Bump the development-dependencies group across 1 directory with 6 updates

.github/workflows/codeql.yml

@@ -22,7 +22,7 @@ jobs:
     steps:
     -
       name: Checkout repository
-      uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
+      uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
     -
       # Initializes the CodeQL tools for scanning.
       name: Initialize CodeQL

.github/workflows/contributors.yml

@@ -16,7 +16,7 @@ jobs:
     steps:
     -
       name: Checkout repository
-      uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
+      uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
     -
       name: Identify all-time contributors to this repository
       uses: github/contributors@8b7586939baa0af4e801dbd22c88adf6e0db8915 # v1.7.5

.github/workflows/doc-update.yml

@@ -57,7 +57,7 @@
     steps:
     -
       name: Originating repo checkout (e.g. public fork)
-      uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
+      uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
       with:
         ref: ${{ github.event.pull_request.head.sha }}
     -
@@ -85,12 +85,12 @@
     steps:
     -
       name: Originating repo checkout (e.g. public fork)
-      uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
+      uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
       with:
         ref: ${{ github.event.pull_request.head.sha }}
     -
       name: Checkout markdown config
-      uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
+      uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
       with:
         repository: go-openapi/ci-workflows
         ref: master  # TODO: retrieve workflow ref
@@ -156,12 +156,12 @@
       report: ${{ steps.report-exists.outputs.report }}
     steps:
     -
-      uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
+      uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
       with:
         ref: ${{ github.event.pull_request.head.sha }}
     -
       name: Checkout spellcheck config
-      uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
+      uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
       with:
         repository: go-openapi/ci-workflows
         ref: master  # TODO: retrieve workflow ref
@@ -178,7 +178,7 @@
         cp ci-tools/${{ env.spellcheck_dict }} ${{ env.spellcheck_dict }}
     -
       name: Spellcheck
-      uses: rojopolis/spellcheck-github-actions@0.51.0
+      uses: rojopolis/spellcheck-github-actions@0.54.0
       continue-on-error: true
       id: spellcheck
       with:
@@ -261,7 +261,7 @@
          echo "reactions=hooray" >> "$GITHUB_OUTPUT"
     -
       name: Upload comment as artifact
-      uses: actions/upload-artifact@v4
+      uses: actions/upload-artifact@v5
       with:
         path: ${{ env.artifacts_dir }}/${{ env.markdown_artifact }}
         name: ${{ env.markdown_artifact }}
@@ -330,7 +330,7 @@
          echo "> ℹ️ INFO: we use [avtodev/markdown-lint action](https://github.com/avto-dev/markdown-lint)" >> $GITHUB_STEP_SUMMARY
     -
       name: Upload comment as artifact
-      uses: actions/upload-artifact@v4
+      uses: actions/upload-artifact@v5
       with:
         path: ${{ env.artifacts_dir }}/${{ env.markdown_artifact }}
         name: ${{ env.markdown_artifact }}
@@ -398,7 +398,7 @@
          echo "reactions=hooray" >> "$GITHUB_OUTPUT"
     -
       name: Upload comment as artifact
-      uses: actions/upload-artifact@v4
+      uses: actions/upload-artifact@v5
       with:
         path: ${{ env.artifacts_dir }}/${{ env.spellcheck_artifact }}
         name: ${{ env.spellcheck_artifact }}
@@ -491,7 +491,7 @@
       # description: |
       #   Calls a trusted shared workflow that temporarily elevates the caller's privileges
       #   to write a comment in the PR.
-      uses: actions/upload-artifact@v4
+      uses: actions/upload-artifact@v5
       with:
         path: ${{ env.artifacts_dir }}/${{ env.spellcheck_artifact }}
         name: ${{ env.spellcheck_artifact }}

.github/workflows/go-test.yml

@@ -17,7 +17,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       -
-        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
+        uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
       -
         uses: actions/setup-go@44694675825211faa026b3c33043df3e48a5fa00 # v6.0.0
         with:
@@ -44,7 +44,7 @@ jobs:
 
     steps:
       -
-        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
+        uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
       -
         uses: actions/setup-go@44694675825211faa026b3c33043df3e48a5fa00 # v6.0.0
         with:
@@ -96,7 +96,7 @@ jobs:
       CORPUS_MAX_SIZE_MB: 100
     steps:
       -
-        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
+        uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
       -
         uses: actions/setup-go@44694675825211faa026b3c33043df3e48a5fa00 # v6.0.0
         with:
@@ -172,7 +172,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       -
-        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
+        uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
         with:
           ref: ${{ github.event.pull_request.head.ref }}
           repository: ${{ github.event.pull_request.head.repo.full_name }}

.github/workflows/pr-comment.yml

@@ -101,7 +101,7 @@ jobs:
     - name: Download message artifact
       if: ${{ steps.check_pr.outputs.proceed == 'true'}} 
       id: download
-      uses: actions/download-artifact@v5
+      uses: actions/download-artifact@v6
       with:
         run-id: "${{ inputs.run_id }}"
         repository: "${{ env.TARGET }}"
@@ -125,7 +125,7 @@ jobs:
 
     - name: Find previous PR comment
       if: ${{ steps.check_pr.outputs.proceed == 'true'}} 
-      uses: peter-evans/find-comment@v3
+      uses: peter-evans/find-comment@v4
       id: find_comment
       with:
         repository: ${{ inputs.target_repo }}
@@ -136,7 +136,7 @@ jobs:
 
     - name: Create or update PR comment
       if: ${{ steps.check_pr.outputs.proceed == 'true'}} 
-      uses: peter-evans/create-or-update-comment@v4
+      uses: peter-evans/create-or-update-comment@v5
       with:
         issue-number: ${{ inputs.pr_number }}
         comment-id: ${{ steps.find_comment.outputs.comment-id }}

.github/workflows/release.yml

@@ -20,7 +20,7 @@ jobs:
     steps:
       -
         name: Checkout code
-        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
+        uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
         with:
           fetch-depth: 0
       -

.github/workflows/scanner.yml

@@ -24,7 +24,7 @@ jobs:
       security-events: write
     steps:
       -
-        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
+        uses: actions/checkout@93cb6efe18208431cddfb8368fd83d5badbf9bfd # v5.0.1
         with:
           persist-credentials: false
       -