fix(deps): update dependency @actions/tool-cache to v4

[renovate]

@chris-martin I know #172 exists that will make this obsolete, but I was sick of seeing this as needing a review. I'm happy to close this instead if you think that PR obviates this one.

This PR contains the following updates:

Package	Change	Age	Confidence
@actions/tool-cache (source)	^3.0.1 → ^4.0.0

---

Release Notes

actions/toolkit (@​actions/tool-cache)

v4.0.0

• Breaking change: Package is now ESM-only
  • CommonJS consumers must use dynamic import() instead of require()

3.0.1

• Bump @actions/http-client to 3.0.2

3.0.0

• Update to v2.0.1 of @actions/core
• Update to v2.0.0 of @actions/exec
• Update to v3.0.1 of @actions/http-client
• Update to v2.0.0 of @actions/io

2.0.2

• Update @actions/core to v1.11.1 #​1872
• Remove dependency on uuid package #​1824, #​1842

2.0.1

• Update to v2.0.1 of @actions/http-client #​1087

2.0.0

• Update to v2.0.0 of @actions/http-client
• The type of the headers parameter in the exported function downloadTool has been narrowed from { [header: string]: any } to { [header: string]: number | string | string[] | undefined; } (that is, http.OutgoingHttpHeaders).
  This is strictly a compile-time change for TypeScript consumers. Previous attempts to use a header value of a type other than those now accepted would have resulted in an error at run time.

1.7.2

• Update lockfileVersion to v2 in package-lock.json #​1025

1.7.1

• Fallback to os-releases file to get linux version
• Update to latest @​actions/io verison

1.7.0

• Allow arbirtary headers when downloading tools to the tc
• Export isExplicitVersion and evaluateVersions functions
• Force overwrite on default when extracted compressed files

1.6.1

• Update @​actions/core version

1.6.0

• Add extractXar function to extract XAR files

1.3.5

• Check if tool path exists before executing
• Make extract functions quiet by default

1.3.4

• Update the http-client to 1.0.8 which had a security fix

Here is the security issue that was fixed in the http-client 1.0.8 release

1.3.3

• Update downloadTool to only retry 500s and 408 and 429

1.3.2

• Update downloadTool with better error handling and retries

1.3.1

• Increase http-client min version

1.3.0

• Uses @​actions/http-client

1.2.0

• Overload downloadTool to accept destination path
• Fix extractTar on Windows
• Add "types" to package.json

1.1.2

• Use zip and unzip from PATH
• Support custom flags for extractTar

1.0.0

• Initial release

---

Configuration

📅 Schedule: Branch creation - Between 12:00 AM and 03:59 AM ( * 0-3 * * * ) in timezone America/New_York, Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[renovate]

Edited/Blocked Notification

Renovate will not automatically rebase this PR, because it does not recognize the last commit author and assumes somebody else may have edited the PR.

You can manually request rebase by checking the rebase/retry box above.

⚠️ Warning: custom changes will be lost.