NotificationsYou must be signed in to change notification settings
Fork1.1k
Star11.8k

Commit3f13859

authored

ci: bump the github-actions group with 4 updates (#21370)

Bumps the github-actions group with 4 updates:[step-security/harden-runner](https://github.com/step-security/harden-runner),[actions/cache](https://github.com/actions/cache),[actions/upload-artifact](https://github.com/actions/upload-artifact)and[actions/download-artifact](https://github.com/actions/download-artifact).Updates `step-security/harden-runner` from 2.13.2 to 2.14.0<details><summary>Release notes</summary><p><em>Sourced from <ahref="https://github.com/step-security/harden-runner/releases">step-security/harden-runner'sreleases</a>.</em></p><blockquote><h2>v2.14.0</h2><h2>What's Changed</h2><ul><li>Selective installation: Harden-Runner now skips installation onGitHub-hosted runners when the repository has a custom propertyskip_harden_runner, allowing organizations to opt out specificrepos.</li><li>Avoid double install: The action no longer installs Harden-Runner ifit’s already present on a GitHub-hosted runner, which could happen whena composite action also installs it.</li></ul><p><strong>Full Changelog</strong>: <ahref="https://github.com/step-security/harden-runner/compare/v2.13.3...v2.14.0">https://github.com/step-security/harden-runner/compare/v2.13.3...v2.14.0</a></p><h2>v2.13.3</h2><h2>What's Changed</h2><ul><li>Fixed an issue where process events were not uploaded in certainedge cases.</li></ul><p><strong>Full Changelog</strong>: <ahref="https://github.com/step-security/harden-runner/compare/v2.13.2...v2.13.3">https://github.com/step-security/harden-runner/compare/v2.13.2...v2.13.3</a></p></blockquote></details><details><summary>Commits</summary><ul><li><ahref="https://github.com/step-security/harden-runner/commit/20cf305ff2072d973412fa9b1e3a4f227bda3c76"><code>20cf305</code></a>Merge pull request <ahref="https://redirect.github.com/step-security/harden-runner/issues/622">#622</a>from step-security/feature/custom-property-skip</li><li><ahref="https://github.com/step-security/harden-runner/commit/c51e8eeb6c4fdcd08f65e43a051dacdbfaa69702"><code>c51e8ee</code></a>feat: skip agent install and post step on subsequent runs forGitHub-hosted r...</li><li><ahref="https://github.com/step-security/harden-runner/commit/e152b90204c3d85cefa1441b701a47a13ed28bd7"><code>e152b90</code></a>feat: skip harden-runner based on repository custom property</li><li><ahref="https://github.com/step-security/harden-runner/commit/ee1faec052d1000061fa79a13e030db11b3f86bd"><code>ee1faec</code></a>feat: replace skip-harden-runner with skip-on-custom-property input</li><li><ahref="https://github.com/step-security/harden-runner/commit/1dc7c1764659d537dab2a854b8e165a801103eb1"><code>1dc7c17</code></a>feat: add skip-harden-runner input to conditionally skip execution</li><li><ahref="https://github.com/step-security/harden-runner/commit/df199fb7be9f65074067a9eb93f12bb4c5547cf2"><code>df199fb</code></a>Merge pull request <ahref="https://redirect.github.com/step-security/harden-runner/issues/620">#620</a>from step-security/rc-29</li><li><ahref="https://github.com/step-security/harden-runner/commit/03d096a772368b1f0222005a6899d3e35a7f62df"><code>03d096a</code></a>update agent</li><li><ahref="https://github.com/step-security/harden-runner/commit/40901073af04afd40408833437092a7467798f33"><code>4090107</code></a>fix: update agent</li><li>See full diff in <ahref="https://github.com/step-security/harden-runner/compare/95d9a5deda9de15063e7595e9719c11c38c90ae2...20cf305ff2072d973412fa9b1e3a4f227bda3c76">compareview</a></li></ul></details><br />Updates `actions/cache` from 4.3.0 to 5.0.1<details><summary>Release notes</summary><p><em>Sourced from <ahref="https://github.com/actions/cache/releases">actions/cache'sreleases</a>.</em></p><blockquote><h2>v5.0.1</h2><blockquote><p>[!IMPORTANT]<strong><code>actions/cache@v5</code> runs on the Node.js 24 runtime andrequires a minimum Actions Runner version of<code>2.327.1</code>.</strong></p><p>If you are using self-hosted runners, ensure they are updated beforeupgrading.</p></blockquote><hr /><h1>v5.0.1</h1><h2>What's Changed</h2><ul><li>fix: update <code>@actions/cache</code> for Node.js 24 punycodedeprecation by <ahref="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <ahref="https://redirect.github.com/actions/cache/pull/1685">actions/cache#1685</a></li><li>prepare release v5.0.1 by <ahref="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <ahref="https://redirect.github.com/actions/cache/pull/1686">actions/cache#1686</a></li></ul><h1>v5.0.0</h1><h2>What's Changed</h2><ul><li>Upgrade to use node24 by <ahref="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <ahref="https://redirect.github.com/actions/cache/pull/1630">actions/cache#1630</a></li><li>Prepare v5.0.0 release by <ahref="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <ahref="https://redirect.github.com/actions/cache/pull/1684">actions/cache#1684</a></li></ul><p><strong>Full Changelog</strong>: <ahref="https://github.com/actions/cache/compare/v5...v5.0.1">https://github.com/actions/cache/compare/v5...v5.0.1</a></p><h2>v5.0.0</h2><blockquote><p>[!IMPORTANT]<strong><code>actions/cache@v5</code> runs on the Node.js 24 runtime andrequires a minimum Actions Runner version of<code>2.327.1</code>.</strong></p><p>If you are using self-hosted runners, ensure they are updated beforeupgrading.</p></blockquote><hr /><h2>What's Changed</h2><ul><li>Upgrade to use node24 by <ahref="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <ahref="https://redirect.github.com/actions/cache/pull/1630">actions/cache#1630</a></li><li>Prepare v5.0.0 release by <ahref="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <ahref="https://redirect.github.com/actions/cache/pull/1684">actions/cache#1684</a></li></ul><p><strong>Full Changelog</strong>: <ahref="https://github.com/actions/cache/compare/v4.3.0...v5.0.0">https://github.com/actions/cache/compare/v4.3.0...v5.0.0</a></p></blockquote></details><details><summary>Changelog</summary><p><em>Sourced from <ahref="https://github.com/actions/cache/blob/main/RELEASES.md">actions/cache'schangelog</a>.</em></p><blockquote><h1>Releases</h1><h2>Changelog</h2><h3>5.0.1</h3><ul><li>Update <code>@azure/storage-blob</code> to <code>^12.29.1</code> via<code>@actions/cache@5.0.1</code> <ahref="https://redirect.github.com/actions/cache/pull/1685">#1685</a></li></ul><h3>5.0.0</h3><blockquote><p>[!IMPORTANT]<code>actions/cache@v5</code> runs on the Node.js 24 runtime andrequires a minimum Actions Runner version of <code>2.327.1</code>.If you are using self-hosted runners, ensure they are updated beforeupgrading.</p></blockquote><h3>4.3.0</h3><ul><li>Bump <code>@actions/cache</code> to <ahref="https://redirect.github.com/actions/toolkit/pull/2132">v4.1.0</a></li></ul><h3>4.2.4</h3><ul><li>Bump <code>@actions/cache</code> to v4.0.5</li></ul><h3>4.2.3</h3><ul><li>Bump <code>@actions/cache</code> to v4.0.3 (obfuscates SAS token indebug logs for cache entries)</li></ul><h3>4.2.2</h3><ul><li>Bump <code>@actions/cache</code> to v4.0.2</li></ul><h3>4.2.1</h3><ul><li>Bump <code>@actions/cache</code> to v4.0.1</li></ul><h3>4.2.0</h3><p>TLDR; The cache backend service has been rewritten from the ground upfor improved performance and reliability. <ahref="https://github.com/actions/cache">actions/cache</a> now integrateswith the new cache service (v2) APIs.</p><p>The new service will gradually roll out as of <strong>February 1st,2025</strong>. The legacy service will also be sunset on the same date.Changes in these release are <strong>fully backwardcompatible</strong>.</p><p><strong>We are deprecating some versions of this action</strong>. Werecommend upgrading to version <code>v4</code> or <code>v3</code> assoon as possible before <strong>February 1st, 2025.</strong> (Upgradeinstructions below).</p><p>If you are using pinned SHAs, please use the SHAs of versions<code>v4.2.0</code> or <code>v3.4.0</code></p><p>If you do not upgrade, all workflow runs using any of the deprecated<a href="https://github.com/actions/cache">actions/cache</a> willfail.</p><p>Upgrading to the recommended versions will not break yourworkflows.</p><h3>4.1.2</h3></blockquote><p>... (truncated)</p></details><details><summary>Commits</summary><ul><li><ahref="https://github.com/actions/cache/commit/9255dc7a253b0ccc959486e2bca901246202afeb"><code>9255dc7</code></a>Merge pull request <ahref="https://redirect.github.com/actions/cache/issues/1686">#1686</a>from actions/cache-v5.0.1-release</li><li><ahref="https://github.com/actions/cache/commit/8ff5423e8b66eacab4e638ee52abbd2cb831366a"><code>8ff5423</code></a>chore: release v5.0.1</li><li><ahref="https://github.com/actions/cache/commit/9233019a152bc768059ac1768b8e4403b5da16c1"><code>9233019</code></a>Merge pull request <ahref="https://redirect.github.com/actions/cache/issues/1685">#1685</a>from salmanmkc/node24-storage-blob-fix</li><li><ahref="https://github.com/actions/cache/commit/b975f2bb844529e1063ad882c609b224bcd66eb6"><code>b975f2b</code></a>fix: add peer property to package-lock.json for dependencies</li><li><ahref="https://github.com/actions/cache/commit/d0a0e1813491d01d574c95f8d189f62622bbb2ae"><code>d0a0e18</code></a>fix: update license files for <code>@actions/cache</code>,fast-xml-parser, and strnum</li><li><ahref="https://github.com/actions/cache/commit/74de208dcfcbe85c0e7154e7b17e4105fe2554ff"><code>74de208</code></a>fix: update <code>@actions/cache</code> to ^5.0.1 for Node.js 24punycode fix</li><li><ahref="https://github.com/actions/cache/commit/ac7f1152ead02e89c14b5456d14ab17591e74cfb"><code>ac7f115</code></a>peer</li><li><ahref="https://github.com/actions/cache/commit/b0f846b50b6061d7a2ca6f1a2fea61d4a65d1a16"><code>b0f846b</code></a>fix: update <code>@actions/cache</code> with storage-blob fix forNode.js 24 punycode depr...</li><li><ahref="https://github.com/actions/cache/commit/a7833574556fa59680c1b7cb190c1735db73ebf0"><code>a783357</code></a>Merge pull request <ahref="https://redirect.github.com/actions/cache/issues/1684">#1684</a>from actions/prepare-cache-v5-release</li><li><ahref="https://github.com/actions/cache/commit/3bb0d78750a39cefce0c2b5a0a9801052b4359ad"><code>3bb0d78</code></a>docs: highlight v5 runner requirement in releases</li><li>Additional commits viewable in <ahref="https://github.com/actions/cache/compare/0057852bfaa89a56745cba8c7296529d2fc39830...9255dc7a253b0ccc959486e2bca901246202afeb">compareview</a></li></ul></details><br />Updates `actions/upload-artifact` from 5.0.0 to 6.0.0<details><summary>Release notes</summary><p><em>Sourced from <ahref="https://github.com/actions/upload-artifact/releases">actions/upload-artifact'sreleases</a>.</em></p><blockquote><h2>v6.0.0</h2><h2>v6 - What's new</h2><blockquote><p>[!IMPORTANT]actions/upload-artifact@v6 now runs on Node.js 24 (<code>runs.using:node24</code>) and requires a minimum Actions Runner version of 2.327.1.If you are using self-hosted runners, ensure they are updated beforeupgrading.</p></blockquote><h3>Node.js 24</h3><p>This release updates the runtime to Node.js 24. v5 had preliminarysupport for Node.js 24, however this action was by default still runningon Node.js 20. Now this action by default will run on Node.js 24.</p><h2>What's Changed</h2><ul><li>Upload Artifact Node 24 support by <ahref="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <ahref="https://redirect.github.com/actions/upload-artifact/pull/719">actions/upload-artifact#719</a></li><li>fix: update <code>@actions/artifact</code> for Node.js 24 punycodedeprecation by <ahref="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <ahref="https://redirect.github.com/actions/upload-artifact/pull/744">actions/upload-artifact#744</a></li><li>prepare release v6.0.0 for Node.js 24 support by <ahref="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <ahref="https://redirect.github.com/actions/upload-artifact/pull/745">actions/upload-artifact#745</a></li></ul><p><strong>Full Changelog</strong>: <ahref="https://github.com/actions/upload-artifact/compare/v5.0.0...v6.0.0">https://github.com/actions/upload-artifact/compare/v5.0.0...v6.0.0</a></p></blockquote></details><details><summary>Commits</summary><ul><li><ahref="https://github.com/actions/upload-artifact/commit/b7c566a772e6b6bfb58ed0dc250532a479d7789f"><code>b7c566a</code></a>Merge pull request <ahref="https://redirect.github.com/actions/upload-artifact/issues/745">#745</a>from actions/upload-artifact-v6-release</li><li><ahref="https://github.com/actions/upload-artifact/commit/e516bc8500aaf3d07d591fcd4ae6ab5f9c391d5b"><code>e516bc8</code></a>docs: correct description of Node.js 24 support in README</li><li><ahref="https://github.com/actions/upload-artifact/commit/ddc45ed9bca9b38dbd643978d88e3981cdc91415"><code>ddc45ed</code></a>docs: update README to correct action name for Node.js 24 support</li><li><ahref="https://github.com/actions/upload-artifact/commit/615b319bd27bb32c3d64dca6b6ed6974d5fbe653"><code>615b319</code></a>chore: release v6.0.0 for Node.js 24 support</li><li><ahref="https://github.com/actions/upload-artifact/commit/017748b48f8610ca8e6af1222f4a618e84a9c703"><code>017748b</code></a>Merge pull request <ahref="https://redirect.github.com/actions/upload-artifact/issues/744">#744</a>from actions/fix-storage-blob</li><li><ahref="https://github.com/actions/upload-artifact/commit/38d4c7997f5510fcc41fc4aae2a6b97becdbe7fc"><code>38d4c79</code></a>chore: rebuild dist</li><li><ahref="https://github.com/actions/upload-artifact/commit/7d27270e0cfd253e666c44abac0711308d2d042f"><code>7d27270</code></a>chore: add missing license cache files for <code>@actions/core</code>,<code>@actions/io</code>, and mi...</li><li><ahref="https://github.com/actions/upload-artifact/commit/5f643d3c9475505ccaf26d686ffbfb71a8387261"><code>5f643d3</code></a>chore: update license files for <code>@actions/artifact</code><ahref="https://github.com/5"><code>@5</code></a>.0.1 dependencies</li><li><ahref="https://github.com/actions/upload-artifact/commit/1df1684032c88614064493e1a0478fcb3583e1d0"><code>1df1684</code></a>chore: update package-lock.json with <code>@actions/artifact</code><ahref="https://github.com/5"><code>@5</code></a>.0.1</li><li><ahref="https://github.com/actions/upload-artifact/commit/b5b1a918401ee270935b6b1d857ae66c85f3be6f"><code>b5b1a91</code></a>fix: update <code>@actions/artifact</code> to ^5.0.0 for Node.js 24punycode fix</li><li>Additional commits viewable in <ahref="https://github.com/actions/upload-artifact/compare/330a01c490aca151604b8cf639adc76d48f6c5d4...b7c566a772e6b6bfb58ed0dc250532a479d7789f">compareview</a></li></ul></details><br />Updates `actions/download-artifact` from 6.0.0 to 7.0.0<details><summary>Release notes</summary><p><em>Sourced from <ahref="https://github.com/actions/download-artifact/releases">actions/download-artifact'sreleases</a>.</em></p><blockquote><h2>v7.0.0</h2><h2>v7 - What's new</h2><blockquote><p>[!IMPORTANT]actions/download-artifact@v7 now runs on Node.js 24 (<code>runs.using:node24</code>) and requires a minimum Actions Runner version of 2.327.1.If you are using self-hosted runners, ensure they are updated beforeupgrading.</p></blockquote><h3>Node.js 24</h3><p>This release updates the runtime to Node.js 24. v6 had preliminarysupport for Node 24, however this action was by default still running onNode.js 20. Now this action by default will run on Node.js 24.</p><h2>What's Changed</h2><ul><li>Update GHES guidance to include reference to Node 20 version by <ahref="https://github.com/patrikpolyak"><code>@patrikpolyak</code></a>in <ahref="https://redirect.github.com/actions/download-artifact/pull/440">actions/download-artifact#440</a></li><li>Download Artifact Node24 support by <ahref="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <ahref="https://redirect.github.com/actions/download-artifact/pull/415">actions/download-artifact#415</a></li><li>fix: update <code>@actions/artifact</code> to fix Node.js 24punycode deprecation by <ahref="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <ahref="https://redirect.github.com/actions/download-artifact/pull/451">actions/download-artifact#451</a></li><li>prepare release v7.0.0 for Node.js 24 support by <ahref="https://github.com/salmanmkc"><code>@salmanmkc</code></a> in <ahref="https://redirect.github.com/actions/download-artifact/pull/452">actions/download-artifact#452</a></li></ul><h2>New Contributors</h2><ul><li><ahref="https://github.com/patrikpolyak"><code>@patrikpolyak</code></a>made their first contribution in <ahref="https://redirect.github.com/actions/download-artifact/pull/440">actions/download-artifact#440</a></li><li><a href="https://github.com/salmanmkc"><code>@salmanmkc</code></a>made their first contribution in <ahref="https://redirect.github.com/actions/download-artifact/pull/415">actions/download-artifact#415</a></li></ul><p><strong>Full Changelog</strong>: <ahref="https://github.com/actions/download-artifact/compare/v6.0.0...v7.0.0">https://github.com/actions/download-artifact/compare/v6.0.0...v7.0.0</a></p></blockquote></details><details><summary>Commits</summary><ul><li><ahref="https://github.com/actions/download-artifact/commit/37930b1c2abaa49bbe596cd826c3c89aef350131"><code>37930b1</code></a>Merge pull request <ahref="https://redirect.github.com/actions/download-artifact/issues/452">#452</a>from actions/download-artifact-v7-release</li><li><ahref="https://github.com/actions/download-artifact/commit/72582b9e0acd370909e83fa4a1fd0fca3ad452d8"><code>72582b9</code></a>doc: update readme</li><li><ahref="https://github.com/actions/download-artifact/commit/0d2ec9d4cbcefe257d822f108de2a1f15f8da9f6"><code>0d2ec9d</code></a>chore: release v7.0.0 for Node.js 24 support</li><li><ahref="https://github.com/actions/download-artifact/commit/fd7ae8fda6dc16277a9ffbc91cdb0eedf156e912"><code>fd7ae8f</code></a>Merge pull request <ahref="https://redirect.github.com/actions/download-artifact/issues/451">#451</a>from actions/fix-storage-blob</li><li><ahref="https://github.com/actions/download-artifact/commit/d484700543354b15886d6a52910cf61b7f1d2b27"><code>d484700</code></a>chore: restore minimatch.dep.yml license file</li><li><ahref="https://github.com/actions/download-artifact/commit/03a808050efe42bb6ad85281890afd4e4546672c"><code>03a8080</code></a>chore: remove obsolete dependency license files</li><li><ahref="https://github.com/actions/download-artifact/commit/56fe6d904b0968950f8b68ea17774c54973ed5e2"><code>56fe6d9</code></a>chore: update <code>@actions/artifact</code> license file to 5.0.1</li><li><ahref="https://github.com/actions/download-artifact/commit/8e3ebc4ab4d2e095e5eb44ba1a4a53b6b03976ad"><code>8e3ebc4</code></a>chore: update package-lock.json with <code>@actions/artifact</code><ahref="https://github.com/5"><code>@5</code></a>.0.1</li><li><ahref="https://github.com/actions/download-artifact/commit/1e3c4b4d4906c98ab57453c24efefdf16c078044"><code>1e3c4b4</code></a>fix: update <code>@actions/artifact</code> to ^5.0.0 for Node.js 24punycode fix</li><li><ahref="https://github.com/actions/download-artifact/commit/458627d354794c71bc386c8d5839d20b5885fe2a"><code>458627d</code></a>chore: use local <code>@actions/artifact</code> package for Node.js 24testing</li><li>Additional commits viewable in <ahref="https://github.com/actions/download-artifact/compare/018cc2cf5baa6db3ef3c5f8a56943fffe632ef53...37930b1c2abaa49bbe596cd826c3c89aef350131">compareview</a></li></ul></details><br />Dependabot will resolve any conflicts with this PR as long as you don'talter it yourself. You can also trigger a rebase manually by commenting`@dependabot rebase`.[//]: # (dependabot-automerge-start)[//]: # (dependabot-automerge-end)---<details><summary>Dependabot commands and options</summary><br />You can trigger Dependabot actions by commenting on this PR:- `@dependabot rebase` will rebase this PR- `@dependabot recreate` will recreate this PR, overwriting any editsthat have been made to it- `@dependabot merge` will merge this PR after your CI passes on it- `@dependabot squash and merge` will squash and merge this PR afteryour CI passes on it- `@dependabot cancel merge` will cancel a previously requested mergeand block automerging- `@dependabot reopen` will reopen this PR if it is closed- `@dependabot close` will close this PR and stop Dependabot recreatingit. You can achieve the same result by closing it manually- `@dependabot show <dependency name> ignore conditions` will show allof the ignore conditions of the specified dependency- `@dependabot ignore <dependency name> major version` will close thisgroup update PR and stop Dependabot creating any more for the specificdependency's major version (unless you unignore this specificdependency's major version or upgrade to it yourself)- `@dependabot ignore <dependency name> minor version` will close thisgroup update PR and stop Dependabot creating any more for the specificdependency's minor version (unless you unignore this specificdependency's minor version or upgrade to it yourself)- `@dependabot ignore <dependency name>` will close this group update PRand stop Dependabot creating any more for the specific dependency(unless you unignore this specific dependency or upgrade to it yourself)- `@dependabot unignore <dependency name>` will remove all of the ignoreconditions of the specified dependency- `@dependabot unignore <dependency name> <ignore condition>` willremove the ignore condition of the specified dependency and ignoreconditions</details>Signed-off-by: dependabot[bot] <support@github.com>Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

1 parent77c41a0 commit3f13859Copy full SHA for 3f13859

File tree

14 files changed

+56

-56

lines changed

.github/workflows

14 files changed

+56

-56

lines changed

`‎.github/workflows/ci.yaml‎`

Lines changed: 24 additions & 24 deletions

Original file line number	Diff line number	Diff line change
`@@ -35,7 +35,7 @@ jobs:`
`35`	`35`	`tailnet-integration:${{ steps.filter.outputs.tailnet-integration }}`
`36`	`36`	`steps:`
`37`	`37`	`-name:Harden Runner`
`38`		`-uses:step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2# v2.13.2`
	`38`	`+uses:step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76# v2.14.0`
`39`	`39`	`with:`
`40`	`40`	`egress-policy:audit`
`41`	`41`
`@@ -157,7 +157,7 @@ jobs:`
`157`	`157`	`runs-on:${{ github.repository_owner == 'coder' && 'depot-ubuntu-22.04-8' \|\| 'ubuntu-latest' }}`
`158`	`158`	`steps:`
`159`	`159`	`-name:Harden Runner`
`160`		`-uses:step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2# v2.13.2`
	`160`	`+uses:step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76# v2.14.0`
`161`	`161`	`with:`
`162`	`162`	`egress-policy:audit`
`163`	`163`
`@@ -181,7 +181,7 @@ jobs:`
`181`	`181`	`echo "LINT_CACHE_DIR=$dir" >> "$GITHUB_ENV"`
`182`	`182`
`183`	`183`	`-name:golangci-lint cache`
`184`		`-uses:actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830#v4.3.0`
	`184`	`+uses:actions/cache@9255dc7a253b0ccc959486e2bca901246202afeb#v5.0.1`
`185`	`185`	`with:`
`186`	`186`	`path:\|`
`187`	`187`	`${{ env.LINT_CACHE_DIR }}`
`@@ -251,7 +251,7 @@ jobs:`
`251`	`251`	`if:${{ !cancelled() }}`
`252`	`252`	`steps:`
`253`	`253`	`-name:Harden Runner`
`254`		`-uses:step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2# v2.13.2`
	`254`	`+uses:step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76# v2.14.0`
`255`	`255`	`with:`
`256`	`256`	`egress-policy:audit`
`257`	`257`
`@@ -308,7 +308,7 @@ jobs:`
`308`	`308`	`timeout-minutes:20`
`309`	`309`	`steps:`
`310`	`310`	`-name:Harden Runner`
`311`		`-uses:step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2# v2.13.2`
	`311`	`+uses:step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76# v2.14.0`
`312`	`312`	`with:`
`313`	`313`	`egress-policy:audit`
`314`	`314`
`@@ -360,7 +360,7 @@ jobs:`
`360`	`360`	`-windows-2022`
`361`	`361`	`steps:`
`362`	`362`	`-name:Harden Runner`
`363`		`-uses:step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2# v2.13.2`
	`363`	`+uses:step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76# v2.14.0`
`364`	`364`	`with:`
`365`	`365`	`egress-policy:audit`
`366`	`366`
`@@ -512,7 +512,7 @@ jobs:`
`512`	`512`	`embedded-pg-cache:${{ steps.embedded-pg-cache.outputs.embedded-pg-cache }}`
`513`	`513`
`514`	`514`	`-name:Upload failed test db dumps`
`515`		`-uses:actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4#v5.0.0`
	`515`	`+uses:actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f#v6.0.0`
`516`	`516`	`with:`
`517`	`517`	`name:failed-test-db-dump-${{matrix.os}}`
`518`	`518`	`path:"*/.test.sql"`
`@@ -550,7 +550,7 @@ jobs:`
`550`	`550`	`timeout-minutes:25`
`551`	`551`	`steps:`
`552`	`552`	`-name:Harden Runner`
`553`		`-uses:step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2# v2.13.2`
	`553`	`+uses:step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76# v2.14.0`
`554`	`554`	`with:`
`555`	`555`	`egress-policy:audit`
`556`	`556`
`@@ -612,7 +612,7 @@ jobs:`
`612`	`612`	`timeout-minutes:25`
`613`	`613`	`steps:`
`614`	`614`	`-name:Harden Runner`
`615`		`-uses:step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2# v2.13.2`
	`615`	`+uses:step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76# v2.14.0`
`616`	`616`	`with:`
`617`	`617`	`egress-policy:audit`
`618`	`618`
`@@ -684,7 +684,7 @@ jobs:`
`684`	`684`	`timeout-minutes:20`
`685`	`685`	`steps:`
`686`	`686`	`-name:Harden Runner`
`687`		`-uses:step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2# v2.13.2`
	`687`	`+uses:step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76# v2.14.0`
`688`	`688`	`with:`
`689`	`689`	`egress-policy:audit`
`690`	`690`
`@@ -711,7 +711,7 @@ jobs:`
`711`	`711`	`timeout-minutes:20`
`712`	`712`	`steps:`
`713`	`713`	`-name:Harden Runner`
`714`		`-uses:step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2# v2.13.2`
	`714`	`+uses:step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76# v2.14.0`
`715`	`715`	`with:`
`716`	`716`	`egress-policy:audit`
`717`	`717`
`@@ -744,7 +744,7 @@ jobs:`
`744`	`744`	`name:${{ matrix.variant.name }}`
`745`	`745`	`steps:`
`746`	`746`	`-name:Harden Runner`
`747`		`-uses:step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2# v2.13.2`
	`747`	`+uses:step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76# v2.14.0`
`748`	`748`	`with:`
`749`	`749`	`egress-policy:audit`
`750`	`750`
`@@ -793,23 +793,23 @@ jobs:`
`793`	`793`
`794`	`794`	`-name:Upload Playwright Failed Tests`
`795`	`795`	`if:always() && github.actor != 'dependabot[bot]' && runner.os == 'Linux' && !github.event.pull_request.head.repo.fork`
`796`		`-uses:actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4#v5.0.0`
	`796`	`+uses:actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f#v6.0.0`
`797`	`797`	`with:`
`798`	`798`	`name:failed-test-videos${{ matrix.variant.premium && '-premium' \|\| '' }}`
`799`	`799`	`path:./site/test-results/*/.webm`
`800`	`800`	`retention-days:7`
`801`	`801`
`802`	`802`	`-name:Upload debug log`
`803`	`803`	`if:always() && github.actor != 'dependabot[bot]' && runner.os == 'Linux' && !github.event.pull_request.head.repo.fork`
`804`		`-uses:actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4#v5.0.0`
	`804`	`+uses:actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f#v6.0.0`
`805`	`805`	`with:`
`806`	`806`	`name:coderd-debug-logs${{ matrix.variant.premium && '-premium' \|\| '' }}`
`807`	`807`	`path:./site/e2e/test-results/debug.log`
`808`	`808`	`retention-days:7`
`809`	`809`
`810`	`810`	`-name:Upload pprof dumps`
`811`	`811`	`if:always() && github.actor != 'dependabot[bot]' && runner.os == 'Linux' && !github.event.pull_request.head.repo.fork`
`812`		`-uses:actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4#v5.0.0`
	`812`	`+uses:actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f#v6.0.0`
`813`	`813`	`with:`
`814`	`814`	`name:debug-pprof-dumps${{ matrix.variant.premium && '-premium' \|\| '' }}`
`815`	`815`	`path:./site/test-results/*/debug-pprof-.txt`
`@@ -824,7 +824,7 @@ jobs:`
`824`	`824`	`if:needs.changes.outputs.site == 'true' \|\| needs.changes.outputs.ci == 'true'`
`825`	`825`	`steps:`
`826`	`826`	`-name:Harden Runner`
`827`		`-uses:step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2# v2.13.2`
	`827`	`+uses:step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76# v2.14.0`
`828`	`828`	`with:`
`829`	`829`	`egress-policy:audit`
`830`	`830`
`@@ -905,7 +905,7 @@ jobs:`
`905`	`905`
`906`	`906`	`steps:`
`907`	`907`	`-name:Harden Runner`
`908`		`-uses:step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2# v2.13.2`
	`908`	`+uses:step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76# v2.14.0`
`909`	`909`	`with:`
`910`	`910`	`egress-policy:audit`
`911`	`911`
`@@ -976,7 +976,7 @@ jobs:`
`976`	`976`	`if:always()`
`977`	`977`	`steps:`
`978`	`978`	`-name:Harden Runner`
`979`		`-uses:step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2# v2.13.2`
	`979`	`+uses:step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76# v2.14.0`
`980`	`980`	`with:`
`981`	`981`	`egress-policy:audit`
`982`	`982`
`@@ -1075,7 +1075,7 @@ jobs:`
`1075`	`1075`
`1076`	`1076`	`-name:Upload build artifacts`
`1077`	`1077`	`if:${{ github.repository_owner == 'coder' && (github.ref == 'refs/heads/main' \|\| startsWith(github.ref, 'refs/heads/release/')) }}`
`1078`		`-uses:actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4#v5.0.0`
	`1078`	`+uses:actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f#v6.0.0`
`1079`	`1079`	`with:`
`1080`	`1080`	`name:dylibs`
`1081`	`1081`	`path:\|`
`@@ -1096,7 +1096,7 @@ jobs:`
`1096`	`1096`	`runs-on:${{ github.repository_owner == 'coder' && 'depot-ubuntu-22.04-8' \|\| 'ubuntu-latest' }}`
`1097`	`1097`	`steps:`
`1098`	`1098`	`-name:Harden Runner`
`1099`		`-uses:step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2# v2.13.2`
	`1099`	`+uses:step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76# v2.14.0`
`1100`	`1100`	`with:`
`1101`	`1101`	`egress-policy:audit`
`1102`	`1102`
`@@ -1151,7 +1151,7 @@ jobs:`
`1151`	`1151`	`IMAGE:ghcr.io/coder/coder-preview:${{ steps.build-docker.outputs.tag }}`
`1152`	`1152`	`steps:`
`1153`	`1153`	`-name:Harden Runner`
`1154`		`-uses:step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2# v2.13.2`
	`1154`	`+uses:step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76# v2.14.0`
`1155`	`1155`	`with:`
`1156`	`1156`	`egress-policy:audit`
`1157`	`1157`
`@@ -1240,7 +1240,7 @@ jobs:`
`1240`	`1240`	`uses:google-github-actions/setup-gcloud@aa5489c8933f4cc7a4f7d45035b3b1440c9c10db# v3.0.1`
`1241`	`1241`
`1242`	`1242`	`-name:Download dylibs`
`1243`		`-uses:actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53#v6.0.0`
	`1243`	`+uses:actions/download-artifact@37930b1c2abaa49bbe596cd826c3c89aef350131#v7.0.0`
`1244`	`1244`	`with:`
`1245`	`1245`	`name:dylibs`
`1246`	`1246`	`path:./build`
`@@ -1507,7 +1507,7 @@ jobs:`
`1507`	`1507`
`1508`	`1508`	`-name:Upload build artifacts`
`1509`	`1509`	`if:github.ref == 'refs/heads/main'`
`1510`		`-uses:actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4#v5.0.0`
	`1510`	`+uses:actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f#v6.0.0`
`1511`	`1511`	`with:`
`1512`	`1512`	`name:coder`
`1513`	`1513`	`path:\|`
`@@ -1548,7 +1548,7 @@ jobs:`
`1548`	`1548`	`if:needs.changes.outputs.db == 'true' \|\| needs.changes.outputs.ci == 'true' \|\| github.ref == 'refs/heads/main'`
`1549`	`1549`	`steps:`
`1550`	`1550`	`-name:Harden Runner`
`1551`		`-uses:step-security/harden-runner@95d9a5deda9de15063e7595e9719c11c38c90ae2# v2.13.2`
	`1551`	`+uses:step-security/harden-runner@20cf305ff2072d973412fa9b1e3a4f227bda3c76# v2.14.0`
`1552`	`1552`	`with:`
`1553`	`1553`	`egress-policy:audit`
`1554`	`1554`