deps: update github actions (patch)

[renovate]

This PR contains the following updates:

Package	Type	Update	Change	Pending
Checkmarx/kics-github-action	action	patch	v2.1.3 -> v2.1.14	v2.1.15
actions/upload-artifact	action	patch	v4.6.1 -> v4.6.2
check-spelling/check-spelling	action	patch	v0.0.24 -> v0.0.25
github/codeql-action	action	patch	v3.28.11 -> v3.28.21
kyverno/action-install-chainsaw	action	patch	v0.2.11 -> v0.2.13
ossf/scorecard-action	action	patch	v2.4.0 -> v2.4.3
peter-evans/create-pull-request	action	patch	v7.0.5 -> v7.0.8
sigstore/cosign-installer	action	patch	v3.8.1 -> v3.8.2
softprops/action-gh-release	action	patch	v2.2.1 -> v2.2.2

---

Warning

Some dependencies could not be looked up. Check the Dependency Dashboard for more information.

---

Release Notes

Checkmarx/kics-github-action (Checkmarx/kics-github-action)

v2.1.14

Compare Source

What's Changed

• Update kics to version 2.1.14 by @​cx-bruno-silva in #​141

Full Changelog: Checkmarx/kics-github-action@v2.1.13...v2.1.14

v2.1.13

Compare Source

What's Changed

• bump kics version to 2-1-13 by @​cx-monica-casanova in #​139

Full Changelog: Checkmarx/kics-github-action@v2.1.12...v2.1.13

v2.1.12

Compare Source

What's Changed

• bumps kics version to 2.1.12 by @​cx-monica-casanova in #​136

Full Changelog: Checkmarx/kics-github-action@v2.1.11...v2.1.12

v2.1.11

Compare Source

What's Changed

• bump kics version to 2.1.11 by @​cx-monica-casanova in #​133

Full Changelog: Checkmarx/kics-github-action@v2.1.10...v2.1.11

v2.1.10

Compare Source

What's Changed

• Update kics to version 2.1.10 by @​cx-bruno-silva in #​132

New Contributors

• @​cx-bruno-silva made their first contribution in #​132

Full Changelog: Checkmarx/kics-github-action@v2.1.9...v2.1.10

v2.1.9

Compare Source

What's Changed

• UpdateKicsVersionTo219 by @​cx-monica-casanova in #​131

Full Changelog: Checkmarx/kics-github-action@v2.1.8...v2.1.9

v2.1.8

Compare Source

What's Changed

• update kics version to 218 by @​cx-monica-casanova in #​129

Full Changelog: Checkmarx/kics-github-action@v2.1.7...v2.1.8

v2.1.7

Compare Source

What's Changed

• Update kics version by @​cx-monica-casanova in #​127

Full Changelog: Checkmarx/kics-github-action@v2.1.6...v2.1.7

v2.1.6

Compare Source

What's Changed

• bump(kics): bump to v2.1.6 by @​cxMiguelSilva in #​125

Full Changelog: Checkmarx/kics-github-action@v2.1.5...v2.1.6

v2.1.5

Compare Source

What's Changed

• Bump kics dockerfile version by @​cx-monicac in #​124

Full Changelog: Checkmarx/kics-github-action@v2.1.4...v2.1.5

v2.1.4

Compare Source

What's Changed

• Update to KICS v2.1.4 by @​cxMiguelSilva in #​123

Full Changelog: Checkmarx/kics-github-action@v2.1.3...v2.1.4

actions/upload-artifact (actions/upload-artifact)

v4.6.2

Compare Source

What's Changed

• Update to use artifact 2.3.2 package & prepare for new upload-artifact release by @​salmanmkc in #​685

New Contributors

• @​salmanmkc made their first contribution in #​685

Full Changelog: actions/upload-artifact@v4...v4.6.2

check-spelling/check-spelling (check-spelling/check-spelling)

v0.0.25: Release 0.0.25

Compare Source

⏩ Upgrading

• 🧪 Test first on a branch 🏷️ by changing your workflow tags/references to this release
• See 🐣 Breaking Changes for how to adapt your workflow
• See 🐛 Known Issues for known issues

🐣 Breaking Changes

• Code Scanning action requires a Code Scanning Ruleset
  If you use SARIF reporting, then instead of the workflow yielding an ❌ when it fails, it will rely on github-advanced-security 🤖 to report the failure. You will need to adjust your checks for PRs.
  • If you are using use_sarif: ... and are using a ruleset, you'll want to change the value to use_sarif: 1 instead of a complicated rule, because otherwise github-advanced-security will only run sometimes and that will make PRs unmergable.
• Dropping support for on: schedule
• Dropping support for whitelist.txt and advice.txt
• Dropping support for out of tree project files
• Dependent actions are referenced by full sha instead of version -- if you're using Allow specified actions and reusable workflows, you will need to add:
  • check-spelling/checkout-merge@46bad523dcb6368efab50ff2729c00443785abca (if you run on: pull_request/on: pull_request_target and use with:/checkout: true)

✨ New Features

• Check submodules using submodules
• Provide instructions for when only_check_changed_files finds unrecognized words (#​86)
• Support unknown_file_word_limit to limit the number of times a path in a filename is reported when using check_file_names
• Suggest checkout: true for new missing-checkout error case
• Suggest ignoring files that trigger single-line-file

Dictionaries

• Fix fallback-dictionary-not-found handling

Hunspell dictionaries

• Fix support for .dic/.aff dictionaries by installing hunspell as needed (#​79 / #​90)
• Ensure that Spanish works (a consumer is using this, so it should work reliably)

Fixes

• macOS: Consistently use check-spelling dictionary instead of looking at the system dictionary (#​84)
• Fix check_for_newline_at_eof for allow.txt (#​81)
• Improve handling of inputs.ignored events
• Fix inputs.debug handling
• Fix merge instructions order
• Fix pattern for validating expect entries
• Fix noisy-file-list handling
• Fix 504 handling for only_check_changed_files when unshallowing
• Restore comment (#) support for expect files
• Include last character in token-is-substring warning

Improvements

• Line ending detection (#​83)
• RSQM handling
• Dictionary download times by skipping delays for 30x redirects
• Excludes paths generation
• Error handling of various components
• Documentation links
• GitHub error detection patterns for when check-spelling has bugs
• Handling of We'd

Messages

• Improve use of `s
  • Remove them from Line for candidate-pattern
  • Add them with better escaping for more user content
• Treat ignored-expect-variant as a warning

SARIF

• Switch to talking to /code-scanning/analysis directly
• Properly encode # in filenames (#​82)
• Stop trying to publish SARIF for commits from other repositories
• Use note severity for no-files-to-check
• Support defaultConfiguration.level when problem.severity is absent
• Add additional fields
• Only include used rules

Candidate patterns

• Suggest using # to suppress candidates (you can do this for forbidden patterns too, but this version won't suggest that)

Apply

• Improve error handling

Summary Tables

• List all present event classes at the top level
• Support cross repository pull requests

Checkout

• Suppress useless message about default branch
• Add failed checkout diagnostics
• Limit checkout credentials (#​91)

Testing

• Replace jd with Test::More::is_deeply
• Improve test suite and test coverage
• Work to consistently order output

Upgrade components

• checkout-merge@​v0.0.7
• gh-program-downloader@​v0.0.4

🐛 Known Issues

• If you use Allow specified actions and reusable workflows, if you run on: pull_request/on: pull_requesrt_target and use with:/checkout: true, you will need to allow check-spelling/checkout-merge@46bad523dcb6368efab50ff2729c00443785abca otherwise you will probably encounter:

  Error: Missing download info for check-spelling/checkout-merge@46bad523dcb6368efab50ff2729c00443785abca
  

• act as of v0.2.77 is not supported with checkout: true (there's a PR to act to fix this)
• check-spelling sometimes (e.g., for slow-file-list) won't correctly suggest disabling check_file_names:, instead, it will suggest excluding a file in /tmp/check-spelling/GITHUB_OWNER/REPOSITORY_NAME/paths-of-checked-files.txt (likely escaped)

Full Changelog

Full Changelog: check-spelling/check-spelling@v0.0.24...v0.0.25

github/codeql-action (github/codeql-action)

v3.28.21

Compare Source

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.28.21 - 28 July 2025

No user facing changes.

See the full CHANGELOG.md for more information.

v3.28.20

Compare Source

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.28.20 - 21 July 2025

• Remove support for combining SARIF files from a single upload for GHES 3.18, see the changelog post. #​2959

See the full CHANGELOG.md for more information.

v3.28.19

Compare Source

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.28.19 - 03 Jun 2025

• The CodeQL Action no longer includes its own copy of the extractor for the actions language, which is currently in public preview.
  The actions extractor has been included in the CodeQL CLI since v2.20.6. If your workflow has enabled the actions language and you have pinned
  your tools: property to a specific version of the CodeQL CLI earlier than v2.20.6, you will need to update to at least CodeQL v2.20.6 or disable
  actions analysis.
• Update default CodeQL bundle version to 2.21.4. #​2910

See the full CHANGELOG.md for more information.

v3.28.18

Compare Source

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.28.18 - 16 May 2025

• Update default CodeQL bundle version to 2.21.3. #​2893
• Skip validating SARIF produced by CodeQL for improved performance. #​2894
• The number of threads and amount of RAM used by CodeQL can now be set via the CODEQL_THREADS and CODEQL_RAM runner environment variables. If set, these environment variables override the threads and ram inputs respectively. #​2891

See the full CHANGELOG.md for more information.

v3.28.17

Compare Source

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.28.17 - 02 May 2025

• Update default CodeQL bundle version to 2.21.2. #​2872

See the full CHANGELOG.md for more information.

v3.28.16

Compare Source

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.28.16 - 23 Apr 2025

• Update default CodeQL bundle version to 2.21.1. #​2863

See the full CHANGELOG.md for more information.

v3.28.15

Compare Source

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.28.15 - 07 Apr 2025

• Fix bug where the action would fail if it tried to produce a debug artifact with more than 65535 files. #​2842

See the full CHANGELOG.md for more information.

v3.28.14

Compare Source

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.28.14 - 07 Apr 2025

• Update default CodeQL bundle version to 2.21.0. #​2838

See the full CHANGELOG.md for more information.

v3.28.13

Compare Source

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.28.13 - 24 Mar 2025

No user facing changes.

See the full CHANGELOG.md for more information.

v3.28.12

Compare Source

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.28.12 - 19 Mar 2025

• Dependency caching should now cache more dependencies for Java build-mode: none extractions. This should speed up workflows and avoid inconsistent alerts in some cases.
• Update default CodeQL bundle version to 2.20.7. #​2810

See the full CHANGELOG.md for more information.

kyverno/action-install-chainsaw (kyverno/action-install-chainsaw)

v0.2.13

Compare Source

What's Changed

• chore(deps): Bump actions/checkout from 4.2.0 to 4.2.2 by @​dependabot[bot] in #​64
• chore(deps): Bump sigstore/cosign-installer from 3.6.0 to 3.7.0 by @​dependabot[bot] in #​62
• chore(deps): Bump actions/setup-go from 5.0.2 to 5.1.0 by @​dependabot[bot] in #​65
• chore(deps): Bump sigstore/cosign-installer from 3.7.0 to 3.8.1 by @​dependabot[bot] in #​71
• chore(deps): Bump actions/setup-go from 5.1.0 to 5.3.0 by @​dependabot[bot] in #​69
• chore(deps): Bump sigstore/cosign-installer from 3.8.1 to 3.9.2 by @​dependabot[bot] in #​74
• chore(deps): Bump actions/checkout from 4.2.2 to 5.0.0 by @​dependabot[bot] in #​75
• chore(deps): Bump actions/setup-go from 5.3.0 to 5.5.0 by @​dependabot[bot] in #​73
• Bump version by @​eddycharly in #​72

Full Changelog: kyverno/action-install-chainsaw@v0.2.12...v0.2.13

v0.2.12

Compare Source

What's Changed

• Bump version by @​eddycharly in #​66

Full Changelog: kyverno/action-install-chainsaw@v0.2.11...v0.2.12

ossf/scorecard-action (ossf/scorecard-action)

v2.4.3

Compare Source

What's Changed

This update bumps the Scorecard version to the v5.3.0 release. For a complete list of changes, please refer to the Scorecard v5.3.0 release notes.

Documentation

• docs: clarify GITHUB_TOKEN permissions needed for private repos by @​pankajtaneja5 in #​1574
• 📖 Fix recommended command to test the image in development by @​deivid-rodriguez in #​1583

Other

• add missing top-level token permissions to workflows by @​timothyklee in #​1566
• setup codeowners for requesting reviews by @​spencerschrock in #​1576
• 🌱 Improve printing options by @​deivid-rodriguez in #​1584

New Contributors

• @​timothyklee made their first contribution in #​1566
• @​pankajtaneja5 made their first contribution in #​1574
• @​deivid-rodriguez made their first contribution in #​1584

Full Changelog: ossf/scorecard-action@v2.4.2...v2.4.3

v2.4.2

Compare Source

What's Changed

This update bumps the Scorecard version to the v5.2.1 release. For a complete list of changes, please refer to the Scorecard v5.2.0 and v5.2.1 release notes.

Full Changelog: ossf/scorecard-action@v2.4.1...v2.4.2

v2.4.1

Compare Source

What's Changed

• This update bumps the Scorecard version to the v5.1.1 release. For a complete list of changes, please refer to the v5.1.0 and v5.1.1 release notes.
• Publishing results now uses half the API quota as before. The exact savings depends on the repository in question.
  • use Scorecard library entrypoint instead of Cobra hooking by @​spencerschrock in #​1423
• Some errors were made into annotations to make them more visible
  • Make default branch error more prominent by @​jsoref in #​1459
• There is now an optional file_mode input which controls how repository files are fetched from GitHub. The default is archive, but git produces the most accurate results for repositories with .gitattributes files at the cost of analysis speed.
  • add input for specifying --file-mode by @​spencerschrock in #​1509
• The underlying container for the action is now hosted on GitHub Container Registry. There should be no functional changes.
  • 🌱 publish docker images to GitHub Container Registry by @​spencerschrock in #​1453

Docs

• Installation docs update by @​JeremiahAHoward in #​1416

New Contributors

• @​JeremiahAHoward made their first contribution in #​1416
• @​jsoref made their first contribution in #​1459
  Full Changelog: ossf/scorecard-action@v2.4.0...v2.4.1

peter-evans/create-pull-request (peter-evans/create-pull-request)

v7.0.8: Create Pull Request v7.0.8

Compare Source

What's Changed

• build(deps-dev): bump ts-jest from 29.2.5 to 29.2.6 by @​dependabot in #​3751
• build(deps-dev): bump eslint-import-resolver-typescript from 3.8.1 to 3.8.3 by @​dependabot in #​3752
• build(deps): bump @​octokit/plugin-paginate-rest from 11.4.2 to 11.4.3 by @​dependabot in #​3753
• build(deps-dev): bump prettier from 3.5.1 to 3.5.2 by @​dependabot in #​3754
• fix: suppress output for some git operations by @​peter-evans in #​3776

Full Changelog: peter-evans/create-pull-request@v7.0.7...v7.0.8

v7.0.7: Create Pull Request v7.0.7

Compare Source

⚙️ Fixes an issue with commit signing where modifications to the same file in multiple commits squash into the first commit.

What's Changed

• build(deps): bump @​octokit/core from 6.1.2 to 6.1.3 by @​dependabot in #​3593
• build(deps-dev): bump @​types/node from 18.19.68 to 18.19.70 by @​dependabot in #​3594
• Update distribution by @​actions-bot in #​3603
• build(deps-dev): bump typescript from 5.7.2 to 5.7.3 by @​dependabot in #​3610
• build(deps): bump octokit dependencies by @​peter-evans in #​3618
• docs: add workflow tip for showing message via workflow command by @​ybiquitous in #​3626
• build(deps-dev): bump eslint-plugin-prettier from 5.2.1 to 5.2.3 by @​dependabot in #​3628
• build(deps): bump node-fetch-native from 1.6.4 to 1.6.6 by @​dependabot in #​3627
• build(deps-dev): bump undici from 6.21.0 to 6.21.1 by @​dependabot in #​3630
• build(deps-dev): bump @​types/node from 18.19.70 to 18.19.71 by @​dependabot in #​3629
• Update distribution by @​actions-bot in #​3647
• build(deps-dev): bump @​types/node from 18.19.71 to 18.19.74 by @​dependabot in #​3657
• build(deps-dev): bump @​types/node from 18.19.74 to 18.19.75 by @​dependabot in #​3663
• build(deps): bump @​octokit/plugin-rest-endpoint-methods from 13.3.0 to 13.3.1 by @​dependabot in #​3670
• build(deps-dev): bump prettier from 3.4.2 to 3.5.0 by @​dependabot in #​3671
• Update distribution by @​actions-bot in #​3680
• build(deps): bump @​octokit/request-error from 6.1.6 to 6.1.7 by @​dependabot in #​3685
• build(deps): bump @​octokit/plugin-paginate-rest from 11.4.0 to 11.4.1 by @​dependabot in #​3688
• build(deps): bump @​octokit/endpoint from 10.1.2 to 10.1.3 by @​dependabot in #​3700
• Update distribution by @​actions-bot in #​3691
• build(deps-dev): bump prettier from 3.5.0 to 3.5.1 by @​dependabot in #​3709
• build(deps-dev): bump eslint-import-resolver-typescript from 3.7.0 to 3.8.1 by @​dependabot in #​3710
• build(deps): bump @​octokit/plugin-paginate-rest from 11.4.1 to 11.4.2 by @​dependabot in #​3713
• build(deps-dev): bump @​types/node from 18.19.75 to 18.19.76 by @​dependabot in #​3712
• build(deps): bump @​octokit/core from 6.1.3 to 6.1.4 by @​dependabot in #​3711
• Update distribution by @​actions-bot in #​3736
• Use showFileAtRefBase64 to read per-commit file contents by @​grahamc in #​3744

New Contributors

• @​ybiquitous made their first contribution in #​3626
• @​grahamc made their first contribution in #​3744

Full Changelog: peter-evans/create-pull-request@v7.0.6...v7.0.7

v7.0.6: Create Pull Request v7.0.6

Compare Source

⚙️ Fixes an issue with commit signing where unicode characters in file paths were not preserved.

What's Changed

• build(deps-dev): bump @​vercel/ncc from 0.38.1 to 0.38.2 by @​dependabot in #​3365
• Update distribution by @​actions-bot in #​3370
• build(deps): bump @​octokit/plugin-rest-endpoint-methods from 13.2.4 to 13.2.5 by @​dependabot in #​3375
• build(deps-dev): bump @​types/node from 18.19.50 to 18.19.54 by @​dependabot in #​3376
• build(deps): bump @​octokit/plugin-paginate-rest from 11.3.3 to 11.3.5 by @​dependabot in #​3377
• Update distribution by @​actions-bot in #​3388
• build(deps-dev): bump @​types/node from 18.19.54 to 18.19.55 by @​dependabot in #​3400
• build(deps): bump @​actions/core from 1.10.1 to 1.11.1 by @​dependabot in #​3401
• build(deps): bump @​octokit/plugin-rest-endpoint-methods from 13.2.5 to 13.2.6 by @​dependabot in #​3403
• build(deps-dev): bump eslint-plugin-import from 2.30.0 to 2.31.0 by @​dependabot in #​3402
• build(deps): bump @​octokit/plugin-throttling from 9.3.1 to 9.3.2 by @​dependabot in #​3404
• Update distribution by @​actions-bot in #​3423
• build(deps-dev): bump typescript from 5.6.2 to 5.6.3 by @​dependabot in #​3441
• build(deps): bump undici from 6.19.8 to 6.20.1 by @​dependabot in #​3442
• Update distribution by @​actions-bot in #​3451
• build(deps-dev): bump @​types/node from 18.19.55 to 18.19.58 by @​dependabot in #​3457
• build(deps-dev): bump @​types/jest from 29.5.13 to 29.5.14 by @​dependabot in #​3462
• build(deps-dev): bump @​types/node from 18.19.58 to 18.19.60 by @​dependabot in #​3463
• chore: don't bundle undici by @​benmccann in #​3475
• Update distribution by @​actions-bot in #​3478
• chore: use node-fetch-native support for proxy env vars by @​peter-evans in #​3483
• build(deps-dev): bump @​types/node from 18.19.60 to 18.19.64 by @​dependabot in #​3488
• build(deps-dev): bump undici from 6.20.1 to 6.21.0 by @​dependabot in #​3499
• build(deps-dev): bump @​vercel/ncc from 0.38.2 to 0.38.3 by @​dependabot in #​3500
• docs: note push-to-repo classic PAT workflow scope requirement by @​scop in #​3511
• docs: spelling fixes by @​scop in #​3512
• build(deps-dev): bump typescript from 5.6.3 to 5.7.2 by @​dependabot in #​3516
• build(deps-dev): bump prettier from 3.3.3 to 3.4.0 by @​dependabot in #​3517
• build(deps-dev): bump @​types/node from 18.19.64 to 18.19.66 by @​dependabot in #​3518
• docs(README): clarify that an existing open PR is managed by @​caugner in #​3498
• Update distribution by @​actions-bot in #​3529
• build(deps): bump @​octokit/plugin-paginate-rest from 11.3.5 to 11.3.6 by @​dependabot in #​3542
• build(deps-dev): bump @​types/node from 18.19.66 to 18.19.67 by @​dependabot in #​3543
• build(deps-dev): bump prettier from 3.4.0 to 3.4.1 by @​dependabot in #​3544
• build(deps-dev): bump eslint-import-resolver-typescript from 3.6.3 to 3.7.0 by @​dependabot in #​3559
• build(deps-dev): bump prettier from 3.4.1 to 3.4.2 by @​dependabot in #​3560
• build(deps-dev): bump @​types/node from 18.19.67 to 18.19.68 by @​dependabot in #​3570
• build(deps): bump p-limit from 6.1.0 to 6.2.0 by @​dependabot in #​3578
• Update distribution by @​actions-bot in #​3583
• fix: preserve unicode in filepaths when commit signing by @​peter-evans in #​3588

New Contributors

• @​benmccann made their first contribution in #​3475
• @​scop made their first contribution in #​3511
• @​caugner made their first contribution in #​3498

Full Changelog: peter-evans/create-pull-request@v7.0.5...v7.0.6

sigstore/cosign-installer (sigstore/cosign-installer)

v3.8.2

Compare Source

What's Changed

• install cosign v2 from main in #​186

Full Changelog: sigstore/cosign-installer@v3...v3.8.2

softprops/action-gh-release (softprops/action-gh-release)

v2.2.2

Compare Source

What's Changed

Bug fixes 🐛

• fix: updating release draft status from true to false by @​galargh in #​316

Other Changes 🔄

• chore: simplify ref_type test by @​steinybot in #​598
• fix(docs): clarify the default for tag_name by @​muzimuzhi in #​599
• test(release): add unit tests when searching for a release by @​rwaskiewicz in #​603
• dependency updates

New Contributors

• @​steinybot made their first contribution in #​598
• @​muzimuzhi made their first contribution in #​599
• @​galargh made their first contribution in #​316
• @​rwaskiewicz made their first contribution in #​603

Full Changelog: softprops/action-gh-release@v2.2.1...v2.2.2

---

Configuration

📅 Schedule: Branch creation - At 12:00 AM through 04:59 AM and 10:00 PM through 11:59 PM, Monday through Friday ( * 0-4,22-23 * * 1-5 ), Only on Sunday and Saturday ( * * * * 0,6 ) in timezone Europe/Vienna, Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 77.34%. Comparing base (40e195d) to head (abc8ccd).

Additional details and impacted files

@@            Coverage Diff             @@
##             main    #3888      +/-   ##
==========================================
- Coverage   77.37%   77.34%   -0.04%     
==========================================
  Files         220      220              
  Lines       11708    11708              
==========================================
- Hits         9059     9055       -4     
- Misses       2281     2284       +3     
- Partials      368      369       +1     

see 1 file with indirect coverage changes

Flag	Coverage Δ
certificate-operator	47.44% <ø> (ø)
component-tests	56.83% <ø> (-0.26%)	⬇️
lifecycle-operator	79.68% <ø> (ø)
metrics-operator	74.93% <ø> (ø)

Flags with carried forward coverage won't be shown. Click here to find out more.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

[sonarqubecloud]

Quality Gate failed

Failed conditions
1 Security Hotspot

See analysis details on SonarQube Cloud

[sonarqubecloud]

Quality Gate failed

Failed conditions
1 Security Hotspot
E Security Rating on New Code (required ≥ A)

See analysis details on SonarQube Cloud

Catch issues before they fail your Quality Gate with our IDE extension SonarQube for IDE