Bump the github-actions group with 4 updates (#4620)

Bumps the github-actions group with 4 updates: [actions/checkout](https://github.com/actions/checkout), [aws-actions/configure-aws-credentials](https://github.com/aws-actions/configure-aws-credentials), [softprops/action-gh-release](https://github.com/softprops/action-gh-release) and [github/codeql-action](https://github.com/github/codeql-action).


Updates `actions/checkout` from 4.1.1 to 4.1.7
- [Release notes](https://github.com/actions/checkout/releases)
- [Commits](https://github.com/actions/checkout/compare/v4.1.1...v4.1.7)

Updates `aws-actions/configure-aws-credentials` from 1 to 4
- [Release notes](https://github.com/aws-actions/configure-aws-credentials/releases)
- [Changelog](https://github.com/aws-actions/configure-aws-credentials/blob/main/CHANGELOG.md)
- [Commits](https://github.com/aws-actions/configure-aws-credentials/compare/v1...v4)

Updates `softprops/action-gh-release` from 2.0.5 to 2.0.6
- [Release notes](https://github.com/softprops/action-gh-release/releases)
- [Changelog](https://github.com/softprops/action-gh-release/blob/master/CHANGELOG.md)
- [Commits](69320dbe05...a74c6b72af)

Updates `github/codeql-action` from 3.25.7 to 3.25.11
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](f079b84933...b611370bb5)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions
- dependency-name: aws-actions/configure-aws-credentials
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions
- dependency-name: softprops/action-gh-release
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions
- dependency-name: github/codeql-action
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

.github/workflows/abi-report.yml

@@ -46,7 +46,7 @@ jobs:
           FILE_DOTSMAIN=$(echo "${{ inputs.file_ref }}" | sed -r "s/([0-9]+)\.([0-9]+)\.([0-9]+).*/\1\.\2\.\3/")
           echo "HDF5R_DOTSMAIN=$FILE_DOTSMAIN" >> $GITHUB_OUTPUT
 
-      - uses: actions/checkout@v4.1.1
+      - uses: actions/checkout@v4.1.7
 
       - name: Get published binary (Linux)
         uses: actions/download-artifact@65a9edc5881444af0b9093a5e628f2fe47ea3b2e # v4.1.7

.github/workflows/aocc-auto.yml

@@ -18,7 +18,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Get Sources
-        uses: actions/checkout@v4.1.1
+        uses: actions/checkout@v4.1.7
 
       - name: Install Dependencies
         shell: bash

.github/workflows/aocc-cmake.yml

@@ -18,7 +18,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Get Sources
-        uses: actions/checkout@v4.1.1
+        uses: actions/checkout@v4.1.7
 
       - name: Install Dependencies
         shell: bash

.github/workflows/clang-format-check.yml

@@ -9,7 +9,7 @@ jobs:
     runs-on: ubuntu-latest
     if: "!contains(github.event.head_commit.message, 'skip-ci')"
     steps:
-    - uses: actions/checkout@v4.1.1
+    - uses: actions/checkout@v4.1.7
     - name: Run clang-format style check for C and Java code
       uses: DoozyX/clang-format-lint-action@v0.13
       with:

.github/workflows/clang-format-fix.yml

@@ -21,7 +21,7 @@ jobs:
     permissions:
         contents: write # In order to allow EndBug/add-and-commit to commit changes
     steps:
-    - uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
+    - uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
     - name: Fix C and Java formatting issues detected by clang-format
       uses: DoozyX/clang-format-lint-action@9ea72631b74e61ce337d0839a90e76180e997283 # v0.13
       with:

.github/workflows/codespell.yml

@@ -10,5 +10,5 @@ jobs:
     name: Check for spelling errors
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4.1.1
+      - uses: actions/checkout@v4.1.7
       - uses: codespell-project/actions-codespell@master

.github/workflows/cve.yml

@@ -28,7 +28,7 @@ jobs:
     name: CVE regression
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4.1.1
+      - uses: actions/checkout@v4.1.7
 
       - name: Install Autotools Dependencies (Linux)
         run: |
@@ -41,7 +41,7 @@ jobs:
           make
           sudo make install
       - name: Checkout CVE test repository
-        uses: actions/checkout@v4.1.1
+        uses: actions/checkout@v4.1.7
         with:
           repository: HDFGroup/cve_hdf5
           path: cve_hdf5

.github/workflows/cygwin-auto.yml

@@ -23,7 +23,7 @@ jobs:
           git config --global core.autocrlf input
 
       - name: Get Sources
-        uses: actions/checkout@v4.1.1
+        uses: actions/checkout@v4.1.7
 
       - name: Install Cygwin
         uses: cygwin/cygwin-install-action@master

.github/workflows/cygwin-cmake.yml

@@ -23,7 +23,7 @@ jobs:
           git config --global core.autocrlf input
 
       - name: Get Sources
-        uses: actions/checkout@v4.1.1
+        uses: actions/checkout@v4.1.7
 
       - name: Install Cygwin
         uses: cygwin/cygwin-install-action@master

.github/workflows/daily-build.yml

@@ -16,7 +16,7 @@ jobs:
       hdf5-name: ${{ steps.gethdf5base.outputs.HDF5_NAME_BASE }}
 
     steps:
-    - uses: actions/checkout@v4.1.1
+    - uses: actions/checkout@v4.1.7
 
     - name: Get hdf5 release base name
       uses: dsaltares/fetch-gh-release-asset@master

.github/workflows/h5py.yml

@@ -14,7 +14,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
     - name: Checkout Spack
-      uses: actions/checkout@v4.1.1
+      uses: actions/checkout@v4.1.7
       with:
         repository: spack/spack
         path: ./spack

.github/workflows/hdfeos5.yml

@@ -28,7 +28,7 @@ jobs:
     name: Build hdfeos5
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4.1.1
+      - uses: actions/checkout@v4.1.7
 
       - name: Install Autotools Dependencies (Linux)
         run: |

.github/workflows/intel-auto.yml

@@ -18,7 +18,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Get Sources
-        uses: actions/checkout@v4.1.1
+        uses: actions/checkout@v4.1.7
 
       - name: Install Dependencies
         shell: bash

.github/workflows/intel-cmake.yml

@@ -18,7 +18,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Get Sources (Linux)
-        uses: actions/checkout@v4.1.1
+        uses: actions/checkout@v4.1.7
 
       - name: Install Dependencies (Linux)
         shell: bash
@@ -76,7 +76,7 @@ jobs:
     runs-on: windows-latest
     steps:
       - name: Get Sources (Windows)
-        uses: actions/checkout@v4.1.1
+        uses: actions/checkout@v4.1.7
 
       - name: Install Dependencies (Windows)
         run: choco install ninja

.github/workflows/main-auto-par-spc.yml

@@ -40,7 +40,7 @@ jobs:
 
       # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
       - name: Get Sources
-        uses: actions/checkout@v4.1.1
+        uses: actions/checkout@v4.1.7
 
       # AUTOTOOLS CONFIGURE
       - name: Autotools Configure
@@ -98,7 +98,7 @@ jobs:
 
       # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
       - name: Get Sources
-        uses: actions/checkout@v4.1.1
+        uses: actions/checkout@v4.1.7
 
       # AUTOTOOLS CONFIGURE
       - name: Autotools Configure

.github/workflows/main-auto-par.yml

@@ -48,7 +48,7 @@ jobs:
 
       # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
       - name: Get Sources
-        uses: actions/checkout@v4.1.1
+        uses: actions/checkout@v4.1.7
 
       # AUTOTOOLS CONFIGURE
       - name: Autotools Configure

.github/workflows/main-auto-spc.yml

@@ -43,7 +43,7 @@ jobs:
 
       # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
       - name: Get Sources
-        uses: actions/checkout@v4.1.1
+        uses: actions/checkout@v4.1.7
 
       # AUTOTOOLS CONFIGURE
       - name: Autotools Configure
@@ -104,7 +104,7 @@ jobs:
 
       # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
       - name: Get Sources
-        uses: actions/checkout@v4.1.1
+        uses: actions/checkout@v4.1.7
 
       # AUTOTOOLS CONFIGURE
       - name: Autotools Configure
@@ -165,7 +165,7 @@ jobs:
 
       # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
       - name: Get Sources
-        uses: actions/checkout@v4.1.1
+        uses: actions/checkout@v4.1.7
 
       # AUTOTOOLS CONFIGURE
       - name: Autotools Configure
@@ -226,7 +226,7 @@ jobs:
 
       # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
       - name: Get Sources
-        uses: actions/checkout@v4.1.1
+        uses: actions/checkout@v4.1.7
 
       # AUTOTOOLS CONFIGURE
       - name: Autotools Configure
@@ -287,7 +287,7 @@ jobs:
 
       # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
       - name: Get Sources
-        uses: actions/checkout@v4.1.1
+        uses: actions/checkout@v4.1.7
 
       # AUTOTOOLS CONFIGURE
       - name: Autotools Configure
@@ -348,7 +348,7 @@ jobs:
 
       # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
       - name: Get Sources
-        uses: actions/checkout@v4.1.1
+        uses: actions/checkout@v4.1.7
 
       # AUTOTOOLS CONFIGURE
       - name: Autotools Configure
@@ -409,7 +409,7 @@ jobs:
 
       # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
       - name: Get Sources
-        uses: actions/checkout@v4.1.1
+        uses: actions/checkout@v4.1.7
 
       # AUTOTOOLS CONFIGURE
       - name: Autotools Configure
@@ -472,7 +472,7 @@ jobs:
 
       # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
       - name: Get Sources
-        uses: actions/checkout@v4.1.1
+        uses: actions/checkout@v4.1.7
 
       # AUTOTOOLS CONFIGURE
       - name: Autotools Configure

.github/workflows/main-auto.yml

@@ -46,7 +46,7 @@ jobs:
 
       # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
       - name: Get Sources
-        uses: actions/checkout@v4.1.1
+        uses: actions/checkout@v4.1.7
 
       - name: Autotools Configure
         run: |

.github/workflows/main-cmake-par.yml

@@ -23,7 +23,7 @@ jobs:
     name: "Parallel GCC-${{ inputs.build_mode }}"
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4.1.1
+      - uses: actions/checkout@v4.1.7
 
       - name: Install Linux Dependencies
         run: |

.github/workflows/main-cmake-spc.yml

@@ -36,7 +36,7 @@ jobs:
  
       # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
       - name: Get Sources
-        uses: actions/checkout@v4.1.1
+        uses: actions/checkout@v4.1.7
 
       #
       # CMAKE CONFIGURE
@@ -96,7 +96,7 @@ jobs:
  
       # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
       - name: Get Sources
-        uses: actions/checkout@v4.1.1
+        uses: actions/checkout@v4.1.7
 
       #
       # CMAKE CONFIGURE
@@ -156,7 +156,7 @@ jobs:
  
       # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
       - name: Get Sources
-        uses: actions/checkout@v4.1.1
+        uses: actions/checkout@v4.1.7
 
       #
       # CMAKE CONFIGURE
@@ -216,7 +216,7 @@ jobs:
 
       # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
       - name: Get Sources
-        uses: actions/checkout@v4.1.1
+        uses: actions/checkout@v4.1.7
 
       #
       # CMAKE CONFIGURE

.github/workflows/main-cmake.yml

@@ -180,7 +180,7 @@ jobs:
 
       # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
       - name: Get Sources
-        uses: actions/checkout@v4.1.1
+        uses: actions/checkout@v4.1.7
 
       #
       # CMAKE CONFIGURE

.github/workflows/msys2-auto.yml

@@ -32,7 +32,7 @@ jobs:
         shell: msys2 {0}
     steps:
       - name: Get Sources
-        uses: actions/checkout@v4.1.1
+        uses: actions/checkout@v4.1.7
 
       - name: '${{ matrix.icon }} Setup MSYS2'
         uses: msys2/setup-msys2@v2

.github/workflows/netcdf.yml

@@ -32,7 +32,7 @@ jobs:
         sudo apt update
         sudo apt install -y libaec-dev zlib1g-dev automake autoconf libcurl4-openssl-dev libjpeg-dev wget curl bzip2 m4 flex bison cmake libzip-dev doxygen openssl libtool libtool-bin
     - name: Checkout HDF5
-      uses: actions/checkout@v4.1.1
+      uses: actions/checkout@v4.1.7
     - name: Install HDF5
       run: |
         ./autogen.sh
@@ -40,7 +40,7 @@ jobs:
         make -j
         sudo make install -j
     - name: Checkout netCDF
-      uses: actions/checkout@v4.1.1
+      uses: actions/checkout@v4.1.7
       with:
         repository: unidata/netcdf-c
         path: netcdf-c

.github/workflows/nvhpc-auto.yml

@@ -18,7 +18,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Get Sources
-        uses: actions/checkout@v4.1.1
+        uses: actions/checkout@v4.1.7
 
       - name: Install Dependencies
         shell: bash

.github/workflows/nvhpc-cmake.yml

@@ -18,7 +18,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Get Sources
-        uses: actions/checkout@v4.1.1
+        uses: actions/checkout@v4.1.7
 
       - name: Install Dependencies
         shell: bash

.github/workflows/publish-release.yml

@@ -21,7 +21,7 @@ jobs:
     steps:
         # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
         - name: Get Sources
-          uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
+          uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
           with:
             fetch-depth: 0
             ref: '${{ github.head_ref || github.ref_name }}'
@@ -36,7 +36,7 @@ jobs:
             file: '${{ inputs.use_hdf }}-*.*'
 
         - name: Setup AWS CLI
-          uses: aws-actions/configure-aws-credentials@v1
+          uses: aws-actions/configure-aws-credentials@v4
           with:
                  aws-access-key-id: ${{ secrets.AWS_ACCESS_KEY_ID }}
                  aws-secret-access-key: ${{ secrets.AWS_SECRET_ACCESS_KEY }}

.github/workflows/release-files.yml

@@ -40,7 +40,7 @@ jobs:
     steps:
       # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
       - name: Get Sources
-        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
         with:
           fetch-depth: 0
           ref: '${{ github.head_ref || github.ref_name }}'
@@ -200,7 +200,7 @@ jobs:
       - name: PreRelease tag
         id: create_prerelease
         if: ${{ (inputs.use_environ == 'snapshots') }}
-        uses: softprops/action-gh-release@69320dbe05506a9a39fc8ae11030b214ec2d1f87 # v2.0.5
+        uses: softprops/action-gh-release@a74c6b72af54cfa997e81df42d94703d6313a2d0 # v2.0.6
         with:
           tag_name: "${{ inputs.use_tag }}"
           prerelease: true
@@ -225,7 +225,7 @@ jobs:
       - name: Release tag
         id: create_release
         if: ${{ (inputs.use_environ == 'release') }}
-        uses: softprops/action-gh-release@69320dbe05506a9a39fc8ae11030b214ec2d1f87 # v2.0.5
+        uses: softprops/action-gh-release@a74c6b72af54cfa997e81df42d94703d6313a2d0 # v2.0.6
         with:
           tag_name: "${{ inputs.use_tag }}"
           prerelease: false

.github/workflows/scorecard.yml

@@ -32,7 +32,7 @@ jobs:
 
     steps:
       - name: "Checkout code"
-        uses: actions/checkout@b4ffde65f46336ab88eb53be808477a3936bae11 # v4.1.1
+        uses: actions/checkout@692973e3d937129bcbf40652eb9f2f61becf3332 # v4.1.7
         with:
           persist-credentials: false
 
@@ -67,6 +67,6 @@ jobs:
 
       # Upload the results to GitHub's code scanning dashboard.
       - name: "Upload to code-scanning"
-        uses: github/codeql-action/upload-sarif@f079b8493333aace61c81488f8bd40919487bd9f # v3.25.7
+        uses: github/codeql-action/upload-sarif@b611370bb5703a7efb587f9d136a52ea24c5c38c # v3.25.11
         with:
           sarif_file: results.sarif

.github/workflows/tarball.yml

@@ -85,7 +85,7 @@ jobs:
     steps:
       # Checks-out your repository under $GITHUB_WORKSPACE, so your job can access it
       - name: Get Sources
-        uses: actions/checkout@v4.1.1
+        uses: actions/checkout@v4.1.7
         with:
           path: hdfsrc
           ref: '${{needs.check_commits.outputs.branch_ref }}'

.github/workflows/testxpr-auto.yml

@@ -35,7 +35,7 @@ jobs:
            echo "FC=gfortran-12" >> $GITHUB_ENV
 
       - name: Get Sources
-        uses: actions/checkout@v4.1.1
+        uses: actions/checkout@v4.1.7
 
       - name: Autotools Configure
         shell: bash

.github/workflows/testxpr-cmake.yml

@@ -34,7 +34,7 @@ jobs:
            echo "FC=gfortran-12" >> $GITHUB_ENV
 
       - name: Get Sources
-        uses: actions/checkout@v4.1.1
+        uses: actions/checkout@v4.1.7
 
       - name: CMake Configure
         shell: bash

.github/workflows/vfd-subfiling.yml

@@ -69,7 +69,7 @@ jobs:
         if: ${{ matrix.os == 'ubuntu-latest' && matrix.mpi_lib == 'MPICH' }}
 
       - name: Checkout HDF5
-        uses: actions/checkout@v4.1.1
+        uses: actions/checkout@v4.1.7
 
       - name: Configure HDF5 with Subfiling VFD (Autotools)
         shell: bash

.github/workflows/vol_adios2.yml

@@ -26,7 +26,7 @@ jobs:
           sudo apt-get install automake autoconf libtool libtool-bin libopenmpi-dev
 
       - name: Checkout HDF5
-        uses: actions/checkout@v4.1.1
+        uses: actions/checkout@v4.1.7
         with:
           repository: HDFGroup/hdf5
           path: hdf5
@@ -73,7 +73,7 @@ jobs:
 
       - if: ${{ steps.cache-adios2.outputs.cache-hit != 'true' }}
         name: Checkout ADIOS2 (${{ env.ADIOS2_COMMIT_SHORT }})
-        uses: actions/checkout@v4.1.1
+        uses: actions/checkout@v4.1.7
         with:
           repository: ornladios/ADIOS2
           ref: ${{ env.ADIOS2_COMMIT }}

.github/workflows/vol_async.yml

@@ -22,13 +22,13 @@ jobs:
           sudo apt-get install automake autoconf libtool libtool-bin libopenmpi-dev
 
       - name: Checkout HDF5
-        uses: actions/checkout@v4.1.1
+        uses: actions/checkout@v4.1.7
         with:
           repository: HDFGroup/hdf5
           path: hdf5
 
       - name: Checkout Argobots
-        uses: actions/checkout@v4.1.1
+        uses: actions/checkout@v4.1.7
         with:
           repository: pmodels/argobots
           path: abt

.github/workflows/vol_cache.yml

@@ -35,13 +35,13 @@ jobs:
           sudo apt-get install automake autoconf libtool libtool-bin libopenmpi-dev
 
       - name: Checkout HDF5
-        uses: actions/checkout@v4.1.1
+        uses: actions/checkout@v4.1.7
         with:
           repository: HDFGroup/hdf5
           path: hdf5
 
       - name: Checkout Argobots
-        uses: actions/checkout@v4.1.1
+        uses: actions/checkout@v4.1.7
         with:
           repository: pmodels/argobots
           path: abt

.github/workflows/vol_ext_passthru.yml

@@ -22,13 +22,13 @@ jobs:
           sudo apt-get install automake autoconf libtool libtool-bin libopenmpi-dev
 
       - name: Checkout HDF5
-        uses: actions/checkout@v4.1.1
+        uses: actions/checkout@v4.1.7
         with:
           repository: HDFGroup/hdf5
           path: hdf5
 
       - name: Checkout vol-external-passthrough
-        uses: actions/checkout@v4.1.1
+        uses: actions/checkout@v4.1.7
         with:
           repository: hpc-io/vol-external-passthrough
           path: vol-external-passthrough

.github/workflows/vol_log.yml

@@ -23,7 +23,7 @@ jobs:
           #mpich
 
       - name: Checkout HDF5
-        uses: actions/checkout@v4.1.1
+        uses: actions/checkout@v4.1.7
         with:
           repository: HDFGroup/hdf5
           path: hdf5
@@ -56,7 +56,7 @@ jobs:
           echo "PATH=${{ runner.workspace }}/hdf5_build/bin:${PATH}" >> $GITHUB_ENV
 
       - name: Checkout Log-based VOL
-        uses: actions/checkout@v4.1.1
+        uses: actions/checkout@v4.1.7
         with:
           repository: HDFGroup/vol-log-based
           path: vol-log-based

.github/workflows/vol_rest.yml

@@ -42,7 +42,7 @@ jobs:
           sudo apt-get install automake autoconf libtool libtool-bin libcurl4-openssl-dev libyajl-dev
 
       - name: Checkout HDF5
-        uses: actions/checkout@v4.1.1
+        uses: actions/checkout@v4.1.7
         with:
           repository: HDFGroup/hdf5
           path: hdf5
@@ -83,7 +83,7 @@ jobs:
           python-version: ${{ matrix.python-version }}
 
       - name: Checkout HSDS
-        uses: actions/checkout@v4.1.1
+        uses: actions/checkout@v4.1.7
         with:
           repository: HDFGroup/hsds
           path: ${{github.workspace}}/hsds