chore(deps): bump actions/checkout from 2 to 3

[dependabot]

Bumps actions/checkout from 2 to 3.

Release notes

Sourced from actions/checkout's releases.

v3.0.0

• Updated to the node16 runtime by default
  • This requires a minimum Actions Runner version of v2.285.0 to run, which is by default available in GHES 3.4 or later.

v2.4.2

What's Changed

• Add set-safe-directory input to allow customers to take control. (#770) by @​TingluoHuang in actions/checkout#776
• Prepare changelog for v2.4.2. by @​TingluoHuang in actions/checkout#778

Full Changelog: actions/checkout@v2...v2.4.2

v2.4.1

• Fixed an issue where checkout failed to run in container jobs due to the new git setting safe.directory

v2.4.0

• Convert SSH URLs like org-<ORG_ID>@github.com: to https://github.com/ - pr

v2.3.5

Update dependencies

v2.3.4

• Add missing awaits
• Swap to Environment Files

v2.3.3

• Remove Unneeded commit information from build logs
• Add Licensed to verify third party dependencies

v2.3.2

Add Third Party License Information to Dist Files

v2.3.1

Fix default branch resolution for .wiki and when using SSH

v2.3.0

Fallback to the default branch

v2.2.0

Fetch all history for all tags and branches when fetch-depth=0

v2.1.1

Changes to support GHES (here and here)

v2.1.0

• Group output
• Changes to support GHES alpha release
• Persist core.sshCommand for submodules
• Add support ssh
• Convert submodule SSH URL to HTTPS, when not using SSH

... (truncated)

Changelog

Sourced from actions/checkout's changelog.

Changelog

v3.0.2

• Add input set-safe-directory

v3.0.1

• Fixed an issue where checkout failed to run in container jobs due to the new git setting safe.directory
• Bumped various npm package versions

v3.0.0

• Update to node 16

v2.3.1

• Fix default branch resolution for .wiki and when using SSH

v2.3.0

• Fallback to the default branch

v2.2.0

• Fetch all history for all tags and branches when fetch-depth=0

v2.1.1

• Changes to support GHES (here and here)

v2.1.0

• Group output
• Changes to support GHES alpha release
• Persist core.sshCommand for submodules
• Add support ssh
• Convert submodule SSH URL to HTTPS, when not using SSH
• Add submodule support
• Follow proxy settings
• Fix ref for pr closed event when a pr is merged
• Fix issue checking detached when git less than 2.22

v2.0.0

• Do not pass cred on command line
• Add input persist-credentials
• Fallback to REST API to download repo

Commits

• 2541b12 Prepare changelog for v3.0.2. (#777)
• 0ffe6f9 Add set-safe-directory input to allow customers to take control. (#770)
• dcd71f6 Enforce safe directory (#762)
• add3486 Patch to fix the dependbot alert. (#744)
• 5126516 Bump minimist from 1.2.5 to 1.2.6 (#741)
• d50f8ea Add v3.0 release information to changelog (#740)
• 2d1c119 update test workflows to checkout v3 (#709)
• a12a394 update readme for v3 (#708)
• 8f9e05e Update to node 16 (#689)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[codecov-commenter]

Codecov Report

Merging #1729 (8da0b0f) into main (82ce324) will decrease coverage by 0.15%.
The diff coverage is n/a.

@@            Coverage Diff             @@
##             main    #1729      +/-   ##
==========================================
- Coverage   80.20%   80.05%   -0.16%     
==========================================
  Files         300      300              
  Lines        6427     6427              
  Branches     1050     1050              
==========================================
- Hits         5155     5145      -10     
- Misses       1054     1063       +9     
- Partials      218      219       +1     

Flag	Coverage Δ
longtests	80.05% <ø> (-0.16%)	⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

Impacted Files	Coverage Δ
cve_bin_tool/nvd_api.py	75.20% <0.00%> (-8.80%)	⬇️
cve_bin_tool/cli.py	69.29% <0.00%> (+0.39%)	⬆️

📣 Codecov can now indicate which changes are the most critical in Pull Requests. Learn more

[terriko]

Lots of timeouts in CI. Going to re-run those to see if it was a transient issue.

[terriko]

CI failures still happening, trying to re-run failed tests again today.

[terriko]

Running failed tests again.

[terriko]

Finally passed everything but the known issue with the scan test.