build(deps): bump the actions group across 1 directory with 3 updates

[dependabot]

Bumps the actions group with 3 updates in the / directory: step-security/harden-runner, chainguard-dev/actions and zizmorcore/zizmor-action.

Updates step-security/harden-runner from 2.19.3 to 2.19.4

Release notes

Sourced from step-security/harden-runner's releases.

v2.19.4

What's Changed

• Improvements for HTTPS Monitoring for the Enterprise tier of Harden Runner

Full Changelog: step-security/harden-runner@v2.19.3...v2.19.4

Commits

• 9af89fc Merge pull request #667 from step-security/update-agent-v1.8.6
• 485dce8 Update agent to v1.8.6
• See full diff in compare view

Updates chainguard-dev/actions from 1.6.19 to 1.6.25

Release notes

Sourced from chainguard-dev/actions's releases.

v1.6.25

What's Changed

• Bump pinned tool versions (gitsign, kind, k3d, metallb, terraform, wolfi-act) by @​cpanato in chainguard-dev/actions#954
• fix(nodiff): generate patch from the checkout dir, not workspace root by @​jml in chainguard-dev/actions#956
• build(deps): bump chainguard-dev/actions from 1.6.23 to 1.6.24 by @​dependabot[bot] in chainguard-dev/actions#957
• build(deps): bump chainguard-dev/actions from 1.6.23 to 1.6.24 in /release-notes by @​dependabot[bot] in chainguard-dev/actions#963
• build(deps): bump chainguard-dev/actions from 1.6.23 to 1.6.24 in /wolfi-build-pkg by @​dependabot[bot] in chainguard-dev/actions#964
• build(deps): bump chainguard-dev/actions from 1.6.23 to 1.6.24 in /melange-build by @​dependabot[bot] in chainguard-dev/actions#962
• build(deps): bump chainguard-dev/actions from 1.6.23 to 1.6.24 in /inky-build-pkg by @​dependabot[bot] in chainguard-dev/actions#961
• build(deps): bump chainguard-dev/actions from 1.6.23 to 1.6.24 in /goimports by @​dependabot[bot] in chainguard-dev/actions#960
• build(deps): bump chainguard-dev/actions from 1.6.23 to 1.6.24 in /gofmt by @​dependabot[bot] in chainguard-dev/actions#959
• build(deps): bump chainguard-dev/actions from 1.6.23 to 1.6.24 in /git-tag by @​dependabot[bot] in chainguard-dev/actions#958
• Bump major tool defaults (helm, argo, istio, knative, k8s) + add CI coverage + dependabot npm/gomod by @​cpanato in chainguard-dev/actions#955
• build(deps-dev): bump @​types/node from 20.19.39 to 25.9.3 in /otel-export by @​dependabot[bot] in chainguard-dev/actions#966
• build(deps): bump github.com/sethvargo/go-envconfig from 1.1.1 to 1.3.0 in /hugo2confluence by @​dependabot[bot] in chainguard-dev/actions#965

Full Changelog: chainguard-dev/actions@v1.6.24...v1.6.25

v1.6.24

What's Changed

• build(deps): bump chainguard-dev/actions from 1.6.22 to 1.6.23 in /wolfi-build-pkg by @​dependabot[bot] in chainguard-dev/actions#950
• build(deps): bump chainguard-dev/actions from 1.6.22 to 1.6.23 in /release-notes by @​dependabot[bot] in chainguard-dev/actions#949
• build(deps): bump chainguard-dev/actions from 1.6.22 to 1.6.23 in /melange-build by @​dependabot[bot] in chainguard-dev/actions#948
• build(deps): bump chainguard-dev/actions from 1.6.22 to 1.6.23 in /inky-build-pkg by @​dependabot[bot] in chainguard-dev/actions#947
• build(deps): bump chainguard-dev/actions from 1.6.22 to 1.6.23 in /goimports by @​dependabot[bot] in chainguard-dev/actions#946
• build(deps): bump chainguard-dev/actions from 1.6.22 to 1.6.23 in /gofmt by @​dependabot[bot] in chainguard-dev/actions#945
• build(deps): bump chainguard-dev/actions from 1.6.22 to 1.6.23 in /git-tag by @​dependabot[bot] in chainguard-dev/actions#944
• build(deps): bump chainguard-dev/actions from 1.6.22 to 1.6.23 by @​dependabot[bot] in chainguard-dev/actions#943
• build(deps): bump protobufjs from 8.4.0 to 8.6.3 in /otel-export in the npm_and_yarn group across 1 directory by @​dependabot[bot] in chainguard-dev/actions#951
• bump tf-docs to v0.24.0 and add windows binaries by @​cpanato in chainguard-dev/actions#953

Full Changelog: chainguard-dev/actions@v1.6.23...v1.6.24

v1.6.23

What's Changed

• build(deps): bump chainguard-dev/actions from 1.6.21 to 1.6.22 in /wolfi-build-pkg by @​dependabot[bot] in chainguard-dev/actions#942
• build(deps): bump chainguard-dev/actions from 1.6.21 to 1.6.22 in /release-notes by @​dependabot[bot] in chainguard-dev/actions#941
• build(deps): bump chainguard-dev/actions from 1.6.21 to 1.6.22 in /melange-build by @​dependabot[bot] in chainguard-dev/actions#940
• build(deps): bump chainguard-dev/actions from 1.6.21 to 1.6.22 in /inky-build-pkg by @​dependabot[bot] in chainguard-dev/actions#939
• build(deps): bump chainguard-dev/actions from 1.6.21 to 1.6.22 in /goimports by @​dependabot[bot] in chainguard-dev/actions#938
• build(deps): bump chainguard-dev/actions from 1.6.21 to 1.6.22 in /gofmt by @​dependabot[bot] in chainguard-dev/actions#937
• build(deps): bump chainguard-dev/actions from 1.6.21 to 1.6.22 in /git-tag by @​dependabot[bot] in chainguard-dev/actions#936
• build(deps): bump chainguard-dev/actions from 1.6.21 to 1.6.22 by @​dependabot[bot] in chainguard-dev/actions#935

Full Changelog: chainguard-dev/actions@v1.6.22...v1.6.23

v1.6.22

... (truncated)

Commits

• e1c4977 build(deps): bump github.com/sethvargo/go-envconfig in /hugo2confluence (#965)
• 08507ab build(deps-dev): bump @​types/node in /otel-export (#966)
• 392b80d Bump major tool defaults (helm, argo, istio, knative, k8s) + add CI coverage ...
• e9e8319 build(deps): bump chainguard-dev/actions in /git-tag (#958)
• 57c4c2b build(deps): bump chainguard-dev/actions from 1.6.23 to 1.6.24 in /gofmt (#959)
• b5d23ad build(deps): bump chainguard-dev/actions in /goimports (#960)
• 36c1a66 build(deps): bump chainguard-dev/actions in /inky-build-pkg (#961)
• 0b05232 build(deps): bump chainguard-dev/actions in /melange-build (#962)
• b4d1959 build(deps): bump chainguard-dev/actions in /wolfi-build-pkg (#964)
• ed93655 build(deps): bump chainguard-dev/actions in /release-notes (#963)
• Additional commits viewable in compare view

Updates zizmorcore/zizmor-action from 0.5.6 to 0.5.7

Release notes

Sourced from zizmorcore/zizmor-action's releases.

v0.5.7

1.26.1 is now available via the action 1.26.1 is now the default version of zizmor used by the action

Commits

• 192e21d Sync zizmor versions (#127)
• 2720f26 Update README.md with new actions/checkout version (#126)
• 40b41b8 chore(deps): bump the github-actions group with 2 updates (#123)
• a687b25 chore(deps): bump github/codeql-action from 4.35.5 to 4.36.0 in the github-ac...
• 64a6900 add note to explain that the default value for online-checks is different t...
• 14050ab chore(deps): bump the github-actions group with 2 updates (#118)
• ee9b419 chore(deps): bump github/codeql-action in the github-actions group (#116)
• fddf2b4 Bump pins in README (#115)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions