chore(deps): bump the dependencies group with 2 updates

[dependabot]

Bumps the dependencies group with 2 updates: github/ospo-reusable-workflows and actions/setup-node.

Updates github/ospo-reusable-workflows from 0.3.5 to 0.4.5

Release notes

Sourced from github/ospo-reusable-workflows's releases.

v0.4.5

Changelog

• feat: ensure contents of container image changes @​jmeridth (#46)

See details of all code changes since previous release

v0.4.4

Changelog

• fix: put argument in correct section, config, not secrets @​jmeridth (#44)
• ci: enable attestations again @​jmeridth (#43)

See details of all code changes since previous release

v0.4.3

Changelog

• ci: remove attestations temporarily @​jmeridth (#41)
• ci: turn off image attestations temporarily until fix in place @​jmeridth (#40)

🧰 Maintenance

• chore(deps): bump docker/build-push-action from 6.12.0 to 6.13.0 in the dependencies group @dependabot[bot] (#33)

See details of all code changes since previous release

v0.4.2

Changelog

🧰 Maintenance

• ci: reduce permissions on auto-labeler and set to not release @​jmeridth (#38)

See details of all code changes since previous release

v0.4.1

Changelog

🐛 Bug Fixes

• fix: test release-image permissions @​jmeridth (#36)
• fix: permissions for attestations image release step @​jmeridth (#35)

See details of all code changes since previous release

v0.4.0

Changelog

🚀 Features

• feat: Add attestation option to release-image @​ahpook (#32)

See details of all code changes since previous release

v0.3.6

... (truncated)

Commits

• 6a0a6d0 feat: ensure contents of container image changes (#46)
• f5b5282 fix: put argument in correct section, config, not secrets (#44)
• 2ea6be0 ci: enable attestations again (#43)
• a48e851 ci: remove attestations temporarily (#41)
• e999dee ci: turn off image attestations temporarily until fix in place (#40)
• e461cc1 chore(deps): bump docker/build-push-action in the dependencies group (#33)
• b89c534 ci: reduce permissions on auto-labeler and set to not release (#38)
• c180b53 fix: test release-image permissions (#36)
• 90604e8 fix: permissions for attestations image release step (#35)
• 1a24929 feat: Add attestation option to release-image (#32)
• Additional commits viewable in compare view

Updates actions/setup-node from 4.1.0 to 4.2.0

Release notes

Sourced from actions/setup-node's releases.

v4.2.0

What's Changed

• Enhance workflows and upgrade publish-actions from 0.2.2 to 0.3.0 by @​aparnajyothi-y in actions/setup-node#1174
• Add recommended permissions section to readme by @​benwells in actions/setup-node#1193
• Configure Dependabot settings by @​HarithaVattikuti in actions/setup-node#1192
• Upgrade @actions/cache to ^4.0.0 by @​priyagupta108 in actions/setup-node#1191
• Upgrade pnpm/action-setup from 2 to 4 by @​dependabot in actions/setup-node#1194
• Upgrade actions/publish-immutable-action from 0.0.3 to 0.0.4 by @​dependabot in actions/setup-node#1195
• Upgrade semver from 7.6.0 to 7.6.3 by @​dependabot in actions/setup-node#1196
• Upgrade @​types/jest from 29.5.12 to 29.5.14 by @​dependabot in actions/setup-node#1201
• Upgrade undici from 5.28.4 to 5.28.5 by @​dependabot in actions/setup-node#1205

New Contributors

• @​benwells made their first contribution in actions/setup-node#1193

Full Changelog: actions/setup-node@v4...v4.2.0

Commits

• 1d0ff46 Bump undici from 5.28.4 to 5.28.5 (#1205)
• 574f09a Bump @​types/jest from 29.5.12 to 29.5.14 (#1201)
• 260f870 Bump semver from 7.6.0 to 7.6.3 (#1196)
• 111c4be Bump actions/publish-immutable-action from 0.0.3 to 0.0.4 (#1195)
• 0bc26de Bump pnpm/action-setup from 2 to 4 (#1194)
• 8f9cc17 Use the new cache service: upgrade @actions/cache to ^4.0.0 (#1191)
• 5eef37b Create dependabot.yml (#1192)
• fbeca22 Update README.md (#1193)
• 48b9067 Add macos-13 to the workflows and upgrade publish-actions from 0.2.2 to 0.3.0...
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions