chore(deps): update maru support dependencies (#101)

[![Mend
Renovate](https://app.renovatebot.com/images/banner.svg)](https://renovatebot.com)

This PR contains the following updates:

| Package | Type | Update | Change |
|---|---|---|---|
|
[actions/create-github-app-token](https://togithub.com/actions/create-github-app-token)
| action | patch | `v1.10.0` -> `v1.10.1` |
|
[actions/dependency-review-action](https://togithub.com/actions/dependency-review-action)
| action | patch | `v4.3.2` -> `v4.3.3` |
| [defenseunicorns/zarf](https://togithub.com/defenseunicorns/zarf) | |
minor | `v0.33.2` -> `v0.34.0` |
| [github/codeql-action](https://togithub.com/github/codeql-action) |
action | patch | `v3.25.6` -> `v3.25.8` |

---

### Release Notes

<details>
<summary>actions/create-github-app-token
(actions/create-github-app-token)</summary>

###
[`v1.10.1`](https://togithub.com/actions/create-github-app-token/releases/tag/v1.10.1)

[Compare
Source](https://togithub.com/actions/create-github-app-token/compare/v1.10.0...v1.10.1)

##### Bug Fixes

- **deps:** bump the production-dependencies group with 2 updates
([#&#8203;138](https://togithub.com/actions/create-github-app-token/issues/138))
([8d81a59](https://togithub.com/actions/create-github-app-token/commit/8d81a59103d6d17f5ecc243eb5fd53757607a1d2)),
closes
[#&#8203;606](https://togithub.com/actions/create-github-app-token/issues/606)
[#&#8203;606](https://togithub.com/actions/create-github-app-token/issues/606)
[#&#8203;605](https://togithub.com/actions/create-github-app-token/issues/605)
[#&#8203;604](https://togithub.com/actions/create-github-app-token/issues/604)
[nodejs/undici#3295](https://togithub.com/nodejs/undici/issues/3295)
[nodejs/undici#3298](https://togithub.com/nodejs/undici/issues/3298)
[nodejs/undici#3294](https://togithub.com/nodejs/undici/issues/3294)
[nodejs/undici#3281](https://togithub.com/nodejs/undici/issues/3281)
[nodejs/undici#3286](https://togithub.com/nodejs/undici/issues/3286)
[nodejs/undici#3284](https://togithub.com/nodejs/undici/issues/3284)
[nodejs/undici#3291](https://togithub.com/nodejs/undici/issues/3291)
[nodejs/undici#3290](https://togithub.com/nodejs/undici/issues/3290)
[nodejs/undici#3283](https://togithub.com/nodejs/undici/issues/3283)
[nodejs/undici#3281](https://togithub.com/nodejs/undici/issues/3281)
[nodejs/undici#3263](https://togithub.com/nodejs/undici/issues/3263)
[nodejs/undici#3279](https://togithub.com/nodejs/undici/issues/3279)
[nodejs/undici#3227](https://togithub.com/nodejs/undici/issues/3227)
[nodejs/undici#3234](https://togithub.com/nodejs/undici/issues/3234)
[nodejs/undici#3240](https://togithub.com/nodejs/undici/issues/3240)
[nodejs/undici#3245](https://togithub.com/nodejs/undici/issues/3245)
[nodejs/undici#3241](https://togithub.com/nodejs/undici/issues/3241)
[nodejs/undici#3247](https://togithub.com/nodejs/undici/issues/3247)
[nodejs/undici#3248](https://togithub.com/nodejs/undici/issues/3248)
[nodejs/undici#3219](https://togithub.com/nodejs/undici/issues/3219)
[nodejs/undici#3251](https://togithub.com/nodejs/undici/issues/3251)
[nodejs/undici#3254](https://togithub.com/nodejs/undici/issues/3254)
[nodejs/undici#3258](https://togithub.com/nodejs/undici/issues/3258)
[nodejs/undici#3257](https://togithub.com/nodejs/undici/issues/3257)
[nodejs/undici#3259](https://togithub.com/nodejs/undici/issues/3259)
[nodejs/undici#3262](https://togithub.com/nodejs/undici/issues/3262)
[nodejs/undici#3264](https://togithub.com/nodejs/undici/issues/3264)
[nodejs/undici#3118](https://togithub.com/nodejs/undici/issues/3118)
[nodejs/undici#3269](https://togithub.com/nodejs/undici/issues/3269)
[#&#8203;3301](https://togithub.com/actions/create-github-app-token/issues/3301)
[#&#8203;3294](https://togithub.com/actions/create-github-app-token/issues/3294)
[#&#8203;3298](https://togithub.com/actions/create-github-app-token/issues/3298)
[#&#8203;3295](https://togithub.com/actions/create-github-app-token/issues/3295)
[#&#8203;3293](https://togithub.com/actions/create-github-app-token/issues/3293)
[#&#8203;3283](https://togithub.com/actions/create-github-app-token/issues/3283)
[#&#8203;3290](https://togithub.com/actions/create-github-app-token/issues/3290)
[#&#8203;3291](https://togithub.com/actions/create-github-app-token/issues/3291)
[#&#8203;3284](https://togithub.com/actions/create-github-app-token/issues/3284)
[#&#8203;3286](https://togithub.com/actions/create-github-app-token/issues/3286)

</details>

<details>
<summary>actions/dependency-review-action
(actions/dependency-review-action)</summary>

###
[`v4.3.3`](https://togithub.com/actions/dependency-review-action/releases/tag/v4.3.3):
Notes for v4.3.3

[Compare
Source](https://togithub.com/actions/dependency-review-action/compare/v4.3.2...v4.3.3)

#### What's Changed

- Allow slashes in purl package names by
[@&#8203;juxtin](https://togithub.com/juxtin) in
[https://github.com/actions/dependency-review-action/pull/765](https://togithub.com/actions/dependency-review-action/pull/765)
- use the v3 version of the deps.dev API by
[@&#8203;josieang](https://togithub.com/josieang) in
[https://github.com/actions/dependency-review-action/pull/741](https://togithub.com/actions/dependency-review-action/pull/741)
- PR with suggestions - \[Improvement]: Help streamline / simplify
dependency review action README by
[@&#8203;am-stead](https://togithub.com/am-stead) in
[https://github.com/actions/dependency-review-action/pull/773](https://togithub.com/actions/dependency-review-action/pull/773)
- fix show-openssf-scorecard-levels input by
[@&#8203;ramann](https://togithub.com/ramann) in
[https://github.com/actions/dependency-review-action/pull/776](https://togithub.com/actions/dependency-review-action/pull/776)
- Updates to the contribution guidelines by
[@&#8203;jonjanego](https://togithub.com/jonjanego) in
[https://github.com/actions/dependency-review-action/pull/778](https://togithub.com/actions/dependency-review-action/pull/778)
- Create issue templates by
[@&#8203;jonjanego](https://togithub.com/jonjanego) in
[https://github.com/actions/dependency-review-action/pull/777](https://togithub.com/actions/dependency-review-action/pull/777)
- Fix the max comment length issue by
[@&#8203;jhutchings1](https://togithub.com/jhutchings1) and
[@&#8203;elireisman](https://togithub.com/elireisman) in
[https://github.com/actions/dependency-review-action/pull/767](https://togithub.com/actions/dependency-review-action/pull/767)
- Bump project version to 4.3.3 in prep for a release by
[@&#8203;elireisman](https://togithub.com/elireisman) in
[https://github.com/actions/dependency-review-action/pull/781](https://togithub.com/actions/dependency-review-action/pull/781)

#### New Contributors

- [@&#8203;josieang](https://togithub.com/josieang) made their first
contribution in
[https://github.com/actions/dependency-review-action/pull/741](https://togithub.com/actions/dependency-review-action/pull/741)
- [@&#8203;am-stead](https://togithub.com/am-stead) made their first
contribution in
[https://github.com/actions/dependency-review-action/pull/773](https://togithub.com/actions/dependency-review-action/pull/773)
- [@&#8203;ramann](https://togithub.com/ramann) made their first
contribution in
[https://github.com/actions/dependency-review-action/pull/776](https://togithub.com/actions/dependency-review-action/pull/776)

**Full Changelog**:
actions/dependency-review-action@v4.3.2...v4.3.3

</details>

<details>
<summary>defenseunicorns/zarf (defenseunicorns/zarf)</summary>

###
[`v0.34.0`](https://togithub.com/defenseunicorns/zarf/releases/tag/v0.34.0)

[Compare
Source](https://togithub.com/defenseunicorns/zarf/compare/v0.33.2...v0.34.0)

#### What's Changed

- refactor: move validate to expose it as receivers by
[@&#8203;Noxsios](https://togithub.com/Noxsios) in
[https://github.com/defenseunicorns/zarf/pull/2419](https://togithub.com/defenseunicorns/zarf/pull/2419)
- docs: add additional detail to security policy by
[@&#8203;salaxander](https://togithub.com/salaxander) in
[https://github.com/defenseunicorns/zarf/pull/2488](https://togithub.com/defenseunicorns/zarf/pull/2488)
- chore: cleanup stale grype ignores and patch golang.org/x/net CVE by
[@&#8203;lucasrod16](https://togithub.com/lucasrod16) in
[https://github.com/defenseunicorns/zarf/pull/2492](https://togithub.com/defenseunicorns/zarf/pull/2492)
- docs: injector and init package reference material by
[@&#8203;Noxsios](https://togithub.com/Noxsios) in
[https://github.com/defenseunicorns/zarf/pull/2468](https://togithub.com/defenseunicorns/zarf/pull/2468)
- chore: patch CVE-2024-3817 by
[@&#8203;lucasrod16](https://togithub.com/lucasrod16) in
[https://github.com/defenseunicorns/zarf/pull/2498](https://togithub.com/defenseunicorns/zarf/pull/2498)
- refactor: cleaner image pulls by
[@&#8203;Noxsios](https://togithub.com/Noxsios) in
[https://github.com/defenseunicorns/zarf/pull/2460](https://togithub.com/defenseunicorns/zarf/pull/2460)
- chore: adding [@&#8203;dgershman](https://togithub.com/dgershman) by
[@&#8203;dgershman](https://togithub.com/dgershman) in
[https://github.com/defenseunicorns/zarf/pull/2506](https://togithub.com/defenseunicorns/zarf/pull/2506)
- refactor: context usage in k8s code by
[@&#8203;lucasrod16](https://togithub.com/lucasrod16) in
[https://github.com/defenseunicorns/zarf/pull/2405](https://togithub.com/defenseunicorns/zarf/pull/2405)
- ci: run revive using golang-lint-ci by
[@&#8203;phillebaba](https://togithub.com/phillebaba) in
[https://github.com/defenseunicorns/zarf/pull/2499](https://togithub.com/defenseunicorns/zarf/pull/2499)
- feat: update injector away from rouille to axum by
[@&#8203;schristoff](https://togithub.com/schristoff) in
[https://github.com/defenseunicorns/zarf/pull/2457](https://togithub.com/defenseunicorns/zarf/pull/2457)
- refactor: enable testifylint linter by
[@&#8203;phillebaba](https://togithub.com/phillebaba) in
[https://github.com/defenseunicorns/zarf/pull/2504](https://togithub.com/defenseunicorns/zarf/pull/2504)
- chore: remove rouille CVE from grype ignore by
[@&#8203;lucasrod16](https://togithub.com/lucasrod16) in
[https://github.com/defenseunicorns/zarf/pull/2515](https://togithub.com/defenseunicorns/zarf/pull/2515)
- fix(agent): missing path for pod without labels by
[@&#8203;brandtkeller](https://togithub.com/brandtkeller) in
[https://github.com/defenseunicorns/zarf/pull/2518](https://togithub.com/defenseunicorns/zarf/pull/2518)
- fix: adopt namespace metadata by
[@&#8203;AustinAbro321](https://togithub.com/AustinAbro321) in
[https://github.com/defenseunicorns/zarf/pull/2494](https://togithub.com/defenseunicorns/zarf/pull/2494)
- refactor: enable ineffassign linter by
[@&#8203;phillebaba](https://togithub.com/phillebaba) in
[https://github.com/defenseunicorns/zarf/pull/2500](https://togithub.com/defenseunicorns/zarf/pull/2500)
- test: cluster getDeployedPackages by
[@&#8203;AustinAbro321](https://togithub.com/AustinAbro321) in
[https://github.com/defenseunicorns/zarf/pull/2523](https://togithub.com/defenseunicorns/zarf/pull/2523)
- test: add unit tests for merge zarf state by
[@&#8203;phillebaba](https://togithub.com/phillebaba) in
[https://github.com/defenseunicorns/zarf/pull/2522](https://togithub.com/defenseunicorns/zarf/pull/2522)
- test: pod agent unit tests by
[@&#8203;AustinAbro321](https://togithub.com/AustinAbro321) in
[https://github.com/defenseunicorns/zarf/pull/2526](https://togithub.com/defenseunicorns/zarf/pull/2526)
- docs: add google analytics for docs pages by
[@&#8203;salaxander](https://togithub.com/salaxander) in
[https://github.com/defenseunicorns/zarf/pull/2530](https://togithub.com/defenseunicorns/zarf/pull/2530)
- test: add unit tests for detect distro by
[@&#8203;phillebaba](https://togithub.com/phillebaba) in
[https://github.com/defenseunicorns/zarf/pull/2521](https://togithub.com/defenseunicorns/zarf/pull/2521)
- test: add tests for injector by
[@&#8203;phillebaba](https://togithub.com/phillebaba) in
[https://github.com/defenseunicorns/zarf/pull/2534](https://togithub.com/defenseunicorns/zarf/pull/2534)
- chore: add codecov by
[@&#8203;schristoff-du](https://togithub.com/schristoff-du) in
[https://github.com/defenseunicorns/zarf/pull/2529](https://togithub.com/defenseunicorns/zarf/pull/2529)
- chore: add unit tests for creator.LoadPackageDefinition by
[@&#8203;lucasrod16](https://togithub.com/lucasrod16) in
[https://github.com/defenseunicorns/zarf/pull/2531](https://togithub.com/defenseunicorns/zarf/pull/2531)
- test: refactor network test by
[@&#8203;phillebaba](https://togithub.com/phillebaba) in
[https://github.com/defenseunicorns/zarf/pull/2533](https://togithub.com/defenseunicorns/zarf/pull/2533)
- test: agent flux unit test by
[@&#8203;AustinAbro321](https://togithub.com/AustinAbro321) in
[https://github.com/defenseunicorns/zarf/pull/2528](https://togithub.com/defenseunicorns/zarf/pull/2528)
- chore: fix codecov by
[@&#8203;schristoff](https://togithub.com/schristoff) in
[https://github.com/defenseunicorns/zarf/pull/2538](https://togithub.com/defenseunicorns/zarf/pull/2538)
- test: creator.ComposeComponents by
[@&#8203;lucasrod16](https://togithub.com/lucasrod16) in
[https://github.com/defenseunicorns/zarf/pull/2537](https://togithub.com/defenseunicorns/zarf/pull/2537)
- refactor: remove use of k8s serivce account by
[@&#8203;phillebaba](https://togithub.com/phillebaba) in
[https://github.com/defenseunicorns/zarf/pull/2544](https://togithub.com/defenseunicorns/zarf/pull/2544)
- refactor: remove use of k8s service by
[@&#8203;phillebaba](https://togithub.com/phillebaba) in
[https://github.com/defenseunicorns/zarf/pull/2543](https://togithub.com/defenseunicorns/zarf/pull/2543)
- refactor: remove use of k8s configmap by
[@&#8203;phillebaba](https://togithub.com/phillebaba) in
[https://github.com/defenseunicorns/zarf/pull/2541](https://togithub.com/defenseunicorns/zarf/pull/2541)
- refactor: remove use of k8s hpa by
[@&#8203;phillebaba](https://togithub.com/phillebaba) in
[https://github.com/defenseunicorns/zarf/pull/2542](https://togithub.com/defenseunicorns/zarf/pull/2542)
- test: add secrets tests by
[@&#8203;phillebaba](https://togithub.com/phillebaba) in
[https://github.com/defenseunicorns/zarf/pull/2540](https://togithub.com/defenseunicorns/zarf/pull/2540)
- refactor: allow callers to directly set logfile location by
[@&#8203;Noxsios](https://togithub.com/Noxsios) in
[https://github.com/defenseunicorns/zarf/pull/2545](https://togithub.com/defenseunicorns/zarf/pull/2545)
- test: add test for packager source by
[@&#8203;phillebaba](https://togithub.com/phillebaba) in
[https://github.com/defenseunicorns/zarf/pull/2525](https://togithub.com/defenseunicorns/zarf/pull/2525)
- chore: add unit tests to variables pkg by
[@&#8203;Racer159](https://togithub.com/Racer159) in
[https://github.com/defenseunicorns/zarf/pull/2519](https://togithub.com/defenseunicorns/zarf/pull/2519)
- test: clean up tests for composer by
[@&#8203;phillebaba](https://togithub.com/phillebaba) in
[https://github.com/defenseunicorns/zarf/pull/2532](https://togithub.com/defenseunicorns/zarf/pull/2532)
- test: argo agent unit tests by
[@&#8203;AustinAbro321](https://togithub.com/AustinAbro321) in
[https://github.com/defenseunicorns/zarf/pull/2536](https://togithub.com/defenseunicorns/zarf/pull/2536)
- fix(release): do not delete testdata in release workflow by
[@&#8203;lucasrod16](https://togithub.com/lucasrod16) in
[https://github.com/defenseunicorns/zarf/pull/2547](https://togithub.com/defenseunicorns/zarf/pull/2547)

**Full Changelog**:
zarf-dev/zarf@v0.33.2...v0.34.0

</details>

<details>
<summary>github/codeql-action (github/codeql-action)</summary>

###
[`v3.25.8`](https://togithub.com/github/codeql-action/compare/v3.25.7...v3.25.8)

[Compare
Source](https://togithub.com/github/codeql-action/compare/v3.25.7...v3.25.8)

###
[`v3.25.7`](https://togithub.com/github/codeql-action/compare/v3.25.6...v3.25.7)

[Compare
Source](https://togithub.com/github/codeql-action/compare/v3.25.6...v3.25.7)

</details>

---

### Configuration

📅 **Schedule**: Branch creation - "after 12pm every weekday,before 11am
every weekday" in timezone America/New_York, Automerge - At any time (no
schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

👻 **Immortal**: This PR will be recreated if closed unmerged. Get
[config help](https://togithub.com/renovatebot/renovate/discussions) if
that's undesired.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Mend
Renovate](https://www.mend.io/free-developer-tools/renovate/). View
repository job log
[here](https://developer.mend.io/github/defenseunicorns/maru-runner).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzNy4zNjguMTAiLCJ1cGRhdGVkSW5WZXIiOiIzNy4zOTMuMCIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOlsic3VwcG9ydC1kZXBzIl19-->

Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>

Author: renovate[bot]

.github/actions/zarf/action.yaml

@@ -7,4 +7,4 @@ runs:
     - uses: defenseunicorns/setup-zarf@main
       with:
         # renovate: datasource=github-tags depName=defenseunicorns/zarf
-        version: v0.33.2
+        version: v0.34.0

.github/workflows/dependency-review.yaml

@@ -12,4 +12,4 @@ jobs:
         uses: actions/checkout@a5ac7e51b41094c92402da3b24376905380afc29 # v4.1.6
 
       - name: Dependency Review
-        uses: actions/dependency-review-action@0c155c5e8556a497adf53f2c18edabf945ed8e70 # v4.3.2
+        uses: actions/dependency-review-action@72eb03d02c7872a771aacd928f3123ac62ad6d3a # v4.3.3

.github/workflows/release.yaml

@@ -104,7 +104,7 @@ jobs:
 
       - name: Get Brew tap repo token
         id: brew-tap-token
-        uses: actions/create-github-app-token@a0de6af83968303c8c955486bf9739a57d23c7f1 # v1.10.0
+        uses: actions/create-github-app-token@c8f55efbd427e7465d6da1106e7979bc8aaee856 # v1.10.1
         with:
           app-id: ${{ secrets.HOMEBREW_TAP_WORKFLOW_GITHUB_APP_ID }}
           private-key: ${{ secrets.HOMEBREW_TAP_WORKFLOW_GITHUB_APP_SECRET }}

.github/workflows/scan-codeql.yaml

@@ -45,7 +45,7 @@ jobs:
         run: make build-cli-linux-amd
 
       - name: Initialize CodeQL
-        uses: github/codeql-action/init@9fdb3e49720b44c48891d036bb502feb25684276 # v3.25.6
+        uses: github/codeql-action/init@2e230e8fe0ad3a14a340ad0815ddb96d599d2aff # v3.25.8
         env:
           CODEQL_EXTRACTOR_GO_BUILD_TRACING: on
         with:
@@ -54,6 +54,6 @@ jobs:
 
 
       - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@9fdb3e49720b44c48891d036bb502feb25684276 # v3.25.6
+        uses: github/codeql-action/analyze@2e230e8fe0ad3a14a340ad0815ddb96d599d2aff # v3.25.8
         with:
           category: "/language:${{matrix.language}}"

.github/workflows/scorecard.yaml

@@ -45,6 +45,6 @@ jobs:
 
       # Upload the results to GitHub's code scanning dashboard.
       - name: "Upload to code-scanning"
-        uses: github/codeql-action/upload-sarif@9fdb3e49720b44c48891d036bb502feb25684276 # v3.25.6
+        uses: github/codeql-action/upload-sarif@2e230e8fe0ad3a14a340ad0815ddb96d599d2aff # v3.25.8
         with:
           sarif_file: results.sarif