Bump jdx/mise-action from 2 to 4.1.0

[dependabot]

Bumps jdx/mise-action from 2 to 4.1.0.

Release notes

Sourced from jdx/mise-action's releases.

v4.1.0: automatic --locked installs

This release adds automatic locked installs when a mise.lock is present, and fixes a long-standing cache-key collision that could poison tool installs when workflows migrate between runner providers.

Added

Automatic --locked install when mise.lock exists (#495) by @​zeitlinger

When a repo contains mise.lock, the action now automatically passes --locked to mise install (on mise versions that support it). This removes the need to manually set install_args: --locked and prevents mise install from silently mutating the lockfile in CI. Explicit install_args and older mise versions are still respected.

Note: workflows with a stale lockfile may now fail earlier and more explicitly instead of silently updating mise.lock mid-run — this surfaces lockfile drift rather than hiding it.

Fixed

• Cache key collisions across runner providers (#456) — the default cache key now includes the runner image (e.g. macos15, ubuntu24 for GitHub-hosted runners; self-hosted otherwise). Previously, repos migrating between providers like github-hosted, namespace.so, BuildJet, and self-hosted runners with the same OS/arch could restore a peer provider's ~/.local/share/mise/installs/*, causing failures like does not have an executable named '…' or SIGILL crashes from binaries built against a different glibc/CPU featureset. Expect a one-time cache miss after upgrading; thereafter the cache stays scoped per image.
• mise-shim.exe missing on Windows (#476) by @​risu729 — the action now installs mise-shim.exe alongside mise.exe and repairs restored caches that lack the shim. Fixes #475.

Changed

• Migrated the bundled action build from ncc (CommonJS) to Rollup (ESM) (#436). No user-facing behavior change.

Full Changelog: jdx/mise-action@v4.0.1...v4.1.0

v4.0.1: Documentation and Internal Cleanup

A small maintenance release that updates the README documentation to reflect v4 and cleans up internal code. There are no functional changes to the action itself.

Changed

• Updated all README examples to reference jdx/mise-action@v4, actions/checkout@v6, and current tool versions by @​deining in #407 and #408
• Extracted getCwd() helper to deduplicate working directory resolution logic (internal refactor, no behavior change) by @​altendky in #403

New Contributors

• @​deining made their first contribution in #407

Full Changelog: jdx/mise-action@v4.0.0...v4.0.1

v3.6.3

What's Changed

• fix: pass cwd to all exec calls in exportMiseEnv() by @​andrewthauer in jdx/mise-action#390
• chore: release v3.6.3 by @​mise-en-dev in jdx/mise-action#391

New Contributors

• @​andrewthauer made their first contribution in jdx/mise-action#390

Full Changelog: jdx/mise-action@v3.6.2...v3.6.3

v3.6.2

What's Changed

• chore(deps): update dependency prettier to v3.8.1 by @​renovate[bot] in jdx/mise-action#368
• chore(deps): update dependency @​types/node to v24.10.9 by @​renovate[bot] in jdx/mise-action#367
• chore(deps): update github/codeql-action digest to 439137e by @​renovate[bot] in jdx/mise-action#370
• chore(deps): lock file maintenance by @​renovate[bot] in jdx/mise-action#372

... (truncated)

Changelog

Sourced from jdx/mise-action's changelog.

4.2.0 - 2026-06-17

🚀 Features

• support bootstrap mode (#522) by @​jdx in #522

🐛 Bug Fixes

• fall back to wget when curl is unavailable (#521) by @​risu729 in #521

📚 Documentation

• link rust cache issue (#496) by @​risu729 in #496

⚙️ Miscellaneous Tasks

• (ci) fix zizmor version comments (#506) by @​jdx in #506
• (ci) use pr-closer action (#505) by @​jdx in #505

---

4.1.0 - 2026-06-04

🚀 Features

• add wings_enabled input (mise-wings cache integration) (#454) by @​jdx in #454
• lock install when mise.lock is present (#495) by @​zeitlinger in #495

🐛 Bug Fixes

• (ci) add gh auth setup-git to release-plz.sh (#473) by @​jdx in #473
• (ci) pin codeql-action with exact version comment (#481) by @​jdx in #481
• (ci) resolve zizmor findings (#503) by @​jdx in #503
• include runner image in cache key to prevent cross-provider collisions (#456) by @​jdx in #456
• install mise-shim.exe on Windows (#476) by @​risu729 in #476

⚙️ Miscellaneous Tasks

• (ci) use !cancelled() instead of always() for final job (#460) by @​jdx in #460
• (ci) remove autofix.ci workflow (#470) by @​jdx in #470
• (ci) add zizmor workflow for github actions security analysis (#471) by @​jdx in #471
• (ci) close failing or conflicted PRs sooner (#480) by @​jdx in #480
• add communique to enhance release notes (#411) by @​jdx in #411
• migrate from ncc (CJS) to rollup (ESM) (#436) by @​jdx in #436
• add final job to aggregate build-test results (#438) by @​jdx in #438
• migrate package manager from npm/pnpm/bun to aube (#455) by @​jdx in #455
• remove pull_request_target workflow (#469) by @​jdx in #469
• update aube tool version (#501) by @​jdx in #501

---

4.0.1 - 2026-03-22

... (truncated)

Commits

• dba1968 chore: release v4.1.0 (#490)
• f91a09d fix(ci): resolve zizmor findings (#503)
• a9d72a2 chore(deps): update github/codeql-action action to v4.36.0 (#500)
• 1f56d95 chore(deps): update dependency @​actions/cache to v6.0.1 (#497)
• e47eed9 chore: update aube tool version (#501)
• 69c24ed chore(deps): update dependency aube to v1.15.0 (#498)
• 76f8407 chore(deps): update zizmorcore/zizmor-action action to v0.5.4 (#488)
• 4a84c91 chore(deps): update dependency eslint to v10.4.0 (#492)
• 4d5418b chore(deps): update dependency @​types/node to v24.12.4 (#485)
• e676099 chore(deps): update dependency typescript-eslint to v8.59.3 (#487)
• Additional commits viewable in compare view