Merge pull request #138 from parca-dev/update4

update4

Author: gnurizen

.github/renovate.json5

@@ -4,6 +4,9 @@
     "config:best-practices",
     "helpers:pinGitHubActionDigestsToSemver"
   ],
+  "postUpdateOptions" : [
+    "gomodTidy"
+  ],
   "packageRules": [
     {
       "groupName": "Go dependencies",

.github/workflows/auto-tag.yml

@@ -15,7 +15,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout repository
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
 
       - name: Configure Git
         run: |

.github/workflows/codeql.yml

@@ -22,13 +22,13 @@ jobs:
         target_arch: [amd64, arm64]
     steps:
       - name: Checkout repository
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
 
       - name: Set up environment
         uses: ./.github/workflows/env
 
       - name: Initialize CodeQL
-        uses: github/codeql-action/init@51f77329afa6477de8c49fc9c7046c15b9a4e79d # v3.29.5
+        uses: github/codeql-action/init@96f518a34f7a870018057716cc4d7a5c014bd61c # v3.29.10
         with:
           languages: go
 
@@ -37,7 +37,7 @@ jobs:
           make TARGET_ARCH=${{ matrix.target_arch }}
 
       - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@51f77329afa6477de8c49fc9c7046c15b9a4e79d # v3.29.5
+        uses: github/codeql-action/analyze@96f518a34f7a870018057716cc4d7a5c014bd61c # v3.29.10
         with:
             category: "/language:Go"
         timeout-minutes: 10

.github/workflows/codespell.yml

@@ -13,6 +13,6 @@ jobs:
       - name: Install codespell
         run: sudo apt-get install codespell
       - name: Checkout Repo
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
       - name: Codespell
         run: make codespell

.github/workflows/collector-tests.yml

@@ -18,7 +18,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout Repo
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
       - name: Set up environment
         uses: ./.github/workflows/env
         with:

.github/workflows/fossa.yml

@@ -13,7 +13,7 @@ jobs:
     runs-on: ubuntu-latest
     if: github.repository == 'open-telemetry/opentelemetry-ebpf-profiler'
     steps:
-      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
 
       - uses: fossas/fossa-action@3ebcea1862c6ffbd5cf1b4d0bd6b3fe7bd6f2cac # v1.7.0
         with:

.github/workflows/ossf-scorecard.yml

@@ -19,7 +19,7 @@ jobs:
       # Needed for GitHub OIDC token if publish_results is true
       id-token: write
     steps:
-      - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
         with:
           persist-credentials: false
 
@@ -42,6 +42,6 @@ jobs:
       # Upload the results to GitHub's code scanning dashboard (optional).
       # Commenting out will disable upload of results to your repo's Code Scanning dashboard
       - name: "Upload to code-scanning"
-        uses: github/codeql-action/upload-sarif@51f77329afa6477de8c49fc9c7046c15b9a4e79d # v3.29.5
+        uses: github/codeql-action/upload-sarif@96f518a34f7a870018057716cc4d7a5c014bd61c # v3.29.10
         with:
           sarif_file: results.sarif

.github/workflows/push-docker-image.yml

@@ -15,9 +15,9 @@ jobs:
     if: github.repository == 'open-telemetry/opentelemetry-ebpf-profiler'
     steps:
       - name: Checkout code
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
       - name: Login to Docker Hub
-        uses: docker/login-action@74a5d142397b4f367a81961eba4e8cd7edddf772 # v3.4.0
+        uses: docker/login-action@184bdaa0721073962dff0199f1fb9940f07167d1 # v3.5.0
         with:
           username: ${{ secrets.DOCKER_USERNAME }}
           password: ${{ secrets.DOCKER_PASSWORD }}

.github/workflows/unit-test-on-pull-request.yml

@@ -15,7 +15,7 @@ jobs:
     runs-on: ubuntu-24.04
     steps:
       - name: Clone code
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
       - name: Set up environment
         uses: ./.github/workflows/env
       - name: Check for changes in licenses of dependencies
@@ -34,7 +34,7 @@ jobs:
         target_arch: [amd64, arm64]
     steps:
       - name: Clone code
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
       - name: Set up environment
         uses: ./.github/workflows/env
       - name: Get linter version
@@ -57,7 +57,7 @@ jobs:
         target_arch: [amd64, arm64]
     steps:
       - name: Clone code
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
       - name: Set up environment
         uses: ./.github/workflows/env
         with:
@@ -81,7 +81,7 @@ jobs:
         target_arch: [amd64, arm64]
     steps:
       - name: Clone code
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
       - name: Set up environment
         uses: ./.github/workflows/env
       - name: Tests
@@ -96,7 +96,7 @@ jobs:
         shell: bash --login {0}
     steps:
       - name: Clone code
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
       - name: Hash binary blobs
         run: |
           sha256sum support/ebpf/tracer.ebpf.* > binary-blobs.hash
@@ -126,7 +126,7 @@ jobs:
         target_arch: [amd64, arm64]
     steps:
       - name: Clone code
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
       - name: Set up environment
         uses: ./.github/workflows/env
       - name: Prepare integration test binaries for qemu tests
@@ -137,6 +137,28 @@ jobs:
           name: integration-test-binaries-${{ matrix.target_arch }}
           path: support/*.test
 
+  coredump-test-macos:
+    name: Coredump tests (macOS)
+    runs-on: macos-latest
+    steps:
+      - name: Clone code
+        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
+      - name: Set up Go
+        uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0
+        with:
+          go-version-file: go.mod
+          cache-dependency-path: go.sum
+      - name: Cache coredump modules
+        uses: actions/cache@5a3ec84eff668545956fd18022155c47e93e2684 # v4.2.3
+        with:
+          path: tools/coredump/modulecache
+          key: coredumps-arm64-${{ hashFiles('tools/coredump/testdata/*/*.json') }}
+          restore-keys: |
+            coredumps-arm64
+            coredumps-
+      - name: Run coredump tests
+        run: GODEBUG=asyncpreemptoff=1 go test -v ./tools/coredump/
+
   integration-tests:
     name: Integration tests (v${{ matrix.kernel }} ${{ matrix.target_arch }})
     runs-on: ubuntu-24.04
@@ -165,7 +187,7 @@ jobs:
           - { target_arch: arm64, kernel: 6.12.16 }
     steps:
       - name: Clone code
-        uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2
+        uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
       - name: Install dependencies
         run: |
           sudo apt-get update -y
@@ -177,7 +199,7 @@ jobs:
           go install github.com/florianl/[email protected]
           sudo mv ~/go/bin/bluebox /usr/local/bin/.
       - name: Fetch integration test binaries
-        uses: actions/download-artifact@d3f86a106a0bac45b974a628896c90dbdf5c8093 # v4.3.0
+        uses: actions/download-artifact@634f93cb2916e3fdff6788551b99b062d0335ce0 # v5.0.0
         with: { name: "integration-test-binaries-${{ matrix.target_arch }}" }
       - name: Fetch precompiled kernel
         run: |