From daf0d9fe1818080326cd815819b359f544ad4e12 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Fri, 14 Feb 2025 12:17:34 -0600
Subject: [PATCH] Bump the prod-dependencies group with 8 updates (#1077)

Bumps the prod-dependencies group with 8 updates:

| Package | From | To |
| --- | --- | --- |
| [actions/setup-go](https://github.com/actions/setup-go) | `5.2.0` | `5.3.0` |
| [nosborn/github-action-markdown-cli](https://github.com/nosborn/github-action-markdown-cli) | `3.3.0` | `3.4.0` |
| [mfinelli/setup-shfmt](https://github.com/mfinelli/setup-shfmt) | `3.0.1` | `3.0.2` |
| [crate-ci/typos](https://github.com/crate-ci/typos) | `1.28.4` | `1.29.7` |
| [golangci/golangci-lint-action](https://github.com/golangci/golangci-lint-action) | `6.3.3` | `6.4.1` |
| [depends-on/depends-on-action](https://github.com/depends-on/depends-on-action) | `77e67971a155b35424508ada365790c47286fd0f` | `61cb3f4a0e2c8ae4b90c9448dc57c7ba9ca24c35` |
| [actions/upload-artifact](https://github.com/actions/upload-artifact) | `4.5.0` | `4.6.0` |
| [github/codeql-action](https://github.com/github/codeql-action) | `3.27.9` | `3.28.9` |


Updates `actions/setup-go` from 5.2.0 to 5.3.0
- [Release notes](https://github.com/actions/setup-go/releases)
- [Commits](https://github.com/actions/setup-go/compare/3041bf56c941b39c61721a86cd11f3bb1338122a...f111f3307d8850f501ac008e886eec1fd1932a34)

Updates `nosborn/github-action-markdown-cli` from 3.3.0 to 3.4.0
- [Release notes](https://github.com/nosborn/github-action-markdown-cli/releases)
- [Commits](https://github.com/nosborn/github-action-markdown-cli/compare/9b5e871c11cc0649c5ac2526af22e23525fa344d...58bcfd1af530d87a13d51b76e6713b52602e3613)

Updates `mfinelli/setup-shfmt` from 3.0.1 to 3.0.2
- [Release notes](https://github.com/mfinelli/setup-shfmt/releases)
- [Changelog](https://github.com/mfinelli/setup-shfmt/blob/master/CHANGELOG.md)
- [Commits](https://github.com/mfinelli/setup-shfmt/compare/031e887e39d899d773a7e9b6dd6472c2c23ff50d...1a143389339b48c4b48ae3cdc058f3dbe336a701)

Updates `crate-ci/typos` from 1.28.4 to 1.29.7
- [Release notes](https://github.com/crate-ci/typos/releases)
- [Changelog](https://github.com/crate-ci/typos/blob/master/CHANGELOG.md)
- [Commits](https://github.com/crate-ci/typos/compare/9d890159570d5018df91fedfa40b4730cd4a81b1...51f257b946f503b768e522781f56e9b7b5570d48)

Updates `golangci/golangci-lint-action` from 6.3.3 to 6.4.1
- [Release notes](https://github.com/golangci/golangci-lint-action/releases)
- [Commits](https://github.com/golangci/golangci-lint-action/compare/e0ebdd245eea59746bb0b28ea6a9871d3e35fbc9...818ec4d51a1feacefc42ff1b3ec25d4962690f39)

Updates `depends-on/depends-on-action` from 77e67971a155b35424508ada365790c47286fd0f to 61cb3f4a0e2c8ae4b90c9448dc57c7ba9ca24c35
- [Release notes](https://github.com/depends-on/depends-on-action/releases)
- [Commits](https://github.com/depends-on/depends-on-action/compare/77e67971a155b35424508ada365790c47286fd0f...61cb3f4a0e2c8ae4b90c9448dc57c7ba9ca24c35)

Updates `actions/upload-artifact` from 4.5.0 to 4.6.0
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](https://github.com/actions/upload-artifact/compare/6f51ac03b9356f520e9adb1b1b7802705f340c2b...65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08)

Updates `github/codeql-action` from 3.27.9 to 3.28.9
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/df409f7d9260372bd5f19e5b04e83cb3c43714ae...9e8d0789d4a0fa9ceb6b1738f7e269594bdd67f0)

---
updated-dependencies:
- dependency-name: actions/setup-go
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: prod-dependencies
- dependency-name: nosborn/github-action-markdown-cli
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: prod-dependencies
- dependency-name: mfinelli/setup-shfmt
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: prod-dependencies
- dependency-name: crate-ci/typos
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: prod-dependencies
- dependency-name: golangci/golangci-lint-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: prod-dependencies
- dependency-name: depends-on/depends-on-action
  dependency-type: direct:production
  dependency-group: prod-dependencies
- dependency-name: actions/upload-artifact
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: prod-dependencies
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: prod-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
---
 .github/workflows/pre-main.yml  | 14 +++++++-------
 .github/workflows/qe.yml        |  6 +++---
 .github/workflows/scorecard.yml |  4 ++--
 3 files changed, 12 insertions(+), 12 deletions(-)

diff --git a/.github/workflows/pre-main.yml b/.github/workflows/pre-main.yml
index 13987294d..f751790aa 100644
--- a/.github/workflows/pre-main.yml
+++ b/.github/workflows/pre-main.yml
@@ -16,20 +16,20 @@ jobs:
       - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
 
       - name: Set up Go
-        uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5.2.0
+        uses: actions/setup-go@f111f3307d8850f501ac008e886eec1fd1932a34 # v5.3.0
         with:
           go-version-file: go.mod
 
-      - uses: nosborn/github-action-markdown-cli@9b5e871c11cc0649c5ac2526af22e23525fa344d # v3.3.0
+      - uses: nosborn/github-action-markdown-cli@58bcfd1af530d87a13d51b76e6713b52602e3613 # v3.4.0
         with:
           files: README.md
 
       - uses: ludeeus/action-shellcheck@00b27aa7cb85167568cb48a3838b75f4265f2bca # master
         with:
           ignore_paths: vendor
-      - uses: mfinelli/setup-shfmt@031e887e39d899d773a7e9b6dd6472c2c23ff50d # v3.0.1
+      - uses: mfinelli/setup-shfmt@1a143389339b48c4b48ae3cdc058f3dbe336a701 # v3.0.2
       - run: shfmt -d scripts/*.sh
-      - uses: crate-ci/typos@9d890159570d5018df91fedfa40b4730cd4a81b1 # master
+      - uses: crate-ci/typos@51f257b946f503b768e522781f56e9b7b5570d48 # master
       - uses: ibiqlik/action-yamllint@2576378a8e339169678f9939646ee3ee325e845c # v3.1.1
         with:
           file_or_dir: .github/workflows/*.yml config/*.yaml
@@ -46,7 +46,7 @@ jobs:
                 level: warning
 
       - name: Golangci-lint
-        uses: golangci/golangci-lint-action@e0ebdd245eea59746bb0b28ea6a9871d3e35fbc9 # v6.3.3
+        uses: golangci/golangci-lint-action@818ec4d51a1feacefc42ff1b3ec25d4962690f39 # v6.4.1
         with:
           version: v1.64
           args: --timeout 10m0s
@@ -58,7 +58,7 @@ jobs:
     steps:
       - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
       - name: Set up Go
-        uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5.2.0
+        uses: actions/setup-go@f111f3307d8850f501ac008e886eec1fd1932a34 # v5.3.0
         with:
           go-version-file: go.mod
 
@@ -77,7 +77,7 @@ jobs:
       - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
 
       - name: Set up Go
-        uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5.2.0
+        uses: actions/setup-go@f111f3307d8850f501ac008e886eec1fd1932a34 # v5.3.0
         with:
           go-version-file: go.mod
 
diff --git a/.github/workflows/qe.yml b/.github/workflows/qe.yml
index 03796cc01..5de208da0 100644
--- a/.github/workflows/qe.yml
+++ b/.github/workflows/qe.yml
@@ -41,7 +41,7 @@ jobs:
           ref: ${{ github.sha }}
 
       - name: Set up Go
-        uses: actions/setup-go@3041bf56c941b39c61721a86cd11f3bb1338122a # v5.2.0
+        uses: actions/setup-go@f111f3307d8850f501ac008e886eec1fd1932a34 # v5.3.0
         with:
           go-version-file: go.mod
 
@@ -108,7 +108,7 @@ jobs:
           ref: main
 
       - name: Extract dependent Pull Requests
-        uses: depends-on/depends-on-action@77e67971a155b35424508ada365790c47286fd0f # main
+        uses: depends-on/depends-on-action@61cb3f4a0e2c8ae4b90c9448dc57c7ba9ca24c35 # main
         with:
           token: ${{ secrets.GITHUB_TOKEN }}
           extra-dirs: certsuite-sample-workload certsuite
@@ -137,7 +137,7 @@ jobs:
     steps:
 
       - name: Extract dependent PR
-        uses: depends-on/depends-on-action@77e67971a155b35424508ada365790c47286fd0f # main
+        uses: depends-on/depends-on-action@61cb3f4a0e2c8ae4b90c9448dc57c7ba9ca24c35 # main
         with:
           token: ${{ secrets.GITHUB_TOKEN }}
           check-unmerged-pr: true
diff --git a/.github/workflows/scorecard.yml b/.github/workflows/scorecard.yml
index 59fee1de8..a29947a86 100644
--- a/.github/workflows/scorecard.yml
+++ b/.github/workflows/scorecard.yml
@@ -59,7 +59,7 @@ jobs:
       # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF
       # format to the repository Actions tab.
       - name: "Upload artifact"
-        uses: actions/upload-artifact@6f51ac03b9356f520e9adb1b1b7802705f340c2b # v4.5.0
+        uses: actions/upload-artifact@65c4c4a1ddee5b72f698fdd19549f0f0fb45cf08 # v4.6.0
         with:
           name: SARIF file
           path: results.sarif
@@ -68,6 +68,6 @@ jobs:
       # Upload the results to GitHub's code scanning dashboard (optional).
       # Commenting out will disable upload of results to your repo's Code Scanning dashboard
       - name: "Upload to code-scanning"
-        uses: github/codeql-action/upload-sarif@df409f7d9260372bd5f19e5b04e83cb3c43714ae # v3.27.9
+        uses: github/codeql-action/upload-sarif@9e8d0789d4a0fa9ceb6b1738f7e269594bdd67f0 # v3.28.9
         with:
           sarif_file: results.sarif