fix(deps): update all

[renovate]

ℹ️ Note

This PR body was truncated due to platform limits.

This PR contains the following updates:

Package	Type	Update	Change	Age	Confidence
actions/cache	action	minor	v3.0.7 → v3.5.0
codecov/codecov-action	action	patch	v3.1.0 → v3.1.6
github.com/tailscale/depaware	require	digest	720c4b4 → 9c2ad25
go	uses-with	minor	1.15.x → 1.25.x
golangci/golangci-lint-action	action	minor	v3.3.0 → v3.7.1
markdownlint-cli	dependencies	minor	0.31.1 → 0.47.0

---

Release Notes

actions/cache (actions/cache)

v3.5.0

Compare Source

• Bump actions/cache to v4.1.0

Full Changelog: actions/cache@v3...v3.5.0

v3.4.3

Compare Source

What's Changed

• Bump @​actions/cache to v4.0.2 by @​robherley

Full Changelog: actions/cache@v3.4.2...v3.4.3

v3.4.2

Compare Source

What's Changed

[!IMPORTANT]
As a reminder, there were important backend changes to release v3.4.0, see those release notes and the announcement for more details.

• Bump @​actions/cache to v4.0.1 by @​robherley in #​1554

Full Changelog: actions/cache@v3.4.0...v3.4.2

v3.4.1

Compare Source

[!WARNING]
This version was incorrectly released using a SHA pointing to a newer version for immutable actions only. Please use v3.4.2 (or v3) instead.

v3.4.0

Compare Source

⚠️ Important Changes

The cache backend service has been rewritten from the ground up for improved performance and reliability. actions/cache now integrates with the new cache service (v2) APIs.

The new service will gradually roll out as of February 1st, 2025. The legacy service will also be sunset on the same date. Changes in these release are fully backward compatible.

We are deprecating some versions of this action. We recommend upgrading to version v4 or v3 as soon as possible before February 1st, 2025. (Upgrade instructions below).

If you are using pinned SHAs, please use the SHAs of versions v4.2.0 or v3.4.0

If you do not upgrade, all workflow runs using any of the deprecated actions/cache will fail.

Upgrading to the recommended versions will not break your workflows.

Read more about the change & access the migration guide: reference to the announcement.

Minor changes

Minor and patch version updates for these dependencies:

• @​actions/core: 1.11.1
• @​actions/io: 1.1.3
• @​vercel/ncc: 0.38.3

Full Changelog: actions/cache@v3.3.3...v3.4.0

v3.3.3

Compare Source

What's Changed

• Cache v3.3.3 by @​robherley in #​1302

New Contributors

• @​robherley made their first contribution in #​1302

Full Changelog: actions/cache@v3...v3.3.3

v3.3.2

Compare Source

What's Changed

• Fixed readme with new segment timeout values by @​kotewar in #​1133
• Readme fixes by @​kotewar in #​1134
• Updated description of the lookup-only input for main action by @​kotewar in #​1130
• Change two new actions mention as quoted text by @​bishal-pdMSFT in #​1131
• Update Cross-OS Caching tips by @​pdotl in #​1122
• Bazel example (Take #​2️⃣) by @​vorburger in #​1132
• Remove actions to add new PRs and issues to a project board by @​jorendorff in #​1187
• Consume latest toolkit and fix dangling promise bug by @​chkimes in #​1217
• Bump action version to 3.3.2 by @​bethanyj28 in #​1236

New Contributors

• @​vorburger made their first contribution in #​1132
• @​jorendorff made their first contribution in #​1187
• @​chkimes made their first contribution in #​1217
• @​bethanyj28 made their first contribution in #​1236

Full Changelog: actions/cache@v3...v3.3.2

v3.3.1

Compare Source

What's Changed

• Reduced download segment size to 128 MB and timeout to 10 minutes by @​kotewar in #​1129

Full Changelog: actions/cache@v3...v3.3.1

v3.3.0

Compare Source

What's Changed

• Bug: Permission is missing in cache delete example by @​kotokaze in #​1123
• Add lookup-only option by @​cdce8p in #​1041

New Contributors

• @​kotokaze made their first contribution in #​1123

Full Changelog: actions/cache@v3...v3.3.0

v3.2.6

Compare Source

What's Changed

• Updated branch in Force deletion of caches by @​t-dedah in #​1108
• Fix zstd not being used after zstd version upgrade to 1.5.4 on hosted runners by @​pdotl in #​1118

Full Changelog: actions/cache@v3...v3.2.6

v3.2.5

Compare Source

What's Changed

• Rewrite readmes by @​jsoref in #​1085
• Fixed typos and formatting in docs by @​kotewar in #​1076
• Fixing paths for OSes by @​kotewar in #​1101
• Release patch version update by @​Phantsure in #​1105

New Contributors

• @​jsoref made their first contribution in #​1085

Full Changelog: actions/cache@v3...v3.2.5

v3.2.4

Compare Source

What's Changed

• Update json5 package version by @​vsvipul in #​1065
• Cache recipes for cache, restore and save actions by @​kotewar in #​1055
• Add gnu tar and zstd as pre-requisites for windows self-hosted runners by @​pdotl in #​1068
• Fix a whitespace typo by @​kurtmckee in #​1074
• 📝 #​1045 update using the set-output command is deprecated by @​siguikesse in #​1046
• Fix referenced output key in save action readme by @​ruudk in #​1061
• Update workflows to use reusable-workflows by @​jongwooo in #​1066
• Introduce add-to-project step & rename workflow files by @​pallavx in #​1077
• chore: Fix syntax error typo by @​vHeemstra in #​1081
• Update caching-strategies.md by @​kpfleming in #​1084
• Added another usage hint to foresee #​1072 by @​maybeec in #​1089
• Add fail-on-cache-miss option by @​cdce8p in #​1036

New Contributors

• @​kurtmckee made their first contribution in #​1074
• @​siguikesse made their first contribution in #​1046
• @​ruudk made their first contribution in #​1061
• @​pallavx made their first contribution in #​1077
• @​vHeemstra made their first contribution in #​1081
• @​kpfleming made their first contribution in #​1084
• @​maybeec made their first contribution in #​1089
• @​cdce8p made their first contribution in #​1036

Full Changelog: actions/cache@v3...v3.2.4

v3.2.3

Compare Source

What's Changed

• Add Mint example by @​uhooi in #​1051
• Fixed broken link by @​kotewar in #​1057
• Add support to opt-in enable cross-os caching on windows by @​Phantsure in #​1056
• Release support for cross-os caching as opt-in feature by @​Phantsure in #​1060

New Contributors

• @​uhooi made their first contribution in #​1051

Full Changelog: actions/cache@v3...v3.2.3

v3.2.2

Compare Source

What's Changed

• Fix formatting error in restore/README.md by @​me-and in #​1044
• save/README.md: Fix typo in example by @​mmuetzel in #​1040
• README.md: remove outdated Windows cache tip link by @​me-and in #​1042
• Revert compression changes related to windows but keep version logging by @​Phantsure in #​1049

New Contributors

• @​me-and made their first contribution in #​1044
• @​mmuetzel made their first contribution in #​1040

Full Changelog: actions/cache@v3.2.1...v3.2.2

v3.2.1

Compare Source

What's Changed

• Release compression related changes for windows by @​Phantsure in #​1039
• Upgrade codeql to v2 by @​Phantsure in #​1023

Full Changelog: actions/cache@v3.2.0...v3.2.1

v3.2.0

Compare Source

What's Changed

• fix wrong timeout env var key in README.md by @​walterddr in #​959
• Updated release doc with correct env variable by @​kotewar in #​960
• Create pull_request_template.md by @​pdotl in #​963
• Update README with clearer info about cache-hit and its value by @​kotewar in #​961
• Change datadog/squid to Ubuntu/squid in CI check by @​bishal-pdMSFT in #​976
• Add more details to version section in readme by @​bishal-pdMSFT in #​971
• Update hashFiles documentation reference by @​asaf400 in #​979
• Updated link for cache segment download info by @​kotewar in #​986
• Readme update for deleting caches by @​t-dedah in #​981
• Add oncall logic to assign issues and PRs by @​vsvipul in #​997
• Bump minimatch from 3.0.4 to 3.1.2 by @​dependabot in #​998
• Revert "Bump minimatch from 3.0.4 to 3.1.2" by @​vsvipul in #​1005
• Fix npm vulnerability by @​Phantsure in #​1007
• refactor: Use early return pattern to avoid nested conditions by @​jongwooo in #​1013
• Use cache in check-dist.yml by @​jongwooo in #​1004
• chore: Use built-in cache action to cache dependencies by @​jongwooo in #​1014
• Updated node example by @​t-dedah in #​1008
• Fix: Node npm doc example by @​apascualm in #​1026
• docs: fix an invalid link in workarounds.md by @​teatimeguest in #​929
• General Availability release for granular cache by @​kotewar in #​1035 More details here on beta release.

New Contributors

• @​walterddr made their first contribution in #​959
• @​asaf400 made their first contribution in #​979
• @​jongwooo made their first contribution in #​1013
• @​apascualm made their first contribution in #​1026
• @​teatimeguest made their first contribution in #​929

Full Changelog: actions/cache@v3...v3.2.0

v3.0.11

Compare Source

What's Changed

• Call out cache not saved on hit by @​Phantsure in #​946
• Update @​actions/core to 1.10.0 by @​rentziass in #​950
• Update cache to use @​actions/core@​^1.10.0 by @​pdotl in #​956

New Contributors

• @​rentziass made their first contribution in #​950

Full Changelog: actions/cache@v3...v3.0.11

v3.0.10

Compare Source

• Fix a bug with sorting inputs.
• Update definition for restore-keys in README.md

v3.0.9

Compare Source

• Enhanced the warning message for cache unavailability in case of GHES.

v3.0.8

Compare Source

What's Changed

• Fix zstd not working for windows on gnu tar in issues.
• Allow users to provide a custom timeout as input for aborting cache segment download using the environment variable SEGMENT_DOWNLOAD_TIMEOUT_MIN. Default is 60 minutes.

codecov/codecov-action (codecov/codecov-action)

v3.1.6

Compare Source

#Full Changelog: codecov/codecov-action@v3.1.5...v3.1.6

v3.1.5

Compare Source

What's Changed

• action.yml: Update to Node.js 20 by @​hallabro in #​1228

v3.1.4: 3.1.4

Compare Source

What's Changed

• build(deps-dev): bump @​types/node from 18.15.12 to 18.16.3 by @​dependabot in #​970
• Fix typo in README.md by @​hisaac in #​967
• fix: add back in working dir by @​thomasrockhu-codecov in #​971
• fix: CLI option names for uploader by @​kleisauke in #​969
• build(deps-dev): bump @​types/node from 18.16.3 to 20.1.0 by @​dependabot in #​975
• build(deps-dev): bump @​types/node from 20.1.0 to 20.1.2 by @​dependabot in #​979
• build(deps-dev): bump @​types/node from 20.1.2 to 20.1.4 by @​dependabot in #​981
• release: 3.1.4 by @​thomasrockhu-codecov in #​983

New Contributors

• @​hisaac made their first contribution in #​967
• @​kleisauke made their first contribution in #​969

Full Changelog: codecov/codecov-action@v3.1.3...v3.1.4

v3.1.3: 3.1.3

Compare Source

What's Changed

• build(deps-dev): bump jest-junit from 15.0.0 to 16.0.0 by @​dependabot in #​957
• build(deps): bump openpgp from 5.7.0 to 5.8.0 by @​dependabot in #​958
• build(deps-dev): bump @​types/node from 18.15.10 to 18.15.12 by @​dependabot in #​959
• fix: allow for aarch64 build by @​thomasrockhu-codecov in #​960
• chore(release): bump to 3.1.3 by @​thomasrockhu-codecov in #​961

Full Changelog: codecov/codecov-action@v3.1.2...v3.1.3

v3.1.2: 3.1.2

Compare Source

What's Changed

• build(deps): bump node-fetch from 3.2.4 to 3.2.10 by @​dependabot in #​835
• build(deps-dev): bump @​types/node from 16.11.40 to 18.13.0 by @​dependabot in #​911
• build(deps-dev): bump @​vercel/ncc from 0.34.0 to 0.36.1 by @​dependabot in #​900
• build(deps-dev): bump typescript from 4.7.4 to 4.9.5 by @​dependabot in #​905
• Update README.md by @​stefanomunarini in #​718
• build(deps): bump openpgp from 5.4.0 to 5.5.0 by @​dependabot in #​819
• build(deps): bump ossf/scorecard-action from 1.1.1 to 2.0.4 by @​dependabot in #​840
• build(deps): bump @​actions/core from 1.9.1 to 1.10.0 by @​dependabot in #​841
• build(deps): bump @​actions/github from 5.0.3 to 5.1.1 by @​dependabot in #​843
• build(deps): bump actions/upload-artifact from 3.1.0 to 3.1.2 by @​dependabot in #​896
• build(deps-dev): bump jest-junit from 13.2.0 to 15.0.0 by @​dependabot in #​872
• build(deps): bump node-fetch from 3.2.10 to 3.3.0 by @​dependabot in #​869
• build(deps): bump decode-uri-component from 0.2.0 to 0.2.2 by @​dependabot in #​879
• build(deps): bump json5 from 2.2.1 to 2.2.3 by @​dependabot in #​895
• codeql-analysis.yml by @​minumulasri in #​898
• build(deps): bump ossf/scorecard-action from 1.1.1 to 2.1.2 by @​dependabot in #​889
• build(deps-dev): bump @​types/node from 18.13.0 to 18.14.0 by @​dependabot in #​922
• build(deps): bump openpgp from 5.5.0 to 5.7.0 by @​dependabot in #​924
• build(deps-dev): bump @​types/node from 18.14.0 to 18.14.2 by @​dependabot in #​927
• Remove unsupported path_to_write_report argument by @​jsoref in #​851
• Update README to contain correct information - inputs and negate feature by @​moshe-azaria-sage in #​901
• build(deps-dev): bump @​types/node from 18.14.2 to 18.14.6 by @​dependabot in #​933
• build(deps-dev): bump @​types/node from 18.14.6 to 18.15.0 by @​dependabot in #​937
• build(deps-dev): bump @​types/node from 18.15.0 to 18.15.5 by @​dependabot in #​945
• build(deps): bump node-fetch from 3.3.0 to 3.3.1 by @​dependabot in #​938
• build(deps-dev): bump @​types/node from 18.15.5 to 18.15.6 by @​dependabot in #​946
• build(deps-dev): bump @​types/node from 18.15.6 to 18.15.10 by @​dependabot in #​947
• build(deps): bump ossf/scorecard-action from 2.1.2 to 2.1.3 by @​dependabot in #​951
• fix: add in all the extra arguments for uploader by @​thomasrockhu-codecov in #​955
• chore(release): bump to 3.1.2 by @​thomasrockhu-codecov in #​956

New Contributors

• @​stefanomunarini made their first contribution in #​718
• @​minumulasri made their first contribution in #​898
• @​jsoref made their first contribution in #​851
• @​moshe-azaria-sage made their first contribution in #​901

Full Changelog: codecov/codecov-action@v3.1.1...v3.1.2

v3.1.1: 3.1.1

Compare Source

What's Changed

• Update deprecation warning by @​slifty in #​661
• Create codeql-analysis.yml by @​mitchell-codecov in #​593
• build(deps): bump node-fetch from 3.2.3 to 3.2.4 by @​dependabot in #​714
• build(deps-dev): bump typescript from 4.6.3 to 4.6.4 by @​dependabot in #​713
• README: fix typo by @​Evalir in #​712
• build(deps): bump github/codeql-action from 1 to 2 by @​dependabot in #​724
• build(deps-dev): bump @​types/jest from 27.4.1 to 27.5.0 by @​dependabot in #​717
• fix: Remove a blank row by @​johnmanjiro13 in #​725
• Update README.md with correct badge version by @​gsheni in #​726
• build(deps-dev): bump @​types/node from 17.0.25 to 17.0.33 by @​dependabot in #​729
• build(deps-dev): downgrade @​types/node to 16.11.35 by @​dependabot in #​734
• build(deps): bump actions/checkout from 2 to 3 by @​dependabot in #​723
• build(deps): bump @​actions/github from 5.0.1 to 5.0.3 by @​dependabot in #​733
• build(deps): bump @​actions/core from 1.6.0 to 1.8.2 by @​dependabot in #​732
• build(deps-dev): bump @​types/node from 16.11.35 to 16.11.36 by @​dependabot in #​737
• Create scorecards-analysis.yml by @​mitchell-codecov in #​633
• build(deps): bump ossf/scorecard-action from 1.0.1 to 1.1.0 by @​dependabot in #​749
• fix: add more verbosity to validation by @​thomasrockhu-codecov in #​747
• build(deps-dev): bump typescript from 4.6.4 to 4.7.3 by @​dependabot in #​755
• Regenerate scorecards-analysis.yml by @​mitchell-codecov in #​750
• build(deps-dev): bump @​types/node from 16.11.36 to 16.11.39 by @​dependabot in #​759
• build(deps-dev): bump @​types/node from 16.11.39 to 16.11.40 by @​dependabot in #​762
• build(deps-dev): bump @​vercel/ncc from 0.33.4 to 0.34.0 by @​dependabot in #​746
• build(deps): bump ossf/scorecard-action from 1.1.0 to 1.1.1 by @​dependabot in #​757
• build(deps): bump openpgp from 5.2.1 to 5.3.0 by @​dependabot in #​760
• build(deps): bump actions/upload-artifact from 2.3.1 to 3.1.0 by @​dependabot in #​748
• build(deps-dev): bump typescript from 4.7.3 to 4.7.4 by @​dependabot in #​766
• Switch to v3 by @​thomasrockhu in #​774
• Fix network entry in table by @​kevmoo in #​783
• Trim arguments after splitting them by @​mitchell-codecov in #​791
• build(deps): bump openpgp from 5.3.0 to 5.4.0 by @​dependabot in #​799
• build(deps): bump @​actions/core from 1.8.2 to 1.9.1 by @​dependabot in #​798
• Plumb failCi into verification function. by @​RobbieMcKinstry in #​769
• release: update changelog and version to 3.1.1 by @​thomasrockhu-codecov in #​828

New Contributors

• @​slifty made their first contribution in #​661
• @​Evalir made their first contribution in #​712
• @​johnmanjiro13 made their first contribution in #​725
• @​gsheni made their first contribution in #​726
• @​kevmoo made their first contribution in #​783
• @​RobbieMcKinstry made their first contribution in #​769

Full Changelog: codecov/codecov-action@v3.1.0...v3.1.1

actions/go-versions (go)

v1.25.6: 1.25.6

Compare Source

Go 1.25.6

v1.25.5: 1.25.5

Compare Source

Go 1.25.5

v1.25.4: 1.25.4

Compare Source

Go 1.25.4

v1.25.3: 1.25.3

Compare Source

Go 1.25.3

v1.25.2: 1.25.2

Compare Source

Go 1.25.2

v1.25.1: 1.25.1

Compare Source

Go 1.25.1

v1.25.0: 1.25.0

Compare Source

Go 1.25.0

v1.24.12: 1.24.12

Compare Source

Go 1.24.12

v1.24.11: 1.24.11

Compare Source

Go 1.24.11

v1.24.10: 1.24.10

Compare Source

Go 1.24.10

v1.24.9: 1.24.9

Compare Source

Go 1.24.9

v1.24.8: 1.24.8

Compare Source

Go 1.24.8

v1.24.7: 1.24.7

Compare Source

Go 1.24.7

v1.24.6: 1.24.6

Compare Source

Go 1.24.6

v1.24.5: 1.24.5

Compare Source

Go 1.24.5

v1.24.4: 1.24.4

Compare Source

Go 1.24.4

v1.24.3: 1.24.3

Compare Source

Go 1.24.3

v1.24.2: 1.24.2

Compare Source

Go 1.24.2

v1.24.1: 1.24.1

Compare Source

Go 1.24.1

v1.24.0: 1.24.0

Compare Source

Go 1.24.0

v1.23.12: 1.23.12

Compare Source

Go 1.23.12

v1.23.11: 1.23.11

Compare Source

Go 1.23.11

v1.23.10: 1.23.10

Compare Source

Go 1.23.10

v1.23.9: 1.23.9

Compare Source

Go 1.23.9

v1.23.8: 1.23.8

Compare Source

Go 1.23.8

v1.23.7: 1.23.7

Compare Source

Go 1.23.7

v1.23.6: 1.23.6

Compare Source

Go 1.23.6

v1.23.5: 1.23.5

Compare Source

Go 1.23.5

v1.23.4: 1.23.4

Compare Source

Go 1.23.4

v1.23.3: 1.23.3

Compare Source

Go 1.23.3

v1.23.2: 1.23.2

Compare Source

Go 1.23.2

v1.23.1: 1.23.1

Compare Source

Go 1.23.1

v1.23.0: 1.23.0

Compare Source

Go 1.23.0

v1.22.12: 1.22.12

Compare Source

Go 1.22.12

v1.22.11: 1.22.11

Compare Source

Go 1.22.11

v1.22.10: 1.22.10

Compare Source

Go 1.22.10

v1.22.9: 1.22.9

Compare Source

Go 1.22.9

v1.22.8: 1.22.8

Compare Source

Go 1.22.8

v1.22.7: 1.22.7

Compare Source

Go 1.22.7

v1.22.6: 1.22.6

Compare Source

Go 1.22.6

v1.22.5: 1.22.5

Compare Source

Go 1.22.5

v1.22.4: 1.22.4

Compare Source

Go 1.22.4

v1.22.3: 1.22.3

Compare Source

Go 1.22.3

v1.22.2: 1.22.2

Compare Source

Go 1.22.2

v1.22.1: 1.22.1

Compare Source

Go 1.22.1

v1.22.0: 1.22.0

Compare Source

Go 1.22.0

v1.21.13: 1.21.13

Compare Source

Go 1.21.13

v1.21.12: 1.21.12

[Compare Source](https://redirect.github.c

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[socket-security]

All alerts resolved. Learn more about Socket for GitHub.

This PR previously contained dependency changes with security issues that have been resolved, removed, or ignored.

View full report

[socket-security]

Review the following changes in direct dependencies. Learn more about Socket for GitHub.

Diff	Package	Supply Chain Security	Vulnerability	Quality	Maintenance	License
	npm/​markdownlint-cli@​0.31.1 ⏵ 0.47.0	+1		+1	+4
	golang/​github.com/​tailscale/​depaware@​v0.0.0-20210622194025-720c4b409502 ⏵ v0.0.0-20251001183927-9c2ad255ef3f	+1

View full report