Bump the gh-actions-packages group across 1 directory with 6 updates

[dependabot]

Bumps the gh-actions-packages group with 6 updates in the / directory:

Package	From	To
wechuli/allcheckspassed	1.1.0	1.2.0
codecov/codecov-action	5.3.1	5.4.0
github/codeql-action	3.28.8	3.28.13
google-github-actions/auth	2.1.7	2.1.8
google-github-actions/setup-gcloud	2.1.2	2.1.4
actions/upload-artifact	4.6.0	4.6.2

Updates wechuli/allcheckspassed from 1.1.0 to 1.2.0

Release notes

Sourced from wechuli/allcheckspassed's releases.

v1.2.0

What's Changed

• Bump the npm-development group across 1 directory with 2 updates by @​dependabot in wechuli/allcheckspassed#72
• Bump the npm-development group across 1 directory with 3 updates by @​dependabot in wechuli/allcheckspassed#74
• Bump @​octokit/request-error from 5.0.1 to 5.1.1 in the npm_and_yarn group by @​dependabot in wechuli/allcheckspassed#68
• add input to control whether to show job summaries by @​wechuli in wechuli/allcheckspassed#75
• add docs on disabling job summary by @​wechuli in wechuli/allcheckspassed#76

Full Changelog: wechuli/allcheckspassed@v1...v1.2.0

v1.1.1

What's Changed

• Bump @​types/node from 20.14.0 to 20.14.2 in the npm-development group by @​dependabot in wechuli/allcheckspassed#22
• Bump yaml from 2.4.3 to 2.4.5 in the npm-production group by @​dependabot in wechuli/allcheckspassed#23
• Bump braces from 3.0.2 to 3.0.3 in the npm_and_yarn group by @​dependabot in wechuli/allcheckspassed#24
• Bump ts-jest from 29.1.4 to 29.1.5 in the npm-development group by @​dependabot in wechuli/allcheckspassed#25
• Bump yaml from 2.4.5 to 2.5.0 by @​dependabot in wechuli/allcheckspassed#33
• Bump the npm-development group across 1 directory with 2 updates by @​dependabot in wechuli/allcheckspassed#35
• Bump @​types/node from 20.14.2 to 22.5.0 by @​dependabot in wechuli/allcheckspassed#39
• Bump ts-jest from 29.2.4 to 29.2.5 in the npm-development group by @​dependabot in wechuli/allcheckspassed#38
• Bump yaml from 2.5.0 to 2.5.1 in the npm-production group by @​dependabot in wechuli/allcheckspassed#41
• Bump the npm-development group across 1 directory with 3 updates by @​dependabot in wechuli/allcheckspassed#42
• Bump @​vercel/ncc from 0.38.1 to 0.38.2 in the npm-development group by @​dependabot in wechuli/allcheckspassed#43
• Bump @​types/node from 22.5.5 to 22.7.4 in the npm-development group by @​dependabot in wechuli/allcheckspassed#44
• Bump @​actions/core from 1.10.1 to 1.11.1 by @​dependabot in wechuli/allcheckspassed#45
• Bump the npm-development group with 2 updates by @​dependabot in wechuli/allcheckspassed#46
• Bump yaml from 2.5.1 to 2.6.0 by @​dependabot in wechuli/allcheckspassed#47
• Bump the npm-development group across 1 directory with 2 updates by @​dependabot in wechuli/allcheckspassed#49
• Bump @​types/node from 22.8.1 to 22.9.0 in the npm-development group across 1 directory by @​dependabot in wechuli/allcheckspassed#51
• Bump yaml from 2.6.0 to 2.6.1 in the npm-production group by @​dependabot in wechuli/allcheckspassed#53
• Bump the npm-development group across 1 directory with 3 updates by @​dependabot in wechuli/allcheckspassed#54
• Bump @​types/node from 22.9.3 to 22.10.1 in the npm-development group by @​dependabot in wechuli/allcheckspassed#55
• Bump @​types/node from 22.10.1 to 22.10.2 in the npm-development group by @​dependabot in wechuli/allcheckspassed#56
• Bump yaml from 2.6.1 to 2.7.0 by @​dependabot in wechuli/allcheckspassed#58
• Bump @​types/node from 22.10.2 to 22.10.5 in the npm-development group by @​dependabot in wechuli/allcheckspassed#57
• Bump typescript from 5.7.2 to 5.7.3 in the npm-development group by @​dependabot in wechuli/allcheckspassed#59
• Bump undici from 5.28.4 to 5.28.5 in the npm_and_yarn group by @​dependabot in wechuli/allcheckspassed#64
• Bump @​types/node from 22.10.5 to 22.10.7 in the npm-development group by @​dependabot in wechuli/allcheckspassed#63
• Bump @​types/node from 22.10.7 to 22.10.10 in the npm-development group by @​dependabot in wechuli/allcheckspassed#65
• Bump @​types/node from 22.10.10 to 22.13.0 in the npm-development group by @​dependabot in wechuli/allcheckspassed#66

Full Changelog: wechuli/allcheckspassed@v1...v1.1.1

Commits

• e22f45a Merge pull request #76 from wechuli/wechuli/optional-job-summaries
• 472f930 add docs on disabling job summary
• f75b163 Action build at commit 97c47540091b8572ae2af967dc9415a626cd41b4
• 97c4754 Merge pull request #75 from wechuli/wechuli/optional-job-summaries
• c67486f add input to control whether to show job summaries
• cdc0639 Merge pull request #68 from wechuli/dependabot/npm_and_yarn/npm_and_yarn-9e48...
• f6f03af Merge pull request #74 from wechuli/dependabot/npm_and_yarn/npm-development-f...
• e3f487b Bump the npm-development group across 1 directory with 3 updates
• 3c3c97b Merge pull request #72 from wechuli/dependabot/npm_and_yarn/npm-development-9...
• eb465da Bump the npm-development group across 1 directory with 2 updates
• Additional commits viewable in compare view

Updates codecov/codecov-action from 5.3.1 to 5.4.0

Release notes

Sourced from codecov/codecov-action's releases.

v5.4.0

What's Changed

• build(deps): bump github/codeql-action from 3.28.1 to 3.28.5 by @​dependabot in codecov/codecov-action#1753
• build(deps): bump github/codeql-action from 3.28.5 to 3.28.8 by @​dependabot in codecov/codecov-action#1757
• Fix a typo in the example by @​miranska in codecov/codecov-action#1758
• build(deps): bump github/codeql-action from 3.28.8 to 3.28.9 by @​dependabot in codecov/codecov-action#1765
• Fix description for report_type input by @​craigscott-crascit in codecov/codecov-action#1770
• Fix use of safe.directory inside containers by @​Flamefire in codecov/codecov-action#1768
• Clarify in README that use_pypi bypasses integrity checks too by @​webknjaz in codecov/codecov-action#1773
• build(deps): bump github/codeql-action from 3.28.9 to 3.28.10 by @​dependabot in codecov/codecov-action#1777
• build(deps): bump ossf/scorecard-action from 2.4.0 to 2.4.1 by @​dependabot in codecov/codecov-action#1776
• build(deps): bump actions/upload-artifact from 4.6.0 to 4.6.1 by @​dependabot in codecov/codecov-action#1775
• update wrapper submodule to 0.2.0, add recurse_submodules arg by @​matt-codecov in codecov/codecov-action#1780
• chore(release): 5.4.0 by @​thomasrockhu-codecov in codecov/codecov-action#1781

New Contributors

• @​miranska made their first contribution in codecov/codecov-action#1758
• @​craigscott-crascit made their first contribution in codecov/codecov-action#1770
• @​Flamefire made their first contribution in codecov/codecov-action#1768
• @​matt-codecov made their first contribution in codecov/codecov-action#1780

Full Changelog: codecov/codecov-action@v5.3.1...v5.4.0

Changelog

Sourced from codecov/codecov-action's changelog.

v5.4.0

What's Changed

• update wrapper submodule to 0.2.0, add recurse_submodules arg by @​matt-codecov in codecov/codecov-action#1780
• build(deps): bump actions/upload-artifact from 4.6.0 to 4.6.1 by @​app/dependabot in codecov/codecov-action#1775
• build(deps): bump ossf/scorecard-action from 2.4.0 to 2.4.1 by @​app/dependabot in codecov/codecov-action#1776
• build(deps): bump github/codeql-action from 3.28.9 to 3.28.10 by @​app/dependabot in codecov/codecov-action#1777
• Clarify in README that use_pypi bypasses integrity checks too by @​webknjaz in codecov/codecov-action#1773
• Fix use of safe.directory inside containers by @​Flamefire in codecov/codecov-action#1768
• Fix description for report_type input by @​craigscott-crascit in codecov/codecov-action#1770
• build(deps): bump github/codeql-action from 3.28.8 to 3.28.9 by @​app/dependabot in codecov/codecov-action#1765
• Fix a typo in the example by @​miranska in codecov/codecov-action#1758
• build(deps): bump github/codeql-action from 3.28.5 to 3.28.8 by @​app/dependabot in codecov/codecov-action#1757
• build(deps): bump github/codeql-action from 3.28.1 to 3.28.5 by @​app/dependabot in codecov/codecov-action#1753

Full Changelog: https://github.com/codecov/codecov-action/compare/v5.3.1..v5.4.0

v5.3.1

What's Changed

Full Changelog: https://github.com/codecov/codecov-action/compare/v5.3.0..v5.3.1

v5.3.0

What's Changed

Full Changelog: https://github.com/codecov/codecov-action/compare/v5.2.0..v5.3.0

v5.2.0

What's Changed

• Fix typo in README by @​tserg in codecov/codecov-action#1747
• Th/add commands by @​thomasrockhu-codecov in codecov/codecov-action#1745
• use correct audience when requesting oidc token by @​juho9000 in codecov/codecov-action#1744
• build(deps): bump github/codeql-action from 3.27.9 to 3.28.1 by @​app/dependabot in codecov/codecov-action#1742
• build(deps): bump actions/upload-artifact from 4.4.3 to 4.6.0 by @​app/dependabot in codecov/codecov-action#1743
• chore(deps): bump wrapper to 0.0.32 by @​thomasrockhu-codecov in codecov/codecov-action#1740
• feat: add disable-telem feature by @​thomasrockhu-codecov in codecov/codecov-action#1739
• fix: remove erroneous linebreak in readme by @​Vampire in codecov/codecov-action#1734

Full Changelog: https://github.com/codecov/codecov-action/compare/v5.1.2..v5.2.0

... (truncated)

Commits

• 0565863 chore(release): 5.4.0 (#1781)
• c545d7b update wrapper submodule to 0.2.0, add recurse_submodules arg (#1780)
• 2488e99 build(deps): bump actions/upload-artifact from 4.6.0 to 4.6.1 (#1775)
• a46c158 build(deps): bump ossf/scorecard-action from 2.4.0 to 2.4.1 (#1776)
• 062ee7e build(deps): bump github/codeql-action from 3.28.9 to 3.28.10 (#1777)
• 1fecca8 Clarify in README that use_pypi bypasses integrity checks too (#1773)
• 2e6e9c5 Fix use of safe.directory inside containers (#1768)
• a5dc5a5 Fix description for report_type input (#1770)
• 4898080 build(deps): bump github/codeql-action from 3.28.8 to 3.28.9 (#1765)
• 5efa07b Fix a typo in the example (#1758)
• Additional commits viewable in compare view

Updates github/codeql-action from 3.28.8 to 3.28.13

Release notes

Sourced from github/codeql-action's releases.

v3.28.13

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.28.13 - 24 Mar 2025

No user facing changes.

See the full CHANGELOG.md for more information.

v3.28.12

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.28.12 - 19 Mar 2025

• Dependency caching should now cache more dependencies for Java build-mode: none extractions. This should speed up workflows and avoid inconsistent alerts in some cases.
• Update default CodeQL bundle version to 2.20.7. #2810

See the full CHANGELOG.md for more information.

v3.28.11

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.28.11 - 07 Mar 2025

• Update default CodeQL bundle version to 2.20.6. #2793

See the full CHANGELOG.md for more information.

v3.28.10

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.28.10 - 21 Feb 2025

• Update default CodeQL bundle version to 2.20.5. #2772
• Address an issue where the CodeQL Bundle would occasionally fail to decompress on macOS. #2768

See the full CHANGELOG.md for more information.

v3.28.9

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

... (truncated)

Changelog

Sourced from github/codeql-action's changelog.

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

[UNRELEASED]

No user facing changes.

3.28.13 - 24 Mar 2025

No user facing changes.

3.28.12 - 19 Mar 2025

• Dependency caching should now cache more dependencies for Java build-mode: none extractions. This should speed up workflows and avoid inconsistent alerts in some cases.
• Update default CodeQL bundle version to 2.20.7. #2810

3.28.11 - 07 Mar 2025

• Update default CodeQL bundle version to 2.20.6. #2793

3.28.10 - 21 Feb 2025

• Update default CodeQL bundle version to 2.20.5. #2772
• Address an issue where the CodeQL Bundle would occasionally fail to decompress on macOS. #2768

3.28.9 - 07 Feb 2025

• Update default CodeQL bundle version to 2.20.4. #2753

3.28.8 - 29 Jan 2025

• Enable support for Kotlin 2.1.10 when running with CodeQL CLI v2.20.3. #2744

3.28.7 - 29 Jan 2025

No user facing changes.

3.28.6 - 27 Jan 2025

• Re-enable debug artifact upload for CLI versions 2.20.3 or greater. #2726

3.28.5 - 24 Jan 2025

• Update default CodeQL bundle version to 2.20.3. #2717

3.28.4 - 23 Jan 2025

No user facing changes.

... (truncated)

Commits

• 1b549b9 Merge pull request #2819 from github/update-v3.28.13-e0ea14102
• 82630c8 Update changelog for v3.28.13
• e0ea141 Merge pull request #2818 from github/cklin/empty-pr-diff-range
• b361a91 Diff-informed analysis: fix empty PR handling
• bd1d9ab Merge pull request #2816 from github/cklin/overlay-file-list
• b98ae6c Add overlay-database-utils tests
• 9825184 Add getFileOidsUnderPath() tests
• ac67cff Merge pull request #2817 from github/cklin/default-setup-diff-informed
• 9c674ba build: refresh js files
• d109dd5 Detect PR branches for Default Setup
• Additional commits viewable in compare view

Updates google-github-actions/auth from 2.1.7 to 2.1.8

Release notes

Sourced from google-github-actions/auth's releases.

v2.1.8

What's Changed

• Update TROUBLESHOOTING.md by @​sethvargo in google-github-actions/auth#457
• fix: add runs-on to README.md example by @​lbarthon in google-github-actions/auth#460
• security: bump undici from 5.28.4 to 5.28.5 in the npm_and_yarn group by @​dependabot in google-github-actions/auth#463
• Update deps by @​sethvargo in google-github-actions/auth#466
• Release: v2.1.8 by @​google-github-actions-bot in google-github-actions/auth#467

New Contributors

• @​lbarthon made their first contribution in google-github-actions/auth#460

Full Changelog: google-github-actions/auth@v2...v2.1.8

Commits

• 71f9864 Release: v2.1.8 (#467)
• 0cd8f2e Update deps (#466)
• 332e0ba security: bump undici from 5.28.4 to 5.28.5 in the npm_and_yarn group (#463)
• 28d44ba fix: add runs-on to README.md example (#460)
• 83354ca Update TROUBLESHOOTING.md (#457)
• See full diff in compare view

Updates google-github-actions/setup-gcloud from 2.1.2 to 2.1.4

Release notes

Sourced from google-github-actions/setup-gcloud's releases.

v2.1.4

What's Changed

• Revert to pinned release workflows by @​sethvargo in google-github-actions/setup-gcloud#706
• Release: v2.1.4 by @​google-github-actions-bot in google-github-actions/setup-gcloud#707

Full Changelog: google-github-actions/setup-gcloud@v2.1.3...v2.1.4

v2.1.3

What's Changed

• Allow manually running integration tests with workflow_dispatch by @​sethvargo in google-github-actions/setup-gcloud#702
• security: bump undici from 5.28.4 to 5.28.5 in the npm_and_yarn group by @​dependabot in google-github-actions/setup-gcloud#703
• Update deps by @​sethvargo in google-github-actions/setup-gcloud#704
• Release: v2.1.3 by @​google-github-actions-bot in google-github-actions/setup-gcloud#705

Full Changelog: google-github-actions/setup-gcloud@v2...v2.1.3

Commits

• 77e7a55 Release: v2.1.4 (#707)
• 334c690 Revert to pinned release workflows (#706)
• 4111bea Release: v2.1.3 (#705)
• 0c0751a Update deps (#704)
• ae61ebc security: bump undici from 5.28.4 to 5.28.5 in the npm_and_yarn group (#703)
• 25043b0 Allow manually running integration tests with workflow_dispatch (#702)
• See full diff in compare view

Updates actions/upload-artifact from 4.6.0 to 4.6.2

Release notes

Sourced from actions/upload-artifact's releases.

v4.6.2

What's Changed

• Update to use artifact 2.3.2 package & prepare for new upload-artifact release by @​salmanmkc in actions/upload-artifact#685

New Contributors

• @​salmanmkc made their first contribution in actions/upload-artifact#685

Full Changelog: actions/upload-artifact@v4...v4.6.2

v4.6.1

What's Changed

• Update to use artifact 2.2.2 package by @​yacaovsnc in actions/upload-artifact#673

Full Changelog: actions/upload-artifact@v4...v4.6.1

Commits

• ea165f8 Merge pull request #685 from salmanmkc/salmanmkc/3-new-upload-artifacts-release
• 0839620 Prepare for new release of actions/upload-artifact with new toolkit cache ver...
• 4cec3d8 Merge pull request #673 from actions/yacaovsnc/artifact_2.2.2
• e9fad96 license cache update for artifact
• b26fd06 Update to use artifact 2.2.2 package
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[github-actions]

Overall package size

Self size: 9.14 MB
Deduped: 101.67 MB
No deduping: 102.19 MB

Dependency sizes

| name | version | self size | total size | |------|---------|-----------|------------| | @datadog/libdatadog | 0.5.0 | 29.83 MB | 29.83 MB | | @datadog/native-appsec | 8.5.1 | 19.26 MB | 19.27 MB | | @datadog/native-iast-taint-tracking | 3.3.0 | 13.77 MB | 13.78 MB | | @datadog/pprof | 5.6.0 | 9.79 MB | 10.16 MB | | @opentelemetry/core | 1.30.1 | 908.66 kB | 7.16 MB | | protobufjs | 7.4.0 | 2.77 MB | 5.42 MB | | @datadog/native-iast-rewriter | 2.8.0 | 2.6 MB | 2.74 MB | | @datadog/native-metrics | 3.1.0 | 1.06 MB | 1.46 MB | | @opentelemetry/api | 1.8.0 | 1.21 MB | 1.21 MB | | import-in-the-middle | 1.13.1 | 117.64 kB | 839.26 kB | | source-map | 0.7.4 | 226 kB | 226 kB | | opentracing | 0.14.7 | 194.81 kB | 194.81 kB | | lru-cache | 7.18.3 | 133.92 kB | 133.92 kB | | pprof-format | 2.1.0 | 111.69 kB | 111.69 kB | | @datadog/sketches-js | 2.1.1 | 109.9 kB | 109.9 kB | | lodash.sortby | 4.7.0 | 75.76 kB | 75.76 kB | | ignore | 5.3.2 | 53.63 kB | 53.63 kB | | istanbul-lib-coverage | 3.2.0 | 29.34 kB | 29.34 kB | | rfdc | 1.4.1 | 27.15 kB | 27.15 kB | | @isaacs/ttlcache | 1.4.1 | 25.2 kB | 25.2 kB | | tlhunter-sorted-set | 0.1.0 | 24.94 kB | 24.94 kB | | dc-polyfill | 0.1.6 | 24.56 kB | 24.56 kB | | shell-quote | 1.8.2 | 23.54 kB | 23.54 kB | | limiter | 1.1.5 | 23.17 kB | 23.17 kB | | retry | 0.13.1 | 18.85 kB | 18.85 kB | | semifies | 1.0.0 | 15.84 kB | 15.84 kB | | jest-docblock | 29.7.0 | 8.99 kB | 12.76 kB | | crypto-randomuuid | 1.0.0 | 11.18 kB | 11.18 kB | | ttl-set | 1.0.0 | 4.61 kB | 9.69 kB | | path-to-regexp | 0.1.12 | 6.6 kB | 6.6 kB | | koalas | 1.0.2 | 6.47 kB | 6.47 kB | | module-details-from-path | 1.0.3 | 4.47 kB | 4.47 kB |

_{🤖 This report was automatically generated by heaviest-objects-in-the-universe}

[pr-commenter]

Benchmarks

Benchmark execution time: 2025-04-01 11:38:29

Comparing candidate commit 6674d7b in PR branch dependabot/github_actions/gh-actions-packages-b40561e754 with baseline commit 29485d9 in branch master.

Found 0 performance improvements and 0 performance regressions! Performance is the same for 949 metrics, 14 unstable metrics.

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 79.18%. Comparing base (29485d9) to head (6674d7b).
Report is 17 commits behind head on master.

Additional details and impacted files

@@            Coverage Diff             @@
##           master    #5513      +/-   ##
==========================================
+ Coverage   78.99%   79.18%   +0.18%     
==========================================
  Files         505      512       +7     
  Lines       22899    23156     +257     
==========================================
+ Hits        18090    18337     +247     
- Misses       4809     4819      +10     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[dependabot]

Superseded by #5533.