build(deps): bump the minor-and-patch-actions-weekly group across 1 directory with 6 updates

[dependabot]

Bumps the minor-and-patch-actions-weekly group with 6 updates in the / directory:

Package	From	To
step-security/harden-runner	2.13.0	2.13.1
step-security/publish-unit-test-result-action	2.20.2	2.20.4
step-security/foundry-toolchain	1.4.0	1.4.1
step-security/ghaction-import-gpg	6.3.0	6.3.1
step-security/close-milestone	2.2.0	2.2.1
ncipollo/release-action	1.18.0	1.20.0

Updates step-security/harden-runner from 2.13.0 to 2.13.1

Release notes

Sourced from step-security/harden-runner's releases.

v2.13.1

What's Changed

• Graceful handling of HTTP errors: Improved error handling when fetching Harden Runner policies from the StepSecurity Policy Store API, ensuring more reliable execution even in case of temporary network/API issues.

• Security updates for npm dependencies: Updated vulnerable npm package dependencies to the latest secure versions.

• Faster enterprise agent downloads: The enterprise agent is now downloaded from GitHub Releases instead of packages.stepsecurity.io, improving download speed and reliability.

Full Changelog: step-security/harden-runner@v2.13.0...v2.13.1

Commits

• f4a75cf Merge pull request #588 from step-security/rc-26
• 95503d0 ci: remove code-review workflow
• 4b250a0 ci: add job to confirm dist is as expected
• 5b0ab6a update dependencies
• d11f2c1 fix bug where status code was not being preserved
• b3fc98e improve error handling for policy store sceanrio
• 92fc5d4 update error message
• b61b0a4 policy store improvements
• e3d3f2b use GitHub release instead of packages
• 646ac01 update agent
• Additional commits viewable in compare view

Updates step-security/publish-unit-test-result-action from 2.20.2 to 2.20.4

Release notes

Sourced from step-security/publish-unit-test-result-action's releases.

v2.20.4

What's Changed

• fix: Subscription validation scenarios handled by @​Raj-StepSecurity in step-security/publish-unit-test-result-action#123
• feat: Update action.yml by @​Raj-StepSecurity in step-security/publish-unit-test-result-action#124
• feat: Update action.yml by @​Raj-StepSecurity in step-security/publish-unit-test-result-action#125
• feat: Update action.yml by @​Raj-StepSecurity in step-security/publish-unit-test-result-action#126
• feat: Update action.yml by @​Raj-StepSecurity in step-security/publish-unit-test-result-action#127
• feat: Update action.yml by @​Raj-StepSecurity in step-security/publish-unit-test-result-action#128
• feat: Update action.yml by @​Raj-StepSecurity in step-security/publish-unit-test-result-action#129

Full Changelog: step-security/publish-unit-test-result-action@v2...v2.20.4

Commits

• 5d195d4 Merge pull request #129 from step-security/Raj-StepSecurity-patch-16
• 29cc9d2 Update action.yml
• ea21df0 Merge pull request #128 from step-security/Raj-StepSecurity-patch-15
• 4847439 Update action.yml
• 230f6e8 Merge pull request #127 from step-security/Raj-StepSecurity-patch-14
• e4fde32 Update action.yml
• 738e9dc Merge pull request #126 from step-security/Raj-StepSecurity-patch-13
• 1c392e5 Update action.yml
• c59c519 Merge pull request #125 from step-security/Raj-StepSecurity-patch-12
• 6f634c8 Update action.yml
• Additional commits viewable in compare view

Updates step-security/foundry-toolchain from 1.4.0 to 1.4.1

Release notes

Sourced from step-security/foundry-toolchain's releases.

v1.4.1

What's Changed

• fix: Security updates by @​github-actions[bot] in step-security/foundry-toolchain#110
• fix: Security updates by @​github-actions[bot] in step-security/foundry-toolchain#114
• fix: Security updates by @​github-actions[bot] in step-security/foundry-toolchain#115
• fix: fixed validate subscription code by @​amanstep in step-security/foundry-toolchain#117

New Contributors

• @​amanstep made their first contribution in step-security/foundry-toolchain#117

Full Changelog: step-security/foundry-toolchain@v1...v1.4.1

Commits

• 0f33b42 Merge pull request #117 from step-security/fix/subscription
• 534dd0e fix: fixed validate subscription code
• fc0b68a Merge pull request #115 from step-security/npm-audit-fix
• ce786fb fix: apply audit fixes
• 7a8af5c fix: apply audit fixes
• 18e3636 fix: apply audit fixes
• e4e72b3 fix: apply audit fixes
• 82be6fa fix: apply audit fixes
• 4bd4629 Merge pull request #114 from step-security/npm-audit-fix
• ea21368 fix: apply audit fixes
• Additional commits viewable in compare view

Updates step-security/ghaction-import-gpg from 6.3.0 to 6.3.1

Release notes

Sourced from step-security/ghaction-import-gpg's releases.

v6.3.1

What's Changed

• Update auto_cherry_pick.yml by @​Raj-StepSecurity in step-security/ghaction-import-gpg#146
• Create guarddog.yml by @​Raj-StepSecurity in step-security/ghaction-import-gpg#145
• fix: Security updates by @​github-actions[bot] in step-security/ghaction-import-gpg#151
• Bump brace-expansion from 1.1.11 to 1.1.12 by @​dependabot[bot] in step-security/ghaction-import-gpg#149
• fix: fixed subscription check code by @​amanstep in step-security/ghaction-import-gpg#175

New Contributors

• @​amanstep made their first contribution in step-security/ghaction-import-gpg#175

Full Changelog: step-security/ghaction-import-gpg@v6...v6.3.1

Commits

• 69c854a Merge pull request #175 from step-security/fix/subscription
• 347e30a fix: fixed subscription check code
• 4d3430a Merge pull request #149 from step-security/dependabot/npm_and_yarn/brace-expa...
• 2798f24 Bump brace-expansion from 1.1.11 to 1.1.12
• e702cb5 Merge pull request #151 from step-security/yarn-audit-fix
• 5800c46 fix: apply audit fixes
• a58f931 Merge pull request #145 from step-security/Raj-StepSecurity-patch-2
• d638834 Merge branch 'main' into Raj-StepSecurity-patch-2
• 9948152 Merge pull request #146 from step-security/Raj-StepSecurity-patch-3
• b93ede7 Update auto_cherry_pick.yml
• Additional commits viewable in compare view

Updates step-security/close-milestone from 2.2.0 to 2.2.1

Release notes

Sourced from step-security/close-milestone's releases.

v2.2.1

What's Changed

• fix: Security updates by @​github-actions[bot] in step-security/close-milestone#83
• fix: Security updates by @​github-actions[bot] in step-security/close-milestone#91
• Create guarddog.yml by @​Raj-StepSecurity in step-security/close-milestone#78
• chore: dist updated by @​github-actions[bot] in step-security/close-milestone#100
• feat: Update main.ts by @​Raj-StepSecurity in step-security/close-milestone#99

Full Changelog: step-security/close-milestone@v2...v2.2.1

Commits

• b097272 feat: Update main.ts (#99)
• d0c3c89 Merge pull request #100 from step-security/npm-audit-fix
• b013a00 Update main.ts
• ab8a244 Merge pull request #78 from step-security/Raj-StepSecurity-patch-3
• 95c6220 Merge branch 'main' into Raj-StepSecurity-patch-3
• 8867439 Merge pull request #91 from step-security/npm-audit-fix
• 2483b18 fix: apply audit fixes
• 4b2a8ac fix: apply audit fixes
• 9f35898 fix: apply audit fixes
• 7c316d3 Merge pull request #83 from step-security/npm-audit-fix
• Additional commits viewable in compare view

Updates ncipollo/release-action from 1.18.0 to 1.20.0

Release notes

Sourced from ncipollo/release-action's releases.

v1.20.0

What's Changed

• Fixes #542 Add previous tag option by @​ncipollo in ncipollo/release-action#550

Full Changelog: ncipollo/release-action@v1...v1.20.0

v1.19.2

What's Changed

• Update immutableCreate's default in the documentation by @​bblanchon in ncipollo/release-action#547
• Fixes #548 Add support body + generated release notes by @​ncipollo in ncipollo/release-action#549

New Contributors

• @​bblanchon made their first contribution in ncipollo/release-action#547

Full Changelog: ncipollo/release-action@v1...v1.19.2

v1.19.1

Defaults immutableCreate to false if it is omitted.

Full Changelog: ncipollo/release-action@v1.19.0...v1.19.1

v1.19.0

What's Changed

• Fixes #540 Add support for immutable releases by @​ncipollo in ncipollo/release-action#544
• Bump actions/checkout from 4 to 5 by @​dependabot[bot] in ncipollo/release-action#541
• Bump glob from 11.0.2 to 11.0.3 by @​dependabot[bot] in ncipollo/release-action#534

Full Changelog: ncipollo/release-action@v1...v1.19.0

Commits

• b7eabc9 preparing release 1.20.0
• e87de4c Fixes #542 Add previous tag option (#550)
• 98d25d4 preparing release 1.19.2
• d360126 Fixes #548 Add support body + generated release notes (#549)
• 571fe81 Update immutableCreate's default in the documentation (#547)
• 1c89adf preparing release 1.19.1
• 36bf8dd References #545 Default immutable builds to false
• b12185d preparing release 1.19.0
• defcf13 Fixes #540 Add support for immutable releases (#544)
• 05013d5 Standardize on separate call to generate release notes
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.

❗ There is a different number of reports uploaded between BASE (c5c5433) and HEAD (f663394). Click for more details.

HEAD has 23 uploads less than BASE

Flag	BASE (c5c5433)	HEAD (f663394)
config-service	1	0
relay	1	0
server	1	0
ws-server	1	0
	20	1

@@             Coverage Diff             @@
##             main    #4400       +/-   ##
===========================================
- Coverage   96.10%   68.84%   -27.27%     
===========================================
  Files         121      121               
  Lines       19940    19940               
  Branches     1755      512     -1243     
===========================================
- Hits        19164    13728     -5436     
- Misses        751     6200     +5449     
+ Partials       25       12       -13     

Flag	Coverage Δ
config-service	?
relay	?
server	?
ws-server	?

Flags with carried forward coverage won't be shown. Click here to find out more.
see 68 files with indirect coverage changes

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.