Bump the development-dependencies group across 1 directory with 8 updates

Bumps the development-dependencies group with 8 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [actions/checkout](https://github.com/actions/checkout) | `5.0.0` | `6.0.0` |
| [github/codeql-action](https://github.com/github/codeql-action) | `4.31.3` | `4.31.4` |
| [rojopolis/spellcheck-github-actions](https://github.com/rojopolis/spellcheck-github-actions) | `0.51.0` | `0.54.0` |
| [actions/upload-artifact](https://github.com/actions/upload-artifact) | `4` | `5` |
| [actions/setup-go](https://github.com/actions/setup-go) | `6.0.0` | `6.1.0` |
| [actions/download-artifact](https://github.com/actions/download-artifact) | `5` | `6` |
| [peter-evans/find-comment](https://github.com/peter-evans/find-comment) | `3` | `4` |
| [peter-evans/create-or-update-comment](https://github.com/peter-evans/create-or-update-comment) | `4` | `5` |



Updates `actions/checkout` from 5.0.0 to 6.0.0
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](actions/checkout@08c6903...1af3b93)

Updates `github/codeql-action` from 4.31.3 to 4.31.4
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](github/codeql-action@014f16e...e12f017)

Updates `rojopolis/spellcheck-github-actions` from 0.51.0 to 0.54.0
- [Release notes](https://github.com/rojopolis/spellcheck-github-actions/releases)
- [Changelog](https://github.com/rojopolis/spellcheck-github-actions/blob/master/CHANGELOG.md)
- [Commits](rojopolis/spellcheck-github-actions@0.51.0...0.54.0)

Updates `actions/upload-artifact` from 4 to 5
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](actions/upload-artifact@v4...v5)

Updates `actions/setup-go` from 6.0.0 to 6.1.0
- [Release notes](https://github.com/actions/setup-go/releases)
- [Commits](actions/setup-go@4469467...4dc6199)

Updates `actions/download-artifact` from 5 to 6
- [Release notes](https://github.com/actions/download-artifact/releases)
- [Commits](actions/download-artifact@v5...v6)

Updates `peter-evans/find-comment` from 3 to 4
- [Release notes](https://github.com/peter-evans/find-comment/releases)
- [Commits](peter-evans/find-comment@v3...v4)

Updates `peter-evans/create-or-update-comment` from 4 to 5
- [Release notes](https://github.com/peter-evans/create-or-update-comment/releases)
- [Commits](peter-evans/create-or-update-comment@v4...v5)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-version: 6.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: development-dependencies
- dependency-name: github/codeql-action
  dependency-version: 4.31.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: development-dependencies
- dependency-name: rojopolis/spellcheck-github-actions
  dependency-version: 0.54.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: development-dependencies
- dependency-name: actions/upload-artifact
  dependency-version: '5'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: development-dependencies
- dependency-name: actions/setup-go
  dependency-version: 6.1.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: development-dependencies
- dependency-name: actions/download-artifact
  dependency-version: '6'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: development-dependencies
- dependency-name: peter-evans/find-comment
  dependency-version: '4'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: development-dependencies
- dependency-name: peter-evans/create-or-update-comment
  dependency-version: '5'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: development-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>

Author: dependabot[bot]

.github/workflows/codeql.yml

@@ -22,13 +22,13 @@ jobs:
     steps:
     -
       name: Checkout repository
-      uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
+      uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
     -
       # Initializes the CodeQL tools for scanning.
       name: Initialize CodeQL
-      uses: github/codeql-action/init@014f16e7ab1402f30e7c3329d33797e7948572db # v4.31.3
+      uses: github/codeql-action/init@e12f0178983d466f2f6028f5cc7a6d786fd97f4b # v4.31.4
       with:
         languages: ${{ matrix.language }}
     -
       name: Analyze ${{ matrix.language }}
-      uses: github/codeql-action/analyze@014f16e7ab1402f30e7c3329d33797e7948572db # v4.31.3
+      uses: github/codeql-action/analyze@e12f0178983d466f2f6028f5cc7a6d786fd97f4b # v4.31.4

.github/workflows/contributors.yml

@@ -16,7 +16,7 @@ jobs:
     steps:
     -
       name: Checkout repository
-      uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
+      uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
     -
       name: Identify all-time contributors to this repository
       uses: github/contributors@8b7586939baa0af4e801dbd22c88adf6e0db8915 # v1.7.5

.github/workflows/doc-update.yml

@@ -57,7 +57,7 @@ jobs:
     steps:
     -
       name: Originating repo checkout (e.g. public fork)
-      uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
+      uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
       with:
         ref: ${{ github.event.pull_request.head.sha }}
     -
@@ -85,12 +85,12 @@ jobs:
     steps:
     -
       name: Originating repo checkout (e.g. public fork)
-      uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
+      uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
       with:
         ref: ${{ github.event.pull_request.head.sha }}
     -
       name: Checkout markdown config
-      uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
+      uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
       with:
         repository: go-openapi/ci-workflows
         ref: master  # TODO: retrieve workflow ref
@@ -156,12 +156,12 @@ jobs:
       report: ${{ steps.report-exists.outputs.report }}
     steps:
     -
-      uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
+      uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
       with:
         ref: ${{ github.event.pull_request.head.sha }}
     -
       name: Checkout spellcheck config
-      uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
+      uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
       with:
         repository: go-openapi/ci-workflows
         ref: master  # TODO: retrieve workflow ref
@@ -178,7 +178,7 @@ jobs:
         cp ci-tools/${{ env.spellcheck_dict }} ${{ env.spellcheck_dict }}
     -
       name: Spellcheck
-      uses: rojopolis/spellcheck-github-actions@0.51.0
+      uses: rojopolis/spellcheck-github-actions@0.54.0
       continue-on-error: true
       id: spellcheck
       with:
@@ -261,7 +261,7 @@ jobs:
          echo "reactions=hooray" >> "$GITHUB_OUTPUT"
     -
       name: Upload comment as artifact
-      uses: actions/upload-artifact@v4
+      uses: actions/upload-artifact@v5
       with:
         path: ${{ env.artifacts_dir }}/${{ env.markdown_artifact }}
         name: ${{ env.markdown_artifact }}
@@ -330,7 +330,7 @@ jobs:
          echo "> ℹ️ INFO: we use [avtodev/markdown-lint action](https://github.com/avto-dev/markdown-lint)" >> $GITHUB_STEP_SUMMARY
     -
       name: Upload comment as artifact
-      uses: actions/upload-artifact@v4
+      uses: actions/upload-artifact@v5
       with:
         path: ${{ env.artifacts_dir }}/${{ env.markdown_artifact }}
         name: ${{ env.markdown_artifact }}
@@ -398,7 +398,7 @@ jobs:
          echo "reactions=hooray" >> "$GITHUB_OUTPUT"
     -
       name: Upload comment as artifact
-      uses: actions/upload-artifact@v4
+      uses: actions/upload-artifact@v5
       with:
         path: ${{ env.artifacts_dir }}/${{ env.spellcheck_artifact }}
         name: ${{ env.spellcheck_artifact }}
@@ -491,7 +491,7 @@ jobs:
       # description: |
       #   Calls a trusted shared workflow that temporarily elevates the caller's privileges
       #   to write a comment in the PR.
-      uses: actions/upload-artifact@v4
+      uses: actions/upload-artifact@v5
       with:
         path: ${{ env.artifacts_dir }}/${{ env.spellcheck_artifact }}
         name: ${{ env.spellcheck_artifact }}

.github/workflows/go-test.yml

@@ -17,9 +17,9 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       -
-        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
+        uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
       -
-        uses: actions/setup-go@44694675825211faa026b3c33043df3e48a5fa00 # v6.0.0
+        uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c # v6.1.0
         with:
           go-version: stable
           check-latest: true
@@ -44,9 +44,9 @@ jobs:
 
     steps:
       -
-        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
+        uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
       -
-        uses: actions/setup-go@44694675825211faa026b3c33043df3e48a5fa00 # v6.0.0
+        uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c # v6.1.0
         with:
           go-version: '${{ matrix.go }}'
           check-latest: true
@@ -96,9 +96,9 @@ jobs:
       CORPUS_MAX_SIZE_MB: 100
     steps:
       -
-        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
+        uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
       -
-        uses: actions/setup-go@44694675825211faa026b3c33043df3e48a5fa00 # v6.0.0
+        uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c # v6.1.0
         with:
           go-version: stable
           check-latest: true
@@ -172,7 +172,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       -
-        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
+        uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
         with:
           ref: ${{ github.event.pull_request.head.ref }}
           repository: ${{ github.event.pull_request.head.repo.full_name }}
@@ -207,7 +207,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       -
-        uses: actions/setup-go@44694675825211faa026b3c33043df3e48a5fa00 # v6.0.0
+        uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c # v6.1.0
         with:
           go-version: stable
           check-latest: true

.github/workflows/pr-comment.yml

@@ -101,7 +101,7 @@ jobs:
     - name: Download message artifact
       if: ${{ steps.check_pr.outputs.proceed == 'true'}} 
       id: download
-      uses: actions/download-artifact@v5
+      uses: actions/download-artifact@v6
       with:
         run-id: "${{ inputs.run_id }}"
         repository: "${{ env.TARGET }}"
@@ -125,7 +125,7 @@ jobs:
 
     - name: Find previous PR comment
       if: ${{ steps.check_pr.outputs.proceed == 'true'}} 
-      uses: peter-evans/find-comment@v3
+      uses: peter-evans/find-comment@v4
       id: find_comment
       with:
         repository: ${{ inputs.target_repo }}
@@ -136,7 +136,7 @@ jobs:
 
     - name: Create or update PR comment
       if: ${{ steps.check_pr.outputs.proceed == 'true'}} 
-      uses: peter-evans/create-or-update-comment@v4
+      uses: peter-evans/create-or-update-comment@v5
       with:
         issue-number: ${{ inputs.pr_number }}
         comment-id: ${{ steps.find_comment.outputs.comment-id }}

.github/workflows/release.yml

@@ -20,7 +20,7 @@ jobs:
     steps:
       -
         name: Checkout code
-        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
+        uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
         with:
           fetch-depth: 0
       -

.github/workflows/scanner.yml

@@ -24,7 +24,7 @@ jobs:
       security-events: write
     steps:
       -
-        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
+        uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
         with:
           persist-credentials: false
       -
@@ -39,7 +39,7 @@ jobs:
           exit-code: 0
       -
         name: Upload trivy findings to code scanning dashboard
-        uses: github/codeql-action/upload-sarif@014f16e7ab1402f30e7c3329d33797e7948572db # v4.31.3
+        uses: github/codeql-action/upload-sarif@e12f0178983d466f2f6028f5cc7a6d786fd97f4b # v4.31.4
         with:
           category: trivy
           sarif_file: trivy-code-report.sarif
@@ -59,7 +59,7 @@ jobs:
           output-file: govulnscan-report.sarif
       -
         name: Upload govulnscan findings to code scanning dashboard
-        uses: github/codeql-action/upload-sarif@014f16e7ab1402f30e7c3329d33797e7948572db # v4.31.3
+        uses: github/codeql-action/upload-sarif@e12f0178983d466f2f6028f5cc7a6d786fd97f4b # v4.31.4
         with:
           category: govulnscan
           sarif_file: govulnscan-report.sarif