chore(deps): update mikefarah/yq action to v4.48.2

[renovate]

This PR contains the following updates:

Package	Type	Update	Change
mikefarah/yq	action	patch	v4.48.1 -> v4.48.2

---

Release Notes

mikefarah/yq (mikefarah/yq)

v4.48.2

Compare Source

• Strip whitespace when decoding base64 #​2507
  • Upgraded to go-yaml v4! (thanks @​ccoVeille, @​ingydotnet)
  • Add linux/loong64 to release target (thanks @​znley)
  • Added --shell-key-separator flag for customizable shell output format #​2497 (thanks @​rsleedbx)
  • Bumped dependencies

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

[rm3l]

/lgtm

[rhdh-qodo-merge]

You are nearing your monthly Qodo Merge usage quota. For more information, please visit here.

PR Compliance Guide 🔍

Below is a summary of compliance checks for this PR:

Security Compliance
🟢	No security concerns identified No security vulnerabilities detected by AI analysis. Human verification advised for critical code.
Ticket Compliance
⚪	🎫 No ticket provided Create ticket/issue
Codebase Duplication Compliance
🟢	No codebase code duplication found No new components were introduced in the PR code
Custom Compliance
🟢	Generic: Meaningful Naming and Self-Documenting Code Objective: Ensure all identifiers clearly express their purpose and intent, making code self-documenting Status: Passed Learn more about managing compliance generic rules or creating your own custom rules
	Generic: Secure Error Handling Objective: To prevent the leakage of sensitive system information through error messages while providing sufficient detail for internal debugging. Status: Passed Learn more about managing compliance generic rules or creating your own custom rules
	Generic: Secure Logging Practices Objective: To ensure logs are useful for debugging and auditing without exposing sensitive information like PII, PHI, or cardholder data. Status: Passed Learn more about managing compliance generic rules or creating your own custom rules
	Generic: Security-First Input Validation and Data Handling Objective: Ensure all data inputs are validated, sanitized, and handled securely to prevent vulnerabilities Status: Passed Learn more about managing compliance generic rules or creating your own custom rules
⚪	Generic: Comprehensive Audit Trails Objective: To create a detailed and reliable record of critical system actions for security analysis and compliance. Status: Audit coverage: The new steps only update the yq action version and do not add or modify any logging of critical actions, so it is unclear whether audit requirements are met. Referred Code uses: mikefarah/yq@796317b885ae219215caa36e9bdacc87c9962c15 # v4.48.2 with: cmd: yq ".version" charts/${{ steps.command.outputs.chart-name }}/Chart.yaml - uses: actions-ecosystem/action-bump-semver@34e334551143a5301f38c830e44a22273c6ff5c5 # v1 if: steps.command.outputs.command-name == 'bump' id: semver with: current_version: ${{ steps.get_version.outputs.result }} level: ${{ steps.command.outputs.bump-level }} - name: Bump the version if: steps.command.outputs.command-name == 'bump' uses: mikefarah/yq@796317b885ae219215caa36e9bdacc87c9962c15 # v4.48.2 with: cmd: yq -i '.version = "${{ steps.semver.outputs.new_version }}"' charts/${{ steps.command.outputs.chart-name }}/Chart.yaml Learn more about managing compliance generic rules or creating your own custom rules
	Generic: Robust Error Handling and Edge Case Management Objective: Ensure comprehensive error handling that provides meaningful context and graceful degradation Status: Action failures: The newly updated yq action invocations do not include explicit error handling or fallbacks, and it is unclear whether failures are surfaced with actionable context within this workflow. Referred Code uses: mikefarah/yq@796317b885ae219215caa36e9bdacc87c9962c15 # v4.48.2 with: cmd: yq ".version" charts/${{ steps.command.outputs.chart-name }}/Chart.yaml - uses: actions-ecosystem/action-bump-semver@34e334551143a5301f38c830e44a22273c6ff5c5 # v1 if: steps.command.outputs.command-name == 'bump' id: semver with: current_version: ${{ steps.get_version.outputs.result }} level: ${{ steps.command.outputs.bump-level }} - name: Bump the version if: steps.command.outputs.command-name == 'bump' uses: mikefarah/yq@796317b885ae219215caa36e9bdacc87c9962c15 # v4.48.2 with: cmd: yq -i '.version = "${{ steps.semver.outputs.new_version }}"' charts/${{ steps.command.outputs.chart-name }}/Chart.yaml Learn more about managing compliance generic rules or creating your own custom rules

Compliance status legend

🟢 - Fully Compliant
🟡 - Partial Compliant
🔴 - Not Compliant
⚪ - Requires Further Human Verification
🏷️ - Compliance label