build(dependencies): bump the github-actions group across 1 directory…

… with 8 updates (#11)

Bumps the github-actions group with 8 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [actions/upload-artifact](https://github.com/actions/upload-artifact) | `4.3.3` | `4.3.4` |
| [actions/download-artifact](https://github.com/actions/download-artifact) | `4.1.7` | `4.1.8` |
| [docker/setup-qemu-action](https://github.com/docker/setup-qemu-action) | `3.0.0` | `3.1.0` |
| [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) | `3.3.0` | `3.4.0` |
| [docker/build-push-action](https://github.com/docker/build-push-action) | `6.2.0` | `6.3.0` |
| [bridgecrewio/checkov-action](https://github.com/bridgecrewio/checkov-action) | `12.2798.0` | `12.2823.0` |
| [github/codeql-action](https://github.com/github/codeql-action) | `3.25.11` | `3.25.12` |
| [actions/setup-node](https://github.com/actions/setup-node) | `4.0.2` | `4.0.3` |



Updates `actions/upload-artifact` from 4.3.3 to 4.3.4
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](actions/upload-artifact@6546280...0b2256b)

Updates `actions/download-artifact` from 4.1.7 to 4.1.8
- [Release notes](https://github.com/actions/download-artifact/releases)
- [Commits](actions/download-artifact@65a9edc...fa0a91b)

Updates `docker/setup-qemu-action` from 3.0.0 to 3.1.0
- [Release notes](https://github.com/docker/setup-qemu-action/releases)
- [Commits](docker/setup-qemu-action@6882732...5927c83)

Updates `docker/setup-buildx-action` from 3.3.0 to 3.4.0
- [Release notes](https://github.com/docker/setup-buildx-action/releases)
- [Commits](docker/setup-buildx-action@d70bba7...4fd8129)

Updates `docker/build-push-action` from 6.2.0 to 6.3.0
- [Release notes](https://github.com/docker/build-push-action/releases)
- [Commits](docker/build-push-action@1556069...1a16264)

Updates `bridgecrewio/checkov-action` from 12.2798.0 to 12.2823.0
- [Release notes](https://github.com/bridgecrewio/checkov-action/releases)
- [Commits](bridgecrewio/checkov-action@1aa570d...4bb6746)

Updates `github/codeql-action` from 3.25.11 to 3.25.12
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](github/codeql-action@b611370...4fa2a79)

Updates `actions/setup-node` from 4.0.2 to 4.0.3
- [Release notes](https://github.com/actions/setup-node/releases)
- [Commits](actions/setup-node@60edb5d...1e60f62)

---
updated-dependencies:
- dependency-name: actions/upload-artifact
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions
- dependency-name: actions/download-artifact
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions
- dependency-name: docker/setup-qemu-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions
- dependency-name: docker/setup-buildx-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions
- dependency-name: docker/build-push-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions
- dependency-name: bridgecrewio/checkov-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions
- dependency-name: actions/setup-node
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

.github/workflows/ci-generic.yml

@@ -68,7 +68,7 @@ jobs:
         version: ${{ inputs.version }}
 
     - name: Upload Instance BuildInfo.properties
-      uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 #4.3.3
+      uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b #4.3.4
       with:
         name: pre-build-instance-buildinfo
         path: ./*/main/resources/BuildInfo.properties

.github/workflows/docker-ci-generic.yml

@@ -76,13 +76,13 @@ jobs:
       uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 #4.1.7
 
     - name: "Download Pre-build Artifacts"
-      uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e #4.1.7
+      uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 #4.1.8
       with:
         pattern: pre-build-*
         merge-multiple: true
 
     - name: "Download Build Artifacts"
-      uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e #4.1.7
+      uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 #4.1.8
       with:
         pattern: build-*
         merge-multiple: true
@@ -102,14 +102,14 @@ jobs:
           latest=false
 
     - name: Set up QEMU
-      uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3 #3.0.0
+      uses: docker/setup-qemu-action@5927c834f5b4fdf503fca6f4c7eccda82949e1ee #3.1.0
 
     - name: Set up Docker Buildx
-      uses: docker/setup-buildx-action@d70bba72b1f3fd22344832f00baa16ece964efeb #3.3.0
+      uses: docker/setup-buildx-action@4fd812986e6c8c2a69e18311145f9371337f27d4 #3.4.0
 
     - name: Build and export Docker image
       id: build
-      uses: docker/build-push-action@15560696de535e4014efeff63c48f16952e52dd1 #6.2.0
+      uses: docker/build-push-action@1a162644f9a7e87d8f4b053101d1d9a712edc18c #6.3.0
       with:
         context: .
         platforms: linux/amd64
@@ -121,7 +121,7 @@ jobs:
         cache-to: type=gha,mode=max
 
     - name: "Upload Docker tar"
-      uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 #4.3.3
+      uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b #4.3.4
       with:
         name: build-docker-image
         path: ./image.tar
@@ -146,7 +146,7 @@ jobs:
 
     - name: Lint Dockerfile with Checkov
       id: checkov
-      uses: bridgecrewio/checkov-action@1aa570d5235ac1bb571b6ad857c5ca3ba3670b74 #12.2798.0
+      uses: bridgecrewio/checkov-action@4bb67465e1497251e876269c248f3f8efda3bce5 #12.2823.0
       with:
         directory: .
         framework: dockerfile
@@ -158,13 +158,13 @@ jobs:
         output_file_path: reports/checkov-results.sarif
 
     - name: Upload Sarif report as artifact
-      uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 #4.3.3
+      uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b #4.3.4
       with:
         name: checkov-results
         path: reports/checkov-results.sarif
 
     - name: Upload to GitHub Security
-      uses: github/codeql-action/upload-sarif@b611370bb5703a7efb587f9d136a52ea24c5c38c #3.25.11
+      uses: github/codeql-action/upload-sarif@4fa2a7953630fd2f3fb380f21be14ede0169dd4f #3.25.12
       if: ${{ inputs.upload-sarif-to-security }}
       with:
         sarif_file: 'reports/checkov-results.sarif'
@@ -175,7 +175,7 @@ jobs:
   #   steps:
   #   -  
   #     name: "Download Docker tar"
-  #     uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e #4.1.7
+  #     uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 #4.1.8
   #     with:
   #       name: docker
   #       path: .
@@ -201,7 +201,7 @@ jobs:
   #       hide-progress: false
   #   - 
   #     name: "Upload Sarif report as artifact"
-  #     uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 #4.3.3
+  #     uses: actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b #4.3.4
   #     with:
   #       name: trivy-results
   #       path: trivy-results.sarif
@@ -227,7 +227,7 @@ jobs:
           github.com:443
 
     - name: Download Docker tar
-      uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e #4.1.7
+      uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 #4.1.8
       with:
         name: build-docker-image
 

.github/workflows/docker-release-generic.yml

@@ -56,13 +56,13 @@ jobs:
       uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 #4.1.7
 
     - name: "Download Pre-build Artifacts"
-      uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e #4.1.7
+      uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 #4.1.8
       with:
         pattern: pre-build-*
         merge-multiple: true
 
     - name: "Download Build Artifacts"
-      uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e #4.1.7
+      uses: actions/download-artifact@fa0a91b85d4f404e444e00e005971372dc801d16 #4.1.8
       with:
         pattern: build-*
         merge-multiple: true
@@ -82,10 +82,10 @@ jobs:
           latest=false
 
     - name: Set up QEMU
-      uses: docker/setup-qemu-action@68827325e0b33c7199eb31dd4e31fbe9023e06e3 #3.0.0
+      uses: docker/setup-qemu-action@5927c834f5b4fdf503fca6f4c7eccda82949e1ee #3.1.0
 
     - name: Set up Docker Buildx
-      uses: docker/setup-buildx-action@d70bba72b1f3fd22344832f00baa16ece964efeb #3.3.0
+      uses: docker/setup-buildx-action@4fd812986e6c8c2a69e18311145f9371337f27d4 #3.4.0
 
     - name: Login to Container Registry
       uses: docker/login-action@0d4c9c5ea7693da7b068278f7b52bda2a190a446 # 3.2.0
@@ -95,7 +95,7 @@ jobs:
 
     - name: Build and export Docker image
       id: build
-      uses: docker/build-push-action@15560696de535e4014efeff63c48f16952e52dd1 #6.2.0
+      uses: docker/build-push-action@1a162644f9a7e87d8f4b053101d1d9a712edc18c #6.3.0
       with:
         context: .
         platforms: linux/amd64, linux/arm64

.github/workflows/docusaurus-release.yml

@@ -38,7 +38,7 @@ jobs:
         uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
 
       - name: Set Up Node.js
-        uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 # v4.0.2
+        uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b # v4.0.3
         with:
           node-version: 20.x
           cache: npm

.github/workflows/release.yml

@@ -37,7 +37,7 @@ jobs:
           token: ${{ secrets.WEAREFRANK_BOT_PAT }}
 
       - name: Setup Node
-        uses: actions/setup-node@60edb5dd545a775178f52524783378180af0d1f8 #4.0.2
+        uses: actions/setup-node@1e60f620b9541d16bece96c5465dc8ee9832be0b #4.0.3
         with:
           node-version: 20.x