Bump gh CLI version to 2.67.0

[jenkins-infra-updatecli]

Bump `gh` CLI version

Update the value of ARG GH_VERSION in the Dockerfile

changed lines [39] of file "/tmp/updatecli/github/jenkins-infra/docker-builder/Dockerfile"

2.67.0

Release published on the 2025-02-11 19:54:35 +0000 UTC at the url https://github.com/cli/cli/releases/tag/v2.67.0

## Security

A bug in `gh attestation verify` may return an incorrect zero exit status when no matching attestations are found for the specified `--predicate-type <value>` or the default `https://slsa.dev/provenance/v1` if not specified. This issue only arises if an artifact has an attestation with a predicate type different from the one provided in the command. As a result, users relying solely on these exit codes may mistakenly believe the attestation has been verified, despite the absence of an attestation with the specified predicate type and the tool printing a verification failure.

Users are advised to update gh to version `v2.67.0` as soon as possible.

For more information, see https://github.com/cli/cli/security/advisories/GHSA-fgw4-v983-mgp8

## `gh pr checkout` now supports interactively selecting a pull request

Similar to commands like `gh workflow run` which prompts for a workflow to run, now `gh pr checkout` will prompt for a pull request to checkout. The list is currently limited to the most recent 10 pull requests in the repository.

https://github.com/user-attachments/assets/0b2e3761-7318-4573-8a23-ae6f1a44b018

Big thank you to @nilvng for implementing this 🙌 

## Contributing guidelines updated

We've updated our [`CONTRIBUTING.md`](https://github.com/cli/cli/blob/trunk/.github/CONTRIBUTING.md) guidelines to give more clarity around old `help wanted` issues.

_TLDR_:

- Please directly mention `@cli/code-reviewers` when an issue you want to work on does not have clear Acceptance Criteria
- Please only open pull requests for issues with _both_  the help wanted label and clear Acceptance Criteria
- Please avoid expanding pull request scope to include changes that are not described in the connected issue's Acceptance Criteria

Note: Acceptance Criteria is posted as an issue comment by a core maintainer. 

See https://github.com/cli/cli/pull/10381 and https://github.com/cli/cli/pull/10395 for more information.


❓ Have feedback on anything? We'd love to hear from you in a discussion post ❤️ 

## What's Changed

### ✨ Features
* feat: let user select pr to checkout by @nilvng in https://github.com/cli/cli/pull/9868
* feat: Add support for deleting autolink references by @hoffm in https://github.com/cli/cli/pull/10362
* [gh extensions install] Improve help text and error message by @iamazeem in https://github.com/cli/cli/pull/10333
* Error when `gh repo rename` is used with a new repo name that contains an owner by @timrogers in https://github.com/cli/cli/pull/10364
* Attestation bundle fetch improvements by @malancas in https://github.com/cli/cli/pull/10233
* [gh project item-list] Add `iterationId` field in ProjectV2ItemFieldIterationValue by @iamazeem in https://github.com/cli/cli/pull/10329

### 🐛 Fixes
* [gh api] Fix mutual exclusion messages of `--slurp` flag by @iamazeem in https://github.com/cli/cli/pull/10332
* Exit with error if no matching predicate type exists by @kommendorkapten in https://github.com/cli/cli/pull/10421
* Do not try to parse bodies for HEAD requests by @jsoref in https://github.com/cli/cli/pull/10388
* [gh project item-edit] Fix number type by @iamazeem in https://github.com/cli/cli/pull/10374
* [gh workflow run] Improve error handling for `--ref` flag by @iamazeem in https://github.com/cli/cli/pull/10328
* [gh config] Escape pipe symbol in Long desc for website manual by @iamazeem in https://github.com/cli/cli/pull/10371

### 📚 Docs & Chores
* Fix logic error in contributing docs by @BagToad in https://github.com/cli/cli/pull/10395
* Docs: Clarify guidelines for `help wanted` issues and pull requests by @BagToad in https://github.com/cli/cli/pull/10381
* [gh pr status] Mention `gh pr checks` in the `Long` section by @iamazeem in https://github.com/cli/cli/pull/10389
* [docs/releasing.md] Add basic info for homebrew update flow by @iamazeem in https://github.com/cli/cli/pull/10344
* [gh issue/pr list] Improve help text by @iamazeem in https://github.com/cli/cli/pull/10335
* Remove v1 project 'add to board' automation from prauto workflow by @hoffm in https://github.com/cli/cli/pull/10331
* Note: the following pair of PRs was reverted and never made into a release
  * [gh repo edit] Allow setting commit message defaults by @iamazeem in https://github.com/cli/cli/pull/10363
  * Revert "[gh repo edit] Allow setting commit message defaults" by @BagToad in https://github.com/cli/cli/pull/10372

### :dependabot: Dependencies
* Bump google.golang.org/protobuf from 1.36.4 to 1.36.5 by @dependabot in https://github.com/cli/cli/pull/10379


**Full Changelog**: https://github.com/cli/cli/compare/v2.66.1...v2.67.0

Update the label io.jenkins-infra.tools.gh.version in the test harness

change detected: * key "$.metadataTest.labels[1].value" updated from "2.66.1" to "2.67.0", in file "cst.yml"

2.67.0

Release published on the 2025-02-11 19:54:35 +0000 UTC at the url https://github.com/cli/cli/releases/tag/v2.67.0

## Security

A bug in `gh attestation verify` may return an incorrect zero exit status when no matching attestations are found for the specified `--predicate-type <value>` or the default `https://slsa.dev/provenance/v1` if not specified. This issue only arises if an artifact has an attestation with a predicate type different from the one provided in the command. As a result, users relying solely on these exit codes may mistakenly believe the attestation has been verified, despite the absence of an attestation with the specified predicate type and the tool printing a verification failure.

Users are advised to update gh to version `v2.67.0` as soon as possible.

For more information, see https://github.com/cli/cli/security/advisories/GHSA-fgw4-v983-mgp8

## `gh pr checkout` now supports interactively selecting a pull request

Similar to commands like `gh workflow run` which prompts for a workflow to run, now `gh pr checkout` will prompt for a pull request to checkout. The list is currently limited to the most recent 10 pull requests in the repository.

https://github.com/user-attachments/assets/0b2e3761-7318-4573-8a23-ae6f1a44b018

Big thank you to @nilvng for implementing this 🙌 

## Contributing guidelines updated

We've updated our [`CONTRIBUTING.md`](https://github.com/cli/cli/blob/trunk/.github/CONTRIBUTING.md) guidelines to give more clarity around old `help wanted` issues.

_TLDR_:

- Please directly mention `@cli/code-reviewers` when an issue you want to work on does not have clear Acceptance Criteria
- Please only open pull requests for issues with _both_  the help wanted label and clear Acceptance Criteria
- Please avoid expanding pull request scope to include changes that are not described in the connected issue's Acceptance Criteria

Note: Acceptance Criteria is posted as an issue comment by a core maintainer. 

See https://github.com/cli/cli/pull/10381 and https://github.com/cli/cli/pull/10395 for more information.


❓ Have feedback on anything? We'd love to hear from you in a discussion post ❤️ 

## What's Changed

### ✨ Features
* feat: let user select pr to checkout by @nilvng in https://github.com/cli/cli/pull/9868
* feat: Add support for deleting autolink references by @hoffm in https://github.com/cli/cli/pull/10362
* [gh extensions install] Improve help text and error message by @iamazeem in https://github.com/cli/cli/pull/10333
* Error when `gh repo rename` is used with a new repo name that contains an owner by @timrogers in https://github.com/cli/cli/pull/10364
* Attestation bundle fetch improvements by @malancas in https://github.com/cli/cli/pull/10233
* [gh project item-list] Add `iterationId` field in ProjectV2ItemFieldIterationValue by @iamazeem in https://github.com/cli/cli/pull/10329

### 🐛 Fixes
* [gh api] Fix mutual exclusion messages of `--slurp` flag by @iamazeem in https://github.com/cli/cli/pull/10332
* Exit with error if no matching predicate type exists by @kommendorkapten in https://github.com/cli/cli/pull/10421
* Do not try to parse bodies for HEAD requests by @jsoref in https://github.com/cli/cli/pull/10388
* [gh project item-edit] Fix number type by @iamazeem in https://github.com/cli/cli/pull/10374
* [gh workflow run] Improve error handling for `--ref` flag by @iamazeem in https://github.com/cli/cli/pull/10328
* [gh config] Escape pipe symbol in Long desc for website manual by @iamazeem in https://github.com/cli/cli/pull/10371

### 📚 Docs & Chores
* Fix logic error in contributing docs by @BagToad in https://github.com/cli/cli/pull/10395
* Docs: Clarify guidelines for `help wanted` issues and pull requests by @BagToad in https://github.com/cli/cli/pull/10381
* [gh pr status] Mention `gh pr checks` in the `Long` section by @iamazeem in https://github.com/cli/cli/pull/10389
* [docs/releasing.md] Add basic info for homebrew update flow by @iamazeem in https://github.com/cli/cli/pull/10344
* [gh issue/pr list] Improve help text by @iamazeem in https://github.com/cli/cli/pull/10335
* Remove v1 project 'add to board' automation from prauto workflow by @hoffm in https://github.com/cli/cli/pull/10331
* Note: the following pair of PRs was reverted and never made into a release
  * [gh repo edit] Allow setting commit message defaults by @iamazeem in https://github.com/cli/cli/pull/10363
  * Revert "[gh repo edit] Allow setting commit message defaults" by @BagToad in https://github.com/cli/cli/pull/10372

### :dependabot: Dependencies
* Bump google.golang.org/protobuf from 1.36.4 to 1.36.5 by @dependabot in https://github.com/cli/cli/pull/10379


**Full Changelog**: https://github.com/cli/cli/compare/v2.66.1...v2.67.0

Jenkins pipeline link

---

Created automatically by Updatecli Options: Most of Updatecli configuration is done via its manifest(s). If you close this pull request, Updatecli will automatically reopen it, the next time it runs. If you close this pull request and delete the base branch, Updatecli will automatically recreate it, erasing all previous commits made. Feel free to report any issues at github.com/updatecli/updatecli. If you find this tool useful, do not hesitate to star our GitHub repository as a sign of appreciation, and/or to tell us directly on our chat!