chore(deps): bump the github-actions group across 1 directory with 3 updates

[dependabot]

Bumps the github-actions group with 3 updates in the / directory: actions/checkout, google-github-actions/auth and azure/login.

Updates actions/checkout from 4 to 6

Release notes

Sourced from actions/checkout's releases.

v6.0.0

What's Changed

• Update README to include Node.js 24 support details and requirements by @​salmanmkc in actions/checkout#2248
• Persist creds to a separate file by @​ericsciple in actions/checkout#2286
• v6-beta by @​ericsciple in actions/checkout#2298
• update readme/changelog for v6 by @​ericsciple in actions/checkout#2311

Full Changelog: actions/checkout@v5.0.0...v6.0.0

v6-beta

What's Changed

Updated persist-credentials to store the credentials under $RUNNER_TEMP instead of directly in the local git config.

This requires a minimum Actions Runner version of v2.329.0 to access the persisted credentials for Docker container action scenarios.

v5.0.1

What's Changed

• Port v6 cleanup to v5 by @​ericsciple in actions/checkout#2301

Full Changelog: actions/checkout@v5...v5.0.1

v5.0.0

What's Changed

• Update actions checkout to use node 24 by @​salmanmkc in actions/checkout#2226
• Prepare v5.0.0 release by @​salmanmkc in actions/checkout#2238

⚠️ Minimum Compatible Runner Version

v2.327.1
Release Notes

Make sure your runner is updated to this version or newer to use this release.

Full Changelog: actions/checkout@v4...v5.0.0

v4.3.1

What's Changed

• Port v6 cleanup to v4 by @​ericsciple in actions/checkout#2305

Full Changelog: actions/checkout@v4...v4.3.1

v4.3.0

What's Changed

• docs: update README.md by @​motss in actions/checkout#1971
• Add internal repos for checking out multiple repositories by @​mouismail in actions/checkout#1977
• Documentation update - add recommended permissions to Readme by @​benwells in actions/checkout#2043

... (truncated)

Changelog

Sourced from actions/checkout's changelog.

Changelog

v6.0.2

• Fix tag handling: preserve annotations and explicit fetch-tags by @​ericsciple in actions/checkout#2356

v6.0.1

• Add worktree support for persist-credentials includeIf by @​ericsciple in actions/checkout#2327

v6.0.0

• Persist creds to a separate file by @​ericsciple in actions/checkout#2286
• Update README to include Node.js 24 support details and requirements by @​salmanmkc in actions/checkout#2248

v5.0.1

• Port v6 cleanup to v5 by @​ericsciple in actions/checkout#2301

v5.0.0

• Update actions checkout to use node 24 by @​salmanmkc in actions/checkout#2226

v4.3.1

• Port v6 cleanup to v4 by @​ericsciple in actions/checkout#2305

v4.3.0

• docs: update README.md by @​motss in actions/checkout#1971
• Add internal repos for checking out multiple repositories by @​mouismail in actions/checkout#1977
• Documentation update - add recommended permissions to Readme by @​benwells in actions/checkout#2043
• Adjust positioning of user email note and permissions heading by @​joshmgross in actions/checkout#2044
• Update README.md by @​nebuk89 in actions/checkout#2194
• Update CODEOWNERS for actions by @​TingluoHuang in actions/checkout#2224
• Update package dependencies by @​salmanmkc in actions/checkout#2236

v4.2.2

• url-helper.ts now leverages well-known environment variables by @​jww3 in actions/checkout#1941
• Expand unit test coverage for isGhes by @​jww3 in actions/checkout#1946

v4.2.1

• Check out other refs/* by commit if provided, fall back to ref by @​orhantoy in actions/checkout#1924

v4.2.0

• Add Ref and Commit outputs by @​lucacome in actions/checkout#1180
• Dependency updates by @​dependabot- actions/checkout#1777, actions/checkout#1872

v4.1.7

• Bump the minor-npm-dependencies group across 1 directory with 4 updates by @​dependabot in actions/checkout#1739
• Bump actions/checkout from 3 to 4 by @​dependabot in actions/checkout#1697
• Check out other refs/* by commit by @​orhantoy in actions/checkout#1774
• Pin actions/checkout's own workflows to a known, good, stable version. by @​jww3 in actions/checkout#1776

v4.1.6

• Check platform to set archive extension appropriately by @​cory-miller in actions/checkout#1732

... (truncated)

Commits

• de0fac2 Fix tag handling: preserve annotations and explicit fetch-tags (#2356)
• 064fe7f Add orchestration_id to git user-agent when ACTIONS_ORCHESTRATION_ID is set (...
• 8e8c483 Clarify v6 README (#2328)
• 033fa0d Add worktree support for persist-credentials includeIf (#2327)
• c2d88d3 Update all references from v5 and v4 to v6 (#2314)
• 1af3b93 update readme/changelog for v6 (#2311)
• 71cf226 v6-beta (#2298)
• 069c695 Persist creds to a separate file (#2286)
• ff7abcd Update README to include Node.js 24 support details and requirements (#2248)
• 08c6903 Prepare v5.0.0 release (#2238)
• Additional commits viewable in compare view

Updates google-github-actions/auth from 2 to 3

Release notes

Sourced from google-github-actions/auth's releases.

v3

Floating v3 tag

v3.0.0

What's Changed

• Bump to Node 24 and remove old parameters by @​sethvargo in google-github-actions/auth#508
• Remove hacky script by @​sethvargo in google-github-actions/auth#509
• Release: v3.0.0 by @​google-github-actions-bot in google-github-actions/auth#510

Full Changelog: google-github-actions/auth@v2...v3.0.0

v2.1.13

What's Changed

• Update deps by @​sethvargo in google-github-actions/auth#506
• Release: v2.1.13 by @​google-github-actions-bot in google-github-actions/auth#507

Full Changelog: google-github-actions/auth@v2.1.12...v2.1.13

v2.1.12

What's Changed

• Add retries for getIDToken by @​sethvargo in google-github-actions/auth#502
• Release: v2.1.12 by @​google-github-actions-bot in google-github-actions/auth#503

Full Changelog: google-github-actions/auth@v2.1.11...v2.1.12

v2.1.11

What's Changed

• Update troubleshooting docs for Python by @​sethvargo in google-github-actions/auth#488
• Add linters by @​sethvargo in google-github-actions/auth#499
• Update deps by @​sethvargo in google-github-actions/auth#500
• Release: v2.1.11 by @​google-github-actions-bot in google-github-actions/auth#501

Full Changelog: google-github-actions/auth@v2.1.10...v2.1.11

v2.1.10

What's Changed

• Declare workflow permissions by @​sethvargo in google-github-actions/auth#482
• Document that the OIDC token expires in 5min by @​sethvargo in google-github-actions/auth#483
• Release: v2.1.10 by @​google-github-actions-bot in google-github-actions/auth#484

Full Changelog: google-github-actions/auth@v2.1.9...v2.1.10

v2.1.9

What's Changed

• Use our custom boolean parsing by @​sethvargo in google-github-actions/auth#478

... (truncated)

Commits

• 7c6bc77 Release: v3.0.0 (#510)
• 42e4997 Remove hacky script (#509)
• 5ea4dc1 Bump to Node 24 and remove old parameters (#508)
• See full diff in compare view

Updates azure/login from 2 to 3

Release notes

Sourced from azure/login's releases.

Azure Login Action v3

What's Changed

• upgrade nodejs from 20 to 24 and update dependencies by @​YanaXu in Azure/login#578

Full Changelog: Azure/login@v2.3.0...v3

Azure Login Action v3.0.0

What's Changed

• Upgrade nodejs from 20 to 24 and update dependencies by @​YanaXu in Azure/login#578

Full Changelog: Azure/login@v2.3.0...v3.0.0

Azure Login Action v2.3.0

What's Changed

• Replace the invalid link for the GitHub Action Doc by @​MoChilia in Azure/login#510
• Bump braces from 3.0.2 to 3.0.3 by @​YanaXu in Azure/login#511
• Mention "allow-no-subscriptions" in missing subscriptionId error by @​MoChilia in Azure/login#512
• Log more claims for OIDC login by @​MoChilia in Azure/login#520
• Use --client-id for user-assigned managed identity authentication in Azure CLI v2.69.0 or later. by @​MoChilia in Azure/login#514

Full Changelog: Azure/login@v2.2.0...v2.3.0

Azure Login Action v2.2.0

What's Changed

• Replace az --version with az version by @​MoChilia in Azure/login#450
• Update documentation for setting audience when environment is set by @​jcantosz in Azure/login#455
• Fix #459: Errors when registering cloud profile for AzureStack by @​MoChilia in Azure/login#466
• Fix typo by @​KronosTheLate in Azure/login#483
• move pre cleanup to main and add pre-if and post-if by @​YanaXu in Azure/login#484

New Contributors

• @​jcantosz made their first contribution in Azure/login#455
• @​KronosTheLate made their first contribution in Azure/login#483

Full Changelog: Azure/login@v2.1.1...v2.2.0

v2.1.1

What's Changed

• Disable information output in Connect-AzAccount by @​YanaXu in Azure/login#448

New Contributors

• @​jiasli made their first contribution in Azure/login#438
• @​isra-fel made their first contribution in Azure/login#446

Full Changelog: Azure/login@v2.1.0...v2.1.1

... (truncated)

Commits

• 532459e prepare release v3.0.0
• 893aa84 upgrade Azure Login Action version in README (#579)
• ce6a9ff upgrade nodejs from 20 to 24 and update dependencies (#578)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[github-actions]

Dependency Review

The following issues were found:

• ✅ 0 vulnerable package(s)
• ✅ 0 package(s) with incompatible licenses
• ✅ 0 package(s) with invalid SPDX license definitions
• ⚠️ 3 package(s) with unknown licenses.

See the Details below.

Snapshot Warnings

⚠️: No snapshots were found for the head SHA 116d080.

Ensure that dependencies are being submitted on PR branches and consider enabling retry-on-snapshot-warnings. See the documentation for more information and troubleshooting advice.

License Issues

.github/workflows/destroy-environment.yml

Package	Version	License	Issue Type
azure/login	3.*.*	Null	Unknown License

.github/workflows/pr-verify.yml

Package	Version	License	Issue Type
actions/checkout	6.*.*	Null	Unknown License
google-github-actions/auth	3.*.*	Null	Unknown License

OpenSSF Scorecard

Package	Version	Score	Details
actions/azure/login	3.*.*	Unknown	Unknown
actions/actions/checkout	6.*.*	🟢 5.9	Details Check Score Reason Maintained ⚠️ 2 3 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 2 Code-Review 🟢 10 all changesets reviewed Binary-Artifacts 🟢 10 no binaries found in the repo CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Packaging ⚠️ -1 packaging workflow not detected Fuzzing ⚠️ 0 project is not fuzzed License 🟢 10 license file detected Pinned-Dependencies 🟢 3 dependency not pinned by hash detected -- score normalized to 3 Signed-Releases ⚠️ -1 no releases found Security-Policy 🟢 9 security policy file detected Branch-Protection 🟢 5 branch protection is not maximal on development and all release branches SAST 🟢 8 SAST tool detected but not run on all commits
actions/google-github-actions/auth	3.*.*	🟢 6.2	Details Check Score Reason Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Maintained ⚠️ 0 0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0 Binary-Artifacts 🟢 10 no binaries found in the repo Code-Review 🟢 7 Found 23/29 approved changesets -- score normalized to 7 Packaging ⚠️ -1 packaging workflow not detected Token-Permissions 🟢 7 detected GitHub workflow tokens with excessive permissions Pinned-Dependencies 🟢 6 dependency not pinned by hash detected -- score normalized to 6 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Fuzzing ⚠️ 0 project is not fuzzed License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection 🟢 4 branch protection is not maximal on development and all release branches Security-Policy 🟢 10 security policy file detected SAST 🟢 7 SAST tool is not run on all commits -- score normalized to 7

Scanned Files

• .github/workflows/destroy-environment.yml
• .github/workflows/pr-verify.yml

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

[github-actions]

🏗️ Terraform Plan

🌍 Environment: dev

✅ Validate — Passed

✅ Plan

✅ No changes. Your infrastructure matches the configuration.