chore: github action bumps

[erikburt]

Changes:

• Bump docker/login-action to 3.0.0
• Bump docker/metadata-action to 5.5.0
• Bump docker/setup-qemu-action to 3.0.0
• Bump actions/upload-artifact to 3.1.3
• Bump actions/download-artifact to 3.0.2
• Bump actions/setup-go to 5.0.0
• Bump goreleaser/goreleaser-action to 5.0.0
• Bump goto-bus-stop/setup-zig to 2.2.0
• Bump github/codeql-action to 2.16.1

[github-actions]

I see that you haven't updated any CHANGELOG files. Would it make sense to do so?

[chainchad]

LGTM. Just a callout to review if everything passes in CI here (looks good!) and that each of these action bumps don't have any obvious breaking changes.

[erikburt]

LGTM. Just a callout to review if everything passes in CI here (looks good!) and that each of these action bumps don't have any obvious breaking changes.

I did check everything here's a general summary of what I gathered the diff is from the release notes of all versions between old and new:

• docker/login-action - node20 runtime + dependency version bumps
• docker/metadata-action - node20 runtime + dependency version bumps
• docker/setup-qemu-action - node20 runtime + dependency version bumps + two other changes which were considered a minor update in 2.1 -> 2.2
• actions/upload-artifact - dependency version bumps
• actions/download-artifact - dependency version bumps
• actions/setup-go - caching enabled by default (hasn't been a problem with other usages yet) + dependency version bumps + windows runtime fixes
• goreleaser/goreleaser-action - node20 runtime + dependency version bumps + when using --snapshot in args for this action which it doesn't appear we are doing
• goto-bus-stop/setup-zig - node20 runtime
• github/codeql - node20 runtime + updated codeql language packs

[cl-sonarqube-production]

SonarQube Quality Gate

0 Bugs
0 Vulnerabilities
0 Security Hotspots
0 Code Smells

No Coverage information
No Duplication information