chore(deps): update github-actions - workflows - .github/workflows/ci.yml

[renovate]

This PR contains the following updates:

Package	Type	Update	Change
actions/download-artifact	action	digest	fa0a91b -> cc20338
codecov/codecov-action	action	minor	v5.3.1 -> v5.4.0
cypress-io/github-action	action	patch	v6.7.12 -> v6.7.14

---

Release Notes

codecov/codecov-action (codecov/codecov-action)

v5.4.0

Compare Source

What's Changed

• update wrapper submodule to 0.2.0, add recurse_submodules arg by @​matt-codecov in https://github.com/codecov/codecov-action/pull/1780
• build(deps): bump actions/upload-artifact from 4.6.0 to 4.6.1 by @​app/dependabot in https://github.com/codecov/codecov-action/pull/1775
• build(deps): bump ossf/scorecard-action from 2.4.0 to 2.4.1 by @​app/dependabot in https://github.com/codecov/codecov-action/pull/1776
• build(deps): bump github/codeql-action from 3.28.9 to 3.28.10 by @​app/dependabot in https://github.com/codecov/codecov-action/pull/1777
• Clarify in README that use_pypi bypasses integrity checks too by @​webknjaz in https://github.com/codecov/codecov-action/pull/1773
• Fix use of safe.directory inside containers by @​Flamefire in https://github.com/codecov/codecov-action/pull/1768
• Fix description for report_type input by @​craigscott-crascit in https://github.com/codecov/codecov-action/pull/1770
• build(deps): bump github/codeql-action from 3.28.8 to 3.28.9 by @​app/dependabot in https://github.com/codecov/codecov-action/pull/1765
• Fix a typo in the example by @​miranska in https://github.com/codecov/codecov-action/pull/1758
• build(deps): bump github/codeql-action from 3.28.5 to 3.28.8 by @​app/dependabot in https://github.com/codecov/codecov-action/pull/1757
• build(deps): bump github/codeql-action from 3.28.1 to 3.28.5 by @​app/dependabot in https://github.com/codecov/codecov-action/pull/1753

Full Changelog: https://github.com/codecov/codecov-action/compare/v5.3.1..v5.4.0

cypress-io/github-action (cypress-io/github-action)

v6.7.14

Compare Source

Bug Fixes

• deps: update @​actions/cache to 4.0.2 (#​1380) (9c318d4)

v6.7.13

Compare Source

Bug Fixes

• deps: refresh lockfile dependencies (#​1369) (1052aa9)

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[github-actions]

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

OpenSSF Scorecard

Package	Version	Score	Details
actions/actions/download-artifact	cc203385981b70ca67e1cc392babf9cc229d5806	🟢 5.6	Details Check Score Reason Maintained 🟢 3 4 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 3 Code-Review 🟢 10 all changesets reviewed Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Binary-Artifacts 🟢 10 no binaries found in the repo CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Fuzzing ⚠️ 0 project is not fuzzed Pinned-Dependencies ⚠️ 1 dependency not pinned by hash detected -- score normalized to 1 License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Security-Policy 🟢 9 security policy file detected SAST 🟢 9 SAST tool detected but not run on all commits Vulnerabilities ⚠️ 2 8 existing vulnerabilities detected
actions/codecov/codecov-action	0565863a31f2c772f9f0395002a31e3f06189574	🟢 7.7	Details Check Score Reason Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Maintained 🟢 10 30 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10 Dependency-Update-Tool 🟢 10 update tool detected Code-Review 🟢 9 Found 19/21 approved changesets -- score normalized to 9 Pinned-Dependencies ⚠️ 2 dependency not pinned by hash detected -- score normalized to 2 Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo Packaging ⚠️ -1 packaging workflow not detected Vulnerabilities 🟢 10 0 existing vulnerabilities detected Signed-Releases ⚠️ -1 no releases found CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Fuzzing ⚠️ 0 project is not fuzzed Security-Policy 🟢 10 security policy file detected SAST 🟢 10 SAST tool is run on all commits CI-Tests 🟢 10 28 out of 28 merged PRs checked by a CI test -- score normalized to 10 Contributors 🟢 10 project has 10 contributing companies or organizations
actions/cypress-io/github-action	9c318d4f950c2f0ff2e96fa4dc4279e5706efd8e	🟢 5.8	Details Check Score Reason Maintained 🟢 10 30 commit(s) and 11 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Code-Review 🟢 10 all changesets reviewed Binary-Artifacts 🟢 10 no binaries found in the repo License 🟢 10 license file detected Packaging ⚠️ -1 packaging workflow not detected Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Signed-Releases ⚠️ -1 no releases found Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Security-Policy ⚠️ 0 security policy file not detected Branch-Protection ⚠️ -1 internal error: error during branchesHandler.setup: internal error: githubv4.Query: Resource not accessible by integration Pinned-Dependencies ⚠️ 1 dependency not pinned by hash detected -- score normalized to 1 Fuzzing ⚠️ 0 project is not fuzzed SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0 Vulnerabilities 🟢 9 1 existing vulnerabilities detected

Scanned Files

• .github/workflows/ci.yml

[netlify]

✅ Deploy Preview for endearing-brigadeiros-63f9d0 canceled.

Name	Link
🔨 Latest commit	7b57ebd
🔍 Latest deploy log	https://app.netlify.com/sites/endearing-brigadeiros-63f9d0/deploys/67c592cac9c383000847c7bb

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 63.20%. Comparing base (defcff1) to head (7b57ebd).
Report is 2 commits behind head on main.

Additional details and impacted files

@@           Coverage Diff           @@
##             main     #930   +/-   ##
=======================================
  Coverage   63.20%   63.20%           
=======================================
  Files          47       47           
  Lines        1685     1685           
=======================================
  Hits         1065     1065           
  Misses        620      620           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.