chore(deps): update github-actions (major) (#719)

[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Type | Update | Change |
|---|---|---|---|
| [actions/checkout](https://github.com/actions/checkout) | action |
major | `v3.6.0` -> `v4.1.1` |
|
[actions/dependency-review-action](https://github.com/actions/dependency-review-action)
| action | major | `v3.1.5` -> `v4.2.5` |
|
[actions/download-artifact](https://github.com/actions/download-artifact)
| action | major | `v3.0.2` -> `v4.1.4` |
| [actions/setup-node](https://github.com/actions/setup-node) | action
| major | `v3` -> `v4` |
| [actions/setup-node](https://github.com/actions/setup-node) | action
| major | `v3.8.2` -> `v4.0.2` |
|
[actions/upload-artifact](https://github.com/actions/upload-artifact)
| action | major | `v3.1.3` -> `v4.3.1` |
| [github/codeql-action](https://github.com/github/codeql-action) |
action | major | `v2.24.8` -> `v3.24.9` |
|
[golangci/golangci-lint-action](https://github.com/golangci/golangci-lint-action)
| action | major | `v3` -> `v4` |

---

> [!WARNING]
> Some dependencies could not be looked up. Check the Dependency
Dashboard for more information.

---

### Release Notes

<details>
<summary>actions/checkout (actions/checkout)</summary>

###
[`v4.1.1`](https://github.com/actions/checkout/releases/tag/v4.1.1)

[Compare
Source](https://github.com/actions/checkout/compare/v4.1.0...v4.1.1)

##### What's Changed

- Update CODEOWNERS to Launch team by
[@&#8203;joshmgross](https://github.com/joshmgross) in
[https://github.com/actions/checkout/pull/1510](https://github.com/actions/checkout/pull/1510)
- Correct link to GitHub Docs by
[@&#8203;peterbe](https://github.com/peterbe) in
[https://github.com/actions/checkout/pull/1511](https://github.com/actions/checkout/pull/1511)
- Link to release page from what's new section by
[@&#8203;cory-miller](https://github.com/cory-miller) in
[https://github.com/actions/checkout/pull/1514](https://github.com/actions/checkout/pull/1514)

##### New Contributors

- [@&#8203;joshmgross](https://github.com/joshmgross) made their first
contribution in
[https://github.com/actions/checkout/pull/1510](https://github.com/actions/checkout/pull/1510)
- [@&#8203;peterbe](https://github.com/peterbe) made their first
contribution in
[https://github.com/actions/checkout/pull/1511](https://github.com/actions/checkout/pull/1511)

**Full Changelog**:
actions/checkout@v4.1.0...v4.1.1

###
[`v4.1.0`](https://github.com/actions/checkout/blob/HEAD/CHANGELOG.md#v410)

[Compare
Source](https://github.com/actions/checkout/compare/v4.0.0...v4.1.0)

- [Add support for partial checkout
filters](https://github.com/actions/checkout/pull/1396)

###
[`v4.0.0`](https://github.com/actions/checkout/blob/HEAD/CHANGELOG.md#v400)

[Compare
Source](https://github.com/actions/checkout/compare/v3.6.0...v4.0.0)

- [Support fetching without the --progress
option](https://github.com/actions/checkout/pull/1067)
-   [Update to node20](https://github.com/actions/checkout/pull/1436)

</details>

<details>
<summary>actions/dependency-review-action
(actions/dependency-review-action)</summary>

###
[`v4.2.5`](https://github.com/actions/dependency-review-action/releases/tag/v4.2.5):
4.2.5

[Compare
Source](https://github.com/actions/dependency-review-action/compare/v4.2.4...v4.2.5)

#### What's Changed

- Fixed a bug where some configuration options in external files were
not being properly picked up --
[https://github.com/actions/dependency-review-action/pull/722](https://github.com/actions/dependency-review-action/pull/722)
-   Bump eslint from 8.56.0 to 8.57.0

**Full Changelog**:
actions/dependency-review-action@v4.2.4...v4.2.5

###
[`v4.2.4`](https://github.com/actions/dependency-review-action/releases/tag/v4.2.4)

[Compare
Source](https://github.com/actions/dependency-review-action/compare/v4.2.3...v4.2.4)

#### What's Changed

Fixed a bug in the output of OpenSSF cards for GitHub Actions.

#### New Contributors

- [@&#8203;sporkmonger](https://github.com/sporkmonger) made their
first contribution in
[https://github.com/actions/dependency-review-action/pull/721](https://github.com/actions/dependency-review-action/pull/721)

**Full Changelog**:
actions/dependency-review-action@v4.2.3...v4.2.4

###
[`v4.2.3`](https://github.com/actions/dependency-review-action/releases/tag/v4.2.3):
4.2.3

[Compare
Source](https://github.com/actions/dependency-review-action/compare/v4.1.3...v4.2.3)

#### What's Changed

- Set comment as output by [@&#8203;jsoref](https://github.com/jsoref)
in
[https://github.com/actions/dependency-review-action/pull/698](https://github.com/actions/dependency-review-action/pull/698)
- Add support for calculating OpenSSF Scorecards by
[@&#8203;jhutchings1](https://github.com/jhutchings1) in
[https://github.com/actions/dependency-review-action/pull/709](https://github.com/actions/dependency-review-action/pull/709)
- Add outputs for the changes data by
[@&#8203;laughedelic](https://github.com/laughedelic) in
[https://github.com/actions/dependency-review-action/pull/707](https://github.com/actions/dependency-review-action/pull/707)

#### New Contributors

- [@&#8203;jhutchings1](https://github.com/jhutchings1) made their
first contribution in
[https://github.com/actions/dependency-review-action/pull/709](https://github.com/actions/dependency-review-action/pull/709)
- [@&#8203;laughedelic](https://github.com/laughedelic) made their
first contribution in
[https://github.com/actions/dependency-review-action/pull/707](https://github.com/actions/dependency-review-action/pull/707)

**Full Changelog**:
actions/dependency-review-action@v4.1.3...v4.2.3

###
[`v4.1.3`](https://github.com/actions/dependency-review-action/releases/tag/v4.1.3):
4.1.3

[Compare
Source](https://github.com/actions/dependency-review-action/compare/v4.1.2...v4.1.3)

Fixes a bug in 4.1.2 that would introduce comments in every pull
request, regardless of the user's configuration (see
[https://github.com/actions/dependency-review-action/issues/697](https://github.com/actions/dependency-review-action/issues/697)).

**Full Changelog**:
actions/dependency-review-action@v4.1.2...v4.1.3

###
[`v4.1.2`](https://github.com/actions/dependency-review-action/releases/tag/v4.1.2):
4.1.2

[Compare
Source](https://github.com/actions/dependency-review-action/compare/v4.1.1...v4.1.2)

#### What's Changed

- Expose dependency comment content by
[@&#8203;jsoref](https://github.com/jsoref) in
[https://github.com/actions/dependency-review-action/pull/696](https://github.com/actions/dependency-review-action/pull/696)

**Full Changelog**:
actions/dependency-review-action@v4.1.1...v4.1.2

###
[`v4.1.1`](https://github.com/actions/dependency-review-action/releases/tag/v4.1.1):
4.1.1

[Compare
Source](https://github.com/actions/dependency-review-action/compare/v4.1.0...v4.1.1)

#### What's Changed

- Bump `undici` to fix
[GHSA-wqq4-5wpv-mx2g](https://github.com/nodejs/undici/security/advisories/GHSA-wqq4-5wpv-mx2g)
- Bump [@&#8203;types/node](https://github.com/types/node) from
20.11.17 to 20.11.19 by
[@&#8203;dependabot](https://github.com/dependabot) in
[https://github.com/actions/dependency-review-action/pull/693](https://github.com/actions/dependency-review-action/pull/693)

**Full Changelog**:
actions/dependency-review-action@v4.1.0...v4.1.1

###
[`v4.1.0`](https://github.com/actions/dependency-review-action/releases/tag/v4.1.0):
4.1.0

[Compare
Source](https://github.com/actions/dependency-review-action/compare/v4.0.0...v4.1.0)

#### What's Changed

- Add `warn-only` by [@&#8203;tgrall](https://github.com/tgrall) in
[https://github.com/actions/dependency-review-action/pull/432](https://github.com/actions/dependency-review-action/pull/432)

Added a new configuration option (`warn-only`, boolean) that makes the
action always succeed while still displaying found vulnerabilities in
the log.

- Create stale.yaml by
[@&#8203;jonjanego](https://github.com/jonjanego) in
[https://github.com/actions/dependency-review-action/pull/671](https://github.com/actions/dependency-review-action/pull/671)
- Use manual codeql config by
[@&#8203;juxtin](https://github.com/juxtin) in
[https://github.com/actions/dependency-review-action/pull/678](https://github.com/actions/dependency-review-action/pull/678)
- Multiple dependency updates (see the changelog below for more
information)

#### New Contributors

- [@&#8203;jonjanego](https://github.com/jonjanego) made their first
contribution in
[https://github.com/actions/dependency-review-action/pull/671](https://github.com/actions/dependency-review-action/pull/671)
- [@&#8203;tgrall](https://github.com/tgrall) made their first
contribution in
[https://github.com/actions/dependency-review-action/pull/432](https://github.com/actions/dependency-review-action/pull/432)

**Full Changelog**:
actions/dependency-review-action@v4...v4.1.0

###
[`v4.0.0`](https://github.com/actions/dependency-review-action/releases/tag/v4.0.0)

[Compare
Source](https://github.com/actions/dependency-review-action/compare/v3.1.5...v4.0.0)

- Update action to Node 20 by
[@&#8203;takost](https://github.com/takost) in
[https://github.com/actions/dependency-review-action/pull/639](https://github.com/actions/dependency-review-action/pull/639)
-   Dependabot updates, see the full changelog for more details.

#### New Contributors

- [@&#8203;takost](https://github.com/takost) made their first
contribution in
[https://github.com/actions/dependency-review-action/pull/639](https://github.com/actions/dependency-review-action/pull/639)

**Full Changelog**:
actions/dependency-review-action@v3.1.5...v4.0.0

</details>

<details>
<summary>actions/download-artifact (actions/download-artifact)</summary>

###
[`v4.1.4`](https://github.com/actions/download-artifact/releases/tag/v4.1.4)

[Compare
Source](https://github.com/actions/download-artifact/compare/v4.1.3...v4.1.4)

##### What's Changed

- Update
[@&#8203;actions/artifact](https://github.com/actions/artifact) by
[@&#8203;bethanyj28](https://github.com/bethanyj28) in
[https://github.com/actions/download-artifact/pull/307](https://github.com/actions/download-artifact/pull/307)

**Full Changelog**:
actions/download-artifact@v4...v4.1.4

###
[`v4.1.3`](https://github.com/actions/download-artifact/releases/tag/v4.1.3)

[Compare
Source](https://github.com/actions/download-artifact/compare/v4.1.2...v4.1.3)

##### What's Changed

- Update release-new-action-version.yml by
[@&#8203;konradpabjan](https://github.com/konradpabjan) in
[https://github.com/actions/download-artifact/pull/292](https://github.com/actions/download-artifact/pull/292)
- Update toolkit dependency with updated unzip logic by
[@&#8203;bethanyj28](https://github.com/bethanyj28) in
[https://github.com/actions/download-artifact/pull/299](https://github.com/actions/download-artifact/pull/299)
- Update
[@&#8203;actions/artifact](https://github.com/actions/artifact) by
[@&#8203;bethanyj28](https://github.com/bethanyj28) in
[https://github.com/actions/download-artifact/pull/303](https://github.com/actions/download-artifact/pull/303)

##### New Contributors

- [@&#8203;bethanyj28](https://github.com/bethanyj28) made their first
contribution in
[https://github.com/actions/download-artifact/pull/299](https://github.com/actions/download-artifact/pull/299)

**Full Changelog**:
actions/download-artifact@v4...v4.1.3

###
[`v4.1.2`](https://github.com/actions/download-artifact/releases/tag/v4.1.2)

[Compare
Source](https://github.com/actions/download-artifact/compare/v4.1.1...v4.1.2)

- Bump
[@&#8203;actions/artifacts](https://github.com/actions/artifacts) to
latest version to include [updated GHES host
check](https://github.com/actions/toolkit/pull/1648)

###
[`v4.1.1`](https://github.com/actions/download-artifact/releases/tag/v4.1.1)

[Compare
Source](https://github.com/actions/download-artifact/compare/v4.1.0...v4.1.1)

- Fix transient request timeouts
[https://github.com/actions/download-artifact/issues/249](https://github.com/actions/download-artifact/issues/249)
-   Bump `@actions/artifacts` to latest version

###
[`v4.1.0`](https://github.com/actions/download-artifact/releases/tag/v4.1.0)

[Compare
Source](https://github.com/actions/download-artifact/compare/v4.0.0...v4.1.0)

#### What's Changed

- Some cleanup by [@&#8203;robherley](https://github.com/robherley) in
[https://github.com/actions/download-artifact/pull/247](https://github.com/actions/download-artifact/pull/247)
- Fix default for run-id by [@&#8203;stchr](https://github.com/stchr)
in
[https://github.com/actions/download-artifact/pull/252](https://github.com/actions/download-artifact/pull/252)
- Support pattern matching to filter artifacts & merge to same directory
by [@&#8203;robherley](https://github.com/robherley) in
[https://github.com/actions/download-artifact/pull/259](https://github.com/actions/download-artifact/pull/259)

#### New Contributors

- [@&#8203;stchr](https://github.com/stchr) made their first
contribution in
[https://github.com/actions/download-artifact/pull/252](https://github.com/actions/download-artifact/pull/252)

**Full Changelog**:
actions/download-artifact@v4...v4.1.0

###
[`v4.0.0`](https://github.com/actions/download-artifact/releases/tag/v4.0.0)

[Compare
Source](https://github.com/actions/download-artifact/compare/v3.0.2...v4.0.0)

#### What's Changed

The release of upload-artifact@v4 and download-artifact@v4 are major
changes to the backend architecture of Artifacts. They have numerous
performance and behavioral improvements.

ℹ️ However, this is a major update that includes breaking changes.
Artifacts created with versions v3 and below are not compatible with the
v4 actions. Uploads and downloads *must* use the same major actions
versions. There are also key differences from previous versions that may
require updates to your workflows.

For more information, please see:

1. The
[changelog](https://github.blog/changelog/2023-12-14-github-actions-artifacts-v4-is-now-generally-available/)
post.
2. The
[README](https://github.com/actions/download-artifact/blob/main/README.md).
3. The [migration
documentation](https://github.com/actions/upload-artifact/blob/main/docs/MIGRATION.md).
4. As well as the underlying npm package,
[@&#8203;actions/artifact](https://github.com/actions/toolkit/tree/main/packages/artifact)
documentation.

#### New Contributors

- [@&#8203;bflad](https://github.com/bflad) made their first
contribution in
[https://github.com/actions/download-artifact/pull/194](https://github.com/actions/download-artifact/pull/194)

**Full Changelog**:
actions/download-artifact@v3...v4.0.0

</details>

<details>
<summary>actions/setup-node (actions/setup-node)</summary>

### [`v4`](https://github.com/actions/setup-node/compare/v3...v4)

[Compare
Source](https://github.com/actions/setup-node/compare/v3...v4)

</details>

<details>
<summary>actions/upload-artifact (actions/upload-artifact)</summary>

###
[`v4.3.1`](https://github.com/actions/upload-artifact/releases/tag/v4.3.1)

[Compare
Source](https://github.com/actions/upload-artifact/compare/v4.3.0...v4.3.1)

- Bump
[@&#8203;actions/artifacts](https://github.com/actions/artifacts) to
latest version to include [updated GHES host
check](https://github.com/actions/toolkit/pull/1648)

###
[`v4.3.0`](https://github.com/actions/upload-artifact/releases/tag/v4.3.0)

[Compare
Source](https://github.com/actions/upload-artifact/compare/v4.2.0...v4.3.0)

##### What's Changed

- Reorganize upload code in prep for merge logic & add more tests by
[@&#8203;robherley](https://github.com/robherley) in
[https://github.com/actions/upload-artifact/pull/504](https://github.com/actions/upload-artifact/pull/504)
- Add sub-action to merge artifacts by
[@&#8203;robherley](https://github.com/robherley) in
[https://github.com/actions/upload-artifact/pull/505](https://github.com/actions/upload-artifact/pull/505)

**Full Changelog**:
actions/upload-artifact@v4...v4.3.0

###
[`v4.2.0`](https://github.com/actions/upload-artifact/releases/tag/v4.2.0)

[Compare
Source](https://github.com/actions/upload-artifact/compare/v4.1.0...v4.2.0)

##### What's Changed

- Ability to overwrite an Artifact by
[@&#8203;robherley](https://github.com/robherley) in
[https://github.com/actions/upload-artifact/pull/501](https://github.com/actions/upload-artifact/pull/501)

**Full Changelog**:
actions/upload-artifact@v4...v4.2.0

###
[`v4.1.0`](https://github.com/actions/upload-artifact/releases/tag/v4.1.0)

[Compare
Source](https://github.com/actions/upload-artifact/compare/v4.0.0...v4.1.0)

#### What's Changed

- Add migrations docs by
[@&#8203;robherley](https://github.com/robherley) in
[https://github.com/actions/upload-artifact/pull/482](https://github.com/actions/upload-artifact/pull/482)
- Update README.md by
[@&#8203;samuelwine](https://github.com/samuelwine) in
[https://github.com/actions/upload-artifact/pull/492](https://github.com/actions/upload-artifact/pull/492)
- Support artifact-url output by
[@&#8203;konradpabjan](https://github.com/konradpabjan) in
[https://github.com/actions/upload-artifact/pull/496](https://github.com/actions/upload-artifact/pull/496)
- Update readme to reflect new 500 artifact per job limit by
[@&#8203;robherley](https://github.com/robherley) in
[https://github.com/actions/upload-artifact/pull/497](https://github.com/actions/upload-artifact/pull/497)

#### New Contributors

- [@&#8203;samuelwine](https://github.com/samuelwine) made their first
contribution in
[https://github.com/actions/upload-artifact/pull/492](https://github.com/actions/upload-artifact/pull/492)

**Full Changelog**:
actions/upload-artifact@v4...v4.1.0

###
[`v4.0.0`](https://github.com/actions/upload-artifact/releases/tag/v4.0.0)

[Compare
Source](https://github.com/actions/upload-artifact/compare/v3.1.3...v4.0.0)

#### What's Changed

The release of upload-artifact@v4 and download-artifact@v4 are major
changes to the backend architecture of Artifacts. They have numerous
performance and behavioral improvements.

For more information, see the
[@&#8203;actions/artifact](https://github.com/actions/toolkit/tree/main/packages/artifact)
documentation.

#### New Contributors

- [@&#8203;vmjoseph](https://github.com/vmjoseph) made their first
contribution in
[https://github.com/actions/upload-artifact/pull/464](https://github.com/actions/upload-artifact/pull/464)

**Full Changelog**:
actions/upload-artifact@v3...v4.0.0

</details>

<details>
<summary>github/codeql-action (github/codeql-action)</summary>

###
[`v3.24.9`](https://github.com/github/codeql-action/compare/v3.24.8...v3.24.9)

[Compare
Source](https://github.com/github/codeql-action/compare/v3.24.8...v3.24.9)

###
[`v3.24.8`](https://github.com/github/codeql-action/compare/v3.24.7...v3.24.8)

[Compare
Source](https://github.com/github/codeql-action/compare/v3.24.7...v3.24.8)

###
[`v3.24.7`](https://github.com/github/codeql-action/compare/v3.24.6...v3.24.7)

[Compare
Source](https://github.com/github/codeql-action/compare/v3.24.6...v3.24.7)

###
[`v3.24.6`](https://github.com/github/codeql-action/compare/v3.24.5...v3.24.6)

[Compare
Source](https://github.com/github/codeql-action/compare/v3.24.5...v3.24.6)

###
[`v3.24.5`](https://github.com/github/codeql-action/compare/v3.24.4...v3.24.5)

[Compare
Source](https://github.com/github/codeql-action/compare/v3.24.4...v3.24.5)

###
[`v3.24.4`](https://github.com/github/codeql-action/compare/v3.24.3...v3.24.4)

[Compare
Source](https://github.com/github/codeql-action/compare/v3.24.3...v3.24.4)

###
[`v3.24.3`](https://github.com/github/codeql-action/compare/v3.24.2...v3.24.3)

[Compare
Source](https://github.com/github/codeql-action/compare/v3.24.2...v3.24.3)

###
[`v3.24.2`](https://github.com/github/codeql-action/compare/v3.24.1...v3.24.2)

[Compare
Source](https://github.com/github/codeql-action/compare/v3.24.1...v3.24.2)

###
[`v3.24.1`](https://github.com/github/codeql-action/compare/v3.24.0...v3.24.1)

[Compare
Source](https://github.com/github/codeql-action/compare/v3.24.0...v3.24.1)

###
[`v3.24.0`](https://github.com/github/codeql-action/compare/v3.23.2...v3.24.0)

[Compare
Source](https://github.com/github/codeql-action/compare/v3.23.2...v3.24.0)

###
[`v3.23.2`](https://github.com/github/codeql-action/compare/v3.23.1...v3.23.2)

[Compare
Source](https://github.com/github/codeql-action/compare/v3.23.1...v3.23.2)

###
[`v3.23.1`](https://github.com/github/codeql-action/compare/v3.23.0...v3.23.1)

[Compare
Source](https://github.com/github/codeql-action/compare/v3.23.0...v3.23.1)

###
[`v3.23.0`](https://github.com/github/codeql-action/compare/v3.22.12...v3.23.0)

[Compare
Source](https://github.com/github/codeql-action/compare/v3.22.12...v3.23.0)

###
[`v3.22.12`](https://github.com/github/codeql-action/compare/v3.22.11...v3.22.12)

[Compare
Source](https://github.com/github/codeql-action/compare/v3.22.11...v3.22.12)

###
[`v3.22.11`](https://github.com/github/codeql-action/compare/v2.22.11...v3.22.11)

[Compare
Source](https://github.com/github/codeql-action/compare/v2.24.9...v3.22.11)

###
[`v2.24.9`](https://github.com/github/codeql-action/compare/v2.24.8...v2.24.9)

[Compare
Source](https://github.com/github/codeql-action/compare/v2.24.8...v2.24.9)

</details>

<details>
<summary>golangci/golangci-lint-action
(golangci/golangci-lint-action)</summary>

###
[`v4`](https://github.com/golangci/golangci-lint-action/compare/v3...v4)

[Compare
Source](https://github.com/golangci/golangci-lint-action/compare/v3...v4)

</details>

---

### Configuration

📅 **Schedule**: Branch creation - "before 4am on the first day of the
month" (UTC), Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

👻 **Immortal**: This PR will be recreated if closed unmerged. Get
[config help](https://github.com/renovatebot/renovate/discussions) if
that's undesired.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View
repository job log
[here](https://developer.mend.io/github/slsa-framework/slsa-verifier).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy44LjEiLCJ1cGRhdGVkSW5WZXIiOiIzNy4yNjkuMiIsInRhcmdldEJyYW5jaCI6Im1haW4ifQ==-->

Signed-off-by: Mend Renovate <[email protected]>

Author: renovate-bot

.github/workflows/codeql-analysis.yml

@@ -40,7 +40,7 @@ jobs:
 
     steps:
       - name: Checkout repository
-        uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0
+        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
 
       # TODO(#740): Workaround for go1.21 compatibility. Remove when GHA runners have Go 1.21+.
       - name: setup-go
@@ -52,7 +52,7 @@ jobs:
 
       # Initializes the CodeQL tools for scanning.
       - name: Initialize CodeQL
-        uses: github/codeql-action/init@c2dc67199a2e650d535d7de586a07597aea4d9c7 # v2.24.8
+        uses: github/codeql-action/init@1b1aada464948af03b950897e5eb522f92603cc2 # v3.24.9
         with:
           languages: ${{ matrix.language }}
           # If you wish to specify custom queries, you can do so here or in a config file.
@@ -63,7 +63,7 @@ jobs:
       # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
       # If this step fails, then you should remove it and run the build manually (see below)
       - name: Autobuild
-        uses: github/codeql-action/autobuild@c2dc67199a2e650d535d7de586a07597aea4d9c7 # v2.24.8
+        uses: github/codeql-action/autobuild@1b1aada464948af03b950897e5eb522f92603cc2 # v3.24.9
       # Command-line programs to run using the OS shell.
       # 📚 https://git.io/JvXDl
 
@@ -76,4 +76,4 @@ jobs:
       #     make release
 
       - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@c2dc67199a2e650d535d7de586a07597aea4d9c7 # v2.24.8
+        uses: github/codeql-action/analyze@1b1aada464948af03b950897e5eb522f92603cc2 # v3.24.9

.github/workflows/depsreview.yml

@@ -9,6 +9,6 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: 'Checkout Repository'
-        uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0
+        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
       - name: 'Dependency Review'
-        uses: actions/dependency-review-action@c74b580d73376b7750d3d2a50bfb8adc2c937507 # v3.1.5
+        uses: actions/dependency-review-action@5bbc3ba658137598168acb2ab73b21c432dd411b # v4.2.5

.github/workflows/e2e.schedule.cli.yml

@@ -16,7 +16,7 @@ jobs:
     runs-on: ubuntu-latest
     # See https://github.com/orgs/community/discussions/26238.
     steps:
-      - uses: actions/download-artifact@9bc31d5ccc31df68ecc42ccf4149144866c47d8a # v3.0.2
+      - uses: actions/download-artifact@c850b930e6ba138125429b7e5c93fc707a7f8427 # v4.1.4
         with:
           name: event_name
       - name: Check event name
@@ -28,7 +28,7 @@ jobs:
             ctned="true"
           fi
           echo "continue=$ctned" >> $GITHUB_OUTPUT
-      - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0
+      - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
         if: steps.name.outputs.continue == 'true'
         with:
           ref: main

.github/workflows/e2e.schedule.installer.yml

@@ -27,14 +27,14 @@ jobs:
       version: ${{ steps.generate-versions.outputs.version }}
     steps:
       - name: Checkout
-        uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0
+        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
         with:
           # NOTE: the example-package needs to be checked out in the default workspace.
           repository: slsa-framework/example-package
           ref: main
 
       - name: Checkout
-        uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0
+        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
         with:
           path: __THIS_REPO__
 
@@ -77,7 +77,7 @@ jobs:
       - name: Checkout this repository
         # Skip release candidates unless specified explicitly.
         if: ${{ inputs.version != '' || ! contains(matrix.version, '-rc' ) }}
-        uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0
+        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
         with:
           ref: ${{ matrix.version }}
 
@@ -196,7 +196,7 @@ jobs:
       contents: read
       issues: write
     steps:
-      - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0
+      - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
         with:
           repository: slsa-framework/example-package
           ref: main
@@ -210,7 +210,7 @@ jobs:
       contents: read
       issues: write
     steps:
-      - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0
+      - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
         with:
           repository: slsa-framework/example-package
           ref: main

.github/workflows/pre-submit.actions.yml

@@ -11,10 +11,10 @@ jobs:
   check-dist:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0
+      - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
 
       - name: Set Node.js 16
-        uses: actions/setup-node@1a4442cacd436585916779262731d5b162bc6ec7 # v3.8.2
+        uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # v4.0.2
         with:
           node-version: 16
 
@@ -34,7 +34,7 @@ jobs:
           fi
 
       # If index.js was different from expected, upload the expected version as an artifact
-      - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3
+      - uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1
         if: ${{ failure() && steps.diff.conclusion == 'failure' }}
         with:
           name: dist

.github/workflows/pre-submit.cli.yml

@@ -15,7 +15,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout
-        uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0
+        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
 
       - name: setup-go
         uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0
@@ -30,7 +30,7 @@ jobs:
         run: |
           echo "$EVENT_NAME" > ./event_name.txt
 
-      - uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3
+      - uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1
         with:
           name: event_name
           path: ./event_name.txt

.github/workflows/pre-submit.e2e.yml

@@ -11,7 +11,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout
-        uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0
+        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
         with:
           path: __THIS_REPO__
 
@@ -29,7 +29,7 @@ jobs:
           go build -o slsa-verifier ./cli/slsa-verifier
 
       - name: Checkout e2e verification script
-        uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0
+        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
         with:
           path: __EXAMPLE_PACKAGE__
           repository: slsa-framework/example-package

.github/workflows/pre-submit.lfs.yml

@@ -11,7 +11,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout
-        uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0
+        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
       - uses: actionsdesk/lfs-warning@e5f9a4c21f4bee104db7c0f23954dde59e5df909 # v3.2
         with:
           token: ${{ secrets.GITHUB_TOKEN }}

.github/workflows/pre-submit.lint.yml

@@ -10,13 +10,13 @@ jobs:
   golangci-lint:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0
+      - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
       - uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0
         with:
           go-version-file: "go.mod"
           # not needed but gets rid of warnings
           cache: false
-      - uses: golangci/golangci-lint-action@v3
+      - uses: golangci/golangci-lint-action@v4
         name: golangci-lint
         with:
           # Require: The version of golangci-lint to use.
@@ -27,7 +27,7 @@ jobs:
   yamllint:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0
+      - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
       - env:
           YAMLLINT_VERSION: "1.26.3"
         run: |
@@ -42,8 +42,8 @@ jobs:
   eslint:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0
-      - uses: actions/setup-node@v3
+      - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
+      - uses: actions/setup-node@v4
         with:
           node-version: 16
       - run: make eslint

.github/workflows/pre-submit.references.yml

@@ -13,7 +13,7 @@ jobs:
     env:
       BODY: ${{ github.event.pull_request.body }}
     steps:
-      - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0
+      - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
 
       - name: Check documentation is up-to-date
         run: |

.github/workflows/release.yml

@@ -26,7 +26,7 @@ jobs:
       version: ${{ steps.ldflags.outputs.version }}
     steps:
       - id: checkout
-        uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0
+        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
         with:
           fetch-depth: 0
       - id: ldflags
@@ -98,7 +98,7 @@ jobs:
       contents: read
       issues: write
     steps:
-      - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0
+      - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
         with:
           repository: slsa-framework/example-package
           ref: main
@@ -112,7 +112,7 @@ jobs:
       contents: read
       issues: write
     steps:
-      - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0
+      - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
         with:
           repository: slsa-framework/example-package
           ref: main

.github/workflows/scorecards.yml

@@ -25,7 +25,7 @@ jobs:
 
     steps:
       - name: "Checkout code"
-        uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0
+        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
         with:
           persist-credentials: false
 
@@ -49,14 +49,14 @@ jobs:
       # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF
       # format to the repository Actions tab.
       - name: "Upload artifact"
-        uses: actions/upload-artifact@a8a3f3ad30e3422c9c7b888a15615d19a852ae32 # v3.1.3
+        uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1
         with:
           name: SARIF file
           path: results.sarif
           retention-days: 5
 
       # Upload the results to GitHub's code scanning dashboard.
       - name: "Upload to code-scanning"
-        uses: github/codeql-action/upload-sarif@c2dc67199a2e650d535d7de586a07597aea4d9c7 # v2.24.8
+        uses: github/codeql-action/upload-sarif@1b1aada464948af03b950897e5eb522f92603cc2 # v3.24.9
         with:
           sarif_file: results.sarif