chore(deps): bump EnricoMi/publish-unit-test-result-action/linux from 2.23.0 to 2.24.0

[dependabot]

Bumps EnricoMi/publish-unit-test-result-action/linux from 2.23.0 to 2.24.0.

Release notes

Sourced from EnricoMi/publish-unit-test-result-action/linux's releases.

v2.24.0

Adds the following improvements:

• Fix: use env var indirection for inputs #737
• Upgrading dependencies

Full Changelog: EnricoMi/publish-unit-test-result-action@v2.23.0...v2.24.0

Commits

• d0a4676 Releasing v2.24.0
• 473c3f2 Upgrade GitHub Actions in action.yml files (#776)
• 49f3291 Add Ubuntu 26.04, add arm versions (#775)
• 4ed2544 Bump emibcn/badge-action from 2.0.3 to 2.0.4 (#758)
• f2856f6 Bump docker/metadata-action from 5.10.0 to 6.1.0 (#760)
• 5ec6b13 Bump docker/setup-qemu-action from 3.7.0 to 4.1.0 (#759)
• a199e4e Use env var indirection for Docker action inputs (#737)
• 60b1d8c Bump github/codeql-action from 4.32.4 to 4.36.0 (#757)
• b1d9536 Bump docker/build-push-action from 6.19.2 to 7.2.0 (#756)
• 17f8820 Revert "Create and add workflow to enhance dependabot GHA upgrade PRs (#761)"
• Additional commits viewable in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[github-actions]

Dependency Review

The following issues were found:

• ✅ 0 vulnerable package(s)
• ✅ 0 package(s) with incompatible licenses
• ✅ 0 package(s) with invalid SPDX license definitions
• ⚠️ 14 package(s) with unknown licenses.

See the Details below.

Snapshot Warnings

⚠️: The number of snapshots compared for the base SHA (0) and the head SHA (1) do not match. You may see unexpected additions in the diff.

Re-running this action after a short time may resolve the issue. See the documentation for more information and troubleshooting advice.

License Issues

go.mod

Package	Version	License	Issue Type
github.com/aymanbagabas/go-pty	v0.2.3	Null	Unknown License
github.com/creack/pty	v1.1.24	Null	Unknown License
github.com/davecgh/go-spew	v1.1.1	Null	Unknown License
github.com/hashicorp/go-version	v1.9.0	Null	Unknown License
github.com/otiai10/copy	v1.14.1	Null	Unknown License
github.com/pmezard/go-difflib	v1.0.0	Null	Unknown License
github.com/sirupsen/logrus	v1.9.4	Null	Unknown License
github.com/spf13/cobra	v1.10.2	Null	Unknown License
github.com/spf13/pflag	v1.0.10	Null	Unknown License
github.com/stretchr/testify	v1.11.1	Null	Unknown License
golang.org/x/crypto	v0.52.0	Null	Unknown License
golang.org/x/sys	v0.46.0	Null	Unknown License
golang.org/x/term	v0.44.0	Null	Unknown License
gopkg.in/yaml.v3	v3.0.1	Null	Unknown License

OpenSSF Scorecard

Scorecard details

Package	Version	Score	Details
actions/EnricoMi/publish-unit-test-result-action/linux	d0a4676d0e0b938bc201470d88276b7c74c712b3	🟢 5.9	Details Check Score Reason Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Maintained 🟢 10 20 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 10 Code-Review ⚠️ 1 Found 3/19 approved changesets -- score normalized to 1 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo Security-Policy ⚠️ 0 security policy file not detected Pinned-Dependencies 🟢 7 dependency not pinned by hash detected -- score normalized to 7 Fuzzing ⚠️ 0 project is not fuzzed License 🟢 10 license file detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md Signed-Releases ⚠️ -1 no releases found Packaging 🟢 10 packaging workflow detected SAST 🟢 9 SAST tool detected but not run on all commits
gomod/github.com/aymanbagabas/go-pty	v0.2.3	Unknown	Unknown
gomod/github.com/creack/pty	v1.1.24	Unknown	Unknown
gomod/github.com/davecgh/go-spew	v1.1.1	Unknown	Unknown
gomod/github.com/hashicorp/go-version	v1.9.0	Unknown	Unknown
gomod/github.com/otiai10/copy	v1.14.1	Unknown	Unknown
gomod/github.com/pmezard/go-difflib	v1.0.0	Unknown	Unknown
gomod/github.com/sirupsen/logrus	v1.9.4	Unknown	Unknown
gomod/github.com/spf13/cobra	v1.10.2	Unknown	Unknown
gomod/github.com/spf13/pflag	v1.0.10	Unknown	Unknown
gomod/github.com/stretchr/testify	v1.11.1	Unknown	Unknown
gomod/github.com/u-root/u-root	v0.16.0	🟢 7.7	Details Check Score Reason Code-Review 🟢 10 all changesets reviewed Maintained 🟢 10 30 commit(s) and 2 issue activity found in the last 90 days -- score normalized to 10 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Security-Policy 🟢 4 security policy file detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions CII-Best-Practices ⚠️ 2 badge detected: InProgress License 🟢 10 license file detected Fuzzing 🟢 10 project is fuzzed Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md Binary-Artifacts 🟢 9 binaries present in source code Packaging 🟢 10 packaging workflow detected SAST 🟢 10 SAST tool is run on all commits Pinned-Dependencies 🟢 4 dependency not pinned by hash detected -- score normalized to 4
gomod/golang.org/x/crypto	v0.52.0	Unknown	Unknown
gomod/golang.org/x/sync	v0.18.0	Unknown	Unknown
gomod/golang.org/x/sys	v0.46.0	Unknown	Unknown
gomod/golang.org/x/term	v0.44.0	Unknown	Unknown
gomod/gopkg.in/yaml.v3	v3.0.1	Unknown	Unknown

Scanned Files

• .github/workflows/ci.yml
• go.mod

[qltysh]

Coverage Impact

This PR will not change total coverage.

🚦 See full report on Qlty Cloud »

🛟 Help

• Diff Coverage: Coverage for added or modified lines of code (excludes deleted files). Learn more.

• Total Coverage: Coverage for the whole repository, calculated as the sum of all File Coverage. Learn more.

• File Coverage: Covered Lines divided by Covered Lines plus Missed Lines. (Excludes non-executable lines including blank lines and comments.)

  • Indirect Changes: Changes to File Coverage for files that were not modified in this PR. Learn more.