chore(deps): update github-actions

[renovate[bot]]

This PR contains the following updates:

Package	Type	Update	Change
actions/upload-artifact	action	patch	v4.3.4 -> v4.3.5
docker/setup-buildx-action	action	minor	v3.4.0 -> v3.6.1
github/codeql-action	action	patch	v3.25.11 -> v3.25.15
miracum/.github	action	patch	v1.11.2 -> v1.11.4
ossf/scorecard-action	action	minor	v2.3.3 -> v2.4.0

---

Release Notes

actions/upload-artifact (actions/upload-artifact)

### [`v4.3.5`](https://togithub.com/actions/upload-artifact/compare/v4.3.4...v4.3.5) [Compare Source](https://togithub.com/actions/upload-artifact/compare/v4.3.4...v4.3.5)

docker/setup-buildx-action (docker/setup-buildx-action)

### [`v3.6.1`](https://togithub.com/docker/setup-buildx-action/releases/tag/v3.6.1) [Compare Source](https://togithub.com/docker/setup-buildx-action/compare/v3.6.0...v3.6.1) - Check for malformed docker context by [@​crazy-max](https://togithub.com/crazy-max) in [https://github.com/docker/setup-buildx-action/pull/347](https://togithub.com/docker/setup-buildx-action/pull/347) **Full Changelog**: https://github.com/docker/setup-buildx-action/compare/v3.6.0...v3.6.1 ### [`v3.6.0`](https://togithub.com/docker/setup-buildx-action/releases/tag/v3.6.0) [Compare Source](https://togithub.com/docker/setup-buildx-action/compare/v3.5.0...v3.6.0) - Create temp docker context if default one has TLS data loaded before creating a container builder by [@​crazy-max](https://togithub.com/crazy-max) in [https://github.com/docker/setup-buildx-action/pull/341](https://togithub.com/docker/setup-buildx-action/pull/341) **Full Changelog**: https://github.com/docker/setup-buildx-action/compare/v3.5.0...v3.6.0 ### [`v3.5.0`](https://togithub.com/docker/setup-buildx-action/compare/v3.4.0...v3.5.0) [Compare Source](https://togithub.com/docker/setup-buildx-action/compare/v3.4.0...v3.5.0)

github/codeql-action (github/codeql-action)

### [`v3.25.15`](https://togithub.com/github/codeql-action/compare/v3.25.14...v3.25.15) [Compare Source](https://togithub.com/github/codeql-action/compare/v3.25.14...v3.25.15) ### [`v3.25.14`](https://togithub.com/github/codeql-action/compare/v3.25.13...v3.25.14) [Compare Source](https://togithub.com/github/codeql-action/compare/v3.25.13...v3.25.14) ### [`v3.25.13`](https://togithub.com/github/codeql-action/compare/v3.25.12...v3.25.13) [Compare Source](https://togithub.com/github/codeql-action/compare/v3.25.12...v3.25.13) ### [`v3.25.12`](https://togithub.com/github/codeql-action/compare/v3.25.11...v3.25.12) [Compare Source](https://togithub.com/github/codeql-action/compare/v3.25.11...v3.25.12)

miracum/.github (miracum/.github)

### [`v1.11.4`](https://togithub.com/miracum/.github/releases/tag/v1.11.4) [Compare Source](https://togithub.com/miracum/.github/compare/v1.11.3...v1.11.4) ##### Miscellaneous Chores - **deps:** update dependency gradle to v8.9 ([#​73](https://togithub.com/miracum/.github/issues/73)) ([1965a6a](https://togithub.com/miracum/.github/commit/1965a6a256d06cb1195ea55b0c66fc56d0045f4f)) - **deps:** update docker.io/library/python:3.12.4-slim docker digest to [`1ef6f4d`](https://togithub.com/miracum/.github/commit/1ef6f4d) ([#​71](https://togithub.com/miracum/.github/issues/71)) ([94bc59a](https://togithub.com/miracum/.github/commit/94bc59ad38688cdadd85572c9079a812dc2f3476)) - **deps:** update gcr.io/distroless/python3-debian12:nonroot docker digest to [`fdb3a04`](https://togithub.com/miracum/.github/commit/fdb3a04) ([#​72](https://togithub.com/miracum/.github/issues/72)) ([cde023d](https://togithub.com/miracum/.github/commit/cde023da3ffba8ed29d617aa4aa7a6539dbbfb4b)) - **deps:** update github-actions ([#​74](https://togithub.com/miracum/.github/issues/74)) ([8bd8b2e](https://togithub.com/miracum/.github/commit/8bd8b2ed7eae0c866d830fc8dd8cabf39d346ae5)) ### [`v1.11.3`](https://togithub.com/miracum/.github/releases/tag/v1.11.3) [Compare Source](https://togithub.com/miracum/.github/compare/v1.11.2...v1.11.3) ##### Miscellaneous Chores - **deps:** update github-actions ([#​70](https://togithub.com/miracum/.github/issues/70)) ([6e79e87](https://togithub.com/miracum/.github/commit/6e79e87ffce2b28fa1052cbe3ac78f9ab7a2ea77))

ossf/scorecard-action (ossf/scorecard-action)

### [`v2.4.0`](https://togithub.com/ossf/scorecard-action/releases/tag/v2.4.0) [Compare Source](https://togithub.com/ossf/scorecard-action/compare/v2.3.3...v2.4.0) #### What's Changed This update bumps the Scorecard version to the v5 release. For a complete list of changes, please refer to the [v5.0.0 release notes](https://togithub.com/ossf/scorecard/releases/tag/v5.0.0). Of special note to Scorecard Action is the Maintainer Annotation feature, which can be used to suppress some Code Scanning false positives. Alerts will not be generated for any Scorecard Check with an annotation. - :seedling: Bump github.com/ossf/scorecard/v5 from v5.0.0-rc2 to v5.0.0 by [@​spencerschrock](https://togithub.com/spencerschrock) in [https://github.com/ossf/scorecard-action/pull/1410](https://togithub.com/ossf/scorecard-action/pull/1410) - :bug: lower license sarif alert threshold to 9 by [@​spencerschrock](https://togithub.com/spencerschrock) in [https://github.com/ossf/scorecard-action/pull/1411](https://togithub.com/ossf/scorecard-action/pull/1411) ##### Documentation - docs: dogfooding badge by [@​jkowalleck](https://togithub.com/jkowalleck) in [https://github.com/ossf/scorecard-action/pull/1399](https://togithub.com/ossf/scorecard-action/pull/1399) #### New Contributors - [@​jkowalleck](https://togithub.com/jkowalleck) made their first contribution in [https://github.com/ossf/scorecard-action/pull/1399](https://togithub.com/ossf/scorecard-action/pull/1399) **Full Changelog**: https://github.com/ossf/scorecard-action/compare/v2.3.3...v2.4.0

---

Configuration

📅 Schedule: Branch creation - "every 3 months on the first day of the month" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• [ ] If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[github-actions[bot]]

🦙 MegaLinter status: ⚠️ WARNING

Descriptor	Linter	Files	Fixed	Errors	Elapsed time
✅ ACTION	actionlint	5		0	0.12s
✅ BASH	bash-exec	1		0	0.0s
✅ BASH	shellcheck	1		0	0.01s
✅ BASH	shfmt	1		0	0.03s
✅ CSHARP	csharpier	95		0	4.67s
⚠️ CSHARP	roslynator	3		2	46.33s
✅ DOCKERFILE	hadolint	1		0	0.14s
✅ EDITORCONFIG	editorconfig-checker	181		0	1.52s
✅ JSON	jsonlint	27		0	0.42s
✅ JSON	prettier	27		0	3.91s
✅ JSON	v8r	27		0	10.95s
✅ MARKDOWN	markdownlint	4		0	1.24s
✅ PROTOBUF	protolint	4		0	7.11s
✅ REPOSITORY	checkov	yes		no	14.65s
✅ REPOSITORY	dustilock	yes		no	0.06s
✅ REPOSITORY	gitleaks	yes		no	0.63s
✅ REPOSITORY	git_diff	yes		no	0.07s
✅ REPOSITORY	grype	yes		no	15.07s
✅ REPOSITORY	kics	yes		no	17.7s
✅ REPOSITORY	secretlint	yes		no	1.34s
✅ REPOSITORY	syft	yes		no	0.4s
✅ REPOSITORY	trivy	yes		no	8.84s
✅ REPOSITORY	trivy-sbom	yes		no	1.17s
✅ REPOSITORY	trufflehog	yes		no	5.65s
✅ XML	xmllint	2		0	0.01s
✅ YAML	prettier	29		0	2.52s
✅ YAML	v8r	29		0	39.99s
✅ YAML	yamllint	29		0	1.0s

See detailed report in MegaLinter reports

You could have same capabilities but better runtime performances if you request a new MegaLinter flavor.

• Click here to request the new flavor

_MegaLinter is graciously provided by _

[github-actions[bot]]

Trivy image scan report

ghcr.io/miracum/fhir-pseudonymizer:pr-193 (ubuntu 24.04)

4 known vulnerabilities found (CRITICAL: 0 HIGH: 0 MEDIUM: 0 LOW: 4)

Show detailed table of vulnerabilities

Package	ID	Severity	Installed Version	Fixed Version
libssl3t64	CVE-2024-2511	LOW	3.0.13-0ubuntu3.1	3.0.13-0ubuntu3.2
libssl3t64	CVE-2024-4603	LOW	3.0.13-0ubuntu3.1	3.0.13-0ubuntu3.2
libssl3t64	CVE-2024-4741	LOW	3.0.13-0ubuntu3.1	3.0.13-0ubuntu3.2
libssl3t64	CVE-2024-5535	LOW	3.0.13-0ubuntu3.1	3.0.13-0ubuntu3.2

No Misconfigurations found

opt/fhir-pseudonymizer/FhirPseudonymizer.deps.json

No Vulnerabilities found

No Misconfigurations found

opt/fhir-pseudonymizer/packages.lock.json

No Vulnerabilities found

No Misconfigurations found

usr/share/dotnet/shared/Microsoft.AspNetCore.App/8.0.7/Microsoft.AspNetCore.App.deps.json

No Vulnerabilities found

No Misconfigurations found

usr/share/dotnet/shared/Microsoft.NETCore.App/8.0.7/Microsoft.NETCore.App.deps.json

No Vulnerabilities found

No Misconfigurations found

[github-actions[bot]]

Package	Line Rate	Branch Rate	Health
FhirPseudonymizer.Tests	100%	100%	✔
FhirPseudonymizer	74%	65%	✔
Summary	81% (816 / 1008)	68% (93 / 136)	✔

Minimum allowed line rate is 50%

---

iter8 report

Experiment summary:
*******************

  Experiment completed: true
  No task failures: true
  Total number of tasks: 7
  Number of completed tasks: 7
  Number of completed loops: 1

Whether or not service level objectives (SLOs) are satisfied:
*************************************************************

  SLO Conditions                 | Satisfied
  --------------                 | ---------
  http/error-count <= 0          | true
  http/latency-mean (msec) <= 25 | true
  http/latency-p99 (msec) <= 85  | true

Latest observed values for metrics:
***********************************

  Metric                     | value
  -------                    | -----
  http/error-count           | 0.00
  http/error-rate            | 0.00
  http/latency-max (msec)    | 843.82
  http/latency-mean (msec)   | 14.71
  http/latency-min (msec)    | 2.16
  http/latency-p50 (msec)    | 7.35
  http/latency-p75 (msec)    | 13.07
  http/latency-p90 (msec)    | 45.88
  http/latency-p95 (msec)    | 55.56
  http/latency-p99 (msec)    | 71.06
  http/latency-p99.9 (msec)  | 113.33
  http/latency-stddev (msec) | 20.46
  http/request-count         | 25000.00

[miracum-bot]

:tada: This issue has been resolved in version 2.21.14 :tada:

The release is available on GitHub release

Your semantic-release bot :package::rocket: