deps: update github actions (patch)

[renovate]

This PR contains the following updates:

Package	Type	Update	Change	Pending
Checkmarx/kics-github-action	action	patch	v2.1.3 -> v2.1.9
actions/upload-artifact	action	patch	v4.6.1 -> v4.6.2
check-spelling/check-spelling	action	patch	v0.0.24 -> v0.0.25
github/codeql-action	action	patch	v3.28.11 -> v3.28.18	v3.28.19
kyverno/action-install-chainsaw	action	patch	v0.2.11 -> v0.2.12
ossf/scorecard-action	action	patch	v2.4.0 -> v2.4.2
peter-evans/create-pull-request	action	patch	v7.0.5 -> v7.0.8
sigstore/cosign-installer	action	patch	v3.8.1 -> v3.8.2
softprops/action-gh-release	action	patch	v2.2.1 -> v2.2.2

---

Warning

Some dependencies could not be looked up. Check the Dependency Dashboard for more information.

---

Release Notes

Checkmarx/kics-github-action (Checkmarx/kics-github-action)

v2.1.9

Compare Source

What's Changed

• UpdateKicsVersionTo219 by @​cx-monica-casanova in https://github.com/Checkmarx/kics-github-action/pull/131

Full Changelog: Checkmarx/kics-github-action@v2.1.8...v2.1.9

v2.1.8

Compare Source

What's Changed

• update kics version to 218 by @​cx-monica-casanova in https://github.com/Checkmarx/kics-github-action/pull/129

Full Changelog: Checkmarx/kics-github-action@v2.1.7...v2.1.8

v2.1.7

Compare Source

What's Changed

• Update kics version by @​cx-monica-casanova in https://github.com/Checkmarx/kics-github-action/pull/127

Full Changelog: Checkmarx/kics-github-action@v2.1.6...v2.1.7

v2.1.6

Compare Source

What's Changed

• bump(kics): bump to v2.1.6 by @​cxMiguelSilva in https://github.com/Checkmarx/kics-github-action/pull/125

Full Changelog: Checkmarx/kics-github-action@v2.1.5...v2.1.6

v2.1.5

Compare Source

What's Changed

• Bump kics dockerfile version by @​cx-monicac in https://github.com/Checkmarx/kics-github-action/pull/124

Full Changelog: Checkmarx/kics-github-action@v2.1.4...v2.1.5

v2.1.4

Compare Source

What's Changed

• Update to KICS v2.1.4 by @​cxMiguelSilva in https://github.com/Checkmarx/kics-github-action/pull/123

Full Changelog: Checkmarx/kics-github-action@v2.1.3...v2.1.4

actions/upload-artifact (actions/upload-artifact)

v4.6.2

Compare Source

What's Changed

• Update to use artifact 2.3.2 package & prepare for new upload-artifact release by @​salmanmkc in https://github.com/actions/upload-artifact/pull/685

New Contributors

• @​salmanmkc made their first contribution in https://github.com/actions/upload-artifact/pull/685

Full Changelog: actions/upload-artifact@v4...v4.6.2

check-spelling/check-spelling (check-spelling/check-spelling)

v0.0.25: Release 0.0.25

Compare Source

⏩ Upgrading

• 🧪 Test first on a branch 🏷️ by changing your workflow tags/references to this release
• See 🐣 Breaking Changes for how to adapt your workflow
• See 🐛 Known Issues for known issues

🐣 Breaking Changes

• Code Scanning action requires a Code Scanning Ruleset
  If you use SARIF reporting, then instead of the workflow yielding an ❌ when it fails, it will rely on github-advanced-security 🤖 to report the failure. You will need to adjust your checks for PRs.
• Dropping support for on: schedule
• Dropping support for whitelist.txt and advice.txt
• Dropping support for out of tree project files
• Dependent actions are referenced by full sha instead of version -- if you're using Allow specified actions and reusable workflows, you will need to add:
  • check-spelling/checkout-merge@46bad523dcb6368efab50ff2729c00443785abca (if you run on: pull_request/on: pull_request_target and use with:/checkout: true)

✨ New Features

• Check submodules using submodules
• Provide instructions for when only_check_changed_files finds unrecognized words (#​86)
• Support unknown_file_word_limit to limit the number of times a path in a filename is reported when using check_file_names
• Suggest checkout: true for new missing-checkout error case
• Suggest ignoring files that trigger single-line-file

Dictionaries

• Fix fallback-dictionary-not-found handling

Hunspell dictionaries

• Fix support for .dic/.aff dictionaries by installing hunspell as needed (#​79 / #​90)
• Ensure that Spanish works (a consumer is using this, so it should work reliably)

Fixes

• macOS: Consistently use check-spelling dictionary instead of looking at the system dictionary (#​84)
• Fix check_for_newline_at_eof for allow.txt (#​81)
• Improve handling of inputs.ignored events
• Fix inputs.debug handling
• Fix merge instructions order
• Fix pattern for validating expect entries
• Fix noisy-file-list handling
• Fix 504 handling for only_check_changed_files when unshallowing
• Restore comment (#) support for expect files
• Include last character in token-is-substring warning

Improvements

• Line ending detection (#​83)
• RSQM handling
• Dictionary download times by skipping delays for 30x redirects
• Excludes paths generation
• Error handling of various components
• Documentation links
• GitHub error detection patterns for when check-spelling has bugs
• Handling of We'd

Messages

• Improve use of `s
  • Remove them from Line for candidate-pattern
  • Add them with better escaping for more user content
• Treat ignored-expect-variant as a warning

SARIF

• Switch to talking to /code-scanning/analysis directly
• Properly encode # in filenames (#​82)
• Stop trying to publish SARIF for commits from other repositories
• Use note severity for no-files-to-check
• Support defaultConfiguration.level when problem.severity is absent
• Add additional fields
• Only include used rules

Candidate patterns

• Suggest using # to suppress candidates (you can do this for forbidden patterns too, but this version won't suggest that)

Apply

• Improve error handling

Summary Tables

• List all present event classes at the top level
• Support cross repository pull requests

Checkout

• Suppress useless message about default branch
• Add failed checkout diagnostics
• Limit checkout credentials (#​91)

Testing

• Replace jd with Test::More::is_deeply
• Improve test suite and test coverage
• Work to consistently order output

Upgrade components

• checkout-merge@​v0.0.7
• gh-program-downloader@​v0.0.4

🐛 Known Issues

• If you use Allow specified actions and reusable workflows, if you run on: pull_request/on: pull_requesrt_target and use with:/checkout: true, you will need to allow check-spelling/checkout-merge@46bad523dcb6368efab50ff2729c00443785abca otherwise you will probably encounter:

  Error: Missing download info for check-spelling/checkout-merge@46bad523dcb6368efab50ff2729c00443785abca
  

• act as of v0.2.77 is not supported with checkout: true (there's a PR to act to fix this)
• check-spelling sometimes (e.g., for slow-file-list) won't correctly suggest disabling check_file_names:, instead, it will suggest excluding a file in /tmp/check-spelling/GITHUB_OWNER/REPOSITORY_NAME/paths-of-checked-files.txt (likely escaped)

Full Changelog

Full Changelog: check-spelling/check-spelling@v0.0.24...v0.0.25

github/codeql-action (github/codeql-action)

v3.28.18

Compare Source

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.28.18 - 16 May 2025

• Update default CodeQL bundle version to 2.21.3. #​2893
• Skip validating SARIF produced by CodeQL for improved performance. #​2894
• The number of threads and amount of RAM used by CodeQL can now be set via the CODEQL_THREADS and CODEQL_RAM runner environment variables. If set, these environment variables override the threads and ram inputs respectively. #​2891

See the full CHANGELOG.md for more information.

v3.28.17

Compare Source

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.28.17 - 02 May 2025

• Update default CodeQL bundle version to 2.21.2. #​2872

See the full CHANGELOG.md for more information.

v3.28.16

Compare Source

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.28.16 - 23 Apr 2025

• Update default CodeQL bundle version to 2.21.1. #​2863

See the full CHANGELOG.md for more information.

v3.28.15

Compare Source

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.28.15 - 07 Apr 2025

• Fix bug where the action would fail if it tried to produce a debug artifact with more than 65535 files. #​2842

See the full CHANGELOG.md for more information.

v3.28.14

Compare Source

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.28.14 - 07 Apr 2025

• Update default CodeQL bundle version to 2.21.0. #​2838

See the full CHANGELOG.md for more information.

v3.28.13

Compare Source

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.28.13 - 24 Mar 2025

No user facing changes.

See the full CHANGELOG.md for more information.

v3.28.12

Compare Source

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.28.12 - 19 Mar 2025

• Dependency caching should now cache more dependencies for Java build-mode: none extractions. This should speed up workflows and avoid inconsistent alerts in some cases.
• Update default CodeQL bundle version to 2.20.7. #​2810

See the full CHANGELOG.md for more information.

kyverno/action-install-chainsaw (kyverno/action-install-chainsaw)

v0.2.12

Compare Source

What's Changed

• Bump version by @​eddycharly in https://github.com/kyverno/action-install-chainsaw/pull/66

Full Changelog: kyverno/action-install-chainsaw@v0.2.11...v0.2.12

ossf/scorecard-action (ossf/scorecard-action)

v2.4.2

Compare Source

What's Changed

This update bumps the Scorecard version to the v5.2.1 release. For a complete list of changes, please refer to the Scorecard v5.2.0 and v5.2.1 release notes.

Full Changelog: ossf/scorecard-action@v2.4.1...v2.4.2

v2.4.1

Compare Source

What's Changed

• This update bumps the Scorecard version to the v5.1.1 release. For a complete list of changes, please refer to the v5.1.0 and v5.1.1 release notes.
• Publishing results now uses half the API quota as before. The exact savings depends on the repository in question.
  • use Scorecard library entrypoint instead of Cobra hooking by @​spencerschrock in https://github.com/ossf/scorecard-action/pull/1423
• Some errors were made into annotations to make them more visible
  • Make default branch error more prominent by @​jsoref in https://github.com/ossf/scorecard-action/pull/1459
• There is now an optional file_mode input which controls how repository files are fetched from GitHub. The default is archive, but git produces the most accurate results for repositories with .gitattributes files at the cost of analysis speed.
  • add input for specifying --file-mode by @​spencerschrock in https://github.com/ossf/scorecard-action/pull/1509
• The underlying container for the action is now hosted on GitHub Container Registry. There should be no functional changes.
  • 🌱 publish docker images to GitHub Container Registry by @​spencerschrock in https://github.com/ossf/scorecard-action/pull/1453

Docs

• Installation docs update by @​JeremiahAHoward in https://github.com/ossf/scorecard-action/pull/1416

New Contributors

• @​JeremiahAHoward made their first contribution in https://github.com/ossf/scorecard-action/pull/1416
• @​jsoref made their first contribution in https://github.com/ossf/scorecard-action/pull/1459
  Full Changelog: ossf/scorecard-action@v2.4.0...v2.4.1

peter-evans/create-pull-request (peter-evans/create-pull-request)

v7.0.8: Create Pull Request v7.0.8

Compare Source

What's Changed

• build(deps-dev): bump ts-jest from 29.2.5 to 29.2.6 by @​dependabot in https://github.com/peter-evans/create-pull-request/pull/3751
• build(deps-dev): bump eslint-import-resolver-typescript from 3.8.1 to 3.8.3 by @​dependabot in https://github.com/peter-evans/create-pull-request/pull/3752
• build(deps): bump @​octokit/plugin-paginate-rest from 11.4.2 to 11.4.3 by @​dependabot in https://github.com/peter-evans/create-pull-request/pull/3753
• build(deps-dev): bump prettier from 3.5.1 to 3.5.2 by @​dependabot in https://github.com/peter-evans/create-pull-request/pull/3754
• fix: suppress output for some git operations by @​peter-evans in https://github.com/peter-evans/create-pull-request/pull/3776

Full Changelog: peter-evans/create-pull-request@v7.0.7...v7.0.8

v7.0.7: Create Pull Request v7.0.7

Compare Source

⚙️ Fixes an issue with commit signing where modifications to the same file in multiple commits squash into the first commit.

What's Changed

• build(deps): bump @​octokit/core from 6.1.2 to 6.1.3 by @​dependabot in https://github.com/peter-evans/create-pull-request/pull/3593
• build(deps-dev): bump @​types/node from 18.19.68 to 18.19.70 by @​dependabot in https://github.com/peter-evans/create-pull-request/pull/3594
• Update distribution by @​actions-bot in https://github.com/peter-evans/create-pull-request/pull/3603
• build(deps-dev): bump typescript from 5.7.2 to 5.7.3 by @​dependabot in https://github.com/peter-evans/create-pull-request/pull/3610
• build(deps): bump octokit dependencies by @​peter-evans in https://github.com/peter-evans/create-pull-request/pull/3618
• docs: add workflow tip for showing message via workflow command by @​ybiquitous in https://github.com/peter-evans/create-pull-request/pull/3626
• build(deps-dev): bump eslint-plugin-prettier from 5.2.1 to 5.2.3 by @​dependabot in https://github.com/peter-evans/create-pull-request/pull/3628
• build(deps): bump node-fetch-native from 1.6.4 to 1.6.6 by @​dependabot in https://github.com/peter-evans/create-pull-request/pull/3627
• build(deps-dev): bump undici from 6.21.0 to 6.21.1 by @​dependabot in https://github.com/peter-evans/create-pull-request/pull/3630
• build(deps-dev): bump @​types/node from 18.19.70 to 18.19.71 by @​dependabot in https://github.com/peter-evans/create-pull-request/pull/3629
• Update distribution by @​actions-bot in https://github.com/peter-evans/create-pull-request/pull/3647
• build(deps-dev): bump @​types/node from 18.19.71 to 18.19.74 by @​dependabot in https://github.com/peter-evans/create-pull-request/pull/3657
• build(deps-dev): bump @​types/node from 18.19.74 to 18.19.75 by @​dependabot in https://github.com/peter-evans/create-pull-request/pull/3663
• build(deps): bump @​octokit/plugin-rest-endpoint-methods from 13.3.0 to 13.3.1 by @​dependabot in https://github.com/peter-evans/create-pull-request/pull/3670
• build(deps-dev): bump prettier from 3.4.2 to 3.5.0 by @​dependabot in https://github.com/peter-evans/create-pull-request/pull/3671
• Update distribution by @​actions-bot in https://github.com/peter-evans/create-pull-request/pull/3680
• build(deps): bump @​octokit/request-error from 6.1.6 to 6.1.7 by @​dependabot in https://github.com/peter-evans/create-pull-request/pull/3685
• build(deps): bump @​octokit/plugin-paginate-rest from 11.4.0 to 11.4.1 by @​dependabot in https://github.com/peter-evans/create-pull-request/pull/3688
• build(deps): bump @​octokit/endpoint from 10.1.2 to 10.1.3 by @​dependabot in https://github.com/peter-evans/create-pull-request/pull/3700
• Update distribution by @​actions-bot in https://github.com/peter-evans/create-pull-request/pull/3691
• build(deps-dev): bump prettier from 3.5.0 to 3.5.1 by @​dependabot in https://github.com/peter-evans/create-pull-request/pull/3709
• build(deps-dev): bump eslint-import-resolver-typescript from 3.7.0 to 3.8.1 by @​dependabot in https://github.com/peter-evans/create-pull-request/pull/3710
• build(deps): bump @​octokit/plugin-paginate-rest from 11.4.1 to 11.4.2 by @​dependabot in https://github.com/peter-evans/create-pull-request/pull/3713
• build(deps-dev): bump @​types/node from 18.19.75 to 18.19.76 by @​dependabot in https://github.com/peter-evans/create-pull-request/pull/3712
• build(deps): bump @​octokit/core from 6.1.3 to 6.1.4 by @​dependabot in https://github.com/peter-evans/create-pull-request/pull/3711
• Update distribution by @​actions-bot in https://github.com/peter-evans/create-pull-request/pull/3736
• Use showFileAtRefBase64 to read per-commit file contents by @​grahamc in https://github.com/peter-evans/create-pull-request/pull/3744

New Contributors

• @​ybiquitous made their first contribution in https://github.com/peter-evans/create-pull-request/pull/3626
• @​grahamc made their first contribution in https://github.com/peter-evans/create-pull-request/pull/3744

Full Changelog: peter-evans/create-pull-request@v7.0.6...v7.0.7

v7.0.6: Create Pull Request v7.0.6

Compare Source

⚙️ Fixes an issue with commit signing where unicode characters in file paths were not preserved.

What's Changed

• build(deps-dev): bump @​vercel/ncc from 0.38.1 to 0.38.2 by @​dependabot in https://github.com/peter-evans/create-pull-request/pull/3365
• Update distribution by @​actions-bot in https://github.com/peter-evans/create-pull-request/pull/3370
• build(deps): bump @​octokit/plugin-rest-endpoint-methods from 13.2.4 to 13.2.5 by @​dependabot in https://github.com/peter-evans/create-pull-request/pull/3375
• build(deps-dev): bump @​types/node from 18.19.50 to 18.19.54 by @​dependabot in https://github.com/peter-evans/create-pull-request/pull/3376
• build(deps): bump @​octokit/plugin-paginate-rest from 11.3.3 to 11.3.5 by @​dependabot in https://github.com/peter-evans/create-pull-request/pull/3377
• Update distribution by @​actions-bot in https://github.com/peter-evans/create-pull-request/pull/3388
• build(deps-dev): bump @​types/node from 18.19.54 to 18.19.55 by @​dependabot in https://github.com/peter-evans/create-pull-request/pull/3400
• build(deps): bump @​actions/core from 1.10.1 to 1.11.1 by @​dependabot in https://github.com/peter-evans/create-pull-request/pull/3401
• build(deps): bump @​octokit/plugin-rest-endpoint-methods from 13.2.5 to 13.2.6 by @​dependabot in https://github.com/peter-evans/create-pull-request/pull/3403
• build(deps-dev): bump eslint-plugin-import from 2.30.0 to 2.31.0 by @​dependabot in https://github.com/peter-evans/create-pull-request/pull/3402
• build(deps): bump @​octokit/plugin-throttling from 9.3.1 to 9.3.2 by @​dependabot in https://github.com/peter-evans/create-pull-request/pull/3404
• Update distribution by @​actions-bot in https://github.com/peter-evans/create-pull-request/pull/3423
• build(deps-dev): bump typescript from 5.6.2 to 5.6.3 by @​dependabot in https://github.com/peter-evans/create-pull-request/pull/3441
• build(deps): bump undici from 6.19.8 to 6.20.1 by @​dependabot in https://github.com/peter-evans/create-pull-request/pull/3442
• Update distribution by @​actions-bot in https://github.com/peter-evans/create-pull-request/pull/3451
• build(deps-dev): bump @​types/node from 18.19.55 to 18.19.58 by @​dependabot in https://github.com/peter-evans/create-pull-request/pull/3457
• build(deps-dev): bump @​types/jest from 29.5.13 to 29.5.14 by @​dependabot in https://github.com/peter-evans/create-pull-request/pull/3462
• build(deps-dev): bump @​types/node from 18.19.58 to 18.19.60 by @​dependabot in https://github.com/peter-evans/create-pull-request/pull/3463
• chore: don't bundle undici by @​benmccann in https://github.com/peter-evans/create-pull-request/pull/3475
• Update distribution by @​actions-bot in https://github.com/peter-evans/create-pull-request/pull/3478
• chore: use node-fetch-native support for proxy env vars by @​peter-evans in https://github.com/peter-evans/create-pull-request/pull/3483
• build(deps-dev): bump @​types/node from 18.19.60 to 18.19.64 by @​dependabot in https://github.com/peter-evans/create-pull-request/pull/3488
• build(deps-dev): bump undici from 6.20.1 to 6.21.0 by @​dependabot in https://github.com/peter-evans/create-pull-request/pull/3499
• build(deps-dev): bump @​vercel/ncc from 0.38.2 to 0.38.3 by @​dependabot in https://github.com/peter-evans/create-pull-request/pull/3500
• docs: note push-to-repo classic PAT workflow scope requirement by @​scop in https://github.com/peter-evans/create-pull-request/pull/3511
• docs: spelling fixes by @​scop in https://github.com/peter-evans/create-pull-request/pull/3512
• build(deps-dev): bump typescript from 5.6.3 to 5.7.2 by @​dependabot in https://github.com/peter-evans/create-pull-request/pull/3516
• build(deps-dev): bump prettier from 3.3.3 to 3.4.0 by @​dependabot in https://github.com/peter-evans/create-pull-request/pull/3517
• build(deps-dev): bump @​types/node from 18.19.64 to 18.19.66 by @​dependabot in https://github.com/peter-evans/create-pull-request/pull/3518
• docs(README): clarify that an existing open PR is managed by @​caugner in https://github.com/peter-evans/create-pull-request/pull/3498
• Update distribution by @​actions-bot in https://github.com/peter-evans/create-pull-request/pull/3529
• build(deps): bump @​octokit/plugin-paginate-rest from 11.3.5 to 11.3.6 by @​dependabot in https://github.com/peter-evans/create-pull-request/pull/3542
• build(deps-dev): bump @​types/node from 18.19.66 to 18.19.67 by @​dependabot in https://github.com/peter-evans/create-pull-request/pull/3543
• build(deps-dev): bump prettier from 3.4.0 to 3.4.1 by @​dependabot in https://github.com/peter-evans/create-pull-request/pull/3544
• build(deps-dev): bump eslint-import-resolver-typescript from 3.6.3 to 3.7.0 by @​dependabot in https://github.com/peter-evans/create-pull-request/pull/3559
• build(deps-dev): bump prettier from 3.4.1 to 3.4.2 by @​dependabot in https://github.com/peter-evans/create-pull-request/pull/3560
• build(deps-dev): bump @​types/node from 18.19.67 to 18.19.68 by @​dependabot in https://github.com/peter-evans/create-pull-request/pull/3570
• build(deps): bump p-limit from 6.1.0 to 6.2.0 by @​dependabot in https://github.com/peter-evans/create-pull-request/pull/3578
• Update distribution by @​actions-bot in https://github.com/peter-evans/create-pull-request/pull/3583
• fix: preserve unicode in filepaths when commit signing by @​peter-evans in https://github.com/peter-evans/create-pull-request/pull/3588

New Contributors

• @​benmccann made their first contribution in https://github.com/peter-evans/create-pull-request/pull/3475
• @​scop made their first contribution in https://github.com/peter-evans/create-pull-request/pull/3511
• @​caugner made their first contribution in https://github.com/peter-evans/create-pull-request/pull/3498

Full Changelog: peter-evans/create-pull-request@v7.0.5...v7.0.6

sigstore/cosign-installer (sigstore/cosign-installer)

v3.8.2

Compare Source

What's Changed

• install cosign v2 from main in https://github.com/sigstore/cosign-installer/pull/186

Full Changelog: sigstore/cosign-installer@v3...v3.8.2

softprops/action-gh-release (softprops/action-gh-release)

v2.2.2

Compare Source

What's Changed

Bug fixes 🐛

• fix: updating release draft status from true to false by @​galargh in https://github.com/softprops/action-gh-release/pull/316

Other Changes 🔄

• chore: simplify ref_type test by @​steinybot in https://github.com/softprops/action-gh-release/pull/598
• fix(docs): clarify the default for tag_name by @​muzimuzhi in https://github.com/softprops/action-gh-release/pull/599
• test(release): add unit tests when searching for a release by @​rwaskiewicz in https://github.com/softprops/action-gh-release/pull/603
• dependency updates

New Contributors

• @​steinybot made their first contribution in https://github.com/softprops/action-gh-release/pull/598
• @​muzimuzhi made their first contribution in https://github.com/softprops/action-gh-release/pull/599
• @​galargh made their first contribution in https://github.com/softprops/action-gh-release/pull/316
• @​rwaskiewicz made their first contribution in https://github.com/softprops/action-gh-release/pull/603

Full Changelog: softprops/action-gh-release@v2...v2.2.2

---

Configuration

📅 Schedule: Branch creation - At 12:00 AM through 04:59 AM and 10:00 PM through 11:59 PM, Monday through Friday ( * 0-4,22-23 * * 1-5 ), Only on Sunday and Saturday ( * * * * 0,6 ) in timezone Europe/Vienna, Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 77.37%. Comparing base (325756f) to head (dd51ca3).

Additional details and impacted files

@@           Coverage Diff           @@
##             main    #3888   +/-   ##
=======================================
  Coverage   77.37%   77.37%           
=======================================
  Files         220      220           
  Lines       11708    11708           
=======================================
  Hits         9059     9059           
  Misses       2281     2281           
  Partials      368      368           

Flag	Coverage Δ
certificate-operator	47.44% <ø> (ø)
component-tests	57.08% <ø> (-1.28%)	⬇️
lifecycle-operator	79.68% <ø> (ø)
metrics-operator	74.93% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud