Bump the actions-all group across 1 directory with 3 updates

[dependabot]

Bumps the actions-all group with 3 updates in the / directory: actions/checkout, astral-sh/setup-uv and docker/setup-qemu-action.

Updates actions/checkout from 6.0.2 to 6.0.3

Release notes

Sourced from actions/checkout's releases.

v6.0.3

What's Changed

• Update changelog by @​ericsciple in actions/checkout#2357
• fix: expand merge commit SHA regex and add SHA-256 test cases by @​yaananth in actions/checkout#2414
• Fix checkout init for SHA-256 repositories by @​yaananth in actions/checkout#2439
• Update changelog for v6.0.3 by @​yaananth in actions/checkout#2446

New Contributors

• @​yaananth made their first contribution in actions/checkout#2414

Full Changelog: actions/checkout@v6...v6.0.3

Changelog

Sourced from actions/checkout's changelog.

Changelog

v6.0.3

• Fix checkout init for SHA-256 repositories by @​yaananth in actions/checkout#2439
• fix: expand merge commit SHA regex and add SHA-256 test cases by @​yaananth in actions/checkout#2414

v6.0.2

• Fix tag handling: preserve annotations and explicit fetch-tags by @​ericsciple in actions/checkout#2356

v6.0.1

• Add worktree support for persist-credentials includeIf by @​ericsciple in actions/checkout#2327

v6.0.0

• Persist creds to a separate file by @​ericsciple in actions/checkout#2286
• Update README to include Node.js 24 support details and requirements by @​salmanmkc in actions/checkout#2248

v5.0.1

• Port v6 cleanup to v5 by @​ericsciple in actions/checkout#2301

v5.0.0

• Update actions checkout to use node 24 by @​salmanmkc in actions/checkout#2226

v4.3.1

• Port v6 cleanup to v4 by @​ericsciple in actions/checkout#2305

v4.3.0

• docs: update README.md by @​motss in actions/checkout#1971
• Add internal repos for checking out multiple repositories by @​mouismail in actions/checkout#1977
• Documentation update - add recommended permissions to Readme by @​benwells in actions/checkout#2043
• Adjust positioning of user email note and permissions heading by @​joshmgross in actions/checkout#2044
• Update README.md by @​nebuk89 in actions/checkout#2194
• Update CODEOWNERS for actions by @​TingluoHuang in actions/checkout#2224
• Update package dependencies by @​salmanmkc in actions/checkout#2236

v4.2.2

• url-helper.ts now leverages well-known environment variables by @​jww3 in actions/checkout#1941
• Expand unit test coverage for isGhes by @​jww3 in actions/checkout#1946

v4.2.1

• Check out other refs/* by commit if provided, fall back to ref by @​orhantoy in actions/checkout#1924

v4.2.0

• Add Ref and Commit outputs by @​lucacome in actions/checkout#1180
• Dependency updates by @​dependabot- actions/checkout#1777, actions/checkout#1872

v4.1.7

• Bump the minor-npm-dependencies group across 1 directory with 4 updates by @​dependabot in actions/checkout#1739
• Bump actions/checkout from 3 to 4 by @​dependabot in actions/checkout#1697
• Check out other refs/* by commit by @​orhantoy in actions/checkout#1774

... (truncated)

Commits

• df4cb1c Update changelog for v6.0.3 (#2446)
• 1cce339 Fix checkout init for SHA-256 repositories (#2439)
• 900f221 fix: expand merge commit SHA regex and add SHA-256 test cases (#2414)
• 0c366fd Update changelog (#2357)
• See full diff in compare view

Updates astral-sh/setup-uv from 8.1.0 to 8.2.0

Release notes

Sourced from astral-sh/setup-uv's releases.

v8.2.0 🌈 New inputs quiet and download-from-astral-mirror

Changes

This release brings two new inputs and a few bug fixes.

New inputs

Lets talk about the new inputs first.

quiet

Pretty simple. It turns of all info loggings. Useful if you use this in a composite action and are not interested in all the details. In the upcoming releases we will add log groups to fully implement support for "less noise"

[!NOTE]
Warnings and errors are always logged.

download-from-astral-mirror

In some cases you may want to directly use the fallback of checking for available versions and downloading releases from GitHub instead of using the astral.sh mirror. Setting download-from-astral-mirror: false allows you to do that.

Bugfixes

When using the astral.sh mirror to query available versions and download releases (done by default) we now stop sending the GitHub token in the header. The mirror never looked at it but we shouldn't be handing out that data even if it is just a short lived token. All other bugfixes try to limit the impact of failed GitHub queries due to retries and other faults.

We couldn't pinpoint all rootcauses yet but added more logging for error cases to track them down.

🐛 Bug fixes

• fix: report unexpected cache save failures @​eifinger (#896)
• fix: report unexpected setup failures @​eifinger (#895)
• fix: add timeout to fetch to prevent silent hangs @​eifinger-bot (#883)
• Limit GitHub tokens to github.com download URLs @​zsol (#878)
• increase libuv-workaround timeout to 100ms @​eifinger (#880)

🚀 Enhancements

• Add quiet input to suppress info-level log output @​eifinger (#898)
• feat: add download-from-astral-mirror input @​eifinger (#897)

🧰 Maintenance

• docs: update dependabot rollup biome guidance @​eifinger (#902)
• chore: update known checksums for 0.11.18 @github-actions[bot] (#899)
• chore: update known checksums for 0.11.17 @github-actions[bot] (#892)
• chore: update known checksums for 0.11.16 @github-actions[bot] (#889)
• chore: update known checksums for 0.11.15 @github-actions[bot] (#885)
• chore: update known checksums for 0.11.14 @github-actions[bot] (#879)
• chore: update known checksums for 0.11.13 @github-actions[bot] (#877)

... (truncated)

Commits

• fac544c chore(deps): roll up dependabot updates (#903)
• 7390f77 docs: update dependabot rollup biome guidance (#902)
• 363c64a chore(deps): roll up dependabot updates (#901)
• c4fcbaf chore(deps): bump release-drafter/release-drafter from 7.3.0 to 7.3.1 (#900)
• 8e642c5 chore: update known checksums for 0.11.18 (#899)
• a92cb43 Add quiet input to suppress info-level log output (#898)
• e07f2ac chore(deps): bump eifinger/actionlint-action from 1.10.1 to 1.10.2 (#842)
• bc4034e chore(deps): bump github/codeql-action from 4.35.4 to 4.36.0 (#893)
• df42d4f chore(deps): bump zizmorcore/zizmor-action from 0.5.5 to 0.5.6 (#891)
• b9c8c4c feat: add download-from-astral-mirror input (#897)
• Additional commits viewable in compare view

Updates docker/setup-qemu-action from 4.0.0 to 4.1.0

Release notes

Sourced from docker/setup-qemu-action's releases.

v4.1.0

• Add reset input to uninstall current emulators by @​crazy-max in docker/setup-qemu-action#21
• Bump @​docker/actions-toolkit from 0.77.0 to 0.91.0 in docker/setup-qemu-action#250 docker/setup-qemu-action#247
• Bump brace-expansion from 1.1.12 to 1.1.15 in docker/setup-qemu-action#265
• Bump fast-xml-builder from 1.0.0 to 1.2.0 in docker/setup-qemu-action#286
• Bump fast-xml-parser from 5.4.2 to 5.8.0 in docker/setup-qemu-action#255
• Bump flatted from 3.3.3 to 3.4.2 in docker/setup-qemu-action#257
• Bump glob from 10.3.15 to 10.5.0 in docker/setup-qemu-action#254
• Bump handlebars from 4.7.8 to 4.7.9 in docker/setup-qemu-action#262
• Bump lodash from 4.17.23 to 4.18.1 in docker/setup-qemu-action#273
• Bump postcss from 8.5.6 to 8.5.10 in docker/setup-qemu-action#285
• Bump tar from 6.2.1 to 7.5.15 in docker/setup-qemu-action#287
• Bump tmp from 0.2.5 to 0.2.6 in docker/setup-qemu-action#291
• Bump undici from 6.23.0 to 6.26.0 in docker/setup-qemu-action#251
• Bump vite from 7.3.1 to 7.3.2 in docker/setup-qemu-action#271

Full Changelog: docker/setup-qemu-action@v4.0.0...v4.1.0

Commits

• 0611638 Merge pull request #21 from crazy-max/uninst
• ce59c81 chore: update generated content
• 2ddad44 uninstall current emulators
• 8c37cd6 Merge pull request #250 from docker/dependabot/npm_and_yarn/docker/actions-to...
• d1a0ff3 chore: update generated content
• 0a8f3dc build(deps): bump @​docker/actions-toolkit from 0.79.0 to 0.91.0
• 9430f61 Merge pull request #291 from docker/dependabot/npm_and_yarn/tmp-0.2.6
• 978bd77 chore: update generated content
• 3479feb build(deps): bump tmp from 0.2.5 to 0.2.6
• b113c26 Merge pull request #255 from docker/dependabot/npm_and_yarn/fast-xml-parser-5...
• Additional commits viewable in compare view