chore(deps): update mattermost support dependencies (#55)

[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Type | Update | Change |
|---|---|---|---|
| [actions/checkout](https://togithub.com/actions/checkout) | action |
patch | `v4.1.1` -> `v4.1.4` |
|
[actions/dependency-review-action](https://togithub.com/actions/dependency-review-action)
| action | minor | `v4.2.5` -> `v4.3.1` |
|
[actions/upload-artifact](https://togithub.com/actions/upload-artifact)
| action | patch | `v4.3.1` -> `v4.3.3` |
|
[defenseunicorns/uds-common](https://togithub.com/defenseunicorns/uds-common)
| | minor | `v0.3.11` -> `v0.4.0` |
|
[defenseunicorns/uds-common](https://togithub.com/defenseunicorns/uds-common)
| action | minor | `v0.3.11` -> `v0.4.0` |
| [defenseunicorns/zarf](https://togithub.com/defenseunicorns/zarf) | |
patch | `v0.33.0` -> `v0.33.1` |
| [github/codeql-action](https://togithub.com/github/codeql-action) |
action | patch | `v3.25.0` -> `v3.25.3` |
|
[renovatebot/pre-commit-hooks](https://togithub.com/renovatebot/pre-commit-hooks)
| repository | minor | `37.301.6` -> `37.329.0` |
|
[step-security/harden-runner](https://togithub.com/step-security/harden-runner)
| action | patch | `v2.7.0` -> `v2.7.1` |

Note: The `pre-commit` manager in Renovate is not supported by the
`pre-commit` maintainers or community. Please do not report any problems
there, instead [create a Discussion in the Renovate
repository](https://togithub.com/renovatebot/renovate/discussions/new)
if you have any questions.

---

### Release Notes

<details>
<summary>actions/checkout (actions/checkout)</summary>

###
[`v4.1.4`](https://togithub.com/actions/checkout/blob/HEAD/CHANGELOG.md#v414)

[Compare
Source](https://togithub.com/actions/checkout/compare/v4.1.3...v4.1.4)

- Disable `extensions.worktreeConfig` when disabling `sparse-checkout`
by [@&#8203;jww3](https://togithub.com/jww3) in
[https://github.com/actions/checkout/pull/1692](https://togithub.com/actions/checkout/pull/1692)
- Add dependabot config by
[@&#8203;cory-miller](https://togithub.com/cory-miller) in
[https://github.com/actions/checkout/pull/1688](https://togithub.com/actions/checkout/pull/1688)
- Bump the minor-actions-dependencies group with 2 updates by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/actions/checkout/pull/1693](https://togithub.com/actions/checkout/pull/1693)
- Bump word-wrap from 1.2.3 to 1.2.5 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/actions/checkout/pull/1643](https://togithub.com/actions/checkout/pull/1643)

###
[`v4.1.3`](https://togithub.com/actions/checkout/releases/tag/v4.1.3)

[Compare
Source](https://togithub.com/actions/checkout/compare/v4.1.2...v4.1.3)

#### What's Changed

- Update `actions/checkout` version in `update-main-version.yml` by
[@&#8203;jww3](https://togithub.com/jww3) in
[https://github.com/actions/checkout/pull/1650](https://togithub.com/actions/checkout/pull/1650)
- Check git version before attempting to disable `sparse-checkout` by
[@&#8203;jww3](https://togithub.com/jww3) in
[https://github.com/actions/checkout/pull/1656](https://togithub.com/actions/checkout/pull/1656)
- Add SSH user parameter by
[@&#8203;cory-miller](https://togithub.com/cory-miller) in
[https://github.com/actions/checkout/pull/1685](https://togithub.com/actions/checkout/pull/1685)

**Full Changelog**:
actions/checkout@v4.1.2...v4.1.3

###
[`v4.1.2`](https://togithub.com/actions/checkout/blob/HEAD/CHANGELOG.md#v412)

[Compare
Source](https://togithub.com/actions/checkout/compare/v4.1.1...v4.1.2)

- Fix: Disable sparse checkout whenever `sparse-checkout` option is not
present [@&#8203;dscho](https://togithub.com/dscho) in
[https://github.com/actions/checkout/pull/1598](https://togithub.com/actions/checkout/pull/1598)

</details>

<details>
<summary>actions/dependency-review-action
(actions/dependency-review-action)</summary>

###
[`v4.3.1`](https://togithub.com/actions/dependency-review-action/compare/v4.2.5...v4.3.1)

[Compare
Source](https://togithub.com/actions/dependency-review-action/compare/v4.3.0...v4.3.1)

###
[`v4.3.0`](https://togithub.com/actions/dependency-review-action/releases/tag/v4.3.0)

[Compare
Source](https://togithub.com/actions/dependency-review-action/compare/v4.2.5...v4.3.0)

#### New Features

- The `deny-packages` option can now be used without a version number to
exclude *all* versions of a package.

#### What's Changed

- Fix action variable name for scorecard by
[@&#8203;lukehinds](https://togithub.com/lukehinds) in
[https://github.com/actions/dependency-review-action/pull/735](https://togithub.com/actions/dependency-review-action/pull/735)
- Fix extra https:// in summary by
[@&#8203;jhutchings1](https://togithub.com/jhutchings1) in
[https://github.com/actions/dependency-review-action/pull/748](https://togithub.com/actions/dependency-review-action/pull/748)
- Bump typescript from 5.3.3 to 5.4.5 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/actions/dependency-review-action/pull/744](https://togithub.com/actions/dependency-review-action/pull/744)
- Bump eslint-plugin-github from 4.10.1 to 4.10.2 by
[@&#8203;dependabot](https://togithub.com/dependabot) in
[https://github.com/actions/dependency-review-action/pull/737](https://togithub.com/actions/dependency-review-action/pull/737)
- Show denied packages with red X by
[@&#8203;juxtin](https://togithub.com/juxtin) in
[https://github.com/actions/dependency-review-action/pull/750](https://togithub.com/actions/dependency-review-action/pull/750)
- deny-packages configuration option can deny specified version or all
packages by [@&#8203;febuiles](https://togithub.com/febuiles) and
[@&#8203;bteng22](https://togithub.com/bteng22) in
[https://github.com/actions/dependency-review-action/pull/733](https://togithub.com/actions/dependency-review-action/pull/733)

#### New Contributors

- [@&#8203;bteng22](https://togithub.com/bteng22) made their first
contribution in
[https://github.com/actions/dependency-review-action/pull/733](https://togithub.com/actions/dependency-review-action/pull/733)
- [@&#8203;lukehinds](https://togithub.com/lukehinds) made their first
contribution in
[https://github.com/actions/dependency-review-action/pull/735](https://togithub.com/actions/dependency-review-action/pull/735)

**Full Changelog**:
actions/dependency-review-action@v4.2.5...V4.3.0

</details>

<details>
<summary>actions/upload-artifact (actions/upload-artifact)</summary>

###
[`v4.3.3`](https://togithub.com/actions/upload-artifact/releases/tag/v4.3.3)

[Compare
Source](https://togithub.com/actions/upload-artifact/compare/v4.3.2...v4.3.3)

##### What's Changed

- updating `@actions/artifact` dependency to v2.1.6 by
[@&#8203;eggyhead](https://togithub.com/eggyhead) in
[https://github.com/actions/upload-artifact/pull/565](https://togithub.com/actions/upload-artifact/pull/565)

**Full Changelog**:
actions/upload-artifact@v4.3.2...v4.3.3

###
[`v4.3.2`](https://togithub.com/actions/upload-artifact/releases/tag/v4.3.2)

[Compare
Source](https://togithub.com/actions/upload-artifact/compare/v4.3.1...v4.3.2)

#### What's Changed

- Update release-new-action-version.yml by
[@&#8203;konradpabjan](https://togithub.com/konradpabjan) in
[https://github.com/actions/upload-artifact/pull/516](https://togithub.com/actions/upload-artifact/pull/516)
- Minor fix to the migration readme by
[@&#8203;andrewakim](https://togithub.com/andrewakim) in
[https://github.com/actions/upload-artifact/pull/523](https://togithub.com/actions/upload-artifact/pull/523)
- Update readme with v3/v2/v1 deprecation notice by
[@&#8203;robherley](https://togithub.com/robherley) in
[https://github.com/actions/upload-artifact/pull/561](https://togithub.com/actions/upload-artifact/pull/561)
- updating `@actions/artifact` dependency to v2.1.5 and `@actions/core`
to v1.0.1 by [@&#8203;eggyhead](https://togithub.com/eggyhead) in
[https://github.com/actions/upload-artifact/pull/562](https://togithub.com/actions/upload-artifact/pull/562)

#### New Contributors

- [@&#8203;andrewakim](https://togithub.com/andrewakim) made their first
contribution in
[https://github.com/actions/upload-artifact/pull/523](https://togithub.com/actions/upload-artifact/pull/523)

**Full Changelog**:
actions/upload-artifact@v4.3.1...v4.3.2

</details>

<details>
<summary>defenseunicorns/uds-common
(defenseunicorns/uds-common)</summary>

###
[`v0.4.0`](https://togithub.com/defenseunicorns/uds-common/releases/tag/v0.4.0)

[Compare
Source](https://togithub.com/defenseunicorns/uds-common/compare/v0.3.11...v0.4.0)

##### Features

- adds renovate to sh files
([#&#8203;110](https://togithub.com/defenseunicorns/uds-common/issues/110))
([b604d2e](https://togithub.com/defenseunicorns/uds-common/commit/b604d2e1b3fc69f29122f9a709c605f5ecf4da18))

##### Miscellaneous

- add a default to setup to create an admin keycloak user
([#&#8203;111](https://togithub.com/defenseunicorns/uds-common/issues/111))
([7fe0dd4](https://togithub.com/defenseunicorns/uds-common/commit/7fe0dd49a9b7032f9c06a83c5a1c6adbb17e8d63))
- **deps:** update uds common support dependencies
([#&#8203;106](https://togithub.com/defenseunicorns/uds-common/issues/106))
([ab06724](https://togithub.com/defenseunicorns/uds-common/commit/ab067245249e63065d2c266fe3b1a45b155e9de2))
- fix the extract version template for env vars
([#&#8203;115](https://togithub.com/defenseunicorns/uds-common/issues/115))
([72d5d26](https://togithub.com/defenseunicorns/uds-common/commit/72d5d263ce850eac20728eb9330c7b3e26143a2b))

</details>

<details>
<summary>defenseunicorns/zarf (defenseunicorns/zarf)</summary>

###
[`v0.33.1`](https://togithub.com/defenseunicorns/zarf/releases/tag/v0.33.1)

[Compare
Source](https://togithub.com/defenseunicorns/zarf/compare/v0.33.0...v0.33.1)

#### What's Changed

- fix: add redirect so old zarf base link is compatiable by
[@&#8203;AustinAbro321](https://togithub.com/AustinAbro321) in
[https://github.com/defenseunicorns/zarf/pull/2432](https://togithub.com/defenseunicorns/zarf/pull/2432)
- ci: pin third-party gh actions by hash by
[@&#8203;lucasrod16](https://togithub.com/lucasrod16) in
[https://github.com/defenseunicorns/zarf/pull/2433](https://togithub.com/defenseunicorns/zarf/pull/2433)
- docs: add redirect for examples by
[@&#8203;lucasrod16](https://togithub.com/lucasrod16) in
[https://github.com/defenseunicorns/zarf/pull/2438](https://togithub.com/defenseunicorns/zarf/pull/2438)
- docs: update contributing and pre-commit by
[@&#8203;Noxsios](https://togithub.com/Noxsios) in
[https://github.com/defenseunicorns/zarf/pull/2439](https://togithub.com/defenseunicorns/zarf/pull/2439)
- ci: fix revive image ref in lint workflow by
[@&#8203;lucasrod16](https://togithub.com/lucasrod16) in
[https://github.com/defenseunicorns/zarf/pull/2436](https://togithub.com/defenseunicorns/zarf/pull/2436)
- fix: filter on running pods when finding an image for injector pod by
[@&#8203;lucasrod16](https://togithub.com/lucasrod16) in
[https://github.com/defenseunicorns/zarf/pull/2415](https://togithub.com/defenseunicorns/zarf/pull/2415)
- fix: readme dead links by
[@&#8203;AustinAbro321](https://togithub.com/AustinAbro321) in
[https://github.com/defenseunicorns/zarf/pull/2442](https://togithub.com/defenseunicorns/zarf/pull/2442)
- fix: differential package create with non local sources by
[@&#8203;AustinAbro321](https://togithub.com/AustinAbro321) in
[https://github.com/defenseunicorns/zarf/pull/2444](https://togithub.com/defenseunicorns/zarf/pull/2444)
- refactor: move variables into separate package by
[@&#8203;Racer159](https://togithub.com/Racer159) in
[https://github.com/defenseunicorns/zarf/pull/2414](https://togithub.com/defenseunicorns/zarf/pull/2414)
- ci: add top level workflow permission to commitlint by
[@&#8203;lucasrod16](https://togithub.com/lucasrod16) in
[https://github.com/defenseunicorns/zarf/pull/2449](https://togithub.com/defenseunicorns/zarf/pull/2449)
- ci: remove unused env var from codeql workflow by
[@&#8203;lucasrod16](https://togithub.com/lucasrod16) in
[https://github.com/defenseunicorns/zarf/pull/2450](https://togithub.com/defenseunicorns/zarf/pull/2450)
- chore: cleanup root level files and add SPDX check for Go files by
[@&#8203;Noxsios](https://togithub.com/Noxsios) in
[https://github.com/defenseunicorns/zarf/pull/2431](https://togithub.com/defenseunicorns/zarf/pull/2431)
- feat: config to enable resilient registry by
[@&#8203;Michael-Kruggel](https://togithub.com/Michael-Kruggel) in
[https://github.com/defenseunicorns/zarf/pull/2440](https://togithub.com/defenseunicorns/zarf/pull/2440)
- docs: init package clarity and cleanup by
[@&#8203;AustinAbro321](https://togithub.com/AustinAbro321) in
[https://github.com/defenseunicorns/zarf/pull/2447](https://togithub.com/defenseunicorns/zarf/pull/2447)
- ci: compare cves to main by
[@&#8203;AustinAbro321](https://togithub.com/AustinAbro321) in
[https://github.com/defenseunicorns/zarf/pull/2448](https://togithub.com/defenseunicorns/zarf/pull/2448)
- test: unpin version in bigbang extension test by
[@&#8203;lucasrod16](https://togithub.com/lucasrod16) in
[https://github.com/defenseunicorns/zarf/pull/2459](https://togithub.com/defenseunicorns/zarf/pull/2459)
- fix: broken schema from unexpanded embedded variables by
[@&#8203;AustinAbro321](https://togithub.com/AustinAbro321) in
[https://github.com/defenseunicorns/zarf/pull/2458](https://togithub.com/defenseunicorns/zarf/pull/2458)
- fix: error on create if an index sha is used by
[@&#8203;AustinAbro321](https://togithub.com/AustinAbro321) in
[https://github.com/defenseunicorns/zarf/pull/2429](https://togithub.com/defenseunicorns/zarf/pull/2429)

#### New Contributors

- [@&#8203;Michael-Kruggel](https://togithub.com/Michael-Kruggel) made
their first contribution in
[https://github.com/defenseunicorns/zarf/pull/2440](https://togithub.com/defenseunicorns/zarf/pull/2440)

**Full Changelog**:
zarf-dev/zarf@v0.33.0...v0.33.1

</details>

<details>
<summary>github/codeql-action (github/codeql-action)</summary>

###
[`v3.25.3`](https://togithub.com/github/codeql-action/compare/v3.25.2...v3.25.3)

[Compare
Source](https://togithub.com/github/codeql-action/compare/v3.25.2...v3.25.3)

###
[`v3.25.2`](https://togithub.com/github/codeql-action/compare/v3.25.1...v3.25.2)

[Compare
Source](https://togithub.com/github/codeql-action/compare/v3.25.1...v3.25.2)

###
[`v3.25.1`](https://togithub.com/github/codeql-action/compare/v3.25.0...v3.25.1)

[Compare
Source](https://togithub.com/github/codeql-action/compare/v3.25.0...v3.25.1)

</details>

<details>
<summary>renovatebot/pre-commit-hooks
(renovatebot/pre-commit-hooks)</summary>

###
[`v37.329.0`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.329.0)

[Compare
Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.327.2...37.329.0)

See https://github.com/renovatebot/renovate/releases/tag/37.329.0 for
more changes

###
[`v37.327.2`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.327.2)

[Compare
Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.326.3...37.327.2)

See https://github.com/renovatebot/renovate/releases/tag/37.327.2 for
more changes

###
[`v37.326.3`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.326.3)

[Compare
Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.326.2...37.326.3)

See https://github.com/renovatebot/renovate/releases/tag/37.326.3 for
more changes

###
[`v37.326.2`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.326.2)

[Compare
Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.326.1...37.326.2)

See https://github.com/renovatebot/renovate/releases/tag/37.326.2 for
more changes

###
[`v37.326.1`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.326.1)

[Compare
Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.326.0...37.326.1)

See https://github.com/renovatebot/renovate/releases/tag/37.326.1 for
more changes

###
[`v37.326.0`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.326.0)

[Compare
Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.325.1...37.326.0)

See https://github.com/renovatebot/renovate/releases/tag/37.326.0 for
more changes

###
[`v37.325.1`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.325.1)

[Compare
Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.325.0...37.325.1)

See https://github.com/renovatebot/renovate/releases/tag/37.325.1 for
more changes

###
[`v37.325.0`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.325.0)

[Compare
Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.324.2...37.325.0)

See https://github.com/renovatebot/renovate/releases/tag/37.325.0 for
more changes

###
[`v37.324.2`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.324.2)

[Compare
Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.324.1...37.324.2)

See https://github.com/renovatebot/renovate/releases/tag/37.324.2 for
more changes

###
[`v37.324.1`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.324.1)

[Compare
Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.324.0...37.324.1)

See https://github.com/renovatebot/renovate/releases/tag/37.324.1 for
more changes

###
[`v37.324.0`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.324.0)

[Compare
Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.323.3...37.324.0)

See https://github.com/renovatebot/renovate/releases/tag/37.324.0 for
more changes

###
[`v37.323.3`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.323.3)

[Compare
Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.323.1...37.323.3)

See https://github.com/renovatebot/renovate/releases/tag/37.323.3 for
more changes

###
[`v37.323.1`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.323.1)

[Compare
Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.322.2...37.323.1)

See https://github.com/renovatebot/renovate/releases/tag/37.323.1 for
more changes

###
[`v37.322.2`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.322.2)

[Compare
Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.321.2...37.322.2)

See https://github.com/renovatebot/renovate/releases/tag/37.322.2 for
more changes

###
[`v37.321.2`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.321.2)

[Compare
Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.321.1...37.321.2)

See https://github.com/renovatebot/renovate/releases/tag/37.321.2 for
more changes

###
[`v37.321.1`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.321.1)

[Compare
Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.321.0...37.321.1)

See https://github.com/renovatebot/renovate/releases/tag/37.321.1 for
more changes

###
[`v37.321.0`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.321.0)

[Compare
Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.320.1...37.321.0)

See https://github.com/renovatebot/renovate/releases/tag/37.321.0 for
more changes

###
[`v37.320.1`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.320.1)

[Compare
Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.320.0...37.320.1)

See https://github.com/renovatebot/renovate/releases/tag/37.320.1 for
more changes

###
[`v37.320.0`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.320.0)

[Compare
Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.319.2...37.320.0)

See https://github.com/renovatebot/renovate/releases/tag/37.320.0 for
more changes

###
[`v37.319.2`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.319.2)

[Compare
Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.319.1...37.319.2)

See https://github.com/renovatebot/renovate/releases/tag/37.319.2 for
more changes

###
[`v37.319.1`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.319.1)

[Compare
Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.319.0...37.319.1)

See https://github.com/renovatebot/renovate/releases/tag/37.319.1 for
more changes

###
[`v37.319.0`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.319.0)

[Compare
Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.318.1...37.319.0)

See https://github.com/renovatebot/renovate/releases/tag/37.319.0 for
more changes

###
[`v37.318.1`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.318.1)

[Compare
Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.318.0...37.318.1)

See https://github.com/renovatebot/renovate/releases/tag/37.318.1 for
more changes

###
[`v37.318.0`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.318.0)

[Compare
Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.316.2...37.318.0)

See https://github.com/renovatebot/renovate/releases/tag/37.318.0 for
more changes

###
[`v37.316.2`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.316.2)

[Compare
Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.316.0...37.316.2)

See https://github.com/renovatebot/renovate/releases/tag/37.316.2 for
more changes

###
[`v37.316.0`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.316.0)

[Compare
Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.315.1...37.316.0)

See https://github.com/renovatebot/renovate/releases/tag/37.316.0 for
more changes

###
[`v37.315.1`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.315.1)

[Compare
Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.315.0...37.315.1)

See https://github.com/renovatebot/renovate/releases/tag/37.315.1 for
more changes

###
[`v37.315.0`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.315.0)

[Compare
Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.314.0...37.315.0)

See https://github.com/renovatebot/renovate/releases/tag/37.315.0 for
more changes

###
[`v37.314.0`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.314.0)

[Compare
Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.313.1...37.314.0)

See https://github.com/renovatebot/renovate/releases/tag/37.314.0 for
more changes

###
[`v37.313.1`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.313.1)

[Compare
Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.313.0...37.313.1)

See https://github.com/renovatebot/renovate/releases/tag/37.313.1 for
more changes

###
[`v37.313.0`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.313.0)

[Compare
Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.311.0...37.313.0)

See https://github.com/renovatebot/renovate/releases/tag/37.313.0 for
more changes

###
[`v37.311.0`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.311.0)

[Compare
Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.310.1...37.311.0)

See https://github.com/renovatebot/renovate/releases/tag/37.311.0 for
more changes

###
[`v37.310.1`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.310.1)

[Compare
Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.310.0...37.310.1)

See https://github.com/renovatebot/renovate/releases/tag/37.310.1 for
more changes

###
[`v37.310.0`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.310.0)

[Compare
Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.309.0...37.310.0)

See https://github.com/renovatebot/renovate/releases/tag/37.310.0 for
more changes

###
[`v37.309.0`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.309.0)

[Compare
Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.308.0...37.309.0)

See https://github.com/renovatebot/renovate/releases/tag/37.309.0 for
more changes

###
[`v37.308.0`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.308.0)

[Compare
Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.306.1...37.308.0)

See https://github.com/renovatebot/renovate/releases/tag/37.308.0 for
more changes

###
[`v37.306.1`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.306.1)

[Compare
Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.306.0...37.306.1)

See https://github.com/renovatebot/renovate/releases/tag/37.306.1 for
more changes

###
[`v37.306.0`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.306.0)

[Compare
Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.305.0...37.306.0)

See https://github.com/renovatebot/renovate/releases/tag/37.306.0 for
more changes

###
[`v37.305.0`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.305.0)

[Compare
Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.304.0...37.305.0)

See https://github.com/renovatebot/renovate/releases/tag/37.305.0 for
more changes

###
[`v37.304.0`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.304.0)

[Compare
Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.303.2...37.304.0)

See https://github.com/renovatebot/renovate/releases/tag/37.304.0 for
more changes

###
[`v37.303.2`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.303.2)

[Compare
Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.303.1...37.303.2)

See https://github.com/renovatebot/renovate/releases/tag/37.303.2 for
more changes

###
[`v37.303.1`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.303.1)

[Compare
Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.302.0...37.303.1)

See https://github.com/renovatebot/renovate/releases/tag/37.303.1 for
more changes

###
[`v37.302.0`](https://togithub.com/renovatebot/pre-commit-hooks/releases/tag/37.302.0)

[Compare
Source](https://togithub.com/renovatebot/pre-commit-hooks/compare/37.301.6...37.302.0)

See https://github.com/renovatebot/renovate/releases/tag/37.302.0 for
more changes

</details>

<details>
<summary>step-security/harden-runner
(step-security/harden-runner)</summary>

###
[`v2.7.1`](https://togithub.com/step-security/harden-runner/releases/tag/v2.7.1)

[Compare
Source](https://togithub.com/step-security/harden-runner/compare/v2.7.0...v2.7.1)

##### What's Changed

Release v2.7.1 by
[@&#8203;varunsh-coder](https://togithub.com/varunsh-coder),
[@&#8203;h0x0er](https://togithub.com/h0x0er),
[@&#8203;ashishkurmi](https://togithub.com/ashishkurmi) in
[https://github.com/step-security/harden-runner/pull/397](https://togithub.com/step-security/harden-runner/pull/397)
This release:

- Improves the capability to [inspect outbound HTTPS
traffic](https://www.stepsecurity.io/blog/monitor-outbound-https-requests-from-github-actions-runners)
on GitHub-hosted and self-hosted VM runners
- Updates README to add link to [case study
video](https://www.youtube.com/watch?v=Yz72qAOrN9s) on how Harden-Runner
detected a supply chain attack on a Google open-source project
-   Addresses minor bugs

**Full Changelog**:
step-security/harden-runner@v2.7.0...v2.7.1

</details>

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined),
Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

👻 **Immortal**: This PR will be recreated if closed unmerged. Get
[config help](https://togithub.com/renovatebot/renovate/discussions) if
that's undesired.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View
repository job log
[here](https://developer.mend.io/github/defenseunicorns/uds-package-mattermost).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4zMDEuNCIsInVwZGF0ZWRJblZlciI6IjM3LjMyMS4yIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJzdXBwb3J0LWRlcHMiXX0=-->

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

.github/workflows/codeql.yaml

@@ -29,17 +29,17 @@ jobs:
     steps:
 
       - name: Checkout repository
-        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
+        uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
 
       # Initializes the CodeQL tools for scanning.
       - name: Initialize CodeQL
-        uses: github/codeql-action/init@df5a14dc28094dc936e103b37d749c6628682b60 # v3.25.0
+        uses: github/codeql-action/init@d39d31e687223d841ef683f52467bd88e9b21c14 # v3.25.3
         with:
           languages: ${{ matrix.language }}
       - name: Autobuild
-        uses: github/codeql-action/autobuild@df5a14dc28094dc936e103b37d749c6628682b60 # v3.25.0
+        uses: github/codeql-action/autobuild@d39d31e687223d841ef683f52467bd88e9b21c14 # v3.25.3
 
       - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@df5a14dc28094dc936e103b37d749c6628682b60 # v3.25.0
+        uses: github/codeql-action/analyze@d39d31e687223d841ef683f52467bd88e9b21c14 # v3.25.3
         with:
           category: "/language:${{matrix.language}}"

.github/workflows/commitlint.yaml

@@ -8,4 +8,4 @@ on:
 jobs:
   validate:
     name: Validate
-    uses: defenseunicorns/uds-common/.github/workflows/commitlint.yaml@0a1622c9ff2298722b9e47563236ac56d1a93a56 # v0.3.11
+    uses: defenseunicorns/uds-common/.github/workflows/commitlint.yaml@a6fba9c0084319325d70816a3481aec0979649fa # v0.4.0

.github/workflows/dependencyreview.yaml

@@ -17,11 +17,11 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@63c24ba6bd7ba022e95695ff85de572c04a18142 # v2.7.0
+        uses: step-security/harden-runner@a4aa98b93cab29d9b1101a6143fb8bce00e2eac4 # v2.7.1
         with:
           egress-policy: audit
 
       - name: 'Checkout Repository'
-        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
+        uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
       - name: 'Dependency Review'
-        uses: actions/dependency-review-action@5bbc3ba658137598168acb2ab73b21c432dd411b # v4.2.5
+        uses: actions/dependency-review-action@e58c696e52cac8e62d61cc21fda89565d71505d7 # v4.3.1

.github/workflows/lint.yaml

@@ -15,12 +15,12 @@ jobs:
 
     steps:
       - name: Checkout
-        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
+        uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
         with:
           fetch-depth: 0
 
       - name: Environment setup
-        uses: defenseunicorns/uds-common/.github/actions/setup@0a1622c9ff2298722b9e47563236ac56d1a93a56 # v0.3.11
+        uses: defenseunicorns/uds-common/.github/actions/setup@a6fba9c0084319325d70816a3481aec0979649fa # v0.4.0
         with:
           registry1Username: ${{ secrets.IRON_BANK_ROBOT_USERNAME }}
           registry1Password: ${{ secrets.IRON_BANK_ROBOT_PASSWORD }}

.github/workflows/scorecard.yaml

@@ -22,7 +22,7 @@ jobs:
 
     steps:
       - name: "Checkout code"
-        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
+        uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
         with:
           persist-credentials: false
 
@@ -37,14 +37,14 @@ jobs:
       # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF
       # format to the repository Actions tab.
       - name: "Upload artifact"
-        uses: actions/upload-artifact@5d5d22a31266ced268874388b861e4b58bb5c2f3 # v4.3.1
+        uses: actions/upload-artifact@65462800fd760344b1a7b4382951275a0abb4808 # v4.3.3
         with:
           name: SARIF file
           path: results.sarif
           retention-days: 5
 
       # Upload the results to GitHub's code scanning dashboard.
       - name: "Upload to code-scanning"
-        uses: github/codeql-action/upload-sarif@df5a14dc28094dc936e103b37d749c6628682b60 # v3.25.0
+        uses: github/codeql-action/upload-sarif@d39d31e687223d841ef683f52467bd88e9b21c14 # v3.25.3
         with:
           sarif_file: results.sarif

.github/workflows/tag-and-release.yaml

@@ -36,10 +36,10 @@ jobs:
       packages: write
 
     steps:
-      - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
+      - uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
 
       - name: Environment setup
-        uses: defenseunicorns/uds-common/.github/actions/setup@0a1622c9ff2298722b9e47563236ac56d1a93a56 # v0.3.11
+        uses: defenseunicorns/uds-common/.github/actions/setup@a6fba9c0084319325d70816a3481aec0979649fa # v0.4.0
         with:
           registry1Username: ${{ secrets.IRON_BANK_ROBOT_USERNAME }}
           registry1Password: ${{ secrets.IRON_BANK_ROBOT_PASSWORD }}
@@ -50,6 +50,6 @@ jobs:
 
       - name: Save logs
         if: always()
-        uses: defenseunicorns/uds-common/.github/actions/save-logs@0a1622c9ff2298722b9e47563236ac56d1a93a56 # v0.3.11
+        uses: defenseunicorns/uds-common/.github/actions/save-logs@a6fba9c0084319325d70816a3481aec0979649fa # v0.4.0
         with:
           suffix: ${{ matrix.flavor }}-${{ github.run_id }}-${{ github.run_attempt }}

.github/workflows/test.yaml

@@ -43,23 +43,23 @@ jobs:
 
     steps:
       - name: Checkout repository
-        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
+        uses: actions/checkout@0ad4b8fadaa221de15dcec353f45205ec38ea70b # v4.1.4
 
       - name: Environment setup
-        uses: defenseunicorns/uds-common/.github/actions/setup@0a1622c9ff2298722b9e47563236ac56d1a93a56 # v0.3.11
+        uses: defenseunicorns/uds-common/.github/actions/setup@a6fba9c0084319325d70816a3481aec0979649fa # v0.4.0
         with:
           registry1Username: ${{ secrets.IRON_BANK_ROBOT_USERNAME }}
           registry1Password: ${{ secrets.IRON_BANK_ROBOT_PASSWORD }}
           ghToken: ${{ secrets.GITHUB_TOKEN }}
 
       - name: Test
-        uses: defenseunicorns/uds-common/.github/actions/test@0a1622c9ff2298722b9e47563236ac56d1a93a56 # v0.3.11
+        uses: defenseunicorns/uds-common/.github/actions/test@a6fba9c0084319325d70816a3481aec0979649fa # v0.4.0
         with:
           flavor: ${{ matrix.flavor }}
           type: ${{ matrix.type }}
 
       - name: Save logs
         if: always()
-        uses: defenseunicorns/uds-common/.github/actions/save-logs@0a1622c9ff2298722b9e47563236ac56d1a93a56 # v0.3.11
+        uses: defenseunicorns/uds-common/.github/actions/save-logs@a6fba9c0084319325d70816a3481aec0979649fa # v0.4.0
         with:
           suffix: ${{ matrix.type }}-${{ matrix.flavor }}-${{ github.run_id }}-${{ github.run_attempt }}

.pre-commit-config.yaml

@@ -40,14 +40,14 @@ repos:
         args:
           [
             "--schemafile",
-            "https://raw.githubusercontent.com/defenseunicorns/zarf/v0.33.0/zarf.schema.json",
+            "https://raw.githubusercontent.com/defenseunicorns/zarf/v0.33.1/zarf.schema.json",
             "--no-cache"
           ]
   - repo: https://github.com/golangci/golangci-lint
     rev: v1.57.2
     hooks:
       - id: golangci-lint
   - repo: https://github.com/renovatebot/pre-commit-hooks
-    rev: 37.301.6
+    rev: 37.329.0
     hooks:
       - id: renovate-config-validator

tasks.yaml

@@ -2,11 +2,11 @@ includes:
   - cleanup: ./tasks/cleanup.yaml
   - dependencies: ./tasks/dependencies.yaml
   - test: ./tasks/test.yaml
-  - create: https://raw.githubusercontent.com/defenseunicorns/uds-common/v0.3.11/tasks/create.yaml
-  - lint: https://raw.githubusercontent.com/defenseunicorns/uds-common/v0.3.11/tasks/lint.yaml
-  - pull: https://raw.githubusercontent.com/defenseunicorns/uds-common/v0.3.11/tasks/pull.yaml
-  - deploy: https://raw.githubusercontent.com/defenseunicorns/uds-common/v0.3.11/tasks/deploy.yaml
-  - setup: https://raw.githubusercontent.com/defenseunicorns/uds-common/v0.3.11/tasks/setup.yaml
+  - create: https://raw.githubusercontent.com/defenseunicorns/uds-common/v0.4.0/tasks/create.yaml
+  - lint: https://raw.githubusercontent.com/defenseunicorns/uds-common/v0.4.0/tasks/lint.yaml
+  - pull: https://raw.githubusercontent.com/defenseunicorns/uds-common/v0.4.0/tasks/pull.yaml
+  - deploy: https://raw.githubusercontent.com/defenseunicorns/uds-common/v0.4.0/tasks/deploy.yaml
+  - setup: https://raw.githubusercontent.com/defenseunicorns/uds-common/v0.4.0/tasks/setup.yaml
 
 tasks:
   - name: default

tasks/publish.yaml

@@ -1,6 +1,6 @@
 includes:
-  - create: https://raw.githubusercontent.com/defenseunicorns/uds-common/v0.3.11/tasks/create.yaml
-  - publish: https://raw.githubusercontent.com/defenseunicorns/uds-common/v0.3.11/tasks/publish.yaml
+  - create: https://raw.githubusercontent.com/defenseunicorns/uds-common/v0.4.0/tasks/create.yaml
+  - publish: https://raw.githubusercontent.com/defenseunicorns/uds-common/v0.4.0/tasks/publish.yaml
 
 tasks:
   - name: package