Update 1password/load-secrets-action action to v4

[mend-for-github-com]

This PR contains the following updates:

Package	Type	Update	Change
1password/load-secrets-action	action	major	v2 → v4

---

Warning

Some dependencies could not be looked up. Check the Dependency Dashboard for more information.

---

Release Notes

1password/load-secrets-action (1password/load-secrets-action)

v4

Compare Source

v4.0.0

Compare Source

What's Changed

• Clear npm audit / Dependabot findings via npm audit fix where safe (e.g. ajv, flatted, undici, and other resolvable minimatch updates). #​151
• Action runtime updated from Node 20 to Node 24 for GitHub Actions compatibility (deprecation notice). #​148.

New Contributors

• @​jjavieralv made their first contribution in 1Password#149

Full Changelog: 1Password/load-secrets-action@v3...v4.0.0

v3.2.1

Compare Source

What's Changed

Fix

• Revert SDK field-resolution regression introduced in v3.2.0 that broke certain valid secret refs (website/url fields) 1Password#145

Full Changelog: 1Password/load-secrets-action@v3.2.0...v3.2.1

v3.2.0

Compare Source

What's changed

Features

• Service account auth now uses the 1Password SDK instead of the CLI; the CLI is not installed when using a service account token. 1Password#137

Fix

• Empty string secret values are now set as outputs and environment variables instead of being skipped by @​toga4 in 1Password#132
• Docs: Documented the SSH key format parameter for secret references by @​BolajiOlajide in 1Password#130

New Contributors

• @​BolajiOlajide made their first contribution in 1Password#130
• @​toga4 made their first contribution in 1Password#132

Full Changelog: 1Password/load-secrets-action@v3.1.0...v3.2.0

v3.1.0

Compare Source

What's Changed

🚀 Features

• Support loading secrets from env files #​93

Fixes

• op-cli-installer dependency is removed 1Password#127

Security

• Updates js-yaml from 4.1.0 to 4.1.1 1Password#128

New Contributors

• @​geofox made their first contribution in 1Password#117
• @​wcarlsen made their first contribution in 1Password#118

Full Changelog: 1Password/load-secrets-action@v3...v3.1.0

v3.0.0

Compare Source

What's Changed

🔴 Breaking change

• Set export-env input to false by default by @​volodymyrZotov in 1Password#114
  If you want export secrets as env variables you should update your workflows and explicitly set export-env: true aka

      - name: Load secret
        uses: 1password/load-secrets-action@v3
        with:
          # Export loaded secrets as environment variables
          export-env: true
        env:
          OP_SERVICE_ACCOUNT_TOKEN: ${{ secrets.OP_SERVICE_ACCOUNT_TOKEN }}
          SECRET: op://app-cicd/hello-world/secret

      - name: Print masked secret
        run: 'echo "Secret: $SECRET"'
        # Prints: Secret: ***

🚀 Features

• Use op cli installer to enable Windows support by @​volodymyrZotov in 1Password#109
• Set default for version input by @​volodymyrZotov in 1Password#112

🔒 Security

• Use of Insufficiently Random Values in undici {#​103}
• undici Denial of Service attack via bad certificate data {#​103}

Full Changelog: 1Password/load-secrets-action@v2...v3.0.0

v3

Compare Source

---

Configuration

📅 Schedule: (UTC)

• Branch creation
  • At any time (no schedule defined)
• Automerge
  • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box