)]}'
{
  "commit": "ca158037082060bb6f59569fb9ef52b134a4e213",
  "tree": "ac8a24e1abe3f645d9922e0f42c8f494e8a6f028",
  "parents": [
    "6e18f554ac04664c9efe1d177b5709d246fc608a"
  ],
  "author": {
    "name": "dependabot[bot]",
    "email": "49699333+dependabot[bot]@users.noreply.github.com",
    "time": "Mon Sep 02 09:36:12 2024 +0000"
  },
  "committer": {
    "name": "GitHub",
    "email": "noreply@github.com",
    "time": "Mon Sep 02 09:36:12 2024 +0000"
  },
  "message": "Bump actions/upload-artifact from 4.3.6 to 4.4.0 (#893)\n\nBumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 4.3.6 to 4.4.0.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href\u003d\"https://github.com/actions/upload-artifact/releases\"\u003eactions/upload-artifact\u0027s releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.4.0\u003c/h2\u003e\n\u003ch2\u003eNotice: Breaking Changes :warning:\u003c/h2\u003e\n\u003cp\u003eWe will no longer include hidden files and folders by default in the \u003ccode\u003eupload-artifact\u003c/code\u003e action of this version. This reduces the risk that credentials are accidentally uploaded into artifacts. Customers who need to continue to upload these files can use a new option, \u003ccode\u003einclude-hidden-files\u003c/code\u003e, to continue to do so.\u003c/p\u003e\n\u003cp\u003eSee \u003ca href\u003d\"https://github.blog/changelog/2024-08-19-notice-of-upcoming-deprecations-and-breaking-changes-in-github-actions-runners/\"\u003e\u0026quot;Notice of upcoming deprecations and breaking changes in GitHub Actions runners\u0026quot;\u003c/a\u003e changelog and \u003ca href\u003d\"https://redirect.github.com/actions/upload-artifact/issues/602\"\u003ethis issue\u003c/a\u003e for more details.\u003c/p\u003e\n\u003ch2\u003eWhat\u0027s Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eExclude hidden files by default by \u003ca href\u003d\"https://github.com/joshmgross\"\u003e\u003ccode\u003e@​joshmgross\u003c/code\u003e\u003c/a\u003e in \u003ca href\u003d\"https://redirect.github.com/actions/upload-artifact/pull/598\"\u003eactions/upload-artifact#598\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href\u003d\"https://github.com/actions/upload-artifact/compare/v4.3.6...v4.4.0\"\u003ehttps://github.com/actions/upload-artifact/compare/v4.3.6...v4.4.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/actions/upload-artifact/commit/50769540e7f4bd5e21e526ee35c689e35e0d6874\"\u003e\u003ccode\u003e5076954\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href\u003d\"https://redirect.github.com/actions/upload-artifact/issues/598\"\u003e#598\u003c/a\u003e from actions/joshmgross/exclude-hidden-files\u003c/li\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/actions/upload-artifact/commit/d52396ac5d312b1bda1b9fe2ae55d862c65abd68\"\u003e\u003ccode\u003ed52396a\u003c/code\u003e\u003c/a\u003e Add a warning about enabling \u003ccode\u003einclude-hidden-files\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/actions/upload-artifact/commit/710f36207581d49e465ccbed3e007c317290fe11\"\u003e\u003ccode\u003e710f362\u003c/code\u003e\u003c/a\u003e Remove \u0026quot;merged\u0026quot; from \u003ccode\u003einclude-hidden-files\u003c/code\u003e input description\u003c/li\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/actions/upload-artifact/commit/3b315f26f6f828f74089e1863e67e60e48e37563\"\u003e\u003ccode\u003e3b315f2\u003c/code\u003e\u003c/a\u003e \u003ccode\u003enpm run release\u003c/code\u003e again 🙂\u003c/li\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/actions/upload-artifact/commit/3be2180eb79b56341b1b127ca06a5adba2a5a3e4\"\u003e\u003ccode\u003e3be2180\u003c/code\u003e\u003c/a\u003e Remove another trailing comma\u003c/li\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/actions/upload-artifact/commit/453e8d0a40444939146df5febed0b1221b9dd073\"\u003e\u003ccode\u003e453e8d0\u003c/code\u003e\u003c/a\u003e Update glob license\u003c/li\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/actions/upload-artifact/commit/0a398c14804ead69f18a166f0a99f91239261ee5\"\u003e\u003ccode\u003e0a398c1\u003c/code\u003e\u003c/a\u003e \u003ccode\u003enpm run release\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/actions/upload-artifact/commit/a0c40cf60283f329afac2bc0fa77f1a59fa11e6e\"\u003e\u003ccode\u003ea0c40cf\u003c/code\u003e\u003c/a\u003e Update to latest \u003ccode\u003e@actions/glob\u003c/code\u003e and fix tests\u003c/li\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/actions/upload-artifact/commit/acb59e47763b6e601a344d04cf3c082ee336b709\"\u003e\u003ccode\u003eacb59e4\u003c/code\u003e\u003c/a\u003e \u003ccode\u003elint\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href\u003d\"https://github.com/actions/upload-artifact/commit/cb6558bb10fe4afe4054d0be4b3136e673eb5e7f\"\u003e\u003ccode\u003ecb6558b\u003c/code\u003e\u003c/a\u003e Exclude hidden files by default\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href\u003d\"https://github.com/actions/upload-artifact/compare/834a144ee995460fba8ed112a2fc961b36a5ec5a...50769540e7f4bd5e21e526ee35c689e35e0d6874\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name\u003dactions/upload-artifact\u0026package-manager\u003dgithub_actions\u0026previous-version\u003d4.3.6\u0026new-version\u003d4.4.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don\u0027t alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot merge` will merge this PR after your CI passes on it\n- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it\n- `@dependabot cancel merge` will cancel a previously requested merge and block automerging\n- `@dependabot reopen` will reopen this PR if it is closed\n- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\u003c/details\u003e",
  "tree_diff": [
    {
      "type": "modify",
      "old_id": "3dd772266fb31ba55a1def15771670aed300791c",
      "old_mode": 33188,
      "old_path": ".github/workflows/scorecards-analysis.yml",
      "new_id": "faf55703fb71385b75c1c86262aad5e76c951220",
      "new_mode": 33188,
      "new_path": ".github/workflows/scorecards-analysis.yml"
    }
  ]
}