Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update README.md with V5 release notes #459

Merged
merged 1 commit into from
Apr 15, 2024
Merged

Conversation

ab
Copy link
Contributor

@ab ab commented Feb 28, 2024

Description:
Add info about the v5 release to the README.md

Previously, users would think that v4 was the latest version if the only skimmed the bold headlines in the README.

@ab ab requested a review from a team as a code owner February 28, 2024 16:07
@ab ab mentioned this pull request Feb 28, 2024
2 tasks
Copy link

@RichTwicz RichTwicz left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ii

@ab
Copy link
Contributor Author

ab commented Apr 12, 2024

I think this needs review by @actions/setup-actions-team listed in CODEOWNERS, but that's a private team. Maybe @chenrui333 could point to who can review + merge this?

@HarithaVattikuti HarithaVattikuti merged commit 99176a8 into actions:main Apr 15, 2024
renovate bot referenced this pull request in aenix-io/etcd-operator May 4, 2024
[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Type | Update | Change | Age | Adoption | Passing |
Confidence |
|---|---|---|---|---|---|---|---|
| [actions/setup-go](https://togithub.com/actions/setup-go) | action |
patch | `v5.0.0` -> `v5.0.1` |
[![age](https://developer.mend.io/api/mc/badges/age/github-tags/actions%2fsetup-go/v5.0.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://developer.mend.io/api/mc/badges/adoption/github-tags/actions%2fsetup-go/v5.0.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://developer.mend.io/api/mc/badges/compatibility/github-tags/actions%2fsetup-go/v5.0.0/v5.0.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/github-tags/actions%2fsetup-go/v5.0.0/v5.0.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
| [github.com/onsi/gomega](https://togithub.com/onsi/gomega) | require |
patch | `v1.33.0` -> `v1.33.1` |
[![age](https://developer.mend.io/api/mc/badges/age/go/github.com%2fonsi%2fgomega/v1.33.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://developer.mend.io/api/mc/badges/adoption/go/github.com%2fonsi%2fgomega/v1.33.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://developer.mend.io/api/mc/badges/compatibility/go/github.com%2fonsi%2fgomega/v1.33.0/v1.33.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/go/github.com%2fonsi%2fgomega/v1.33.0/v1.33.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
| [golangci/golangci-lint](https://togithub.com/golangci/golangci-lint)
| | minor | `v1.57.2` -> `v1.58.0` |
[![age](https://developer.mend.io/api/mc/badges/age/github-tags/golangci%2fgolangci-lint/v1.58.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://developer.mend.io/api/mc/badges/adoption/github-tags/golangci%2fgolangci-lint/v1.58.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://developer.mend.io/api/mc/badges/compatibility/github-tags/golangci%2fgolangci-lint/v1.57.2/v1.58.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/github-tags/golangci%2fgolangci-lint/v1.57.2/v1.58.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
| [hugo-extended](https://togithub.com/jakejarvis/hugo-extended) |
devDependencies | patch | [`0.125.2` ->
`0.125.4`](https://renovatebot.com/diffs/npm/hugo-extended/0.125.2/0.125.4)
|
[![age](https://developer.mend.io/api/mc/badges/age/npm/hugo-extended/0.125.4?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://developer.mend.io/api/mc/badges/adoption/npm/hugo-extended/0.125.4?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://developer.mend.io/api/mc/badges/compatibility/npm/hugo-extended/0.125.2/0.125.4?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/npm/hugo-extended/0.125.2/0.125.4?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
| [k8s.io/utils](https://togithub.com/kubernetes/utils) | require |
patch | `v0.0.0-20240423183400-0849a56e8f22` ->
`v0.0.0-20240502163921-fe8a2dddb1d0` |
[![age](https://developer.mend.io/api/mc/badges/age/go/k8s.io%2futils/v0.0.0-20240502163921-fe8a2dddb1d0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://developer.mend.io/api/mc/badges/adoption/go/k8s.io%2futils/v0.0.0-20240502163921-fe8a2dddb1d0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://developer.mend.io/api/mc/badges/compatibility/go/k8s.io%2futils/v0.0.0-20240423183400-0849a56e8f22/v0.0.0-20240502163921-fe8a2dddb1d0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/go/k8s.io%2futils/v0.0.0-20240423183400-0849a56e8f22/v0.0.0-20240502163921-fe8a2dddb1d0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
|
[losisin/helm-values-schema-json](https://togithub.com/losisin/helm-values-schema-json)
| | minor | `v1.2.4` -> `v1.3.0` |
[![age](https://developer.mend.io/api/mc/badges/age/github-tags/losisin%2fhelm-values-schema-json/v1.3.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://developer.mend.io/api/mc/badges/adoption/github-tags/losisin%2fhelm-values-schema-json/v1.3.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://developer.mend.io/api/mc/badges/compatibility/github-tags/losisin%2fhelm-values-schema-json/v1.2.4/v1.3.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/github-tags/losisin%2fhelm-values-schema-json/v1.2.4/v1.3.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
|
[sigs.k8s.io/controller-runtime](https://togithub.com/kubernetes-sigs/controller-runtime)
| require | patch | `v0.18.0` -> `v0.18.1` |
[![age](https://developer.mend.io/api/mc/badges/age/go/sigs.k8s.io%2fcontroller-runtime/v0.18.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://developer.mend.io/api/mc/badges/adoption/go/sigs.k8s.io%2fcontroller-runtime/v0.18.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://developer.mend.io/api/mc/badges/compatibility/go/sigs.k8s.io%2fcontroller-runtime/v0.18.0/v0.18.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/go/sigs.k8s.io%2fcontroller-runtime/v0.18.0/v0.18.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|

---

### Release Notes

<details>
<summary>actions/setup-go (actions/setup-go)</summary>

###
[`v5.0.1`](https://togithub.com/actions/setup-go/releases/tag/v5.0.1)

[Compare
Source](https://togithub.com/actions/setup-go/compare/v5.0.0...v5.0.1)

#### What's Changed

- Bump undici from 5.28.2 to 5.28.3 and dependencies upgrade by
[@&#8203;dependabot](https://togithub.com/dependabot) ,
[@&#8203;HarithaVattikuti](https://togithub.com/HarithaVattikuti) in
[https://github.com/actions/setup-go/pull/465](https://togithub.com/actions/setup-go/pull/465)
- Update documentation with latest V5 release notes by
[@&#8203;ab](https://togithub.com/ab) in
[https://github.com/actions/setup-go/pull/459](https://togithub.com/actions/setup-go/pull/459)
- Update version documentation by
[@&#8203;178inaba](https://togithub.com/178inaba) in
[https://github.com/actions/setup-go/pull/458](https://togithub.com/actions/setup-go/pull/458)
- Documentation update of `actions/setup-go` to v5 by
[@&#8203;chenrui333](https://togithub.com/chenrui333) in
[https://github.com/actions/setup-go/pull/449](https://togithub.com/actions/setup-go/pull/449)

#### New Contributors

- [@&#8203;ab](https://togithub.com/ab) made their first contribution in
[https://github.com/actions/setup-go/pull/459](https://togithub.com/actions/setup-go/pull/459)

**Full Changelog**:
actions/setup-go@v5.0.0...v5.0.1

</details>

<details>
<summary>onsi/gomega (github.com/onsi/gomega)</summary>

### [`v1.33.1`](https://togithub.com/onsi/gomega/releases/tag/v1.33.1)

[Compare
Source](https://togithub.com/onsi/gomega/compare/v1.33.0...v1.33.1)

##### 1.33.1

##### Fixes

- fix confusing eventually docs
\[[`3a66379`](https://togithub.com/onsi/gomega/commit/3a66379)]

##### Maintenance

- Bump github.com/onsi/ginkgo/v2 from 2.17.1 to 2.17.2
\[[`e9bc35a`](https://togithub.com/onsi/gomega/commit/e9bc35a)]

</details>

<details>
<summary>golangci/golangci-lint (golangci/golangci-lint)</summary>

###
[`v1.58.0`](https://togithub.com/golangci/golangci-lint/compare/v1.57.2...v1.58.0)

[Compare
Source](https://togithub.com/golangci/golangci-lint/compare/v1.57.2...v1.58.0)

</details>

<details>
<summary>jakejarvis/hugo-extended (hugo-extended)</summary>

###
[`v0.125.4`](https://togithub.com/jakejarvis/hugo-extended/compare/v0.125.3...v0.125.4)

[Compare
Source](https://togithub.com/jakejarvis/hugo-extended/compare/v0.125.3...v0.125.4)

###
[`v0.125.3`](https://togithub.com/jakejarvis/hugo-extended/compare/v0.125.2...v0.125.3)

[Compare
Source](https://togithub.com/jakejarvis/hugo-extended/compare/v0.125.2...v0.125.3)

</details>

<details>
<summary>losisin/helm-values-schema-json
(losisin/helm-values-schema-json)</summary>

###
[`v1.3.0`](https://togithub.com/losisin/helm-values-schema-json/releases/tag/v1.3.0)

[Compare
Source](https://togithub.com/losisin/helm-values-schema-json/compare/v1.2.4...v1.3.0)

#### Changelog

-
[`53d2c61`](https://togithub.com/losisin/helm-values-schema-json/commit/53d2c61)
Bump azure/setup-helm from 4.1.0 to 4.2.0
-
[`b453151`](https://togithub.com/losisin/helm-values-schema-json/commit/b453151)
Bump golangci/golangci-lint-action from 4 to 5
-
[`a4a9822`](https://togithub.com/losisin/helm-values-schema-json/commit/a4a9822)
Merge pull request
[#&#8203;59](https://togithub.com/losisin/helm-values-schema-json/issues/59)
from losisin/dependabot/github_actions/azure/setup-helm-4.2.0
-
[`f04bbe4`](https://togithub.com/losisin/helm-values-schema-json/commit/f04bbe4)
Merge pull request
[#&#8203;60](https://togithub.com/losisin/helm-values-schema-json/issues/60)
from losisin/dependabot/github_actions/golangci/golangci-lint-action-5
-
[`f87b874`](https://togithub.com/losisin/helm-values-schema-json/commit/f87b874)
Merge pull request
[#&#8203;62](https://togithub.com/losisin/helm-values-schema-json/issues/62)
from losisin/feature/indent-cli-option
-
[`cb41def`](https://togithub.com/losisin/helm-values-schema-json/commit/cb41def)
add indent cli option
-
[`2a02a16`](https://togithub.com/losisin/helm-values-schema-json/commit/2a02a16)
add step to check code in workflow
-
[`613cb3a`](https://togithub.com/losisin/helm-values-schema-json/commit/613cb3a)
update readme

</details>

<details>
<summary>kubernetes-sigs/controller-runtime
(sigs.k8s.io/controller-runtime)</summary>

###
[`v0.18.1`](https://togithub.com/kubernetes-sigs/controller-runtime/releases/tag/v0.18.1)

[Compare
Source](https://togithub.com/kubernetes-sigs/controller-runtime/compare/v0.18.0...v0.18.1)

#### What's Changed

- \[release-0.18] 🐛 Cache: Fix label defaulting of byObject when
namespaces are configured by
[@&#8203;k8s-infra-cherrypick-robot](https://togithub.com/k8s-infra-cherrypick-robot)
in
[https://github.com/kubernetes-sigs/controller-runtime/pull/2808](https://togithub.com/kubernetes-sigs/controller-runtime/pull/2808)
- \[release-0.18] 🐛 correct kind source type by
[@&#8203;k8s-infra-cherrypick-robot](https://togithub.com/k8s-infra-cherrypick-robot)
in
[https://github.com/kubernetes-sigs/controller-runtime/pull/2809](https://togithub.com/kubernetes-sigs/controller-runtime/pull/2809)

**Full Changelog**:
kubernetes-sigs/controller-runtime@v0.18.0...v0.18.1

</details>

---

### Configuration

📅 **Schedule**: Branch creation - "* * * * 6" (UTC), Automerge - At any
time (no schedule defined).

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

👻 **Immortal**: This PR will be recreated if closed unmerged. Get
[config help](https://togithub.com/renovatebot/renovate/discussions) if
that's undesired.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View
repository job log
[here](https://developer.mend.io/github/aenix-io/etcd-operator).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4zMzEuMCIsInVwZGF0ZWRJblZlciI6IjM3LjMzMS4wIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJvay10by10ZXN0Il19-->

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Hidden Marten <hiddenmarten@gmail.com>
another-rex referenced this pull request in google/osv-scanner May 6, 2024
[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Type | Update | Change |
|---|---|---|---|
| [actions/checkout](https://togithub.com/actions/checkout) | action |
patch | `v4.1.1` -> `v4.1.4` |
|
[actions/download-artifact](https://togithub.com/actions/download-artifact)
| action | patch | `v4.1.4` -> `v4.1.7` |
| [actions/setup-go](https://togithub.com/actions/setup-go) | action |
patch | `v5.0.0` -> `v5.0.1` |
|
[actions/upload-artifact](https://togithub.com/actions/upload-artifact)
| action | patch | `v4.3.1` -> `v4.3.3` |
| [codecov/codecov-action](https://togithub.com/codecov/codecov-action)
| action | patch | `v4.3.0` -> `v4.3.1` |
| [github/codeql-action](https://togithub.com/github/codeql-action) |
action | minor | `v3.24.10` -> `v3.25.3` |
|
[golangci/golangci-lint-action](https://togithub.com/golangci/golangci-lint-action)
| action | patch | `v4.0.0` -> `v4.0.1` |

---

### Release Notes

<details>
<summary>actions/checkout (actions/checkout)</summary>

###
[`v4.1.4`](https://togithub.com/actions/checkout/blob/HEAD/CHANGELOG.md#v414)

[Compare
Source](https://togithub.com/actions/checkout/compare/v4.1.3...v4.1.4)

- Disable `extensions.worktreeConfig` when disabling `sparse-checkout`
by [@&#8203;jww3](https://togithub.com/jww3) in
[https://github.com/actions/checkout/pull/1692](https://togithub.com/actions/checkout/pull/1692)
- Add dependabot config by
[@&#8203;cory-miller](https://togithub.com/cory-miller) in
[https://github.com/actions/checkout/pull/1688](https://togithub.com/actions/checkout/pull/1688)
- Bump the minor-actions-dependencies group with 2 updates by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/actions/checkout/pull/1693](https://togithub.com/actions/checkout/pull/1693)
- Bump word-wrap from 1.2.3 to 1.2.5 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/actions/checkout/pull/1643](https://togithub.com/actions/checkout/pull/1643)

###
[`v4.1.3`](https://togithub.com/actions/checkout/releases/tag/v4.1.3)

[Compare
Source](https://togithub.com/actions/checkout/compare/v4.1.2...v4.1.3)

#### What's Changed

- Update `actions/checkout` version in `update-main-version.yml` by
[@&#8203;jww3](https://togithub.com/jww3) in
[https://github.com/actions/checkout/pull/1650](https://togithub.com/actions/checkout/pull/1650)
- Check git version before attempting to disable `sparse-checkout` by
[@&#8203;jww3](https://togithub.com/jww3) in
[https://github.com/actions/checkout/pull/1656](https://togithub.com/actions/checkout/pull/1656)
- Add SSH user parameter by
[@&#8203;cory-miller](https://togithub.com/cory-miller) in
[https://github.com/actions/checkout/pull/1685](https://togithub.com/actions/checkout/pull/1685)

**Full Changelog**:
actions/checkout@v4.1.2...v4.1.3

###
[`v4.1.2`](https://togithub.com/actions/checkout/blob/HEAD/CHANGELOG.md#v412)

[Compare
Source](https://togithub.com/actions/checkout/compare/v4.1.1...v4.1.2)

- Fix: Disable sparse checkout whenever `sparse-checkout` option is not
present [@&#8203;dscho](https://togithub.com/dscho) in
[https://github.com/actions/checkout/pull/1598](https://togithub.com/actions/checkout/pull/1598)

</details>

<details>
<summary>actions/download-artifact (actions/download-artifact)</summary>

###
[`v4.1.7`](https://togithub.com/actions/download-artifact/releases/tag/v4.1.7)

[Compare
Source](https://togithub.com/actions/download-artifact/compare/v4.1.6...v4.1.7)

#### What's Changed

- Update
[@&#8203;actions/artifact](https://togithub.com/actions/artifact)
dependency by [@&#8203;bethanyj28](https://togithub.com/bethanyj28) in
[https://github.com/actions/download-artifact/pull/325](https://togithub.com/actions/download-artifact/pull/325)

**Full Changelog**:
actions/download-artifact@v4.1.6...v4.1.7

###
[`v4.1.6`](https://togithub.com/actions/download-artifact/releases/tag/v4.1.6)

[Compare
Source](https://togithub.com/actions/download-artifact/compare/v4.1.5...v4.1.6)

#### What's Changed

- updating `@actions/artifact` dependency to v2.1.6 by
[@&#8203;eggyhead](https://togithub.com/eggyhead) in
[https://github.com/actions/download-artifact/pull/324](https://togithub.com/actions/download-artifact/pull/324)

**Full Changelog**:
actions/download-artifact@v4.1.5...v4.1.6

###
[`v4.1.5`](https://togithub.com/actions/download-artifact/releases/tag/v4.1.5)

[Compare
Source](https://togithub.com/actions/download-artifact/compare/v4.1.4...v4.1.5)

#### What's Changed

- Update readme with v3/v2/v1 deprecation notice by
[@&#8203;robherley](https://togithub.com/robherley) in
[https://github.com/actions/download-artifact/pull/322](https://togithub.com/actions/download-artifact/pull/322)
- Update dependencies `@actions/core` to v1.10.1 and `@actions/artifact`
to v2.1.5

**Full Changelog**:
actions/download-artifact@v4.1.4...v4.1.5

</details>

<details>
<summary>actions/setup-go (actions/setup-go)</summary>

###
[`v5.0.1`](https://togithub.com/actions/setup-go/releases/tag/v5.0.1)

[Compare
Source](https://togithub.com/actions/setup-go/compare/v5.0.0...v5.0.1)

#### What's Changed

- Bump undici from 5.28.2 to 5.28.3 and dependencies upgrade by
[@&#8203;dependabot](https://togithub.com/dependabot) ,
[@&#8203;HarithaVattikuti](https://togithub.com/HarithaVattikuti) in
[https://github.com/actions/setup-go/pull/465](https://togithub.com/actions/setup-go/pull/465)
- Update documentation with latest V5 release notes by
[@&#8203;ab](https://togithub.com/ab) in
[https://github.com/actions/setup-go/pull/459](https://togithub.com/actions/setup-go/pull/459)
- Update version documentation by
[@&#8203;178inaba](https://togithub.com/178inaba) in
[https://github.com/actions/setup-go/pull/458](https://togithub.com/actions/setup-go/pull/458)
- Documentation update of `actions/setup-go` to v5 by
[@&#8203;chenrui333](https://togithub.com/chenrui333) in
[https://github.com/actions/setup-go/pull/449](https://togithub.com/actions/setup-go/pull/449)

#### New Contributors

- [@&#8203;ab](https://togithub.com/ab) made their first contribution in
[https://github.com/actions/setup-go/pull/459](https://togithub.com/actions/setup-go/pull/459)

**Full Changelog**:
actions/setup-go@v5.0.0...v5.0.1

</details>

<details>
<summary>actions/upload-artifact (actions/upload-artifact)</summary>

###
[`v4.3.3`](https://togithub.com/actions/upload-artifact/releases/tag/v4.3.3)

[Compare
Source](https://togithub.com/actions/upload-artifact/compare/v4.3.2...v4.3.3)

##### What's Changed

- updating `@actions/artifact` dependency to v2.1.6 by
[@&#8203;eggyhead](https://togithub.com/eggyhead) in
[https://github.com/actions/upload-artifact/pull/565](https://togithub.com/actions/upload-artifact/pull/565)

**Full Changelog**:
actions/upload-artifact@v4.3.2...v4.3.3

###
[`v4.3.2`](https://togithub.com/actions/upload-artifact/releases/tag/v4.3.2)

[Compare
Source](https://togithub.com/actions/upload-artifact/compare/v4.3.1...v4.3.2)

#### What's Changed

- Update release-new-action-version.yml by
[@&#8203;konradpabjan](https://togithub.com/konradpabjan) in
[https://github.com/actions/upload-artifact/pull/516](https://togithub.com/actions/upload-artifact/pull/516)
- Minor fix to the migration readme by
[@&#8203;andrewakim](https://togithub.com/andrewakim) in
[https://github.com/actions/upload-artifact/pull/523](https://togithub.com/actions/upload-artifact/pull/523)
- Update readme with v3/v2/v1 deprecation notice by
[@&#8203;robherley](https://togithub.com/robherley) in
[https://github.com/actions/upload-artifact/pull/561](https://togithub.com/actions/upload-artifact/pull/561)
- updating `@actions/artifact` dependency to v2.1.5 and `@actions/core`
to v1.0.1 by [@&#8203;eggyhead](https://togithub.com/eggyhead) in
[https://github.com/actions/upload-artifact/pull/562](https://togithub.com/actions/upload-artifact/pull/562)

#### New Contributors

- [@&#8203;andrewakim](https://togithub.com/andrewakim) made their first
contribution in
[https://github.com/actions/upload-artifact/pull/523](https://togithub.com/actions/upload-artifact/pull/523)

**Full Changelog**:
actions/upload-artifact@v4.3.1...v4.3.2

</details>

<details>
<summary>codecov/codecov-action (codecov/codecov-action)</summary>

###
[`v4.3.1`](https://togithub.com/codecov/codecov-action/compare/v4.3.0...v4.3.1)

[Compare
Source](https://togithub.com/codecov/codecov-action/compare/v4.3.0...v4.3.1)

</details>

<details>
<summary>github/codeql-action (github/codeql-action)</summary>

###
[`v3.25.3`](https://togithub.com/github/codeql-action/compare/v3.25.2...v3.25.3)

[Compare
Source](https://togithub.com/github/codeql-action/compare/v3.25.2...v3.25.3)

###
[`v3.25.2`](https://togithub.com/github/codeql-action/compare/v3.25.1...v3.25.2)

[Compare
Source](https://togithub.com/github/codeql-action/compare/v3.25.1...v3.25.2)

###
[`v3.25.1`](https://togithub.com/github/codeql-action/compare/v3.25.0...v3.25.1)

[Compare
Source](https://togithub.com/github/codeql-action/compare/v3.25.0...v3.25.1)

###
[`v3.25.0`](https://togithub.com/github/codeql-action/compare/v3.24.10...v3.25.0)

[Compare
Source](https://togithub.com/github/codeql-action/compare/v3.24.10...v3.25.0)

</details>

<details>
<summary>golangci/golangci-lint-action
(golangci/golangci-lint-action)</summary>

###
[`v4.0.1`](https://togithub.com/golangci/golangci-lint-action/releases/tag/v4.0.1)

[Compare
Source](https://togithub.com/golangci/golangci-lint-action/compare/v4.0.0...v4.0.1)

<!-- Release notes generated using configuration in .github/release.yml
at v4.0.1 -->

#### What's Changed

##### Documentation

- docs: update the version of the action used in the README example by
[@&#8203;178inaba](https://togithub.com/178inaba) in
[https://github.com/golangci/golangci-lint-action/pull/977](https://togithub.com/golangci/golangci-lint-action/pull/977)

##### Dependencies

- build(deps): bump
[@&#8203;types/semver](https://togithub.com/types/semver) from 7.5.6 to
7.5.7 by [@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/golangci/golangci-lint-action/pull/969](https://togithub.com/golangci/golangci-lint-action/pull/969)
- build(deps-dev): bump
[@&#8203;typescript-eslint/parser](https://togithub.com/typescript-eslint/parser)
from 6.20.0 to 6.21.0 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/golangci/golangci-lint-action/pull/970](https://togithub.com/golangci/golangci-lint-action/pull/970)
- build(deps-dev): bump eslint-plugin-simple-import-sort from 10.0.0 to
12.0.0 by [@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/golangci/golangci-lint-action/pull/971](https://togithub.com/golangci/golangci-lint-action/pull/971)
- build(deps-dev): bump
[@&#8203;typescript-eslint/eslint-plugin](https://togithub.com/typescript-eslint/eslint-plugin)
from 6.20.0 to 6.21.0 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/golangci/golangci-lint-action/pull/973](https://togithub.com/golangci/golangci-lint-action/pull/973)
- build(deps): bump
[@&#8203;types/node](https://togithub.com/types/node) from 20.11.16 to
20.11.17 by [@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/golangci/golangci-lint-action/pull/972](https://togithub.com/golangci/golangci-lint-action/pull/972)
- build(deps): bump
[@&#8203;types/node](https://togithub.com/types/node) from 20.11.17 to
20.11.19 by [@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/golangci/golangci-lint-action/pull/979](https://togithub.com/golangci/golangci-lint-action/pull/979)
- build(deps-dev): bump
[@&#8203;typescript-eslint/eslint-plugin](https://togithub.com/typescript-eslint/eslint-plugin)
from 6.21.0 to 7.0.0 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/golangci/golangci-lint-action/pull/980](https://togithub.com/golangci/golangci-lint-action/pull/980)
- build(deps): bump undici from 5.26.3 to 5.28.3 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/golangci/golangci-lint-action/pull/976](https://togithub.com/golangci/golangci-lint-action/pull/976)
- build(deps): bump
[@&#8203;types/node](https://togithub.com/types/node) from 20.11.19 to
20.11.20 by [@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/golangci/golangci-lint-action/pull/985](https://togithub.com/golangci/golangci-lint-action/pull/985)
- build(deps): bump
[@&#8203;types/semver](https://togithub.com/types/semver) from 7.5.7 to
7.5.8 by [@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/golangci/golangci-lint-action/pull/986](https://togithub.com/golangci/golangci-lint-action/pull/986)
- build(deps-dev): bump eslint from 8.56.0 to 8.57.0 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/golangci/golangci-lint-action/pull/987](https://togithub.com/golangci/golangci-lint-action/pull/987)
- build(deps): bump tmp from 0.2.1 to 0.2.3 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/golangci/golangci-lint-action/pull/989](https://togithub.com/golangci/golangci-lint-action/pull/989)
- build(deps-dev): bump
[@&#8203;typescript-eslint/parser](https://togithub.com/typescript-eslint/parser)
from 6.21.0 to 7.1.0 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/golangci/golangci-lint-action/pull/988](https://togithub.com/golangci/golangci-lint-action/pull/988)
- build(deps): bump
[@&#8203;types/node](https://togithub.com/types/node) from 20.11.20 to
20.11.24 by [@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/golangci/golangci-lint-action/pull/990](https://togithub.com/golangci/golangci-lint-action/pull/990)
- build(deps-dev): bump
[@&#8203;typescript-eslint/parser](https://togithub.com/typescript-eslint/parser)
from 7.1.0 to 7.1.1 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/golangci/golangci-lint-action/pull/991](https://togithub.com/golangci/golangci-lint-action/pull/991)
- build(deps): bump
[@&#8203;types/node](https://togithub.com/types/node) from 20.11.24 to
20.11.25 by [@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/golangci/golangci-lint-action/pull/992](https://togithub.com/golangci/golangci-lint-action/pull/992)
- build(deps-dev): bump typescript from 5.3.3 to 5.4.2 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/golangci/golangci-lint-action/pull/993](https://togithub.com/golangci/golangci-lint-action/pull/993)
- build(deps-dev): bump
[@&#8203;typescript-eslint/eslint-plugin](https://togithub.com/typescript-eslint/eslint-plugin)
from 7.1.0 to 7.1.1 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/golangci/golangci-lint-action/pull/994](https://togithub.com/golangci/golangci-lint-action/pull/994)
- build(deps): bump
[@&#8203;actions/http-client](https://togithub.com/actions/http-client)
from 2.2.0 to 2.2.1 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/golangci/golangci-lint-action/pull/995](https://togithub.com/golangci/golangci-lint-action/pull/995)
- build(deps): bump google.golang.org/protobuf from 1.28.0 to 1.33.0 in
/sample-go-mod by [@&#8203;dependabot](https://togithub.com/dependabot)
in
[https://github.com/golangci/golangci-lint-action/pull/997](https://togithub.com/golangci/golangci-lint-action/pull/997)
- build(deps-dev): bump
[@&#8203;typescript-eslint/parser](https://togithub.com/typescript-eslint/parser)
from 7.1.1 to 7.2.0 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/golangci/golangci-lint-action/pull/998](https://togithub.com/golangci/golangci-lint-action/pull/998)
- build(deps): bump
[@&#8203;types/node](https://togithub.com/types/node) from 20.11.25 to
20.11.28 by [@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/golangci/golangci-lint-action/pull/1000](https://togithub.com/golangci/golangci-lint-action/pull/1000)
- build(deps-dev): bump
[@&#8203;typescript-eslint/eslint-plugin](https://togithub.com/typescript-eslint/eslint-plugin)
from 7.1.1 to 7.2.0 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/golangci/golangci-lint-action/pull/999](https://togithub.com/golangci/golangci-lint-action/pull/999)
- build(deps-dev): bump
[@&#8203;typescript-eslint/eslint-plugin](https://togithub.com/typescript-eslint/eslint-plugin)
from 7.2.0 to 7.3.1 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/golangci/golangci-lint-action/pull/1003](https://togithub.com/golangci/golangci-lint-action/pull/1003)
- build(deps): bump
[@&#8203;types/node](https://togithub.com/types/node) from 20.11.28 to
20.11.30 by [@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/golangci/golangci-lint-action/pull/1004](https://togithub.com/golangci/golangci-lint-action/pull/1004)
- build(deps-dev): bump typescript from 5.4.2 to 5.4.3 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/golangci/golangci-lint-action/pull/1005](https://togithub.com/golangci/golangci-lint-action/pull/1005)
- build(deps-dev): bump
[@&#8203;typescript-eslint/parser](https://togithub.com/typescript-eslint/parser)
from 7.2.0 to 7.3.1 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/golangci/golangci-lint-action/pull/1006](https://togithub.com/golangci/golangci-lint-action/pull/1006)
- build(deps): bump
[@&#8203;types/node](https://togithub.com/types/node) from 20.11.30 to
20.12.2 by [@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/golangci/golangci-lint-action/pull/1007](https://togithub.com/golangci/golangci-lint-action/pull/1007)
- build(deps-dev): bump
[@&#8203;typescript-eslint/eslint-plugin](https://togithub.com/typescript-eslint/eslint-plugin)
from 7.3.1 to 7.4.0 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/golangci/golangci-lint-action/pull/1008](https://togithub.com/golangci/golangci-lint-action/pull/1008)
- build(deps-dev): bump
[@&#8203;typescript-eslint/parser](https://togithub.com/typescript-eslint/parser)
from 7.3.1 to 7.4.0 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/golangci/golangci-lint-action/pull/1009](https://togithub.com/golangci/golangci-lint-action/pull/1009)
- build(deps): bump undici from 5.28.3 to 5.28.4 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/golangci/golangci-lint-action/pull/1010](https://togithub.com/golangci/golangci-lint-action/pull/1010)
- build(deps-dev): bump typescript from 5.4.3 to 5.4.4 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/golangci/golangci-lint-action/pull/1011](https://togithub.com/golangci/golangci-lint-action/pull/1011)
- build(deps): bump
[@&#8203;types/node](https://togithub.com/types/node) from 20.12.2 to
20.12.5 by [@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/golangci/golangci-lint-action/pull/1012](https://togithub.com/golangci/golangci-lint-action/pull/1012)
- build(deps-dev): bump
[@&#8203;typescript-eslint/eslint-plugin](https://togithub.com/typescript-eslint/eslint-plugin)
from 7.4.0 to 7.5.0 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/golangci/golangci-lint-action/pull/1013](https://togithub.com/golangci/golangci-lint-action/pull/1013)
- build(deps-dev): bump
[@&#8203;typescript-eslint/parser](https://togithub.com/typescript-eslint/parser)
from 7.4.0 to 7.5.0 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/golangci/golangci-lint-action/pull/1014](https://togithub.com/golangci/golangci-lint-action/pull/1014)
- build(deps): bump
[@&#8203;types/node](https://togithub.com/types/node) from 20.12.5 to
20.12.7 by [@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/golangci/golangci-lint-action/pull/1016](https://togithub.com/golangci/golangci-lint-action/pull/1016)
- build(deps-dev): bump typescript from 5.4.4 to 5.4.5 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/golangci/golangci-lint-action/pull/1017](https://togithub.com/golangci/golangci-lint-action/pull/1017)
- build(deps-dev): bump
[@&#8203;typescript-eslint/eslint-plugin](https://togithub.com/typescript-eslint/eslint-plugin)
from 7.5.0 to 7.6.0 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/golangci/golangci-lint-action/pull/1019](https://togithub.com/golangci/golangci-lint-action/pull/1019)
- build(deps-dev): bump eslint-plugin-simple-import-sort from 12.0.0 to
12.1.0 by [@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/golangci/golangci-lint-action/pull/1018](https://togithub.com/golangci/golangci-lint-action/pull/1018)
- build(deps-dev): bump
[@&#8203;typescript-eslint/parser](https://togithub.com/typescript-eslint/parser)
from 7.5.0 to 7.7.0 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/golangci/golangci-lint-action/pull/1022](https://togithub.com/golangci/golangci-lint-action/pull/1022)
- build(deps-dev): bump
[@&#8203;typescript-eslint/eslint-plugin](https://togithub.com/typescript-eslint/eslint-plugin)
from 7.6.0 to 7.7.0 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/golangci/golangci-lint-action/pull/1023](https://togithub.com/golangci/golangci-lint-action/pull/1023)

#### New Contributors

- [@&#8203;178inaba](https://togithub.com/178inaba) made their first
contribution in
[https://github.com/golangci/golangci-lint-action/pull/977](https://togithub.com/golangci/golangci-lint-action/pull/977)

**Full Changelog**:
golangci/golangci-lint-action@v4.0.0...v4.0.1

</details>

---

### Configuration

📅 **Schedule**: Branch creation - "before 6am on monday" in timezone
Australia/Sydney, Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

👻 **Immortal**: This PR will be recreated if closed unmerged. Get
[config help](https://togithub.com/renovatebot/renovate/discussions) if
that's undesired.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View
repository job log
[here](https://developer.mend.io/github/google/osv-scanner).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4zMTMuMSIsInVwZGF0ZWRJblZlciI6IjM3LjM0MC4xMCIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOlsiZGVwZW5kZW5jaWVzIl19-->
xballoy referenced this pull request in kumojin/go-uuid May 7, 2024
[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Type | Update | Change |
|---|---|---|---|
| [actions/setup-go](https://togithub.com/actions/setup-go) | action |
patch | `v5.0.0` -> `v5.0.1` |

---

### Release Notes

<details>
<summary>actions/setup-go (actions/setup-go)</summary>

###
[`v5.0.1`](https://togithub.com/actions/setup-go/releases/tag/v5.0.1)

[Compare
Source](https://togithub.com/actions/setup-go/compare/v5.0.0...v5.0.1)

#### What's Changed

- Bump undici from 5.28.2 to 5.28.3 and dependencies upgrade by
[@&#8203;dependabot](https://togithub.com/dependabot) ,
[@&#8203;HarithaVattikuti](https://togithub.com/HarithaVattikuti) in
[https://github.com/actions/setup-go/pull/465](https://togithub.com/actions/setup-go/pull/465)
- Update documentation with latest V5 release notes by
[@&#8203;ab](https://togithub.com/ab) in
[https://github.com/actions/setup-go/pull/459](https://togithub.com/actions/setup-go/pull/459)
- Update version documentation by
[@&#8203;178inaba](https://togithub.com/178inaba) in
[https://github.com/actions/setup-go/pull/458](https://togithub.com/actions/setup-go/pull/458)
- Documentation update of `actions/setup-go` to v5 by
[@&#8203;chenrui333](https://togithub.com/chenrui333) in
[https://github.com/actions/setup-go/pull/449](https://togithub.com/actions/setup-go/pull/449)

#### New Contributors

- [@&#8203;ab](https://togithub.com/ab) made their first contribution in
[https://github.com/actions/setup-go/pull/459](https://togithub.com/actions/setup-go/pull/459)

**Full Changelog**:
actions/setup-go@v5.0.0...v5.0.1

</details>

---

### Configuration

📅 **Schedule**: Branch creation - "before 4am on Monday" (UTC),
Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View
repository job log
[here](https://developer.mend.io/github/kumojin/go-uuid).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4zNDAuMTAiLCJ1cGRhdGVkSW5WZXIiOiIzNy4zNDAuMTAiLCJ0YXJnZXRCcmFuY2giOiJtYWluIiwibGFiZWxzIjpbXX0=-->
bogdandrutu referenced this pull request in open-telemetry/opentelemetry-collector May 8, 2024
[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Type | Update | Change |
|---|---|---|---|
| [actions/setup-go](https://togithub.com/actions/setup-go) | action |
patch | `v5.0.0` -> `v5.0.1` |

---

> [!WARNING]
> Some dependencies could not be looked up. Check the Dependency
Dashboard for more information.

---

### Release Notes

<details>
<summary>actions/setup-go (actions/setup-go)</summary>

###
[`v5.0.1`](https://togithub.com/actions/setup-go/releases/tag/v5.0.1)

[Compare
Source](https://togithub.com/actions/setup-go/compare/v5.0.0...v5.0.1)

#### What's Changed

- Bump undici from 5.28.2 to 5.28.3 and dependencies upgrade by
[@&#8203;dependabot](https://togithub.com/dependabot) ,
[@&#8203;HarithaVattikuti](https://togithub.com/HarithaVattikuti) in
[https://github.com/actions/setup-go/pull/465](https://togithub.com/actions/setup-go/pull/465)
- Update documentation with latest V5 release notes by
[@&#8203;ab](https://togithub.com/ab) in
[https://github.com/actions/setup-go/pull/459](https://togithub.com/actions/setup-go/pull/459)
- Update version documentation by
[@&#8203;178inaba](https://togithub.com/178inaba) in
[https://github.com/actions/setup-go/pull/458](https://togithub.com/actions/setup-go/pull/458)
- Documentation update of `actions/setup-go` to v5 by
[@&#8203;chenrui333](https://togithub.com/chenrui333) in
[https://github.com/actions/setup-go/pull/449](https://togithub.com/actions/setup-go/pull/449)

#### New Contributors

- [@&#8203;ab](https://togithub.com/ab) made their first contribution in
[https://github.com/actions/setup-go/pull/459](https://togithub.com/actions/setup-go/pull/459)

**Full Changelog**:
actions/setup-go@v5.0.0...v5.0.1

</details>

---

### Configuration

📅 **Schedule**: Branch creation - "on tuesday" (UTC), Automerge - At any
time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View
repository job log
[here](https://developer.mend.io/github/open-telemetry/opentelemetry-collector).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4zNDAuMTAiLCJ1cGRhdGVkSW5WZXIiOiIzNy4zNDAuMTAiLCJ0YXJnZXRCcmFuY2giOiJtYWluIiwibGFiZWxzIjpbImRlcGVuZGVuY2llcyIsInJlbm92YXRlYm90Il19-->

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Yang Song <songy23@users.noreply.github.com>
Racer159 referenced this pull request in defenseunicorns/maru-runner May 22, 2024
[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Type | Update | Change |
|---|---|---|---|
|
[actions/create-github-app-token](https://togithub.com/actions/create-github-app-token)
| action | minor | `v1.9.0` -> `v1.10.0` |
| [actions/setup-go](https://togithub.com/actions/setup-go) | action |
patch | `v5.0.0` -> `v5.0.1` |
| [anchore/sbom-action](https://togithub.com/anchore/sbom-action) |
action | minor | `v0.15.11` -> `v0.16.0` |
| [defenseunicorns/zarf](https://togithub.com/defenseunicorns/zarf) | |
minor | `v0.32.5` -> `v0.33.2` |
| [github/codeql-action](https://togithub.com/github/codeql-action) |
action | patch | `v3.25.3` -> `v3.25.6` |
|
[goreleaser/goreleaser-action](https://togithub.com/goreleaser/goreleaser-action)
| action | minor | `v5.0.0` -> `v5.1.0` |
| [ossf/scorecard-action](https://togithub.com/ossf/scorecard-action) |
action | patch | `v2.3.1` -> `v2.3.3` |

---

### Release Notes

<details>
<summary>actions/create-github-app-token
(actions/create-github-app-token)</summary>

###
[`v1.10.0`](https://togithub.com/actions/create-github-app-token/releases/tag/v1.10.0)

[Compare
Source](https://togithub.com/actions/create-github-app-token/compare/v1.9.3...v1.10.0)

##### Features

- **`private-key`:** escaped newlines will be replaced
([#&#8203;132](https://togithub.com/actions/create-github-app-token/issues/132))
([9d23fb9](https://togithub.com/actions/create-github-app-token/commit/9d23fb93dd620572046d85c7c1032b488c12514f))

###
[`v1.9.3`](https://togithub.com/actions/create-github-app-token/releases/tag/v1.9.3)

[Compare
Source](https://togithub.com/actions/create-github-app-token/compare/v1.9.2...v1.9.3)

##### Bug Fixes

- **deps:** bump undici from 6.10.2 to 6.11.1
([#&#8203;125](https://togithub.com/actions/create-github-app-token/issues/125))
([3c223c7](https://togithub.com/actions/create-github-app-token/commit/3c223c7336e276235eb843dd4e6ad42147199cbf)),
closes
[#&#8203;3024](https://togithub.com/actions/create-github-app-token/issues/3024)
[nodejs/undici#3044](https://togithub.com/nodejs/undici/issues/3044)
[#&#8203;3023](https://togithub.com/actions/create-github-app-token/issues/3023)
[nodejs/undici#3025](https://togithub.com/nodejs/undici/issues/3025)
[nodejs/undici#3024](https://togithub.com/nodejs/undici/issues/3024)
[nodejs/undici#3034](https://togithub.com/nodejs/undici/issues/3034)
[nodejs/undici#3038](https://togithub.com/nodejs/undici/issues/3038)
[nodejs/undici#2947](https://togithub.com/nodejs/undici/issues/2947)
[nodejs/undici#3040](https://togithub.com/nodejs/undici/issues/3040)
[nodejs/undici#3036](https://togithub.com/nodejs/undici/issues/3036)
[nodejs/undici#3041](https://togithub.com/nodejs/undici/issues/3041)
[#&#8203;3024](https://togithub.com/actions/create-github-app-token/issues/3024)
[#&#8203;3041](https://togithub.com/actions/create-github-app-token/issues/3041)
[#&#8203;3036](https://togithub.com/actions/create-github-app-token/issues/3036)

###
[`v1.9.2`](https://togithub.com/actions/create-github-app-token/releases/tag/v1.9.2)

[Compare
Source](https://togithub.com/actions/create-github-app-token/compare/v1.9.1...v1.9.2)

##### Bug Fixes

- **deps:** bump the production-dependencies group with 1 update
([#&#8203;123](https://togithub.com/actions/create-github-app-token/issues/123))
([beea7b8](https://togithub.com/actions/create-github-app-token/commit/beea7b860ac0b14ca14258aca701da842aa65e30)),
closes
[nodejs/undici#2978](https://togithub.com/nodejs/undici/issues/2978)
[nodejs/undici#2971](https://togithub.com/nodejs/undici/issues/2971)
[nodejs/undici#2980](https://togithub.com/nodejs/undici/issues/2980)
[#&#8203;2982](https://togithub.com/actions/create-github-app-token/issues/2982)
[nodejs/undici#2983](https://togithub.com/nodejs/undici/issues/2983)
[nodejs/undici#2987](https://togithub.com/nodejs/undici/issues/2987)
[nodejs/undici#2991](https://togithub.com/nodejs/undici/issues/2991)
[#&#8203;2986](https://togithub.com/actions/create-github-app-token/issues/2986)
[nodejs/undici#2992](https://togithub.com/nodejs/undici/issues/2992)
[nodejs/undici#2985](https://togithub.com/nodejs/undici/issues/2985)
[nodejs/undici#2993](https://togithub.com/nodejs/undici/issues/2993)
[nodejs/undici#2995](https://togithub.com/nodejs/undici/issues/2995)
[nodejs/undici#2998](https://togithub.com/nodejs/undici/issues/2998)
[#&#8203;2863](https://togithub.com/actions/create-github-app-token/issues/2863)
[nodejs/undici#2999](https://togithub.com/nodejs/undici/issues/2999)
[nodejs/undici#3001](https://togithub.com/nodejs/undici/issues/3001)
[nodejs/undici#2971](https://togithub.com/nodejs/undici/issues/2971)
[nodejs/undici#2980](https://togithub.com/nodejs/undici/issues/2980)
[nodejs/undici#2983](https://togithub.com/nodejs/undici/issues/2983)
[nodejs/undici#2987](https://togithub.com/nodejs/undici/issues/2987)
[nodejs/undici#2991](https://togithub.com/nodejs/undici/issues/2991)
[nodejs/undici#2985](https://togithub.com/nodejs/undici/issues/2985)
[nodejs/undici#2995](https://togithub.com/nodejs/undici/issues/2995)
[nodejs/undici#2960](https://togithub.com/nodejs/undici/issues/2960)
[nodejs/undici#2959](https://togithub.com/nodejs/undici/issues/2959)
[nodejs/undici#2969](https://togithub.com/nodejs/undici/issues/2969)
[nodejs/undici#2962](https://togithub.com/nodejs/undici/issues/2962)
[nodejs/undici#2974](https://togithub.com/nodejs/undici/issues/2974)
[nodejs/undici#2967](https://togithub.com/nodejs/undici/issues/2967)
[nodejs/undici#2966](https://togithub.com/nodejs/undici/issues/2966)
[nodejs/undici#2969](https://togithub.com/nodejs/undici/issues/2969)
[nodejs/undici#2962](https://togithub.com/nodejs/undici/issues/2962)
[nodejs/undici#2826](https://togithub.com/nodejs/undici/issues/2826)
[nodejs/undici#2952](https://togithub.com/nodejs/undici/issues/2952)
[#&#8203;3001](https://togithub.com/actions/create-github-app-token/issues/3001)
[#&#8203;2863](https://togithub.com/actions/create-github-app-token/issues/2863)
[#&#8203;2999](https://togithub.com/actions/create-github-app-token/issues/2999)
[#&#8203;2998](https://togithub.com/actions/create-github-app-token/issues/2998)
[#&#8203;2993](https://togithub.com/actions/create-github-app-token/issues/2993)
[#&#8203;2986](https://togithub.com/actions/create-github-app-token/issues/2986)
[#&#8203;2992](https://togithub.com/actions/create-github-app-token/issues/2992)
[#&#8203;2991](https://togithub.com/actions/create-github-app-token/issues/2991)
[#&#8203;2987](https://togithub.com/actions/create-github-app-token/issues/2987)

###
[`v1.9.1`](https://togithub.com/actions/create-github-app-token/releases/tag/v1.9.1)

[Compare
Source](https://togithub.com/actions/create-github-app-token/compare/v1.9.0...v1.9.1)

##### Bug Fixes

- clarify `owner` input description
([#&#8203;118](https://togithub.com/actions/create-github-app-token/issues/118))
([d9bc169](https://togithub.com/actions/create-github-app-token/commit/d9bc16919cdbdb07543eb732aa872437384e296f))

</details>

<details>
<summary>actions/setup-go (actions/setup-go)</summary>

###
[`v5.0.1`](https://togithub.com/actions/setup-go/releases/tag/v5.0.1)

[Compare
Source](https://togithub.com/actions/setup-go/compare/v5.0.0...v5.0.1)

#### What's Changed

- Bump undici from 5.28.2 to 5.28.3 and dependencies upgrade by
[@&#8203;dependabot](https://togithub.com/dependabot) ,
[@&#8203;HarithaVattikuti](https://togithub.com/HarithaVattikuti) in
[https://github.com/actions/setup-go/pull/465](https://togithub.com/actions/setup-go/pull/465)
- Update documentation with latest V5 release notes by
[@&#8203;ab](https://togithub.com/ab) in
[https://github.com/actions/setup-go/pull/459](https://togithub.com/actions/setup-go/pull/459)
- Update version documentation by
[@&#8203;178inaba](https://togithub.com/178inaba) in
[https://github.com/actions/setup-go/pull/458](https://togithub.com/actions/setup-go/pull/458)
- Documentation update of `actions/setup-go` to v5 by
[@&#8203;chenrui333](https://togithub.com/chenrui333) in
[https://github.com/actions/setup-go/pull/449](https://togithub.com/actions/setup-go/pull/449)

#### New Contributors

- [@&#8203;ab](https://togithub.com/ab) made their first contribution in
[https://github.com/actions/setup-go/pull/459](https://togithub.com/actions/setup-go/pull/459)

**Full Changelog**:
actions/setup-go@v5.0.0...v5.0.1

</details>

<details>
<summary>anchore/sbom-action (anchore/sbom-action)</summary>

###
[`v0.16.0`](https://togithub.com/anchore/sbom-action/releases/tag/v0.16.0):
v0.16

[Compare
Source](https://togithub.com/anchore/sbom-action/compare/v0.15.11...v0.16.0)

#### Changes in v0.16.0

- Update Syft to v1.4.1
([#&#8203;465](https://togithub.com/anchore/sbom-action/issues/465))
- Update GitHub artifact client
([#&#8203;463](https://togithub.com/anchore/sbom-action/issues/463))
\[[kzantow](https://togithub.com/kzantow)]

</details>

<details>
<summary>defenseunicorns/zarf (defenseunicorns/zarf)</summary>

###
[`v0.33.2`](https://togithub.com/defenseunicorns/zarf/releases/tag/v0.33.2)

[Compare
Source](https://togithub.com/defenseunicorns/zarf/compare/v0.33.1...v0.33.2)

##### What's Changed

- fix: schema integration by
[@&#8203;AustinAbro321](https://togithub.com/AustinAbro321) in
[https://github.com/defenseunicorns/zarf/pull/2463](https://togithub.com/defenseunicorns/zarf/pull/2463)
- docs: add contributor covenant code of conduct by
[@&#8203;salaxander](https://togithub.com/salaxander) in
[https://github.com/defenseunicorns/zarf/pull/2462](https://togithub.com/defenseunicorns/zarf/pull/2462)
- docs: fix casing on code of conduct badge by
[@&#8203;salaxander](https://togithub.com/salaxander) in
[https://github.com/defenseunicorns/zarf/pull/2466](https://togithub.com/defenseunicorns/zarf/pull/2466)
- fix(deps): update github.com/anchore/clio digest to
[`3c4abf8`](https://togithub.com/defenseunicorns/zarf/commit/3c4abf8) by
[@&#8203;renovate](https://togithub.com/renovate) in
[https://github.com/defenseunicorns/zarf/pull/2424](https://togithub.com/defenseunicorns/zarf/pull/2424)
- fix: update docker media type in registry by
[@&#8203;AustinAbro321](https://togithub.com/AustinAbro321) in
[https://github.com/defenseunicorns/zarf/pull/2476](https://togithub.com/defenseunicorns/zarf/pull/2476)
- fix: adds GetVariableConfig function for packager by
[@&#8203;decleaver](https://togithub.com/decleaver) in
[https://github.com/defenseunicorns/zarf/pull/2475](https://togithub.com/defenseunicorns/zarf/pull/2475)
- test: add tests for remove copies from components to enable
refactoring by [@&#8203;phillebaba](https://togithub.com/phillebaba) in
[https://github.com/defenseunicorns/zarf/pull/2473](https://togithub.com/defenseunicorns/zarf/pull/2473)
- fix!: do not uninstall helm chart after failed install or upgrade by
[@&#8203;lucasrod16](https://togithub.com/lucasrod16) in
[https://github.com/defenseunicorns/zarf/pull/2456](https://togithub.com/defenseunicorns/zarf/pull/2456)
- feat: inspect --list-images by
[@&#8203;Noxsios](https://togithub.com/Noxsios) in
[https://github.com/defenseunicorns/zarf/pull/2478](https://togithub.com/defenseunicorns/zarf/pull/2478)
- refactor: remove copies from components to a filter by
[@&#8203;phillebaba](https://togithub.com/phillebaba) in
[https://github.com/defenseunicorns/zarf/pull/2474](https://togithub.com/defenseunicorns/zarf/pull/2474)
- chore: add support.md by
[@&#8203;schristoff](https://togithub.com/schristoff) in
[https://github.com/defenseunicorns/zarf/pull/2480](https://togithub.com/defenseunicorns/zarf/pull/2480)
- chore: add a check for go mod tidy by
[@&#8203;lucasrod16](https://togithub.com/lucasrod16) in
[https://github.com/defenseunicorns/zarf/pull/2481](https://togithub.com/defenseunicorns/zarf/pull/2481)
- fix: use correct sha256 checksum for arm64 injector binary by
[@&#8203;lucasrod16](https://togithub.com/lucasrod16) in
[https://github.com/defenseunicorns/zarf/pull/2483](https://togithub.com/defenseunicorns/zarf/pull/2483)
- fix: simplify go mod tidy check by
[@&#8203;lucasrod16](https://togithub.com/lucasrod16) in
[https://github.com/defenseunicorns/zarf/pull/2482](https://togithub.com/defenseunicorns/zarf/pull/2482)

##### New Contributors

- [@&#8203;salaxander](https://togithub.com/salaxander) made their first
contribution in
[https://github.com/defenseunicorns/zarf/pull/2462](https://togithub.com/defenseunicorns/zarf/pull/2462)
- [@&#8203;phillebaba](https://togithub.com/phillebaba) made their first
contribution in
[https://github.com/defenseunicorns/zarf/pull/2473](https://togithub.com/defenseunicorns/zarf/pull/2473)
- [@&#8203;schristoff](https://togithub.com/schristoff) made their first
contribution in
[https://github.com/defenseunicorns/zarf/pull/2480](https://togithub.com/defenseunicorns/zarf/pull/2480)

**Full Changelog**:
zarf-dev/zarf@v0.33.1...v0.33.2

###
[`v0.33.1`](https://togithub.com/defenseunicorns/zarf/releases/tag/v0.33.1)

[Compare
Source](https://togithub.com/defenseunicorns/zarf/compare/v0.33.0...v0.33.1)

#### What's Changed

- fix: add redirect so old zarf base link is compatiable by
[@&#8203;AustinAbro321](https://togithub.com/AustinAbro321) in
[https://github.com/defenseunicorns/zarf/pull/2432](https://togithub.com/defenseunicorns/zarf/pull/2432)
- ci: pin third-party gh actions by hash by
[@&#8203;lucasrod16](https://togithub.com/lucasrod16) in
[https://github.com/defenseunicorns/zarf/pull/2433](https://togithub.com/defenseunicorns/zarf/pull/2433)
- docs: add redirect for examples by
[@&#8203;lucasrod16](https://togithub.com/lucasrod16) in
[https://github.com/defenseunicorns/zarf/pull/2438](https://togithub.com/defenseunicorns/zarf/pull/2438)
- docs: update contributing and pre-commit by
[@&#8203;Noxsios](https://togithub.com/Noxsios) in
[https://github.com/defenseunicorns/zarf/pull/2439](https://togithub.com/defenseunicorns/zarf/pull/2439)
- ci: fix revive image ref in lint workflow by
[@&#8203;lucasrod16](https://togithub.com/lucasrod16) in
[https://github.com/defenseunicorns/zarf/pull/2436](https://togithub.com/defenseunicorns/zarf/pull/2436)
- fix: filter on running pods when finding an image for injector pod by
[@&#8203;lucasrod16](https://togithub.com/lucasrod16) in
[https://github.com/defenseunicorns/zarf/pull/2415](https://togithub.com/defenseunicorns/zarf/pull/2415)
- fix: readme dead links by
[@&#8203;AustinAbro321](https://togithub.com/AustinAbro321) in
[https://github.com/defenseunicorns/zarf/pull/2442](https://togithub.com/defenseunicorns/zarf/pull/2442)
- fix: differential package create with non local sources by
[@&#8203;AustinAbro321](https://togithub.com/AustinAbro321) in
[https://github.com/defenseunicorns/zarf/pull/2444](https://togithub.com/defenseunicorns/zarf/pull/2444)
- refactor: move variables into separate package by
[@&#8203;Racer159](https://togithub.com/Racer159) in
[https://github.com/defenseunicorns/zarf/pull/2414](https://togithub.com/defenseunicorns/zarf/pull/2414)
- ci: add top level workflow permission to commitlint by
[@&#8203;lucasrod16](https://togithub.com/lucasrod16) in
[https://github.com/defenseunicorns/zarf/pull/2449](https://togithub.com/defenseunicorns/zarf/pull/2449)
- ci: remove unused env var from codeql workflow by
[@&#8203;lucasrod16](https://togithub.com/lucasrod16) in
[https://github.com/defenseunicorns/zarf/pull/2450](https://togithub.com/defenseunicorns/zarf/pull/2450)
- chore: cleanup root level files and add SPDX check for Go files by
[@&#8203;Noxsios](https://togithub.com/Noxsios) in
[https://github.com/defenseunicorns/zarf/pull/2431](https://togithub.com/defenseunicorns/zarf/pull/2431)
- feat: config to enable resilient registry by
[@&#8203;Michael-Kruggel](https://togithub.com/Michael-Kruggel) in
[https://github.com/defenseunicorns/zarf/pull/2440](https://togithub.com/defenseunicorns/zarf/pull/2440)
- docs: init package clarity and cleanup by
[@&#8203;AustinAbro321](https://togithub.com/AustinAbro321) in
[https://github.com/defenseunicorns/zarf/pull/2447](https://togithub.com/defenseunicorns/zarf/pull/2447)
- ci: compare cves to main by
[@&#8203;AustinAbro321](https://togithub.com/AustinAbro321) in
[https://github.com/defenseunicorns/zarf/pull/2448](https://togithub.com/defenseunicorns/zarf/pull/2448)
- test: unpin version in bigbang extension test by
[@&#8203;lucasrod16](https://togithub.com/lucasrod16) in
[https://github.com/defenseunicorns/zarf/pull/2459](https://togithub.com/defenseunicorns/zarf/pull/2459)
- fix: broken schema from unexpanded embedded variables by
[@&#8203;AustinAbro321](https://togithub.com/AustinAbro321) in
[https://github.com/defenseunicorns/zarf/pull/2458](https://togithub.com/defenseunicorns/zarf/pull/2458)
- fix: error on create if an index sha is used by
[@&#8203;AustinAbro321](https://togithub.com/AustinAbro321) in
[https://github.com/defenseunicorns/zarf/pull/2429](https://togithub.com/defenseunicorns/zarf/pull/2429)

#### New Contributors

- [@&#8203;Michael-Kruggel](https://togithub.com/Michael-Kruggel) made
their first contribution in
[https://github.com/defenseunicorns/zarf/pull/2440](https://togithub.com/defenseunicorns/zarf/pull/2440)

**Full Changelog**:
zarf-dev/zarf@v0.33.0...v0.33.1

###
[`v0.33.0`](https://togithub.com/defenseunicorns/zarf/releases/tag/v0.33.0)

[Compare
Source](https://togithub.com/defenseunicorns/zarf/compare/v0.32.6...v0.33.0)

#### What's Changed

- fix: update deprecated syft packages command to syft scan by
[@&#8203;lucasrod16](https://togithub.com/lucasrod16) in
[https://github.com/defenseunicorns/zarf/pull/2399](https://togithub.com/defenseunicorns/zarf/pull/2399)
- chore: move helpers to defenseunicorns/pkg by
[@&#8203;AustinAbro321](https://togithub.com/AustinAbro321) in
[https://github.com/defenseunicorns/zarf/pull/2402](https://togithub.com/defenseunicorns/zarf/pull/2402)
- fix(deps): update github.com/anchore/clio digest to
[`fb5fc4c`](https://togithub.com/defenseunicorns/zarf/commit/fb5fc4c) by
[@&#8203;renovate](https://togithub.com/renovate) in
[https://github.com/defenseunicorns/zarf/pull/2366](https://togithub.com/defenseunicorns/zarf/pull/2366)
- feat(tools): add yq by
[@&#8203;zachariahmiller](https://togithub.com/zachariahmiller) in
[https://github.com/defenseunicorns/zarf/pull/2406](https://togithub.com/defenseunicorns/zarf/pull/2406)
- chore: switch to use oci lib in defenseunicorns/pkg by
[@&#8203;AustinAbro321](https://togithub.com/AustinAbro321) in
[https://github.com/defenseunicorns/zarf/pull/2404](https://togithub.com/defenseunicorns/zarf/pull/2404)
- fix(deps): update module github.com/defenseunicorns/pkg/helpers to v1
by [@&#8203;renovate](https://togithub.com/renovate) in
[https://github.com/defenseunicorns/zarf/pull/2411](https://togithub.com/defenseunicorns/zarf/pull/2411)
- fix: use env var for PR title in commitlint workflow to prevent
untrusted script injection by
[@&#8203;lucasrod16](https://togithub.com/lucasrod16) in
[https://github.com/defenseunicorns/zarf/pull/2418](https://togithub.com/defenseunicorns/zarf/pull/2418)
- fix: use default GITHUB_TOKEN for ossf/scorecard-action by
[@&#8203;bburky](https://togithub.com/bburky) in
[https://github.com/defenseunicorns/zarf/pull/2416](https://togithub.com/defenseunicorns/zarf/pull/2416)
- fix: remove duplicate logic for writing image layers to disk
concurrently by [@&#8203;lucasrod16](https://togithub.com/lucasrod16) in
[https://github.com/defenseunicorns/zarf/pull/2409](https://togithub.com/defenseunicorns/zarf/pull/2409)
- feat: add option to skip cosign lookup during find images by
[@&#8203;Racer159](https://togithub.com/Racer159) in
[https://github.com/defenseunicorns/zarf/pull/2427](https://togithub.com/defenseunicorns/zarf/pull/2427)
- feat: allow chart deploy overrides ALPHA by
[@&#8203;naveensrinivasan](https://togithub.com/naveensrinivasan) in
[https://github.com/defenseunicorns/zarf/pull/2403](https://togithub.com/defenseunicorns/zarf/pull/2403)
- chore: update pull_request_template.md by
[@&#8203;Noxsios](https://togithub.com/Noxsios) in
[https://github.com/defenseunicorns/zarf/pull/2428](https://togithub.com/defenseunicorns/zarf/pull/2428)
- ci: pin k3s image version in k3d github action by
[@&#8203;lucasrod16](https://togithub.com/lucasrod16) in
[https://github.com/defenseunicorns/zarf/pull/2430](https://togithub.com/defenseunicorns/zarf/pull/2430)
- feat(docs): port docs to starlight by
[@&#8203;Noxsios](https://togithub.com/Noxsios) in
[https://github.com/defenseunicorns/zarf/pull/2315](https://togithub.com/defenseunicorns/zarf/pull/2315)

#### New Contributors

- [@&#8203;zachariahmiller](https://togithub.com/zachariahmiller) made
their first contribution in
[https://github.com/defenseunicorns/zarf/pull/2406](https://togithub.com/defenseunicorns/zarf/pull/2406)
- [@&#8203;bburky](https://togithub.com/bburky) made their first
contribution in
[https://github.com/defenseunicorns/zarf/pull/2416](https://togithub.com/defenseunicorns/zarf/pull/2416)

**Full Changelog**:
zarf-dev/zarf@v0.32.6...v0.33.0

###
[`v0.32.6`](https://togithub.com/defenseunicorns/zarf/releases/tag/v0.32.6)

[Compare
Source](https://togithub.com/defenseunicorns/zarf/compare/v0.32.5...v0.32.6)

#### \[0.32.6] - 2024-03-22

> trying out some different release note generators, formatting may vary
for a few releases while we figure out what works best
~[@&#8203;Noxsios](https://togithub.com/Noxsios)

##### 🚀 Features

- \[**ALPHA**] feat: package generation ALPHA by
[@&#8203;andrewg-xyz](https://togithub.com/andrewg-xyz) in
[#&#8203;2269](https://togithub.com/defenseunicorns/zarf/pull/2269)
- *(lib)* feat(lib): configurable log file location by
[@&#8203;Noxsios](https://togithub.com/Noxsios) in
[#&#8203;2380](https://togithub.com/defenseunicorns/zarf/pull/2380)
- \[**BREAKING**] feat!: filter package components with strategy
interface by [@&#8203;Noxsios](https://togithub.com/Noxsios) in
[#&#8203;2321](https://togithub.com/defenseunicorns/zarf/pull/2321)

##### 🐛 Bug Fixes

- fix: refactor create stages into separate lib by
[@&#8203;lucasrod16](https://togithub.com/lucasrod16) in
[#&#8203;2223](https://togithub.com/defenseunicorns/zarf/pull/2223)
- fix: handle registry caBundle as a multiline string by
[@&#8203;AbrohamLincoln](https://togithub.com/AbrohamLincoln) in
[#&#8203;2381](https://togithub.com/defenseunicorns/zarf/pull/2381)
- *(regression)* fix: populate `p.sbomViewFiles` on `deploy` and
`mirror` by [@&#8203;lucasrod16](https://togithub.com/lucasrod16) in
[#&#8203;2386](https://togithub.com/defenseunicorns/zarf/pull/2386)
- fix: allow absolute paths for differential packages by
[@&#8203;AustinAbro321](https://togithub.com/AustinAbro321) in
[#&#8203;2397](https://togithub.com/defenseunicorns/zarf/pull/2397)
- fix: hotfix skeleton publish by
[@&#8203;Noxsios](https://togithub.com/Noxsios) in
[#&#8203;2398](https://togithub.com/defenseunicorns/zarf/pull/2398)

##### 🚜 Refactor

- refactor: split helpers/exec libs by
[@&#8203;Racer159](https://togithub.com/Racer159) in
[#&#8203;2379](https://togithub.com/defenseunicorns/zarf/pull/2379)

##### 🧪 Testing

- test: data injection flake by
[@&#8203;lucasrod16](https://togithub.com/lucasrod16) in
[#&#8203;2361](https://togithub.com/defenseunicorns/zarf/pull/2361)

##### ⚙️ Miscellaneous Tasks

- ci: add commitlint workflow and update contributing guide by
[@&#8203;lucasrod16](https://togithub.com/lucasrod16) in
[#&#8203;2391](https://togithub.com/defenseunicorns/zarf/pull/2391)

##### 🛡️ Security

- *(release)* build: create PRs on `homebrew-tap` by
[@&#8203;Noxsios](https://togithub.com/Noxsios) in
[#&#8203;2385](https://togithub.com/defenseunicorns/zarf/pull/2385)

**Full Changelog**:
zarf-dev/zarf@v0.32.5...v0.32.6

</details>

<details>
<summary>github/codeql-action (github/codeql-action)</summary>

###
[`v3.25.6`](https://togithub.com/github/codeql-action/compare/v3.25.5...v3.25.6)

[Compare
Source](https://togithub.com/github/codeql-action/compare/v3.25.5...v3.25.6)

###
[`v3.25.5`](https://togithub.com/github/codeql-action/compare/v3.25.4...v3.25.5)

[Compare
Source](https://togithub.com/github/codeql-action/compare/v3.25.4...v3.25.5)

###
[`v3.25.4`](https://togithub.com/github/codeql-action/compare/v3.25.3...v3.25.4)

[Compare
Source](https://togithub.com/github/codeql-action/compare/v3.25.3...v3.25.4)

</details>

<details>
<summary>goreleaser/goreleaser-action
(goreleaser/goreleaser-action)</summary>

###
[`v5.1.0`](https://togithub.com/goreleaser/goreleaser-action/releases/tag/v5.1.0)

[Compare
Source](https://togithub.com/goreleaser/goreleaser-action/compare/v5.0.0...v5.1.0)

#### Important

This version changes the default behavior of `latest` to `~> v1`.

The next major of this action (v6), will change this to `~> v2`, and
will be launched together with GoReleaser v2.

#### What's Changed

- docs: bump actions to latest major by
[@&#8203;crazy-max](https://togithub.com/crazy-max) in
[https://github.com/goreleaser/goreleaser-action/pull/435](https://togithub.com/goreleaser/goreleaser-action/pull/435)
- chore(deps): bump docker/bake-action from 3 to 4 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/goreleaser/goreleaser-action/pull/436](https://togithub.com/goreleaser/goreleaser-action/pull/436)
- chore(deps): bump codecov/codecov-action from 3 to 4 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/goreleaser/goreleaser-action/pull/437](https://togithub.com/goreleaser/goreleaser-action/pull/437)
- chore(deps): bump actions/setup-go from 4 to 5 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/goreleaser/goreleaser-action/pull/443](https://togithub.com/goreleaser/goreleaser-action/pull/443)
- chore(deps): bump actions/upload-artifact from 3 to 4 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/goreleaser/goreleaser-action/pull/444](https://togithub.com/goreleaser/goreleaser-action/pull/444)
- Delete .kodiak.toml by
[@&#8203;vedantmgoyal9](https://togithub.com/vedantmgoyal9) in
[https://github.com/goreleaser/goreleaser-action/pull/446](https://togithub.com/goreleaser/goreleaser-action/pull/446)
- chore(deps): bump codecov/codecov-action from 3 to 4 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/goreleaser/goreleaser-action/pull/448](https://togithub.com/goreleaser/goreleaser-action/pull/448)
- chore(deps): bump ip from 2.0.0 to 2.0.1 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/goreleaser/goreleaser-action/pull/450](https://togithub.com/goreleaser/goreleaser-action/pull/450)
- Upgrade setup-go action version in README by
[@&#8203;kishaningithub](https://togithub.com/kishaningithub) in
[https://github.com/goreleaser/goreleaser-action/pull/455](https://togithub.com/goreleaser/goreleaser-action/pull/455)
- chore(deps): bump tar from 6.1.14 to 6.2.1 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/goreleaser/goreleaser-action/pull/456](https://togithub.com/goreleaser/goreleaser-action/pull/456)
- chore: use corepack to install yarn by
[@&#8203;crazy-max](https://togithub.com/crazy-max) in
[https://github.com/goreleaser/goreleaser-action/pull/458](https://togithub.com/goreleaser/goreleaser-action/pull/458)
- feat: lock this major version of the action to use '~> v1' as 'latest'
by [@&#8203;caarlos0](https://togithub.com/caarlos0) in
[https://github.com/goreleaser/goreleaser-action/pull/461](https://togithub.com/goreleaser/goreleaser-action/pull/461)
- chore(deps): bump semver from 7.6.0 to 7.6.2 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/goreleaser/goreleaser-action/pull/462](https://togithub.com/goreleaser/goreleaser-action/pull/462)
- chore(deps): bump
[@&#8203;actions/http-client](https://togithub.com/actions/http-client)
from 2.2.0 to 2.2.1 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/goreleaser/goreleaser-action/pull/451](https://togithub.com/goreleaser/goreleaser-action/pull/451)

#### New Contributors

- [@&#8203;vedantmgoyal9](https://togithub.com/vedantmgoyal9) made their
first contribution in
[https://github.com/goreleaser/goreleaser-action/pull/446](https://togithub.com/goreleaser/goreleaser-action/pull/446)

**Full Changelog**:
goreleaser/goreleaser-action@v5.0.0...v5.1.0

</details>

<details>
<summary>ossf/scorecard-action (ossf/scorecard-action)</summary>

###
[`v2.3.3`](https://togithub.com/ossf/scorecard-action/releases/tag/v2.3.3)

[Compare
Source](https://togithub.com/ossf/scorecard-action/compare/v2.3.2...v2.3.3)

> \[!NOTE]\
> There is no v2.3.2 release as a step was skipped in the release
process. This was fixed and re-released under the v2.3.3 tag

#### What's Changed

- 🌱 Bump github.com/ossf/scorecard/v4 (v4.13.1) to
github.com/ossf/scorecard/v5 (v5.0.0-rc1) by
[@&#8203;spencerschrock](https://togithub.com/spencerschrock) in
[https://github.com/ossf/scorecard-action/pull/1366](https://togithub.com/ossf/scorecard-action/pull/1366)
- 🌱 Bump github.com/ossf/scorecard/v5 from v5.0.0-rc1 to
v5.0.0-rc2 by
[@&#8203;spencerschrock](https://togithub.com/spencerschrock) in
[https://github.com/ossf/scorecard-action/pull/1374](https://togithub.com/ossf/scorecard-action/pull/1374)
- 🌱 Bump github.com/ossf/scorecard/v5 from v5.0.0-rc2 to
v5.0.0-rc2.0.20240509182734-7ce860946928 by
[@&#8203;spencerschrock](https://togithub.com/spencerschrock) in
[https://github.com/ossf/scorecard-action/pull/1377](https://togithub.com/ossf/scorecard-action/pull/1377)

For a full changelist of what these include, see the
[v5.0.0-rc1](https://togithub.com/ossf/scorecard/releases/tag/v5.0.0-rc1)
and
[v5.0.0-rc2](https://togithub.com/ossf/scorecard/releases/tag/v5.0.0-rc2)
release notes.

##### Documentation

- 📖 Move token discussion out of main README. by
[@&#8203;spencerschrock](https://togithub.com/spencerschrock) in
[https://github.com/ossf/scorecard-action/pull/1279](https://togithub.com/ossf/scorecard-action/pull/1279)
- 📖 link to `ossf/scorecard` workflow instead of maintaining an
example by [@&#8203;spencerschrock](https://togithub.com/spencerschrock)
in
[https://github.com/ossf/scorecard-action/pull/1352](https://togithub.com/ossf/scorecard-action/pull/1352)
- 📖 update api links to new scorecard.dev site by
[@&#8203;spencerschrock](https://togithub.com/spencerschrock) in
[https://github.com/ossf/scorecard-action/pull/1376](https://togithub.com/ossf/scorecard-action/pull/1376)

**Full Changelog**:
ossf/scorecard-action@v2.3.1...v2.3.3

###
[`v2.3.2`](https://togithub.com/ossf/scorecard-action/compare/v2.3.1...v2.3.2)

[Compare
Source](https://togithub.com/ossf/scorecard-action/compare/v2.3.1...v2.3.2)

</details>

---

### Configuration

📅 **Schedule**: Branch creation - "after 12pm every weekday,before 11am
every weekday" in timezone America/New_York, Automerge - At any time (no
schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

👻 **Immortal**: This PR will be recreated if closed unmerged. Get
[config help](https://togithub.com/renovatebot/renovate/discussions) if
that's undesired.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View
repository job log
[here](https://developer.mend.io/github/defenseunicorns/maru-runner).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4zNjguMTAiLCJ1cGRhdGVkSW5WZXIiOiIzNy4zNjguMTAiLCJ0YXJnZXRCcmFuY2giOiJtYWluIiwibGFiZWxzIjpbInN1cHBvcnQtZGVwcyJdfQ==-->

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
andrzej-stencel referenced this pull request in andrzej-stencel/opentelemetry-collector May 27, 2024
[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Type | Update | Change |
|---|---|---|---|
| [actions/setup-go](https://togithub.com/actions/setup-go) | action |
patch | `v5.0.0` -> `v5.0.1` |

---

> [!WARNING]
> Some dependencies could not be looked up. Check the Dependency
Dashboard for more information.

---

### Release Notes

<details>
<summary>actions/setup-go (actions/setup-go)</summary>

###
[`v5.0.1`](https://togithub.com/actions/setup-go/releases/tag/v5.0.1)

[Compare
Source](https://togithub.com/actions/setup-go/compare/v5.0.0...v5.0.1)

#### What's Changed

- Bump undici from 5.28.2 to 5.28.3 and dependencies upgrade by
[@&open-telemetry#8203;dependabot](https://togithub.com/dependabot) ,
[@&open-telemetry#8203;HarithaVattikuti](https://togithub.com/HarithaVattikuti) in
[https://github.com/actions/setup-go/pull/465](https://togithub.com/actions/setup-go/pull/465)
- Update documentation with latest V5 release notes by
[@&open-telemetry#8203;ab](https://togithub.com/ab) in
[https://github.com/actions/setup-go/pull/459](https://togithub.com/actions/setup-go/pull/459)
- Update version documentation by
[@&open-telemetry#8203;178inaba](https://togithub.com/178inaba) in
[https://github.com/actions/setup-go/pull/458](https://togithub.com/actions/setup-go/pull/458)
- Documentation update of `actions/setup-go` to v5 by
[@&open-telemetry#8203;chenrui333](https://togithub.com/chenrui333) in
[https://github.com/actions/setup-go/pull/449](https://togithub.com/actions/setup-go/pull/449)

#### New Contributors

- [@&open-telemetry#8203;ab](https://togithub.com/ab) made their first contribution in
[https://github.com/actions/setup-go/pull/459](https://togithub.com/actions/setup-go/pull/459)

**Full Changelog**:
actions/setup-go@v5.0.0...v5.0.1

</details>

---

### Configuration

📅 **Schedule**: Branch creation - "on tuesday" (UTC), Automerge - At any
time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View
repository job log
[here](https://developer.mend.io/github/open-telemetry/opentelemetry-collector).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4zNDAuMTAiLCJ1cGRhdGVkSW5WZXIiOiIzNy4zNDAuMTAiLCJ0YXJnZXRCcmFuY2giOiJtYWluIiwibGFiZWxzIjpbImRlcGVuZGVuY2llcyIsInJlbm92YXRlYm90Il19-->

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Yang Song <songy23@users.noreply.github.com>
josieang referenced this pull request in josieang/osv-scanner Jun 6, 2024
[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Type | Update | Change |
|---|---|---|---|
| [actions/checkout](https://togithub.com/actions/checkout) | action |
patch | `v4.1.1` -> `v4.1.4` |
|
[actions/download-artifact](https://togithub.com/actions/download-artifact)
| action | patch | `v4.1.4` -> `v4.1.7` |
| [actions/setup-go](https://togithub.com/actions/setup-go) | action |
patch | `v5.0.0` -> `v5.0.1` |
|
[actions/upload-artifact](https://togithub.com/actions/upload-artifact)
| action | patch | `v4.3.1` -> `v4.3.3` |
| [codecov/codecov-action](https://togithub.com/codecov/codecov-action)
| action | patch | `v4.3.0` -> `v4.3.1` |
| [github/codeql-action](https://togithub.com/github/codeql-action) |
action | minor | `v3.24.10` -> `v3.25.3` |
|
[golangci/golangci-lint-action](https://togithub.com/golangci/golangci-lint-action)
| action | patch | `v4.0.0` -> `v4.0.1` |

---

### Release Notes

<details>
<summary>actions/checkout (actions/checkout)</summary>

###
[`v4.1.4`](https://togithub.com/actions/checkout/blob/HEAD/CHANGELOG.md#v414)

[Compare
Source](https://togithub.com/actions/checkout/compare/v4.1.3...v4.1.4)

- Disable `extensions.worktreeConfig` when disabling `sparse-checkout`
by [@&#8203;jww3](https://togithub.com/jww3) in
[https://github.com/actions/checkout/pull/1692](https://togithub.com/actions/checkout/pull/1692)
- Add dependabot config by
[@&#8203;cory-miller](https://togithub.com/cory-miller) in
[https://github.com/actions/checkout/pull/1688](https://togithub.com/actions/checkout/pull/1688)
- Bump the minor-actions-dependencies group with 2 updates by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/actions/checkout/pull/1693](https://togithub.com/actions/checkout/pull/1693)
- Bump word-wrap from 1.2.3 to 1.2.5 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/actions/checkout/pull/1643](https://togithub.com/actions/checkout/pull/1643)

###
[`v4.1.3`](https://togithub.com/actions/checkout/releases/tag/v4.1.3)

[Compare
Source](https://togithub.com/actions/checkout/compare/v4.1.2...v4.1.3)

#### What's Changed

- Update `actions/checkout` version in `update-main-version.yml` by
[@&#8203;jww3](https://togithub.com/jww3) in
[https://github.com/actions/checkout/pull/1650](https://togithub.com/actions/checkout/pull/1650)
- Check git version before attempting to disable `sparse-checkout` by
[@&#8203;jww3](https://togithub.com/jww3) in
[https://github.com/actions/checkout/pull/1656](https://togithub.com/actions/checkout/pull/1656)
- Add SSH user parameter by
[@&#8203;cory-miller](https://togithub.com/cory-miller) in
[https://github.com/actions/checkout/pull/1685](https://togithub.com/actions/checkout/pull/1685)

**Full Changelog**:
actions/checkout@v4.1.2...v4.1.3

###
[`v4.1.2`](https://togithub.com/actions/checkout/blob/HEAD/CHANGELOG.md#v412)

[Compare
Source](https://togithub.com/actions/checkout/compare/v4.1.1...v4.1.2)

- Fix: Disable sparse checkout whenever `sparse-checkout` option is not
present [@&#8203;dscho](https://togithub.com/dscho) in
[https://github.com/actions/checkout/pull/1598](https://togithub.com/actions/checkout/pull/1598)

</details>

<details>
<summary>actions/download-artifact (actions/download-artifact)</summary>

###
[`v4.1.7`](https://togithub.com/actions/download-artifact/releases/tag/v4.1.7)

[Compare
Source](https://togithub.com/actions/download-artifact/compare/v4.1.6...v4.1.7)

#### What's Changed

- Update
[@&#8203;actions/artifact](https://togithub.com/actions/artifact)
dependency by [@&#8203;bethanyj28](https://togithub.com/bethanyj28) in
[https://github.com/actions/download-artifact/pull/325](https://togithub.com/actions/download-artifact/pull/325)

**Full Changelog**:
actions/download-artifact@v4.1.6...v4.1.7

###
[`v4.1.6`](https://togithub.com/actions/download-artifact/releases/tag/v4.1.6)

[Compare
Source](https://togithub.com/actions/download-artifact/compare/v4.1.5...v4.1.6)

#### What's Changed

- updating `@actions/artifact` dependency to v2.1.6 by
[@&#8203;eggyhead](https://togithub.com/eggyhead) in
[https://github.com/actions/download-artifact/pull/324](https://togithub.com/actions/download-artifact/pull/324)

**Full Changelog**:
actions/download-artifact@v4.1.5...v4.1.6

###
[`v4.1.5`](https://togithub.com/actions/download-artifact/releases/tag/v4.1.5)

[Compare
Source](https://togithub.com/actions/download-artifact/compare/v4.1.4...v4.1.5)

#### What's Changed

- Update readme with v3/v2/v1 deprecation notice by
[@&#8203;robherley](https://togithub.com/robherley) in
[https://github.com/actions/download-artifact/pull/322](https://togithub.com/actions/download-artifact/pull/322)
- Update dependencies `@actions/core` to v1.10.1 and `@actions/artifact`
to v2.1.5

**Full Changelog**:
actions/download-artifact@v4.1.4...v4.1.5

</details>

<details>
<summary>actions/setup-go (actions/setup-go)</summary>

###
[`v5.0.1`](https://togithub.com/actions/setup-go/releases/tag/v5.0.1)

[Compare
Source](https://togithub.com/actions/setup-go/compare/v5.0.0...v5.0.1)

#### What's Changed

- Bump undici from 5.28.2 to 5.28.3 and dependencies upgrade by
[@&#8203;dependabot](https://togithub.com/dependabot) ,
[@&#8203;HarithaVattikuti](https://togithub.com/HarithaVattikuti) in
[https://github.com/actions/setup-go/pull/465](https://togithub.com/actions/setup-go/pull/465)
- Update documentation with latest V5 release notes by
[@&#8203;ab](https://togithub.com/ab) in
[https://github.com/actions/setup-go/pull/459](https://togithub.com/actions/setup-go/pull/459)
- Update version documentation by
[@&#8203;178inaba](https://togithub.com/178inaba) in
[https://github.com/actions/setup-go/pull/458](https://togithub.com/actions/setup-go/pull/458)
- Documentation update of `actions/setup-go` to v5 by
[@&#8203;chenrui333](https://togithub.com/chenrui333) in
[https://github.com/actions/setup-go/pull/449](https://togithub.com/actions/setup-go/pull/449)

#### New Contributors

- [@&#8203;ab](https://togithub.com/ab) made their first contribution in
[https://github.com/actions/setup-go/pull/459](https://togithub.com/actions/setup-go/pull/459)

**Full Changelog**:
actions/setup-go@v5.0.0...v5.0.1

</details>

<details>
<summary>actions/upload-artifact (actions/upload-artifact)</summary>

###
[`v4.3.3`](https://togithub.com/actions/upload-artifact/releases/tag/v4.3.3)

[Compare
Source](https://togithub.com/actions/upload-artifact/compare/v4.3.2...v4.3.3)

##### What's Changed

- updating `@actions/artifact` dependency to v2.1.6 by
[@&#8203;eggyhead](https://togithub.com/eggyhead) in
[https://github.com/actions/upload-artifact/pull/565](https://togithub.com/actions/upload-artifact/pull/565)

**Full Changelog**:
actions/upload-artifact@v4.3.2...v4.3.3

###
[`v4.3.2`](https://togithub.com/actions/upload-artifact/releases/tag/v4.3.2)

[Compare
Source](https://togithub.com/actions/upload-artifact/compare/v4.3.1...v4.3.2)

#### What's Changed

- Update release-new-action-version.yml by
[@&#8203;konradpabjan](https://togithub.com/konradpabjan) in
[https://github.com/actions/upload-artifact/pull/516](https://togithub.com/actions/upload-artifact/pull/516)
- Minor fix to the migration readme by
[@&#8203;andrewakim](https://togithub.com/andrewakim) in
[https://github.com/actions/upload-artifact/pull/523](https://togithub.com/actions/upload-artifact/pull/523)
- Update readme with v3/v2/v1 deprecation notice by
[@&#8203;robherley](https://togithub.com/robherley) in
[https://github.com/actions/upload-artifact/pull/561](https://togithub.com/actions/upload-artifact/pull/561)
- updating `@actions/artifact` dependency to v2.1.5 and `@actions/core`
to v1.0.1 by [@&#8203;eggyhead](https://togithub.com/eggyhead) in
[https://github.com/actions/upload-artifact/pull/562](https://togithub.com/actions/upload-artifact/pull/562)

#### New Contributors

- [@&#8203;andrewakim](https://togithub.com/andrewakim) made their first
contribution in
[https://github.com/actions/upload-artifact/pull/523](https://togithub.com/actions/upload-artifact/pull/523)

**Full Changelog**:
actions/upload-artifact@v4.3.1...v4.3.2

</details>

<details>
<summary>codecov/codecov-action (codecov/codecov-action)</summary>

###
[`v4.3.1`](https://togithub.com/codecov/codecov-action/compare/v4.3.0...v4.3.1)

[Compare
Source](https://togithub.com/codecov/codecov-action/compare/v4.3.0...v4.3.1)

</details>

<details>
<summary>github/codeql-action (github/codeql-action)</summary>

###
[`v3.25.3`](https://togithub.com/github/codeql-action/compare/v3.25.2...v3.25.3)

[Compare
Source](https://togithub.com/github/codeql-action/compare/v3.25.2...v3.25.3)

###
[`v3.25.2`](https://togithub.com/github/codeql-action/compare/v3.25.1...v3.25.2)

[Compare
Source](https://togithub.com/github/codeql-action/compare/v3.25.1...v3.25.2)

###
[`v3.25.1`](https://togithub.com/github/codeql-action/compare/v3.25.0...v3.25.1)

[Compare
Source](https://togithub.com/github/codeql-action/compare/v3.25.0...v3.25.1)

###
[`v3.25.0`](https://togithub.com/github/codeql-action/compare/v3.24.10...v3.25.0)

[Compare
Source](https://togithub.com/github/codeql-action/compare/v3.24.10...v3.25.0)

</details>

<details>
<summary>golangci/golangci-lint-action
(golangci/golangci-lint-action)</summary>

###
[`v4.0.1`](https://togithub.com/golangci/golangci-lint-action/releases/tag/v4.0.1)

[Compare
Source](https://togithub.com/golangci/golangci-lint-action/compare/v4.0.0...v4.0.1)

<!-- Release notes generated using configuration in .github/release.yml
at v4.0.1 -->

#### What's Changed

##### Documentation

- docs: update the version of the action used in the README example by
[@&#8203;178inaba](https://togithub.com/178inaba) in
[https://github.com/golangci/golangci-lint-action/pull/977](https://togithub.com/golangci/golangci-lint-action/pull/977)

##### Dependencies

- build(deps): bump
[@&#8203;types/semver](https://togithub.com/types/semver) from 7.5.6 to
7.5.7 by [@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/golangci/golangci-lint-action/pull/969](https://togithub.com/golangci/golangci-lint-action/pull/969)
- build(deps-dev): bump
[@&#8203;typescript-eslint/parser](https://togithub.com/typescript-eslint/parser)
from 6.20.0 to 6.21.0 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/golangci/golangci-lint-action/pull/970](https://togithub.com/golangci/golangci-lint-action/pull/970)
- build(deps-dev): bump eslint-plugin-simple-import-sort from 10.0.0 to
12.0.0 by [@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/golangci/golangci-lint-action/pull/971](https://togithub.com/golangci/golangci-lint-action/pull/971)
- build(deps-dev): bump
[@&#8203;typescript-eslint/eslint-plugin](https://togithub.com/typescript-eslint/eslint-plugin)
from 6.20.0 to 6.21.0 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/golangci/golangci-lint-action/pull/973](https://togithub.com/golangci/golangci-lint-action/pull/973)
- build(deps): bump
[@&#8203;types/node](https://togithub.com/types/node) from 20.11.16 to
20.11.17 by [@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/golangci/golangci-lint-action/pull/972](https://togithub.com/golangci/golangci-lint-action/pull/972)
- build(deps): bump
[@&#8203;types/node](https://togithub.com/types/node) from 20.11.17 to
20.11.19 by [@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/golangci/golangci-lint-action/pull/979](https://togithub.com/golangci/golangci-lint-action/pull/979)
- build(deps-dev): bump
[@&#8203;typescript-eslint/eslint-plugin](https://togithub.com/typescript-eslint/eslint-plugin)
from 6.21.0 to 7.0.0 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/golangci/golangci-lint-action/pull/980](https://togithub.com/golangci/golangci-lint-action/pull/980)
- build(deps): bump undici from 5.26.3 to 5.28.3 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/golangci/golangci-lint-action/pull/976](https://togithub.com/golangci/golangci-lint-action/pull/976)
- build(deps): bump
[@&#8203;types/node](https://togithub.com/types/node) from 20.11.19 to
20.11.20 by [@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/golangci/golangci-lint-action/pull/985](https://togithub.com/golangci/golangci-lint-action/pull/985)
- build(deps): bump
[@&#8203;types/semver](https://togithub.com/types/semver) from 7.5.7 to
7.5.8 by [@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/golangci/golangci-lint-action/pull/986](https://togithub.com/golangci/golangci-lint-action/pull/986)
- build(deps-dev): bump eslint from 8.56.0 to 8.57.0 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/golangci/golangci-lint-action/pull/987](https://togithub.com/golangci/golangci-lint-action/pull/987)
- build(deps): bump tmp from 0.2.1 to 0.2.3 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/golangci/golangci-lint-action/pull/989](https://togithub.com/golangci/golangci-lint-action/pull/989)
- build(deps-dev): bump
[@&#8203;typescript-eslint/parser](https://togithub.com/typescript-eslint/parser)
from 6.21.0 to 7.1.0 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/golangci/golangci-lint-action/pull/988](https://togithub.com/golangci/golangci-lint-action/pull/988)
- build(deps): bump
[@&#8203;types/node](https://togithub.com/types/node) from 20.11.20 to
20.11.24 by [@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/golangci/golangci-lint-action/pull/990](https://togithub.com/golangci/golangci-lint-action/pull/990)
- build(deps-dev): bump
[@&#8203;typescript-eslint/parser](https://togithub.com/typescript-eslint/parser)
from 7.1.0 to 7.1.1 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/golangci/golangci-lint-action/pull/991](https://togithub.com/golangci/golangci-lint-action/pull/991)
- build(deps): bump
[@&#8203;types/node](https://togithub.com/types/node) from 20.11.24 to
20.11.25 by [@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/golangci/golangci-lint-action/pull/992](https://togithub.com/golangci/golangci-lint-action/pull/992)
- build(deps-dev): bump typescript from 5.3.3 to 5.4.2 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/golangci/golangci-lint-action/pull/993](https://togithub.com/golangci/golangci-lint-action/pull/993)
- build(deps-dev): bump
[@&#8203;typescript-eslint/eslint-plugin](https://togithub.com/typescript-eslint/eslint-plugin)
from 7.1.0 to 7.1.1 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/golangci/golangci-lint-action/pull/994](https://togithub.com/golangci/golangci-lint-action/pull/994)
- build(deps): bump
[@&#8203;actions/http-client](https://togithub.com/actions/http-client)
from 2.2.0 to 2.2.1 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/golangci/golangci-lint-action/pull/995](https://togithub.com/golangci/golangci-lint-action/pull/995)
- build(deps): bump google.golang.org/protobuf from 1.28.0 to 1.33.0 in
/sample-go-mod by [@&#8203;dependabot](https://togithub.com/dependabot)
in
[https://github.com/golangci/golangci-lint-action/pull/997](https://togithub.com/golangci/golangci-lint-action/pull/997)
- build(deps-dev): bump
[@&#8203;typescript-eslint/parser](https://togithub.com/typescript-eslint/parser)
from 7.1.1 to 7.2.0 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/golangci/golangci-lint-action/pull/998](https://togithub.com/golangci/golangci-lint-action/pull/998)
- build(deps): bump
[@&#8203;types/node](https://togithub.com/types/node) from 20.11.25 to
20.11.28 by [@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/golangci/golangci-lint-action/pull/1000](https://togithub.com/golangci/golangci-lint-action/pull/1000)
- build(deps-dev): bump
[@&#8203;typescript-eslint/eslint-plugin](https://togithub.com/typescript-eslint/eslint-plugin)
from 7.1.1 to 7.2.0 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/golangci/golangci-lint-action/pull/999](https://togithub.com/golangci/golangci-lint-action/pull/999)
- build(deps-dev): bump
[@&#8203;typescript-eslint/eslint-plugin](https://togithub.com/typescript-eslint/eslint-plugin)
from 7.2.0 to 7.3.1 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/golangci/golangci-lint-action/pull/1003](https://togithub.com/golangci/golangci-lint-action/pull/1003)
- build(deps): bump
[@&#8203;types/node](https://togithub.com/types/node) from 20.11.28 to
20.11.30 by [@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/golangci/golangci-lint-action/pull/1004](https://togithub.com/golangci/golangci-lint-action/pull/1004)
- build(deps-dev): bump typescript from 5.4.2 to 5.4.3 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/golangci/golangci-lint-action/pull/1005](https://togithub.com/golangci/golangci-lint-action/pull/1005)
- build(deps-dev): bump
[@&#8203;typescript-eslint/parser](https://togithub.com/typescript-eslint/parser)
from 7.2.0 to 7.3.1 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/golangci/golangci-lint-action/pull/1006](https://togithub.com/golangci/golangci-lint-action/pull/1006)
- build(deps): bump
[@&#8203;types/node](https://togithub.com/types/node) from 20.11.30 to
20.12.2 by [@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/golangci/golangci-lint-action/pull/1007](https://togithub.com/golangci/golangci-lint-action/pull/1007)
- build(deps-dev): bump
[@&#8203;typescript-eslint/eslint-plugin](https://togithub.com/typescript-eslint/eslint-plugin)
from 7.3.1 to 7.4.0 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/golangci/golangci-lint-action/pull/1008](https://togithub.com/golangci/golangci-lint-action/pull/1008)
- build(deps-dev): bump
[@&#8203;typescript-eslint/parser](https://togithub.com/typescript-eslint/parser)
from 7.3.1 to 7.4.0 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/golangci/golangci-lint-action/pull/1009](https://togithub.com/golangci/golangci-lint-action/pull/1009)
- build(deps): bump undici from 5.28.3 to 5.28.4 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/golangci/golangci-lint-action/pull/1010](https://togithub.com/golangci/golangci-lint-action/pull/1010)
- build(deps-dev): bump typescript from 5.4.3 to 5.4.4 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/golangci/golangci-lint-action/pull/1011](https://togithub.com/golangci/golangci-lint-action/pull/1011)
- build(deps): bump
[@&#8203;types/node](https://togithub.com/types/node) from 20.12.2 to
20.12.5 by [@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/golangci/golangci-lint-action/pull/1012](https://togithub.com/golangci/golangci-lint-action/pull/1012)
- build(deps-dev): bump
[@&#8203;typescript-eslint/eslint-plugin](https://togithub.com/typescript-eslint/eslint-plugin)
from 7.4.0 to 7.5.0 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/golangci/golangci-lint-action/pull/1013](https://togithub.com/golangci/golangci-lint-action/pull/1013)
- build(deps-dev): bump
[@&#8203;typescript-eslint/parser](https://togithub.com/typescript-eslint/parser)
from 7.4.0 to 7.5.0 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/golangci/golangci-lint-action/pull/1014](https://togithub.com/golangci/golangci-lint-action/pull/1014)
- build(deps): bump
[@&#8203;types/node](https://togithub.com/types/node) from 20.12.5 to
20.12.7 by [@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/golangci/golangci-lint-action/pull/1016](https://togithub.com/golangci/golangci-lint-action/pull/1016)
- build(deps-dev): bump typescript from 5.4.4 to 5.4.5 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/golangci/golangci-lint-action/pull/1017](https://togithub.com/golangci/golangci-lint-action/pull/1017)
- build(deps-dev): bump
[@&#8203;typescript-eslint/eslint-plugin](https://togithub.com/typescript-eslint/eslint-plugin)
from 7.5.0 to 7.6.0 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/golangci/golangci-lint-action/pull/1019](https://togithub.com/golangci/golangci-lint-action/pull/1019)
- build(deps-dev): bump eslint-plugin-simple-import-sort from 12.0.0 to
12.1.0 by [@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/golangci/golangci-lint-action/pull/1018](https://togithub.com/golangci/golangci-lint-action/pull/1018)
- build(deps-dev): bump
[@&#8203;typescript-eslint/parser](https://togithub.com/typescript-eslint/parser)
from 7.5.0 to 7.7.0 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/golangci/golangci-lint-action/pull/1022](https://togithub.com/golangci/golangci-lint-action/pull/1022)
- build(deps-dev): bump
[@&#8203;typescript-eslint/eslint-plugin](https://togithub.com/typescript-eslint/eslint-plugin)
from 7.6.0 to 7.7.0 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/golangci/golangci-lint-action/pull/1023](https://togithub.com/golangci/golangci-lint-action/pull/1023)

#### New Contributors

- [@&#8203;178inaba](https://togithub.com/178inaba) made their first
contribution in
[https://github.com/golangci/golangci-lint-action/pull/977](https://togithub.com/golangci/golangci-lint-action/pull/977)

**Full Changelog**:
golangci/golangci-lint-action@v4.0.0...v4.0.1

</details>

---

### Configuration

📅 **Schedule**: Branch creation - "before 6am on monday" in timezone
Australia/Sydney, Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

👻 **Immortal**: This PR will be recreated if closed unmerged. Get
[config help](https://togithub.com/renovatebot/renovate/discussions) if
that's undesired.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View
repository job log
[here](https://developer.mend.io/github/google/osv-scanner).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4zMTMuMSIsInVwZGF0ZWRJblZlciI6IjM3LjM0MC4xMCIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOlsiZGVwZW5kZW5jaWVzIl19-->
yurishkuro referenced this pull request in jaegertracing/jaeger Jun 12, 2024
[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Type | Update | Change |
|---|---|---|---|
| [actions/setup-go](https://togithub.com/actions/setup-go) | action |
patch | `v5.0.0` -> `v5.0.1` |

---

> [!WARNING]
> Some dependencies could not be looked up. Check the Dependency
Dashboard for more information.

---

### Release Notes

<details>
<summary>actions/setup-go (actions/setup-go)</summary>

###
[`v5.0.1`](https://togithub.com/actions/setup-go/releases/tag/v5.0.1)

[Compare
Source](https://togithub.com/actions/setup-go/compare/v5.0.0...v5.0.1)

#### What's Changed

- Bump undici from 5.28.2 to 5.28.3 and dependencies upgrade by
[@&#8203;dependabot](https://togithub.com/dependabot) ,
[@&#8203;HarithaVattikuti](https://togithub.com/HarithaVattikuti) in
[https://github.com/actions/setup-go/pull/465](https://togithub.com/actions/setup-go/pull/465)
- Update documentation with latest V5 release notes by
[@&#8203;ab](https://togithub.com/ab) in
[https://github.com/actions/setup-go/pull/459](https://togithub.com/actions/setup-go/pull/459)
- Update version documentation by
[@&#8203;178inaba](https://togithub.com/178inaba) in
[https://github.com/actions/setup-go/pull/458](https://togithub.com/actions/setup-go/pull/458)
- Documentation update of `actions/setup-go` to v5 by
[@&#8203;chenrui333](https://togithub.com/chenrui333) in
[https://github.com/actions/setup-go/pull/449](https://togithub.com/actions/setup-go/pull/449)

#### New Contributors

- [@&#8203;ab](https://togithub.com/ab) made their first contribution in
[https://github.com/actions/setup-go/pull/459](https://togithub.com/actions/setup-go/pull/459)

**Full Changelog**:
actions/setup-go@v5.0.0...v5.0.1

</details>

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined),
Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View
repository job log
[here](https://developer.mend.io/github/jaegertracing/jaeger).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4zOTMuMCIsInVwZGF0ZWRJblZlciI6IjM3LjM5My4wIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJjaGFuZ2Vsb2c6ZGVwZW5kZW5jaWVzIl19-->

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
steves-canva referenced this pull request in Canva/opentelemetry-collector Jun 14, 2024
[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Type | Update | Change |
|---|---|---|---|
| [actions/setup-go](https://togithub.com/actions/setup-go) | action |
patch | `v5.0.0` -> `v5.0.1` |

---

> [!WARNING]
> Some dependencies could not be looked up. Check the Dependency
Dashboard for more information.

---

### Release Notes

<details>
<summary>actions/setup-go (actions/setup-go)</summary>

###
[`v5.0.1`](https://togithub.com/actions/setup-go/releases/tag/v5.0.1)

[Compare
Source](https://togithub.com/actions/setup-go/compare/v5.0.0...v5.0.1)

#### What's Changed

- Bump undici from 5.28.2 to 5.28.3 and dependencies upgrade by
[@&open-telemetry#8203;dependabot](https://togithub.com/dependabot) ,
[@&open-telemetry#8203;HarithaVattikuti](https://togithub.com/HarithaVattikuti) in
[https://github.com/actions/setup-go/pull/465](https://togithub.com/actions/setup-go/pull/465)
- Update documentation with latest V5 release notes by
[@&open-telemetry#8203;ab](https://togithub.com/ab) in
[https://github.com/actions/setup-go/pull/459](https://togithub.com/actions/setup-go/pull/459)
- Update version documentation by
[@&open-telemetry#8203;178inaba](https://togithub.com/178inaba) in
[https://github.com/actions/setup-go/pull/458](https://togithub.com/actions/setup-go/pull/458)
- Documentation update of `actions/setup-go` to v5 by
[@&open-telemetry#8203;chenrui333](https://togithub.com/chenrui333) in
[https://github.com/actions/setup-go/pull/449](https://togithub.com/actions/setup-go/pull/449)

#### New Contributors

- [@&open-telemetry#8203;ab](https://togithub.com/ab) made their first contribution in
[https://github.com/actions/setup-go/pull/459](https://togithub.com/actions/setup-go/pull/459)

**Full Changelog**:
actions/setup-go@v5.0.0...v5.0.1

</details>

---

### Configuration

📅 **Schedule**: Branch creation - "on tuesday" (UTC), Automerge - At any
time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View
repository job log
[here](https://developer.mend.io/github/open-telemetry/opentelemetry-collector).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4zNDAuMTAiLCJ1cGRhdGVkSW5WZXIiOiIzNy4zNDAuMTAiLCJ0YXJnZXRCcmFuY2giOiJtYWluIiwibGFiZWxzIjpbImRlcGVuZGVuY2llcyIsInJlbm92YXRlYm90Il19-->

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Yang Song <songy23@users.noreply.github.com>
(cherry picked from commit 9bc3249)
steves-canva referenced this pull request in Canva/opentelemetry-collector Jun 14, 2024
* [mdatagen] use mdatagen to produce component internal telemetry (#10054)

#### Description

This updates mdatagen to generate internal telemetry for components
based on metadata.yaml configuration.

#### Testing

Added tests to mdatagen and updated the batch processor to use this as
well for synchronous counters and histogram

---------

Signed-off-by: Alex Boten <223565+codeboten@users.noreply.github.com>
(cherry picked from commit d73235fc9104fdc10f930c36bcf122c7a5bd162c)

* [chore] Update release schedule after release 0.100.0 (#10092)

Signed-off-by: Bogdan Drutu <bogdandrutu@gmail.com>
(cherry picked from commit 430369240f7fc2b640cab48f233cf7d8b39796a4)

* [chore] add unit test for histogram in mdatagen (#10089)

Signed-off-by: Alex Boten <223565+codeboten@users.noreply.github.com>
(cherry picked from commit 7855bf2ababecdddfea82e4b1a15fd81be2d2d66)

* Update module github.com/shirou/gopsutil/v3 to v3.24.4 (#10097)

[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Change | Age | Adoption | Passing | Confidence |
|---|---|---|---|---|---|
| [github.com/shirou/gopsutil/v3](https://togithub.com/shirou/gopsutil)
| `v3.24.3` -> `v3.24.4` |
[![age](https://developer.mend.io/api/mc/badges/age/go/github.com%2fshirou%2fgopsutil%2fv3/v3.24.4?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://developer.mend.io/api/mc/badges/adoption/go/github.com%2fshirou%2fgopsutil%2fv3/v3.24.4?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://developer.mend.io/api/mc/badges/compatibility/go/github.com%2fshirou%2fgopsutil%2fv3/v3.24.3/v3.24.4?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/go/github.com%2fshirou%2fgopsutil%2fv3/v3.24.3/v3.24.4?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|

---

> [!WARNING]
> Some dependencies could not be looked up. Check the Dependency
Dashboard for more information.

---

### Release Notes

<details>
<summary>shirou/gopsutil (github.com/shirou/gopsutil/v3)</summary>

###
[`v3.24.4`](https://togithub.com/shirou/gopsutil/releases/tag/v3.24.4)

[Compare
Source](https://togithub.com/shirou/gopsutil/compare/v3.24.3...v3.24.4)

<!-- Release notes generated using configuration in .github/release.yml
at v3.24.4 -->

##### What's Changed

##### net

- Update net_openbsd.go to correctly parse netstat output on obsd by
[@&#8203;amarinderca](https://togithub.com/amarinderca) in
[https://github.com/shirou/gopsutil/pull/1621](https://togithub.com/shirou/gopsutil/pull/1621)
- chore: fix some typos in comments by
[@&#8203;camcui](https://togithub.com/camcui) in
[https://github.com/shirou/gopsutil/pull/1624](https://togithub.com/shirou/gopsutil/pull/1624)

##### New Contributors

- [@&#8203;amarinderca](https://togithub.com/amarinderca) made their
first contribution in
[https://github.com/shirou/gopsutil/pull/1621](https://togithub.com/shirou/gopsutil/pull/1621)
- [@&#8203;camcui](https://togithub.com/camcui) made their first
contribution in
[https://github.com/shirou/gopsutil/pull/1624](https://togithub.com/shirou/gopsutil/pull/1624)

**Full Changelog**:
https://github.com/shirou/gopsutil/compare/v3.24.3...v3.24.4

</details>

---

### Configuration

📅 **Schedule**: Branch creation - "on tuesday" (UTC), Automerge - At any
time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View
repository job log
[here](https://developer.mend.io/github/open-telemetry/opentelemetry-collector).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4zNDAuMTAiLCJ1cGRhdGVkSW5WZXIiOiIzNy4zNDAuMTAiLCJ0YXJnZXRCcmFuY2giOiJtYWluIiwibGFiZWxzIjpbImRlcGVuZGVuY2llcyIsInJlbm92YXRlYm90Il19-->

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: opentelemetrybot <107717825+opentelemetrybot@users.noreply.github.com>
(cherry picked from commit 9bee0cafcae752ee3701c106ede7060ed3470a00)

* Update module go.opentelemetry.io/collector/exporter/otlphttpexporter to v0.100.0 (#10104)

[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Change | Age | Adoption | Passing | Confidence |
|---|---|---|---|---|---|
|
[go.opentelemetry.io/collector/exporter/otlphttpexporter](https://togithub.com/open-telemetry/opentelemetry-collector)
| `v0.99.0` -> `v0.100.0` |
[![age](https://developer.mend.io/api/mc/badges/age/go/go.opentelemetry.io%2fcollector%2fexporter%2fotlphttpexporter/v0.100.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://developer.mend.io/api/mc/badges/adoption/go/go.opentelemetry.io%2fcollector%2fexporter%2fotlphttpexporter/v0.100.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://developer.mend.io/api/mc/badges/compatibility/go/go.opentelemetry.io%2fcollector%2fexporter%2fotlphttpexporter/v0.99.0/v0.100.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/go/go.opentelemetry.io%2fcollector%2fexporter%2fotlphttpexporter/v0.99.0/v0.100.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|

---

> [!WARNING]
> Some dependencies could not be looked up. Check the Dependency
Dashboard for more information.

---

### Release Notes

<details>
<summary>open-telemetry/opentelemetry-collector
(go.opentelemetry.io/collector/exporter/otlphttpexporter)</summary>

###
[`v0.100.0`](https://togithub.com/open-telemetry/opentelemetry-collector/blob/HEAD/CHANGELOG.md#v170v01000)

[Compare
Source](https://togithub.com/open-telemetry/opentelemetry-collector/compare/v0.99.0...v0.100.0)

##### 🛑 Breaking changes 🛑

- `service`: The `validate` sub-command no longer validates that each
pipeline's type is the same as its component types
([#&#8203;10031](https://togithub.com/open-telemetry/opentelemetry-collector/issues/10031))

##### 💡 Enhancements 💡

- `semconv`: Add support for v1.25.0 semantic convention
([#&#8203;10072](https://togithub.com/open-telemetry/opentelemetry-collector/issues/10072))
- `builder`: remove the need to go get a module to address ambiguous
import paths
([#&#8203;10015](https://togithub.com/open-telemetry/opentelemetry-collector/issues/10015))
- `pmetric`: Support parsing metric.metadata from OTLP JSON.
([#&#8203;10026](https://togithub.com/open-telemetry/opentelemetry-collector/issues/10026))

##### 🧰 Bug fixes 🧰

- `exporterhelper`: Fix enabled config option for batch sender
([#&#8203;10076](https://togithub.com/open-telemetry/opentelemetry-collector/issues/10076))

</details>

---

### Configuration

📅 **Schedule**: Branch creation - "on tuesday" (UTC), Automerge - At any
time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View
repository job log
[here](https://developer.mend.io/github/open-telemetry/opentelemetry-collector).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4zNDAuMTAiLCJ1cGRhdGVkSW5WZXIiOiIzNy4zNDAuMTAiLCJ0YXJnZXRCcmFuY2giOiJtYWluIiwibGFiZWxzIjpbImRlcGVuZGVuY2llcyIsInJlbm92YXRlYm90Il19-->

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
(cherry picked from commit 5605528fbdbe37662891f19a3948c1774740b9c8)

* [chore] split arm builds into their own workflow (#10113)

This is the same as was done in contrib.

Signed-off-by: Alex Boten <223565+codeboten@users.noreply.github.com>
(cherry picked from commit 93901cd2b767b555b46fce2bf6d72704adbb8b11)

* [chore] group more dependencies (#10112)

Signed-off-by: Alex Boten <223565+codeboten@users.noreply.github.com>
(cherry picked from commit 067ac03a57b1b7e85e9d76ecfbbbfe0932aa47e2)

* [chore] fix package prefix (#10116)

should not have included `https`

(cherry picked from commit f23316625776a917dbf625c5e1640330fa3d022a)

* Update All go.opentelemetry.io/collector packages to v0.100.0 (#10115)

[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Change | Age | Adoption | Passing | Confidence |
|---|---|---|---|---|---|
|
[go.opentelemetry.io/collector/exporter/otlpexporter](https://togithub.com/open-telemetry/opentelemetry-collector)
| `v0.99.0` -> `v0.100.0` |
[![age](https://developer.mend.io/api/mc/badges/age/go/go.opentelemetry.io%2fcollector%2fexporter%2fotlpexporter/v0.100.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://developer.mend.io/api/mc/badges/adoption/go/go.opentelemetry.io%2fcollector%2fexporter%2fotlpexporter/v0.100.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://developer.mend.io/api/mc/badges/compatibility/go/go.opentelemetry.io%2fcollector%2fexporter%2fotlpexporter/v0.99.0/v0.100.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/go/go.opentelemetry.io%2fcollector%2fexporter%2fotlpexporter/v0.99.0/v0.100.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
|
[go.opentelemetry.io/collector/receiver/otlpreceiver](https://togithub.com/open-telemetry/opentelemetry-collector)
| `v0.99.0` -> `v0.100.0` |
[![age](https://developer.mend.io/api/mc/badges/age/go/go.opentelemetry.io%2fcollector%2freceiver%2fotlpreceiver/v0.100.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://developer.mend.io/api/mc/badges/adoption/go/go.opentelemetry.io%2fcollector%2freceiver%2fotlpreceiver/v0.100.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://developer.mend.io/api/mc/badges/compatibility/go/go.opentelemetry.io%2fcollector%2freceiver%2fotlpreceiver/v0.99.0/v0.100.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/go/go.opentelemetry.io%2fcollector%2freceiver%2fotlpreceiver/v0.99.0/v0.100.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|

---

> [!WARNING]
> Some dependencies could not be looked up. Check the Dependency
Dashboard for more information.

---

### Release Notes

<details>
<summary>open-telemetry/opentelemetry-collector
(go.opentelemetry.io/collector/exporter/otlpexporter)</summary>

###
[`v0.100.0`](https://togithub.com/open-telemetry/opentelemetry-collector/blob/HEAD/CHANGELOG.md#v170v01000)

[Compare
Source](https://togithub.com/open-telemetry/opentelemetry-collector/compare/v0.99.0...v0.100.0)

##### 🛑 Breaking changes 🛑

- `service`: The `validate` sub-command no longer validates that each
pipeline's type is the same as its component types
([#&#8203;10031](https://togithub.com/open-telemetry/opentelemetry-collector/issues/10031))

##### 💡 Enhancements 💡

- `semconv`: Add support for v1.25.0 semantic convention
([#&#8203;10072](https://togithub.com/open-telemetry/opentelemetry-collector/issues/10072))
- `builder`: remove the need to go get a module to address ambiguous
import paths
([#&#8203;10015](https://togithub.com/open-telemetry/opentelemetry-collector/issues/10015))
- `pmetric`: Support parsing metric.metadata from OTLP JSON.
([#&#8203;10026](https://togithub.com/open-telemetry/opentelemetry-collector/issues/10026))

##### 🧰 Bug fixes 🧰

- `exporterhelper`: Fix enabled config option for batch sender
([#&#8203;10076](https://togithub.com/open-telemetry/opentelemetry-collector/issues/10076))

</details>

---

### Configuration

📅 **Schedule**: Branch creation - "on tuesday" (UTC), Automerge - At any
time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about these
updates again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View
repository job log
[here](https://developer.mend.io/github/open-telemetry/opentelemetry-collector).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4zNDAuMTAiLCJ1cGRhdGVkSW5WZXIiOiIzNy4zNDAuMTAiLCJ0YXJnZXRCcmFuY2giOiJtYWluIiwibGFiZWxzIjpbImRlcGVuZGVuY2llcyIsInJlbm92YXRlYm90Il19-->

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
(cherry picked from commit 2e289b64bbed115d186c8cf944ba054dbb8e4b63)

* Update All golang.org/x packages (#10117)

[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Change | Age | Adoption | Passing | Confidence |
|---|---|---|---|---|---|
| golang.org/x/exp | `v0.0.0-20231110203233-9a3e6036ecaa` ->
`v0.0.0-20240506185415-9bf2ced13842` |
[![age](https://developer.mend.io/api/mc/badges/age/go/golang.org%2fx%2fexp/v0.0.0-20240506185415-9bf2ced13842?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://developer.mend.io/api/mc/badges/adoption/go/golang.org%2fx%2fexp/v0.0.0-20240506185415-9bf2ced13842?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://developer.mend.io/api/mc/badges/compatibility/go/golang.org%2fx%2fexp/v0.0.0-20231110203233-9a3e6036ecaa/v0.0.0-20240506185415-9bf2ced13842?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/go/golang.org%2fx%2fexp/v0.0.0-20231110203233-9a3e6036ecaa/v0.0.0-20240506185415-9bf2ced13842?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
| golang.org/x/exp | `v0.0.0-20240119083558-1b970713d09a` ->
`v0.0.0-20240506185415-9bf2ced13842` |
[![age](https://developer.mend.io/api/mc/badges/age/go/golang.org%2fx%2fexp/v0.0.0-20240506185415-9bf2ced13842?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://developer.mend.io/api/mc/badges/adoption/go/golang.org%2fx%2fexp/v0.0.0-20240506185415-9bf2ced13842?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://developer.mend.io/api/mc/badges/compatibility/go/golang.org%2fx%2fexp/v0.0.0-20240119083558-1b970713d09a/v0.0.0-20240506185415-9bf2ced13842?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/go/golang.org%2fx%2fexp/v0.0.0-20240119083558-1b970713d09a/v0.0.0-20240506185415-9bf2ced13842?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
| golang.org/x/net | `v0.24.0` -> `v0.25.0` |
[![age](https://developer.mend.io/api/mc/badges/age/go/golang.org%2fx%2fnet/v0.25.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://developer.mend.io/api/mc/badges/adoption/go/golang.org%2fx%2fnet/v0.25.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://developer.mend.io/api/mc/badges/compatibility/go/golang.org%2fx%2fnet/v0.24.0/v0.25.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/go/golang.org%2fx%2fnet/v0.24.0/v0.25.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
| golang.org/x/sys | `v0.19.0` -> `v0.20.0` |
[![age](https://developer.mend.io/api/mc/badges/age/go/golang.org%2fx%2fsys/v0.20.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://developer.mend.io/api/mc/badges/adoption/go/golang.org%2fx%2fsys/v0.20.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://developer.mend.io/api/mc/badges/compatibility/go/golang.org%2fx%2fsys/v0.19.0/v0.20.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/go/golang.org%2fx%2fsys/v0.19.0/v0.20.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
| golang.org/x/text | `v0.14.0` -> `v0.15.0` |
[![age](https://developer.mend.io/api/mc/badges/age/go/golang.org%2fx%2ftext/v0.15.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://developer.mend.io/api/mc/badges/adoption/go/golang.org%2fx%2ftext/v0.15.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://developer.mend.io/api/mc/badges/compatibility/go/golang.org%2fx%2ftext/v0.14.0/v0.15.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/go/golang.org%2fx%2ftext/v0.14.0/v0.15.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
| golang.org/x/tools | `v0.20.0` -> `v0.21.0` |
[![age](https://developer.mend.io/api/mc/badges/age/go/golang.org%2fx%2ftools/v0.21.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://developer.mend.io/api/mc/badges/adoption/go/golang.org%2fx%2ftools/v0.21.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://developer.mend.io/api/mc/badges/compatibility/go/golang.org%2fx%2ftools/v0.20.0/v0.21.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/go/golang.org%2fx%2ftools/v0.20.0/v0.21.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|

---

> [!WARNING]
> Some dependencies could not be looked up. Check the Dependency
Dashboard for more information.

---

### Configuration

📅 **Schedule**: Branch creation - "on tuesday" (UTC), Automerge - At any
time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

👻 **Immortal**: This PR will be recreated if closed unmerged. Get
[config help](https://togithub.com/renovatebot/renovate/discussions) if
that's undesired.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View
repository job log
[here](https://developer.mend.io/github/open-telemetry/opentelemetry-collector).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4zNDAuMTAiLCJ1cGRhdGVkSW5WZXIiOiIzNy4zNDAuMTAiLCJ0YXJnZXRCcmFuY2giOiJtYWluIiwibGFiZWxzIjpbImRlcGVuZGVuY2llcyIsInJlbm92YXRlYm90Il19-->

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: opentelemetrybot <107717825+opentelemetrybot@users.noreply.github.com>
(cherry picked from commit 3c5bca5097da4585f3a50ebefdbb6403a0038948)

* Update module google.golang.org/protobuf to v1.34.1 (#10101)

[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Change | Age | Adoption | Passing | Confidence |
|---|---|---|---|---|---|
|
[google.golang.org/protobuf](https://togithub.com/protocolbuffers/protobuf-go)
| `v1.34.0` -> `v1.34.1` |
[![age](https://developer.mend.io/api/mc/badges/age/go/google.golang.org%2fprotobuf/v1.34.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://developer.mend.io/api/mc/badges/adoption/go/google.golang.org%2fprotobuf/v1.34.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://developer.mend.io/api/mc/badges/compatibility/go/google.golang.org%2fprotobuf/v1.34.0/v1.34.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/go/google.golang.org%2fprotobuf/v1.34.0/v1.34.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|

---

> [!WARNING]
> Some dependencies could not be looked up. Check the Dependency
Dashboard for more information.

---

### Release Notes

<details>
<summary>protocolbuffers/protobuf-go
(google.golang.org/protobuf)</summary>

###
[`v1.34.1`](https://togithub.com/protocolbuffers/protobuf-go/releases/tag/v1.34.1)

[Compare
Source](https://togithub.com/protocolbuffers/protobuf-go/compare/v1.34.0...v1.34.1)

Minor fixes for editions compliance:

- [CL/582635](https://go.dev/cl/582635): all: update to protobuf
27.0-rc1 and regenerate protos
- [CL/582755](https://go.dev/cl/582755): encoding/proto\[json|text]:
accept lower case names for group-like fields

</details>

---

### Configuration

📅 **Schedule**: Branch creation - "on tuesday" (UTC), Automerge - At any
time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View
repository job log
[here](https://developer.mend.io/github/open-telemetry/opentelemetry-collector).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4zNDAuMTAiLCJ1cGRhdGVkSW5WZXIiOiIzNy4zNDAuMTAiLCJ0YXJnZXRCcmFuY2giOiJtYWluIiwibGFiZWxzIjpbImRlcGVuZGVuY2llcyIsInJlbm92YXRlYm90Il19-->

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: opentelemetrybot <107717825+opentelemetrybot@users.noreply.github.com>
Co-authored-by: Alex Boten <223565+codeboten@users.noreply.github.com>
(cherry picked from commit c5ee52b133725ce07a0d5b2ed76f1d1462fd6633)

* Update module github.com/golangci/golangci-lint to v1.58.0 (#10102)

[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Change | Age | Adoption | Passing | Confidence |
|---|---|---|---|---|---|
|
[github.com/golangci/golangci-lint](https://togithub.com/golangci/golangci-lint)
| `v1.57.2` -> `v1.58.0` |
[![age](https://developer.mend.io/api/mc/badges/age/go/github.com%2fgolangci%2fgolangci-lint/v1.58.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://developer.mend.io/api/mc/badges/adoption/go/github.com%2fgolangci%2fgolangci-lint/v1.58.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://developer.mend.io/api/mc/badges/compatibility/go/github.com%2fgolangci%2fgolangci-lint/v1.57.2/v1.58.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/go/github.com%2fgolangci%2fgolangci-lint/v1.57.2/v1.58.0?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|

---

> [!WARNING]
> Some dependencies could not be looked up. Check the Dependency
Dashboard for more information.

---

### Release Notes

<details>
<summary>golangci/golangci-lint
(github.com/golangci/golangci-lint)</summary>

###
[`v1.58.0`](https://togithub.com/golangci/golangci-lint/compare/v1.57.2...v1.58.0)

[Compare
Source](https://togithub.com/golangci/golangci-lint/compare/v1.57.2...v1.58.0)

</details>

---

### Configuration

📅 **Schedule**: Branch creation - "on tuesday" (UTC), Automerge - At any
time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View
repository job log
[here](https://developer.mend.io/github/open-telemetry/opentelemetry-collector).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4zNDAuMTAiLCJ1cGRhdGVkSW5WZXIiOiIzNy4zNDAuMTAiLCJ0YXJnZXRCcmFuY2giOiJtYWluIiwibGFiZWxzIjpbImRlcGVuZGVuY2llcyIsInJlbm92YXRlYm90Il19-->

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: opentelemetrybot <107717825+opentelemetrybot@users.noreply.github.com>
(cherry picked from commit 90ddbcb666e3a415ef83120c5d828e44422b35c8)

* Update actions/setup-go action to v5.0.1 (#10096)

[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Type | Update | Change |
|---|---|---|---|
| [actions/setup-go](https://togithub.com/actions/setup-go) | action |
patch | `v5.0.0` -> `v5.0.1` |

---

> [!WARNING]
> Some dependencies could not be looked up. Check the Dependency
Dashboard for more information.

---

### Release Notes

<details>
<summary>actions/setup-go (actions/setup-go)</summary>

###
[`v5.0.1`](https://togithub.com/actions/setup-go/releases/tag/v5.0.1)

[Compare
Source](https://togithub.com/actions/setup-go/compare/v5.0.0...v5.0.1)

#### What's Changed

- Bump undici from 5.28.2 to 5.28.3 and dependencies upgrade by
[@&#8203;dependabot](https://togithub.com/dependabot) ,
[@&#8203;HarithaVattikuti](https://togithub.com/HarithaVattikuti) in
[https://github.com/actions/setup-go/pull/465](https://togithub.com/actions/setup-go/pull/465)
- Update documentation with latest V5 release notes by
[@&#8203;ab](https://togithub.com/ab) in
[https://github.com/actions/setup-go/pull/459](https://togithub.com/actions/setup-go/pull/459)
- Update version documentation by
[@&#8203;178inaba](https://togithub.com/178inaba) in
[https://github.com/actions/setup-go/pull/458](https://togithub.com/actions/setup-go/pull/458)
- Documentation update of `actions/setup-go` to v5 by
[@&#8203;chenrui333](https://togithub.com/chenrui333) in
[https://github.com/actions/setup-go/pull/449](https://togithub.com/actions/setup-go/pull/449)

#### New Contributors

- [@&#8203;ab](https://togithub.com/ab) made their first contribution in
[https://github.com/actions/setup-go/pull/459](https://togithub.com/actions/setup-go/pull/459)

**Full Changelog**:
https://github.com/actions/setup-go/compare/v5.0.0...v5.0.1

</details>

---

### Configuration

📅 **Schedule**: Branch creation - "on tuesday" (UTC), Automerge - At any
time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View
repository job log
[here](https://developer.mend.io/github/open-telemetry/opentelemetry-collector).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4zNDAuMTAiLCJ1cGRhdGVkSW5WZXIiOiIzNy4zNDAuMTAiLCJ0YXJnZXRCcmFuY2giOiJtYWluIiwibGFiZWxzIjpbImRlcGVuZGVuY2llcyIsInJlbm92YXRlYm90Il19-->

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Yang Song <songy23@users.noreply.github.com>
(cherry picked from commit 9bc32498ce5edc12222ced1db46378e26dbd3cce)

* [chore] Update go versions in CI (#10119)

(cherry picked from commit 7b63bfc9a46b692451c838bb7acd2e3692580bf4)

* Move Aneurysm9 to emeritus status (#10120)

I have been unable to provide this position the bandwidth that it
deserves and it is time to formalize recognition of that fact.

Signed-off-by: Anthony J Mirabella <a9@aneurysm9.com>
Co-authored-by: Alex Boten <223565+codeboten@users.noreply.github.com>
(cherry picked from commit c6b70a7ec794d1a296f82863032def0848f870e0)

* [chore] use mdatagen for exporterhelper metrics (#10094)

Uses the new mdatagen capabilities to generate internal telemetry
details for exporterhelper.

---------

Signed-off-by: Alex Boten <223565+codeboten@users.noreply.github.com>
(cherry picked from commit 5c72c5d2a035c811fc60e6608320986ec85e4110)

* [chore] use mdatagen scraperhelper (#10095)

Follows
https://github.com/open-telemetry/opentelemetry-collector/pull/10094

---------

Signed-off-by: Alex Boten <223565+codeboten@users.noreply.github.com>

* [chore] use mdatagen for processorhelper (#10122)

This updates the processor helper to use mdatagen for its internal
telemetry.

---------

Signed-off-by: Alex Boten <223565+codeboten@users.noreply.github.com>

* [chore][cmd/builder] Test for unreleased versions (#10030)

<!--Ex. Fixing a bug - Describe the bug and how this fixes the issue.
Ex. Adding a feature - Explain what this achieves.-->
#### Description

Add a test to help prevent our replace statements from going out of date
and causing situations like
https://github.com/open-telemetry/opentelemetry-collector/issues/10014.
This is also probably just a decent test case to have since it's a
syntactically valid but nonexistent version.

---------

Co-authored-by: Evan Bradley <evan-bradley@users.noreply.github.com>
Co-authored-by: Juraci Paixão Kröhling <juraci.github@kroehling.de>

* [mdatagen] Run tests when skipping goleak (#10126)

#### Description
Tests are currently not being run when `goleak` checks are skipped. This
is because `TestMain` is called in the generated file, and needs to call
`m.Run()` to properly run the package's tests. This call was missing.

#### Link to tracking issue
Fixes #10125

#### Testing
There aren't any `goleak` checks currently being skipped in core from
the generated package tests, but there are quite a few in `contrib`.
This will fix the skipped tests in `contrib`.

* [chore] use mdatagen for receiverhelper metrics (#10123)

Signed-off-by: Alex Boten <223565+codeboten@users.noreply.github.com>

* [mdatagen] use main as package for cmd types (#10130)

This allows us to enabled package test generation for mdatagen itself
(and for telemetrygen in contrib)

Signed-off-by: Alex Boten <223565+codeboten@users.noreply.github.com>

* [mdatagen] only generate telemetry as needed (#10129)

This prevent unnecessary files from being generated if metadata.yaml
doesn't include any internal telemetry for a component.

Signed-off-by: Alex Boten <223565+codeboten@users.noreply.github.com>

* ExporterHelper tests - switch to DataType instead of Type (#10127)

<!--Ex. Fixing a bug - Describe the bug and how this fixes the issue.
Ex. Adding a feature - Explain what this achieves.-->
#### Description
`newBaseExporter` needs a `DataType` - up until now we've been passing
in a `Type`. In preparation of splitting `DataType` and `Type`, pass in
a real `DataType`.

<!-- Issue number if applicable -->
#### Link to tracking issue
related to
https://github.com/open-telemetry/opentelemetry-collector/issues/9429



In preparation for
https://github.com/open-telemetry/opentelemetry-collector/pull/10069

* MemoryLimiterProcessor - switch to  MustNewID instead of zero value ID (#10128)

<!--Ex. Fixing a bug - Describe the bug and how this fixes the issue.
Ex. Adding a feature - Explain what this achieves.-->
#### Description
In an upcoming PR, I change Type to be an interface. This means the zero
value of Type will be nil - which will cause this test to fail.
Initializing ID instead of relying on the zero value fixes this

<!-- Issue number if applicable -->
#### Link to tracking issue
related to
https://github.com/open-telemetry/opentelemetry-collector/issues/9429


<!--Please delete paragraphs that you did not use before submitting.-->
In preparation for
https://github.com/open-telemetry/opentelemetry-collector/pull/10069

* [otelcol] Add a custom zapcore.Core for confmap logging (#10056)

<!--Ex. Fixing a bug - Describe the bug and how this fixes the issue.
Ex. Adding a feature - Explain what this achieves.-->
#### Description

Provides a logger to confmap that buffers logs in memory until the
primary logger can be used. Once the primary logger exists, places that
used the original logger are given the updated Core.

If an error occurs that would shut down the collector before the primary
logger could be created, the logs are written to stdout/err using a
fallback logger.

Alternative to
https://github.com/open-telemetry/opentelemetry-collector/pull/10008

I've pushed the testing I did to show how the logger successfully
updates. Before config resolution the debug log in confmap is not
printed, but afterwards it is.

test config:
```yaml
receivers:
  nop:

exporters:
  otlphttp:
    endpoint: http://0.0.0.0:4317
    headers:
      # Not set
      x-test: ${env:TEMP3}
  debug:
    # set to "detailed"
    verbosity: $TEMP

service:
  telemetry:
    logs:
      level: debug
  pipelines:
    traces:
      receivers:
        - nop
      exporters:
        - debug
```


![image](https://github.com/open-telemetry/opentelemetry-collector/assets/12352919/6a17993f-1f97-4c54-9165-5c34dd58d108)

<!-- Issue number if applicable -->
#### Link to tracking issue
Related to
https://github.com/open-telemetry/opentelemetry-collector/issues/9162
Related to
https://github.com/open-telemetry/opentelemetry-collector/issues/5615

<!--Describe what testing was performed and which tests were added.-->
#### Testing
If we like this approach I'll add tests

<!--Describe the documentation added.-->
#### Documentation

---------

Co-authored-by: Dan Jaglowski <jaglows3@gmail.com>
Co-authored-by: Pablo Baeyens <pbaeyens31+github@gmail.com>

* [confmap] Deprecate `NewWithSettings` and `New` (#10134)

#### Description

Each of these was deprecated in v0.99.0, so I think removing them in
v0.101.0 is a safe deprecation period for an API that is likely only
used by vendor distros built without ocb.

If we would like to extend the deprecation period or break this change
into PRs for each module, let me know and I'll make the necessary
changes.

* [confmap] Add logger to ConverterSettings (#10135)

#### Description
Adds a Logger to ConverterSettings to enable logging from within
converters. Also update the expand converter to log a warning if the env
var is empty or missing.

#### Link to tracking issue
Closes
https://github.com/open-telemetry/opentelemetry-collector/issues/9162
Closes
https://github.com/open-telemetry/opentelemetry-collector/issues/5615

#### Testing

Unit tests and local testing


![image](https://github.com/open-telemetry/opentelemetry-collector/assets/12352919/af5dd1e2-62f9-4272-97c7-da57166ef07e)

```yaml
receivers:
  nop:

exporters:
  otlphttp:
    endpoint: http://0.0.0.0:4317
    headers:
      # Not set
      x-test: $TEMP3
  debug:
    # set to "detailed"
    verbosity: $TEMP

service:
  telemetry:
    logs:
      level: info
  pipelines:
    traces:
      receivers:
        - nop
      exporters:
        - otlphttp
        - debug
```

#### Documentation
Added godoc comments

* [confighttp] Remove deprecated functions (#10138)

Closes
https://github.com/open-telemetry/opentelemetry-collector/issues/9807

* Update module github.com/prometheus/client_golang to v1.19.1 (#10147)

[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Change | Age | Adoption | Passing | Confidence |
|---|---|---|---|---|---|
|
[github.com/prometheus/client_golang](https://togithub.com/prometheus/client_golang)
| `v1.19.0` -> `v1.19.1` |
[![age](https://developer.mend.io/api/mc/badges/age/go/github.com%2fprometheus%2fclient_golang/v1.19.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://developer.mend.io/api/mc/badges/adoption/go/github.com%2fprometheus%2fclient_golang/v1.19.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://developer.mend.io/api/mc/badges/compatibility/go/github.com%2fprometheus%2fclient_golang/v1.19.0/v1.19.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/go/github.com%2fprometheus%2fclient_golang/v1.19.0/v1.19.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|

---

> [!WARNING]
> Some dependencies could not be looked up. Check the Dependency
Dashboard for more information.

---

### Release Notes

<details>
<summary>prometheus/client_golang
(github.com/prometheus/client_golang)</summary>

###
[`v1.19.1`](https://togithub.com/prometheus/client_golang/releases/tag/v1.19.1)

[Compare
Source](https://togithub.com/prometheus/client_golang/compare/v1.19.0...v1.19.1)

#### What's Changed

- Security patches for `golang.org/x/sys` and
`google.golang.org/protobuf`

#### New Contributors

- [@&#8203;lukasauk](https://togithub.com/lukasauk) made their first
contribution in
[https://github.com/prometheus/client_golang/pull/1494](https://togithub.com/prometheus/client_golang/pull/1494)

**Full Changelog**:
https://github.com/prometheus/client_golang/compare/v1.19.0...v1.19.1

</details>

---

### Configuration

📅 **Schedule**: Branch creation - "on tuesday" (UTC), Automerge - At any
time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View
repository job log
[here](https://developer.mend.io/github/open-telemetry/opentelemetry-collector).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4zNTEuMiIsInVwZGF0ZWRJblZlciI6IjM3LjM1MS4yIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJkZXBlbmRlbmNpZXMiLCJyZW5vdmF0ZWJvdCJdfQ==-->

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: opentelemetrybot <107717825+opentelemetrybot@users.noreply.github.com>

* Update module github.com/golangci/golangci-lint to v1.58.1 (#10146)

[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Change | Age | Adoption | Passing | Confidence |
|---|---|---|---|---|---|
|
[github.com/golangci/golangci-lint](https://togithub.com/golangci/golangci-lint)
| `v1.58.0` -> `v1.58.1` |
[![age](https://developer.mend.io/api/mc/badges/age/go/github.com%2fgolangci%2fgolangci-lint/v1.58.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://developer.mend.io/api/mc/badges/adoption/go/github.com%2fgolangci%2fgolangci-lint/v1.58.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://developer.mend.io/api/mc/badges/compatibility/go/github.com%2fgolangci%2fgolangci-lint/v1.58.0/v1.58.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/go/github.com%2fgolangci%2fgolangci-lint/v1.58.0/v1.58.1?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|

---

> [!WARNING]
> Some dependencies could not be looked up. Check the Dependency
Dashboard for more information.

---

### Release Notes

<details>
<summary>golangci/golangci-lint
(github.com/golangci/golangci-lint)</summary>

###
[`v1.58.1`](https://togithub.com/golangci/golangci-lint/compare/v1.58.0...v1.58.1)

[Compare
Source](https://togithub.com/golangci/golangci-lint/compare/v1.58.0...v1.58.1)

</details>

---

### Configuration

📅 **Schedule**: Branch creation - "on tuesday" (UTC), Automerge - At any
time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View
repository job log
[here](https://developer.mend.io/github/open-telemetry/opentelemetry-collector).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4zNTEuMiIsInVwZGF0ZWRJblZlciI6IjM3LjM1MS4yIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJkZXBlbmRlbmNpZXMiLCJyZW5vdmF0ZWJvdCJdfQ==-->

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: opentelemetrybot <107717825+opentelemetrybot@users.noreply.github.com>

* Update github-actions deps (#10145)

[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Type | Update | Change |
|---|---|---|---|
| [actions/checkout](https://togithub.com/actions/checkout) | action |
patch | `v4.1.4` -> `v4.1.5` |
| [codecov/codecov-action](https://togithub.com/codecov/codecov-action)
| action | minor | `4.3.1` -> `4.4.0` |
| [github/codeql-action](https://togithub.com/github/codeql-action) |
action | patch | `v3.25.3` -> `v3.25.5` |
|
[goreleaser/goreleaser-action](https://togithub.com/goreleaser/goreleaser-action)
| action | minor | `v5.0.0` -> `v5.1.0` |
| [ossf/scorecard-action](https://togithub.com/ossf/scorecard-action) |
action | patch | `v2.3.1` -> `v2.3.3` |

---

> [!WARNING]
> Some dependencies could not be looked up. Check the Dependency
Dashboard for more information.

---

### Release Notes

<details>
<summary>actions/checkout (actions/checkout)</summary>

###
[`v4.1.5`](https://togithub.com/actions/checkout/releases/tag/v4.1.5)

[Compare
Source](https://togithub.com/actions/checkout/compare/v4.1.4...v4.1.5)

#### What's Changed

- Update NPM dependencies by
[@&#8203;cory-miller](https://togithub.com/cory-miller) in
[https://github.com/actions/checkout/pull/1703](https://togithub.com/actions/checkout/pull/1703)
- Bump github/codeql-action from 2 to 3 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/actions/checkout/pull/1694](https://togithub.com/actions/checkout/pull/1694)
- Bump actions/setup-node from 1 to 4 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/actions/checkout/pull/1696](https://togithub.com/actions/checkout/pull/1696)
- Bump actions/upload-artifact from 2 to 4 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/actions/checkout/pull/1695](https://togithub.com/actions/checkout/pull/1695)
- README: Suggest `user.email` to be
`41898282+github-actions[bot]@&#8203;users.noreply.github.com` by
[@&#8203;cory-miller](https://togithub.com/cory-miller) in
[https://github.com/actions/checkout/pull/1707](https://togithub.com/actions/checkout/pull/1707)

**Full Changelog**:
https://github.com/actions/checkout/compare/v4.1.4...v4.1.5

</details>

<details>
<summary>codecov/codecov-action (codecov/codecov-action)</summary>

###
[`v4.4.0`](https://togithub.com/codecov/codecov-action/compare/v4.3.1...v4.4.0)

[Compare
Source](https://togithub.com/codecov/codecov-action/compare/v4.3.1...v4.4.0)

</details>

<details>
<summary>github/codeql-action (github/codeql-action)</summary>

###
[`v3.25.5`](https://togithub.com/github/codeql-action/compare/v3.25.4...v3.25.5)

[Compare
Source](https://togithub.com/github/codeql-action/compare/v3.25.4...v3.25.5)

###
[`v3.25.4`](https://togithub.com/github/codeql-action/compare/v3.25.3...v3.25.4)

[Compare
Source](https://togithub.com/github/codeql-action/compare/v3.25.3...v3.25.4)

</details>

<details>
<summary>goreleaser/goreleaser-action
(goreleaser/goreleaser-action)</summary>

###
[`v5.1.0`](https://togithub.com/goreleaser/goreleaser-action/releases/tag/v5.1.0)

[Compare
Source](https://togithub.com/goreleaser/goreleaser-action/compare/v5.0.0...v5.1.0)

#### Important

This version changes the default behavior of `latest` to `~> v1`.

The next major of this action (v6), will change this to `~> v2`, and
will be launched together with GoReleaser v2.

#### What's Changed

- docs: bump actions to latest major by
[@&#8203;crazy-max](https://togithub.com/crazy-max) in
[https://github.com/goreleaser/goreleaser-action/pull/435](https://togithub.com/goreleaser/goreleaser-action/pull/435)
- chore(deps): bump docker/bake-action from 3 to 4 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/goreleaser/goreleaser-action/pull/436](https://togithub.com/goreleaser/goreleaser-action/pull/436)
- chore(deps): bump codecov/codecov-action from 3 to 4 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/goreleaser/goreleaser-action/pull/437](https://togithub.com/goreleaser/goreleaser-action/pull/437)
- chore(deps): bump actions/setup-go from 4 to 5 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/goreleaser/goreleaser-action/pull/443](https://togithub.com/goreleaser/goreleaser-action/pull/443)
- chore(deps): bump actions/upload-artifact from 3 to 4 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/goreleaser/goreleaser-action/pull/444](https://togithub.com/goreleaser/goreleaser-action/pull/444)
- Delete .kodiak.toml by
[@&#8203;vedantmgoyal9](https://togithub.com/vedantmgoyal9) in
[https://github.com/goreleaser/goreleaser-action/pull/446](https://togithub.com/goreleaser/goreleaser-action/pull/446)
- chore(deps): bump codecov/codecov-action from 3 to 4 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/goreleaser/goreleaser-action/pull/448](https://togithub.com/goreleaser/goreleaser-action/pull/448)
- chore(deps): bump ip from 2.0.0 to 2.0.1 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/goreleaser/goreleaser-action/pull/450](https://togithub.com/goreleaser/goreleaser-action/pull/450)
- Upgrade setup-go action version in README by
[@&#8203;kishaningithub](https://togithub.com/kishaningithub) in
[https://github.com/goreleaser/goreleaser-action/pull/455](https://togithub.com/goreleaser/goreleaser-action/pull/455)
- chore(deps): bump tar from 6.1.14 to 6.2.1 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/goreleaser/goreleaser-action/pull/456](https://togithub.com/goreleaser/goreleaser-action/pull/456)
- chore: use corepack to install yarn by
[@&#8203;crazy-max](https://togithub.com/crazy-max) in
[https://github.com/goreleaser/goreleaser-action/pull/458](https://togithub.com/goreleaser/goreleaser-action/pull/458)
- feat: lock this major version of the action to use '~> v1' as 'latest'
by [@&#8203;caarlos0](https://togithub.com/caarlos0) in
[https://github.com/goreleaser/goreleaser-action/pull/461](https://togithub.com/goreleaser/goreleaser-action/pull/461)
- chore(deps): bump semver from 7.6.0 to 7.6.2 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/goreleaser/goreleaser-action/pull/462](https://togithub.com/goreleaser/goreleaser-action/pull/462)
- chore(deps): bump
[@&#8203;actions/http-client](https://togithub.com/actions/http-client)
from 2.2.0 to 2.2.1 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/goreleaser/goreleaser-action/pull/451](https://togithub.com/goreleaser/goreleaser-action/pull/451)

#### New Contributors

- [@&#8203;vedantmgoyal9](https://togithub.com/vedantmgoyal9) made their
first contribution in
[https://github.com/goreleaser/goreleaser-action/pull/446](https://togithub.com/goreleaser/goreleaser-action/pull/446)

**Full Changelog**:
https://github.com/goreleaser/goreleaser-action/compare/v5.0.0...v5.1.0

</details>

<details>
<summary>ossf/scorecard-action (ossf/scorecard-action)</summary>

###
[`v2.3.3`](https://togithub.com/ossf/scorecard-action/compare/v2.3.2...v2.3.3)

[Compare
Source](https://togithub.com/ossf/scorecard-action/compare/v2.3.2...v2.3.3)

###
[`v2.3.2`](https://togithub.com/ossf/scorecard-action/compare/v2.3.1...v2.3.2)

[Compare
Source](https://togithub.com/ossf/scorecard-action/compare/v2.3.1...v2.3.2)

</details>

---

### Configuration

📅 **Schedule**: Branch creation - "on tuesday" (UTC), Automerge - At any
time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

👻 **Immortal**: This PR will be recreated if closed unmerged. Get
[config help](https://togithub.com/renovatebot/renovate/discussions) if
that's undesired.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View
repository job log
[here](https://developer.mend.io/github/open-telemetry/opentelemetry-collector).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4zNTEuMiIsInVwZGF0ZWRJblZlciI6IjM3LjM1MS4yIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJkZXBlbmRlbmNpZXMiLCJyZW5vdmF0ZWJvdCJdfQ==-->

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

* chore: fix function name in comment (#10150)

<!--Please delete paragraphs that you did not use before submitting.-->

Signed-off-by: petercover <raowanxiang@outlook.com>

* Update module google.golang.org/genproto/googleapis/rpc to v0.0.0-20240506185236-b8a5c65736ae (#10100)

[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Change | Age | Adoption | Passing | Confidence |
|---|---|---|---|---|---|
|
[google.golang.org/genproto/googleapis/rpc](https://togithub.com/googleapis/go-genproto)
| `v0.0.0-20240401170217-c3f982113cda` ->
`v0.0.0-20240506185236-b8a5c65736ae` |
[![age](https://developer.mend.io/api/mc/badges/age/go/google.golang.org%2fgenproto%2fgoogleapis%2frpc/v0.0.0-20240506185236-b8a5c65736ae?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://developer.mend.io/api/mc/badges/adoption/go/google.golang.org%2fgenproto%2fgoogleapis%2frpc/v0.0.0-20240506185236-b8a5c65736ae?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://developer.mend.io/api/mc/badges/compatibility/go/google.golang.org%2fgenproto%2fgoogleapis%2frpc/v0.0.0-20240401170217-c3f982113cda/v0.0.0-20240506185236-b8a5c65736ae?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/go/google.golang.org%2fgenproto%2fgoogleapis%2frpc/v0.0.0-20240401170217-c3f982113cda/v0.0.0-20240506185236-b8a5c65736ae?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|

---

> [!WARNING]
> Some dependencies could not be looked up. Check the Dependency
Dashboard for more information.

---

### Configuration

📅 **Schedule**: Branch creation - "on tuesday" (UTC), Automerge - At any
time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View
repository job log
[here](https://developer.mend.io/github/open-telemetry/opentelemetry-collector).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4zNDAuMTAiLCJ1cGRhdGVkSW5WZXIiOiIzNy4zNDAuMTAiLCJ0YXJnZXRCcmFuY2giOiJtYWluIiwibGFiZWxzIjpbImRlcGVuZGVuY2llcyIsInJlbm92YXRlYm90Il19-->

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: opentelemetrybot <107717825+opentelemetrybot@users.noreply.github.com>
Co-authored-by: Yang Song <songy23@users.noreply.github.com>
Co-authored-by: Alex Boten <223565+codeboten@users.noreply.github.com>

* fix(deps): update module google.golang.org/genproto/googleapis/rpc to v0.0.0-20240513163218-0867130af1f8 (#10153)

[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Change | Age | Adoption | Passing | Confidence |
|---|---|---|---|---|---|
|
[google.golang.org/genproto/googleapis/rpc](https://togithub.com/googleapis/go-genproto)
| `v0.0.0-20240506185236-b8a5c65736ae` ->
`v0.0.0-20240513163218-0867130af1f8` |
[![age](https://developer.mend.io/api/mc/badges/age/go/google.golang.org%2fgenproto%2fgoogleapis%2frpc/v0.0.0-20240513163218-0867130af1f8?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://developer.mend.io/api/mc/badges/adoption/go/google.golang.org%2fgenproto%2fgoogleapis%2frpc/v0.0.0-20240513163218-0867130af1f8?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://developer.mend.io/api/mc/badges/compatibility/go/google.golang.org%2fgenproto%2fgoogleapis%2frpc/v0.0.0-20240506185236-b8a5c65736ae/v0.0.0-20240513163218-0867130af1f8?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/go/google.golang.org%2fgenproto%2fgoogleapis%2frpc/v0.0.0-20240506185236-b8a5c65736ae/v0.0.0-20240513163218-0867130af1f8?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|

---

> [!WARNING]
> Some dependencies could not be looked up. Check the Dependency
Dashboard for more information.

---

### Configuration

📅 **Schedule**: Branch creation - "on tuesday" (UTC), Automerge - At any
time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View
repository job log
[here](https://developer.mend.io/github/open-telemetry/opentelemetry-collector).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4zNTEuMiIsInVwZGF0ZWRJblZlciI6IjM3LjM1MS4yIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJkZXBlbmRlbmNpZXMiLCJyZW5vdmF0ZWJvdCJdfQ==-->

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: opentelemetrybot <107717825+opentelemetrybot@users.noreply.github.com>

* [chore] update Andrzej's affiliation (#10156)

* Add origin field name option to base fields (#10149)

<!--Ex. Fixing a bug - Describe the bug and how this fixes the issue.
Ex. Adding a feature - Explain what this achieves.-->
#### Description

This adds an `originFieldName` option to `sliceField`,
`messageValueField` and `primitiveField`.
This option already exists for `primitiveTypedField`, `oneOfField`,
`oneOfPrimitiveValue` and `oneOfMessageValue`.

#### Link to tracking issue

This is needed for #10109.

<!--Describe what testing was performed and which tests were added.-->
#### Testing

This is unit tested.

cc @mx-psi

* [confmap] Encode string-like map keys (#10137)

<!--Ex. Fixing a bug - Describe the bug and how this fixes the issue.
Ex. Adding a feature - Explain what this achieves.-->
#### Description

Our check for determining whether a map key can be encoded as a string
is too restrictive and doesn't into account types which are essentially
aliases for the string type and don't implement `UnmarshalText`.

I encountered this while trying to call
`(confmap.Conf).Marshal(*otelcol.Config)` when the config includes a
Prometheus receiver, which includes the [LabelName
type](https://github.com/prometheus/common/blob/main/model/labels.go#L98)
that does not implement an unmarshaling method. We can't guarantee that
all types will implement this, and [Go's print formatters
check](https://github.com/golang/go/blob/master/src/fmt/print.go#L803)
whether `(reflect.Value).Kind()` equals `reflect.String`, so I think
this will be an overall more robust approach.

<!--Describe what testing was performed and which tests were added.-->
#### Testing

I added two test cases to demonstrate when we will hit this case.

---------

Co-authored-by: Pablo Baeyens <pbaeyens31+github@gmail.com>

* [otelcol] Add mapstructure tags to main Config struct (#10152)

<!--Ex. Fixing a bug - Describe the bug and how this fixes the issue.
Ex. Adding a feature - Explain what this achieves.-->
#### Description

Adds `mapstructure` tags to main `Config` struct.

cc @mackjmr

* Upgrade proto and generate profiles (#10155)

<!--Ex. Fixing a bug - Describe the bug and how this fixes the issue.
Ex. Adding a feature - Explain what this achieves.-->
#### Description

This upgrades the proto to their latest version, and generates the
profiles.

<!-- Issue number if applicable -->
#### Link to tracking issue
Part of #10109

cc @mx-psi

* Upgrade the used otlp version in readme (#10167)

<!--Ex. Fixing a bug - Describe the bug and how this fixes the issue.
Ex. Adding a feature - Explain what this achieves.-->
#### Description

We upgraded the proto version, so we need to upgrade it in the readme as
well.

<!-- Issue number if applicable -->
#### Link to tracking issue

*
https://github.com/open-telemetry/opentelemetry-collector/pull/10109#pullrequestreview-2058708683
* https://github.com/open-telemetry/opentelemetry-collector/pull/10155

* [chore] appease versioning warnings (#10163)

as per dependabot security recommendations

Signed-off-by: Alex Boten <223565+codeboten@users.noreply.github.com>

* [chore] set permissions to read explicitly (#10164)

This is as recommended by dependabot security warnings.

Signed-off-by: Alex Boten <223565+codeboten@users.noreply.github.com>

* [mdatagen] add support for async instruments (#10159)

This PR adds the ability to configure asynchronous (observable)
instruments via mdatagen. This requires providing a mechanism to set
options to pass in the callbacks that will be called at the time of the
observation.

---------

Signed-off-by: Alex Boten <223565+codeboten@users.noreply.github.com>

* [mdatagen] update mdatagen to document internal telemetry (#10170)

This allows end users to see what telemetry each component should be
emitting.

---------

Signed-off-by: Alex Boten <223565+codeboten@users.noreply.github.com>

* [chore] make gogenerate (#10171)

documentation needed to be regenerated

Signed-off-by: Alex Boten <223565+codeboten@users.noreply.github.com>

* [chore]: fix the dead link in mdatagen (#10142)

#### Description
Fixed the deadlink in mdatagen that would cause existing functionality
to not work as expected.

<!-- Issue number if applicable -->
#### Link to tracking issue
Fixes #10071

* [confmap] Remove deprecated ResolverSettings fields (#10173)

<!--Ex. Fixing a bug - Describe the bug and how this fixes the issue.
Ex. Adding a feature - Explain what this achieves.-->
#### Description

These fields were deprecated in v0.99.0 and aren't used in any upstream
repositories.

These appear to still be used in downstream distributions. If we want to
lengthen the deprecation period for these fields, I'll open a PR to
instead set a timeline for their removal.

* Documentation improvements  - Internal Architecture Doc + Package level comments (#10068)

<!--Describe the documentation added.-->
#### Documentation
Creates an internal architecture file. In it is a diagram of the startup
flow of the collector as well as links to key files / packages. I also
added package level comments to some key packages.

I wrote some other documentation in
https://github.com/open-telemetry/opentelemetry-collector/pull/10029 but
split the PRs up.

---------

Co-authored-by: Pablo Baeyens <pbaeyens31+github@gmail.com>

* [chore] Remove unused package test file from otelcorecol (#10178)

* [chore] Remove required toolchain version from nopexporter (#10179)

* fix(deps): update module github.com/golangci/golangci-lint to v1.58.2 (#10185)

[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Change | Age | Adoption | Passing | Confidence |
|---|---|---|---|---|---|
|
[github.com/golangci/golangci-lint](https://togithub.com/golangci/golangci-lint)
| `v1.58.1` -> `v1.58.2` |
[![age](https://developer.mend.io/api/mc/badges/age/go/github.com%2fgolangci%2fgolangci-lint/v1.58.2?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![adoption](https://developer.mend.io/api/mc/badges/adoption/go/github.com%2fgolangci%2fgolangci-lint/v1.58.2?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![passing](https://developer.mend.io/api/mc/badges/compatibility/go/github.com%2fgolangci%2fgolangci-lint/v1.58.1/v1.58.2?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|
[![confidence](https://developer.mend.io/api/mc/badges/confidence/go/github.com%2fgolangci%2fgolangci-lint/v1.58.1/v1.58.2?slim=true)](https://docs.renovatebot.com/merge-confidence/)
|

---

> [!WARNING]
> Some dependencies could not be looked up. Check the Dependency
Dashboard for more information.

---

### Release Notes

<details>
<summary>golangci/golangci-lint
(github.com/golangci/golangci-lint)</summary>

###
[`v1.58.2`](https://togithub.com/golangci/golangci-lint/compare/v1.58.1...v1.58.2)

[Compare
Source](https://togithub.com/golangci/golangci-lint/compare/v1.58.1...v1.58.2)

</details>

---

### Configuration

📅 **Schedule**: Branch creation - "on tuesday" (UTC), Automerge - At any
time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View
repository job log
[here](https://developer.mend.io/github/open-telemetry/opentelemetry-collector).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4zNjMuNSIsInVwZGF0ZWRJblZlciI6IjM3LjM2My41IiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJkZXBlbmRlbmNpZXMiLCJyZW5vdmF0ZWJvdCJdfQ==-->

---------

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: opentelemetrybot <107717825+opentelemetrybot@users.noreply.github.com>

* [chore] Prepare release v1.8.0/v0.101.0 (#10190)

This replaces #10188, by fixing a relatively new test case that blocked
the release.

Signed-off-by: Juraci Paixão Kröhling <juraci@kroehling.de>

---------

Signed-off-by: Juraci Paixão Kröhling <juraci@kroehling.de>
Co-authored-by: opentelemetrybot <107717825+opentelemetrybot@users.noreply.github.com>

* chore(deps): update github-actions deps (#10184)

[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Type | Update | Change |
|---|---|---|---|
| [actions/ch…
yurishkuro referenced this pull request in jaegertracing/jaeger Jun 15, 2024
[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Type | Update | Change |
|---|---|---|---|
| [actions/setup-go](https://togithub.com/actions/setup-go) | action |
patch | `v5.0.0` -> `v5.0.1` |

---

### Release Notes

<details>
<summary>actions/setup-go (actions/setup-go)</summary>

###
[`v5.0.1`](https://togithub.com/actions/setup-go/releases/tag/v5.0.1)

[Compare
Source](https://togithub.com/actions/setup-go/compare/v5.0.0...v5.0.1)

#### What's Changed

- Bump undici from 5.28.2 to 5.28.3 and dependencies upgrade by
[@&#8203;dependabot](https://togithub.com/dependabot) ,
[@&#8203;HarithaVattikuti](https://togithub.com/HarithaVattikuti) in
[https://github.com/actions/setup-go/pull/465](https://togithub.com/actions/setup-go/pull/465)
- Update documentation with latest V5 release notes by
[@&#8203;ab](https://togithub.com/ab) in
[https://github.com/actions/setup-go/pull/459](https://togithub.com/actions/setup-go/pull/459)
- Update version documentation by
[@&#8203;178inaba](https://togithub.com/178inaba) in
[https://github.com/actions/setup-go/pull/458](https://togithub.com/actions/setup-go/pull/458)
- Documentation update of `actions/setup-go` to v5 by
[@&#8203;chenrui333](https://togithub.com/chenrui333) in
[https://github.com/actions/setup-go/pull/449](https://togithub.com/actions/setup-go/pull/449)

#### New Contributors

- [@&#8203;ab](https://togithub.com/ab) made their first contribution in
[https://github.com/actions/setup-go/pull/459](https://togithub.com/actions/setup-go/pull/459)

**Full Changelog**:
actions/setup-go@v5.0.0...v5.0.1

</details>

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined),
Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update
again.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View
repository job log
[here](https://developer.mend.io/github/jaegertracing/jaeger).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4zOTMuMCIsInVwZGF0ZWRJblZlciI6IjM3LjM5My4wIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJjaGFuZ2Vsb2c6ZGVwZW5kZW5jaWVzIl19-->

Signed-off-by: Mend Renovate <bot@renovateapp.com>
ramonpetgrave64 referenced this pull request in slsa-framework/slsa-verifier Jul 1, 2024
[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Type | Update | Change |
|---|---|---|---|
| [actions/checkout](https://togithub.com/actions/checkout) | action |
patch | `v4.1.1` -> `v4.1.7` |
|
[actions/dependency-review-action](https://togithub.com/actions/dependency-review-action)
| action | minor | `v4.2.5` -> `v4.3.3` |
|
[actions/download-artifact](https://togithub.com/actions/download-artifact)
| action | patch | `v4.1.4` -> `v4.1.7` |
| [actions/setup-go](https://togithub.com/actions/setup-go) | action |
patch | `v5.0.0` -> `v5.0.1` |
|
[actions/upload-artifact](https://togithub.com/actions/upload-artifact)
| action | patch | `v4.3.1` -> `v4.3.3` |
|
[actionsdesk/lfs-warning](https://togithub.com/actionsdesk/lfs-warning)
| action | minor | `v3.2` -> `v3.3` |
| [github/codeql-action](https://togithub.com/github/codeql-action) |
action | minor | `v3.24.9` -> `v3.25.11` |
|
[golangci/golangci-lint-action](https://togithub.com/golangci/golangci-lint-action)
| action | pinDigest | -> `d6238b0` |
| [ossf/scorecard-action](https://togithub.com/ossf/scorecard-action) |
action | patch | `v2.3.1` -> `v2.3.3` |
|
[slsa-framework/slsa-github-generator](https://togithub.com/slsa-framework/slsa-github-generator)
| action | pinDigest | -> `c747fe7` |
|
[slsa-framework/slsa-verifier](https://togithub.com/slsa-framework/slsa-verifier)
| action | minor | `v2.4.1` -> `v2.5.1` |

---

### Release Notes

<details>
<summary>actions/checkout (actions/checkout)</summary>

###
[`v4.1.7`](https://togithub.com/actions/checkout/blob/HEAD/CHANGELOG.md#v417)

[Compare
Source](https://togithub.com/actions/checkout/compare/v4.1.6...v4.1.7)

- Bump the minor-npm-dependencies group across 1 directory with 4
updates by [@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/actions/checkout/pull/1739](https://togithub.com/actions/checkout/pull/1739)
- Bump actions/checkout from 3 to 4 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/actions/checkout/pull/1697](https://togithub.com/actions/checkout/pull/1697)
- Check out other refs/\* by commit by
[@&#8203;orhantoy](https://togithub.com/orhantoy) in
[https://github.com/actions/checkout/pull/1774](https://togithub.com/actions/checkout/pull/1774)
- Pin actions/checkout's own workflows to a known, good, stable version.
by [@&#8203;jww3](https://togithub.com/jww3) in
[https://github.com/actions/checkout/pull/1776](https://togithub.com/actions/checkout/pull/1776)

###
[`v4.1.6`](https://togithub.com/actions/checkout/blob/HEAD/CHANGELOG.md#v416)

[Compare
Source](https://togithub.com/actions/checkout/compare/v4.1.5...v4.1.6)

- Check platform to set archive extension appropriately by
[@&#8203;cory-miller](https://togithub.com/cory-miller) in
[https://github.com/actions/checkout/pull/1732](https://togithub.com/actions/checkout/pull/1732)

###
[`v4.1.5`](https://togithub.com/actions/checkout/releases/tag/v4.1.5)

[Compare
Source](https://togithub.com/actions/checkout/compare/v4.1.4...v4.1.5)

#### What's Changed

- Update NPM dependencies by
[@&#8203;cory-miller](https://togithub.com/cory-miller) in
[https://github.com/actions/checkout/pull/1703](https://togithub.com/actions/checkout/pull/1703)
- Bump github/codeql-action from 2 to 3 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/actions/checkout/pull/1694](https://togithub.com/actions/checkout/pull/1694)
- Bump actions/setup-node from 1 to 4 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/actions/checkout/pull/1696](https://togithub.com/actions/checkout/pull/1696)
- Bump actions/upload-artifact from 2 to 4 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/actions/checkout/pull/1695](https://togithub.com/actions/checkout/pull/1695)
- README: Suggest `user.email` to be
`41898282+github-actions[bot]@&#8203;users.noreply.github.com` by
[@&#8203;cory-miller](https://togithub.com/cory-miller) in
[https://github.com/actions/checkout/pull/1707](https://togithub.com/actions/checkout/pull/1707)

**Full Changelog**:
actions/checkout@v4.1.4...v4.1.5

###
[`v4.1.4`](https://togithub.com/actions/checkout/blob/HEAD/CHANGELOG.md#v414)

[Compare
Source](https://togithub.com/actions/checkout/compare/v4.1.3...v4.1.4)

- Disable `extensions.worktreeConfig` when disabling `sparse-checkout`
by [@&#8203;jww3](https://togithub.com/jww3) in
[https://github.com/actions/checkout/pull/1692](https://togithub.com/actions/checkout/pull/1692)
- Add dependabot config by
[@&#8203;cory-miller](https://togithub.com/cory-miller) in
[https://github.com/actions/checkout/pull/1688](https://togithub.com/actions/checkout/pull/1688)
- Bump the minor-actions-dependencies group with 2 updates by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/actions/checkout/pull/1693](https://togithub.com/actions/checkout/pull/1693)
- Bump word-wrap from 1.2.3 to 1.2.5 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/actions/checkout/pull/1643](https://togithub.com/actions/checkout/pull/1643)

###
[`v4.1.3`](https://togithub.com/actions/checkout/releases/tag/v4.1.3)

[Compare
Source](https://togithub.com/actions/checkout/compare/v4.1.2...v4.1.3)

#### What's Changed

- Update `actions/checkout` version in `update-main-version.yml` by
[@&#8203;jww3](https://togithub.com/jww3) in
[https://github.com/actions/checkout/pull/1650](https://togithub.com/actions/checkout/pull/1650)
- Check git version before attempting to disable `sparse-checkout` by
[@&#8203;jww3](https://togithub.com/jww3) in
[https://github.com/actions/checkout/pull/1656](https://togithub.com/actions/checkout/pull/1656)
- Add SSH user parameter by
[@&#8203;cory-miller](https://togithub.com/cory-miller) in
[https://github.com/actions/checkout/pull/1685](https://togithub.com/actions/checkout/pull/1685)

**Full Changelog**:
actions/checkout@v4.1.2...v4.1.3

###
[`v4.1.2`](https://togithub.com/actions/checkout/blob/HEAD/CHANGELOG.md#v412)

[Compare
Source](https://togithub.com/actions/checkout/compare/v4.1.1...v4.1.2)

- Fix: Disable sparse checkout whenever `sparse-checkout` option is not
present [@&#8203;dscho](https://togithub.com/dscho) in
[https://github.com/actions/checkout/pull/1598](https://togithub.com/actions/checkout/pull/1598)

</details>

<details>
<summary>actions/dependency-review-action
(actions/dependency-review-action)</summary>

###
[`v4.3.3`](https://togithub.com/actions/dependency-review-action/releases/tag/v4.3.3):
Notes for v4.3.3

[Compare
Source](https://togithub.com/actions/dependency-review-action/compare/v4.3.2...v4.3.3)

#### What's Changed

- Allow slashes in purl package names by
[@&#8203;juxtin](https://togithub.com/juxtin) in
[https://github.com/actions/dependency-review-action/pull/765](https://togithub.com/actions/dependency-review-action/pull/765)
- use the v3 version of the deps.dev API by
[@&#8203;josieang](https://togithub.com/josieang) in
[https://github.com/actions/dependency-review-action/pull/741](https://togithub.com/actions/dependency-review-action/pull/741)
- PR with suggestions - \[Improvement]: Help streamline / simplify
dependency review action README by
[@&#8203;am-stead](https://togithub.com/am-stead) in
[https://github.com/actions/dependency-review-action/pull/773](https://togithub.com/actions/dependency-review-action/pull/773)
- fix show-openssf-scorecard-levels input by
[@&#8203;ramann](https://togithub.com/ramann) in
[https://github.com/actions/dependency-review-action/pull/776](https://togithub.com/actions/dependency-review-action/pull/776)
- Updates to the contribution guidelines by
[@&#8203;jonjanego](https://togithub.com/jonjanego) in
[https://github.com/actions/dependency-review-action/pull/778](https://togithub.com/actions/dependency-review-action/pull/778)
- Create issue templates by
[@&#8203;jonjanego](https://togithub.com/jonjanego) in
[https://github.com/actions/dependency-review-action/pull/777](https://togithub.com/actions/dependency-review-action/pull/777)
- Fix the max comment length issue by
[@&#8203;jhutchings1](https://togithub.com/jhutchings1) and
[@&#8203;elireisman](https://togithub.com/elireisman) in
[https://github.com/actions/dependency-review-action/pull/767](https://togithub.com/actions/dependency-review-action/pull/767)
- Bump project version to 4.3.3 in prep for a release by
[@&#8203;elireisman](https://togithub.com/elireisman) in
[https://github.com/actions/dependency-review-action/pull/781](https://togithub.com/actions/dependency-review-action/pull/781)

#### New Contributors

- [@&#8203;josieang](https://togithub.com/josieang) made their first
contribution in
[https://github.com/actions/dependency-review-action/pull/741](https://togithub.com/actions/dependency-review-action/pull/741)
- [@&#8203;am-stead](https://togithub.com/am-stead) made their first
contribution in
[https://github.com/actions/dependency-review-action/pull/773](https://togithub.com/actions/dependency-review-action/pull/773)
- [@&#8203;ramann](https://togithub.com/ramann) made their first
contribution in
[https://github.com/actions/dependency-review-action/pull/776](https://togithub.com/actions/dependency-review-action/pull/776)

**Full Changelog**:
actions/dependency-review-action@v4.3.2...v4.3.3

###
[`v4.3.2`](https://togithub.com/actions/dependency-review-action/releases/tag/v4.3.2)

[Compare
Source](https://togithub.com/actions/dependency-review-action/compare/v4.3.1...v4.3.2)

#### What's Changed

- Fix package-url parsing for allow-dependencies-licenses by
[@&#8203;juxtin](https://togithub.com/juxtin) in
[https://github.com/actions/dependency-review-action/pull/761](https://togithub.com/actions/dependency-review-action/pull/761)

**Full Changelog**:
actions/dependency-review-action@v4.3.1...v4.3.2

###
[`v4.3.1`](https://togithub.com/actions/dependency-review-action/releases/tag/v4.3.1)

[Compare
Source](https://togithub.com/actions/dependency-review-action/compare/v4.3.0...v4.3.1)

#### What's Changed

This release fixes some bugs related to package-url parsing that were
introduced in 4.3.0. See
[https://github.com/actions/dependency-review-action/pull/753](https://togithub.com/actions/dependency-review-action/pull/753).

**Full Changelog**:
actions/dependency-review-action@V4.3.0...v4.3.1

###
[`v4.3.0`](https://togithub.com/actions/dependency-review-action/releases/tag/v4.3.0)

[Compare
Source](https://togithub.com/actions/dependency-review-action/compare/v4.2.5...v4.3.0)

#### New Features

- The `deny-packages` option can now be used without a version number to
exclude *all* versions of a package.

#### What's Changed

- Fix action variable name for scorecard by
[@&#8203;lukehinds](https://togithub.com/lukehinds) in
[https://github.com/actions/dependency-review-action/pull/735](https://togithub.com/actions/dependency-review-action/pull/735)
- Fix extra https:// in summary by
[@&#8203;jhutchings1](https://togithub.com/jhutchings1) in
[https://github.com/actions/dependency-review-action/pull/748](https://togithub.com/actions/dependency-review-action/pull/748)
- Bump typescript from 5.3.3 to 5.4.5 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/actions/dependency-review-action/pull/744](https://togithub.com/actions/dependency-review-action/pull/744)
- Bump eslint-plugin-github from 4.10.1 to 4.10.2 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/actions/dependency-review-action/pull/737](https://togithub.com/actions/dependency-review-action/pull/737)
- Show denied packages with red X by
[@&#8203;juxtin](https://togithub.com/juxtin) in
[https://github.com/actions/dependency-review-action/pull/750](https://togithub.com/actions/dependency-review-action/pull/750)
- deny-packages configuration option can deny specified version or all
packages by [@&#8203;febuiles](https://togithub.com/febuiles) and
[@&#8203;bteng22](https://togithub.com/bteng22) in
[https://github.com/actions/dependency-review-action/pull/733](https://togithub.com/actions/dependency-review-action/pull/733)

#### New Contributors

- [@&#8203;bteng22](https://togithub.com/bteng22) made their first
contribution in
[https://github.com/actions/dependency-review-action/pull/733](https://togithub.com/actions/dependency-review-action/pull/733)
- [@&#8203;lukehinds](https://togithub.com/lukehinds) made their first
contribution in
[https://github.com/actions/dependency-review-action/pull/735](https://togithub.com/actions/dependency-review-action/pull/735)

**Full Changelog**:
actions/dependency-review-action@v4.2.5...V4.3.0

</details>

<details>
<summary>actions/download-artifact (actions/download-artifact)</summary>

###
[`v4.1.7`](https://togithub.com/actions/download-artifact/releases/tag/v4.1.7)

[Compare
Source](https://togithub.com/actions/download-artifact/compare/v4.1.6...v4.1.7)

#### What's Changed

- Update
[@&#8203;actions/artifact](https://togithub.com/actions/artifact)
dependency by [@&#8203;bethanyj28](https://togithub.com/bethanyj28) in
[https://github.com/actions/download-artifact/pull/325](https://togithub.com/actions/download-artifact/pull/325)

**Full Changelog**:
actions/download-artifact@v4.1.6...v4.1.7

###
[`v4.1.6`](https://togithub.com/actions/download-artifact/releases/tag/v4.1.6)

[Compare
Source](https://togithub.com/actions/download-artifact/compare/v4.1.5...v4.1.6)

#### What's Changed

- updating `@actions/artifact` dependency to v2.1.6 by
[@&#8203;eggyhead](https://togithub.com/eggyhead) in
[https://github.com/actions/download-artifact/pull/324](https://togithub.com/actions/download-artifact/pull/324)

**Full Changelog**:
actions/download-artifact@v4.1.5...v4.1.6

###
[`v4.1.5`](https://togithub.com/actions/download-artifact/releases/tag/v4.1.5)

[Compare
Source](https://togithub.com/actions/download-artifact/compare/v4.1.4...v4.1.5)

#### What's Changed

- Update readme with v3/v2/v1 deprecation notice by
[@&#8203;robherley](https://togithub.com/robherley) in
[https://github.com/actions/download-artifact/pull/322](https://togithub.com/actions/download-artifact/pull/322)
- Update dependencies `@actions/core` to v1.10.1 and `@actions/artifact`
to v2.1.5

**Full Changelog**:
actions/download-artifact@v4.1.4...v4.1.5

</details>

<details>
<summary>actions/setup-go (actions/setup-go)</summary>

###
[`v5.0.1`](https://togithub.com/actions/setup-go/releases/tag/v5.0.1)

[Compare
Source](https://togithub.com/actions/setup-go/compare/v5.0.0...v5.0.1)

#### What's Changed

- Bump undici from 5.28.2 to 5.28.3 and dependencies upgrade by
[@&#8203;dependabot](https://togithub.com/dependabot) ,
[@&#8203;HarithaVattikuti](https://togithub.com/HarithaVattikuti) in
[https://github.com/actions/setup-go/pull/465](https://togithub.com/actions/setup-go/pull/465)
- Update documentation with latest V5 release notes by
[@&#8203;ab](https://togithub.com/ab) in
[https://github.com/actions/setup-go/pull/459](https://togithub.com/actions/setup-go/pull/459)
- Update version documentation by
[@&#8203;178inaba](https://togithub.com/178inaba) in
[https://github.com/actions/setup-go/pull/458](https://togithub.com/actions/setup-go/pull/458)
- Documentation update of `actions/setup-go` to v5 by
[@&#8203;chenrui333](https://togithub.com/chenrui333) in
[https://github.com/actions/setup-go/pull/449](https://togithub.com/actions/setup-go/pull/449)

#### New Contributors

- [@&#8203;ab](https://togithub.com/ab) made their first contribution in
[https://github.com/actions/setup-go/pull/459](https://togithub.com/actions/setup-go/pull/459)

**Full Changelog**:
actions/setup-go@v5.0.0...v5.0.1

</details>

<details>
<summary>actions/upload-artifact (actions/upload-artifact)</summary>

###
[`v4.3.3`](https://togithub.com/actions/upload-artifact/releases/tag/v4.3.3)

[Compare
Source](https://togithub.com/actions/upload-artifact/compare/v4.3.2...v4.3.3)

##### What's Changed

- updating `@actions/artifact` dependency to v2.1.6 by
[@&#8203;eggyhead](https://togithub.com/eggyhead) in
[https://github.com/actions/upload-artifact/pull/565](https://togithub.com/actions/upload-artifact/pull/565)

**Full Changelog**:
actions/upload-artifact@v4.3.2...v4.3.3

###
[`v4.3.2`](https://togithub.com/actions/upload-artifact/releases/tag/v4.3.2)

[Compare
Source](https://togithub.com/actions/upload-artifact/compare/v4.3.1...v4.3.2)

#### What's Changed

- Update release-new-action-version.yml by
[@&#8203;konradpabjan](https://togithub.com/konradpabjan) in
[https://github.com/actions/upload-artifact/pull/516](https://togithub.com/actions/upload-artifact/pull/516)
- Minor fix to the migration readme by
[@&#8203;andrewakim](https://togithub.com/andrewakim) in
[https://github.com/actions/upload-artifact/pull/523](https://togithub.com/actions/upload-artifact/pull/523)
- Update readme with v3/v2/v1 deprecation notice by
[@&#8203;robherley](https://togithub.com/robherley) in
[https://github.com/actions/upload-artifact/pull/561](https://togithub.com/actions/upload-artifact/pull/561)
- updating `@actions/artifact` dependency to v2.1.5 and `@actions/core`
to v1.0.1 by [@&#8203;eggyhead](https://togithub.com/eggyhead) in
[https://github.com/actions/upload-artifact/pull/562](https://togithub.com/actions/upload-artifact/pull/562)

#### New Contributors

- [@&#8203;andrewakim](https://togithub.com/andrewakim) made their first
contribution in
[https://github.com/actions/upload-artifact/pull/523](https://togithub.com/actions/upload-artifact/pull/523)

**Full Changelog**:
actions/upload-artifact@v4.3.1...v4.3.2

</details>

<details>
<summary>actionsdesk/lfs-warning (actionsdesk/lfs-warning)</summary>

### [`v3.3`](https://togithub.com/ppremk/lfs-warning/releases/tag/v3.3)

[Compare
Source](https://togithub.com/actionsdesk/lfs-warning/compare/v3.2...v3.3)

#### What's Changed

- update node js to 16 by
[@&#8203;GlazerMann](https://togithub.com/GlazerMann) in
[https://github.com/ppremk/lfs-warning/pull/148](https://togithub.com/ppremk/lfs-warning/pull/148)
- Fixing README to match repo move by
[@&#8203;samthebest](https://togithub.com/samthebest) in
[https://github.com/ppremk/lfs-warning/pull/153](https://togithub.com/ppremk/lfs-warning/pull/153)
- Update CODEOWNERS by [@&#8203;rajbos](https://togithub.com/rajbos) in
[https://github.com/ppremk/lfs-warning/pull/158](https://togithub.com/ppremk/lfs-warning/pull/158)
- Bump http-cache-semantics from 4.1.0 to 4.1.1 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/ppremk/lfs-warning/pull/151](https://togithub.com/ppremk/lfs-warning/pull/151)
- Bump [@&#8203;babel/traverse](https://togithub.com/babel/traverse)
from 7.15.4 to 7.23.4 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/ppremk/lfs-warning/pull/159](https://togithub.com/ppremk/lfs-warning/pull/159)
- Bump tough-cookie from 4.0.0 to 4.1.3 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/ppremk/lfs-warning/pull/160](https://togithub.com/ppremk/lfs-warning/pull/160)
- Bump cacheable-request and gts by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/ppremk/lfs-warning/pull/152](https://togithub.com/ppremk/lfs-warning/pull/152)
- Update emoji and convert file list to markdown list by
[@&#8203;rajbos](https://togithub.com/rajbos) in
[https://github.com/ppremk/lfs-warning/pull/161](https://togithub.com/ppremk/lfs-warning/pull/161)
- Bump got and gts by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/ppremk/lfs-warning/pull/155](https://togithub.com/ppremk/lfs-warning/pull/155)
- Exclude files without blob_url when getting PR blobs by
[@&#8203;rajbos](https://togithub.com/rajbos) in
[https://github.com/ppremk/lfs-warning/pull/162](https://togithub.com/ppremk/lfs-warning/pull/162)
- Support pull_request_target by
[@&#8203;rajbos](https://togithub.com/rajbos) in
[https://github.com/ppremk/lfs-warning/pull/164](https://togithub.com/ppremk/lfs-warning/pull/164)
- Update-node by [@&#8203;rajbos](https://togithub.com/rajbos) in
[https://github.com/ppremk/lfs-warning/pull/163](https://togithub.com/ppremk/lfs-warning/pull/163)
- Fix text setup for the issue comment by
[@&#8203;rajbos](https://togithub.com/rajbos) in
[https://github.com/ppremk/lfs-warning/pull/166](https://togithub.com/ppremk/lfs-warning/pull/166)
- Validate PR changes to make sure there are no changes missing by
[@&#8203;rajbos](https://togithub.com/rajbos) in
[https://github.com/ppremk/lfs-warning/pull/165](https://togithub.com/ppremk/lfs-warning/pull/165)
- Fix emoji by [@&#8203;rajbos](https://togithub.com/rajbos) in
[https://github.com/ppremk/lfs-warning/pull/167](https://togithub.com/ppremk/lfs-warning/pull/167)
- Bump undici from 5.28.2 to 5.28.4 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/ppremk/lfs-warning/pull/171](https://togithub.com/ppremk/lfs-warning/pull/171)

#### New Contributors

- [@&#8203;GlazerMann](https://togithub.com/GlazerMann) made their first
contribution in
[https://github.com/ppremk/lfs-warning/pull/148](https://togithub.com/ppremk/lfs-warning/pull/148)
- [@&#8203;samthebest](https://togithub.com/samthebest) made their first
contribution in
[https://github.com/ppremk/lfs-warning/pull/153](https://togithub.com/ppremk/lfs-warning/pull/153)
- [@&#8203;rajbos](https://togithub.com/rajbos) made their first
contribution in
[https://github.com/ppremk/lfs-warning/pull/158](https://togithub.com/ppremk/lfs-warning/pull/158)

**Full Changelog**:
ppremk/lfs-warning@v3.2...v3.3

</details>

<details>
<summary>github/codeql-action (github/codeql-action)</summary>

###
[`v3.25.11`](https://togithub.com/github/codeql-action/compare/v3.25.10...v3.25.11)

[Compare
Source](https://togithub.com/github/codeql-action/compare/v3.25.10...v3.25.11)

###
[`v3.25.10`](https://togithub.com/github/codeql-action/compare/v3.25.9...v3.25.10)

[Compare
Source](https://togithub.com/github/codeql-action/compare/v3.25.9...v3.25.10)

###
[`v3.25.9`](https://togithub.com/github/codeql-action/compare/v3.25.8...v3.25.9)

[Compare
Source](https://togithub.com/github/codeql-action/compare/v3.25.8...v3.25.9)

###
[`v3.25.8`](https://togithub.com/github/codeql-action/compare/v3.25.7...v3.25.8)

[Compare
Source](https://togithub.com/github/codeql-action/compare/v3.25.7...v3.25.8)

###
[`v3.25.7`](https://togithub.com/github/codeql-action/compare/v3.25.6...v3.25.7)

[Compare
Source](https://togithub.com/github/codeql-action/compare/v3.25.6...v3.25.7)

###
[`v3.25.6`](https://togithub.com/github/codeql-action/compare/v3.25.5...v3.25.6)

[Compare
Source](https://togithub.com/github/codeql-action/compare/v3.25.5...v3.25.6)

###
[`v3.25.5`](https://togithub.com/github/codeql-action/compare/v3.25.4...v3.25.5)

[Compare
Source](https://togithub.com/github/codeql-action/compare/v3.25.4...v3.25.5)

###
[`v3.25.4`](https://togithub.com/github/codeql-action/compare/v3.25.3...v3.25.4)

[Compare
Source](https://togithub.com/github/codeql-action/compare/v3.25.3...v3.25.4)

###
[`v3.25.3`](https://togithub.com/github/codeql-action/compare/v3.25.2...v3.25.3)

[Compare
Source](https://togithub.com/github/codeql-action/compare/v3.25.2...v3.25.3)

###
[`v3.25.2`](https://togithub.com/github/codeql-action/compare/v3.25.1...v3.25.2)

[Compare
Source](https://togithub.com/github/codeql-action/compare/v3.25.1...v3.25.2)

###
[`v3.25.1`](https://togithub.com/github/codeql-action/compare/v3.25.0...v3.25.1)

[Compare
Source](https://togithub.com/github/codeql-action/compare/v3.25.0...v3.25.1)

###
[`v3.25.0`](https://togithub.com/github/codeql-action/compare/v3.24.10...v3.25.0)

[Compare
Source](https://togithub.com/github/codeql-action/compare/v3.24.11...v3.25.0)

###
[`v3.24.11`](https://togithub.com/github/codeql-action/compare/v3.24.10...v3.24.11)

[Compare
Source](https://togithub.com/github/codeql-action/compare/v3.24.10...v3.24.11)

###
[`v3.24.10`](https://togithub.com/github/codeql-action/compare/v3.24.9...v3.24.10)

[Compare
Source](https://togithub.com/github/codeql-action/compare/v3.24.9...v3.24.10)

</details>

<details>
<summary>ossf/scorecard-action (ossf/scorecard-action)</summary>

###
[`v2.3.3`](https://togithub.com/ossf/scorecard-action/releases/tag/v2.3.3)

[Compare
Source](https://togithub.com/ossf/scorecard-action/compare/v2.3.2...v2.3.3)

> \[!NOTE]\
> There is no v2.3.2 release as a step was skipped in the release
process. This was fixed and re-released under the v2.3.3 tag

#### What's Changed

- 🌱 Bump github.com/ossf/scorecard/v4 (v4.13.1) to
github.com/ossf/scorecard/v5 (v5.0.0-rc1) by
[@&#8203;spencerschrock](https://togithub.com/spencerschrock) in
[https://github.com/ossf/scorecard-action/pull/1366](https://togithub.com/ossf/scorecard-action/pull/1366)
- 🌱 Bump github.com/ossf/scorecard/v5 from v5.0.0-rc1 to
v5.0.0-rc2 by
[@&#8203;spencerschrock](https://togithub.com/spencerschrock) in
[https://github.com/ossf/scorecard-action/pull/1374](https://togithub.com/ossf/scorecard-action/pull/1374)
- 🌱 Bump github.com/ossf/scorecard/v5 from v5.0.0-rc2 to
v5.0.0-rc2.0.20240509182734-7ce860946928 by
[@&#8203;spencerschrock](https://togithub.com/spencerschrock) in
[https://github.com/ossf/scorecard-action/pull/1377](https://togithub.com/ossf/scorecard-action/pull/1377)

For a full changelist of what these include, see the
[v5.0.0-rc1](https://togithub.com/ossf/scorecard/releases/tag/v5.0.0-rc1)
and
[v5.0.0-rc2](https://togithub.com/ossf/scorecard/releases/tag/v5.0.0-rc2)
release notes.

##### Documentation

- 📖 Move token discussion out of main README. by
[@&#8203;spencerschrock](https://togithub.com/spencerschrock) in
[https://github.com/ossf/scorecard-action/pull/1279](https://togithub.com/ossf/scorecard-action/pull/1279)
- 📖 link to `ossf/scorecard` workflow instead of maintaining an
example by [@&#8203;spencerschrock](https://togithub.com/spencerschrock)
in
[https://github.com/ossf/scorecard-action/pull/1352](https://togithub.com/ossf/scorecard-action/pull/1352)
- 📖 update api links to new scorecard.dev site by
[@&#8203;spencerschrock](https://togithub.com/spencerschrock) in
[https://github.com/ossf/scorecard-action/pull/1376](https://togithub.com/ossf/scorecard-action/pull/1376)

**Full Changelog**:
ossf/scorecard-action@v2.3.1...v2.3.3

###
[`v2.3.2`](https://togithub.com/ossf/scorecard-action/compare/v2.3.1...v2.3.2)

[Compare
Source](https://togithub.com/ossf/scorecard-action/compare/v2.3.1...v2.3.2)

</details>

<details>
<summary>slsa-framework/slsa-verifier
(slsa-framework/slsa-verifier)</summary>

###
[`v2.5.1`](https://togithub.com/slsa-framework/slsa-verifier/releases/tag/v2.5.1)

[Compare
Source](https://togithub.com/slsa-framework/slsa-verifier/compare/v2.4.1...v2.5.1)

#### What's Changed

- feat: Add cosign registry opts for provenance registry by
[@&#8203;saisatishkarra](https://togithub.com/saisatishkarra) in
[https://github.com/slsa-framework/slsa-verifier/pull/729](https://togithub.com/slsa-framework/slsa-verifier/pull/729)
and
[https://github.com/slsa-framework/slsa-verifier/pull/736](https://togithub.com/slsa-framework/slsa-verifier/pull/736)
- feat: Add support for DSSE Rekor type by
[@&#8203;haydentherapper](https://togithub.com/haydentherapper) in
[https://github.com/slsa-framework/slsa-verifier/pull/742](https://togithub.com/slsa-framework/slsa-verifier/pull/742)

#### New Contributors

- [@&#8203;saisatishkarra](https://togithub.com/saisatishkarra) made
their first contribution in
[https://github.com/slsa-framework/slsa-verifier/pull/729](https://togithub.com/slsa-framework/slsa-verifier/pull/729)
- [@&#8203;ramonpetgrave64](https://togithub.com/ramonpetgrave64) made
their first contribution in
[https://github.com/slsa-framework/slsa-verifier/pull/737](https://togithub.com/slsa-framework/slsa-verifier/pull/737)
- [@&#8203;haydentherapper](https://togithub.com/haydentherapper) made
their first contribution in
[https://github.com/slsa-framework/slsa-verifier/pull/742](https://togithub.com/slsa-framework/slsa-verifier/pull/742)

**Full Changelog**:
v2.4.1...v2.5.1

</details>

---

### Configuration

📅 **Schedule**: Branch creation - "before 4am on the first day of the
month" (UTC), Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

👻 **Immortal**: This PR will be recreated if closed unmerged. Get
[config help](https://togithub.com/renovatebot/renovate/discussions) if
that's undesired.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View
repository job log
[here](https://developer.mend.io/github/slsa-framework/slsa-verifier).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy40MjEuMCIsInVwZGF0ZWRJblZlciI6IjM3LjQyMS4wIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6W119-->

Co-authored-by: Ramon Petgrave <32398091+ramonpetgrave64@users.noreply.github.com>
cuixq referenced this pull request in google/osv-scanner Jul 2, 2024
[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Type | Update | Change |
|---|---|---|---|
| [actions/checkout](https://togithub.com/actions/checkout) | action |
patch | `v4.1.1` -> `v4.1.7` |
| [actions/setup-go](https://togithub.com/actions/setup-go) | action |
patch | `v5.0.0` -> `v5.0.1` |
| [github/codeql-action](https://togithub.com/github/codeql-action) |
action | patch | `v3.25.10` -> `v3.25.11` |
| [r-lib/actions](https://togithub.com/r-lib/actions) | action | minor |
`v2.8.7` -> `v2.9.0` |
| [ruby/setup-ruby](https://togithub.com/ruby/setup-ruby) | action |
minor | `v1.175.1` -> `v1.183.0` |
| [shivammathur/setup-php](https://togithub.com/shivammathur/setup-php)
| action | minor | `v2.30.4` -> `2.31.0` |

---

> [!WARNING]
> Some dependencies could not be looked up. Check the Dependency
Dashboard for more information.

---

### Release Notes

<details>
<summary>actions/checkout (actions/checkout)</summary>

###
[`v4.1.7`](https://togithub.com/actions/checkout/blob/HEAD/CHANGELOG.md#v417)

[Compare
Source](https://togithub.com/actions/checkout/compare/v4.1.6...v4.1.7)

- Bump the minor-npm-dependencies group across 1 directory with 4
updates by [@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/actions/checkout/pull/1739](https://togithub.com/actions/checkout/pull/1739)
- Bump actions/checkout from 3 to 4 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/actions/checkout/pull/1697](https://togithub.com/actions/checkout/pull/1697)
- Check out other refs/\* by commit by
[@&#8203;orhantoy](https://togithub.com/orhantoy) in
[https://github.com/actions/checkout/pull/1774](https://togithub.com/actions/checkout/pull/1774)
- Pin actions/checkout's own workflows to a known, good, stable version.
by [@&#8203;jww3](https://togithub.com/jww3) in
[https://github.com/actions/checkout/pull/1776](https://togithub.com/actions/checkout/pull/1776)

###
[`v4.1.6`](https://togithub.com/actions/checkout/blob/HEAD/CHANGELOG.md#v416)

[Compare
Source](https://togithub.com/actions/checkout/compare/v4.1.5...v4.1.6)

- Check platform to set archive extension appropriately by
[@&#8203;cory-miller](https://togithub.com/cory-miller) in
[https://github.com/actions/checkout/pull/1732](https://togithub.com/actions/checkout/pull/1732)

###
[`v4.1.5`](https://togithub.com/actions/checkout/releases/tag/v4.1.5)

[Compare
Source](https://togithub.com/actions/checkout/compare/v4.1.4...v4.1.5)

#### What's Changed

- Update NPM dependencies by
[@&#8203;cory-miller](https://togithub.com/cory-miller) in
[https://github.com/actions/checkout/pull/1703](https://togithub.com/actions/checkout/pull/1703)
- Bump github/codeql-action from 2 to 3 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/actions/checkout/pull/1694](https://togithub.com/actions/checkout/pull/1694)
- Bump actions/setup-node from 1 to 4 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/actions/checkout/pull/1696](https://togithub.com/actions/checkout/pull/1696)
- Bump actions/upload-artifact from 2 to 4 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/actions/checkout/pull/1695](https://togithub.com/actions/checkout/pull/1695)
- README: Suggest `user.email` to be
`41898282+github-actions[bot]@&#8203;users.noreply.github.com` by
[@&#8203;cory-miller](https://togithub.com/cory-miller) in
[https://github.com/actions/checkout/pull/1707](https://togithub.com/actions/checkout/pull/1707)

**Full Changelog**:
actions/checkout@v4.1.4...v4.1.5

###
[`v4.1.4`](https://togithub.com/actions/checkout/blob/HEAD/CHANGELOG.md#v414)

[Compare
Source](https://togithub.com/actions/checkout/compare/v4.1.3...v4.1.4)

- Disable `extensions.worktreeConfig` when disabling `sparse-checkout`
by [@&#8203;jww3](https://togithub.com/jww3) in
[https://github.com/actions/checkout/pull/1692](https://togithub.com/actions/checkout/pull/1692)
- Add dependabot config by
[@&#8203;cory-miller](https://togithub.com/cory-miller) in
[https://github.com/actions/checkout/pull/1688](https://togithub.com/actions/checkout/pull/1688)
- Bump the minor-actions-dependencies group with 2 updates by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/actions/checkout/pull/1693](https://togithub.com/actions/checkout/pull/1693)
- Bump word-wrap from 1.2.3 to 1.2.5 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/actions/checkout/pull/1643](https://togithub.com/actions/checkout/pull/1643)

###
[`v4.1.3`](https://togithub.com/actions/checkout/releases/tag/v4.1.3)

[Compare
Source](https://togithub.com/actions/checkout/compare/v4.1.2...v4.1.3)

#### What's Changed

- Update `actions/checkout` version in `update-main-version.yml` by
[@&#8203;jww3](https://togithub.com/jww3) in
[https://github.com/actions/checkout/pull/1650](https://togithub.com/actions/checkout/pull/1650)
- Check git version before attempting to disable `sparse-checkout` by
[@&#8203;jww3](https://togithub.com/jww3) in
[https://github.com/actions/checkout/pull/1656](https://togithub.com/actions/checkout/pull/1656)
- Add SSH user parameter by
[@&#8203;cory-miller](https://togithub.com/cory-miller) in
[https://github.com/actions/checkout/pull/1685](https://togithub.com/actions/checkout/pull/1685)

**Full Changelog**:
actions/checkout@v4.1.2...v4.1.3

###
[`v4.1.2`](https://togithub.com/actions/checkout/blob/HEAD/CHANGELOG.md#v412)

[Compare
Source](https://togithub.com/actions/checkout/compare/v4.1.1...v4.1.2)

- Fix: Disable sparse checkout whenever `sparse-checkout` option is not
present [@&#8203;dscho](https://togithub.com/dscho) in
[https://github.com/actions/checkout/pull/1598](https://togithub.com/actions/checkout/pull/1598)

</details>

<details>
<summary>actions/setup-go (actions/setup-go)</summary>

###
[`v5.0.1`](https://togithub.com/actions/setup-go/releases/tag/v5.0.1)

[Compare
Source](https://togithub.com/actions/setup-go/compare/v5.0.0...v5.0.1)

#### What's Changed

- Bump undici from 5.28.2 to 5.28.3 and dependencies upgrade by
[@&#8203;dependabot](https://togithub.com/dependabot) ,
[@&#8203;HarithaVattikuti](https://togithub.com/HarithaVattikuti) in
[https://github.com/actions/setup-go/pull/465](https://togithub.com/actions/setup-go/pull/465)
- Update documentation with latest V5 release notes by
[@&#8203;ab](https://togithub.com/ab) in
[https://github.com/actions/setup-go/pull/459](https://togithub.com/actions/setup-go/pull/459)
- Update version documentation by
[@&#8203;178inaba](https://togithub.com/178inaba) in
[https://github.com/actions/setup-go/pull/458](https://togithub.com/actions/setup-go/pull/458)
- Documentation update of `actions/setup-go` to v5 by
[@&#8203;chenrui333](https://togithub.com/chenrui333) in
[https://github.com/actions/setup-go/pull/449](https://togithub.com/actions/setup-go/pull/449)

#### New Contributors

- [@&#8203;ab](https://togithub.com/ab) made their first contribution in
[https://github.com/actions/setup-go/pull/459](https://togithub.com/actions/setup-go/pull/459)

**Full Changelog**:
actions/setup-go@v5.0.0...v5.0.1

</details>

<details>
<summary>github/codeql-action (github/codeql-action)</summary>

###
[`v3.25.11`](https://togithub.com/github/codeql-action/compare/v3.25.10...v3.25.11)

[Compare
Source](https://togithub.com/github/codeql-action/compare/v3.25.10...v3.25.11)

</details>

<details>
<summary>r-lib/actions (r-lib/actions)</summary>

###
[`v2.9.0`](https://togithub.com/r-lib/actions/compare/v2.8.7...v2.9.0)

[Compare
Source](https://togithub.com/r-lib/actions/compare/v2.8.7...v2.9.0)

</details>

<details>
<summary>ruby/setup-ruby (ruby/setup-ruby)</summary>

###
[`v1.183.0`](https://togithub.com/ruby/setup-ruby/releases/tag/v1.183.0)

[Compare
Source](https://togithub.com/ruby/setup-ruby/compare/v1.182.0...v1.183.0)

**Full Changelog**:
ruby/setup-ruby@v1.182.0...v1.183.0

###
[`v1.182.0`](https://togithub.com/ruby/setup-ruby/releases/tag/v1.182.0)

[Compare
Source](https://togithub.com/ruby/setup-ruby/compare/v1.181.0...v1.182.0)

**Full Changelog**:
ruby/setup-ruby@v1.181.0...v1.182.0

###
[`v1.181.0`](https://togithub.com/ruby/setup-ruby/releases/tag/v1.181.0)

[Compare
Source](https://togithub.com/ruby/setup-ruby/compare/v1.180.1...v1.181.0)

##### What's Changed

- Add jruby-9.3.15.0 by
[@&#8203;ruby-builder-bot](https://togithub.com/ruby-builder-bot) in
[https://github.com/ruby/setup-ruby/pull/614](https://togithub.com/ruby/setup-ruby/pull/614)

**Full Changelog**:
ruby/setup-ruby@v1.180.1...v1.181.0

###
[`v1.180.1`](https://togithub.com/ruby/setup-ruby/releases/tag/v1.180.1):
Add ruby-3.3.3 on Windows

[Compare
Source](https://togithub.com/ruby/setup-ruby/compare/v1.180.0...v1.180.1)

###
[`v1.180.0`](https://togithub.com/ruby/setup-ruby/releases/tag/v1.180.0):
Add ruby-3.3.3

[Compare
Source](https://togithub.com/ruby/setup-ruby/compare/v1.179.1...v1.180.0)

###
[`v1.179.1`](https://togithub.com/ruby/setup-ruby/releases/tag/v1.179.1):
Improve error message for CRuby &lt; 2.6 on macos-arm64

[Compare
Source](https://togithub.com/ruby/setup-ruby/compare/v1.179.0...v1.179.1)

###
[`v1.179.0`](https://togithub.com/ruby/setup-ruby/releases/tag/v1.179.0):
Add ruby-3.1.6,ruby-3.3.2 on Windows

[Compare
Source](https://togithub.com/ruby/setup-ruby/compare/v1.178.0...v1.179.0)

#### What's Changed

- Update CRuby releases on Windows by
[@&#8203;ruby-builder-bot](https://togithub.com/ruby-builder-bot) in
[https://github.com/ruby/setup-ruby/pull/605](https://togithub.com/ruby/setup-ruby/pull/605)

**Full Changelog**:
ruby/setup-ruby@v1.178.0...v1.179.0

###
[`v1.178.0`](https://togithub.com/ruby/setup-ruby/releases/tag/v1.178.0):
Add ruby-3.1.6,ruby-3.3.2 and improve error messages

[Compare
Source](https://togithub.com/ruby/setup-ruby/compare/v1.177.1...v1.178.0)

#### What's Changed

- Add ruby-3.1.6,ruby-3.3.2 by
[@&#8203;ruby-builder-bot](https://togithub.com/ruby-builder-bot) in
[https://github.com/ruby/setup-ruby/pull/603](https://togithub.com/ruby/setup-ruby/pull/603)

**Full Changelog**:
ruby/setup-ruby@v1.177.1...v1.178.0

###
[`v1.177.1`](https://togithub.com/ruby/setup-ruby/releases/tag/v1.177.1):
Use downloadAndExtract() for truffleruby+graalvm too

[Compare
Source](https://togithub.com/ruby/setup-ruby/compare/v1.177.0...v1.177.1)

###
[`v1.177.0`](https://togithub.com/ruby/setup-ruby/releases/tag/v1.177.0):
Add support for ubuntu-24.04

[Compare
Source](https://togithub.com/ruby/setup-ruby/compare/v1.176.2...v1.177.0)

###
[`v1.176.2`](https://togithub.com/ruby/setup-ruby/releases/tag/v1.176.2):
Add ruby-3.4.0-preview1

[Compare
Source](https://togithub.com/ruby/setup-ruby/compare/v1.176.0...v1.176.2)

###
[`v1.176.0`](https://togithub.com/ruby/setup-ruby/releases/tag/v1.176.0):
Add jruby-9.4.7.0

[Compare
Source](https://togithub.com/ruby/setup-ruby/compare/v1.175.1...v1.176.0)

</details>

<details>
<summary>shivammathur/setup-php (shivammathur/setup-php)</summary>

###
[`v2.31.0`](https://togithub.com/shivammathur/setup-php/releases/tag/2.31.0)

[Compare
Source](https://togithub.com/shivammathur/setup-php/compare/2.30.5...2.31.0)

##### Changelog

- Added support for a fallback mirror for `ondrej/php` PPA when
launchpad is down
([#&#8203;834](https://togithub.com/shivammathur/setup-php/issues/834)).

- Fixed installing packages on self-hosted environments with existing
conf files
([#&#8203;852](https://togithub.com/shivammathur/setup-php/issues/852)).

-   Fixed support for `oci8` and `pdo_oci` extensions on `ubuntu-24.04`.

-   Fixed support for `couchbase` extension on `ubuntu-24.04`.

- Fixed support for `ubuntu-24.04` after `apt-fast` was dropped from the
GA images.

-   Fixed support for `firebird` extension on `macos-14`

-   Fixed support for `blackfire` extension on `macos-14`.

-   Fixed support for `relay` extension.

-   Fixed support for `phalcon` extension for PHP 7.4 on Ubuntu.

-   Updated Node.js dependencies.

For the complete list of changes, please refer to the [Full
Changelog](https://togithub.com/shivammathur/setup-php/compare/2.30.5...2.31.0)

<p>
  <h4>Follow for updates</h4>
<a href="https://reddit.com/r/setup_php" title="setup-php reddit"><img
alt="setup-php reddit"
src="https://img.shields.io/badge/reddit-join-FF5700?logo=reddit&logoColor=FF5700&labelColor=555555"></a>
<a href="https://twitter.com/setup_php" title="setup-php twitter"><img
alt="setup-php twitter"
src="https://img.shields.io/badge/twitter-follow-1DA1F2?logo=twitter&logoColor=1DA1F2&labelColor=555555"></a>
<a href="https://status.setup-php.com" title="setup-php status"><img
alt="setup-php status"
src="https://img.shields.io/badge/status-subscribe-28A745?logo=statuspage&logoColor=28A745&labelColor=555555"></a>
</p>

###
[`v2.30.5`](https://togithub.com/shivammathur/setup-php/releases/tag/2.30.5)

[Compare
Source](https://togithub.com/shivammathur/setup-php/compare/2.30.4...2.30.5)

##### Changelog

-   Added support for Ubuntu 24.04.

- Added support for `easy-coding-standard` in tools
([https://github.com/shivammathur/setup-php/pull/838](https://togithub.com/shivammathur/setup-php/pull/838))

-   Added support for zephir_parser for PHP 8.3.

- Fixed installing zts PHP versions on macOS
([https://github.com/shivammathur/setup-php/issues/847](https://togithub.com/shivammathur/setup-php/issues/847)).

- Fixed installing `ev` extension
([https://github.com/shivammathur/setup-php/issues/844](https://togithub.com/shivammathur/setup-php/issues/844)).

- Fixed support for `ioncube` extension
([https://github.com/shivammathur/setup-php/issues/840](https://togithub.com/shivammathur/setup-php/issues/840)).

-   Updated Node.js dependencies.

For the complete list of changes, please refer to the [Full
Changelog](https://togithub.com/shivammathur/setup-php/compare/2.30.4...2.30.5)

<p>
  <h4>Follow for updates</h4>
<a href="https://reddit.com/r/setup_php" title="setup-php reddit"><img
alt="setup-php reddit"
src="https://img.shields.io/badge/reddit-join-FF5700?logo=reddit&logoColor=FF5700&labelColor=555555"></a>
<a href="https://twitter.com/setup_php" title="setup-php twitter"><img
alt="setup-php twitter"
src="https://img.shields.io/badge/twitter-follow-1DA1F2?logo=twitter&logoColor=1DA1F2&labelColor=555555"></a>
<a href="https://status.setup-php.com" title="setup-php status"><img
alt="setup-php status"
src="https://img.shields.io/badge/status-subscribe-28A745?logo=statuspage&logoColor=28A745&labelColor=555555"></a>
</p>

</details>

---

### Configuration

📅 **Schedule**: Branch creation - "before 6am on monday" in timezone
Australia/Sydney, Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

👻 **Immortal**: This PR will be recreated if closed unmerged. Get
[config help](https://togithub.com/renovatebot/renovate/discussions) if
that's undesired.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View
repository job log
[here](https://developer.mend.io/github/google/osv-scanner).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy40MjEuMCIsInVwZGF0ZWRJblZlciI6IjM3LjQyMS4wIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJkZXBlbmRlbmNpZXMiXX0=-->

Co-authored-by: Xueqin Cui <72771658+cuixq@users.noreply.github.com>
Copy link

@ghost ghost left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

git add .
git commit -m

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

6 participants