From 6cae28abb0bf94cda53666854a3749cd7c25c824 Mon Sep 17 00:00:00 2001
From: Mend Renovate <bot@renovateapp.com>
Date: Tue, 2 Jul 2024 07:24:42 +0200
Subject: [PATCH] chore(deps): update workflows (#1080)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Type | Update | Change |
|---|---|---|---|
| [actions/checkout](https://togithub.com/actions/checkout) | action |
patch | `v4.1.1` -> `v4.1.7` |
| [actions/setup-go](https://togithub.com/actions/setup-go) | action |
patch | `v5.0.0` -> `v5.0.1` |
| [github/codeql-action](https://togithub.com/github/codeql-action) |
action | patch | `v3.25.10` -> `v3.25.11` |
| [r-lib/actions](https://togithub.com/r-lib/actions) | action | minor |
`v2.8.7` -> `v2.9.0` |
| [ruby/setup-ruby](https://togithub.com/ruby/setup-ruby) | action |
minor | `v1.175.1` -> `v1.183.0` |
| [shivammathur/setup-php](https://togithub.com/shivammathur/setup-php)
| action | minor | `v2.30.4` -> `2.31.0` |

---

> [!WARNING]
> Some dependencies could not be looked up. Check the Dependency
Dashboard for more information.

---

### Release Notes

<details>
<summary>actions/checkout (actions/checkout)</summary>

###
[`v4.1.7`](https://togithub.com/actions/checkout/blob/HEAD/CHANGELOG.md#v417)

[Compare
Source](https://togithub.com/actions/checkout/compare/v4.1.6...v4.1.7)

- Bump the minor-npm-dependencies group across 1 directory with 4
updates by [@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/actions/checkout/pull/1739](https://togithub.com/actions/checkout/pull/1739)
- Bump actions/checkout from 3 to 4 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/actions/checkout/pull/1697](https://togithub.com/actions/checkout/pull/1697)
- Check out other refs/\* by commit by
[@&#8203;orhantoy](https://togithub.com/orhantoy) in
[https://github.com/actions/checkout/pull/1774](https://togithub.com/actions/checkout/pull/1774)
- Pin actions/checkout's own workflows to a known, good, stable version.
by [@&#8203;jww3](https://togithub.com/jww3) in
[https://github.com/actions/checkout/pull/1776](https://togithub.com/actions/checkout/pull/1776)

###
[`v4.1.6`](https://togithub.com/actions/checkout/blob/HEAD/CHANGELOG.md#v416)

[Compare
Source](https://togithub.com/actions/checkout/compare/v4.1.5...v4.1.6)

- Check platform to set archive extension appropriately by
[@&#8203;cory-miller](https://togithub.com/cory-miller) in
[https://github.com/actions/checkout/pull/1732](https://togithub.com/actions/checkout/pull/1732)

###
[`v4.1.5`](https://togithub.com/actions/checkout/releases/tag/v4.1.5)

[Compare
Source](https://togithub.com/actions/checkout/compare/v4.1.4...v4.1.5)

#### What's Changed

- Update NPM dependencies by
[@&#8203;cory-miller](https://togithub.com/cory-miller) in
[https://github.com/actions/checkout/pull/1703](https://togithub.com/actions/checkout/pull/1703)
- Bump github/codeql-action from 2 to 3 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/actions/checkout/pull/1694](https://togithub.com/actions/checkout/pull/1694)
- Bump actions/setup-node from 1 to 4 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/actions/checkout/pull/1696](https://togithub.com/actions/checkout/pull/1696)
- Bump actions/upload-artifact from 2 to 4 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/actions/checkout/pull/1695](https://togithub.com/actions/checkout/pull/1695)
- README: Suggest `user.email` to be
`41898282+github-actions[bot]@&#8203;users.noreply.github.com` by
[@&#8203;cory-miller](https://togithub.com/cory-miller) in
[https://github.com/actions/checkout/pull/1707](https://togithub.com/actions/checkout/pull/1707)

**Full Changelog**:
https://github.com/actions/checkout/compare/v4.1.4...v4.1.5

###
[`v4.1.4`](https://togithub.com/actions/checkout/blob/HEAD/CHANGELOG.md#v414)

[Compare
Source](https://togithub.com/actions/checkout/compare/v4.1.3...v4.1.4)

- Disable `extensions.worktreeConfig` when disabling `sparse-checkout`
by [@&#8203;jww3](https://togithub.com/jww3) in
[https://github.com/actions/checkout/pull/1692](https://togithub.com/actions/checkout/pull/1692)
- Add dependabot config by
[@&#8203;cory-miller](https://togithub.com/cory-miller) in
[https://github.com/actions/checkout/pull/1688](https://togithub.com/actions/checkout/pull/1688)
- Bump the minor-actions-dependencies group with 2 updates by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/actions/checkout/pull/1693](https://togithub.com/actions/checkout/pull/1693)
- Bump word-wrap from 1.2.3 to 1.2.5 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/actions/checkout/pull/1643](https://togithub.com/actions/checkout/pull/1643)

###
[`v4.1.3`](https://togithub.com/actions/checkout/releases/tag/v4.1.3)

[Compare
Source](https://togithub.com/actions/checkout/compare/v4.1.2...v4.1.3)

#### What's Changed

- Update `actions/checkout` version in `update-main-version.yml` by
[@&#8203;jww3](https://togithub.com/jww3) in
[https://github.com/actions/checkout/pull/1650](https://togithub.com/actions/checkout/pull/1650)
- Check git version before attempting to disable `sparse-checkout` by
[@&#8203;jww3](https://togithub.com/jww3) in
[https://github.com/actions/checkout/pull/1656](https://togithub.com/actions/checkout/pull/1656)
- Add SSH user parameter by
[@&#8203;cory-miller](https://togithub.com/cory-miller) in
[https://github.com/actions/checkout/pull/1685](https://togithub.com/actions/checkout/pull/1685)

**Full Changelog**:
https://github.com/actions/checkout/compare/v4.1.2...v4.1.3

###
[`v4.1.2`](https://togithub.com/actions/checkout/blob/HEAD/CHANGELOG.md#v412)

[Compare
Source](https://togithub.com/actions/checkout/compare/v4.1.1...v4.1.2)

- Fix: Disable sparse checkout whenever `sparse-checkout` option is not
present [@&#8203;dscho](https://togithub.com/dscho) in
[https://github.com/actions/checkout/pull/1598](https://togithub.com/actions/checkout/pull/1598)

</details>

<details>
<summary>actions/setup-go (actions/setup-go)</summary>

###
[`v5.0.1`](https://togithub.com/actions/setup-go/releases/tag/v5.0.1)

[Compare
Source](https://togithub.com/actions/setup-go/compare/v5.0.0...v5.0.1)

#### What's Changed

- Bump undici from 5.28.2 to 5.28.3 and dependencies upgrade by
[@&#8203;dependabot](https://togithub.com/dependabot) ,
[@&#8203;HarithaVattikuti](https://togithub.com/HarithaVattikuti) in
[https://github.com/actions/setup-go/pull/465](https://togithub.com/actions/setup-go/pull/465)
- Update documentation with latest V5 release notes by
[@&#8203;ab](https://togithub.com/ab) in
[https://github.com/actions/setup-go/pull/459](https://togithub.com/actions/setup-go/pull/459)
- Update version documentation by
[@&#8203;178inaba](https://togithub.com/178inaba) in
[https://github.com/actions/setup-go/pull/458](https://togithub.com/actions/setup-go/pull/458)
- Documentation update of `actions/setup-go` to v5 by
[@&#8203;chenrui333](https://togithub.com/chenrui333) in
[https://github.com/actions/setup-go/pull/449](https://togithub.com/actions/setup-go/pull/449)

#### New Contributors

- [@&#8203;ab](https://togithub.com/ab) made their first contribution in
[https://github.com/actions/setup-go/pull/459](https://togithub.com/actions/setup-go/pull/459)

**Full Changelog**:
https://github.com/actions/setup-go/compare/v5.0.0...v5.0.1

</details>

<details>
<summary>github/codeql-action (github/codeql-action)</summary>

###
[`v3.25.11`](https://togithub.com/github/codeql-action/compare/v3.25.10...v3.25.11)

[Compare
Source](https://togithub.com/github/codeql-action/compare/v3.25.10...v3.25.11)

</details>

<details>
<summary>r-lib/actions (r-lib/actions)</summary>

###
[`v2.9.0`](https://togithub.com/r-lib/actions/compare/v2.8.7...v2.9.0)

[Compare
Source](https://togithub.com/r-lib/actions/compare/v2.8.7...v2.9.0)

</details>

<details>
<summary>ruby/setup-ruby (ruby/setup-ruby)</summary>

###
[`v1.183.0`](https://togithub.com/ruby/setup-ruby/releases/tag/v1.183.0)

[Compare
Source](https://togithub.com/ruby/setup-ruby/compare/v1.182.0...v1.183.0)

**Full Changelog**:
https://github.com/ruby/setup-ruby/compare/v1.182.0...v1.183.0

###
[`v1.182.0`](https://togithub.com/ruby/setup-ruby/releases/tag/v1.182.0)

[Compare
Source](https://togithub.com/ruby/setup-ruby/compare/v1.181.0...v1.182.0)

**Full Changelog**:
https://github.com/ruby/setup-ruby/compare/v1.181.0...v1.182.0

###
[`v1.181.0`](https://togithub.com/ruby/setup-ruby/releases/tag/v1.181.0)

[Compare
Source](https://togithub.com/ruby/setup-ruby/compare/v1.180.1...v1.181.0)

##### What's Changed

- Add jruby-9.3.15.0 by
[@&#8203;ruby-builder-bot](https://togithub.com/ruby-builder-bot) in
[https://github.com/ruby/setup-ruby/pull/614](https://togithub.com/ruby/setup-ruby/pull/614)

**Full Changelog**:
https://github.com/ruby/setup-ruby/compare/v1.180.1...v1.181.0

###
[`v1.180.1`](https://togithub.com/ruby/setup-ruby/releases/tag/v1.180.1):
Add ruby-3.3.3 on Windows

[Compare
Source](https://togithub.com/ruby/setup-ruby/compare/v1.180.0...v1.180.1)

###
[`v1.180.0`](https://togithub.com/ruby/setup-ruby/releases/tag/v1.180.0):
Add ruby-3.3.3

[Compare
Source](https://togithub.com/ruby/setup-ruby/compare/v1.179.1...v1.180.0)

###
[`v1.179.1`](https://togithub.com/ruby/setup-ruby/releases/tag/v1.179.1):
Improve error message for CRuby &lt; 2.6 on macos-arm64

[Compare
Source](https://togithub.com/ruby/setup-ruby/compare/v1.179.0...v1.179.1)

###
[`v1.179.0`](https://togithub.com/ruby/setup-ruby/releases/tag/v1.179.0):
Add ruby-3.1.6,ruby-3.3.2 on Windows

[Compare
Source](https://togithub.com/ruby/setup-ruby/compare/v1.178.0...v1.179.0)

#### What's Changed

- Update CRuby releases on Windows by
[@&#8203;ruby-builder-bot](https://togithub.com/ruby-builder-bot) in
[https://github.com/ruby/setup-ruby/pull/605](https://togithub.com/ruby/setup-ruby/pull/605)

**Full Changelog**:
https://github.com/ruby/setup-ruby/compare/v1.178.0...v1.179.0

###
[`v1.178.0`](https://togithub.com/ruby/setup-ruby/releases/tag/v1.178.0):
Add ruby-3.1.6,ruby-3.3.2 and improve error messages

[Compare
Source](https://togithub.com/ruby/setup-ruby/compare/v1.177.1...v1.178.0)

#### What's Changed

- Add ruby-3.1.6,ruby-3.3.2 by
[@&#8203;ruby-builder-bot](https://togithub.com/ruby-builder-bot) in
[https://github.com/ruby/setup-ruby/pull/603](https://togithub.com/ruby/setup-ruby/pull/603)

**Full Changelog**:
https://github.com/ruby/setup-ruby/compare/v1.177.1...v1.178.0

###
[`v1.177.1`](https://togithub.com/ruby/setup-ruby/releases/tag/v1.177.1):
Use downloadAndExtract() for truffleruby+graalvm too

[Compare
Source](https://togithub.com/ruby/setup-ruby/compare/v1.177.0...v1.177.1)

###
[`v1.177.0`](https://togithub.com/ruby/setup-ruby/releases/tag/v1.177.0):
Add support for ubuntu-24.04

[Compare
Source](https://togithub.com/ruby/setup-ruby/compare/v1.176.2...v1.177.0)

###
[`v1.176.2`](https://togithub.com/ruby/setup-ruby/releases/tag/v1.176.2):
Add ruby-3.4.0-preview1

[Compare
Source](https://togithub.com/ruby/setup-ruby/compare/v1.176.0...v1.176.2)

###
[`v1.176.0`](https://togithub.com/ruby/setup-ruby/releases/tag/v1.176.0):
Add jruby-9.4.7.0

[Compare
Source](https://togithub.com/ruby/setup-ruby/compare/v1.175.1...v1.176.0)

</details>

<details>
<summary>shivammathur/setup-php (shivammathur/setup-php)</summary>

###
[`v2.31.0`](https://togithub.com/shivammathur/setup-php/releases/tag/2.31.0)

[Compare
Source](https://togithub.com/shivammathur/setup-php/compare/2.30.5...2.31.0)

##### Changelog

- Added support for a fallback mirror for `ondrej/php` PPA when
launchpad is down
([#&#8203;834](https://togithub.com/shivammathur/setup-php/issues/834)).

- Fixed installing packages on self-hosted environments with existing
conf files
([#&#8203;852](https://togithub.com/shivammathur/setup-php/issues/852)).

-   Fixed support for `oci8` and `pdo_oci` extensions on `ubuntu-24.04`.

-   Fixed support for `couchbase` extension on `ubuntu-24.04`.

- Fixed support for `ubuntu-24.04` after `apt-fast` was dropped from the
GA images.

-   Fixed support for `firebird` extension on `macos-14`

-   Fixed support for `blackfire` extension on `macos-14`.

-   Fixed support for `relay` extension.

-   Fixed support for `phalcon` extension for PHP 7.4 on Ubuntu.

-   Updated Node.js dependencies.

For the complete list of changes, please refer to the [Full
Changelog](https://togithub.com/shivammathur/setup-php/compare/2.30.5...2.31.0)

<p>
  <h4>Follow for updates</h4>
<a href="https://reddit.com/r/setup_php" title="setup-php reddit"><img
alt="setup-php reddit"
src="https://img.shields.io/badge/reddit-join-FF5700?logo=reddit&logoColor=FF5700&labelColor=555555"></a>
<a href="https://twitter.com/setup_php" title="setup-php twitter"><img
alt="setup-php twitter"
src="https://img.shields.io/badge/twitter-follow-1DA1F2?logo=twitter&logoColor=1DA1F2&labelColor=555555"></a>
<a href="https://status.setup-php.com" title="setup-php status"><img
alt="setup-php status"
src="https://img.shields.io/badge/status-subscribe-28A745?logo=statuspage&logoColor=28A745&labelColor=555555"></a>
</p>

###
[`v2.30.5`](https://togithub.com/shivammathur/setup-php/releases/tag/2.30.5)

[Compare
Source](https://togithub.com/shivammathur/setup-php/compare/2.30.4...2.30.5)

##### Changelog

-   Added support for Ubuntu 24.04.

- Added support for `easy-coding-standard` in tools
([https://github.com/shivammathur/setup-php/pull/838](https://togithub.com/shivammathur/setup-php/pull/838))

-   Added support for zephir_parser for PHP 8.3.

- Fixed installing zts PHP versions on macOS
([https://github.com/shivammathur/setup-php/issues/847](https://togithub.com/shivammathur/setup-php/issues/847)).

- Fixed installing `ev` extension
([https://github.com/shivammathur/setup-php/issues/844](https://togithub.com/shivammathur/setup-php/issues/844)).

- Fixed support for `ioncube` extension
([https://github.com/shivammathur/setup-php/issues/840](https://togithub.com/shivammathur/setup-php/issues/840)).

-   Updated Node.js dependencies.

For the complete list of changes, please refer to the [Full
Changelog](https://togithub.com/shivammathur/setup-php/compare/2.30.4...2.30.5)

<p>
  <h4>Follow for updates</h4>
<a href="https://reddit.com/r/setup_php" title="setup-php reddit"><img
alt="setup-php reddit"
src="https://img.shields.io/badge/reddit-join-FF5700?logo=reddit&logoColor=FF5700&labelColor=555555"></a>
<a href="https://twitter.com/setup_php" title="setup-php twitter"><img
alt="setup-php twitter"
src="https://img.shields.io/badge/twitter-follow-1DA1F2?logo=twitter&logoColor=1DA1F2&labelColor=555555"></a>
<a href="https://status.setup-php.com" title="setup-php status"><img
alt="setup-php status"
src="https://img.shields.io/badge/status-subscribe-28A745?logo=statuspage&logoColor=28A745&labelColor=555555"></a>
</p>

</details>

---

### Configuration

📅 **Schedule**: Branch creation - "before 6am on monday" in timezone
Australia/Sydney, Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

👻 **Immortal**: This PR will be recreated if closed unmerged. Get
[config help](https://togithub.com/renovatebot/renovate/discussions) if
that's undesired.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View
repository job log
[here](https://developer.mend.io/github/google/osv-scanner).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy40MjEuMCIsInVwZGF0ZWRJblZlciI6IjM3LjQyMS4wIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJkZXBlbmRlbmNpZXMiXX0=-->

Co-authored-by: Xueqin Cui <72771658+cuixq@users.noreply.github.com>
---
 .github/workflows/codeql-analysis.yml         |  6 ++---
 .github/workflows/osv-scanner-reusable-pr.yml |  2 +-
 .github/workflows/osv-scanner-reusable.yml    |  2 +-
 .github/workflows/scorecards.yml              |  2 +-
 .github/workflows/semantic.yml                | 24 +++++++++----------
 5 files changed, 18 insertions(+), 18 deletions(-)

diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml
index fca33747fc..c4eb0ebdb8 100644
--- a/.github/workflows/codeql-analysis.yml
+++ b/.github/workflows/codeql-analysis.yml
@@ -50,7 +50,7 @@ jobs:
           go-version-file: go.mod
       # Initializes the CodeQL tools for scanning.
       - name: Initialize CodeQL
-        uses: github/codeql-action/init@23acc5c183826b7a8a97bce3cecc52db901f8251 # v3.25.10
+        uses: github/codeql-action/init@b611370bb5703a7efb587f9d136a52ea24c5c38c # v3.25.11
         with:
           languages: ${{ matrix.language }}
           # If you wish to specify custom queries, you can do so here or in a config file.
@@ -61,7 +61,7 @@ jobs:
       # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
       # If this step fails, then you should remove it and run the build manually (see below)
       - name: Autobuild
-        uses: github/codeql-action/autobuild@23acc5c183826b7a8a97bce3cecc52db901f8251 # v3.25.10
+        uses: github/codeql-action/autobuild@b611370bb5703a7efb587f9d136a52ea24c5c38c # v3.25.11
 
       # ℹ️ Command-line programs to run using the OS shell.
       # 📚 https://git.io/JvXDl
@@ -75,4 +75,4 @@ jobs:
       #   make release
 
       - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@23acc5c183826b7a8a97bce3cecc52db901f8251 # v3.25.10
+        uses: github/codeql-action/analyze@b611370bb5703a7efb587f9d136a52ea24c5c38c # v3.25.11
diff --git a/.github/workflows/osv-scanner-reusable-pr.yml b/.github/workflows/osv-scanner-reusable-pr.yml
index 7d8932a548..2a55b27e86 100644
--- a/.github/workflows/osv-scanner-reusable-pr.yml
+++ b/.github/workflows/osv-scanner-reusable-pr.yml
@@ -108,6 +108,6 @@ jobs:
       # Upload the results to GitHub's code scanning dashboard.
       - name: "Upload to code-scanning"
         if: ${{ !cancelled() && inputs.upload-sarif == true }}
-        uses: github/codeql-action/upload-sarif@23acc5c183826b7a8a97bce3cecc52db901f8251 # v3.25.10
+        uses: github/codeql-action/upload-sarif@b611370bb5703a7efb587f9d136a52ea24c5c38c # v3.25.11
         with:
           sarif_file: ${{ inputs.results-file-name }}
diff --git a/.github/workflows/osv-scanner-reusable.yml b/.github/workflows/osv-scanner-reusable.yml
index 12df900cdb..4e24e57111 100644
--- a/.github/workflows/osv-scanner-reusable.yml
+++ b/.github/workflows/osv-scanner-reusable.yml
@@ -91,6 +91,6 @@ jobs:
       # Upload the results to GitHub's code scanning dashboard.
       - name: "Upload to code-scanning"
         if: "${{ !cancelled() && inputs.upload-sarif == true }}"
-        uses: github/codeql-action/upload-sarif@23acc5c183826b7a8a97bce3cecc52db901f8251 # v3.25.10
+        uses: github/codeql-action/upload-sarif@b611370bb5703a7efb587f9d136a52ea24c5c38c # v3.25.11
         with:
           sarif_file: ${{ inputs.results-file-name }}
diff --git a/.github/workflows/scorecards.yml b/.github/workflows/scorecards.yml
index f1ace43b78..366fcf0ac7 100644
--- a/.github/workflows/scorecards.yml
+++ b/.github/workflows/scorecards.yml
@@ -68,6 +68,6 @@ jobs:
 
       # Upload the results to GitHub's code scanning dashboard.
       - name: "Upload to code-scanning"
-        uses: github/codeql-action/upload-sarif@23acc5c183826b7a8a97bce3cecc52db901f8251 # v3.25.10
+        uses: github/codeql-action/upload-sarif@b611370bb5703a7efb587f9d136a52ea24c5c38c # v3.25.11
         with:
           sarif_file: results.sarif
diff --git a/.github/workflows/semantic.yml b/.github/workflows/semantic.yml
index 7e4e1b0c8a..88416e096b 100644
--- a/.github/workflows/semantic.yml
+++ b/.github/workflows/semantic.yml
@@ -32,14 +32,14 @@ jobs:
       contents: read # to fetch code (actions/checkout)
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
+      - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
 
       - uses: actions/cache/restore@0c45773b623bea8c8e75f6c82b208c3cf94ea4f9 # v4.0.2
         with:
           path: /tmp/debian-versions-generator-cache.csv
           key: ${{ runner.os }}-
 
-      - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
+      - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
         with:
           persist-credentials: false
       - uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d # v5.1.0
@@ -64,10 +64,10 @@ jobs:
       contents: read # to fetch code (actions/checkout)
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
+      - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
         with:
           persist-credentials: false
-      - uses: shivammathur/setup-php@c665c7a15b5295c2488ac8a87af9cb806cd72198 # v2.30.4
+      - uses: shivammathur/setup-php@2e947f1f6932d141d076ca441d0e1e881775e95b # 2.31.0
         with:
           php-version: "8.2"
           extensions: zip
@@ -83,7 +83,7 @@ jobs:
       contents: read # to fetch code (actions/checkout)
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
+      - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
         with:
           persist-credentials: false
       - uses: actions/setup-python@82c7e631bb3cdc910f68e0081d67478d79c6982d # v5.1.0
@@ -103,10 +103,10 @@ jobs:
       contents: read # to fetch code (actions/checkout)
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
+      - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
         with:
           persist-credentials: false
-      - uses: ruby/setup-ruby@1198b074305f9356bd56dd4b311757cc0dab2f1c # v1.175.1
+      - uses: ruby/setup-ruby@1d0e911f615a112e322369596f10ee0b95b010ae # v1.183.0
         with:
           ruby-version: "3.1"
       - name: setup dependencies
@@ -123,7 +123,7 @@ jobs:
       contents: read # to fetch code (actions/checkout)
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
+      - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
         with:
           persist-credentials: false
       - uses: actions/setup-java@99b8673ff64fbf99d8d325f52d9a5bdedb8483e9 # v4.2.1
@@ -149,10 +149,10 @@ jobs:
       contents: read # to fetch code (actions/checkout)
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
+      - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
         with:
           persist-credentials: false
-      - uses: r-lib/actions/setup-r@b7e68d63e51bdf225997973e2add36d551f60f02 # v2.8.7
+      - uses: r-lib/actions/setup-r@929c772977a3a13c8733b363bf5a2f685c25dd91 # v2.9.0
         with:
           r-version: "3.5.3"
       - run: Rscript scripts/generators/generate-cran-versions.R
@@ -175,10 +175,10 @@ jobs:
       - generate-cran-versions
     if: always()
     steps:
-      - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
+      - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
         with:
           persist-credentials: false
-      - uses: actions/setup-go@0c52d547c9bc32b1aa3301fd7a9cb496313a4491 # v5.0.0
+      - uses: actions/setup-go@cdcb36043654635271a94b9a6d1392de5bb323a7 # v5.0.1
         with:
           go-version-file: .go-version
           cache: true