chore(ci)(deps): bump cachix/install-nix-action from 23 to 31

[dependabot]

Bumps cachix/install-nix-action from 23 to 31.

Release notes

Sourced from cachix/install-nix-action's releases.

v31

Starting with v31, this action will use semantic versioning for releases. Major tags, like v31, will be bumped to point to the latest minor/patch release. This is in line with how most GitHub actions manage releases.

What's Changed

• nix: 2.26.3 -> 2.28.2 by @​Mic92 in cachix/install-nix-action#232

• nix: 2.24.9 -> 2.25.2 by @​Mic92 in cachix/install-nix-action#218

• ci: fix latest installer tests by @​sandydoo in cachix/install-nix-action#220

• ci: add ubuntu-24.04-arm to matrix by @​msgilligan in cachix/install-nix-action#221

• nix: 2.25.2 -> 2.26.2 by @​Mic92 in cachix/install-nix-action#226

• nix: 2.26.2 -> 2.26.3 by @​sandydoo in cachix/install-nix-action#228

• feat: Pin actions to hashes by @​l0b0 in cachix/install-nix-action#201

• chore(deps): bump actions/checkout from 4.1.1 to 4.2.2 by @​dependabot in cachix/install-nix-action#234

• docs: document how to provide AWS credentials to the nix-daemon by @​sandydoo in cachix/install-nix-action#235

• nix: 2.28.2 -> 2.28.3 by @​Mic92 in cachix/install-nix-action#236

• nix: 2.28.3 -> 2.29.0 by @​Mic92 in cachix/install-nix-action#239 Release notes: https://nix.dev/manual/nix/latest/release-notes/rl-2.29

• Automate nix updates in CI by @​Mic92 in cachix/install-nix-action#241

• nix: 2.29.0 -> 2.29.1 by @​github-actions in cachix/install-nix-action#243 [SECURITY] https://discourse.nixos.org/t/security-advisory-privilege-escalations-in-nix-lix-and-guix/66017

• nix: 2.29.1 -> 2.30.0 by @​github-actions in cachix/install-nix-action#244 Release notes: https://nix.dev/manual/nix/2.30/release-notes/rl-2.30.html

• nix: 2.30.0 -> 2.30.1 by @​xokdvium in cachix/install-nix-action#245 [SECURITY] Builds with Nix 2.30.0 on macOS were executed with elevated privileges (root), instead of the build users. GHSA-qc7j-jgf3-qmhg

• docs: add example for nix develop by @​jennydaman in cachix/install-nix-action#248

• nix: 2.30.2 -> 2.31.0 by @​github-actions[bot] in cachix/install-nix-action#250 Release notes: https://discourse.nixos.org/t/nix-2-31-0-released/68465

• nix: 2.31.0 -> 2.31.1 by @​github-actions[bot] in cachix/install-nix-action#253

• nix: 2.31.1 -> 2.31.2 by @​github-actions[bot] in cachix/install-nix-action#256

• feat: set up the environment based on the installer shell scripts by @​sandydoo in cachix/install-nix-action#251

  Configures the following environment variables:

  • NIX_PROFILES
  • NIX_SSL_CERT_FILE (if not set)

  Adds the bin directory from the user's profile to $PATH.

Full Changelog: cachix/install-nix-action@v30...v31

v30

• Nix: 2.24.7 -> 2.24.9, fixing GHSA-6fjr-mq49-mm2c

v29

Bumps Nix to 2.24.7

v28

Nix 2.24.6 - GHSA-h4vv-h3jq-v493

v27

... (truncated)

Changelog

Sourced from cachix/install-nix-action's changelog.

Release

As of v31, releases of this action follow Semantic Versioning.

Publishing a new release

Publish the release

Draft a new release on GitHub:

• In Choose a tag, create a new tag, like v31.2.1, following semver.
• Click Generate release notes.
• Set as the latest release should be selected automatically.
• Publish release

Update the major tag

The major tag, like v31, allows downstream users to opt-in to automatic non-breaking updates.

This process follows GitHub's own guidelines: https://github.com/actions/toolkit/blob/main/docs/action-versioning.md

Fetch the latest tags

git pull --tags --force

Move the tag

git tag -fa v31

git push origin v31 --force

Update the release notes for the major tag

Find the release on GitHub: https://github.com/cachix/install-nix-action/releases

Edit the release and click Generate release notes. Edit the formatting and publish.

Commits

• 9280e7a fix: use -e to check for certs
• effa594 fix: simplify setting the user profile
• eb0f6c7 ci: document where to find available images to test against
• 6676c23 ci: add ubuntu-22.04-arm
• cbf4b16 Merge pull request #251 from cachix/fix-env
• 29a4dac tests: refactor tests to run under a single matrix
• 7449e89 tests: improve env tests and move to tests dir
• d487f94 lint
• 581a134 refactor: document ssl-cert-file vs NIX_SSL_CERT_FILE
• d914f6d refactor: drop ssl handling for unsupported platforms
• Additional commits viewable in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.