chore(ci): update actions

[github-actions[bot]]

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

Package	Version	Score	Details
actions/github/codeql-action/analyze	afb54ba388a7dca6ecae48f608c4ff05ff4cc77a	Unknown	Unknown
actions/github/codeql-action/init	afb54ba388a7dca6ecae48f608c4ff05ff4cc77a	Unknown	Unknown
actions/step-security/harden-runner	0d381219ddf674d61a7572ddd19d7941e271515c	:green_circle: 8.8	Details Check Score Reason Binary-Artifacts :green_circle: 10 no binaries found in the repo Branch-Protection :warning: -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration CI-Tests :green_circle: 10 15 out of 15 merged PRs checked by a CI test -- score normalized to 10 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected Code-Review :green_circle: 10 all changesets reviewed Contributors :green_circle: 6 project has 2 contributing companies or organizations -- score normalized to 6 Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Dependency-Update-Tool :green_circle: 10 update tool detected Fuzzing :warning: 0 project is not fuzzed License :green_circle: 10 license file detected Maintained :green_circle: 10 29 commit(s) and 5 issue activity found in the last 90 days -- score normalized to 10 Packaging :warning: -1 packaging workflow not detected Pinned-Dependencies :green_circle: 7 dependency not pinned by hash detected -- score normalized to 7 SAST :green_circle: 10 SAST tool is run on all commits Security-Policy :green_circle: 10 security policy file detected Signed-Releases :warning: -1 no releases found Token-Permissions :green_circle: 10 GitHub workflow tokens follow principle of least privilege Vulnerabilities :green_circle: 10 0 existing vulnerabilities detected
actions/actions/upload-artifact	89ef406dd8d7e03cfd12d9e0a4a378f454709029	:green_circle: 6.6	Details Check Score Reason Code-Review :green_circle: 9 Found 10/11 approved changesets -- score normalized to 9 Maintained :green_circle: 5 4 commit(s) and 2 issue activity found in the last 90 days -- score normalized to 5 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 10 license file detected Signed-Releases :warning: -1 no releases found Branch-Protection :warning: -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Binary-Artifacts :green_circle: 10 no binaries found in the repo Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions Packaging :warning: -1 packaging workflow not detected Fuzzing :warning: 0 project is not fuzzed Pinned-Dependencies :warning: 1 dependency not pinned by hash detected -- score normalized to 1 Security-Policy :green_circle: 9 security policy file detected SAST :green_circle: 9 SAST tool detected but not run on all commits Vulnerabilities :green_circle: 10 0 existing vulnerabilities detected
actions/actions/attest-build-provenance	210c1913531870065f03ce1f9440dd87bc0938cd	Unknown	Unknown
actions/softprops/action-gh-release	c062e08bd532815e2082a85e87e3ef29c3e6d191	:green_circle: 5.1	Details Check Score Reason Code-Review :warning: 1 Found 2/18 approved changesets -- score normalized to 1 Maintained :green_circle: 10 30 commit(s) and 7 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices :warning: 0 no effort to earn an OpenSSF best practices badge detected License :green_circle: 10 license file detected Packaging :warning: -1 packaging workflow not detected Dangerous-Workflow :green_circle: 10 no dangerous workflow patterns detected Token-Permissions :warning: 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts :green_circle: 10 no binaries found in the repo Pinned-Dependencies :green_circle: 10 all dependencies are pinned Branch-Protection :warning: 0 branch protection not enabled on development/release branches Signed-Releases :warning: -1 no releases found Fuzzing :warning: 0 project is not fuzzed Security-Policy :warning: 0 security policy file not detected SAST :warning: 0 SAST tool is not run on all commits -- score normalized to 0 Vulnerabilities :green_circle: 10 0 existing vulnerabilities detected

Scanned Manifest Files

.github/workflows/codeql-analysis.yml

• github/codeql-action/analyze@afb54ba388a7dca6ecae48f608c4ff05ff4cc77a
• github/codeql-action/init@afb54ba388a7dca6ecae48f608c4ff05ff4cc77a
• github/codeql-action/analyze@4fa2a7953630fd2f3fb380f21be14ede0169dd4f
• github/codeql-action/init@4fa2a7953630fd2f3fb380f21be14ede0169dd4f

.github/workflows/dependency-review.yml

• step-security/harden-runner@0d381219ddf674d61a7572ddd19d7941e271515c
• step-security/harden-runner@17d0e2bd7d51742c71671bd19fa12bdc9d40a3d6

.github/workflows/e2e.yml

• actions/upload-artifact@89ef406dd8d7e03cfd12d9e0a4a378f454709029
• actions/upload-artifact@0b2256b8c012f0828dc542b3febcab082c67f72b

.github/workflows/push-tag.yml

• actions/attest-build-provenance@210c1913531870065f03ce1f9440dd87bc0938cd
• softprops/action-gh-release@c062e08bd532815e2082a85e87e3ef29c3e6d191
• actions/attest-build-provenance@5e9cb68e95676991667494a6a4e59b8a2f13e1d0
• softprops/action-gh-release@a74c6b72af54cfa997e81df42d94703d6313a2d0