Bump actions/cache from 3.3.1 to 4.2.0 (#2110)

Bumps [actions/cache](https://github.com/actions/cache) from 3.3.1 to
4.2.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/cache/releases">actions/cache's
releases</a>.</em></p>
<blockquote>
<h2>v4.2.0</h2>
<h2>⚠️ Important Changes</h2>
<p>The cache backend service has been rewritten from the ground up for
improved performance and reliability. <a
href="https://github.com/actions/cache">actions/cache</a> now integrates
with the new cache service (v2) APIs.</p>
<p>The new service will gradually roll out as of <strong>February 1st,
2025</strong>. The legacy service will also be sunset on the same date.
Changes in these release are <strong>fully backward
compatible</strong>.</p>
<p><strong>We are deprecating some versions of this action</strong>. We
recommend upgrading to version <code>v4</code> or <code>v3</code> as
soon as possible before <strong>February 1st, 2025.</strong> (Upgrade
instructions below).</p>
<p>If you are using pinned SHAs, please use the SHAs of versions
<code>v4.2.0</code> or <code>v3.4.0</code></p>
<p>If you do not upgrade, all workflow runs using any of the deprecated
<a href="https://github.com/actions/cache">actions/cache</a> will
fail.</p>
<p>Upgrading to the recommended versions will not break your
workflows.</p>
<p>Read more about the change &amp; access the migration guide: <a
href="https://github.com/actions/cache/discussions/1510">reference to
the announcement</a>.</p>
<h3>Minor changes</h3>
<p>Minor and patch version updates for these dependencies:</p>
<ul>
<li><code>@​actions/core</code>: <code>1.11.1</code></li>
<li><code>@​actions/io</code>: <code>1.1.3</code></li>
<li><code>@​vercel/ncc</code>: <code>0.38.3</code></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/cache/compare/v4.1.2...v4.2.0">https://github.com/actions/cache/compare/v4.1.2...v4.2.0</a></p>
<h2>v4.1.2</h2>
<h2>What's Changed</h2>
<ul>
<li>Add Bun example by <a
href="https://github.com/idleberg"><code>@​idleberg</code></a> in <a
href="https://redirect.github.com/actions/cache/pull/1456">actions/cache#1456</a></li>
<li>Revise <code>isGhes</code> logic by <a
href="https://github.com/jww3"><code>@​jww3</code></a> in <a
href="https://redirect.github.com/actions/cache/pull/1474">actions/cache#1474</a></li>
<li>Bump braces from 3.0.2 to 3.0.3 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/cache/pull/1475">actions/cache#1475</a></li>
<li>Add dependabot.yml to enable automatic dependency upgrades by <a
href="https://github.com/Link"><code>@​Link</code></a>- in <a
href="https://redirect.github.com/actions/cache/pull/1476">actions/cache#1476</a></li>
<li>Bump actions/checkout from 3 to 4 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/cache/pull/1478">actions/cache#1478</a></li>
<li>Bump actions/stale from 3 to 9 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/cache/pull/1479">actions/cache#1479</a></li>
<li>Bump github/codeql-action from 2 to 3 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/cache/pull/1483">actions/cache#1483</a></li>
<li>Bump actions/setup-node from 3 to 4 by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a
href="https://redirect.github.com/actions/cache/pull/1481">actions/cache#1481</a></li>
<li>Prepare <code>4.1.2</code> release by <a
href="https://github.com/Link"><code>@​Link</code></a>- in <a
href="https://redirect.github.com/actions/cache/pull/1477">actions/cache#1477</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/idleberg"><code>@​idleberg</code></a>
made their first contribution in <a
href="https://redirect.github.com/actions/cache/pull/1456">actions/cache#1456</a></li>
<li><a href="https://github.com/jww3"><code>@​jww3</code></a> made their
first contribution in <a
href="https://redirect.github.com/actions/cache/pull/1474">actions/cache#1474</a></li>
<li><a href="https://github.com/Link"><code>@​Link</code></a>- made
their first contribution in <a
href="https://redirect.github.com/actions/cache/pull/1476">actions/cache#1476</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/cache/compare/v4.1.1...v4.1.2">https://github.com/actions/cache/compare/v4.1.1...v4.1.2</a></p>
<h2>v4.1.1</h2>
<h2>What's Changed</h2>
<ul>
<li>Restore original behavior of <code>cache-hit</code> output by <a
href="https://github.com/joshmgross"><code>@​joshmgross</code></a> in <a
href="https://redirect.github.com/actions/cache/pull/1467">actions/cache#1467</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/actions/cache/blob/main/RELEASES.md">actions/cache's
changelog</a>.</em></p>
<blockquote>
<h1>Releases</h1>
<h3>4.2.0</h3>
<p>TLDR; The cache backend service has been rewritten from the ground up
for improved performance and reliability. <a
href="https://github.com/actions/cache">actions/cache</a> now integrates
with the new cache service (v2) APIs.</p>
<p>The new service will gradually roll out as of <strong>February 1st,
2025</strong>. The legacy service will also be sunset on the same date.
Changes in these release are <strong>fully backward
compatible</strong>.</p>
<p><strong>We are deprecating some versions of this action</strong>. We
recommend upgrading to version <code>v4</code> or <code>v3</code> as
soon as possible before <strong>February 1st, 2025.</strong> (Upgrade
instructions below).</p>
<p>If you are using pinned SHAs, please use the SHAs of versions
<code>v4.2.0</code> or <code>v3.4.0</code></p>
<p>If you do not upgrade, all workflow runs using any of the deprecated
<a href="https://github.com/actions/cache">actions/cache</a> will
fail.</p>
<p>Upgrading to the recommended versions will not break your
workflows.</p>
<h3>4.1.2</h3>
<ul>
<li>Add GitHub Enterprise Cloud instances hostname filters to inform API
endpoint choices - <a
href="https://redirect.github.com/actions/cache/pull/1474">#1474</a></li>
<li>Security fix: Bump braces from 3.0.2 to 3.0.3 - <a
href="https://redirect.github.com/actions/cache/pull/1475">#1475</a></li>
</ul>
<h3>4.1.1</h3>
<ul>
<li>Restore original behavior of <code>cache-hit</code> output - <a
href="https://redirect.github.com/actions/cache/pull/1467">#1467</a></li>
</ul>
<h3>4.1.0</h3>
<ul>
<li>Ensure <code>cache-hit</code> output is set when a cache is missed -
<a
href="https://redirect.github.com/actions/cache/pull/1404">#1404</a></li>
<li>Deprecate <code>save-always</code> input - <a
href="https://redirect.github.com/actions/cache/pull/1452">#1452</a></li>
</ul>
<h3>4.0.2</h3>
<ul>
<li>Fixed restore <code>fail-on-cache-miss</code> not working.</li>
</ul>
<h3>4.0.1</h3>
<ul>
<li>Updated <code>isGhes</code> check</li>
</ul>
<h3>4.0.0</h3>
<ul>
<li>Updated minimum runner version support from node 12 -&gt; node
20</li>
</ul>
<h3>3.4.0</h3>
<ul>
<li>Integrated with the new cache service (v2) APIs</li>
</ul>
<h3>3.3.3</h3>
<ul>
<li>Updates <code>@​actions/cache</code> to v3.2.3 to fix accidental
mutated path arguments to <code>getCacheVersion</code> <a
href="https://redirect.github.com/actions/toolkit/pull/1378">actions/toolkit#1378</a></li>
<li>Additional audit fixes of npm package(s)</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/actions/cache/commit/1bd1e32a3bdc45362d1e726936510720a7c30a57"><code>1bd1e32</code></a>
Merge pull request <a
href="https://redirect.github.com/actions/cache/issues/1509">#1509</a>
from actions/Link-/cache-4.2.0</li>
<li><a
href="https://github.com/actions/cache/commit/882d7ced4c9b8af53ed67bfa36ee600195e62940"><code>882d7ce</code></a>
Add 3.4.0 release notes</li>
<li><a
href="https://github.com/actions/cache/commit/f2695d7a42dd0d7ad21976ed7ab91dbdbc3c2216"><code>f2695d7</code></a>
Rerun CI</li>
<li><a
href="https://github.com/actions/cache/commit/f46ceeb60d3da27b7cbac269520a4b1bfb15f199"><code>f46ceeb</code></a>
Add licensed output</li>
<li><a
href="https://github.com/actions/cache/commit/e6f5858749f178cf4a01b0d777917ba913710560"><code>e6f5858</code></a>
Add lodash to list of reviewed licenses</li>
<li><a
href="https://github.com/actions/cache/commit/4ae6f21c0d820c73db2589af6983e001d8c19c1d"><code>4ae6f21</code></a>
Add reviewed licensed packages</li>
<li><a
href="https://github.com/actions/cache/commit/c16df86586baf94b0deaa873e22eb739c59e5b15"><code>c16df86</code></a>
Add licensed output</li>
<li><a
href="https://github.com/actions/cache/commit/b109c12f3bdd6fb6a7dd42b202df645243efbd2f"><code>b109c12</code></a>
Upgrade <code>@​actions/core</code> to 1.11.1 and other deps</li>
<li><a
href="https://github.com/actions/cache/commit/b7d227d702af06e6be1fa308c014252c10bbc267"><code>b7d227d</code></a>
Upgrade <code>@​vercel/ncc</code> to 0.38.3</li>
<li><a
href="https://github.com/actions/cache/commit/faf639248d95d2a6c5884b8e6588e233eb3b10a0"><code>faf6392</code></a>
Update RELEASES.md</li>
<li>Additional commits viewable in <a
href="https://github.com/actions/cache/compare/88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8...1bd1e32a3bdc45362d1e726936510720a7c30a57">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/cache&package-manager=github_actions&previous-version=3.3.1&new-version=4.2.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

.github/workflows/cacher.yaml

@@ -20,14 +20,14 @@ jobs:
     steps:
     - uses: actions/checkout@8f4b7f84864484a7bf31766abe9204da3cbe65b3  # v3.5.0
     - name: go cache
-      uses: actions/cache@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8  # v3.3.1
+      uses: actions/cache@1bd1e32a3bdc45362d1e726936510720a7c30a57  # v4.2.0
       with:
         path: /px/pkg/mod
         key: go-cache-${{ hashFiles('go.sum') }}
         restore-keys: |
           go-cache-
     - name: yarn cache
-      uses: actions/cache@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8  # v3.3.1
+      uses: actions/cache@1bd1e32a3bdc45362d1e726936510720a7c30a57  # v4.2.0
       with:
         path: ./src/ui/.yarn/cache
         key: yarn-cache-${{ hashFiles('src/ui/yarn.lock', 'src/ui/.yarnrc.yml') }}

.github/workflows/pr_genfiles.yml

@@ -21,14 +21,14 @@ jobs:
     steps:
     - uses: actions/checkout@8f4b7f84864484a7bf31766abe9204da3cbe65b3  # v3.5.0
     - name: go cache
-      uses: actions/cache@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8  # v3.3.1
+      uses: actions/cache@1bd1e32a3bdc45362d1e726936510720a7c30a57  # v4.2.0
       with:
         path: /px/pkg/mod
         key: go-cache-${{ hashFiles('go.sum') }}
         restore-keys: |
           go-cache-
     - name: yarn cache
-      uses: actions/cache@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8  # v3.3.1
+      uses: actions/cache@1bd1e32a3bdc45362d1e726936510720a7c30a57  # v4.2.0
       with:
         path: ./src/ui/.yarn/cache
         key: yarn-cache-${{ hashFiles('src/ui/yarn.lock', 'src/ui/.yarnrc.yml') }}

.github/workflows/pr_linter.yml

@@ -23,7 +23,7 @@ jobs:
       with:
         fetch-depth: 100
     - name: yarn cache
-      uses: actions/cache@88522ab9f39a2ea568f7027eddc7d8d8bc9d59c8  # v3.3.1
+      uses: actions/cache@1bd1e32a3bdc45362d1e726936510720a7c30a57  # v4.2.0
       with:
         path: ./src/ui/.yarn/cache
         key: yarn-cache-${{ hashFiles('src/ui/yarn.lock', 'src/ui/.yarnrc.yml') }}