build(deps): bump the dependencies group with 4 updates

[dependabot]

Bumps the dependencies group with 4 updates: CodSpeedHQ/action, taiki-e/install-action, pnpm/action-setup and actions/setup-node.

Updates CodSpeedHQ/action from 4.13.1 to 4.14.0

Release notes

Sourced from CodSpeedHQ/action's releases.

v4.14.0

Release Notes

We now collect buildtime and runtime environment data to warn users about differences in their runtime environment when comparing two runs against one another.

This data includes toolchain metadata like version and build options, as well as a list of dynamically loaded linked libraries.

Minimum integration versions

To support the runtime metadata collection, make sure to use at least the following versions:

• pytest-codspeed v4.4.0
• codspeed-rust v4.5.0
• codspeed-cpp v2.2.0
• codspeed-go v1.1.0
• codspeed-node v5.3.0

🚀 Features

• Stop panicking when parsing invalid perf file by @​GuillaumeLagrange in #298
• Make the basic run only 5 rounds to make logs not crash the github page by @​GuillaumeLagrange
• Represent the host OS as a SupportedOs enum with per-executor support gates by @​GuillaumeLagrange
• Bypass systemd-run usage on macos by @​GuillaumeLagrange
• Add aarch64-apple-darwin to the release targets by @​GuillaumeLagrange
• Collect cpu flags in system info by @​GuillaumeLagrange in #281

🐛 Bug Fixes

• Fix instropected_go's behavior on macos by @​GuillaumeLagrange
• Update rust crate git2 to 0.20.4 (#284) by @​xtqqczze in #284

⚙️ Internals

• chore: bump runner version to 4.14.0 by @​github-actions[bot] in CodSpeedHQ/action#203
• Move the config schema check from pre-commit to ci-only check by @​GuillaumeLagrange in #287
• Skip tests that rely on linux behavior by @​GuillaumeLagrange
• Bump instrument-hooks submodule to include stubs improvement by @​GuillaumeLagrange
• Rerun exec harness build if instrument hooks sources change by @​GuillaumeLagrange
• Make update-bindings.sh PWD agnostic by @​GuillaumeLagrange

Install codspeed-runner 4.14.0

Install prebuilt binaries via shell script

curl --proto '=https' --tlsv1.2 -LsSf https://github.com/CodSpeedHQ/codspeed/releases/download/v4.14.0/codspeed-runner-installer.sh | sh

Download codspeed-runner 4.14.0

File	Platform	Checksum
codspeed-runner-aarch64-apple-darwin.tar.gz	Apple Silicon macOS	checksum
codspeed-runner-aarch64-unknown-linux-musl.tar.gz	ARM64 MUSL Linux	checksum

... (truncated)

Commits

• 658a901 Release v4.14.0 🚀
• 1d42668 chore: bump runner version to 4.14.0
• See full diff in compare view

Updates taiki-e/install-action from 2.75.17 to 2.75.18

Release notes

Sourced from taiki-e/install-action's releases.

2.75.18

• Update vacuum@latest to 0.26.1.

• Update wasm-tools@latest to 1.247.0.

• Update mise@latest to 2026.4.16.

• Update espup@latest to 0.17.1.

• Update trivy@latest to 0.70.0.

Changelog

Sourced from taiki-e/install-action's changelog.

Changelog

All notable changes to this project will be documented in this file.

This project adheres to Semantic Versioning.

[Unreleased]

• Update tombi@latest to 0.9.19.

• Update mise@latest to 2026.4.18.

• Update rclone@latest to 1.73.5.

• Update mise@latest to 2026.4.17.

[2.75.18] - 2026-04-19

• Update vacuum@latest to 0.26.1.

• Update wasm-tools@latest to 1.247.0.

• Update mise@latest to 2026.4.16.

• Update espup@latest to 0.17.1.

• Update trivy@latest to 0.70.0.

[2.75.17] - 2026-04-17

• Update tombi@latest to 0.9.18.

• Update mise@latest to 2026.4.15.

[2.75.16] - 2026-04-17

• Update uv@latest to 0.11.7.

• Update mise@latest to 2026.4.14.

• Update vacuum@latest to 0.25.9.

• Update cargo-machete@latest to 0.9.2.

• Update cargo-deny@latest to 0.19.4.

... (truncated)

Commits

• 055f5df Release 2.75.18
• eabf603 Add note about unset
• 4637b48 Early handle inputs
• 7a6306e Update vacuum@latest to 0.26.1
• cb13f5e Update mise manifest
• 18cc1a4 Update wasm-tools@latest to 1.247.0
• c7b0507 Update mise@latest to 2026.4.16
• 0ef4e76 Update espup@latest to 0.17.1
• 56ec35f Update trivy@latest to 0.70.0
• 6874db1 Update vacuum manifest
• Additional commits viewable in compare view

Updates pnpm/action-setup from 6.0.0 to 6.0.1

Release notes

Sourced from pnpm/action-setup's releases.

v6.0.1

Update pnpm to v11.0.0-rc.2. pnpm-lock.yaml will not be saved with two documents unless the packageManager is set via devEngines.packageManager. Related issue: pnpm/action-setup#228

Commits

• 078e9d4 fix: update pnpm to 11.0.0-rc.2
• See full diff in compare view

Updates actions/setup-node from 6.3.0 to 6.4.0

Release notes

Sourced from actions/setup-node's releases.

v6.4.0

What's Changed

Dependency updates:

• Upgrade @​actions dependencies by @​Copilot in actions/setup-node#1525
• Update Node.js versions in versions.yml and bump package to v6.4.0 by @​priya-kinthali in actions/setup-node#1533

New Contributors

• @​Copilot made their first contribution in actions/setup-node#1525

Full Changelog: actions/setup-node@v6...v6.4.0

Commits

• 48b55a0 Update Node.js versions in versions.yml and bump package to v6.4.0 (#1533)
• ab72c7e Upgrade @​actions dependencies (#1525)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions