Bump the gh-actions group with 4 updates

[dependabot]

Bumps the gh-actions group with 4 updates: actions/setup-node, actions/upload-artifact, Quantco/ui-actions and softprops/action-gh-release.

Updates actions/setup-node from 4.1.0 to 4.2.0

Release notes

Sourced from actions/setup-node's releases.

v4.2.0

What's Changed

• Enhance workflows and upgrade publish-actions from 0.2.2 to 0.3.0 by @​aparnajyothi-y in actions/setup-node#1174
• Add recommended permissions section to readme by @​benwells in actions/setup-node#1193
• Configure Dependabot settings by @​HarithaVattikuti in actions/setup-node#1192
• Upgrade @actions/cache to ^4.0.0 by @​priyagupta108 in actions/setup-node#1191
• Upgrade pnpm/action-setup from 2 to 4 by @​dependabot in actions/setup-node#1194
• Upgrade actions/publish-immutable-action from 0.0.3 to 0.0.4 by @​dependabot in actions/setup-node#1195
• Upgrade semver from 7.6.0 to 7.6.3 by @​dependabot in actions/setup-node#1196
• Upgrade @​types/jest from 29.5.12 to 29.5.14 by @​dependabot in actions/setup-node#1201
• Upgrade undici from 5.28.4 to 5.28.5 by @​dependabot in actions/setup-node#1205

New Contributors

• @​benwells made their first contribution in actions/setup-node#1193

Full Changelog: actions/setup-node@v4...v4.2.0

Commits

• 1d0ff46 Bump undici from 5.28.4 to 5.28.5 (#1205)
• 574f09a Bump @​types/jest from 29.5.12 to 29.5.14 (#1201)
• 260f870 Bump semver from 7.6.0 to 7.6.3 (#1196)
• 111c4be Bump actions/publish-immutable-action from 0.0.3 to 0.0.4 (#1195)
• 0bc26de Bump pnpm/action-setup from 2 to 4 (#1194)
• 8f9cc17 Use the new cache service: upgrade @actions/cache to ^4.0.0 (#1191)
• 5eef37b Create dependabot.yml (#1192)
• fbeca22 Update README.md (#1193)
• 48b9067 Add macos-13 to the workflows and upgrade publish-actions from 0.2.2 to 0.3.0...
• See full diff in compare view

Updates actions/upload-artifact from 4.5.0 to 4.6.0

Release notes

Sourced from actions/upload-artifact's releases.

v4.6.0

What's Changed

• Expose env vars to control concurrency and timeout by @​yacaovsnc in actions/upload-artifact#662

Full Changelog: actions/upload-artifact@v4...v4.6.0

Commits

• 65c4c4a Merge pull request #662 from actions/yacaovsnc/add_variable_for_concurrency_a...
• 0207619 move files back to satisfy licensed ci
• 1ecca81 licensed cache updates
• 9742269 Expose env vars to controll concurrency and timeout
• See full diff in compare view

Updates Quantco/ui-actions from 1.0.17 to 1.0.18

Commits

• cd71d2a [auto] build version-metadata: update compiled version
• e5e9346 fix command: version extraction not working properly
• See full diff in compare view

Updates softprops/action-gh-release from 2.2.0 to 2.2.1

Release notes

Sourced from softprops/action-gh-release's releases.

v2.2.1

What's Changed

Bug fixes 🐛

• fix: big file uploads by @​xen0n in softprops/action-gh-release#562

Other Changes 🔄

• chore(deps): bump @​types/node from 22.10.1 to 22.10.2 by @​dependabot in softprops/action-gh-release#559
• chore(deps): bump @​types/node from 22.10.2 to 22.10.5 by @​dependabot in softprops/action-gh-release#569
• chore: update error and warning messages for not matching files in files field by @​ytimocin in softprops/action-gh-release#568

New Contributors

• @​ytimocin made their first contribution in softprops/action-gh-release#568

Full Changelog: softprops/action-gh-release@v2.2.0...v2.2.1

Changelog

Sourced from softprops/action-gh-release's changelog.

2.2.1

What's Changed

Bug fixes 🐛

• fix: big file uploads by @​xen0n in softprops/action-gh-release#562

Other Changes 🔄

• chore(deps): bump @​types/node from 22.10.1 to 22.10.2 by @​dependabot in softprops/action-gh-release#559
• chore(deps): bump @​types/node from 22.10.2 to 22.10.5 by @​dependabot in softprops/action-gh-release#569
• chore: update error and warning messages for not matching files in files field by @​ytimocin in softprops/action-gh-release#568

2.2.0

What's Changed

Exciting New Features 🎉

• feat: read the release assets asynchronously by @​xen0n in softprops/action-gh-release#552

Bug fixes 🐛

• fix(docs): clarify the default for tag_name by @​alexeagle in softprops/action-gh-release#544

Other Changes 🔄

• chore(deps): bump typescript from 5.6.3 to 5.7.2 by @​dependabot in softprops/action-gh-release#548
• chore(deps): bump @​types/node from 22.9.0 to 22.9.4 by @​dependabot in softprops/action-gh-release#547
• chore(deps): bump cross-spawn from 7.0.3 to 7.0.6 by @​dependabot in softprops/action-gh-release#545
• chore(deps): bump @​vercel/ncc from 0.38.2 to 0.38.3 by @​dependabot in softprops/action-gh-release#543
• chore(deps): bump prettier from 3.3.3 to 3.4.1 by @​dependabot in softprops/action-gh-release#550
• chore(deps): bump @​types/node from 22.9.4 to 22.10.1 by @​dependabot in softprops/action-gh-release#551
• chore(deps): bump prettier from 3.4.1 to 3.4.2 by @​dependabot in softprops/action-gh-release#554

2.1.0

What's Changed

Exciting New Features 🎉

• feat: add support for release assets with multiple spaces within the name by @​dukhine in softprops/action-gh-release#518
• feat: preserve upload order by @​richarddd in softprops/action-gh-release#500

Other Changes 🔄

• chore(deps): bump @​types/node from 22.8.2 to 22.8.7 by @​dependabot in softprops/action-gh-release#539

2.0.9

• maintenance release with updated dependencies

... (truncated)

Commits

• c95fe14 release 2.2.1
• deddb09 fix: big file uploads (#562)
• 33fcd69 chore: update error and warning messages for not matching files in files fiel...
• 01050bd chore(deps): bump @​types/node from 22.10.2 to 22.10.5 (#569)
• 92dffe6 chore(deps): bump @​types/node from 22.10.1 to 22.10.2 (#559)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions