Bump the github-actions group with 3 updates

[dependabot]

Bumps the github-actions group with 3 updates: actions/checkout, nuget/setup-nuget and codecov/codecov-action.

Updates actions/checkout from 4.3.1 to 6.0.2

Release notes

Sourced from actions/checkout's releases.

v6.0.2

What's Changed

• Add orchestration_id to git user-agent when ACTIONS_ORCHESTRATION_ID is set by @​TingluoHuang in actions/checkout#2355
• Fix tag handling: preserve annotations and explicit fetch-tags by @​ericsciple in actions/checkout#2356

Full Changelog: actions/checkout@v6.0.1...v6.0.2

v6.0.1

What's Changed

• Update all references from v5 and v4 to v6 by @​ericsciple in actions/checkout#2314
• Add worktree support for persist-credentials includeIf by @​ericsciple in actions/checkout#2327
• Clarify v6 README by @​ericsciple in actions/checkout#2328

Full Changelog: actions/checkout@v6...v6.0.1

v6.0.0

What's Changed

• Update README to include Node.js 24 support details and requirements by @​salmanmkc in actions/checkout#2248
• Persist creds to a separate file by @​ericsciple in actions/checkout#2286
• v6-beta by @​ericsciple in actions/checkout#2298
• update readme/changelog for v6 by @​ericsciple in actions/checkout#2311

Full Changelog: actions/checkout@v5.0.0...v6.0.0

v6-beta

What's Changed

Updated persist-credentials to store the credentials under $RUNNER_TEMP instead of directly in the local git config.

This requires a minimum Actions Runner version of v2.329.0 to access the persisted credentials for Docker container action scenarios.

v5.0.1

What's Changed

• Port v6 cleanup to v5 by @​ericsciple in actions/checkout#2301

Full Changelog: actions/checkout@v5...v5.0.1

v5.0.0

What's Changed

• Update actions checkout to use node 24 by @​salmanmkc in actions/checkout#2226
• Prepare v5.0.0 release by @​salmanmkc in actions/checkout#2238

⚠️ Minimum Compatible Runner Version

v2.327.1
Release Notes

... (truncated)

Changelog

Sourced from actions/checkout's changelog.

Changelog

v6.0.2

• Fix tag handling: preserve annotations and explicit fetch-tags by @​ericsciple in actions/checkout#2356

v6.0.1

• Add worktree support for persist-credentials includeIf by @​ericsciple in actions/checkout#2327

v6.0.0

• Persist creds to a separate file by @​ericsciple in actions/checkout#2286
• Update README to include Node.js 24 support details and requirements by @​salmanmkc in actions/checkout#2248

v5.0.1

• Port v6 cleanup to v5 by @​ericsciple in actions/checkout#2301

v5.0.0

• Update actions checkout to use node 24 by @​salmanmkc in actions/checkout#2226

v4.3.1

• Port v6 cleanup to v4 by @​ericsciple in actions/checkout#2305

v4.3.0

• docs: update README.md by @​motss in actions/checkout#1971
• Add internal repos for checking out multiple repositories by @​mouismail in actions/checkout#1977
• Documentation update - add recommended permissions to Readme by @​benwells in actions/checkout#2043
• Adjust positioning of user email note and permissions heading by @​joshmgross in actions/checkout#2044
• Update README.md by @​nebuk89 in actions/checkout#2194
• Update CODEOWNERS for actions by @​TingluoHuang in actions/checkout#2224
• Update package dependencies by @​salmanmkc in actions/checkout#2236

v4.2.2

• url-helper.ts now leverages well-known environment variables by @​jww3 in actions/checkout#1941
• Expand unit test coverage for isGhes by @​jww3 in actions/checkout#1946

v4.2.1

• Check out other refs/* by commit if provided, fall back to ref by @​orhantoy in actions/checkout#1924

v4.2.0

• Add Ref and Commit outputs by @​lucacome in actions/checkout#1180
• Dependency updates by @​dependabot- actions/checkout#1777, actions/checkout#1872

v4.1.7

• Bump the minor-npm-dependencies group across 1 directory with 4 updates by @​dependabot in actions/checkout#1739
• Bump actions/checkout from 3 to 4 by @​dependabot in actions/checkout#1697
• Check out other refs/* by commit by @​orhantoy in actions/checkout#1774
• Pin actions/checkout's own workflows to a known, good, stable version. by @​jww3 in actions/checkout#1776

v4.1.6

• Check platform to set archive extension appropriately by @​cory-miller in actions/checkout#1732

... (truncated)

Commits

• de0fac2 Fix tag handling: preserve annotations and explicit fetch-tags (#2356)
• 064fe7f Add orchestration_id to git user-agent when ACTIONS_ORCHESTRATION_ID is set (...
• 8e8c483 Clarify v6 README (#2328)
• 033fa0d Add worktree support for persist-credentials includeIf (#2327)
• c2d88d3 Update all references from v5 and v4 to v6 (#2314)
• 1af3b93 update readme/changelog for v6 (#2311)
• 71cf226 v6-beta (#2298)
• 069c695 Persist creds to a separate file (#2286)
• ff7abcd Update README to include Node.js 24 support details and requirements (#2248)
• 08c6903 Prepare v5.0.0 release (#2238)
• Additional commits viewable in compare view

Updates nuget/setup-nuget from 2.0.1 to 3.0.0

Release notes

Sourced from nuget/setup-nuget's releases.

v3.0.0

What's Changed

• Migrate action runtime from node20 to node24 by @​Copilot in NuGet/setup-nuget#220
• build(deps): bump picomatch by @​dependabot[bot] in NuGet/setup-nuget#222
• build(deps-dev): bump flatted from 3.3.3 to 3.4.2 by @​dependabot[bot] in NuGet/setup-nuget#221
• build(deps-dev): bump handlebars from 4.7.8 to 4.7.9 by @​dependabot[bot] in NuGet/setup-nuget#223

Full Changelog: NuGet/setup-nuget@v2...v3.0.0

v2.0.2

What's Changed

• build(deps-dev): bump nock from 13.5.5 to 13.5.6 by @​dependabot[bot] in NuGet/setup-nuget#175
• build(deps-dev): bump @​typescript-eslint/parser from 8.0.0 to 8.16.0 by @​dependabot[bot] in NuGet/setup-nuget#176
• build(deps-dev): bump @​vercel/ncc from 0.38.2 to 0.38.3 by @​dependabot[bot] in NuGet/setup-nuget#179
• build(deps-dev): bump eslint-plugin-github from 5.0.1 to 5.1.3 by @​dependabot[bot] in NuGet/setup-nuget#177
• build(deps-dev): bump eslint from 8.57.1 to 9.16.0 by @​dependabot[bot] in NuGet/setup-nuget#178
• build(deps-dev): bump eslint-plugin-jest from 28.8.3 to 28.10.0 by @​dependabot[bot] in NuGet/setup-nuget#180
• build(deps-dev): bump @​typescript-eslint/parser from 8.17.0 to 8.19.0 by @​dependabot[bot] in NuGet/setup-nuget#184
• build(deps-dev): bump typescript from 5.6.3 to 5.7.2 by @​dependabot[bot] in NuGet/setup-nuget#181
• Update dependencies by @​jeffkl in NuGet/setup-nuget#197
• build(deps): bump actions/checkout from 2 to 6 by @​dependabot[bot] in NuGet/setup-nuget#198
• build(deps): bump qs from 6.14.0 to 6.14.1 by @​dependabot[bot] in NuGet/setup-nuget#205
• build(deps-dev): bump jest-circus from 29.7.0 to 30.2.0 by @​dependabot[bot] in NuGet/setup-nuget#204
• build(deps-dev): bump eslint from 9.39.1 to 9.39.2 by @​dependabot[bot] in NuGet/setup-nuget#202
• build(deps-dev): bump eslint-plugin-jest from 28.14.0 to 29.12.0 by @​dependabot[bot] in NuGet/setup-nuget#200
• build(deps): bump github/codeql-action from 1 to 4 by @​dependabot[bot] in NuGet/setup-nuget#199
• build(deps-dev): bump prettier from 3.3.3 to 3.7.4 by @​dependabot[bot] in NuGet/setup-nuget#201
• build(deps-dev): bump nock from 13.5.6 to 14.0.10 by @​dependabot[bot] in NuGet/setup-nuget#203
• build(deps): bump typed-rest-client from 2.1.0 to 2.2.0 by @​dependabot[bot] in NuGet/setup-nuget#206
• build(deps-dev): bump jest and @​types/jest by @​dependabot[bot] in NuGet/setup-nuget#210
• build(deps-dev): bump @​types/node from 22.19.1 to 25.1.0 by @​dependabot[bot] in NuGet/setup-nuget#209
• build(deps-dev): bump @​types/node from 25.2.0 to 25.3.3 by @​dependabot[bot] in NuGet/setup-nuget#213
• build(deps-dev): bump minimatch from 3.1.2 to 3.1.5 by @​dependabot[bot] in NuGet/setup-nuget#212
• build(deps): bump qs from 6.14.1 to 6.14.2 by @​dependabot[bot] in NuGet/setup-nuget#211
• build(deps): bump underscore from 1.13.7 to 1.13.8 by @​dependabot[bot] in NuGet/setup-nuget#217

Full Changelog: NuGet/setup-nuget@v2...v2.0.2

Commits

• 12c5794 Prepare for Release of 3.0.x (#225)
• a069fe8 build(deps-dev): bump handlebars from 4.7.8 to 4.7.9 (#223)
• 008e372 build(deps-dev): bump flatted from 3.3.3 to 3.4.2 (#221)
• 3477a30 build(deps): bump picomatch (#222)
• 9694d5c Migrate action runtime from node20 to node24 (#220)
• d105a94 Update dist (#218)
• 2ea639f build(deps): bump underscore from 1.13.7 to 1.13.8 (#217)
• f60c0c8 build(deps): bump qs from 6.14.1 to 6.14.2 (#211)
• 3208707 build(deps-dev): bump minimatch from 3.1.2 to 3.1.5 (#212)
• d6aba2d build(deps-dev): bump @​types/node from 25.2.0 to 25.3.3 (#213)
• Additional commits viewable in compare view

Updates codecov/codecov-action from 5.5.4 to 6.0.0

Release notes

Sourced from codecov/codecov-action's releases.

v6.0.0

⚠️ This version introduces support for node24 which make cause breaking changes for systems that do not currently support node24. ⚠️

What's Changed

• Revert "Revert "build(deps): bump actions/github-script from 7.0.1 to 8.0.0"" by @​thomasrockhu-codecov in codecov/codecov-action#1929
• Th/6.0.0 by @​thomasrockhu-codecov in codecov/codecov-action#1928

Full Changelog: codecov/codecov-action@v5.5.4...v6.0.0

Changelog

Sourced from codecov/codecov-action's changelog.

v5.5.2

What's Changed

Full Changelog: https://github.com/codecov/codecov-action/compare/v5.5.1..v5.5.2

v5.5.1

What's Changed

• fix: overwrite pr number on fork by @​thomasrockhu-codecov in codecov/codecov-action#1871
• build(deps): bump actions/checkout from 4.2.2 to 5.0.0 by @​app/dependabot in codecov/codecov-action#1868
• build(deps): bump github/codeql-action from 3.29.9 to 3.29.11 by @​app/dependabot in codecov/codecov-action#1867
• fix: update to use local app/ dir by @​thomasrockhu-codecov in codecov/codecov-action#1872
• docs: fix typo in README by @​datalater in codecov/codecov-action#1866
• Document a codecov-cli version reference example by @​webknjaz in codecov/codecov-action#1774
• build(deps): bump github/codeql-action from 3.28.18 to 3.29.9 by @​app/dependabot in codecov/codecov-action#1861
• build(deps): bump ossf/scorecard-action from 2.4.1 to 2.4.2 by @​app/dependabot in codecov/codecov-action#1833

Full Changelog: https://github.com/codecov/codecov-action/compare/v5.5.0..v5.5.1

v5.5.0

What's Changed

• feat: upgrade wrapper to 0.2.4 by @​jviall in codecov/codecov-action#1864
• Pin actions/github-script by Git SHA by @​martincostello in codecov/codecov-action#1859
• fix: check reqs exist by @​joseph-sentry in codecov/codecov-action#1835
• fix: Typo in README by @​spalmurray in codecov/codecov-action#1838
• docs: Refine OIDC docs by @​spalmurray in codecov/codecov-action#1837
• build(deps): bump github/codeql-action from 3.28.17 to 3.28.18 by @​app/dependabot in codecov/codecov-action#1829

Full Changelog: https://github.com/codecov/codecov-action/compare/v5.4.3..v5.5.0

v5.4.3

What's Changed

• build(deps): bump github/codeql-action from 3.28.13 to 3.28.17 by @​app/dependabot in codecov/codecov-action#1822
• fix: OIDC on forks by @​joseph-sentry in codecov/codecov-action#1823

Full Changelog: https://github.com/codecov/codecov-action/compare/v5.4.2..v5.4.3

v5.4.2

... (truncated)

Commits

• 57e3a13 Th/6.0.0 (#1928)
• f67d33d Revert "Revert "build(deps): bump actions/github-script from 7.0.1 to 8.0.0""...
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions