f43f9999e90eabced41ab8bb048 # v2.2.0
         if: inputs.upload-tag-name != ''
         with:
           prerelease: ${{ inputs.prerelease }}
@@ -633,13 +633,13 @@ jobs:
       SLSA_OUTPUTS_NAME: ${{ needs.build.outputs.slsa-outputs-name }}
       RNG: ${{ needs.rng.outputs.value }}
     steps:
-      - uses: geekyeggo/delete-artifact@24928e75e6e6590170563b8ddae9fac674508aa1 # v5.0.0
+      - uses: geekyeggo/delete-artifact@f275313e70c08f6120db482d7a6b98377786765b # v5.1.0
         with:
           name: "${{ env.BUILD_DEFINITION_NAME }}-${{ env.RNG }}"
           useGlob: true
-      - uses: geekyeggo/delete-artifact@24928e75e6e6590170563b8ddae9fac674508aa1 # v5.0.0
+      - uses: geekyeggo/delete-artifact@f275313e70c08f6120db482d7a6b98377786765b # v5.1.0
         with:
           name: "${{ env.SLSA_OUTPUTS_NAME }}-${{ env.RNG }}"
-      - uses: geekyeggo/delete-artifact@24928e75e6e6590170563b8ddae9fac674508aa1 # v5.0.0
+      - uses: geekyeggo/delete-artifact@f275313e70c08f6120db482d7a6b98377786765b # v5.1.0
         with:
           name: "${{ env.BUILDER_BINARY }}-${{ env.RNG }}"

.github/workflows/builder_go_slsa3.yml

@@ -169,7 +169,7 @@ jobs:
           allow-private-repository: ${{ inputs.private-repository }}
 
       - name: Upload builder
-        uses: actions/upload-artifact@89ef406dd8d7e03cfd12d9e0a4a378f454709029 # v4.3.5
+        uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3
         with:
           name: "${{ env.BUILDER_BINARY }}-${{ needs.rng.outputs.value }}"
           path: "${{ env.BUILDER_BINARY }}"
@@ -358,7 +358,7 @@ jobs:
             --workingDir "$UNTRUSTED_WORKING_DIR"
 
       - name: Upload the signed provenance
-        uses: actions/upload-artifact@89ef406dd8d7e03cfd12d9e0a4a378f454709029 # v4.3.5
+        uses: actions/upload-artifact@b4b15b8c7c6ac21ea08fcf65892d2ee8f75cf882 # v4.4.3
         with:
           name: "${{ steps.sign-prov.outputs.signed-provenance-name }}"
           path: "${{ steps.sign-prov.outputs.signed-provenance-name }}"
@@ -399,7 +399,7 @@ jobs:
           sha256: "${{ needs.provenance.outputs.go-provenance-sha256 }}"
 
       - name: Upload provenance
-        uses: softprops/action-gh-release@c062e08bd532815e2082a85e87e3ef29c3e6d191 # v2.0.8
+        uses: softprops/action-gh-release@7b4da11513bf3f43f9999e90eabced41ab8bb048 # v2.2.0
         with:
           tag_name: ${{ inputs.upload-tag-name }}
           prerelease: ${{ inputs.prerelease }}

.github/workflows/codeql-analysis.yml

@@ -55,11 +55,11 @@ jobs:
 
     steps:
       - name: Checkout repository
-        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
+        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
 
       # Initializes the CodeQL tools for scanning.
       - name: Initialize CodeQL
-        uses: github/codeql-action/init@afb54ba388a7dca6ecae48f608c4ff05ff4cc77a # v3.25.15
+        uses: github/codeql-action/init@df409f7d9260372bd5f19e5b04e83cb3c43714ae # v3.27.9
         with:
           languages: ${{ matrix.language }}
           # If you wish to specify custom queries, you can do so here or in a config file.
@@ -72,7 +72,7 @@ jobs:
       # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
       # If this step fails, then you should remove it and run the build manually (see below)
       - name: Autobuild
-        uses: github/codeql-action/autobuild@afb54ba388a7dca6ecae48f608c4ff05ff4cc77a # v3.25.15
+        uses: github/codeql-action/autobuild@df409f7d9260372bd5f19e5b04e83cb3c43714ae # v3.27.9
 
       # Command-line programs to run using the OS shell.
       # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun
@@ -85,7 +85,7 @@ jobs:
       #   ./location_of_script_within_repo/buildscript.sh
 
       - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@afb54ba388a7dca6ecae48f608c4ff05ff4cc77a # v3.25.15
+        uses: github/codeql-action/analyze@df409f7d9260372bd5f19e5b04e83cb3c43714ae # v3.27.9
 
   # NOTE: Checks that the matrix job above completes successfully.
   # This is necessary because the matrix strategy generates new jobs with

.github/workflows/delegator_generic_slsa3.yml

@@ -294,9 +294,9 @@ jobs:
     env:
       RNG: ${{ needs.rng.outputs.value }}
     steps:
-      - uses: geekyeggo/delete-artifact@24928e75e6e6590170563b8ddae9fac674508aa1 # v5.0.0
+      - uses: geekyeggo/delete-artifact@f275313e70c08f6120db482d7a6b98377786765b # v5.1.0
         with:
           name: "${{ env.RNG }}-${{ env.SLSA_PREDICATE_FILE }}"
-      - uses: geekyeggo/delete-artifact@24928e75e6e6590170563b8ddae9fac674508aa1 # v5.0.0
+      - uses: geekyeggo/delete-artifact@f275313e70c08f6120db482d7a6b98377786765b # v5.1.0
         with:
           name: "${{ env.RNG }}-${{ env.SLSA_ARTIFACTS_FILE }}"