chore(deps): update all non-major dependencies

[renovate]

This PR contains the following updates:

Package	Type	Update	Change	Age	Adoption	Passing	Confidence
actions/checkout	action	patch	v4.2.0 -> v4.2.2
actions/setup-go	action	minor	v5.0.2 -> v5.1.0
github.com/go-vela/server	require	patch	v0.25.1-0.20241022141112-a2b0d9146d65 -> v0.25.2
github/codeql-action	action	minor	v3.26.11 -> v3.27.4

---

Release Notes

actions/checkout (actions/checkout)

v4.2.2

Compare Source

• url-helper.ts now leverages well-known environment variables by @​jww3 in https://github.com/actions/checkout/pull/1941
• Expand unit test coverage for isGhes by @​jww3 in https://github.com/actions/checkout/pull/1946

v4.2.1

Compare Source

• Check out other refs/* by commit if provided, fall back to ref by @​orhantoy in https://github.com/actions/checkout/pull/1924

actions/setup-go (actions/setup-go)

v5.1.0

Compare Source

What's Changed

• Add workflow file for publishing releases to immutable action package by @​Jcambass in https://github.com/actions/setup-go/pull/500
• Upgrade IA Publish by @​Jcambass in https://github.com/actions/setup-go/pull/502
• Add architecture to cache key by @​Zxilly in https://github.com/actions/setup-go/pull/493
  This addresses issues with caching by adding the architecture (arch) to the cache key, ensuring that cache keys are accurate to prevent conflicts.
  Note: This change may break previous cache keys as they will no longer be compatible with the new format.
• Enhance workflows and Upgrade micromatch Dependency by @​priyagupta108 in https://github.com/actions/setup-go/pull/510

Bug Fixes

• Revise isGhes logic by @​jww3 in https://github.com/actions/setup-go/pull/511

New Contributors

• @​Zxilly made their first contribution in https://github.com/actions/setup-go/pull/493
• @​Jcambass made their first contribution in https://github.com/actions/setup-go/pull/500
• @​jww3 made their first contribution in https://github.com/actions/setup-go/pull/511
• @​priyagupta108 made their first contribution in https://github.com/actions/setup-go/pull/510

Full Changelog: actions/setup-go@v5...v5.1.0

go-vela/server (github.com/go-vela/server)

v0.25.2

Compare Source

What's Changed

• fix(patch): apply image parse fix to v0.25.2 patch by @​ecrupper in https://github.com/go-vela/server/pull/1208

Full Changelog: go-vela/server@v0.25.1...v0.25.2

github/codeql-action (github/codeql-action)

v3.27.4

Compare Source

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

Note that the only difference between v2 and v3 of the CodeQL Action is the node version they support, with v3 running on node 20 while we continue to release v2 to support running on node 16. For example 3.22.11 was the first v3 release and is functionally identical to 2.22.11. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.

3.27.4 - 14 Nov 2024

No user facing changes.

See the full CHANGELOG.md for more information.

v3.27.3

Compare Source

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

Note that the only difference between v2 and v3 of the CodeQL Action is the node version they support, with v3 running on node 20 while we continue to release v2 to support running on node 16. For example 3.22.11 was the first v3 release and is functionally identical to 2.22.11. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.

3.27.3 - 12 Nov 2024

No user facing changes.

See the full CHANGELOG.md for more information.

v3.27.2

Compare Source

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

Note that the only difference between v2 and v3 of the CodeQL Action is the node version they support, with v3 running on node 20 while we continue to release v2 to support running on node 16. For example 3.22.11 was the first v3 release and is functionally identical to 2.22.11. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.

3.27.2 - 12 Nov 2024

• Fixed an issue where setting up the CodeQL tools would sometimes fail with the message "Invalid value 'undefined' for header 'authorization'". #​2590

See the full CHANGELOG.md for more information.

v3.27.1

Compare Source

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

Note that the only difference between v2 and v3 of the CodeQL Action is the node version they support, with v3 running on node 20 while we continue to release v2 to support running on node 16. For example 3.22.11 was the first v3 release and is functionally identical to 2.22.11. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.

3.27.1 - 08 Nov 2024

• The CodeQL Action now downloads bundles compressed using Zstandard on GitHub Enterprise Server when using Linux or macOS runners. This speeds up the installation of the CodeQL tools. This feature is already available to GitHub.com users. #​2573
• Update default CodeQL bundle version to 2.19.3. #​2576

See the full CHANGELOG.md for more information.

v3.27.0

Compare Source

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

Note that the only difference between v2 and v3 of the CodeQL Action is the node version they support, with v3 running on node 20 while we continue to release v2 to support running on node 16. For example 3.22.11 was the first v3 release and is functionally identical to 2.22.11. This approach ensures an easy way to track exactly which features are included in different versions, indicated by the minor and patch version numbers.

3.27.0 - 22 Oct 2024

• Bump the minimum CodeQL bundle version to 2.14.6. #​2549
• Fix an issue where the upload-sarif Action would fail with "upload-sarif post-action step failed: Input required and not supplied: token" when called in a composite Action that had a different set of inputs to the ones expected by the upload-sarif Action. #​2557
• Update default CodeQL bundle version to 2.19.2. #​2552

See the full CHANGELOG.md for more information.

v3.26.13

Compare Source

v3.26.12

Compare Source

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 89.63%. Comparing base (05703df) to head (cb9b6a7).

Additional details and impacted files

@@           Coverage Diff           @@
##             main     #334   +/-   ##
=======================================
  Coverage   89.63%   89.63%           
=======================================
  Files          22       22           
  Lines         878      878           
=======================================
  Hits          787      787           
  Misses         55       55           
  Partials       36       36           

[renovate]

ℹ Artifact update notice

File name: go.mod

In order to perform the update(s) described in the table above, Renovate ran the go get command, which resulted in the following additional change(s):

• The go directive was updated for compatibility reasons

Details:

Package	Change
go	1.23.1 -> 1.23.2

[renovate]

⚠️ Artifact update problem

Renovate failed to update an artifact related to this branch. You probably do not want to merge this PR as-is.

♻ Renovate will retry this branch, including artifacts, only when one of the following happens:

• any of the package files in this branch needs updating, or
• the branch becomes conflicted, or
• you click the rebase/retry checkbox if found above, or
• you rename this PR's title to start with "rebase!" to trigger it manually

The artifact failure details are included below:

File name: go.sum

Command failed: go get -d -t ./...
go: -d flag is deprecated. -d=true is a no-op
go: downloading github.com/coreos/go-semver v0.3.1
go: downloading github.com/buildkite/yaml v0.0.0-20230306222819-0e4e032d4835
go: downloading github.com/go-vela/server v0.25.2
go: downloading github.com/golang-jwt/jwt/v5 v5.2.1
go: downloading github.com/google/go-querystring v1.1.0
go: downloading github.com/sirupsen/logrus v1.9.3
go: downloading github.com/gin-gonic/gin v1.10.0
go: downloading github.com/google/go-cmp v0.6.0
go: downloading github.com/ghodss/yaml v1.0.0
go: downloading github.com/go-vela/types v0.25.1
go: downloading github.com/urfave/cli/v2 v2.27.4
go: downloading golang.org/x/sys v0.25.0
go: downloading github.com/lestrrat-go/jwx/v2 v2.1.1
go: downloading github.com/gin-contrib/sse v0.1.0
go: downloading github.com/mattn/go-isatty v0.0.20
go: downloading golang.org/x/net v0.29.0
go: downloading gopkg.in/yaml.v2 v2.4.0
go: downloading github.com/drone/envsubst v1.0.3
go: downloading github.com/cpuguy83/go-md2man/v2 v2.0.4
go: downloading github.com/xrash/smetrics v0.0.0-20240521201337-686a1a2994c1
go: downloading github.com/go-playground/validator/v10 v10.22.1
go: downloading github.com/pelletier/go-toml/v2 v2.2.3
go: downloading github.com/ugorji/go/codec v1.2.12
go: downloading google.golang.org/protobuf v1.34.2
go: downloading gopkg.in/yaml.v3 v3.0.1
go: downloading github.com/bytedance/sonic v1.12.2
go: downloading github.com/goccy/go-json v0.10.3
go: downloading github.com/json-iterator/go v1.1.12
go: downloading github.com/decred/dcrd/dcrec/secp256k1/v4 v4.3.0
go: downloading github.com/lestrrat-go/blackmagic v1.0.2
go: downloading github.com/lestrrat-go/httprc v1.0.6
go: downloading github.com/lestrrat-go/iter v1.0.2
go: downloading github.com/lestrrat-go/option v1.0.1
go: downloading github.com/russross/blackfriday/v2 v2.1.0
go: downloading github.com/gabriel-vasile/mimetype v1.4.5
go: downloading github.com/go-playground/universal-translator v0.18.1
go: downloading github.com/leodido/go-urn v1.4.0
go: downloading golang.org/x/crypto v0.27.0
go: downloading golang.org/x/text v0.18.0
go: downloading github.com/modern-go/concurrent v0.0.0-20180306012644-bacd9c7ef1dd
go: downloading github.com/modern-go/reflect2 v1.0.2
go: downloading github.com/lestrrat-go/httpcc v1.0.1
go: downloading github.com/segmentio/asm v1.2.0
go: downloading github.com/go-playground/locales v0.14.1
go: downloading github.com/cloudwego/base64x v0.1.4
go: downloading golang.org/x/arch v0.10.0
go: downloading github.com/bytedance/sonic/loader v0.2.0
go: downloading github.com/klauspost/cpuid/v2 v2.2.8
go: downloading github.com/twitchyliquid64/golang-asm v0.15.1
go: downloading github.com/cloudwego/iasm v0.2.0
go: github.com/go-vela/sdk-go/vela imports
	github.com/go-vela/server/compiler/types/yaml: cannot find module providing package github.com/go-vela/server/compiler/types/yaml