[ci][skip-ci](deps): Bump the github-actions group with 5 updates (#94)

dependabot[bot] · Nick2bad4u · web-flow · commit 69cfad0d5e0d · 2025-10-30T18:09:26.000-04:00
Bumps the github-actions group with 5 updates: | Package | From | To | | --- | --- | --- | | [actions/upload-artifact](https://github.com/actions/upload-artifact) | `4.6.2` | `5.0.0` | | [actions/download-artifact](https://github.com/actions/download-artifact) | `5.0.0` | `6.0.0` | | [github/codeql-action](https://github.com/github/codeql-action) | `3.30.6` | `4.31.0` | | [rojopolis/spellcheck-github-actions](https://github.com/rojopolis/spellcheck-github-actions) | `0.52.0` | `0.53.0` | | [trufflesecurity/trufflehog](https://github.com/trufflesecurity/trufflehog) | `3.90.11` | `3.90.12` | Updates `actions/upload-artifact` from 4.6.2 to 5.0.0 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](actions/upload-artifact@v4.6.2...330a01c) Updates `actions/download-artifact` from 5.0.0 to 6.0.0 - [Release notes](https://github.com/actions/download-artifact/releases) - [Commits](actions/download-artifact@634f93c...018cc2c) Updates `github/codeql-action` from 3.30.6 to 4.31.0 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@64d10c1...4e94bd1) Updates `rojopolis/spellcheck-github-actions` from 0.52.0 to 0.53.0 - [Release notes](https://github.com/rojopolis/spellcheck-github-actions/releases) - [Changelog](https://github.com/rojopolis/spellcheck-github-actions/blob/master/CHANGELOG.md) - [Commits](rojopolis/spellcheck-github-actions@739a1e3...336d2b4) Updates `trufflesecurity/trufflehog` from 3.90.11 to 3.90.12 - [Release notes](https://github.com/trufflesecurity/trufflehog/releases) - [Changelog](https://github.com/trufflesecurity/trufflehog/blob/main/.goreleaser.yml) - [Commits](trufflesecurity/trufflehog@ad6fc8f...b84c3d1) --- updated-dependencies: - dependency-name: actions/upload-artifact dependency-version: 5.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: actions/download-artifact dependency-version: 6.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: github/codeql-action dependency-version: 4.31.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: rojopolis/spellcheck-github-actions dependency-version: 0.53.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: trufflesecurity/trufflehog dependency-version: 3.90.12 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Typpi <20943337+Nick2bad4u@users.noreply.github.com>
diff --git a/.github/workflows/ActionLint.yml b/.github/workflows/ActionLint.yml
@@ -46,7 +46,7 @@ jobs:
               with:
                   shellcheck_opts: "-e SC2129"
 
-            - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
+            - uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0
               with:
                   name: actionlint-results
                   path: ${{ steps.action-lint.outputs.results-file }}
diff --git a/.github/workflows/Build.yml b/.github/workflows/Build.yml
@@ -97,7 +97,7 @@ jobs:
                   GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
 
             - name: Upload bumped package.json to repo
-              uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
+              uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0
               with:
                   name: bumped-package-json
                   path: .
@@ -164,7 +164,7 @@ jobs:
                   ref: ${{ github.event.inputs.branch || github.ref }}
 
             - name: Download bumped package.json from bump-version job
-              uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0
+              uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0
               with:
                   name: bumped-package-json
                   path: .
@@ -322,7 +322,7 @@ jobs:
 
             - name: Upload build dist files as artifact
               id: upload_artifact
-              uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
+              uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0
               with:
                   name: dist-${{ matrix.os }}-${{ matrix.arch }}
                   path: |
@@ -362,7 +362,7 @@ jobs:
                   ref: ${{ github.event.inputs.branch || github.ref }}
 
             - name: Download all build artifacts from build job
-              uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0
+              uses: actions/download-artifact@018cc2cf5baa6db3ef3c5f8a56943fffe632ef53 # v6.0.0
               with:
                   path: ./artifacts
 
diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
@@ -125,7 +125,7 @@ jobs:
 
             # Initializes the CodeQL tools for scanning.
             - name: Initialize CodeQL
-              uses: github/codeql-action/init@64d10c13136e1c5bce3e5fbde8d4906eeaafc885 # v3.29.5
+              uses: github/codeql-action/init@4e94bd11f71e507f7f87df81788dff88d1dacbfb # v3.29.5
               with:
                   languages: ${{ matrix.language }}
                   source-root: .
@@ -169,7 +169,7 @@ jobs:
 
             - name: Upload CodeQL DBs (debug)
               if: always()
-              uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
+              uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0
               with:
                   name: codeql-databases-${{ matrix.language }}
                   path: |
@@ -181,6 +181,6 @@ jobs:
             # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun
 
             - name: Perform CodeQL Analysis
-              uses: github/codeql-action/analyze@64d10c13136e1c5bce3e5fbde8d4906eeaafc885 # v3.29.5
+              uses: github/codeql-action/analyze@4e94bd11f71e507f7f87df81788dff88d1dacbfb # v3.29.5
               with:
                   category: "/language:${{matrix.language}}"
diff --git a/.github/workflows/devskim.yml b/.github/workflows/devskim.yml
@@ -52,12 +52,12 @@ jobs:
                   done
 
             - name: Upload DevSkim SARIF as artifact
-              uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
+              uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0
               with:
                   name: devskim-results
                   path: devskim-results.sarif
 
             - name: Upload DevSkim scan results to GitHub Security tab
-              uses: github/codeql-action/upload-sarif@64d10c13136e1c5bce3e5fbde8d4906eeaafc885 # v3.29.5
+              uses: github/codeql-action/upload-sarif@4e94bd11f71e507f7f87df81788dff88d1dacbfb # v3.29.5
               with:
                   sarif_file: devskim-results.sarif
diff --git a/.github/workflows/electronegativity.yml b/.github/workflows/electronegativity.yml
@@ -29,6 +29,6 @@ jobs:
                   input: .
                   version: latest
             - name: Upload SARIF results
-              uses: github/codeql-action/upload-sarif@64d10c13136e1c5bce3e5fbde8d4906eeaafc885 # v3.29.5
+              uses: github/codeql-action/upload-sarif@4e94bd11f71e507f7f87df81788dff88d1dacbfb # v3.29.5
               with:
                   sarif_file: ../electronegativity_results
diff --git a/.github/workflows/eslint.yml b/.github/workflows/eslint.yml
@@ -89,13 +89,13 @@ jobs:
               working-directory: .
 
             - name: Upload analysis results to GitHub
-              uses: github/codeql-action/upload-sarif@64d10c13136e1c5bce3e5fbde8d4906eeaafc885 # v2.27.0
+              uses: github/codeql-action/upload-sarif@4e94bd11f71e507f7f87df81788dff88d1dacbfb # v2.27.0
               with:
                   sarif_file: eslint-results.sarif
                   wait-for-processing: true
 
             - name: Upload ESLint SARIF as artifact
-              uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
+              uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0
               with:
                   name: eslint-results
                   path: eslint-results.sarif
diff --git a/.github/workflows/flatpak-build.yml b/.github/workflows/flatpak-build.yml
@@ -166,7 +166,7 @@ jobs:
 
             # Optionally, upload the FlatPak bundle as an artifact
             - name: Upload FlatPak bundle
-              uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
+              uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0
               with:
                   name: flatpak-bundle
                   path: ./Uptime-Watcher.flatpak
diff --git a/.github/workflows/mega-linter.yml b/.github/workflows/mega-linter.yml
@@ -51,7 +51,7 @@ jobs:
             # Upload MegaLinter artifacts
             - name: Archive production artifacts
               if: success() || failure()
-              uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
+              uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0
               with:
                   name: MegaLinter reports
                   path: |
diff --git a/.github/workflows/playwright.yml b/.github/workflows/playwright.yml
@@ -94,7 +94,7 @@ jobs:
             # For organization-wide consistency, document and update artifact retention policy in your repository’s CI/CD guidelines.
             - name: Upload Playwright report
               if: ${{ !cancelled() }}
-              uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
+              uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0
               with:
                   name: playwright-report
                   path: playwright-report/
diff --git a/.github/workflows/print-release-asset-sizes.yml b/.github/workflows/print-release-asset-sizes.yml
@@ -92,7 +92,7 @@ jobs:
                   } >> "$GITHUB_STEP_SUMMARY"
 
             - name: Upload sizes.md as artifact
-              uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
+              uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0
               with:
                   name: release-asset-sizes
                   path: sizes.md
diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml
@@ -111,14 +111,14 @@ jobs:
             # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF
             # format to the repository Actions tab.
             - name: "Upload artifact"
-              uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
+              uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0
               with:
                   name: SARIF file
                   path: results.sarif
                   retention-days: 5
 
             # Upload the results to GitHub's code scanning dashboard.
             - name: "Upload to code-scanning"
-              uses: github/codeql-action/upload-sarif@64d10c13136e1c5bce3e5fbde8d4906eeaafc885 # v2.27.0
+              uses: github/codeql-action/upload-sarif@4e94bd11f71e507f7f87df81788dff88d1dacbfb # v2.27.0
               with:
                   sarif_file: results.sarif
diff --git a/.github/workflows/security-devops.yml b/.github/workflows/security-devops.yml
@@ -40,6 +40,6 @@ jobs:
               uses: microsoft/security-devops-action@d0736c546281e0632667b8e0046ae3d7bba0bf67 # latest
               id: msdo
             - name: Upload results to Security tab
-              uses: github/codeql-action/upload-sarif@64d10c13136e1c5bce3e5fbde8d4906eeaafc885 # v3.29.5
+              uses: github/codeql-action/upload-sarif@4e94bd11f71e507f7f87df81788dff88d1dacbfb # v3.29.5
               with:
                   sarif_file: ${{ steps.msdo.outputs.sarifFile }}
diff --git a/.github/workflows/spelling_action.yml b/.github/workflows/spelling_action.yml
@@ -32,13 +32,13 @@ jobs:
                   egress-policy: audit
 
             - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
-            - uses: rojopolis/spellcheck-github-actions@739a1e3ceb79a98a5d4a9bf76f351137f9d78892 # 0.52.0
+            - uses: rojopolis/spellcheck-github-actions@336d2b4c911d9e582a8e7aa1143f0e862daefbc0 # 0.53.0
               name: Spellcheck
               continue-on-error: true
               with:
                   config_path: .github/.spellcheck.yml
                   output_file: spellcheck-output.txt
-            - uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
+            - uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0
               if: ${{ !cancelled() }}
               with:
                   name: Spellcheck Output
diff --git a/.github/workflows/stryker-mutation-testing.yml b/.github/workflows/stryker-mutation-testing.yml
@@ -219,7 +219,7 @@ jobs:
 
             - name: Upload mutation testing reports
               if: always() # Upload reports even if Stryker fails
-              uses: actions/upload-artifact@ef09cdac3e2d3e60d8ccadda691f4f1cec5035cb # v5.0.0
+              uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0
               with:
                   name: stryker-reports-${{ github.sha }}
                   path: |
diff --git a/.github/workflows/stylelint.yml b/.github/workflows/stylelint.yml
@@ -78,7 +78,7 @@ jobs:
 
             - name: Upload Stylelint Results
               if: always()
-              uses: actions/upload-artifact@ea165f8d65b6e75b540449e92b4886f43607fa02 # v4.6.2
+              uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0
               with:
                   name: stylelint-results
                   path: |
diff --git a/.github/workflows/trufflehog.yml b/.github/workflows/trufflehog.yml
@@ -27,7 +27,7 @@ jobs:
               with:
                   fetch-depth: 0
             - name: Secret Scanning (entire repo)
-              uses: trufflesecurity/trufflehog@ad6fc8fb446b8fafbf7ea8193d2d6bfd42f45690 # v3.90.11
+              uses: trufflesecurity/trufflehog@b84c3d14d189e16da175e2c27fa8136603783ffc # v3.90.12
               with:
                   base: ""
                   head: ${{ github.ref_name }}
