chore(deps): update all

[renovate]

This PR contains the following updates:

Package	Type	Update	Change	Age	Adoption	Passing	Confidence
actions/cache	action	patch	v2.1.6 -> v2.1.8
actions/checkout	action	minor	v2.3.4 -> v2.7.0
alex (source)	dependencies	patch	9.1.0 -> 9.1.1
alpine	final	minor	3.13 -> 3.20
codecov/codecov-action	action	patch	v1.5.0 -> v1.5.2
docker/build-push-action	action	minor	v2.5.0 -> v2.10.0
github.com/pquerna/otp	require	minor	v1.3.0 -> v1.4.0
github.com/tailscale/depaware	require	digest	77d1e97 -> 720c4b4
go.uber.org/goleak	require	minor	v1.1.10 -> v1.3.0
go.uber.org/multierr	require	minor	v1.7.0 -> v1.11.0
golang	stage	minor	1.16.5-alpine -> 1.22.3-alpine
goreleaser/goreleaser-action	action	minor	v2.6.1 -> v2.9.1
markdownlint-cli	dependencies	minor	0.27.1 -> 0.40.0

---

Release Notes

actions/cache (actions/cache)

v2.1.8: Updating actions/core to version 1.10.0

Compare Source

The ::save-state and ::set-output are deprecated. The newer version of actions/core >1.10.0 uses the new syntax for save and set output. After this change, customers using actions/cache@v2 won't see deprecation warning message.

v2.1.7

Compare Source

Support 10GB cache upload using the latest version 1.0.8 of @actions/cache

actions/checkout (actions/checkout)

v2.7.0

Compare Source

What's Changed

• Add new public key for known_hosts (#​1237) by @​TingluoHuang in https://github.com/actions/checkout/pull/1238

Full Changelog: actions/checkout@v2.6.0...v2.7.0

v2.6.0

Compare Source

What's Changed

• Add backports to v2 branch by @​cory-miller in https://github.com/actions/checkout/pull/1040
  • Includes backports from the following changes: https://github.com/actions/checkout/pull/964, https://github.com/actions/checkout/pull/1002, https://github.com/actions/checkout/pull/1029
  • Upgraded the licensed version to match what is used in v3.

Full Changelog: actions/checkout@v2.5.0...v2.6.0

v2.5.0

Compare Source

What's Changed

• Update @​actions/core to 1.10.0 by @​rentziass in https://github.com/actions/checkout/pull/962

Full Changelog: actions/checkout@v2...v2.5.0

v2.4.2

Compare Source

What's Changed

• Add set-safe-directory input to allow customers to take control. (#​770) by @​TingluoHuang in https://github.com/actions/checkout/pull/776
• Prepare changelog for v2.4.2. by @​TingluoHuang in https://github.com/actions/checkout/pull/778

Full Changelog: actions/checkout@v2...v2.4.2

v2.4.1

Compare Source

• Fixed an issue where checkout failed to run in container jobs due to the new git setting safe.directory

v2.4.0

Compare Source

• Convert SSH URLs like org-<ORG_ID>@&#8203;github.com: to https://github.com/ - pr

v2.3.5

Compare Source

Update dependencies

get-alex/alex (alex)

v9.1.1

Compare Source

• 223cde1 Add lock for remark-mdx

Full Changelog: get-alex/alex@9.1.0...9.1.1

codecov/codecov-action (codecov/codecov-action)

v1.5.2

Compare Source

1.5.2

Fixes

• fix: Import version properly as string not object

v1.5.1

Compare Source

1.5.1

Fixes

• #​320 doc: add github actions badge
• #​336 Update bash uploader to 1.0.3
• #​339 fix: Add action version

Dependencies

• #​302 Bump @​typescript-eslint/eslint-plugin from 4.22.0 to 4.22.1
• #​303 Bump @​typescript-eslint/parser from 4.22.0 to 4.22.1
• #​304 Bump ts-jest from 26.5.5 to 26.5.6
• #​309 Bump lodash from 4.17.19 to 4.17.21
• #​310 Bump hosted-git-info from 2.8.8 to 2.8.9
• #​311 Bump @​actions/github from 4.0.0 to 5.0.0
• #​314 Bump eslint from 7.25.0 to 7.27.0
• #​315 Bump @​actions/core from 1.2.7 to 1.3.0
• #​316 Bump @​typescript-eslint/parser from 4.22.1 to 4.25.0
• #​317 Bump @​typescript-eslint/eslint-plugin from 4.22.1 to 4.25.0
• #​319 Bump jest-junit from 12.0.0 to 12.1.0
• #​321 Bump typescript from 4.2.4 to 4.3.2
• #​323 Bump ws from 7.3.1 to 7.4.6
• #​331 Bump eslint from 7.27.0 to 7.28.0
• #​332 Bump @​actions/exec from 1.0.4 to 1.1.0
• #​333 Bump @​typescript-eslint/parser from 4.25.0 to 4.26.1
• #​334 Bump @​typescript-eslint/eslint-plugin from 4.25.0 to 4.26.1
• #​335 Bump @​actions/core from 1.3.0 to 1.4.0
• #​337 Bump glob-parent from 5.1.1 to 5.1.2

docker/build-push-action (docker/build-push-action)

v2.10.0

Compare Source

• Add imageid output and use metadata to set digest output (#​569)
• Add build-contexts input (#​563)
• Enhance outputs display (#​559)

v2.9.0

Compare Source

• add-hosts input (#​553 #​555)
• Fix git context subdir example and improve README (#​552)
• Add e2e tests for ACR (#​548)
• Add description on github-token option to README (#​544)
• Bump node-fetch from 2.6.1 to 2.6.7 (#​549)

v2.8.0

Compare Source

• Allow specifying subdirectory with default git context (#​531)
• Add cgroup-parent, shm-size, ulimit inputs (#​501)
• Don't set outputs if empty or nil (#​470)
• docs: example to sanitize tags with metadata-action (#​476)
• docs: wrong syntax to sanitize repo slug (#​475)
• docs: test before pushing your image (#​455)
• readme: remove v1 section (#​500)
• ci: virtual env file system info (#​510)
• dev: update workflow (#​499)
• Bump @​actions/core from 1.5.0 to 1.6.0 (#​160)
• Bump ansi-regex from 5.0.0 to 5.0.1 (#​469)
• Bump tmpl from 1.0.4 to 1.0.5 (#​465)
• Bump csv-parse from 4.16.0 to 4.16.3 (#​451 #​459)

v2.7.0

Compare Source

• Add metadata output (#​412)
• Bump @​actions/core from 1.4.0 to 1.5.0 (#​439)
• Add note to sanitize tags (#​426)
• Cache backend API docs (#​406)
• Git context now supports subdir (#​407)
• Bump codecov/codecov-action from 1 to 2 (#​415)

v2.6.1

Compare Source

• Small typo and ensure trimmed output (#​400)

v2.6.0

Compare Source

• Handle git sha version of buildx (#​399)
• Update dev deps (#​393)
• Use built-in getExecOutput (#​392)
• Use core.getBooleanInput (#​391)
• Bump csv-parse from 4.15.4 to 4.16.0 (#​385)
• Bump @​actions/exec from 1.0.4 to 1.1.0 (#​382)
• Bump @​actions/core from 1.3.0 to 1.4.0 (#​383)
• Bump ws from 7.3.1 to 7.4.6 (#​375)

pquerna/otp (github.com/pquerna/otp)

v1.4.0: : Minor Changes and Improvements

Compare Source

Functional changes

• Don't use + encoding for spaces to improve compatibility with Android TOTP Applications https://github.com/pquerna/otp/pull/78
• Add new methods that expose the Algorithm and the Digits parameters from the Key URL. https://github.com/pquerna/otp/pull/74
• If 0 is passed in for .Digits, default to 6 https://github.com/pquerna/otp/pull/77

uber-go/goleak (go.uber.org/goleak)

v1.3.0

Compare Source

Fixed

• Built-in ignores now match function names more accurately.
  They will no longer ignore stacks because of file names
  that look similar to function names. (#​112)

Added

• Add an IgnoreAnyFunction option to ignore stack traces
  that have the provided function anywhere in the stack. (#​113)
• Ignore testing.runFuzzing and testing.runFuzzTests alongside
  other already-ignored test functions (testing.RunTests, etc). (#​105)

Changed

• Miscellaneous CI-related fixes. (#​103, #​108, #​114)

v1.2.1: v.1.2.1

Compare Source

[1.2.1]

Changed

• Drop golang/x/lint dependency.

v1.2.0

Compare Source

Added

• Add Cleanup option that can be used for registering cleanup callbacks. (#​78)

Changed

• Mark VerifyNone as a test helper. (#​75)

Thanks to @​tallclair for their contribution to this release.

v1.1.12

Compare Source

Fixed

• Fixed logic for ignoring trace related goroutines on Go versions 1.16 and above. (#​68)

v1.1.11

Compare Source

Fixed

• Documentation fix on how to test.
• Update dependency on stretchr/testify to v1.7.0. (#​59)
• Update dependency on golang.org/x/tools to address CVE-2020-14040. (#​62)

uber-go/multierr (go.uber.org/multierr)

v1.11.0

Compare Source

====================

• Errors now supports any error that implements multiple-error
  interface.
• Add Every function to allow checking if all errors in the chain
  satisfies errors.Is against the target error.

v1.10.0

Compare Source

====================

• Comply with Go 1.20's multiple-error interface.
• Drop Go 1.18 support.
  Per the support policy, only Go 1.19 and 1.20 are supported now.
• Drop all non-test external dependencies.

v1.9.0

Compare Source

===================

• Add AppendFunc that allow passsing functions to similar to
  AppendInvoke.

• Bump up yaml.v3 dependency to 3.0.1.

v1.8.0

Compare Source

===================

• Combine: perform zero allocations when there are no errors.

goreleaser/goreleaser-action (goreleaser/goreleaser-action)

v2.9.1

Compare Source

What's Changed

• fix: current tag not taken into account by @​crazy-max in https://github.com/goreleaser/goreleaser-action/pull/329

Full Changelog: goreleaser/goreleaser-action@v2...v2.9.1

v2.9.0

Compare Source

What's Changed

• refactor: setup context by @​crazy-max in https://github.com/goreleaser/goreleaser-action/pull/325
• chore: update community files by @​crazy-max in https://github.com/goreleaser/goreleaser-action/pull/328
• feat: add artifacts and metadata outputs by @​crazy-max in https://github.com/goreleaser/goreleaser-action/pull/327

Full Changelog: goreleaser/goreleaser-action@v2.8.1...v2.9.0

v2.8.1

Compare Source

What's Changed

• fix: should not force snapshot when nightly is set by @​caarlos0 in https://github.com/goreleaser/goreleaser-action/pull/321

Full Changelog: goreleaser/goreleaser-action@v2.8.0...v2.8.1

v2.8.0

Compare Source

What's Changed

• chore(deps): bump @​actions/tool-cache from 1.7.0 to 1.7.1 by @​dependabot in https://github.com/goreleaser/goreleaser-action/pull/290
• chore(deps): bump @​actions/core from 1.3.0 to 1.4.0 by @​dependabot in https://github.com/goreleaser/goreleaser-action/pull/289
• chore(deps): bump @​actions/exec from 1.0.4 to 1.1.0 by @​dependabot in https://github.com/goreleaser/goreleaser-action/pull/291
• refactor: use built-in getExecOutput by @​crazy-max in https://github.com/goreleaser/goreleaser-action/pull/292
• chore(deps): bump codecov/codecov-action from 1 to 2.0.1 by @​dependabot in https://github.com/goreleaser/goreleaser-action/pull/293
• chore(deps): update dev deps by @​crazy-max in https://github.com/goreleaser/goreleaser-action/pull/294
• chore(deps): bump @​actions/core from 1.4.0 to 1.5.0 by @​dependabot in https://github.com/goreleaser/goreleaser-action/pull/296
• fix: platform detection by @​crazy-max in https://github.com/goreleaser/goreleaser-action/pull/299
• fix: platform detection v2 by @​crazy-max in https://github.com/goreleaser/goreleaser-action/pull/300
• chore(deps): bump ghaction-import-gpg to v4 by @​crazy-max in https://github.com/goreleaser/goreleaser-action/pull/302
• chore(deps): bump tmpl from 1.0.4 to 1.0.5 by @​dependabot in https://github.com/goreleaser/goreleaser-action/pull/305
• chore(deps): bump ansi-regex from 5.0.0 to 5.0.1 by @​dependabot in https://github.com/goreleaser/goreleaser-action/pull/306
• chore(deps): bump @​actions/core from 1.5.0 to 1.6.0 by @​dependabot in https://github.com/goreleaser/goreleaser-action/pull/307
• fix: support arch variant to download GoReleaser by @​crazy-max in https://github.com/goreleaser/goreleaser-action/pull/309
• chore: update generate content by @​crazy-max in https://github.com/goreleaser/goreleaser-action/pull/310
• fix: get darwin universal binary by @​caarlos0 in https://github.com/goreleaser/goreleaser-action/pull/312

Full Changelog: goreleaser/goreleaser-action@v2.6.1...v2.8.0

v2.7.0

Compare Source

• chore(deps): update dev deps (#​294)
• chore(deps): bump codecov/codecov-action from 1 to 2 (#​293)
• refactor: use built-in getExecOutput (#​292)
• chore(deps): bump @​actions/exec from 1.0.4 to 1.1.0 (#​291)
• chore(deps): bump @​actions/core from 1.3.0 to 1.4.0 (#​289)
• chore(deps): bump @​actions/tool-cache from 1.7.0 to 1.7.1 (#​290)

igorshubovych/markdownlint-cli (markdownlint-cli)

v0.40.0: 0.40.0

Compare Source

• Update markdownlint dependency to 0.34.0
  • Use micromark in MD027/MD028/MD036/MD040/MD041/MD046/MD048
  • Improve MD013/MD034/MD049/MD050/MD051
• Add support for TOML configuration files via --config
• Add --configPointer argument for nested configuration
• Update --ignore for directories to ignore all files within
• Update all dependencies via Dependabot

v0.39.0: 0.39.0

Compare Source

• Update markdownlint dependency to 0.33.0
  • Add MD055/table-pipe-style, MD056/table-column-count
  • Improve MD005/MD007/MD024/MD026/MD038
  • Incorporate micromark-extension-directive
  • Improve JSON schema, document validation
• Handle trailing commas in JSONC configuration
• Update all dependencies via Dependabot

v0.38.0: 0.38.0

Compare Source

• Update markdownlint dependency to 0.32.1
  • Remove deprecated MD002/MD006
  • Remove rule aliases for "header"
  • Add MD054/link-image-style
  • Use micromark in MD005/MD007/MD030
  • Improve MD022/MD026/MD034/MD037/MD038/MD045/MD051
• Remove support for end-of-life Node version 16
• Update all dependencies via Dependabot

v0.37.0: 0.37.0

Compare Source

• Update markdownlint dependency to 0.31.1
  • Improve MD032/MD034/MD037/MD043/MD044/MD051/MD052
  • Improve performance
• Update all dependencies via Dependabot

v0.36.0: 0.36.0

Compare Source

• Update markdownlint dependency to 0.30.0
  • Use micromark in MD022/MD026/MD032/MD037/MD045/MD051
  • Incorporate micromark-extension-math for math syntax
  • Allow custom rules to override information URL
• Update all dependencies via Dependabot

v0.35.0: 0.35.0

Compare Source

• Update markdownlint dependency to 0.29.0
  • Update micromark parser dependencies for better performance
  • Use micromark in MD049/MD050
  • Improve MD034/MD037/MD044/MD049/MD050
• Update all dependencies via Dependabot

v0.34.0: 0.34.0

Compare Source

• Update markdownlint dependency to 0.28.2
  • Introduce micromark parser for better positional data (internal only)
  • Use micromark in MD013/MD033/MD034/MD035/MD038/MD044/MD052/MD053
• Update all dependencies via Dependabot

v0.33.0: 0.33.0

Compare Source

• Update markdownlint dependency to 0.27.0
  • Improve MD011/MD013/MD022/MD031/MD032/MD033/MD034/MD040/MD043/MD051/MD053
  • Generate/separate documentation
  • Improve documentation
• Publish Docker container images for both linux/amd64 and linux/arm64
• Support JSONC and YAML inside markdownlint-configure-file comments
• Update all dependencies via Dependabot

v0.32.2: 0.32.2

Compare Source

• Update markdownlint dependency to 0.26.2
  • Improve MD037/MD051/MD053
• Update all dependencies via Dependabot

v0.32.1: 0.32.1

Compare Source

• Update markdownlint dependency to 0.26.1
  • Improve MD051
• Update all dependencies via Dependabot

v0.32.0: 0.32.0

Compare Source

• Update markdownlint dependency to 0.26.0
  • Add MD051/link-fragments: Link fragments should be valid
  • Add MD052/reference-links-images: Reference links and images should use a label that is defined
  • Add MD053/link-image-reference-definitions: Link and image reference definitions should be needed (auto-fixable)
  • Improve MD010/MD031/MD035/MD039/MD042/MD044/MD049/MD050
  • Add markdownlint-disable-line inline comment
  • Support ~ paths in configuration files
  • Improve performance
• Add .markdownlint.jsonc to list of supported configuration files
• Remove support for end-of-life Node version 12
• Update all dependencies via Dependabot

v0.31.1: 0.31.1

Compare Source

• Automatically publish Docker container image to GitHub Packages
• Update all dependencies via Dependabot

v0.31.0: 0.31.0

Compare Source

• Update markdownlint dependency to 0.25.0
  • Add MD049/MD050 for consistent emphasis/strong style (both auto-fixable)
  • Improve MD007/MD010/MD032/MD033/MD035/MD037/MD039
  • Support asynchronous custom rules
  • Improve performance
• Update all dependencies via Dependabot

v0.30.0: 0.30.0

Compare Source

• Add --enable/--disable params
• Add --quiet param
• Throw for bad config file
• Update all dependencies via Dependabot

v0.29.0: 0.29.0

Compare Source

• Update markdownlint dependency to 0.24.0
  • Improve MD010/MD011/MD037/MD043/MD044
• Remove support for end-of-life Node version 10
• Update all dependencies via Dependabot

v0.28.1: 0.28.1

Compare Source

• Fix outdated reference to rc (thanks @​shhdgit!)

v0.28.0: 0.28.0

Compare Source

• Add --json option to output results in JSON format
• Switch rc dependency to run-con to address CVE-2020-7788
• Update all dependencies via Dependabot

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Mend Renovate. View repository job log here.

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 38.46%. Comparing base (0a4840a) to head (c1bf343).

❗ Current head c1bf343 differs from pull request most recent head 53525e5

Please upload reports for the commit 53525e5 to get more accurate results.

Additional details and impacted files

@@           Coverage Diff           @@
##             main       #1   +/-   ##
=======================================
  Coverage   38.46%   38.46%           
=======================================
  Files           1        1           
  Lines          13       13           
=======================================
  Hits            5        5           
  Misses          5        5           
  Partials        3        3           

Flag	Coverage Δ
unittests	38.46% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[socket-security]

👍 Dependency issues cleared. Learn more about Socket for GitHub ↗︎

This PR previously contained dependency changes with security issues that have been resolved, removed, or ignored.

View full report↗︎

[socket-security]

New and removed dependencies detected. Learn more about Socket for GitHub ↗︎

Package	New capabilities	Transitives	Size	Publisher
npm/alex@9.1.1	Transitive: environment, eval, filesystem, network, shell, unsafe	+303	5.93 MB	wooorm
npm/markdownlint-cli@0.40.0	Transitive: environment, filesystem, shell	+41	6.94 MB	davidanson

🚮 Removed packages: npm/alex@9.1.0, npm/markdownlint-cli@0.27.1

View full report↗︎