{"id":1121,"name":"actions/create-github-app-token","ecosystem":"actions","repository_url":"https://github.com/actions/create-github-app-token","issues_count":2858,"created_at":"2025-06-06T15:01:40.635Z","updated_at":"2025-06-06T15:01:40.635Z","purl":"pkg:githubactions/actions/create-github-app-token","metadata":{"id":11547979,"name":"actions/create-github-app-token","ecosystem":"actions","description":"GitHub Action for creating a GitHub App installation access token","homepage":"https://github.com/marketplace/actions/create-github-app-token","licenses":"mit","normalized_licenses":["MIT"],"repository_url":"https://github.com/actions/create-github-app-token","keywords_array":["automation","github-actions","hacktoberfest","tokens"],"namespace":"actions","versions_count":55,"first_release_published_at":"2023-06-09T00:04:10.000Z","latest_release_published_at":"2025-05-03T21:58:35.000Z","latest_release_number":"v2.0.6","last_synced_at":"2025-05-29T13:07:49.424Z","created_at":"2025-04-16T09:54:02.158Z","updated_at":"2025-05-29T13:07:49.425Z","registry_url":"https://github.com/actions/create-github-app-token","install_command":null,"documentation_url":null,"metadata":{"name":"Create GitHub App Token","description":"GitHub Action for creating a GitHub App installation access token","author":"Gregor Martynus and Parker Brown","branding":{"icon":"lock","color":"gray-dark"},"inputs":{"app-id":{"description":"GitHub App ID","required":true},"private-key":{"description":"GitHub App private key","required":true},"owner":{"description":"The owner of the GitHub App installation (defaults to current repository owner)","required":false},"repositories":{"description":"Comma or newline-separated list of repositories to install the GitHub App on (defaults to current repository if owner is unset)","required":false},"skip-token-revoke":{"description":"If true, the token will not be revoked when the current job is complete","required":false,"default":"false"},"github-api-url":{"description":"The URL of the GitHub REST API.","default":"${{ github.api_url }}"},"permission-actions":{"description":"The level of permission to grant the access token for GitHub Actions workflows, workflow runs, and artifacts. Can be set to 'read' or 'write'."},"permission-administration":{"description":"The level of permission to grant the access token for repository creation, deletion, settings, teams, and collaborators creation. Can be set to 'read' or 'write'."},"permission-checks":{"description":"The level of permission to grant the access token for checks on code. Can be set to 'read' or 'write'."},"permission-codespaces":{"description":"The level of permission to grant the access token to create, edit, delete, and list Codespaces. Can be set to 'read' or 'write'."},"permission-contents":{"description":"The level of permission to grant the access token for repository contents, commits, branches, downloads, releases, and merges. Can be set to 'read' or 'write'."},"permission-dependabot-secrets":{"description":"The level of permission to grant the access token to manage Dependabot secrets. Can be set to 'read' or 'write'."},"permission-deployments":{"description":"The level of permission to grant the access token for deployments and deployment statuses. Can be set to 'read' or 'write'."},"permission-email-addresses":{"description":"The level of permission to grant the access token to manage the email addresses belonging to a user. Can be set to 'read' or 'write'."},"permission-environments":{"description":"The level of permission to grant the access token for managing repository environments. Can be set to 'read' or 'write'."},"permission-followers":{"description":"The level of permission to grant the access token to manage the followers belonging to a user. Can be set to 'read' or 'write'."},"permission-git-ssh-keys":{"description":"The level of permission to grant the access token to manage git SSH keys. Can be set to 'read' or 'write'."},"permission-gpg-keys":{"description":"The level of permission to grant the access token to view and manage GPG keys belonging to a user. Can be set to 'read' or 'write'."},"permission-interaction-limits":{"description":"The level of permission to grant the access token to view and manage interaction limits on a repository. Can be set to 'read' or 'write'."},"permission-issues":{"description":"The level of permission to grant the access token for issues and related comments, assignees, labels, and milestones. Can be set to 'read' or 'write'."},"permission-members":{"description":"The level of permission to grant the access token for organization teams and members. Can be set to 'read' or 'write'."},"permission-metadata":{"description":"The level of permission to grant the access token to search repositories, list collaborators, and access repository metadata. Can be set to 'read' or 'write'."},"permission-organization-administration":{"description":"The level of permission to grant the access token to manage access to an organization. Can be set to 'read' or 'write'."},"permission-organization-announcement-banners":{"description":"The level of permission to grant the access token to view and manage announcement banners for an organization. Can be set to 'read' or 'write'."},"permission-organization-copilot-seat-management":{"description":"The level of permission to grant the access token for managing access to GitHub Copilot for members of an organization with a Copilot Business subscription. This property is in public preview and is subject to change. Can be set to 'write'."},"permission-organization-custom-org-roles":{"description":"The level of permission to grant the access token for custom organization roles management. Can be set to 'read' or 'write'."},"permission-organization-custom-properties":{"description":"The level of permission to grant the access token for custom property management. Can be set to 'read', 'write', or 'admin'."},"permission-organization-custom-roles":{"description":"The level of permission to grant the access token for custom repository roles management. Can be set to 'read' or 'write'."},"permission-organization-events":{"description":"The level of permission to grant the access token to view events triggered by an activity in an organization. Can be set to 'read'."},"permission-organization-hooks":{"description":"The level of permission to grant the access token to manage the post-receive hooks for an organization. Can be set to 'read' or 'write'."},"permission-organization-packages":{"description":"The level of permission to grant the access token for organization packages published to GitHub Packages. Can be set to 'read' or 'write'."},"permission-organization-personal-access-token-requests":{"description":"The level of permission to grant the access token for viewing and managing fine-grained personal access tokens that have been approved by an organization. Can be set to 'read' or 'write'."},"permission-organization-personal-access-tokens":{"description":"The level of permission to grant the access token for viewing and managing fine-grained personal access token requests to an organization. Can be set to 'read' or 'write'."},"permission-organization-plan":{"description":"The level of permission to grant the access token for viewing an organization's plan. Can be set to 'read'."},"permission-organization-projects":{"description":"The level of permission to grant the access token to manage organization projects and projects public preview (where available). Can be set to 'read', 'write', or 'admin'."},"permission-organization-secrets":{"description":"The level of permission to grant the access token to manage organization secrets. Can be set to 'read' or 'write'."},"permission-organization-self-hosted-runners":{"description":"The level of permission to grant the access token to view and manage GitHub Actions self-hosted runners available to an organization. Can be set to 'read' or 'write'."},"permission-organization-user-blocking":{"description":"The level of permission to grant the access token to view and manage users blocked by the organization. Can be set to 'read' or 'write'."},"permission-packages":{"description":"The level of permission to grant the access token for packages published to GitHub Packages. Can be set to 'read' or 'write'."},"permission-pages":{"description":"The level of permission to grant the access token to retrieve Pages statuses, configuration, and builds, as well as create new builds. Can be set to 'read' or 'write'."},"permission-profile":{"description":"The level of permission to grant the access token to manage the profile settings belonging to a user. Can be set to 'write'."},"permission-pull-requests":{"description":"The level of permission to grant the access token for pull requests and related comments, assignees, labels, milestones, and merges. Can be set to 'read' or 'write'."},"permission-repository-custom-properties":{"description":"The level of permission to grant the access token to view and edit custom properties for a repository, when allowed by the property. Can be set to 'read' or 'write'."},"permission-repository-hooks":{"description":"The level of permission to grant the access token to manage the post-receive hooks for a repository. Can be set to 'read' or 'write'."},"permission-repository-projects":{"description":"The level of permission to grant the access token to manage repository projects, columns, and cards. Can be set to 'read', 'write', or 'admin'."},"permission-secret-scanning-alerts":{"description":"The level of permission to grant the access token to view and manage secret scanning alerts. Can be set to 'read' or 'write'."},"permission-secrets":{"description":"The level of permission to grant the access token to manage repository secrets. Can be set to 'read' or 'write'."},"permission-security-events":{"description":"The level of permission to grant the access token to view and manage security events like code scanning alerts. Can be set to 'read' or 'write'."},"permission-single-file":{"description":"The level of permission to grant the access token to manage just a single file. Can be set to 'read' or 'write'."},"permission-starring":{"description":"The level of permission to grant the access token to list and manage repositories a user is starring. Can be set to 'read' or 'write'."},"permission-statuses":{"description":"The level of permission to grant the access token for commit statuses. Can be set to 'read' or 'write'."},"permission-team-discussions":{"description":"The level of permission to grant the access token to manage team discussions and related comments. Can be set to 'read' or 'write'."},"permission-vulnerability-alerts":{"description":"The level of permission to grant the access token to manage Dependabot alerts. Can be set to 'read' or 'write'."},"permission-workflows":{"description":"The level of permission to grant the access token to update GitHub Actions workflow files. Can be set to 'write'."}},"outputs":{"token":{"description":"GitHub installation access token"},"installation-id":{"description":"GitHub App installation ID"},"app-slug":{"description":"GitHub App slug"}},"runs":{"using":"node20","main":"dist/main.cjs","post":"dist/post.cjs"},"default_branch":"main","path":null},"repo_metadata":{"id":167023156,"uuid":"642580244","full_name":"actions/create-github-app-token","owner":"actions","description":"GitHub Action for creating a GitHub App Installation Access Token","archived":false,"fork":false,"pushed_at":"2025-05-02T19:18:06.000Z","size":3856,"stargazers_count":519,"open_issues_count":29,"forks_count":87,"subscribers_count":9,"default_branch":"main","last_synced_at":"2025-05-02T20:19:54.609Z","etag":null,"topics":["automation","github-actions","hacktoberfest","tokens"],"latest_commit_sha":null,"homepage":"https://github.com/marketplace/actions/create-github-app-token","language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/actions.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":".github/CODEOWNERS","security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null}},"created_at":"2023-05-18T22:34:57.000Z","updated_at":"2025-05-02T19:17:54.000Z","dependencies_parsed_at":"2023-11-12T17:23:07.888Z","dependency_job_id":"8f7dcb88-f79a-4f11-a22c-2eeed99b1670","html_url":"https://github.com/actions/create-github-app-token","commit_stats":{"total_commits":120,"total_committers":21,"mean_commits":5.714285714285714,"dds":0.7416666666666667,"last_synced_commit":"25cc3bdc279c3498f554da7599deab2213b272e6"},"previous_names":["gr2m/app-token-action","gr2m/github-app-token-action","actions/github-app-token","actions/create-github-app-token"],"tags_count":54,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/actions%2Fcreate-github-app-token","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/actions%2Fcreate-github-app-token/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/actions%2Fcreate-github-app-token/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/actions%2Fcreate-github-app-token/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/actions","download_url":"https://codeload.github.com/actions/create-github-app-token/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":252100445,"owners_count":21694683,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"},"owner_record":{"login":"actions","name":"GitHub Actions","uuid":"44036562","kind":"organization","description":"Automate your GitHub workflows","email":null,"website":"https://github.com/features/actions","location":null,"twitter":null,"company":null,"icon_url":"https://avatars.githubusercontent.com/u/44036562?v=4","repositories_count":59,"last_synced_at":"2023-04-09T12:20:28.551Z","metadata":{"has_sponsors_listing":false},"html_url":"https://github.com/actions","funding_links":[],"total_stars":69545,"followers":null,"following":null,"created_at":"2022-11-02T16:25:53.210Z","updated_at":"2024-03-25T18:47:17.736Z","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/actions","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/actions/repositories"},"tags":[{"name":"v2.0.5","sha":"db3cdf40984fe6fd25ae19ac2bf2f4886ae8d959","kind":"commit","published_at":"2025-05-02T19:17:49.000Z","download_url":"https://codeload.github.com/actions/create-github-app-token/tar.gz/v2.0.5","html_url":"https://github.com/actions/create-github-app-token/releases/tag/v2.0.5","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/actions%2Fcreate-github-app-token/tags/v2.0.5","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/actions%2Fcreate-github-app-token/tags/v2.0.5/manifests"},{"name":"v2.0.4","sha":"4821f52fa7a8e45784f1d99cdb1c27bec9f00720","kind":"commit","published_at":"2025-05-02T18:44:32.000Z","download_url":"https://codeload.github.com/actions/create-github-app-token/tar.gz/v2.0.4","html_url":"https://github.com/actions/create-github-app-token/releases/tag/v2.0.4","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/actions%2Fcreate-github-app-token/tags/v2.0.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/actions%2Fcreate-github-app-token/tags/v2.0.4/manifests"},{"name":"v2.0.3","sha":"30bf6253fa41bdc8d1501d202ad15287582246b4","kind":"commit","published_at":"2025-05-01T15:34:52.000Z","download_url":"https://codeload.github.com/actions/create-github-app-token/tar.gz/v2.0.3","html_url":"https://github.com/actions/create-github-app-token/releases/tag/v2.0.3","dependencies_parsed_at":null,"dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/actions%2Fcreate-github-app-token/tags/v2.0.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/actions%2Fcreate-github-app-token/tags/v2.0.3/manifests"},{"name":"v2.0.2","sha":"3ff1caaa28b64c9cc276ce0a02e2ff584f3900c5","kind":"commit","published_at":"2025-04-03T22:54:20.000Z","download_url":"https://codeload.github.com/actions/create-github-app-token/tar.gz/v2.0.2","html_url":"https://github.com/actions/create-github-app-token/releases/tag/v2.0.2","dependencies_parsed_at":"2025-04-17T04:41:10.874Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/actions%2Fcreate-github-app-token/tags/v2.0.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/actions%2Fcreate-github-app-token/tags/v2.0.2/manifests"},{"name":"v2","sha":"3ff1caaa28b64c9cc276ce0a02e2ff584f3900c5","kind":"commit","published_at":"2025-04-03T22:54:20.000Z","download_url":"https://codeload.github.com/actions/create-github-app-token/tar.gz/v2","html_url":"https://github.com/actions/create-github-app-token/releases/tag/v2","dependencies_parsed_at":"2025-04-19T05:32:50.711Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/actions%2Fcreate-github-app-token/tags/v2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/actions%2Fcreate-github-app-token/tags/v2/manifests"},{"name":"v2.0.1","sha":"86e24964d68ec4c8b52e8e73e2592920edeef469","kind":"commit","published_at":"2025-04-03T22:43:44.000Z","download_url":"https://codeload.github.com/actions/create-github-app-token/tar.gz/v2.0.1","html_url":"https://github.com/actions/create-github-app-token/releases/tag/v2.0.1","dependencies_parsed_at":"2025-04-17T04:41:10.874Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/actions%2Fcreate-github-app-token/tags/v2.0.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/actions%2Fcreate-github-app-token/tags/v2.0.1/manifests"},{"name":"v2.0.0","sha":"064492a9a1762067169d50c792a7dc02bc3d1254","kind":"commit","published_at":"2025-04-03T19:10:30.000Z","download_url":"https://codeload.github.com/actions/create-github-app-token/tar.gz/v2.0.0","html_url":"https://github.com/actions/create-github-app-token/releases/tag/v2.0.0","dependencies_parsed_at":"2025-04-19T05:32:50.745Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/actions%2Fcreate-github-app-token/tags/v2.0.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/actions%2Fcreate-github-app-token/tags/v2.0.0/manifests"},{"name":"v1.12.0","sha":"d72941d797fd3113feb6b93fd0dec494b13a2547","kind":"commit","published_at":"2025-03-27T19:01:44.000Z","download_url":"https://codeload.github.com/actions/create-github-app-token/tar.gz/v1.12.0","html_url":"https://github.com/actions/create-github-app-token/releases/tag/v1.12.0","dependencies_parsed_at":"2025-04-17T04:41:10.875Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/actions%2Fcreate-github-app-token/tags/v1.12.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/actions%2Fcreate-github-app-token/tags/v1.12.0/manifests"},{"name":"v1.11.7","sha":"af35edadc00be37caa72ed9f3e6d5f7801bfdf09","kind":"commit","published_at":"2025-03-20T05:59:25.000Z","download_url":"https://codeload.github.com/actions/create-github-app-token/tar.gz/v1.11.7","html_url":"https://github.com/actions/create-github-app-token/releases/tag/v1.11.7","dependencies_parsed_at":"2025-04-17T04:41:10.875Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/actions%2Fcreate-github-app-token/tags/v1.11.7","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/actions%2Fcreate-github-app-token/tags/v1.11.7/manifests"},{"name":"v1.11.6","sha":"21cfef2b496dd8ef5b904c159339626a10ad380e","kind":"commit","published_at":"2025-03-03T01:13:50.000Z","download_url":"https://codeload.github.com/actions/create-github-app-token/tar.gz/v1.11.6","html_url":"https://github.com/actions/create-github-app-token/releases/tag/v1.11.6","dependencies_parsed_at":"2025-04-17T04:41:10.874Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/actions%2Fcreate-github-app-token/tags/v1.11.6","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/actions%2Fcreate-github-app-token/tags/v1.11.6/manifests"},{"name":"v1.11.5","sha":"0d564482f06ca65fa9e77e2510873638c82206f2","kind":"commit","published_at":"2025-02-15T00:26:36.000Z","download_url":"https://codeload.github.com/actions/create-github-app-token/tar.gz/v1.11.5","html_url":"https://github.com/actions/create-github-app-token/releases/tag/v1.11.5","dependencies_parsed_at":"2025-04-17T04:41:10.874Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/actions%2Fcreate-github-app-token/tags/v1.11.5","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/actions%2Fcreate-github-app-token/tags/v1.11.5/manifests"},{"name":"v1.11.4","sha":"c14f92a8f9fd9aff60349b9d5bb2f2d9933926bd","kind":"commit","published_at":"2025-02-15T00:14:02.000Z","download_url":"https://codeload.github.com/actions/create-github-app-token/tar.gz/v1.11.4","html_url":"https://github.com/actions/create-github-app-token/releases/tag/v1.11.4","dependencies_parsed_at":"2025-04-17T04:41:10.875Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/actions%2Fcreate-github-app-token/tags/v1.11.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/actions%2Fcreate-github-app-token/tags/v1.11.4/manifests"},{"name":"v1.11.3","sha":"67e27a7eb7db372a1c61a7f9bdab8699e9ee57f7","kind":"commit","published_at":"2025-02-04T01:08:21.000Z","download_url":"https://codeload.github.com/actions/create-github-app-token/tar.gz/v1.11.3","html_url":"https://github.com/actions/create-github-app-token/releases/tag/v1.11.3","dependencies_parsed_at":"2025-04-17T04:41:10.873Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/actions%2Fcreate-github-app-token/tags/v1.11.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/actions%2Fcreate-github-app-token/tags/v1.11.3/manifests"},{"name":"v1.11.2","sha":"136412a57a7081aa63c935a2cc2918f76c34f514","kind":"commit","published_at":"2025-01-30T23:13:57.000Z","download_url":"https://codeload.github.com/actions/create-github-app-token/tar.gz/v1.11.2","html_url":"https://github.com/actions/create-github-app-token/releases/tag/v1.11.2","dependencies_parsed_at":"2025-04-17T04:41:10.874Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/actions%2Fcreate-github-app-token/tags/v1.11.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/actions%2Fcreate-github-app-token/tags/v1.11.2/manifests"},{"name":"v1.11.1","sha":"c1a285145b9d317df6ced56c09f525b5c2b6f755","kind":"commit","published_at":"2024-12-20T18:12:15.000Z","download_url":"https://codeload.github.com/actions/create-github-app-token/tar.gz/v1.11.1","html_url":"https://github.com/actions/create-github-app-token/releases/tag/v1.11.1","dependencies_parsed_at":"2025-04-17T04:41:10.876Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/actions%2Fcreate-github-app-token/tags/v1.11.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/actions%2Fcreate-github-app-token/tags/v1.11.1/manifests"},{"name":"v1.11.0","sha":"5d869da34e18e7287c1daad50e0b8ea0f506ce69","kind":"commit","published_at":"2024-09-11T20:55:26.000Z","download_url":"https://codeload.github.com/actions/create-github-app-token/tar.gz/v1.11.0","html_url":"https://github.com/actions/create-github-app-token/releases/tag/v1.11.0","dependencies_parsed_at":"2025-04-17T04:41:10.875Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/actions%2Fcreate-github-app-token/tags/v1.11.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/actions%2Fcreate-github-app-token/tags/v1.11.0/manifests"},{"name":"v1.10.4","sha":"3378cda945da322a8db4b193e19d46352ebe2de5","kind":"commit","published_at":"2024-09-04T04:41:08.000Z","download_url":"https://codeload.github.com/actions/create-github-app-token/tar.gz/v1.10.4","html_url":"https://github.com/actions/create-github-app-token/releases/tag/v1.10.4","dependencies_parsed_at":"2025-04-19T05:32:46.551Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/actions%2Fcreate-github-app-token/tags/v1.10.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/actions%2Fcreate-github-app-token/tags/v1.10.4/manifests"},{"name":"v1.10.3","sha":"31c86eb3b33c9b601a1f60f98dcbfd1d70f379b4","kind":"commit","published_at":"2024-07-01T13:15:08.000Z","download_url":"https://codeload.github.com/actions/create-github-app-token/tar.gz/v1.10.3","html_url":"https://github.com/actions/create-github-app-token/releases/tag/v1.10.3","dependencies_parsed_at":"2025-04-17T04:41:10.879Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/actions%2Fcreate-github-app-token/tags/v1.10.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/actions%2Fcreate-github-app-token/tags/v1.10.3/manifests"},{"name":"v1.10.2","sha":"ad38cffc07bac6e3857755914c4c88bfd2db4da4","kind":"commit","published_at":"2024-06-26T01:11:30.000Z","download_url":"https://codeload.github.com/actions/create-github-app-token/tar.gz/v1.10.2","html_url":"https://github.com/actions/create-github-app-token/releases/tag/v1.10.2","dependencies_parsed_at":"2025-04-19T05:32:50.101Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/actions%2Fcreate-github-app-token/tags/v1.10.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/actions%2Fcreate-github-app-token/tags/v1.10.2/manifests"},{"name":"v1.10.1","sha":"c8f55efbd427e7465d6da1106e7979bc8aaee856","kind":"commit","published_at":"2024-06-03T04:38:42.000Z","download_url":"https://codeload.github.com/actions/create-github-app-token/tar.gz/v1.10.1","html_url":"https://github.com/actions/create-github-app-token/releases/tag/v1.10.1","dependencies_parsed_at":"2025-04-19T05:32:48.357Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/actions%2Fcreate-github-app-token/tags/v1.10.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/actions%2Fcreate-github-app-token/tags/v1.10.1/manifests"},{"name":"v1.10.0","sha":"a0de6af83968303c8c955486bf9739a57d23c7f1","kind":"commit","published_at":"2024-05-01T18:16:16.000Z","download_url":"https://codeload.github.com/actions/create-github-app-token/tar.gz/v1.10.0","html_url":"https://github.com/actions/create-github-app-token/releases/tag/v1.10.0","dependencies_parsed_at":"2025-04-19T05:32:48.494Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/actions%2Fcreate-github-app-token/tags/v1.10.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/actions%2Fcreate-github-app-token/tags/v1.10.0/manifests"},{"name":"v1.9.3","sha":"7bfa3a4717ef143a604ee0a99d859b8886a96d00","kind":"commit","published_at":"2024-04-04T17:10:12.000Z","download_url":"https://codeload.github.com/actions/create-github-app-token/tar.gz/v1.9.3","html_url":"https://github.com/actions/create-github-app-token/releases/tag/v1.9.3","dependencies_parsed_at":"2025-04-19T05:32:50.728Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/actions%2Fcreate-github-app-token/tags/v1.9.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/actions%2Fcreate-github-app-token/tags/v1.9.3/manifests"},{"name":"v1.9.2","sha":"6c406e8a244fdf6bbf79e6cc8a91504a48d2c2ce","kind":"commit","published_at":"2024-04-01T15:59:22.000Z","download_url":"https://codeload.github.com/actions/create-github-app-token/tar.gz/v1.9.2","html_url":"https://github.com/actions/create-github-app-token/releases/tag/v1.9.2","dependencies_parsed_at":"2025-04-19T05:32:48.495Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/actions%2Fcreate-github-app-token/tags/v1.9.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/actions%2Fcreate-github-app-token/tags/v1.9.2/manifests"},{"name":"v1.9.1","sha":"78e5f2ddc08efcb88fbbee6cfa3fed770ba550c3","kind":"commit","published_at":"2024-03-25T16:54:23.000Z","download_url":"https://codeload.github.com/actions/create-github-app-token/tar.gz/v1.9.1","html_url":"https://github.com/actions/create-github-app-token/releases/tag/v1.9.1","dependencies_parsed_at":"2025-04-19T05:32:50.665Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/actions%2Fcreate-github-app-token/tags/v1.9.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/actions%2Fcreate-github-app-token/tags/v1.9.1/manifests"},{"name":"v1.9.0","sha":"f2acddfb5195534d487896a656232b016a682f3c","kind":"commit","published_at":"2024-03-01T19:19:10.000Z","download_url":"https://codeload.github.com/actions/create-github-app-token/tar.gz/v1.9.0","html_url":"https://github.com/actions/create-github-app-token/releases/tag/v1.9.0","dependencies_parsed_at":"2025-04-19T05:32:50.574Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/actions%2Fcreate-github-app-token/tags/v1.9.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/actions%2Fcreate-github-app-token/tags/v1.9.0/manifests"},{"name":"v1.8.2","sha":"bf627a5a4415baceb13b8feb7cdbe1f4b112dc8d","kind":"commit","published_at":"2024-03-01T18:02:22.000Z","download_url":"https://codeload.github.com/actions/create-github-app-token/tar.gz/v1.8.2","html_url":"https://github.com/actions/create-github-app-token/releases/tag/v1.8.2","dependencies_parsed_at":"2025-04-19T05:32:50.101Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/actions%2Fcreate-github-app-token/tags/v1.8.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/actions%2Fcreate-github-app-token/tags/v1.8.2/manifests"},{"name":"v1.8.1","sha":"e8e39f73bb84fdf315a015fa3104f314c0a258b4","kind":"commit","published_at":"2024-02-21T20:37:10.000Z","download_url":"https://codeload.github.com/actions/create-github-app-token/tar.gz/v1.8.1","html_url":"https://github.com/actions/create-github-app-token/releases/tag/v1.8.1","dependencies_parsed_at":"2025-04-19T05:32:50.727Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/actions%2Fcreate-github-app-token/tags/v1.8.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/actions%2Fcreate-github-app-token/tags/v1.8.1/manifests"},{"name":"v1.8.0","sha":"f4c6bf6752984b3a29fcc135a5e70eb792c40c6b","kind":"commit","published_at":"2024-02-08T23:39:37.000Z","download_url":"https://codeload.github.com/actions/create-github-app-token/tar.gz/v1.8.0","html_url":"https://github.com/actions/create-github-app-token/releases/tag/v1.8.0","dependencies_parsed_at":"2025-04-19T05:32:50.419Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/actions%2Fcreate-github-app-token/tags/v1.8.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/actions%2Fcreate-github-app-token/tags/v1.8.0/manifests"},{"name":"v1.7.0","sha":"86576b355dd19da0519e0bdb63d8edb5bcf76a25","kind":"commit","published_at":"2024-01-26T18:51:44.000Z","download_url":"https://codeload.github.com/actions/create-github-app-token/tar.gz/v1.7.0","html_url":"https://github.com/actions/create-github-app-token/releases/tag/v1.7.0","dependencies_parsed_at":"2025-04-19T05:32:50.106Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/actions%2Fcreate-github-app-token/tags/v1.7.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/actions%2Fcreate-github-app-token/tags/v1.7.0/manifests"},{"name":"v1.6.4","sha":"c4fa18d55c5d49e6a2793e351ea4938322c61072","kind":"commit","published_at":"2024-01-19T15:45:52.000Z","download_url":"https://codeload.github.com/actions/create-github-app-token/tar.gz/v1.6.4","html_url":"https://github.com/actions/create-github-app-token/releases/tag/v1.6.4","dependencies_parsed_at":"2025-04-19T05:32:51.031Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/actions%2Fcreate-github-app-token/tags/v1.6.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/actions%2Fcreate-github-app-token/tags/v1.6.4/manifests"},{"name":"v1.6.3","sha":"f04aa94d10cf56334d1c580e077ce2e3569e805d","kind":"commit","published_at":"2024-01-09T22:21:09.000Z","download_url":"https://codeload.github.com/actions/create-github-app-token/tar.gz/v1.6.3","html_url":"https://github.com/actions/create-github-app-token/releases/tag/v1.6.3","dependencies_parsed_at":"2025-04-19T05:32:50.725Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/actions%2Fcreate-github-app-token/tags/v1.6.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/actions%2Fcreate-github-app-token/tags/v1.6.3/manifests"},{"name":"v1.6.2","sha":"2986852ad836768dfea7781f31828eb3e17990fa","kind":"commit","published_at":"2023-12-06T20:25:58.000Z","download_url":"https://codeload.github.com/actions/create-github-app-token/tar.gz/v1.6.2","html_url":"https://github.com/actions/create-github-app-token/releases/tag/v1.6.2","dependencies_parsed_at":"2025-04-19T05:32:50.745Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/actions%2Fcreate-github-app-token/tags/v1.6.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/actions%2Fcreate-github-app-token/tags/v1.6.2/manifests"},{"name":"v1.6.1","sha":"46e4a501e119d39574a54e53a06c9a705efc55c9","kind":"commit","published_at":"2023-12-01T18:27:42.000Z","download_url":"https://codeload.github.com/actions/create-github-app-token/tar.gz/v1.6.1","html_url":"https://github.com/actions/create-github-app-token/releases/tag/v1.6.1","dependencies_parsed_at":"2025-04-19T05:32:50.729Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/actions%2Fcreate-github-app-token/tags/v1.6.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/actions%2Fcreate-github-app-token/tags/v1.6.1/manifests"},{"name":"v1.6.0","sha":"e995b4e40ace2eb5bf13137d9abe242c98f3aab6","kind":"commit","published_at":"2023-11-16T22:53:33.000Z","download_url":"https://codeload.github.com/actions/create-github-app-token/tar.gz/v1.6.0","html_url":"https://github.com/actions/create-github-app-token/releases/tag/v1.6.0","dependencies_parsed_at":"2025-04-19T05:32:50.108Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/actions%2Fcreate-github-app-token/tags/v1.6.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/actions%2Fcreate-github-app-token/tags/v1.6.0/manifests"},{"name":"v1.5.1","sha":"eaddb9eb7e4226c68cf4b39f167c83e5bd132b3e","kind":"commit","published_at":"2023-11-01T16:31:38.000Z","download_url":"https://codeload.github.com/actions/create-github-app-token/tar.gz/v1.5.1","html_url":"https://github.com/actions/create-github-app-token/releases/tag/v1.5.1","dependencies_parsed_at":"2025-04-19T05:32:50.101Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/actions%2Fcreate-github-app-token/tags/v1.5.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/actions%2Fcreate-github-app-token/tags/v1.5.1/manifests"},{"name":"v1.5.0","sha":"9d97a4282b2c51a2f4f0465b9326399f53c890d4","kind":"commit","published_at":"2023-10-06T20:42:48.000Z","download_url":"https://codeload.github.com/actions/create-github-app-token/tar.gz/v1.5.0","html_url":"https://github.com/actions/create-github-app-token/releases/tag/v1.5.0","dependencies_parsed_at":"2025-04-19T05:32:50.724Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/actions%2Fcreate-github-app-token/tags/v1.5.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/actions%2Fcreate-github-app-token/tags/v1.5.0/manifests"},{"name":"v1.4.0","sha":"8210939678727129ae3a36a8a361102561481c3b","kind":"commit","published_at":"2023-10-06T16:11:28.000Z","download_url":"https://codeload.github.com/actions/create-github-app-token/tar.gz/v1.4.0","html_url":"https://github.com/actions/create-github-app-token/releases/tag/v1.4.0","dependencies_parsed_at":"2025-04-19T05:32:50.104Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/actions%2Fcreate-github-app-token/tags/v1.4.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/actions%2Fcreate-github-app-token/tags/v1.4.0/manifests"},{"name":"v1.3.0","sha":"d400084c451fa94cb8392553d58863d2a2fba09c","kind":"commit","published_at":"2023-10-04T05:29:18.000Z","download_url":"https://codeload.github.com/actions/create-github-app-token/tar.gz/v1.3.0","html_url":"https://github.com/actions/create-github-app-token/releases/tag/v1.3.0","dependencies_parsed_at":"2025-04-19T05:32:48.474Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/actions%2Fcreate-github-app-token/tags/v1.3.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/actions%2Fcreate-github-app-token/tags/v1.3.0/manifests"},{"name":"v1.2.2","sha":"5804f049e1ab39f8b6e41c4c42f121d2e04c781b","kind":"commit","published_at":"2023-10-02T04:28:50.000Z","download_url":"https://codeload.github.com/actions/create-github-app-token/tar.gz/v1.2.2","html_url":"https://github.com/actions/create-github-app-token/releases/tag/v1.2.2","dependencies_parsed_at":"2025-04-19T05:32:50.102Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/actions%2Fcreate-github-app-token/tags/v1.2.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/actions%2Fcreate-github-app-token/tags/v1.2.2/manifests"},{"name":"v1.2.1","sha":"49ce228ea7cddec9f88dd09c5b7740dbac82d7ba","kind":"commit","published_at":"2023-08-30T05:30:14.000Z","download_url":"https://codeload.github.com/actions/create-github-app-token/tar.gz/v1.2.1","html_url":"https://github.com/actions/create-github-app-token/releases/tag/v1.2.1","dependencies_parsed_at":"2025-04-19T05:32:48.538Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/actions%2Fcreate-github-app-token/tags/v1.2.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/actions%2Fcreate-github-app-token/tags/v1.2.1/manifests"},{"name":"v1.2.0","sha":"c72844caa414e2d425452f9bb8372a514153cc22","kind":"commit","published_at":"2023-08-29T23:14:09.000Z","download_url":"https://codeload.github.com/actions/create-github-app-token/tar.gz/v1.2.0","html_url":"https://github.com/actions/create-github-app-token/releases/tag/v1.2.0","dependencies_parsed_at":"2025-04-19T05:32:49.496Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/actions%2Fcreate-github-app-token/tags/v1.2.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/actions%2Fcreate-github-app-token/tags/v1.2.0/manifests"},{"name":"v1.1.5","sha":"17cde8a7d84fe69209226a73af1acac6c76392d5","kind":"commit","published_at":"2023-08-28T22:38:26.000Z","download_url":"https://codeload.github.com/actions/create-github-app-token/tar.gz/v1.1.5","html_url":"https://github.com/actions/create-github-app-token/releases/tag/v1.1.5","dependencies_parsed_at":"2025-04-19T05:32:49.502Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/actions%2Fcreate-github-app-token/tags/v1.1.5","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/actions%2Fcreate-github-app-token/tags/v1.1.5/manifests"},{"name":"v1.1.4","sha":"35d8ea9fdbb6820e6377ef8ec809b2e7e38203eb","kind":"commit","published_at":"2023-08-28T22:29:27.000Z","download_url":"https://codeload.github.com/actions/create-github-app-token/tar.gz/v1.1.4","html_url":"https://github.com/actions/create-github-app-token/releases/tag/v1.1.4","dependencies_parsed_at":"2025-04-19T05:32:48.538Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/actions%2Fcreate-github-app-token/tags/v1.1.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/actions%2Fcreate-github-app-token/tags/v1.1.4/manifests"},{"name":"v1.1.3","sha":"2540ed49e5d6bea751bf3da363bb5b5a6fcf0c07","kind":"commit","published_at":"2023-08-28T22:14:31.000Z","download_url":"https://codeload.github.com/actions/create-github-app-token/tar.gz/v1.1.3","html_url":"https://github.com/actions/create-github-app-token/releases/tag/v1.1.3","dependencies_parsed_at":"2025-04-19T05:32:48.470Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/actions%2Fcreate-github-app-token/tags/v1.1.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/actions%2Fcreate-github-app-token/tags/v1.1.3/manifests"},{"name":"v1.1.2","sha":"bc256c234bf48ffdee7ae27409ebc7f9aa3c8ab4","kind":"commit","published_at":"2023-08-25T18:59:01.000Z","download_url":"https://codeload.github.com/actions/create-github-app-token/tar.gz/v1.1.2","html_url":"https://github.com/actions/create-github-app-token/releases/tag/v1.1.2","dependencies_parsed_at":"2025-04-19T05:32:49.505Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/actions%2Fcreate-github-app-token/tags/v1.1.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/actions%2Fcreate-github-app-token/tags/v1.1.2/manifests"},{"name":"v1.1.1","sha":"27ab48741c28e6dacb5a36198383bd4cff9595d1","kind":"commit","published_at":"2023-08-23T17:57:42.000Z","download_url":"https://codeload.github.com/actions/create-github-app-token/tar.gz/v1.1.1","html_url":"https://github.com/actions/create-github-app-token/releases/tag/v1.1.1","dependencies_parsed_at":"2025-04-19T05:32:49.498Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/actions%2Fcreate-github-app-token/tags/v1.1.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/actions%2Fcreate-github-app-token/tags/v1.1.1/manifests"},{"name":"v1.1.0","sha":"803e078eb599890256679b164357599b8681de13","kind":"commit","published_at":"2023-08-22T17:24:39.000Z","download_url":"https://codeload.github.com/actions/create-github-app-token/tar.gz/v1.1.0","html_url":"https://github.com/actions/create-github-app-token/releases/tag/v1.1.0","dependencies_parsed_at":"2025-04-19T05:32:49.500Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/actions%2Fcreate-github-app-token/tags/v1.1.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/actions%2Fcreate-github-app-token/tags/v1.1.0/manifests"},{"name":"v1.0.5","sha":"cb1fcdda590f1dd2a7c771cfa62e50bb4ac1cfa5","kind":"commit","published_at":"2023-08-21T22:09:16.000Z","download_url":"https://codeload.github.com/actions/create-github-app-token/tar.gz/v1.0.5","html_url":"https://github.com/actions/create-github-app-token/releases/tag/v1.0.5","dependencies_parsed_at":"2025-04-19T05:32:49.504Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/actions%2Fcreate-github-app-token/tags/v1.0.5","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/actions%2Fcreate-github-app-token/tags/v1.0.5/manifests"},{"name":"v1.0.4","sha":"12aa81137bd7fec724cf23ab0c54092261f59830","kind":"commit","published_at":"2023-08-21T21:32:39.000Z","download_url":"https://codeload.github.com/actions/create-github-app-token/tar.gz/v1.0.4","html_url":"https://github.com/actions/create-github-app-token/releases/tag/v1.0.4","dependencies_parsed_at":"2025-04-19T05:32:48.480Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/actions%2Fcreate-github-app-token/tags/v1.0.4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/actions%2Fcreate-github-app-token/tags/v1.0.4/manifests"},{"name":"v1.0.3","sha":"c04bb41e616d2a16422908c7ca1b81930f23079b","kind":"commit","published_at":"2023-08-21T18:49:27.000Z","download_url":"https://codeload.github.com/actions/create-github-app-token/tar.gz/v1.0.3","html_url":"https://github.com/actions/create-github-app-token/releases/tag/v1.0.3","dependencies_parsed_at":"2025-04-19T05:32:49.497Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/actions%2Fcreate-github-app-token/tags/v1.0.3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/actions%2Fcreate-github-app-token/tags/v1.0.3/manifests"},{"name":"v1","sha":"847634eeb36664e2d49db18add847e3fe1a183db","kind":"commit","published_at":"2023-06-15T22:51:56.000Z","download_url":"https://codeload.github.com/actions/create-github-app-token/tar.gz/v1","html_url":"https://github.com/actions/create-github-app-token/releases/tag/v1","dependencies_parsed_at":"2025-04-19T05:32:50.745Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/actions%2Fcreate-github-app-token/tags/v1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/actions%2Fcreate-github-app-token/tags/v1/manifests"},{"name":"v1.0.2","sha":"847634eeb36664e2d49db18add847e3fe1a183db","kind":"commit","published_at":"2023-06-15T22:51:56.000Z","download_url":"https://codeload.github.com/actions/create-github-app-token/tar.gz/v1.0.2","html_url":"https://github.com/actions/create-github-app-token/releases/tag/v1.0.2","dependencies_parsed_at":"2025-04-19T05:32:48.473Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/actions%2Fcreate-github-app-token/tags/v1.0.2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/actions%2Fcreate-github-app-token/tags/v1.0.2/manifests"},{"name":"v1.0.1","sha":"c08b7942e4f16842e11846de387178fdd8a4dc1a","kind":"commit","published_at":"2023-06-15T22:48:41.000Z","download_url":"https://codeload.github.com/actions/create-github-app-token/tar.gz/v1.0.1","html_url":"https://github.com/actions/create-github-app-token/releases/tag/v1.0.1","dependencies_parsed_at":"2025-04-19T05:32:48.474Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/actions%2Fcreate-github-app-token/tags/v1.0.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/actions%2Fcreate-github-app-token/tags/v1.0.1/manifests"},{"name":"v1.0.0","sha":"f45685208fd9b88321d74015b5996fc8c3e43d18","kind":"commit","published_at":"2023-06-09T00:04:10.000Z","download_url":"https://codeload.github.com/actions/create-github-app-token/tar.gz/v1.0.0","html_url":"https://github.com/actions/create-github-app-token/releases/tag/v1.0.0","dependencies_parsed_at":"2025-04-19T05:32:49.500Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/actions%2Fcreate-github-app-token/tags/v1.0.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/actions%2Fcreate-github-app-token/tags/v1.0.0/manifests"}]},"repo_metadata_updated_at":"2025-05-02T20:20:45.998Z","dependent_packages_count":0,"downloads":null,"downloads_period":null,"dependent_repos_count":0,"rankings":{"downloads":null,"dependent_repos_count":37.16500553709856,"dependent_packages_count":0.0,"stargazers_count":0.45562411010915993,"forks_count":0.5790223065970574,"docker_downloads_count":null,"average":9.549912988451194},"purl":"pkg:githubactions/actions/create-github-app-token","advisories":[],"docker_usage_url":"https://docker.ecosyste.ms/usage/actions/actions/create-github-app-token","docker_dependents_count":null,"docker_downloads_count":null,"usage_url":"https://repos.ecosyste.ms/usage/actions/actions/create-github-app-token","dependent_repositories_url":"https://repos.ecosyste.ms/api/v1/usage/actions/actions/create-github-app-token/dependencies","status":null,"funding_links":[],"critical":null,"versions_url":"https://packages.ecosyste.ms/api/v1/registries/github%20actions/packages/actions%2Fcreate-github-app-token/versions","version_numbers_url":"https://packages.ecosyste.ms/api/v1/registries/github%20actions/packages/actions%2Fcreate-github-app-token/version_numbers","dependent_packages_url":"https://packages.ecosyste.ms/api/v1/registries/github%20actions/packages/actions%2Fcreate-github-app-token/dependent_packages","related_packages_url":"https://packages.ecosyste.ms/api/v1/registries/github%20actions/packages/actions%2Fcreate-github-app-token/related_packages","maintainers":[],"registry":{"name":"github actions","url":"https://github.com/marketplace/actions/","ecosystem":"actions","default":true,"packages_count":31615,"maintainers_count":0,"namespaces_count":19962,"keywords_count":6709,"github":"actions","metadata":{"funded_packages_count":2985},"icon_url":"https://github.com/actions.png","created_at":"2023-01-03T17:16:39.185Z","updated_at":"2025-06-06T06:00:12.453Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/github%20actions/packages","maintainers_url":"https://packages.ecosyste.ms/api/v1/registries/github%20actions/maintainers","namespaces_url":"https://packages.ecosyste.ms/api/v1/registries/github%20actions/namespaces"}},"unique_repositories_count":1404,"unique_repositories_count_past_30_days":107,"recent_issues":[{"uuid":"4556814404","node_id":"PR_kwDOSsxPT87hDejC","number":3,"state":"open","title":"chore(actions)(deps): bump actions/create-github-app-token from 1.9.3 to 3.2.0","user":"dependabot[bot]","labels":[],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-31T06:48:27.000Z","updated_at":"2026-05-31T06:48:27.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(actions)(deps)","packages":[{"name":"actions/create-github-app-token","old_version":"1.9.3","new_version":"3.2.0","repository_url":"https://github.com/actions/create-github-app-token"}],"path":null,"ecosystem":"actions"},"body":"Bumps [actions/create-github-app-token](https://github.com/actions/create-github-app-token) from 1.9.3 to 3.2.0.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/create-github-app-token/releases\"\u003eactions/create-github-app-token's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.2.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/compare/v3.1.1...v3.2.0\"\u003e3.2.0\u003c/a\u003e (2026-05-12)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd support for enterprise-level GitHub Apps (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/263\"\u003e#263\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/952a2a7073df6bfa5f49bc469ec895b6ec1acea4\"\u003e952a2a7\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esupport full repository names in \u003ccode\u003erepositories\u003c/code\u003e input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/372\"\u003e#372\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/85eb8dd41472213aed25d1a126460e0069138ab6\"\u003e85eb8dd\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1 in the production-dependencies group (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/364\"\u003e#364\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/43e5c345bfd4d4f3ecea019ad0042001a09dd857\"\u003e43e5c34\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003evalidate private-key input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/376\"\u003e#376\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/f24bbd89643991c0de27ae823c01791b2c6bafdd\"\u003ef24bbd8\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.1.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/compare/v3.1.0...v3.1.1\"\u003e3.1.1\u003c/a\u003e (2026-04-11)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eimprove error message when app identifier is empty (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/362\"\u003e#362\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/07e2b760664f080c40eec4eacf7477256582db36\"\u003e07e2b76\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/249\"\u003e#249\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.1.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/compare/v3.0.0...v3.1.0\"\u003e3.1.0\u003c/a\u003e (2026-04-11)\u003c/h1\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump p-retry from 7.1.1 to 8.0.0 (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/357\"\u003e#357\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/3bbe07d928e2d6c30bf3e37c6b89edbc4045facf\"\u003e3bbe07d\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd \u003ccode\u003eclient-id\u003c/code\u003e input and deprecate \u003ccode\u003eapp-id\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/353\"\u003e#353\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/e6bd4e6970172bed9fe138b2eaf4cbffa4cca8f9\"\u003ee6bd4e6\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupdate permission inputs (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/358\"\u003e#358\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/076e9480ca6e9633bff412d05eff0fc2f1e7d2be\"\u003e076e948\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.0.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/compare/v2.2.2...v3.0.0\"\u003e3.0.0\u003c/a\u003e (2026-03-14)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003efeat!: node 24 support (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/275\"\u003e#275\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/2e564a0bb8e7cc2b907b2401a2afe177882d4325\"\u003e2e564a0\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix!: require \u003ccode\u003eNODE_USE_ENV_PROXY\u003c/code\u003e for proxy support (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/342\"\u003e#342\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/4451bcbc139f8124b0bf04f968ea2586b17df458\"\u003e4451bcb\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eremove custom proxy handling (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/143\"\u003e#143\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/dce0ab05f36f30b22fd14289fd36655c618e4e8e\"\u003edce0ab0\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/create-github-app-token/blob/main/CHANGELOG.md\"\u003eactions/create-github-app-token's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/compare/v3.1.1...v3.2.0\"\u003e3.2.0\u003c/a\u003e (2026-05-12)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd support for enterprise-level GitHub Apps (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/263\"\u003e#263\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/952a2a7073df6bfa5f49bc469ec895b6ec1acea4\"\u003e952a2a7\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esupport full repository names in \u003ccode\u003erepositories\u003c/code\u003e input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/372\"\u003e#372\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/85eb8dd41472213aed25d1a126460e0069138ab6\"\u003e85eb8dd\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1 in the production-dependencies group (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/364\"\u003e#364\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/43e5c345bfd4d4f3ecea019ad0042001a09dd857\"\u003e43e5c34\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003evalidate private-key input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/376\"\u003e#376\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/f24bbd89643991c0de27ae823c01791b2c6bafdd\"\u003ef24bbd8\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/bcd2ba49218906704ab6c1aa796996da409d3eb1\"\u003e\u003ccode\u003ebcd2ba4\u003c/code\u003e\u003c/a\u003e chore(main): release 3.2.0 (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/370\"\u003e#370\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/f24bbd89643991c0de27ae823c01791b2c6bafdd\"\u003e\u003ccode\u003ef24bbd8\u003c/code\u003e\u003c/a\u003e fix: validate private-key input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/376\"\u003e#376\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/363531b6d972a60a00b3f1e6bb139e5e6c764cd9\"\u003e\u003ccode\u003e363531b\u003c/code\u003e\u003c/a\u003e docs: capitalize Git as a proper noun in README (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/374\"\u003e#374\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/fd2801133e469d2950f2c5af5e591d6b2ad833c8\"\u003e\u003ccode\u003efd28011\u003c/code\u003e\u003c/a\u003e docs: update procedure to configure Git (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/287\"\u003e#287\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/85eb8dd41472213aed25d1a126460e0069138ab6\"\u003e\u003ccode\u003e85eb8dd\u003c/code\u003e\u003c/a\u003e feat: support full repository names in \u003ccode\u003erepositories\u003c/code\u003e input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/372\"\u003e#372\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/c9aabb83728c3bd519212fa657ebc07e1f2a5dec\"\u003e\u003ccode\u003ec9aabb8\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump yaml from 2.8.3 to 2.8.4 in the development-dependencie...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/e02e816e5591415258a53bf735aff57977dcd5e2\"\u003e\u003ccode\u003ee02e816\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump undici from 7.24.6 to 8.2.0 (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/366\"\u003e#366\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/8d835bfd37aa48fcb8e709925115857568d98bc4\"\u003e\u003ccode\u003e8d835bf\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump esbuild from 0.27.4 to 0.28.0 in the development-depend...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/952a2a7073df6bfa5f49bc469ec895b6ec1acea4\"\u003e\u003ccode\u003e952a2a7\u003c/code\u003e\u003c/a\u003e feat: add support for enterprise-level GitHub Apps (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/263\"\u003e#263\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/43e5c345bfd4d4f3ecea019ad0042001a09dd857\"\u003e\u003ccode\u003e43e5c34\u003c/code\u003e\u003c/a\u003e fix(deps): bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1 in the production-dependenc...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/actions/create-github-app-token/compare/7bfa3a4717ef143a604ee0a99d859b8886a96d00...bcd2ba49218906704ab6c1aa796996da409d3eb1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/create-github-app-token\u0026package-manager=github_actions\u0026previous-version=1.9.3\u0026new-version=3.2.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/JaeCheon8587/hermes-agent-labs/pull/3","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/JaeCheon8587%2Fhermes-agent-labs/issues/3","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/3/packages"},{"uuid":"4554929510","node_id":"PR_kwDOQk7AtM7g94-3","number":1652,"state":"open","title":"Bump actions/create-github-app-token from 3.1.1 to 3.2.0","user":"dependabot[bot]","labels":["dependencies","github_actions","zenable/risk:low"],"assignees":[],"locked":false,"comments_count":4,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-30T16:03:45.000Z","updated_at":"2026-05-30T16:08:17.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"actions/create-github-app-token","old_version":"3.1.1","new_version":"3.2.0","repository_url":"https://github.com/actions/create-github-app-token"}],"path":null,"ecosystem":"actions"},"body":"Bumps [actions/create-github-app-token](https://github.com/actions/create-github-app-token) from 3.1.1 to 3.2.0.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/create-github-app-token/releases\"\u003eactions/create-github-app-token's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.2.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/compare/v3.1.1...v3.2.0\"\u003e3.2.0\u003c/a\u003e (2026-05-12)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd support for enterprise-level GitHub Apps (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/263\"\u003e#263\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/952a2a7073df6bfa5f49bc469ec895b6ec1acea4\"\u003e952a2a7\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esupport full repository names in \u003ccode\u003erepositories\u003c/code\u003e input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/372\"\u003e#372\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/85eb8dd41472213aed25d1a126460e0069138ab6\"\u003e85eb8dd\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1 in the production-dependencies group (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/364\"\u003e#364\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/43e5c345bfd4d4f3ecea019ad0042001a09dd857\"\u003e43e5c34\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003evalidate private-key input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/376\"\u003e#376\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/f24bbd89643991c0de27ae823c01791b2c6bafdd\"\u003ef24bbd8\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/create-github-app-token/blob/main/CHANGELOG.md\"\u003eactions/create-github-app-token's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/compare/v3.1.1...v3.2.0\"\u003e3.2.0\u003c/a\u003e (2026-05-12)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd support for enterprise-level GitHub Apps (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/263\"\u003e#263\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/952a2a7073df6bfa5f49bc469ec895b6ec1acea4\"\u003e952a2a7\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esupport full repository names in \u003ccode\u003erepositories\u003c/code\u003e input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/372\"\u003e#372\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/85eb8dd41472213aed25d1a126460e0069138ab6\"\u003e85eb8dd\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1 in the production-dependencies group (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/364\"\u003e#364\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/43e5c345bfd4d4f3ecea019ad0042001a09dd857\"\u003e43e5c34\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003evalidate private-key input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/376\"\u003e#376\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/f24bbd89643991c0de27ae823c01791b2c6bafdd\"\u003ef24bbd8\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/bcd2ba49218906704ab6c1aa796996da409d3eb1\"\u003e\u003ccode\u003ebcd2ba4\u003c/code\u003e\u003c/a\u003e chore(main): release 3.2.0 (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/370\"\u003e#370\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/f24bbd89643991c0de27ae823c01791b2c6bafdd\"\u003e\u003ccode\u003ef24bbd8\u003c/code\u003e\u003c/a\u003e fix: validate private-key input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/376\"\u003e#376\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/363531b6d972a60a00b3f1e6bb139e5e6c764cd9\"\u003e\u003ccode\u003e363531b\u003c/code\u003e\u003c/a\u003e docs: capitalize Git as a proper noun in README (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/374\"\u003e#374\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/fd2801133e469d2950f2c5af5e591d6b2ad833c8\"\u003e\u003ccode\u003efd28011\u003c/code\u003e\u003c/a\u003e docs: update procedure to configure Git (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/287\"\u003e#287\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/85eb8dd41472213aed25d1a126460e0069138ab6\"\u003e\u003ccode\u003e85eb8dd\u003c/code\u003e\u003c/a\u003e feat: support full repository names in \u003ccode\u003erepositories\u003c/code\u003e input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/372\"\u003e#372\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/c9aabb83728c3bd519212fa657ebc07e1f2a5dec\"\u003e\u003ccode\u003ec9aabb8\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump yaml from 2.8.3 to 2.8.4 in the development-dependencie...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/e02e816e5591415258a53bf735aff57977dcd5e2\"\u003e\u003ccode\u003ee02e816\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump undici from 7.24.6 to 8.2.0 (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/366\"\u003e#366\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/8d835bfd37aa48fcb8e709925115857568d98bc4\"\u003e\u003ccode\u003e8d835bf\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump esbuild from 0.27.4 to 0.28.0 in the development-depend...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/952a2a7073df6bfa5f49bc469ec895b6ec1acea4\"\u003e\u003ccode\u003e952a2a7\u003c/code\u003e\u003c/a\u003e feat: add support for enterprise-level GitHub Apps (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/263\"\u003e#263\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/43e5c345bfd4d4f3ecea019ad0042001a09dd857\"\u003e\u003ccode\u003e43e5c34\u003c/code\u003e\u003c/a\u003e fix(deps): bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1 in the production-dependenc...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/actions/create-github-app-token/compare/v3.1.1...v3.2.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/create-github-app-token\u0026package-manager=github_actions\u0026previous-version=3.1.1\u0026new-version=3.2.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/Voornaamenachternaam/exchange_gateway/pull/1652","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Voornaamenachternaam%2Fexchange_gateway/issues/1652","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1652/packages"},{"uuid":"4553655227","node_id":"PR_kwDOSadfsc7g6H3t","number":23,"state":"open","title":"chore: bump the actions group across 1 directory with 7 updates","user":"dependabot[bot]","labels":["chore","size/M"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-30T07:07:56.000Z","updated_at":"2026-05-30T07:08:10.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore: bump","group_name":"actions","update_count":7,"packages":[{"name":"rharkor/caching-for-turbo","old_version":"2.3.14","new_version":"2.4.2","repository_url":"https://github.com/rharkor/caching-for-turbo"},{"name":"github/codeql-action","old_version":"4.35.3","new_version":"4.36.0","repository_url":"https://github.com/github/codeql-action"},{"name":"actions/create-github-app-token","old_version":"3.1.1","new_version":"3.2.0","repository_url":"https://github.com/actions/create-github-app-token"},{"name":"docker/setup-buildx-action","old_version":"4.0.0","new_version":"4.1.0","repository_url":"https://github.com/docker/setup-buildx-action"},{"name":"docker/login-action","old_version":"4.1.0","new_version":"4.2.0","repository_url":"https://github.com/docker/login-action"},{"name":"docker/build-push-action","old_version":"7.1.0","new_version":"7.2.0","repository_url":"https://github.com/docker/build-push-action"},{"name":"azure/trusted-signing-action","old_version":"1.2.0","new_version":"2.0.0","repository_url":"https://github.com/azure/trusted-signing-action"}],"path":null,"ecosystem":"actions"},"body":"Bumps the actions group with 7 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [rharkor/caching-for-turbo](https://github.com/rharkor/caching-for-turbo) | `2.3.14` | `2.4.2` |\n| [github/codeql-action](https://github.com/github/codeql-action) | `4.35.3` | `4.36.0` |\n| [actions/create-github-app-token](https://github.com/actions/create-github-app-token) | `3.1.1` | `3.2.0` |\n| [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) | `4.0.0` | `4.1.0` |\n| [docker/login-action](https://github.com/docker/login-action) | `4.1.0` | `4.2.0` |\n| [docker/build-push-action](https://github.com/docker/build-push-action) | `7.1.0` | `7.2.0` |\n| [azure/trusted-signing-action](https://github.com/azure/trusted-signing-action) | `1.2.0` | `2.0.0` |\n\n\nUpdates `rharkor/caching-for-turbo` from 2.3.14 to 2.4.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rharkor/caching-for-turbo/releases\"\u003erharkor/caching-for-turbo's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.4.2\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/rharkor/caching-for-turbo/compare/v2.4.1...v2.4.2\"\u003e2.4.2\u003c/a\u003e (2026-05-15)\u003c/h2\u003e\n\u003ch3\u003eMiscellaneous Chores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update aws-sdk-js-v3 monorepo to v3.1046.0 (\u003ca href=\"https://redirect.github.com/rharkor/caching-for-turbo/issues/924\"\u003e#924\u003c/a\u003e) (\u003ca href=\"https://github.com/rharkor/caching-for-turbo/commit/1097ea0917d4ea330e130d4e667ae03b78b09e80\"\u003e1097ea0\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update aws-sdk-js-v3 monorepo to v3.1047.0 (\u003ca href=\"https://redirect.github.com/rharkor/caching-for-turbo/issues/928\"\u003e#928\u003c/a\u003e) (\u003ca href=\"https://github.com/rharkor/caching-for-turbo/commit/e479b5ad758bb348b0a9b02844ae01c7c806e22c\"\u003ee479b5a\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update dependency \u003ccode\u003e@​types/node\u003c/code\u003e to v24.12.4 (\u003ca href=\"https://redirect.github.com/rharkor/caching-for-turbo/issues/922\"\u003e#922\u003c/a\u003e) (\u003ca href=\"https://github.com/rharkor/caching-for-turbo/commit/48e0a229bea36515b8f592d32a0612cbfb879d25\"\u003e48e0a22\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update dependency tsx to v4.21.1 (\u003ca href=\"https://redirect.github.com/rharkor/caching-for-turbo/issues/925\"\u003e#925\u003c/a\u003e) (\u003ca href=\"https://github.com/rharkor/caching-for-turbo/commit/a8fb8606bd25aa6aa8d907f3fa09750a1e197f0e\"\u003ea8fb860\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update dependency tsx to v4.22.0 (\u003ca href=\"https://redirect.github.com/rharkor/caching-for-turbo/issues/926\"\u003e#926\u003c/a\u003e) (\u003ca href=\"https://github.com/rharkor/caching-for-turbo/commit/be65592a32eee326ba0450df565df389b2d3fe22\"\u003ebe65592\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update dependency turbo to v2.9.14 (\u003ca href=\"https://redirect.github.com/rharkor/caching-for-turbo/issues/927\"\u003e#927\u003c/a\u003e) (\u003ca href=\"https://github.com/rharkor/caching-for-turbo/commit/228e10fa85ed2aa1a39b1ab8782e9a56e43f9be8\"\u003e228e10f\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update dependency wait-on to v9.0.10 (\u003ca href=\"https://redirect.github.com/rharkor/caching-for-turbo/issues/919\"\u003e#919\u003c/a\u003e) (\u003ca href=\"https://github.com/rharkor/caching-for-turbo/commit/e38d6a8f6756436e9b9dccffcad76f2ca5204052\"\u003ee38d6a8\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update typescript-eslint monorepo to v8.59.3 (\u003ca href=\"https://redirect.github.com/rharkor/caching-for-turbo/issues/921\"\u003e#921\u003c/a\u003e) (\u003ca href=\"https://github.com/rharkor/caching-for-turbo/commit/8b547c3077086499d515c4d7242e00c70643f93f\"\u003e8b547c3\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003esync:\u003c/strong\u003e restore package.json from main (\u003ca href=\"https://github.com/rharkor/caching-for-turbo/commit/45a958f8aaffc30acdeceb1aab6a6ac508b92386\"\u003e45a958f\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCI/CD\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003etrigger PR checks with pull_request instead of pull_request_target (\u003ca href=\"https://github.com/rharkor/caching-for-turbo/commit/a900bf2795960299444b4a5a981a7b9fd015e941\"\u003ea900bf2\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.4.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/rharkor/caching-for-turbo/compare/v2.4.0...v2.4.1\"\u003e2.4.1\u003c/a\u003e (2026-05-13)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eformat (\u003ca href=\"https://github.com/rharkor/caching-for-turbo/commit/b202f94262701ce5f5ceb0d3c6ec818edb12b1e1\"\u003eb202f94\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMiscellaneous Chores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003esync:\u003c/strong\u003e restore package.json from main (\u003ca href=\"https://github.com/rharkor/caching-for-turbo/commit/ee71897b0c458f948fe04a13808f750683359fca\"\u003eee71897\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.4.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/rharkor/caching-for-turbo/compare/v2.3.14...v2.4.0\"\u003e2.4.0\u003c/a\u003e (2026-05-11)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003esupport port 0 for automatic port assignment (\u003ca href=\"https://github.com/rharkor/caching-for-turbo/commit/a384771fbbc2bc42c74a4ff7d31578655c7ba19e\"\u003ea384771\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/rharkor/caching-for-turbo/issues/917\"\u003e#917\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eformat (\u003ca href=\"https://github.com/rharkor/caching-for-turbo/commit/5e6c588b628d6eba5796ef8decd7881467c43a0e\"\u003e5e6c588\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eport stuck devrun (\u003ca href=\"https://github.com/rharkor/caching-for-turbo/commit/4c3a62318cf4c51fb13aaf67e84c4cef076aafa6\"\u003e4c3a623\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMiscellaneous Chores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update aws-sdk-js-v3 monorepo to v3.1036.0 (\u003ca href=\"https://redirect.github.com/rharkor/caching-for-turbo/issues/889\"\u003e#889\u003c/a\u003e) (\u003ca href=\"https://github.com/rharkor/caching-for-turbo/commit/146dba66e3df34ac64f1121885026bfb9e9975b7\"\u003e146dba6\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update aws-sdk-js-v3 monorepo to v3.1037.0 (\u003ca href=\"https://redirect.github.com/rharkor/caching-for-turbo/issues/890\"\u003e#890\u003c/a\u003e) (\u003ca href=\"https://github.com/rharkor/caching-for-turbo/commit/4cd0f589bcd7f761d83d7e047f0144478297ba82\"\u003e4cd0f58\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update aws-sdk-js-v3 monorepo to v3.1038.0 (\u003ca href=\"https://redirect.github.com/rharkor/caching-for-turbo/issues/892\"\u003e#892\u003c/a\u003e) (\u003ca href=\"https://github.com/rharkor/caching-for-turbo/commit/db644453afe16bd45111e74234a0b553adf0f646\"\u003edb64445\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update aws-sdk-js-v3 monorepo to v3.1039.0 (\u003ca href=\"https://redirect.github.com/rharkor/caching-for-turbo/issues/893\"\u003e#893\u003c/a\u003e) (\u003ca href=\"https://github.com/rharkor/caching-for-turbo/commit/38aabd9da3d830b63866379c9b285aa4320ef560\"\u003e38aabd9\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update aws-sdk-js-v3 monorepo to v3.1040.0 (\u003ca href=\"https://redirect.github.com/rharkor/caching-for-turbo/issues/894\"\u003e#894\u003c/a\u003e) (\u003ca href=\"https://github.com/rharkor/caching-for-turbo/commit/94bcc4142feeedd7d1f565cd41eacec9df746285\"\u003e94bcc41\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update aws-sdk-js-v3 monorepo to v3.1041.0 (\u003ca href=\"https://redirect.github.com/rharkor/caching-for-turbo/issues/898\"\u003e#898\u003c/a\u003e) (\u003ca href=\"https://github.com/rharkor/caching-for-turbo/commit/427799b92cdfe2ec67a9cb680bf2c2aedb1c1068\"\u003e427799b\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rharkor/caching-for-turbo/commit/5d14fba18e450c09393333cfd4242e8b3cb455a6\"\u003e\u003ccode\u003e5d14fba\u003c/code\u003e\u003c/a\u003e chore(release): 2.4.2 [skip ci]\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rharkor/caching-for-turbo/commit/45a958f8aaffc30acdeceb1aab6a6ac508b92386\"\u003e\u003ccode\u003e45a958f\u003c/code\u003e\u003c/a\u003e chore(sync): restore package.json from main\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rharkor/caching-for-turbo/commit/3b4c3d80e7ba25b2efff7e332a08e4877dbf1880\"\u003e\u003ccode\u003e3b4c3d8\u003c/code\u003e\u003c/a\u003e Merge remote-tracking branch 'origin/main' into main-release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rharkor/caching-for-turbo/commit/7ca2ad4301ad4c5744006c694931f175b3b5f34f\"\u003e\u003ccode\u003e7ca2ad4\u003c/code\u003e\u003c/a\u003e Merge branch 'main' of github.com:rharkor/caching-for-turbo\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rharkor/caching-for-turbo/commit/a900bf2795960299444b4a5a981a7b9fd015e941\"\u003e\u003ccode\u003ea900bf2\u003c/code\u003e\u003c/a\u003e ci: trigger PR checks with pull_request instead of pull_request_target\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rharkor/caching-for-turbo/commit/e479b5ad758bb348b0a9b02844ae01c7c806e22c\"\u003e\u003ccode\u003ee479b5a\u003c/code\u003e\u003c/a\u003e chore(deps): update aws-sdk-js-v3 monorepo to v3.1047.0 (\u003ca href=\"https://redirect.github.com/rharkor/caching-for-turbo/issues/928\"\u003e#928\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rharkor/caching-for-turbo/commit/228e10fa85ed2aa1a39b1ab8782e9a56e43f9be8\"\u003e\u003ccode\u003e228e10f\u003c/code\u003e\u003c/a\u003e chore(deps): update dependency turbo to v2.9.14 (\u003ca href=\"https://redirect.github.com/rharkor/caching-for-turbo/issues/927\"\u003e#927\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rharkor/caching-for-turbo/commit/be65592a32eee326ba0450df565df389b2d3fe22\"\u003e\u003ccode\u003ebe65592\u003c/code\u003e\u003c/a\u003e chore(deps): update dependency tsx to v4.22.0 (\u003ca href=\"https://redirect.github.com/rharkor/caching-for-turbo/issues/926\"\u003e#926\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rharkor/caching-for-turbo/commit/a8fb8606bd25aa6aa8d907f3fa09750a1e197f0e\"\u003e\u003ccode\u003ea8fb860\u003c/code\u003e\u003c/a\u003e chore(deps): update dependency tsx to v4.21.1 (\u003ca href=\"https://redirect.github.com/rharkor/caching-for-turbo/issues/925\"\u003e#925\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rharkor/caching-for-turbo/commit/1097ea0917d4ea330e130d4e667ae03b78b09e80\"\u003e\u003ccode\u003e1097ea0\u003c/code\u003e\u003c/a\u003e chore(deps): update aws-sdk-js-v3 monorepo to v3.1046.0 (\u003ca href=\"https://redirect.github.com/rharkor/caching-for-turbo/issues/924\"\u003e#924\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/rharkor/caching-for-turbo/compare/56219402aacc0d06b650d898c222996dbc1191ec...5d14fba18e450c09393333cfd4242e8b3cb455a6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github/codeql-action` from 4.35.3 to 4.36.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/github/codeql-action/releases\"\u003egithub/codeql-action's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.36.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cem\u003eBreaking change\u003c/em\u003e: Bump the minimum required CodeQL bundle version to 2.19.4. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3894\"\u003e#3894\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd support for SHA-256 Git object IDs. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3893\"\u003e#3893\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.5\"\u003e2.25.5\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3926\"\u003e#3926\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.35.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eWe have improved how the JavaScript bundles for the CodeQL Action are generated to avoid duplication across bundles and reduce the size of the repository by around 70%. This should have no effect on the runtime behaviour of the CodeQL Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3899\"\u003e#3899\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFor performance and accuracy reasons, \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e will now only be enabled on a pull request when diff-informed analysis is also enabled for that run. If diff-informed analysis is unavailable (for example, because the PR diff ranges could not be computed), the action will fall back to a full analysis. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3791\"\u003e#3791\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIf multiple inputs are provided for the GitHub-internal \u003ccode\u003eanalysis-kinds\u003c/code\u003e input, only \u003ccode\u003ecode-scanning\u003c/code\u003e will be enabled. The \u003ccode\u003eanalysis-kinds\u003c/code\u003e input is experimental, for GitHub-internal use only, and may change without notice at any time. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3892\"\u003e#3892\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded an experimental change which, when running a Code Scanning analysis for a PR with \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e enabled, prefers CodeQL CLI versions that have a cached overlay-base database for the configured languages. This speeds up analysis for a repository when there is not yet a cached overlay-base database for the latest CLI version. We expect to roll this change out to everyone in May. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3880\"\u003e#3880\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.35.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.4\"\u003e2.25.4\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3881\"\u003e#3881\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/github/codeql-action/blob/main/CHANGELOG.md\"\u003egithub/codeql-action's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eCodeQL Action Changelog\u003c/h1\u003e\n\u003cp\u003eSee the \u003ca href=\"https://github.com/github/codeql-action/releases\"\u003ereleases page\u003c/a\u003e for the relevant changes to the CodeQL CLI and language packs.\u003c/p\u003e\n\u003ch2\u003e[UNRELEASED]\u003c/h2\u003e\n\u003cp\u003eNo user facing changes.\u003c/p\u003e\n\u003ch2\u003e4.36.0 - 22 May 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cem\u003eBreaking change\u003c/em\u003e: Bump the minimum required CodeQL bundle version to 2.19.4. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3894\"\u003e#3894\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd support for SHA-256 Git object IDs. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3893\"\u003e#3893\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.5\"\u003e2.25.5\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3926\"\u003e#3926\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.5 - 15 May 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eWe have improved how the JavaScript bundles for the CodeQL Action are generated to avoid duplication across bundles and reduce the size of the repository by around 70%. This should have no effect on the runtime behaviour of the CodeQL Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3899\"\u003e#3899\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFor performance and accuracy reasons, \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e will now only be enabled on a pull request when diff-informed analysis is also enabled for that run. If diff-informed analysis is unavailable (for example, because the PR diff ranges could not be computed), the action will fall back to a full analysis. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3791\"\u003e#3791\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIf multiple inputs are provided for the GitHub-internal \u003ccode\u003eanalysis-kinds\u003c/code\u003e input, only \u003ccode\u003ecode-scanning\u003c/code\u003e will be enabled. The \u003ccode\u003eanalysis-kinds\u003c/code\u003e input is experimental, for GitHub-internal use only, and may change without notice at any time. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3892\"\u003e#3892\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded an experimental change which, when running a Code Scanning analysis for a PR with \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e enabled, prefers CodeQL CLI versions that have a cached overlay-base database for the configured languages. This speeds up analysis for a repository when there is not yet a cached overlay-base database for the latest CLI version. We expect to roll this change out to everyone in May. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3880\"\u003e#3880\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.4 - 07 May 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.4\"\u003e2.25.4\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3881\"\u003e#3881\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.3 - 01 May 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cem\u003eUpcoming breaking change\u003c/em\u003e: Add a deprecation warning for customers using CodeQL version 2.19.3 and earlier. These versions of CodeQL were discontinued on 9 April 2026 alongside GitHub Enterprise Server 3.15, and will be unsupported by the next minor release of the CodeQL Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3837\"\u003e#3837\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eConfigurations for private registries that use Cloudsmith or GCP OIDC are now accepted. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3850\"\u003e#3850\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBest-effort connection tests for private registries now use \u003ccode\u003eGET\u003c/code\u003e requests instead of \u003ccode\u003eHEAD\u003c/code\u003e for better compatibility with various registry implementations. For NuGet feeds, the test is now always performed against the service index. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3853\"\u003e#3853\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed a bug where two diagnostics produced within the same millisecond could overwrite each other on disk, causing one of them to be lost. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3852\"\u003e#3852\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.3\"\u003e2.25.3\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3865\"\u003e#3865\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.2 - 15 Apr 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eThe undocumented TRAP cache cleanup feature that could be enabled using the \u003ccode\u003eCODEQL_ACTION_CLEANUP_TRAP_CACHES\u003c/code\u003e environment variable is deprecated and will be removed in May 2026. If you are affected by this, we recommend disabling TRAP caching by passing the \u003ccode\u003etrap-caching: false\u003c/code\u003e input to the \u003ccode\u003einit\u003c/code\u003e Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3795\"\u003e#3795\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe Git version 2.36.0 requirement for improved incremental analysis now only applies to repositories that contain submodules. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3789\"\u003e#3789\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePython analysis on GHES no longer extracts the standard library, relying instead on models of the standard library. This should result in significantly faster extraction and analysis times, while the effect on alerts should be minimal. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3794\"\u003e#3794\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed a bug in the validation of OIDC configurations for private registries that was added in CodeQL Action 4.33.0 / 3.33.0. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3807\"\u003e#3807\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.2\"\u003e2.25.2\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3823\"\u003e#3823\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.1 - 27 Mar 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix incorrect minimum required Git version for \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e: it should have been 2.36.0, not 2.11.0. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3781\"\u003e#3781\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.0 - 27 Mar 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReduced the minimum Git version required for \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e from 2.38.0 to 2.11.0. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3767\"\u003e#3767\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.1\"\u003e2.25.1\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3773\"\u003e#3773\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/7211b7c8077ea37d8641b6271f6a365a22a5fbfa\"\u003e\u003ccode\u003e7211b7c\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3927\"\u003e#3927\u003c/a\u003e from github/update-v4.36.0-ebc2d9e2b\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/7740f2fb21add1d46278215acea47540db22f022\"\u003e\u003ccode\u003e7740f2f\u003c/code\u003e\u003c/a\u003e Update changelog for v4.36.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/ebc2d9e2bc247eec51bee8d4df806c4030eb0761\"\u003e\u003ccode\u003eebc2d9e\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3926\"\u003e#3926\u003c/a\u003e from github/update-bundle/codeql-bundle-v2.25.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/d1f74b777c95c777bf4f42ce4b250bc916e745c7\"\u003e\u003ccode\u003ed1f74b7\u003c/code\u003e\u003c/a\u003e Add changelog note\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/2dc40cec39bdc63d3561d74fa6100cebb0418ff4\"\u003e\u003ccode\u003e2dc40ce\u003c/code\u003e\u003c/a\u003e Update default bundle to codeql-bundle-v2.25.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/84498526a009a99c875e83ef4821a8ba52de7c22\"\u003e\u003ccode\u003e8449852\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3910\"\u003e#3910\u003c/a\u003e from github/henrymercer/repo-size-diff-check\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/72ac23c6d16b29fbe801e87e3439941558c53094\"\u003e\u003ccode\u003e72ac23c\u003c/code\u003e\u003c/a\u003e Update excluded required check list\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/c5297a28a2c3e6a8062041b58858bd7117cebe37\"\u003e\u003ccode\u003ec5297a2\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3919\"\u003e#3919\u003c/a\u003e from github/henrymercer/workflow-concurrency\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/8ffeae7d05bc1b914a009d197e64e4f5c9e14503\"\u003e\u003ccode\u003e8ffeae7\u003c/code\u003e\u003c/a\u003e CI: Automatically cancel non-generated workflows\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/f3f52bf568dc44a1069faafa538caa6b1fec40c9\"\u003e\u003ccode\u003ef3f52bf\u003c/code\u003e\u003c/a\u003e Revert \u003ccode\u003egetErrorMessage\u003c/code\u003e import\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/github/codeql-action/compare/e46ed2cbd01164d986452f91f178727624ae40d7...7211b7c8077ea37d8641b6271f6a365a22a5fbfa\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `actions/create-github-app-token` from 3.1.1 to 3.2.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/create-github-app-token/releases\"\u003eactions/create-github-app-token's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.2.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/compare/v3.1.1...v3.2.0\"\u003e3.2.0\u003c/a\u003e (2026-05-12)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd support for enterprise-level GitHub Apps (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/263\"\u003e#263\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/952a2a7073df6bfa5f49bc469ec895b6ec1acea4\"\u003e952a2a7\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esupport full repository names in \u003ccode\u003erepositories\u003c/code\u003e input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/372\"\u003e#372\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/85eb8dd41472213aed25d1a126460e0069138ab6\"\u003e85eb8dd\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1 in the production-dependencies group (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/364\"\u003e#364\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/43e5c345bfd4d4f3ecea019ad0042001a09dd857\"\u003e43e5c34\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003evalidate private-key input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/376\"\u003e#376\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/f24bbd89643991c0de27ae823c01791b2c6bafdd\"\u003ef24bbd8\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/create-github-app-token/blob/main/CHANGELOG.md\"\u003eactions/create-github-app-token's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/compare/v3.1.1...v3.2.0\"\u003e3.2.0\u003c/a\u003e (2026-05-12)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd support for enterprise-level GitHub Apps (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/263\"\u003e#263\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/952a2a7073df6bfa5f49bc469ec895b6ec1acea4\"\u003e952a2a7\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esupport full repository names in \u003ccode\u003erepositories\u003c/code\u003e input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/372\"\u003e#372\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/85eb8dd41472213aed25d1a126460e0069138ab6\"\u003e85eb8dd\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1 in the production-dependencies group (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/364\"\u003e#364\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/43e5c345bfd4d4f3ecea019ad0042001a09dd857\"\u003e43e5c34\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003evalidate private-key input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/376\"\u003e#376\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/f24bbd89643991c0de27ae823c01791b2c6bafdd\"\u003ef24bbd8\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/bcd2ba49218906704ab6c1aa796996da409d3eb1\"\u003e\u003ccode\u003ebcd2ba4\u003c/code\u003e\u003c/a\u003e chore(main): release 3.2.0 (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/370\"\u003e#370\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/f24bbd89643991c0de27ae823c01791b2c6bafdd\"\u003e\u003ccode\u003ef24bbd8\u003c/code\u003e\u003c/a\u003e fix: validate private-key input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/376\"\u003e#376\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/363531b6d972a60a00b3f1e6bb139e5e6c764cd9\"\u003e\u003ccode\u003e363531b\u003c/code\u003e\u003c/a\u003e docs: capitalize Git as a proper noun in README (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/374\"\u003e#374\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/fd2801133e469d2950f2c5af5e591d6b2ad833c8\"\u003e\u003ccode\u003efd28011\u003c/code\u003e\u003c/a\u003e docs: update procedure to configure Git (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/287\"\u003e#287\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/85eb8dd41472213aed25d1a126460e0069138ab6\"\u003e\u003ccode\u003e85eb8dd\u003c/code\u003e\u003c/a\u003e feat: support full repository names in \u003ccode\u003erepositories\u003c/code\u003e input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/372\"\u003e#372\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/c9aabb83728c3bd519212fa657ebc07e1f2a5dec\"\u003e\u003ccode\u003ec9aabb8\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump yaml from 2.8.3 to 2.8.4 in the development-dependencie...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/e02e816e5591415258a53bf735aff57977dcd5e2\"\u003e\u003ccode\u003ee02e816\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump undici from 7.24.6 to 8.2.0 (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/366\"\u003e#366\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/8d835bfd37aa48fcb8e709925115857568d98bc4\"\u003e\u003ccode\u003e8d835bf\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump esbuild from 0.27.4 to 0.28.0 in the development-depend...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/952a2a7073df6bfa5f49bc469ec895b6ec1acea4\"\u003e\u003ccode\u003e952a2a7\u003c/code\u003e\u003c/a\u003e feat: add support for enterprise-level GitHub Apps (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/263\"\u003e#263\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/43e5c345bfd4d4f3ecea019ad0042001a09dd857\"\u003e\u003ccode\u003e43e5c34\u003c/code\u003e\u003c/a\u003e fix(deps): bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1 in the production-dependenc...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/actions/create-github-app-token/compare/1b10c78c7865c340bc4f6099eb2f838309f1e8c3...bcd2ba49218906704ab6c1aa796996da409d3eb1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `docker/setup-buildx-action` from 4.0.0 to 4.1.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/docker/setup-buildx-action/releases\"\u003edocker/setup-buildx-action's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.1.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBump \u003ccode\u003e@​docker/actions-toolkit\u003c/code\u003e from 0.79.0 to 0.90.0 in \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/pull/489\"\u003edocker/setup-buildx-action#489\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump brace-expansion from 1.1.12 to 5.0.6 in \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/pull/547\"\u003edocker/setup-buildx-action#547\u003c/a\u003e \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/pull/508\"\u003edocker/setup-buildx-action#508\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump fast-xml-builder from 1.0.0 to 1.2.0 in \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/pull/540\"\u003edocker/setup-buildx-action#540\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump fast-xml-parser from 5.4.2 to 5.8.0 in \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/pull/496\"\u003edocker/setup-buildx-action#496\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump flatted from 3.3.3 to 3.4.2 in \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/pull/499\"\u003edocker/setup-buildx-action#499\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump glob from 10.3.12 to 13.0.6 in \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/pull/495\"\u003edocker/setup-buildx-action#495\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump handlebars from 4.7.8 to 4.7.9 in \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/pull/504\"\u003edocker/setup-buildx-action#504\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump lodash from 4.17.23 to 4.18.1 in \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/pull/523\"\u003edocker/setup-buildx-action#523\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump picomatch from 4.0.3 to 4.0.4 in \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/pull/503\"\u003edocker/setup-buildx-action#503\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump postcss from 8.5.6 to 8.5.10 in \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/pull/537\"\u003edocker/setup-buildx-action#537\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump tar from 6.2.1 to 7.5.15 in \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/pull/545\"\u003edocker/setup-buildx-action#545\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump undici from 6.23.0 to 6.25.0 in \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/pull/492\"\u003edocker/setup-buildx-action#492\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump vite from 7.3.1 to 7.3.2 in \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/pull/520\"\u003edocker/setup-buildx-action#520\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/docker/setup-buildx-action/compare/v4.0.0...v4.1.0\"\u003ehttps://github.com/docker/setup-buildx-action/compare/v4.0.0...v4.1.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/setup-buildx-action/commit/d7f5e7f509e45cec5c76c4d5afdd7de93d0b3df5\"\u003e\u003ccode\u003ed7f5e7f\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/issues/489\"\u003e#489\u003c/a\u003e from docker/dependabot/npm_and_yarn/docker/actions-to...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/setup-buildx-action/commit/92bc5c9777806d0a73d9d668ba2114fa1177f164\"\u003e\u003ccode\u003e92bc5c9\u003c/code\u003e\u003c/a\u003e chore: update generated content\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/setup-buildx-action/commit/da11e35abee0f20cb4f1c1b7c461d37c29be52f5\"\u003e\u003ccode\u003eda11e35\u003c/code\u003e\u003c/a\u003e build(deps): bump \u003ccode\u003e@​docker/actions-toolkit\u003c/code\u003e from 0.79.0 to 0.90.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/setup-buildx-action/commit/f021e162ef95b6fba51af1c6674f537f25bce851\"\u003e\u003ccode\u003ef021e16\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/issues/492\"\u003e#492\u003c/a\u003e from docker/dependabot/npm_and_yarn/undici-6.24.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/setup-buildx-action/commit/b5af94fab700aee0c64d6077e0e34ae987815b67\"\u003e\u003ccode\u003eb5af94f\u003c/code\u003e\u003c/a\u003e chore: update generated content\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/setup-buildx-action/commit/16ad9776a801d0c47f0a05f007b88a3789aa8ab6\"\u003e\u003ccode\u003e16ad977\u003c/code\u003e\u003c/a\u003e build(deps): bump undici from 6.23.0 to 6.25.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/setup-buildx-action/commit/d7a12d7df895b33bd02a9b4bf62a12f2b9a24458\"\u003e\u003ccode\u003ed7a12d7\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/issues/495\"\u003e#495\u003c/a\u003e from docker/dependabot/npm_and_yarn/glob-10.5.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/setup-buildx-action/commit/28ff27de4eed7518d361591f2cd1dfb69c34a7cb\"\u003e\u003ccode\u003e28ff27d\u003c/code\u003e\u003c/a\u003e build(deps): bump glob from 10.3.12 to 13.0.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/setup-buildx-action/commit/daf436b50e13d9053b9730cbc16516891878b019\"\u003e\u003ccode\u003edaf436b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/issues/496\"\u003e#496\u003c/a\u003e from docker/dependabot/npm_and_yarn/fast-xml-parser-5...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/setup-buildx-action/commit/9725348367859764880f2f2e688a6b0c353e3f35\"\u003e\u003ccode\u003e9725348\u003c/code\u003e\u003c/a\u003e chore: update generated content\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/docker/setup-buildx-action/compare/4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd...d7f5e7f509e45cec5c76c4d5afdd7de93d0b3df5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `docker/login-action` from 4.1.0 to 4.2.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/docker/login-action/releases\"\u003edocker/login-action's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.2.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1 in \u003ca href=\"https://redirect.github.com/docker/login-action/pull/976\"\u003edocker/login-action#976\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​aws-sdk/client-ecr\u003c/code\u003e and \u003ccode\u003e@​aws-sdk/client-ecr-public\u003c/code\u003e to 3.1050.0 in \u003ca href=\"https://redirect.github.com/docker/login-action/pull/960\"\u003edocker/login-action#960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​docker/actions-toolkit\u003c/code\u003e from 0.86.0 to 0.90.0 in \u003ca href=\"https://redirect.github.com/docker/login-action/pull/970\"\u003edocker/login-action#970\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump brace-expansion from 2.0.1 to 5.0.6 in \u003ca href=\"https://redirect.github.com/docker/login-action/pull/993\"\u003edocker/login-action#993\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump fast-xml-builder from 1.1.4 to 1.2.0 in \u003ca href=\"https://redirect.github.com/docker/login-action/pull/985\"\u003edocker/login-action#985\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump fast-xml-parser from 5.3.6 to 5.8.0 in \u003ca href=\"https://redirect.github.com/docker/login-action/pull/963\"\u003edocker/login-action#963\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump http-proxy-agent and https-proxy-agent to 9.0.0 in \u003ca href=\"https://redirect.github.com/docker/login-action/pull/961\"\u003edocker/login-action#961\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump postcss from 8.5.6 to 8.5.10 in \u003ca href=\"https://redirect.github.com/docker/login-action/pull/979\"\u003edocker/login-action#979\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump tar from 6.2.1 to 7.5.15 in \u003ca href=\"https://redirect.github.com/docker/login-action/pull/991\"\u003edocker/login-action#991\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump vite from 7.3.1 to 7.3.3 in \u003ca href=\"https://redirect.github.com/docker/login-action/pull/986\"\u003edocker/login-action#986\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/docker/login-action/compare/v4.1.0...v4.2.0\"\u003ehttps://github.com/docker/login-action/compare/v4.1.0...v4.2.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/login-action/commit/650006c6eb7dba73a995cc03b0b2d7f5ca915bee\"\u003e\u003ccode\u003e650006c\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/docker/login-action/issues/960\"\u003e#960\u003c/a\u003e from docker/dependabot/npm_and_yarn/aws-sdk-dependenc...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/login-action/commit/99df1a3f6d65e48177ea57671a50e2242eae4b63\"\u003e\u003ccode\u003e99df1a3\u003c/code\u003e\u003c/a\u003e chore: update generated content\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/login-action/commit/3ab375f324f46da5f6901efeda4be4e2566ebaa2\"\u003e\u003ccode\u003e3ab375f\u003c/code\u003e\u003c/a\u003e build(deps): bump the aws-sdk-dependencies group across 1 directory with 2 up...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/login-action/commit/39d85804ae465a1816c68ff58158ec66883981b4\"\u003e\u003ccode\u003e39d8580\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/docker/login-action/issues/970\"\u003e#970\u003c/a\u003e from docker/dependabot/npm_and_yarn/docker/actions-to...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/login-action/commit/4eefcd33ca7213989697445a78b6730274bfaba6\"\u003e\u003ccode\u003e4eefcd3\u003c/code\u003e\u003c/a\u003e chore: update generated content\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/login-action/commit/56d092c8b3f04006c22f4fc20a2b3d2442caed56\"\u003e\u003ccode\u003e56d092c\u003c/code\u003e\u003c/a\u003e build(deps): bump \u003ccode\u003e@​docker/actions-toolkit\u003c/code\u003e from 0.86.0 to 0.90.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/login-action/commit/e2e31ca87063ae00fd41ad3b9c548dd8ec24c5ff\"\u003e\u003ccode\u003ee2e31ca\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/docker/login-action/issues/976\"\u003e#976\u003c/a\u003e from docker/dependabot/npm_and_yarn/actions/core-3.0.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/login-action/commit/0bced941e843afc786fbfd58b1c6c13ca11e09c9\"\u003e\u003ccode\u003e0bced94\u003c/code\u003e\u003c/a\u003e chore: update generated content\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/login-action/commit/3e75a0f266b07e09777a621d0ca5f4432ef9f10c\"\u003e\u003ccode\u003e3e75a0f\u003c/code\u003e\u003c/a\u003e build(deps): bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/login-action/commit/365bebd9d646160567ebad47824f026e09ee6970\"\u003e\u003ccode\u003e365bebd\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/docker/login-action/issues/984\"\u003e#984\u003c/a\u003e from docker/dependabot/github_actions/aws-actions/con...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/docker/login-action/compare/4907a6ddec9925e35a0a9e82d7399ccc52663121...650006c6eb7dba73a995cc03b0b2d7f5ca915bee\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `docker/build-push-action` from 7.1.0 to 7.2.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/docker/build-push-action/releases\"\u003edocker/build-push-action's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.2.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1 in \u003ca href=\"https://redirect.github.com/docker/build-push-action/pull/1525\"\u003edocker/build-push-action#1525\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​docker/actions-toolkit\u003c/code\u003e from 0.87.0 to 0.90.0 in \u003ca href=\"https://redirect.github.com/docker/build-push-action/pull/1517\"\u003edocker/build-push-action#1517\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump brace-expansion from 2.0.2 to 5.0.6 in \u003ca href=\"https://redirect.github.com/docker/build-push-action/pull/1534\"\u003edocker/build-push-action#1534\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump fast-xml-builder from 1.1.4 to 1.2.0 in \u003ca href=\"https://redirect.github.com/docker/build-push-action/pull/1529\"\u003edocker/build-push-action#1529\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump fast-xml-parser from 5.5.7 to 5.8.0 in \u003ca href=\"https://redirect.github.com/docker/build-push-action/pull/1521\"\u003edocker/build-push-action#1521\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump postcss from 8.5.6 to 8.5.10 in \u003ca href=\"https://redirect.github.com/docker/build-push-action/pull/1526\"\u003edocker/build-push-action#1526\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump tar from 6.2.1 to 7.5.15 in \u003ca href=\"https://redirect.github.com/docker/build-push-action/pull/1533\"\u003edocker/build-push-action#1533\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/docker/build-push-action/compare/v7.1.0...v7.2.0\"\u003ehttps://github.com/docker/build-push-action/compare/v7.1.0...v7.2.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/build-push-action/commit/f9f3042f7e2789586610d6e8b85c8f03e5195baf\"\u003e\u003ccode\u003ef9f3042\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/docker/build-push-action/issues/1517\"\u003e#1517\u003c/a\u003e from docker/dependabot/npm_and_yarn/docker/actions-t...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/build-push-action/commit/812d5fd9212a4c5d419e5be02fd8e9bb435c5d76\"\u003e\u003ccode\u003e812d5fd\u003c/code\u003e\u003c/a\u003e chore: update generated content\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/build-push-action/commit/b6f66930769f2917a3275dc4d81f15583ac7e105\"\u003e\u003ccode\u003eb6f6693\u003c/code\u003e\u003c/a\u003e chore(deps): Bump \u003ccode\u003e@​docker/actions-toolkit\u003c/code\u003e from 0.87.0 to 0.90.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/build-push-action/commit/c1c626eced73a500ec65c4256c620b3b9e8278c0\"\u003e\u003ccode\u003ec1c626e\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/docker/build-push-action/issues/1525\"\u003e#1525\u003c/a\u003e from docker/dependabot/npm_and_yarn/actions/core-3.0.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/build-push-action/commit/51bb284cd4d05650aa6f5e4e22cb96d2cbfe62b7\"\u003e\u003ccode\u003e51bb284\u003c/code\u003e\u003c/a\u003e chore: update generated content\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/build-push-action/commit/5f7884def8f133e8ef40c53d003d1471c05621c6\"\u003e\u003ccode\u003e5f7884d\u003c/code\u003e\u003c/a\u003e chore(deps): Bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/build-push-action/commit/e01deff7d956c756a20f3e19ff7ddc0e4a50fc1d\"\u003e\u003ccode\u003ee01deff\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/docker/build-push-action/issues/1521\"\u003e#1521\u003c/a\u003e from docker/dependabot/npm_and_yarn/fast-xml-parser-...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/build-push-action/commit/3804d497934b39bd591ee9d1c6c9e593b4488a67\"\u003e\u003ccode\u003e3804d49\u003c/code\u003e\u003c/a\u003e chore: update generated content\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/build-push-action/commit/71e8947aac5dad23ce83a43e9c98f750e02de2f3\"\u003e\u003ccode\u003e71e8947\u003c/code\u003e\u003c/a\u003e chore(deps): Bump fast-xml-parser from 5.5.7 to 5.8.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/build-push-action/commit/4925ad24cdbc42ff492d76cf9fe7a30b79976b60\"\u003e\u003ccode\u003e4925ad2\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/docker/build-push-action/issues/1526\"\u003e#1526\u003c/a\u003e from docker/dependabot/npm_and_yarn/postcss-8.5.10\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/docker/build-push-action/compare/bcafcacb16a39f128d818304e6c9c0c18556b85f...f9f3042f7e2789586610d6e8b85c8f03e5195baf\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `azure/trusted-signing-action` from 1.2.0 to 2.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/azure/trusted-signing-action/releases\"\u003eazure/trusted-signing-action's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.0.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003erefactor: migrate to new artifactsigning module by \u003ca href=\"https://github.com/Jaxelr\"\u003e\u003ccode\u003e@​Jaxelr\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/Azure/artifact-signing-action/pull/133\"\u003eAzure/artifact-signing-action#133\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: update README runtime version and action references by \u003ca href=\"https://github.com/Jaxelr\"\u003e\u003ccode\u003e@​Jaxelr\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/Azure/artifact-signing-action/pull/139\"\u003eAzure/artifact-signing-action#139\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erefactor: upgrade packages to the latest versions by \u003ca href=\"https://github.com/Jaxelr\"\u003e\u003ccode\u003e@​Jaxelr\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/Azure/artifact-signing-action/pull/135\"\u003eAzure/artifact-signing-action#135\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/Azure/artifact-signing-action/compare/v1.2.0...v2.0.0\"\u003ehttps://github.com/Azure/artifact-signing-action/compare/v1.2.0...v2.0.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Azure/artifact-signing-action/commit/c7ab2a863ab5f9a846ddb8265964877ef296ee82\"\u003e\u003ccode\u003ec7ab2a8\u003c/code\u003e\u003c/a\u003e refactor: upgrade packages to the latest versions (\u003ca href=\"https://redirect.github.com/azure/trusted-signing-action/issues/135\"\u003e#135\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Azure/artifact-signing-action/commit/7664cea6ad50e2f1b08bf6d5b4a371527221231c\"\u003e\u003ccode\u003e7664cea\u003c/code\u003e\u003c/a\u003e docs: update README runtime version and action references (\u003ca href=\"https://redirect.github.com/azure/trusted-signing-action/issues/139\"\u003e#139\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Azure/artifact-signing-action/commit/64185d8ca9555a71ba666fc42fa2ed9461a9d583\"\u003e\u003ccode\u003e64185d8\u003c/code\u003e\u003c/a\u003e refactor: migrate to new artifactsigning module (\u003ca href=\"https://redirect.github.com/azure/trusted-signing-action/issues/133\"\u003e#133\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/azure/trusted-signing-action/compare/b443cf8ea4124818d2ea9f043cba29fc3ec47b16...c7ab2a863ab5f9a846ddb8265964877ef296ee82\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\n\n\n\u003c/details\u003e","html_url":"https://github.com/jon-aiken/stella/pull/23","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/jon-aiken%2Fstella/issues/23","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/23/packages"},{"uuid":"4551177626","node_id":"PR_kwDOOBqI787gyJhM","number":16,"state":"open","title":"Bump actions/create-github-app-token from 1 to 3","user":"dependabot[bot]","labels":["dependencies","github_actions"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-29T19:45:43.000Z","updated_at":"2026-05-29T19:46:31.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"actions/create-github-app-token","old_version":"1","new_version":"3","repository_url":"https://github.com/actions/create-github-app-token"}],"path":null,"ecosystem":"actions"},"body":"Bumps [actions/create-github-app-token](https://github.com/actions/create-github-app-token) from 1 to 3.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/create-github-app-token/releases\"\u003eactions/create-github-app-token's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.0.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/compare/v2.2.2...v3.0.0\"\u003e3.0.0\u003c/a\u003e (2026-03-14)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003efeat!: node 24 support (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/275\"\u003e#275\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/2e564a0bb8e7cc2b907b2401a2afe177882d4325\"\u003e2e564a0\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix!: require \u003ccode\u003eNODE_USE_ENV_PROXY\u003c/code\u003e for proxy support (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/342\"\u003e#342\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/4451bcbc139f8124b0bf04f968ea2586b17df458\"\u003e4451bcb\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eremove custom proxy handling (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/143\"\u003e#143\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/dce0ab05f36f30b22fd14289fd36655c618e4e8e\"\u003edce0ab0\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCustom proxy handling has been removed. If you use HTTP_PROXY or HTTPS_PROXY, you must now also set NODE_USE_ENV_PROXY=1 on the action step.\u003c/li\u003e\n\u003cli\u003eRequires \u003ca href=\"https://github.com/actions/runner/releases/tag/v2.327.1\"\u003eActions Runner v2.327.1\u003c/a\u003e or later if you are using a self-hosted runner.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.0.0-beta.6\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/compare/v3.0.0-beta.5...v3.0.0-beta.6\"\u003e3.0.0-beta.6\u003c/a\u003e (2026-03-13)\u003c/h1\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 1.11.1 to 3.0.0 (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/337\"\u003e#337\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/b04413352d4644ac2131b9a90c074f5e93ca18a1\"\u003eb044133\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump minimatch from 9.0.5 to 9.0.9 (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/335\"\u003e#335\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/5cbc65624c9ddc4589492bda7c8b146223e8c3e4\"\u003e5cbc656\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump the production-dependencies group with 4 updates (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/336\"\u003e#336\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/6bda5bc1410576b9a0879ce6076d53345485bba9\"\u003e6bda5bc\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump undici from 7.16.0 to 7.18.2 (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/323\"\u003e#323\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/b4f638f48ee0dcdbb0bc646c48e4cb2a2de847fe\"\u003eb4f638f\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.0.0-beta.5\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/compare/v3.0.0-beta.4...v3.0.0-beta.5\"\u003e3.0.0-beta.5\u003c/a\u003e (2026-03-13)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003efix!: require \u003ccode\u003eNODE_USE_ENV_PROXY\u003c/code\u003e for proxy support (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/342\"\u003e#342\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/d53a1cdfde844c958786293adcaf739ecb8b5eb9\"\u003ed53a1cd\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCustom proxy handling has been removed. If you use HTTP_PROXY or HTTPS_PROXY, you must now also set NODE_USE_ENV_PROXY=1 on the action step.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.0.0-beta.4\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/compare/v3.0.0-beta.3...v3.0.0-beta.4\"\u003e3.0.0-beta.4\u003c/a\u003e (2026-03-13)\u003c/h1\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump \u003ccode\u003e@​octokit/auth-app\u003c/code\u003e from 7.2.1 to 8.0.1 (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/257\"\u003e#257\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/bef1eaf1c0ac2b148ee2a0a74c65fbe6db0631f1\"\u003ebef1eaf\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump \u003ccode\u003e@​octokit/request\u003c/code\u003e from 9.2.3 to 10.0.2 (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/256\"\u003e#256\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/5d7307be63501c0070c634b0ae8fec74e8208130\"\u003e5d7307b\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump glob from 10.4.5 to 10.5.0 (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/305\"\u003e#305\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/5480f4325a18c025ee16d7e081413854624e9edc\"\u003e5480f43\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump p-retry from 6.2.1 to 7.1.0 (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/294\"\u003e#294\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/dce3be8b284f45e65caed11a610e2bef738d15b4\"\u003edce3be8\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/create-github-app-token/blob/main/CHANGELOG.md\"\u003eactions/create-github-app-token's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/compare/v3.1.1...v3.2.0\"\u003e3.2.0\u003c/a\u003e (2026-05-12)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd support for enterprise-level GitHub Apps (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/263\"\u003e#263\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/952a2a7073df6bfa5f49bc469ec895b6ec1acea4\"\u003e952a2a7\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esupport full repository names in \u003ccode\u003erepositories\u003c/code\u003e input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/372\"\u003e#372\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/85eb8dd41472213aed25d1a126460e0069138ab6\"\u003e85eb8dd\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1 in the production-dependencies group (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/364\"\u003e#364\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/43e5c345bfd4d4f3ecea019ad0042001a09dd857\"\u003e43e5c34\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003evalidate private-key input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/376\"\u003e#376\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/f24bbd89643991c0de27ae823c01791b2c6bafdd\"\u003ef24bbd8\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/bcd2ba49218906704ab6c1aa796996da409d3eb1\"\u003e\u003ccode\u003ebcd2ba4\u003c/code\u003e\u003c/a\u003e chore(main): release 3.2.0 (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/370\"\u003e#370\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/f24bbd89643991c0de27ae823c01791b2c6bafdd\"\u003e\u003ccode\u003ef24bbd8\u003c/code\u003e\u003c/a\u003e fix: validate private-key input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/376\"\u003e#376\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/363531b6d972a60a00b3f1e6bb139e5e6c764cd9\"\u003e\u003ccode\u003e363531b\u003c/code\u003e\u003c/a\u003e docs: capitalize Git as a proper noun in README (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/374\"\u003e#374\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/fd2801133e469d2950f2c5af5e591d6b2ad833c8\"\u003e\u003ccode\u003efd28011\u003c/code\u003e\u003c/a\u003e docs: update procedure to configure Git (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/287\"\u003e#287\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/85eb8dd41472213aed25d1a126460e0069138ab6\"\u003e\u003ccode\u003e85eb8dd\u003c/code\u003e\u003c/a\u003e feat: support full repository names in \u003ccode\u003erepositories\u003c/code\u003e input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/372\"\u003e#372\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/c9aabb83728c3bd519212fa657ebc07e1f2a5dec\"\u003e\u003ccode\u003ec9aabb8\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump yaml from 2.8.3 to 2.8.4 in the development-dependencie...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/e02e816e5591415258a53bf735aff57977dcd5e2\"\u003e\u003ccode\u003ee02e816\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump undici from 7.24.6 to 8.2.0 (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/366\"\u003e#366\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/8d835bfd37aa48fcb8e709925115857568d98bc4\"\u003e\u003ccode\u003e8d835bf\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump esbuild from 0.27.4 to 0.28.0 in the development-depend...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/952a2a7073df6bfa5f49bc469ec895b6ec1acea4\"\u003e\u003ccode\u003e952a2a7\u003c/code\u003e\u003c/a\u003e feat: add support for enterprise-level GitHub Apps (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/263\"\u003e#263\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/43e5c345bfd4d4f3ecea019ad0042001a09dd857\"\u003e\u003ccode\u003e43e5c34\u003c/code\u003e\u003c/a\u003e fix(deps): bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1 in the production-dependenc...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/actions/create-github-app-token/compare/v1...v3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/create-github-app-token\u0026package-manager=github_actions\u0026previous-version=1\u0026new-version=3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/georgebaskervil/geor.me/pull/16","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/georgebaskervil%2Fgeor.me/issues/16","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/16/packages"},{"uuid":"4547610486","node_id":"PR_kwDOSrNuCM7gmZIQ","number":2,"state":"open","title":"chore(actions)(deps): bump actions/create-github-app-token from 1.9.3 to 3.2.0","user":"dependabot[bot]","labels":[],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-29T10:10:53.000Z","updated_at":"2026-05-29T10:11:33.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(actions)(deps)","packages":[{"name":"actions/create-github-app-token","old_version":"1.9.3","new_version":"3.2.0","repository_url":"https://github.com/actions/create-github-app-token"}],"path":null,"ecosystem":"actions"},"body":"Bumps [actions/create-github-app-token](https://github.com/actions/create-github-app-token) from 1.9.3 to 3.2.0.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/create-github-app-token/releases\"\u003eactions/create-github-app-token's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.2.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/compare/v3.1.1...v3.2.0\"\u003e3.2.0\u003c/a\u003e (2026-05-12)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd support for enterprise-level GitHub Apps (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/263\"\u003e#263\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/952a2a7073df6bfa5f49bc469ec895b6ec1acea4\"\u003e952a2a7\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esupport full repository names in \u003ccode\u003erepositories\u003c/code\u003e input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/372\"\u003e#372\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/85eb8dd41472213aed25d1a126460e0069138ab6\"\u003e85eb8dd\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1 in the production-dependencies group (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/364\"\u003e#364\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/43e5c345bfd4d4f3ecea019ad0042001a09dd857\"\u003e43e5c34\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003evalidate private-key input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/376\"\u003e#376\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/f24bbd89643991c0de27ae823c01791b2c6bafdd\"\u003ef24bbd8\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.1.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/compare/v3.1.0...v3.1.1\"\u003e3.1.1\u003c/a\u003e (2026-04-11)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eimprove error message when app identifier is empty (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/362\"\u003e#362\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/07e2b760664f080c40eec4eacf7477256582db36\"\u003e07e2b76\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/249\"\u003e#249\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.1.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/compare/v3.0.0...v3.1.0\"\u003e3.1.0\u003c/a\u003e (2026-04-11)\u003c/h1\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump p-retry from 7.1.1 to 8.0.0 (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/357\"\u003e#357\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/3bbe07d928e2d6c30bf3e37c6b89edbc4045facf\"\u003e3bbe07d\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd \u003ccode\u003eclient-id\u003c/code\u003e input and deprecate \u003ccode\u003eapp-id\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/353\"\u003e#353\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/e6bd4e6970172bed9fe138b2eaf4cbffa4cca8f9\"\u003ee6bd4e6\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupdate permission inputs (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/358\"\u003e#358\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/076e9480ca6e9633bff412d05eff0fc2f1e7d2be\"\u003e076e948\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.0.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/compare/v2.2.2...v3.0.0\"\u003e3.0.0\u003c/a\u003e (2026-03-14)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003efeat!: node 24 support (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/275\"\u003e#275\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/2e564a0bb8e7cc2b907b2401a2afe177882d4325\"\u003e2e564a0\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix!: require \u003ccode\u003eNODE_USE_ENV_PROXY\u003c/code\u003e for proxy support (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/342\"\u003e#342\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/4451bcbc139f8124b0bf04f968ea2586b17df458\"\u003e4451bcb\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eremove custom proxy handling (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/143\"\u003e#143\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/dce0ab05f36f30b22fd14289fd36655c618e4e8e\"\u003edce0ab0\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/create-github-app-token/blob/main/CHANGELOG.md\"\u003eactions/create-github-app-token's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/compare/v3.1.1...v3.2.0\"\u003e3.2.0\u003c/a\u003e (2026-05-12)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd support for enterprise-level GitHub Apps (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/263\"\u003e#263\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/952a2a7073df6bfa5f49bc469ec895b6ec1acea4\"\u003e952a2a7\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esupport full repository names in \u003ccode\u003erepositories\u003c/code\u003e input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/372\"\u003e#372\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/85eb8dd41472213aed25d1a126460e0069138ab6\"\u003e85eb8dd\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1 in the production-dependencies group (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/364\"\u003e#364\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/43e5c345bfd4d4f3ecea019ad0042001a09dd857\"\u003e43e5c34\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003evalidate private-key input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/376\"\u003e#376\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/f24bbd89643991c0de27ae823c01791b2c6bafdd\"\u003ef24bbd8\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/bcd2ba49218906704ab6c1aa796996da409d3eb1\"\u003e\u003ccode\u003ebcd2ba4\u003c/code\u003e\u003c/a\u003e chore(main): release 3.2.0 (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/370\"\u003e#370\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/f24bbd89643991c0de27ae823c01791b2c6bafdd\"\u003e\u003ccode\u003ef24bbd8\u003c/code\u003e\u003c/a\u003e fix: validate private-key input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/376\"\u003e#376\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/363531b6d972a60a00b3f1e6bb139e5e6c764cd9\"\u003e\u003ccode\u003e363531b\u003c/code\u003e\u003c/a\u003e docs: capitalize Git as a proper noun in README (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/374\"\u003e#374\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/fd2801133e469d2950f2c5af5e591d6b2ad833c8\"\u003e\u003ccode\u003efd28011\u003c/code\u003e\u003c/a\u003e docs: update procedure to configure Git (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/287\"\u003e#287\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/85eb8dd41472213aed25d1a126460e0069138ab6\"\u003e\u003ccode\u003e85eb8dd\u003c/code\u003e\u003c/a\u003e feat: support full repository names in \u003ccode\u003erepositories\u003c/code\u003e input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/372\"\u003e#372\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/c9aabb83728c3bd519212fa657ebc07e1f2a5dec\"\u003e\u003ccode\u003ec9aabb8\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump yaml from 2.8.3 to 2.8.4 in the development-dependencie...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/e02e816e5591415258a53bf735aff57977dcd5e2\"\u003e\u003ccode\u003ee02e816\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump undici from 7.24.6 to 8.2.0 (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/366\"\u003e#366\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/8d835bfd37aa48fcb8e709925115857568d98bc4\"\u003e\u003ccode\u003e8d835bf\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump esbuild from 0.27.4 to 0.28.0 in the development-depend...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/952a2a7073df6bfa5f49bc469ec895b6ec1acea4\"\u003e\u003ccode\u003e952a2a7\u003c/code\u003e\u003c/a\u003e feat: add support for enterprise-level GitHub Apps (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/263\"\u003e#263\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/43e5c345bfd4d4f3ecea019ad0042001a09dd857\"\u003e\u003ccode\u003e43e5c34\u003c/code\u003e\u003c/a\u003e fix(deps): bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1 in the production-dependenc...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/actions/create-github-app-token/compare/7bfa3a4717ef143a604ee0a99d859b8886a96d00...bcd2ba49218906704ab6c1aa796996da409d3eb1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/create-github-app-token\u0026package-manager=github_actions\u0026previous-version=1.9.3\u0026new-version=3.2.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/San20506/friday/pull/2","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/San20506%2Ffriday/issues/2","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/2/packages"},{"uuid":"4543967937","node_id":"PR_kwDOSqJpxc7gag_Q","number":2,"state":"open","title":"chore(actions)(deps): bump actions/create-github-app-token from 1.9.3 to 3.2.0","user":"dependabot[bot]","labels":[],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-28T21:32:34.000Z","updated_at":"2026-05-28T21:34:21.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(actions)(deps)","packages":[{"name":"actions/create-github-app-token","old_version":"1.9.3","new_version":"3.2.0","repository_url":"https://github.com/actions/create-github-app-token"}],"path":null,"ecosystem":"actions"},"body":"Bumps [actions/create-github-app-token](https://github.com/actions/create-github-app-token) from 1.9.3 to 3.2.0.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/create-github-app-token/releases\"\u003eactions/create-github-app-token's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.2.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/compare/v3.1.1...v3.2.0\"\u003e3.2.0\u003c/a\u003e (2026-05-12)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd support for enterprise-level GitHub Apps (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/263\"\u003e#263\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/952a2a7073df6bfa5f49bc469ec895b6ec1acea4\"\u003e952a2a7\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esupport full repository names in \u003ccode\u003erepositories\u003c/code\u003e input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/372\"\u003e#372\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/85eb8dd41472213aed25d1a126460e0069138ab6\"\u003e85eb8dd\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1 in the production-dependencies group (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/364\"\u003e#364\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/43e5c345bfd4d4f3ecea019ad0042001a09dd857\"\u003e43e5c34\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003evalidate private-key input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/376\"\u003e#376\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/f24bbd89643991c0de27ae823c01791b2c6bafdd\"\u003ef24bbd8\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.1.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/compare/v3.1.0...v3.1.1\"\u003e3.1.1\u003c/a\u003e (2026-04-11)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eimprove error message when app identifier is empty (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/362\"\u003e#362\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/07e2b760664f080c40eec4eacf7477256582db36\"\u003e07e2b76\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/249\"\u003e#249\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.1.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/compare/v3.0.0...v3.1.0\"\u003e3.1.0\u003c/a\u003e (2026-04-11)\u003c/h1\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump p-retry from 7.1.1 to 8.0.0 (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/357\"\u003e#357\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/3bbe07d928e2d6c30bf3e37c6b89edbc4045facf\"\u003e3bbe07d\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd \u003ccode\u003eclient-id\u003c/code\u003e input and deprecate \u003ccode\u003eapp-id\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/353\"\u003e#353\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/e6bd4e6970172bed9fe138b2eaf4cbffa4cca8f9\"\u003ee6bd4e6\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupdate permission inputs (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/358\"\u003e#358\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/076e9480ca6e9633bff412d05eff0fc2f1e7d2be\"\u003e076e948\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.0.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/compare/v2.2.2...v3.0.0\"\u003e3.0.0\u003c/a\u003e (2026-03-14)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003efeat!: node 24 support (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/275\"\u003e#275\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/2e564a0bb8e7cc2b907b2401a2afe177882d4325\"\u003e2e564a0\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix!: require \u003ccode\u003eNODE_USE_ENV_PROXY\u003c/code\u003e for proxy support (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/342\"\u003e#342\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/4451bcbc139f8124b0bf04f968ea2586b17df458\"\u003e4451bcb\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eremove custom proxy handling (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/143\"\u003e#143\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/dce0ab05f36f30b22fd14289fd36655c618e4e8e\"\u003edce0ab0\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/create-github-app-token/blob/main/CHANGELOG.md\"\u003eactions/create-github-app-token's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/compare/v3.1.1...v3.2.0\"\u003e3.2.0\u003c/a\u003e (2026-05-12)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd support for enterprise-level GitHub Apps (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/263\"\u003e#263\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/952a2a7073df6bfa5f49bc469ec895b6ec1acea4\"\u003e952a2a7\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esupport full repository names in \u003ccode\u003erepositories\u003c/code\u003e input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/372\"\u003e#372\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/85eb8dd41472213aed25d1a126460e0069138ab6\"\u003e85eb8dd\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1 in the production-dependencies group (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/364\"\u003e#364\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/43e5c345bfd4d4f3ecea019ad0042001a09dd857\"\u003e43e5c34\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003evalidate private-key input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/376\"\u003e#376\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/f24bbd89643991c0de27ae823c01791b2c6bafdd\"\u003ef24bbd8\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/bcd2ba49218906704ab6c1aa796996da409d3eb1\"\u003e\u003ccode\u003ebcd2ba4\u003c/code\u003e\u003c/a\u003e chore(main): release 3.2.0 (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/370\"\u003e#370\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/f24bbd89643991c0de27ae823c01791b2c6bafdd\"\u003e\u003ccode\u003ef24bbd8\u003c/code\u003e\u003c/a\u003e fix: validate private-key input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/376\"\u003e#376\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/363531b6d972a60a00b3f1e6bb139e5e6c764cd9\"\u003e\u003ccode\u003e363531b\u003c/code\u003e\u003c/a\u003e docs: capitalize Git as a proper noun in README (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/374\"\u003e#374\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/fd2801133e469d2950f2c5af5e591d6b2ad833c8\"\u003e\u003ccode\u003efd28011\u003c/code\u003e\u003c/a\u003e docs: update procedure to configure Git (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/287\"\u003e#287\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/85eb8dd41472213aed25d1a126460e0069138ab6\"\u003e\u003ccode\u003e85eb8dd\u003c/code\u003e\u003c/a\u003e feat: support full repository names in \u003ccode\u003erepositories\u003c/code\u003e input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/372\"\u003e#372\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/c9aabb83728c3bd519212fa657ebc07e1f2a5dec\"\u003e\u003ccode\u003ec9aabb8\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump yaml from 2.8.3 to 2.8.4 in the development-dependencie...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/e02e816e5591415258a53bf735aff57977dcd5e2\"\u003e\u003ccode\u003ee02e816\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump undici from 7.24.6 to 8.2.0 (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/366\"\u003e#366\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/8d835bfd37aa48fcb8e709925115857568d98bc4\"\u003e\u003ccode\u003e8d835bf\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump esbuild from 0.27.4 to 0.28.0 in the development-depend...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/952a2a7073df6bfa5f49bc469ec895b6ec1acea4\"\u003e\u003ccode\u003e952a2a7\u003c/code\u003e\u003c/a\u003e feat: add support for enterprise-level GitHub Apps (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/263\"\u003e#263\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/43e5c345bfd4d4f3ecea019ad0042001a09dd857\"\u003e\u003ccode\u003e43e5c34\u003c/code\u003e\u003c/a\u003e fix(deps): bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1 in the production-dependenc...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/actions/create-github-app-token/compare/7bfa3a4717ef143a604ee0a99d859b8886a96d00...bcd2ba49218906704ab6c1aa796996da409d3eb1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/create-github-app-token\u0026package-manager=github_actions\u0026previous-version=1.9.3\u0026new-version=3.2.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/Swarpfoundation/The-Synthetic-Firm/pull/2","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Swarpfoundation%2FThe-Synthetic-Firm/issues/2","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/2/packages"},{"uuid":"4539754150","node_id":"PR_kwDOOmBWg87gModc","number":1803,"state":"open","title":"chore(ci)(deps): bump the major group across 1 directory with 7 updates","user":"dependabot[bot]","labels":["major-update","needs-review"],"assignees":[],"locked":false,"comments_count":5,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-28T10:42:46.000Z","updated_at":"2026-05-28T10:46:55.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(ci)(deps): bump","group_name":"major","update_count":7,"packages":[{"name":"actions/setup-node","old_version":"4.4.0","new_version":"6.4.0","repository_url":"https://github.com/actions/setup-node"},{"name":"actions/github-script","old_version":"7.1.0","new_version":"9.0.0","repository_url":"https://github.com/actions/github-script"},{"name":"pnpm/action-setup","old_version":"4.3.0","new_version":"6.0.8","repository_url":"https://github.com/pnpm/action-setup"},{"name":"actions/setup-dotnet","old_version":"4.3.1","new_version":"5.3.0","repository_url":"https://github.com/actions/setup-dotnet"},{"name":"actions/setup-python","old_version":"5.6.0","new_version":"6.2.0","repository_url":"https://github.com/actions/setup-python"},{"name":"actions/create-github-app-token","old_version":"2.2.2","new_version":"3.2.0","repository_url":"https://github.com/actions/create-github-app-token"},{"name":"github/codeql-action","old_version":"3.35.4","new_version":"4.36.0","repository_url":"https://github.com/github/codeql-action"}],"path":null,"ecosystem":"actions"},"body":"Bumps the major group with 7 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [actions/setup-node](https://github.com/actions/setup-node) | `4.4.0` | `6.4.0` |\n| [actions/github-script](https://github.com/actions/github-script) | `7.1.0` | `9.0.0` |\n| [pnpm/action-setup](https://github.com/pnpm/action-setup) | `4.3.0` | `6.0.8` |\n| [actions/setup-dotnet](https://github.com/actions/setup-dotnet) | `4.3.1` | `5.3.0` |\n| [actions/setup-python](https://github.com/actions/setup-python) | `5.6.0` | `6.2.0` |\n| [actions/create-github-app-token](https://github.com/actions/create-github-app-token) | `2.2.2` | `3.2.0` |\n| [github/codeql-action](https://github.com/github/codeql-action) | `3.35.4` | `4.36.0` |\n\n\nUpdates `actions/setup-node` from 4.4.0 to 6.4.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/setup-node/releases\"\u003eactions/setup-node's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.4.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eDependency updates:\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade \u003ca href=\"https://github.com/actions\"\u003e\u003ccode\u003e@​actions\u003c/code\u003e\u003c/a\u003e dependencies by \u003ca href=\"https://github.com/Copilot\"\u003e\u003ccode\u003e@​Copilot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-node/pull/1525\"\u003eactions/setup-node#1525\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate Node.js versions in versions.yml and bump package to v6.4.0  by \u003ca href=\"https://github.com/priya-kinthali\"\u003e\u003ccode\u003e@​priya-kinthali\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-node/pull/1533\"\u003eactions/setup-node#1533\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Copilot\"\u003e\u003ccode\u003e@​Copilot\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/setup-node/pull/1525\"\u003eactions/setup-node#1525\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/setup-node/compare/v6...v6.4.0\"\u003ehttps://github.com/actions/setup-node/compare/v6...v6.4.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.3.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eEnhancements:\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSupport parsing \u003ccode\u003edevEngines\u003c/code\u003e field by \u003ca href=\"https://github.com/susnux\"\u003e\u003ccode\u003e@​susnux\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-node/pull/1283\"\u003eactions/setup-node#1283\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cblockquote\u003e\n\u003cp\u003eWhen using node-version-file: package.json, setup-node now prefers devEngines.runtime over engines.node.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003ch3\u003eDependency updates:\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix npm audit issues by \u003ca href=\"https://github.com/gowridurgad\"\u003e\u003ccode\u003e@​gowridurgad\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-node/pull/1491\"\u003eactions/setup-node#1491\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eReplace uuid with crypto.randomUUID() by \u003ca href=\"https://github.com/trivikr\"\u003e\u003ccode\u003e@​trivikr\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-node/pull/1378\"\u003eactions/setup-node#1378\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade minimatch from 3.1.2 to 3.1.5 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-node/pull/1498\"\u003eactions/setup-node#1498\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug fixes:\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRemove hardcoded bearer for mirror-url \u003ca href=\"https://github.com/marco-ippolito\"\u003e\u003ccode\u003e@​marco-ippolito\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-node/pull/1467\"\u003eactions/setup-node#1467\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eScope test lockfiles by package manager and update cache tests by \u003ca href=\"https://github.com/gowridurgad\"\u003e\u003ccode\u003e@​gowridurgad\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-node/pull/1495\"\u003eactions/setup-node#1495\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/susnux\"\u003e\u003ccode\u003e@​susnux\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/setup-node/pull/1283\"\u003eactions/setup-node#1283\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/setup-node/compare/v6...v6.3.0\"\u003ehttps://github.com/actions/setup-node/compare/v6...v6.3.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.2.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDocumentation update related to absence of Lockfile by \u003ca href=\"https://github.com/mahabaleshwars\"\u003e\u003ccode\u003e@​mahabaleshwars\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-node/pull/1454\"\u003eactions/setup-node#1454\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCorrect mirror option typos by \u003ca href=\"https://github.com/MikeMcC399\"\u003e\u003ccode\u003e@​MikeMcC399\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-node/pull/1442\"\u003eactions/setup-node#1442\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eReadme update on checkout version v6 by \u003ca href=\"https://github.com/deining\"\u003e\u003ccode\u003e@​deining\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-node/pull/1446\"\u003eactions/setup-node#1446\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eReadme typo fixes \u003ca href=\"https://github.com/munyari\"\u003e\u003ccode\u003e@​munyari\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-node/pull/1226\"\u003eactions/setup-node#1226\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdvanced document update on checkout version v6 by \u003ca href=\"https://github.com/aparnajyothi-y\"\u003e\u003ccode\u003e@​aparnajyothi-y\u003c/code\u003e\u003c/a\u003e  in \u003ca href=\"https://redirect.github.com/actions/setup-node/pull/1468\"\u003eactions/setup-node#1468\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDependency updates:\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade \u003ccode\u003e@​actions/cache\u003c/code\u003e to v5.0.1 by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-node/pull/1449\"\u003eactions/setup-node#1449\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mahabaleshwars\"\u003e\u003ccode\u003e@​mahabaleshwars\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/setup-node/pull/1454\"\u003eactions/setup-node#1454\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/MikeMcC399\"\u003e\u003ccode\u003e@​MikeMcC399\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/setup-node/pull/1442\"\u003eactions/setup-node#1442\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/deining\"\u003e\u003ccode\u003e@​deining\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/setup-node/pull/1446\"\u003eactions/setup-node#1446\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/setup-node/commit/48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e\"\u003e\u003ccode\u003e48b55a0\u003c/code\u003e\u003c/a\u003e Update Node.js versions in versions.yml and bump package to v6.4.0 (\u003ca href=\"https://redirect.github.com/actions/setup-node/issues/1533\"\u003e#1533\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/setup-node/commit/ab72c7e7eba0eaa11f8cab0f5679243900c2cac9\"\u003e\u003ccode\u003eab72c7e\u003c/code\u003e\u003c/a\u003e Upgrade \u003ca href=\"https://github.com/actions\"\u003e\u003ccode\u003e@​actions\u003c/code\u003e\u003c/a\u003e dependencies (\u003ca href=\"https://redirect.github.com/actions/setup-node/issues/1525\"\u003e#1525\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/setup-node/commit/53b83947a5a98c8d113130e565377fae1a50d02f\"\u003e\u003ccode\u003e53b8394\u003c/code\u003e\u003c/a\u003e Bump minimatch from 3.1.2 to 3.1.5 (\u003ca href=\"https://redirect.github.com/actions/setup-node/issues/1498\"\u003e#1498\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/setup-node/commit/54045abd5dcd3b0fee9ca02fa24c57545834c9cc\"\u003e\u003ccode\u003e54045ab\u003c/code\u003e\u003c/a\u003e Scope test lockfiles by package manager and update cache tests (\u003ca href=\"https://redirect.github.com/actions/setup-node/issues/1495\"\u003e#1495\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/setup-node/commit/c882bffdbd4df51ace6b940023952e8669c9932a\"\u003e\u003ccode\u003ec882bff\u003c/code\u003e\u003c/a\u003e Replace uuid with crypto.randomUUID() (\u003ca href=\"https://redirect.github.com/actions/setup-node/issues/1378\"\u003e#1378\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/setup-node/commit/774c1d62961e73038a114d59c8847023c003194d\"\u003e\u003ccode\u003e774c1d6\u003c/code\u003e\u003c/a\u003e feat(node-version-file): support parsing \u003ccode\u003edevEngines\u003c/code\u003e field (\u003ca href=\"https://redirect.github.com/actions/setup-node/issues/1283\"\u003e#1283\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/setup-node/commit/efcb663fc60e97218a2b2d6d827f7830f164739e\"\u003e\u003ccode\u003eefcb663\u003c/code\u003e\u003c/a\u003e fix: remove hardcoded bearer (\u003ca href=\"https://redirect.github.com/actions/setup-node/issues/1467\"\u003e#1467\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/setup-node/commit/d02c89dce7e1ba9ef629ce0680989b3a1cc72edb\"\u003e\u003ccode\u003ed02c89d\u003c/code\u003e\u003c/a\u003e Fix npm audit issues (\u003ca href=\"https://redirect.github.com/actions/setup-node/issues/1491\"\u003e#1491\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/setup-node/commit/6044e13b5dc448c55e2357c09f80417699197238\"\u003e\u003ccode\u003e6044e13\u003c/code\u003e\u003c/a\u003e Docs: bump actions/checkout from v5 to v6 (\u003ca href=\"https://redirect.github.com/actions/setup-node/issues/1468\"\u003e#1468\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/setup-node/commit/8e494633d082d609d1e9ff931be32f8a44f1f657\"\u003e\u003ccode\u003e8e49463\u003c/code\u003e\u003c/a\u003e Fix README typo (\u003ca href=\"https://redirect.github.com/actions/setup-node/issues/1226\"\u003e#1226\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/actions/setup-node/compare/49933ea5288caeca8642d1e84afbd3f7d6820020...48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `actions/github-script` from 7.1.0 to 9.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/github-script/releases\"\u003eactions/github-script's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev9.0.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eNew features:\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003egetOctokit\u003c/code\u003e factory function\u003c/strong\u003e — Available directly in the script context. Create additional authenticated Octokit clients with different tokens for multi-token workflows, GitHub App tokens, and cross-org access. See \u003ca href=\"https://github.com/actions/github-script#creating-additional-clients-with-getoctokit\"\u003eCreating additional clients with \u003ccode\u003egetOctokit\u003c/code\u003e\u003c/a\u003e for details and examples.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eOrchestration ID in user-agent\u003c/strong\u003e — The \u003ccode\u003eACTIONS_ORCHESTRATION_ID\u003c/code\u003e environment variable is automatically appended to the user-agent string for request tracing.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eBreaking changes:\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003erequire('@actions/github')\u003c/code\u003e no longer works in scripts.\u003c/strong\u003e The upgrade to \u003ccode\u003e@actions/github\u003c/code\u003e v9 (ESM-only) means \u003ccode\u003erequire('@actions/github')\u003c/code\u003e will fail at runtime. If you previously used patterns like \u003ccode\u003econst { getOctokit } = require('@actions/github')\u003c/code\u003e to create secondary clients, use the new injected \u003ccode\u003egetOctokit\u003c/code\u003e function instead — it's available directly in the script context with no imports needed.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003egetOctokit\u003c/code\u003e is now an injected function parameter. Scripts that declare \u003ccode\u003econst getOctokit = ...\u003c/code\u003e or \u003ccode\u003elet getOctokit = ...\u003c/code\u003e will get a \u003ccode\u003eSyntaxError\u003c/code\u003e because JavaScript does not allow \u003ccode\u003econst\u003c/code\u003e/\u003ccode\u003elet\u003c/code\u003e redeclaration of function parameters. Use the injected \u003ccode\u003egetOctokit\u003c/code\u003e directly, or use \u003ccode\u003evar getOctokit = ...\u003c/code\u003e if you need to redeclare it.\u003c/li\u003e\n\u003cli\u003eIf your script accesses other \u003ccode\u003e@actions/github\u003c/code\u003e internals beyond the standard \u003ccode\u003egithub\u003c/code\u003e/\u003ccode\u003eoctokit\u003c/code\u003e client, you may need to update those references for v9 compatibility.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd ACTIONS_ORCHESTRATION_ID to user-agent string by \u003ca href=\"https://github.com/Copilot\"\u003e\u003ccode\u003e@​Copilot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/695\"\u003eactions/github-script#695\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: use deployment: false for integration test environments by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/712\"\u003eactions/github-script#712\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat!: add getOctokit to script context, upgrade \u003ccode\u003e@​actions/github\u003c/code\u003e v9, \u003ccode\u003e@​octokit/core\u003c/code\u003e v7, and related packages by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/700\"\u003eactions/github-script#700\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Copilot\"\u003e\u003ccode\u003e@​Copilot\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/695\"\u003eactions/github-script#695\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/github-script/compare/v8.0.0...v9.0.0\"\u003ehttps://github.com/actions/github-script/compare/v8.0.0...v9.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev8.0.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate Node.js version support to 24.x by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/637\"\u003eactions/github-script#637\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eREADME for updating actions/github-script from v7 to v8 by \u003ca href=\"https://github.com/sneha-krip\"\u003e\u003ccode\u003e@​sneha-krip\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/653\"\u003eactions/github-script#653\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e⚠️ Minimum Compatible Runner Version\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003ev2.327.1\u003c/strong\u003e\u003cbr /\u003e\n\u003ca href=\"https://github.com/actions/runner/releases/tag/v2.327.1\"\u003eRelease Notes\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eMake sure your runner is updated to this version or newer to use this release.\u003c/p\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/637\"\u003eactions/github-script#637\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sneha-krip\"\u003e\u003ccode\u003e@​sneha-krip\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/653\"\u003eactions/github-script#653\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/github-script/compare/v7.1.0...v8.0.0\"\u003ehttps://github.com/actions/github-script/compare/v7.1.0...v8.0.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/github-script/commit/3a2844b7e9c422d3c10d287c895573f7108da1b3\"\u003e\u003ccode\u003e3a2844b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/github-script/issues/700\"\u003e#700\u003c/a\u003e from actions/salmanmkc/expose-getoctokit + prepare re...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/github-script/commit/ca10bbdd1a7739de09e99a200c7a59f5d73a4079\"\u003e\u003ccode\u003eca10bbd\u003c/code\u003e\u003c/a\u003e fix: use \u003ccode\u003e@​octokit/core/\u003c/code\u003etypes import for v7 compatibility\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/github-script/commit/86e48e20ac85c970ed1f96e718fd068173948b7b\"\u003e\u003ccode\u003e86e48e2\u003c/code\u003e\u003c/a\u003e merge: incorporate main branch changes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/github-script/commit/c1084728b5b935ec4ddc1e4cee877b01797b3ff9\"\u003e\u003ccode\u003ec108472\u003c/code\u003e\u003c/a\u003e chore: rebuild dist for v9 upgrade and getOctokit factory\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/github-script/commit/afff112e4f8b57c718168af75b89ce00bc8d091d\"\u003e\u003ccode\u003eafff112\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/github-script/issues/712\"\u003e#712\u003c/a\u003e from actions/salmanmkc/deployment-false + fix user-ag...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/github-script/commit/ff8117e5b78c415f814f39ad6998f424fee7b817\"\u003e\u003ccode\u003eff8117e\u003c/code\u003e\u003c/a\u003e ci: fix user-agent test to handle orchestration ID\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/github-script/commit/81c6b7876079abe10ff715951c9fc7b3e1ab389d\"\u003e\u003ccode\u003e81c6b78\u003c/code\u003e\u003c/a\u003e ci: use deployment: false to suppress deployment noise from integration tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/github-script/commit/3953caf8858d318f37b6cc53a9f5708859b5a7b7\"\u003e\u003ccode\u003e3953caf\u003c/code\u003e\u003c/a\u003e docs: update README examples from \u003ca href=\"https://github.com/v8\"\u003e\u003ccode\u003e@​v8\u003c/code\u003e\u003c/a\u003e to \u003ca href=\"https://github.com/v9\"\u003e\u003ccode\u003e@​v9\u003c/code\u003e\u003c/a\u003e, add getOctokit docs and v9 brea...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/github-script/commit/c17d55b90dcdb3d554d0027a6c180a7adc2daf78\"\u003e\u003ccode\u003ec17d55b\u003c/code\u003e\u003c/a\u003e ci: add getOctokit integration test job\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/github-script/commit/a047196d9a02fe92098771cafbb98c2f1814e408\"\u003e\u003ccode\u003ea047196\u003c/code\u003e\u003c/a\u003e test: add getOctokit integration tests via callAsyncFunction\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/actions/github-script/compare/f28e40c7f34bde8b3046d885e986cb6290c5673b...3a2844b7e9c422d3c10d287c895573f7108da1b3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `pnpm/action-setup` from 4.3.0 to 6.0.8\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pnpm/action-setup/releases\"\u003epnpm/action-setup's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.0.8\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edocs(README): fix \u003ccode\u003ecache_dependency_path\u003c/code\u003e type by \u003ca href=\"https://github.com/haines\"\u003e\u003ccode\u003e@​haines\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pnpm/action-setup/pull/257\"\u003epnpm/action-setup#257\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: drop patchPnpmEnv so standalone+self-update works on Windows by \u003ca href=\"https://github.com/zkochan\"\u003e\u003ccode\u003e@​zkochan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pnpm/action-setup/pull/258\"\u003epnpm/action-setup#258\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: update pnpm to 11.1.1 by \u003ca href=\"https://github.com/mungodewar\"\u003e\u003ccode\u003e@​mungodewar\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pnpm/action-setup/pull/248\"\u003epnpm/action-setup#248\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mungodewar\"\u003e\u003ccode\u003e@​mungodewar\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/pnpm/action-setup/pull/248\"\u003epnpm/action-setup#248\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pnpm/action-setup/compare/v6.0.7...v6.0.8\"\u003ehttps://github.com/pnpm/action-setup/compare/v6.0.7...v6.0.8\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.0.7\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: honor devEngines.packageManager.onFail=error (\u003ca href=\"https://redirect.github.com/pnpm/action-setup/issues/252\"\u003e#252\u003c/a\u003e) by \u003ca href=\"https://github.com/zkochan\"\u003e\u003ccode\u003e@​zkochan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pnpm/action-setup/pull/254\"\u003epnpm/action-setup#254\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: restore inputs from state in post by \u003ca href=\"https://github.com/haines\"\u003e\u003ccode\u003e@​haines\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pnpm/action-setup/pull/255\"\u003epnpm/action-setup#255\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: self-update bootstrap to packageManager-pinned version (\u003ca href=\"https://redirect.github.com/pnpm/action-setup/issues/233\"\u003e#233\u003c/a\u003e) by \u003ca href=\"https://github.com/zkochan\"\u003e\u003ccode\u003e@​zkochan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pnpm/action-setup/pull/256\"\u003epnpm/action-setup#256\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/haines\"\u003e\u003ccode\u003e@​haines\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/pnpm/action-setup/pull/255\"\u003epnpm/action-setup#255\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pnpm/action-setup/compare/v6.0.6...v6.0.7\"\u003ehttps://github.com/pnpm/action-setup/compare/v6.0.6...v6.0.7\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.0.6\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: bin_dest output points to self-updated pnpm, not bootstrap by \u003ca href=\"https://github.com/zkochan\"\u003e\u003ccode\u003e@​zkochan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pnpm/action-setup/pull/249\"\u003epnpm/action-setup#249\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pnpm/action-setup/compare/v6.0.5...v6.0.6\"\u003ehttps://github.com/pnpm/action-setup/compare/v6.0.5...v6.0.6\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.0.5\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: append (not prepend) action node dir to PATH for npm bootstrap by \u003ca href=\"https://github.com/zkochan\"\u003e\u003ccode\u003e@​zkochan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pnpm/action-setup/pull/241\"\u003epnpm/action-setup#241\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pnpm/action-setup/compare/v6.0.4...v6.0.5\"\u003ehttps://github.com/pnpm/action-setup/compare/v6.0.4...v6.0.5\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.0.4\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: use npm co-located with the action node binary by \u003ca href=\"https://github.com/benquarmby\"\u003e\u003ccode\u003e@​benquarmby\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pnpm/action-setup/pull/239\"\u003epnpm/action-setup#239\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/benquarmby\"\u003e\u003ccode\u003e@​benquarmby\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/pnpm/action-setup/pull/239\"\u003epnpm/action-setup#239\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pnpm/action-setup/compare/v6.0.3...v6.0.4\"\u003ehttps://github.com/pnpm/action-setup/compare/v6.0.3...v6.0.4\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.0.3\u003c/h2\u003e\n\u003cp\u003eUpdated pnpm to v11.0.0-rc.5\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pnpm/action-setup/compare/v6.0.2...v6.0.3\"\u003ehttps://github.com/pnpm/action-setup/compare/v6.0.2...v6.0.3\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pnpm/action-setup/commit/0e279bb959325dab635dd2c09392533439d90093\"\u003e\u003ccode\u003e0e279bb\u003c/code\u003e\u003c/a\u003e fix: update pnpm to 11.1.1 (\u003ca href=\"https://redirect.github.com/pnpm/action-setup/issues/248\"\u003e#248\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pnpm/action-setup/commit/3e835812ef01165f4f8ae08ade56da44427ed4e0\"\u003e\u003ccode\u003e3e83581\u003c/code\u003e\u003c/a\u003e fix: drop patchPnpmEnv so standalone+self-update works on Windows (\u003ca href=\"https://redirect.github.com/pnpm/action-setup/issues/258\"\u003e#258\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pnpm/action-setup/commit/551b42e879e37e74d986effdd2a1647d2b02d464\"\u003e\u003ccode\u003e551b42e\u003c/code\u003e\u003c/a\u003e docs(README): fix \u003ccode\u003ecache_dependency_path\u003c/code\u003e type (\u003ca href=\"https://redirect.github.com/pnpm/action-setup/issues/257\"\u003e#257\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pnpm/action-setup/commit/739bfe42ca9233c5e6aca07c1a25a9d34aca49b0\"\u003e\u003ccode\u003e739bfe4\u003c/code\u003e\u003c/a\u003e fix: self-update bootstrap to packageManager-pinned version (\u003ca href=\"https://redirect.github.com/pnpm/action-setup/issues/233\"\u003e#233\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/pnpm/action-setup/issues/256\"\u003e#256\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pnpm/action-setup/commit/f61705d907761b3b5209e83910fafd1fea50c5a1\"\u003e\u003ccode\u003ef61705d\u003c/code\u003e\u003c/a\u003e chore: add CODEOWNERS\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pnpm/action-setup/commit/7a5507b117647ab83e96e9db317ba2234056ebf3\"\u003e\u003ccode\u003e7a5507b\u003c/code\u003e\u003c/a\u003e fix: restore inputs from state in post (\u003ca href=\"https://redirect.github.com/pnpm/action-setup/issues/255\"\u003e#255\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pnpm/action-setup/commit/1155470f3e5fb872accd4d104b8dfcda41f676ce\"\u003e\u003ccode\u003e1155470\u003c/code\u003e\u003c/a\u003e fix: honor devEngines.packageManager.onFail=error (\u003ca href=\"https://redirect.github.com/pnpm/action-setup/issues/252\"\u003e#252\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/pnpm/action-setup/issues/254\"\u003e#254\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pnpm/action-setup/commit/91ab88e2619ed1f46221f0ba42d1492c02baf788\"\u003e\u003ccode\u003e91ab88e\u003c/code\u003e\u003c/a\u003e fix: bin_dest output points to self-updated pnpm, not bootstrap (\u003ca href=\"https://redirect.github.com/pnpm/action-setup/issues/249\"\u003e#249\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pnpm/action-setup/commit/e578e19d19d31b011b841ba2aca34731a5f706a5\"\u003e\u003ccode\u003ee578e19\u003c/code\u003e\u003c/a\u003e fix: update pnpm to 11.0.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pnpm/action-setup/commit/8912a9102ac27614460f54aedde9e1e7f9aec20d\"\u003e\u003ccode\u003e8912a91\u003c/code\u003e\u003c/a\u003e fix: append (not prepend) action node dir to PATH for npm bootstrap (\u003ca href=\"https://redirect.github.com/pnpm/action-setup/issues/241\"\u003e#241\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pnpm/action-setup/compare/b906affcce14559ad1aafd4ab0e942779e9f58b1...0e279bb959325dab635dd2c09392533439d90093\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `actions/setup-dotnet` from 4.3.1 to 5.3.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/setup-dotnet/releases\"\u003eactions/setup-dotnet's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.3.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd dotnet-version: latest support with dotnet-channel input by \u003ca href=\"https://github.com/mahabaleshwars\"\u003e\u003ccode\u003e@​mahabaleshwars\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-dotnet/pull/730\"\u003eactions/setup-dotnet#730\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSupport global.json's rollForward latest* variants by \u003ca href=\"https://github.com/js6pak\"\u003e\u003ccode\u003e@​js6pak\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-dotnet/pull/538\"\u003eactions/setup-dotnet#538\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImprove version resolution by \u003ca href=\"https://github.com/akoeplinger\"\u003e\u003ccode\u003e@​akoeplinger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-dotnet/pull/560\"\u003eactions/setup-dotnet#560\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDependency Updates\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade @actions/* and fast-xml-parser dependencies by \u003ca href=\"https://github.com/Copilot\"\u003e\u003ccode\u003e@​Copilot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-dotnet/pull/728\"\u003eactions/setup-dotnet#728\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate install scripts to v2026.05.19 (preserve archive links) by \u003ca href=\"https://github.com/MichaelSimons\"\u003e\u003ccode\u003e@​MichaelSimons\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-dotnet/pull/736\"\u003eactions/setup-dotnet#736\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd rollForward note in README, improve proxy health check in e2e tests and bump version to v5.3.0 by \u003ca href=\"https://github.com/priyagupta108\"\u003e\u003ccode\u003e@​priyagupta108\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-dotnet/pull/738\"\u003eactions/setup-dotnet#738\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate Test Proxy job by \u003ca href=\"https://github.com/priya-kinthali\"\u003e\u003ccode\u003e@​priya-kinthali\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-dotnet/pull/703\"\u003eactions/setup-dotnet#703\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Copilot\"\u003e\u003ccode\u003e@​Copilot\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/setup-dotnet/pull/728\"\u003eactions/setup-dotnet#728\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/akoeplinger\"\u003e\u003ccode\u003e@​akoeplinger\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/setup-dotnet/pull/560\"\u003eactions/setup-dotnet#560\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/MichaelSimons\"\u003e\u003ccode\u003e@​MichaelSimons\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/setup-dotnet/pull/736\"\u003eactions/setup-dotnet#736\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/js6pak\"\u003e\u003ccode\u003e@​js6pak\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/setup-dotnet/pull/538\"\u003eactions/setup-dotnet#538\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/setup-dotnet/compare/v5...v5.3.0\"\u003ehttps://github.com/actions/setup-dotnet/compare/v5...v5.3.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.2.0\u003c/h2\u003e\n\u003ch2\u003eWhat's changed\u003c/h2\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for workloads input by \u003ca href=\"https://github.com/gowridurgad\"\u003e\u003ccode\u003e@​gowridurgad\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-dotnet/pull/693\"\u003eactions/setup-dotnet#693\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd support for optional architecture input for cross-architecture .NET installs by \u003ca href=\"https://github.com/priya-kinthali\"\u003e\u003ccode\u003e@​priya-kinthali\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-dotnet/pull/700\"\u003eactions/setup-dotnet#700\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDependency Updates\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade fast-xml-parser from 4.4.1 to 5.3.6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-dotnet/pull/671\"\u003eactions/setup-dotnet#671\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade minimatch from 3.1.2 to 3.1.5 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-dotnet/pull/705\"\u003eactions/setup-dotnet#705\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/setup-dotnet/compare/v5...v5.2.0\"\u003ehttps://github.com/actions/setup-dotnet/compare/v5...v5.2.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.1.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eReadme update for environment variable on self hosted linux runners by \u003ca href=\"https://github.com/priya-kinthali\"\u003e\u003ccode\u003e@​priya-kinthali\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-dotnet/pull/689\"\u003eactions/setup-dotnet#689\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eContributor icon updates by \u003ca href=\"https://github.com/Falco20019\"\u003e\u003ccode\u003e@​Falco20019\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-dotnet/pull/604\"\u003eactions/setup-dotnet#604\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDependency updates\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade actions/checkout from 5 to 6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-dotnet/pull/684\"\u003eactions/setup-dotnet#684\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to latest actions packages by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-dotnet/pull/687\"\u003eactions/setup-dotnet#687\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade dependencies in testproject and checkout in Readme by \u003ca href=\"https://github.com/priya-kinthali\"\u003e\u003ccode\u003e@​priya-kinthali\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-dotnet/pull/692\"\u003eactions/setup-dotnet#692\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/setup-dotnet/commit/9a946fdbd5fb07b82b2f5a4466058b876ab72bb2\"\u003e\u003ccode\u003e9a946fd\u003c/code\u003e\u003c/a\u003e Add rollForward note in README, improve proxy health check in e2e tests and b...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/setup-dotnet/commit/98af08bf649b02f9e94783278906d34780362f6f\"\u003e\u003ccode\u003e98af08b\u003c/code\u003e\u003c/a\u003e Support global.json's rollForward latest* variants (\u003ca href=\"https://redirect.github.com/actions/setup-dotnet/issues/538\"\u003e#538\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/setup-dotnet/commit/84042723628274fd730a70726fbf57ef89e586de\"\u003e\u003ccode\u003e8404272\u003c/code\u003e\u003c/a\u003e Update install scripts to v2026.05.19 (\u003ca href=\"https://redirect.github.com/actions/setup-dotnet/issues/736\"\u003e#736\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/setup-dotnet/commit/f1970f5ca30a3ba974274132e05c4bb012faac74\"\u003e\u003ccode\u003ef1970f5\u003c/code\u003e\u003c/a\u003e Don't download releases-index.json to resolve major version (\u003ca href=\"https://redirect.github.com/actions/setup-dotnet/issues/560\"\u003e#560\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/setup-dotnet/commit/af9211b1364d382bc386cd82c6386875ad2ad796\"\u003e\u003ccode\u003eaf9211b\u003c/code\u003e\u003c/a\u003e Add dotnet-version: latest support with dotnet-channel input (\u003ca href=\"https://redirect.github.com/actions/setup-dotnet/issues/730\"\u003e#730\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/setup-dotnet/commit/df991aeaf2a76aae144b0b70ce23e455c66f061e\"\u003e\u003ccode\u003edf991ae\u003c/code\u003e\u003c/a\u003e chore: bump @actions/* and fast-xml-parser dependencies (\u003ca href=\"https://redirect.github.com/actions/setup-dotnet/issues/728\"\u003e#728\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/setup-dotnet/commit/a66eefa2bf2572fc311ea6ff65a7b6ecc4df96a6\"\u003e\u003ccode\u003ea66eefa\u003c/code\u003e\u003c/a\u003e CI: remove manual PowerShell install from test-proxy job (e2e-tests.yml) (\u003ca href=\"https://redirect.github.com/actions/setup-dotnet/issues/703\"\u003e#703\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/setup-dotnet/commit/c2fa09f4bde5ebb9d1777cf28262a3eb3db3ced7\"\u003e\u003ccode\u003ec2fa09f\u003c/code\u003e\u003c/a\u003e Bump minimatch from 3.1.2 to 3.1.5 (\u003ca href=\"https://redirect.github.com/actions/setup-dotnet/issues/705\"\u003e#705\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/setup-dotnet/commit/02574b18e2dc57a218ee4e11ba1e1603c67236e8\"\u003e\u003ccode\u003e02574b1\u003c/code\u003e\u003c/a\u003e Add support for optional architecture input for cross-architecture .NET insta...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/setup-dotnet/commit/16c7b3c2fa55a0e394467d22512b84fda46adf63\"\u003e\u003ccode\u003e16c7b3c\u003c/code\u003e\u003c/a\u003e Bump fast-xml-parser from 4.4.1 to 5.3.6 (\u003ca href=\"https://redirect.github.com/actions/setup-dotnet/issues/671\"\u003e#671\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/actions/setup-dotnet/compare/67a3573c9a986a3f9c594539f4ab511d57bb3ce9...9a946fdbd5fb07b82b2f5a4466058b876ab72bb2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `actions/setup-python` from 5.6.0 to 6.2.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/setup-python/releases\"\u003eactions/setup-python's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.2.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eDependency Upgrades\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade dependencies to Node 24 compatible versions by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-python/pull/1259\"\u003eactions/setup-python#1259\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade urllib3 from 2.5.0 to 2.6.3 in \u003ccode\u003e/__tests__/data\u003c/code\u003e by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-python/pull/1253\"\u003eactions/setup-python#1253\u003c/a\u003e and \u003ca href=\"https://redirect.github.com/actions/setup-python/pull/1264\"\u003eactions/setup-python#1264\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/setup-python/compare/v6...v6.2.0\"\u003ehttps://github.com/actions/setup-python/compare/v6...v6.2.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.1.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eEnhancements:\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for \u003ccode\u003epip-install\u003c/code\u003e input by \u003ca href=\"https://github.com/gowridurgad\"\u003e\u003ccode\u003e@​gowridurgad\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-python/pull/1201\"\u003eactions/setup-python#1201\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd graalpy early-access and windows builds by \u003ca href=\"https://github.com/timfel\"\u003e\u003ccode\u003e@​timfel\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-python/pull/880\"\u003eactions/setup-python#880\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDependency and Documentation updates:\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eEnhanced wording and updated example usage for \u003ccode\u003eallow-prereleases\u003c/code\u003e by \u003ca href=\"https://github.com/yarikoptic\"\u003e\u003ccode\u003e@​yarikoptic\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-python/pull/979\"\u003eactions/setup-python#979\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade urllib3 from 1.26.19 to 2.5.0 and document breaking changes in v6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-python/pull/1139\"\u003eactions/setup-python#1139\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade typescript from 5.4.2 to 5.9.3 and Documentation update by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-python/pull/1094\"\u003eactions/setup-python#1094\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade actions/publish-action from 0.3.0 to 0.4.0 \u0026amp; Documentation update for pip-install input by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-python/pull/1199\"\u003eactions/setup-python#1199\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade requests from 2.32.2 to 2.32.4 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-python/pull/1130\"\u003eactions/setup-python#1130\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade prettier from 3.5.3 to 3.6.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-python/pull/1234\"\u003eactions/setup-python#1234\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade \u003ccode\u003e@​types/node\u003c/code\u003e from 24.1.0 to 24.9.1 and update macos-13 to macos-15-intel by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-python/pull/1235\"\u003eactions/setup-python#1235\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/yarikoptic\"\u003e\u003ccode\u003e@​yarikoptic\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/setup-python/pull/979\"\u003eactions/setup-python#979\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/setup-python/compare/v6...v6.1.0\"\u003ehttps://github.com/actions/setup-python/compare/v6...v6.1.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.0.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade to node 24 by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-python/pull/1164\"\u003eactions/setup-python#1164\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eMake sure your runner is on version v2.327.1 or later to ensure compatibility with this release. \u003ca href=\"https://github.com/actions/runner/releases/tag/v2.327.1\"\u003eSee Release Notes\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eEnhancements:\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for \u003ccode\u003epip-version\u003c/code\u003e  by \u003ca href=\"https://github.com/priyagupta108\"\u003e\u003ccode\u003e@​priyagupta108\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-python/pull/1129\"\u003eactions/setup-python#1129\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eEnhance reading from .python-version by \u003ca href=\"https://github.com/krystof-k\"\u003e\u003ccode\u003e@​krystof-k\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-python/pull/787\"\u003eactions/setup-python#787\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd version parsing from Pipfile by \u003ca href=\"https://github.com/aradkdj\"\u003e\u003ccode\u003e@​aradkdj\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-python/pull/1067\"\u003eactions/setup-python#1067\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug fixes:\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eClarify pythonLocation behaviour for PyPy and GraalPy in environment variables by \u003ca href=\"https://github.com/aparnajyothi-y\"\u003e\u003ccode\u003e@​aparnajyothi-y\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-python/pull/1183\"\u003eactions/setup-python#1183\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eChange missing cache directory error to warning  by \u003ca href=\"https://github.com/aparnajyothi-y\"\u003e\u003ccode\u003e@​aparnajyothi-y\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-python/pull/1182\"\u003eactions/setup-python#1182\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd Architecture-Specific PATH Management for Python with --user Flag on Windows by \u003ca href=\"https://github.com/aparnajyothi-y\"\u003e\u003ccode\u003e@​aparnajyothi-y\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-python/pull/1122\"\u003eactions/setup-python#1122\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eInclude python version in PyPy python-version output by \u003ca href=\"https://github.com/cdce8p\"\u003e\u003ccode\u003e@​cdce8p\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-python/pull/1110\"\u003eactions/setup-python#1110\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate docs: clarification on pip authentication with setup-python by \u003ca href=\"https://github.com/priya-kinthali\"\u003e\u003ccode\u003e@​priya-kinthali\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-python/pull/1156\"\u003eactions/setup-python#1156\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDependency updates:\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade idna from 2.9 to 3.7 in /\u003cstrong\u003etests\u003c/strong\u003e/data by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/setup-python/pull/843\"\u003eactions/setup-python#843\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade form-data to fix critical vulnerabilities \u003ca href=\"https://redirect.github.com/actions/setup-python/issues/182\"\u003e#182\u003c/a\u003e \u0026amp; \u003ca href=\"https://redirect.github.com/actions/setup-python/issues/183\"\u003e#183\u003c/a\u003e by \u003ca href=\"https://github.com/aparnajyothi-y\"\u003e\u003ccode\u003e@​aparnajyothi-y\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-python/pull/1163\"\u003eactions/setup-python#1163\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade setuptools to 78.1.1 to fix path traversal vulnerability in PackageIndex.download by \u003ca href=\"https://github.com/aparnajyothi-y\"\u003e\u003ccode\u003e@​aparnajyothi-y\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-python/pull/1165\"\u003eactions/setup-python#1165\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade actions/checkout from 4 to 5 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/setup-python/pull/1181\"\u003eactions/setup-python#1181\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade \u003ccode\u003e@​actions/tool-cache\u003c/code\u003e from 2.0.1 to 2.0.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/setup-python/pull/1095\"\u003eactions/setup-python#1095\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/setup-python/commit/a309ff8b426b58ec0e2a45f0f869d46889d02405\"\u003e\u003ccode\u003ea309ff8\u003c/code\u003e\u003c/a\u003e Bump urllib3 from 2.6.0 to 2.6.3 in /\u003cstrong\u003etests\u003c/strong\u003e/data (\u003ca href=\"https://redirect.github.com/actions/setup-python/issues/1264\"\u003e#1264\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/setup-python/commit/bfe8cc55a7890e3d6672eda6460ef37bfcc70755\"\u003e\u003ccode\u003ebfe8cc5\u003c/code\u003e\u003c/a\u003e Upgrade \u003ca href=\"https://github.com/actions\"\u003e\u003ccode\u003e@​actions\u003c/code\u003e\u003c/a\u003e dependencies to Node 24 compatible versions (\u003ca href=\"https://redirect.github.com/actions/setup-python/issues/1259\"\u003e#1259\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/setup-python/commit/4f41a90a1f38628c7ccc608d05fbafe701bc20ae\"\u003e\u003ccode\u003e4f41a90\u003c/code\u003e\u003c/a\u003e Bump urllib3 from 2.5.0 to 2.6.0 in /\u003cstrong\u003etests\u003c/strong\u003e/data (\u003ca href=\"https://redirect.github.com/actions/setup-python/issues/1253\"\u003e#1253\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/setup-python/commit/83679a892e2d95755f2dac6acb0bfd1e9ac5d548\"\u003e\u003ccode\u003e83679a8\u003c/code\u003e\u003c/a\u003e Bump \u003ccode\u003e@​types/node\u003c/code\u003e from 24.1.0 to 24.9.1 and update macos-13 to macos-15-intel ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/setup-python/commit/bfc4944b43a5d84377eca3cf6ab5b7992ba61923\"\u003e\u003ccode\u003ebfc4944\u003c/code\u003e\u003c/a\u003e Bump prettier from 3.5.3 to 3.6.2 (\u003ca href=\"https://redirect.github.com/actions/setup-python/issues/1234\"\u003e#1234\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/setup-python/commit/97aeb3efb8a852c559869050c7fb175b4efcc8cf\"\u003e\u003ccode\u003e97aeb3e\u003c/code\u003e\u003c/a\u003e Bump requests from 2.32.2 to 2.32.4 in /\u003cstrong\u003etests\u003c/strong\u003e/data (\u003ca href=\"https://redirect.github.com/actions/setup-python/issues/1130\"\u003e#1130\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/setup-python/commit/443da59188462e2402e2942686db5aa6723f4bed\"\u003e\u003ccode\u003e443da59\u003c/code\u003e\u003c/a\u003e Bump actions/publish-action from 0.3.0 to 0.4.0 \u0026amp; Documentation update for pi...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/setup-python/commit/cfd55ca82492758d853442341ad4d8010466803a\"\u003e\u003ccode\u003ecfd55ca\u003c/code\u003e\u003c/a\u003e graalpy: add graalpy early-access and windows builds (\u003ca href=\"https://redirect.github.com/actions/setup-python/issues/880\"\u003e#880\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/setup-python/commit/bba65e51ff35d50c6dbaaacd8a4681db13aa7cb4\"\u003e\u003ccode\u003ebba65e5\u003c/code\u003e\u003c/a\u003e Bump typescript from 5.4.2 to 5.9.3 and update docs/advanced-usage.md (\u003ca href=\"https://redirect.github.com/actions/setup-python/issues/1094\"\u003e#1094\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/setup-python/commit/18566f86b301499665bd3eb1a2247e0849c64fa5\"\u003e\u003ccode\u003e18566f8\u003c/code\u003e\u003c/a\u003e Improve wording and \u0026quot;fix example\u0026quot; (remove 3.13) on testing against pre-releas...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/actions/setup-python/compare/a26af69be951a213d495a4c3e4e4022e16d87065...a309ff8b426b58ec0e2a45f0f869d46889d02405\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `actions/create-github-app-token` from 2.2.2 to 3.2.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/create-github-app-token/releases\"\u003eactions/create-github-app-token's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.2.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/compare/v3.1.1...v3.2.0\"\u003e3.2.0\u003c/a\u003e (2026-05-12)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd support for enterprise-level GitHub Apps (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/263\"\u003e#263\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/952a2a7073df6bfa5f49bc469ec895b6ec1acea4\"\u003e952a2a7\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esupport full repository names in \u003ccode\u003erepositories\u003c/code\u003e input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/372\"\u003e#372\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/85eb8dd41472213aed25d1a126460e0069138ab6\"\u003e85eb8dd\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1 in the production-dependencies group (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/364\"\u003e#364\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/43e5c345bfd4d4f3ecea019ad0042001a09dd857\"\u003e43e5c34\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003evalidate private-key input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/376\"\u003e#376\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/f24bbd89643991c0de27ae823c01791b2c6bafdd\"\u003ef24bbd8\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.1.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/compare/v3.1.0...v3.1.1\"\u003e3.1.1\u003c/a\u003e (2026-04-11)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eimprove error message when app identifier is empty (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/362\"\u003e#362\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/07e2b760664f080c40eec4eacf7477256582db36\"\u003e07e2b76\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/249\"\u003e#249\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.1.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/compare/v3.0.0...v3.1.0\"\u003e3.1.0\u003c/a\u003e (2026-04-11)\u003c/h1\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump p-retry from 7.1.1 to 8.0.0 (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/357\"\u003e#357\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/3bbe07d928e2d6c30bf3e37c6b89edbc4045facf\"\u003e3bbe07d\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd \u003ccode\u003eclient-id\u003c/code\u003e input and deprecate \u003ccode\u003eapp-id\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/353\"\u003e#353\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/e6bd4e6970172bed9fe138b2eaf4cbffa4cca8f9\"\u003ee6bd4e6\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupdate permission inputs (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/358\"\u003e#358\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/076e9480ca6e9633bff412d05eff0fc2f1e7d2be\"\u003e076e948\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.0.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/compare/v2.2.2...v3.0.0\"\u003e3.0.0\u003c/a\u003e (2026-03-14)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003efeat!: node 24 support (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/275\"\u003e#275\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/2e564a0bb8e7cc2b907b2401a2afe177882d4325\"\u003e2e564a0\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix!: require \u003ccode\u003eNODE_USE_ENV_PROXY\u003c/code\u003e for proxy support (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/342\"\u003e#342\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/4451bcbc139f8124b0bf04f968ea2586b17df458\"\u003e4451bcb\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eremove custom proxy handling (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/143\"\u003e#143\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/dce0ab05f36f30b22fd14289fd36655c618e4e8e\"\u003edce0ab0\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/create-github-app-token/blob/main/CHANGELOG.md\"\u003eactions/create-github-app-token's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/compare/v3.1.1...v3.2.0\"\u003e3.2.0\u003c/a\u003e (2026-05-12)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd support for enterprise-level GitHub Apps (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/263\"\u003e#263\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/952a2a7073df6bfa5f49bc469ec895b6ec1acea4\"\u003e952a2a7\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esupport full repository names in \u003ccode\u003erepositories\u003c/code\u003e input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/372\"\u003e#372\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/85eb8dd41472213aed25d1a126460e0069138ab6\"\u003e85eb8dd\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1 in the production-dependencies group (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/364\"\u003e#364\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/43e5c345bfd4d4f3ecea019ad0042001a09dd857\"\u003e43e5c34\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003evalidate private-key input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/376\"\u003e#376\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/f24bbd89643991c0de27ae823c01791b2c6bafdd\"\u003ef24bbd8\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/bcd2ba49218906704ab6c1aa796996da409d3eb1\"\u003e\u003ccode\u003ebcd2ba4\u003c/code\u003e\u003c/a\u003e chore(main): release 3.2.0 (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/370\"\u003e#370\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/f24bbd89643991c0de27ae823c01791b2c6bafdd\"\u003e\u003ccode\u003ef24bbd8\u003c/code\u003e\u003c/a\u003e fix: validate private-key input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/376\"\u003e#376\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/363531b6d972a60a00b3f1e6bb139e5e6c764cd9\"\u003e\u003ccode\u003e363531b\u003c/code\u003e\u003c/a\u003e docs: capitalize Git as a proper noun in README (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/374\"\u003e#374\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/fd2801133e469d2950f2c5af5e591d6b2ad833c8\"\u003e\u003ccode\u003efd28011\u003c/code\u003e\u003c/a\u003e docs: update procedure to configure Git (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/287\"\u003e#287\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/85eb8dd41472213aed25d1a126460e0069138ab6\"\u003e\u003ccode\u003e85eb8dd\u003c/code\u003e\u003c/a\u003e feat: support full repository names in \u003ccode\u003erepositories\u003c/code\u003e input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/372\"\u003e#372\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/c9aabb83728c3bd519212fa657ebc07e1f2a5dec\"\u003e\u003ccode\u003ec9aabb8\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump yaml from 2.8.3 to 2.8.4 in the development-dependencie...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/e02e816e5591415258a53bf735aff57977dcd5e2\"\u003e\u003ccode\u003ee02e816\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump undici from 7.24.6 to 8.2.0 (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/366\"\u003e#366\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/8d835bfd37aa48fcb8e709925115857568d98bc4\"\u003e\u003ccode\u003e8d835bf\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump esbuild from 0.27.4 to 0.28.0 in the development-depend...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/952a2a7073df6bfa5f49bc469ec895b6ec1acea4\"\u003e\u003ccode\u003e952a2a7\u003c/code\u003e\u003c/a\u003e feat: add support for enterprise-level GitHub Apps (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/263\"\u003e#263\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/43e5c345bfd4d4f3ecea019ad0042001a09dd857\"\u003e\u003ccode\u003e43e5c34\u003c/code\u003e\u003c/a\u003e fix(deps): bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1 in the production-dependenc...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/actions/create-github-app-token/compare/fee1f7d63c2ff003460e3d139729b119787bc349...bcd2ba49218906704ab6c1aa796996da409d3eb1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github/codeql-action` from 3.35.4 to 4.36.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/github/codeql-action/releases\"\u003egithub/codeql-action's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.36.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cem\u003eBreaking change\u003c/em\u003e: Bump the minimum required CodeQL bundle version to 2.19.4. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3894\"\u003e#3894\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd support for SHA-256 Git object IDs. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3893\"\u003e#3893\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.5\"\u003e2.25.5\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3926\"\u003e#3926\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.35.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eWe have improved how the JavaScript bundles for the CodeQL Action are generated to avoid duplication across bundles and reduce the size of the repository by around 70%. This should have no effect on the runtime behaviour of the CodeQL Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3899\"\u003e#3899\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFor performance and accuracy reasons, \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e will now only be enabled on a pull request when diff-informed analysis is also enabled for that run. If diff-informed analysis is unavailable (for example, because the PR diff ranges could not be computed), the action will fall back to a full analysis. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3791\"\u003e#3791\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIf multiple inputs are provided for the GitHub-internal \u003ccode\u003eanalysis-kinds\u003c/code\u003e input, only \u003ccode\u003ecode-scanning\u003c/code\u003e will be enabled. The \u003ccode\u003eanalysis-kinds\u003c/code\u003e input is experimental, for GitHub-internal use only, and may change without notice at any time. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3892\"\u003e#3892\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded an experimental change which, when running a Code Scanning analysis for a PR with \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e enabled, prefers CodeQL CLI versions that have a cached overlay-base database for the configured languages. This speeds up analysis for a repository when there is not yet a cached overlay-base database for the latest CLI version. We expect to roll this change out to everyone in May. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3880\"\u003e#3880\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.35.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.4\"\u003e2.25.4\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3881\"\u003e#3881\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.35.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cem\u003eUpcoming breaking change\u003c/em\u003e: Add a deprecation warning for customers using CodeQL version 2.19.3 and earlier. These versions of CodeQL were discontinued on 9 April 2026 alongside GitHub Enterprise Server 3.15, and will be unsupported by the next minor release of the CodeQL Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3837\"\u003e#3837\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eConfigurations for private registries that use Cloudsmith or GCP OIDC are now accepted. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3850\"\u003e#3850\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBest-effort connection tests for private registries now use \u003ccode\u003eGET\u003c/code\u003e requests instead of \u003ccode\u003eHEAD\u003c/code\u003e for better compatibility with various registry implementations. For NuGet feeds, the test is now always performed against the service index. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3853\"\u003e#3853\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed a bug where two diagnostics produced within the same millisecond could overwrite each other on disk, causing one of them to be lost. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3852\"\u003e#3852\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.3\"\u003e2.25.3\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3865\"\u003e#3865\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.35.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eThe undocumented TRAP cache cleanup feature that could be enabled using the \u003ccode\u003eCODEQL_ACTION_CLEANUP_TRAP_CACHES\u003c/code\u003e environment variable is deprecated and will be removed in May 2026. If you are affected by this, we recommend disabling TRAP caching by passing the \u003ccode\u003etrap-caching: false\u003c/code\u003e input to the \u003ccode\u003einit\u003c/code\u003e Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3795\"\u003e#3795\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe Git version 2.36.0 requirement for improved incremental analysis now only applies to repositories that contain submodules. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3789\"\u003e#3789\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePython analysis on GHES no longer extracts the standard library, relying instead on models of the standard library. This should result in significantly faster extraction and analysis times, while the effect on alerts should be minimal. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3794\"\u003e#3794\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed a bug in the validation of OIDC configurations for private registries that was added in CodeQL Action 4.33.0 / 3.33.0. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3807\"\u003e#3807\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.2\"\u003e2.25.2\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3823\"\u003e#3823\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.35.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix incorrect minimum required Git version for \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e: it should have been 2.36.0, not 2.11.0. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3781\"\u003e#3781\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.35.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReduced the minimum Git version required for \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e from 2.38.0 to 2.11.0. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3767\"\u003e#3767\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.1\"\u003e2.25.1\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3773\"\u003e#3773\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.34.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDowngrade default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.3\"\u003e2.24.3\u003c/a\u003e due to issues with a small percentage of Actions and JavaScript analyses. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3762\"\u003e#3762\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.34.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded an experimental change which disables TRAP caching when \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e is enabled, since improved incremental analysis supersedes TRAP caching. This will improve performance and reduce Actions cache usage. We expect to roll this change out to everyone in March. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3569\"\u003e#3569\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eWe are rolling out improved incremental analysis to C/C++ analyses that use build mode \u003ccode\u003enone\u003c/code\u003e. We expect this rollout to be complete by the end of April 2026. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3584\"\u003e#3584\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.0\"\u003e2.25.0\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3585\"\u003e#3585\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.33.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eUpcoming change: Starting April 2026, the CodeQL Action will skip collecting file coverage information on pull requests to improve analysis performance. File coverage information will still be computed on non-PR analyses. Pull request analyses will log a warning about this upcoming change. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3562\"\u003e#3562\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eTo opt out of this change:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eRepositories owned by an organization:\u003c/strong\u003e Create a custom repository property with the name \u003ccode\u003egithub-codeql-file-coverage-on-prs\u003c/code\u003e and the type \u0026quot;True/false\u0026quot;, then set this property to \u003ccode\u003etrue\u003c/code\u003e in the repository's settings. For more information, see \u003ca href=\"https://docs.github.com/en/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization\"\u003eManaging custom properties for repositories in your organization\u003c/a\u003e. Alternatively, if you are using an advanced setup workflow, you can set the \u003ccode\u003eCODEQL_ACTION_FILE_COVERAGE_ON_PRS\u003c/code\u003e environment variable to \u003ccode\u003etrue\u003c/code\u003e in your workflow.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUser-owned repositories using default setup:\u003c/strong\u003e Switch to an advanced setup workflow and set the \u003ccode\u003eCODEQL_ACTION_FILE_COVERAGE_ON_PRS\u003c/code\u003e environment variable to \u003ccode\u003etrue\u003c/code\u003e in your workflow.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUser-owned repositories using advanced setup:\u003c/strong\u003e Set the \u003ccode\u003eCODEQL_ACTION_FILE_COVERAGE_ON_PRS\u003c/code\u003e environment variable to \u003ccode\u003etrue\u003c/code\u003e in your workflow.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/github/codeql-action/blob/main/CHANGELOG.md\"\u003egithub/codeql-action's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eCodeQL Action Changelog\u003c/h1\u003e\n\u003cp\u003eSee the \u003ca href=\"https://github.com/github/codeql-action/releases\"\u003ereleases page\u003c/a\u003e for the relevant changes to the CodeQL CLI and language packs.\u003c/p\u003e\n\u003ch2\u003e[UNRELEASED]\u003c/h2\u003e\n\u003cp\u003eNo user facing changes.\u003c/p\u003e\n\u003ch2\u003e4.36.0 - 22 May 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cem\u003eBreaking change\u003c/em\u003e: Bump the minimum required CodeQL bundle version to 2.19.4. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3894\"\u003e#3894\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd support for SHA-256 Git object IDs. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3893\"\u003e#3893\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.5\"\u003e2.25.5\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3926\"\u003e#3926\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.5 - 15 May 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eWe have improved how the JavaScript bundles for the CodeQL Action are generated to avoid duplication across bundles and reduce the size of the repository by around 70%. This should have no effect on the runtime behaviour of the CodeQL Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3899\"\u003e#3899\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFor performance and accuracy reasons, \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e will now only be enabled on a pull request when diff-informed analysis is also enabled for that run. If diff-informed analysis is unavailable (for example, because the PR diff ranges could not be computed), the action will fall back to a full analysis. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3791\"\u003e#3791\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIf multiple inputs are provided for the GitHub-internal \u003ccode\u003eanalysis-kinds\u003c/code\u003e input, only \u003ccode\u003ecode-scanning\u003c/code\u003e will be enabled. The \u003ccode\u003eanalysis-kinds\u003c/code\u003e input is experimental, for GitHub-internal use only, and may change without notice at any time. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3892\"\u003e#3892\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded an experimental change which, when running a Code Scanning analysis for a PR with \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e enabled, prefers CodeQL CLI versions that have a cached overlay-base database for the configured languages. This speeds up analysis for a repository when there is not yet a cached overlay-base database for the latest CLI version. We expect to roll this change out to everyone in May. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3880\"\u003e#3880\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.4 - 07 May 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.4\"\u003e2.25.4\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3881\"\u003e#3881\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.3 - 01 May 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cem\u003eUpcoming breaking change\u003c/em\u003e: Add a deprecation warning for customers using CodeQL version 2.19.3 and earlier. These versions of CodeQL were discontinued on 9 April 2026 alongside GitHub Enterprise Server 3.15, and will be unsupported by the next minor release of the CodeQL Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3837\"\u003e#3837\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eConfigurations for private registries that use Cloudsmith or GCP OIDC are now accepted. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3850\"\u003e#3850\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBest-effort connection tests for private registries now use \u003ccode\u003eGET\u003c/code\u003e requests instead of \u003ccode\u003eHEAD\u003c/code\u003e for better compatibility with various registry implementations. For NuGet feeds, the test is now always performed against the service index. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3853\"\u003e#3853\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed a bug where two diagnostics produced within the same millisecond could overwrite each other on disk, causing one of them to be lost. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3852\"\u003e#3852\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.3\"\u003e2.25.3\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3865\"\u003e#3865\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.2 - 15 Apr 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eThe undocumented TRAP cache cleanup feature that could be enabled using the \u003ccode\u003eCODEQL_ACTION_CLEANUP_TRAP_CACHES\u003c/code\u003e environment variable is deprecated and will be removed in May 20...\n\n_Description has been truncated_","html_url":"https://github.com/ag-ui-protocol/ag-ui/pull/1803","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/ag-ui-protocol%2Fag-ui/issues/1803","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1803/packages"},{"uuid":"4523444706","node_id":"PR_kwDOK5HtWM7fXo03","number":81,"state":"open","title":"build(deps): bump actions/create-github-app-token from 2 to 3 in /sources/.github/workflows","user":"dependabot[bot]","labels":["tag:bot","type:github-actions"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-26T10:23:55.000Z","updated_at":"2026-05-26T10:24:05.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"build(deps)","packages":[{"name":"actions/create-github-app-token","old_version":"2","new_version":"3","repository_url":"https://github.com/actions/create-github-app-token"}],"path":"/sources/.github/workflows","ecosystem":"actions"},"body":"Bumps [actions/create-github-app-token](https://github.com/actions/create-github-app-token) from 2 to 3.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/create-github-app-token/releases\"\u003eactions/create-github-app-token's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.0.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/compare/v2.2.2...v3.0.0\"\u003e3.0.0\u003c/a\u003e (2026-03-14)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003efeat!: node 24 support (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/275\"\u003e#275\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/2e564a0bb8e7cc2b907b2401a2afe177882d4325\"\u003e2e564a0\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix!: require \u003ccode\u003eNODE_USE_ENV_PROXY\u003c/code\u003e for proxy support (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/342\"\u003e#342\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/4451bcbc139f8124b0bf04f968ea2586b17df458\"\u003e4451bcb\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eremove custom proxy handling (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/143\"\u003e#143\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/dce0ab05f36f30b22fd14289fd36655c618e4e8e\"\u003edce0ab0\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCustom proxy handling has been removed. If you use HTTP_PROXY or HTTPS_PROXY, you must now also set NODE_USE_ENV_PROXY=1 on the action step.\u003c/li\u003e\n\u003cli\u003eRequires \u003ca href=\"https://github.com/actions/runner/releases/tag/v2.327.1\"\u003eActions Runner v2.327.1\u003c/a\u003e or later if you are using a self-hosted runner.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.0.0-beta.6\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/compare/v3.0.0-beta.5...v3.0.0-beta.6\"\u003e3.0.0-beta.6\u003c/a\u003e (2026-03-13)\u003c/h1\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 1.11.1 to 3.0.0 (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/337\"\u003e#337\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/b04413352d4644ac2131b9a90c074f5e93ca18a1\"\u003eb044133\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump minimatch from 9.0.5 to 9.0.9 (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/335\"\u003e#335\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/5cbc65624c9ddc4589492bda7c8b146223e8c3e4\"\u003e5cbc656\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump the production-dependencies group with 4 updates (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/336\"\u003e#336\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/6bda5bc1410576b9a0879ce6076d53345485bba9\"\u003e6bda5bc\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump undici from 7.16.0 to 7.18.2 (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/323\"\u003e#323\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/b4f638f48ee0dcdbb0bc646c48e4cb2a2de847fe\"\u003eb4f638f\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.0.0-beta.5\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/compare/v3.0.0-beta.4...v3.0.0-beta.5\"\u003e3.0.0-beta.5\u003c/a\u003e (2026-03-13)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003efix!: require \u003ccode\u003eNODE_USE_ENV_PROXY\u003c/code\u003e for proxy support (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/342\"\u003e#342\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/d53a1cdfde844c958786293adcaf739ecb8b5eb9\"\u003ed53a1cd\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCustom proxy handling has been removed. If you use HTTP_PROXY or HTTPS_PROXY, you must now also set NODE_USE_ENV_PROXY=1 on the action step.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.0.0-beta.4\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/compare/v3.0.0-beta.3...v3.0.0-beta.4\"\u003e3.0.0-beta.4\u003c/a\u003e (2026-03-13)\u003c/h1\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump \u003ccode\u003e@​octokit/auth-app\u003c/code\u003e from 7.2.1 to 8.0.1 (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/257\"\u003e#257\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/bef1eaf1c0ac2b148ee2a0a74c65fbe6db0631f1\"\u003ebef1eaf\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump \u003ccode\u003e@​octokit/request\u003c/code\u003e from 9.2.3 to 10.0.2 (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/256\"\u003e#256\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/5d7307be63501c0070c634b0ae8fec74e8208130\"\u003e5d7307b\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump glob from 10.4.5 to 10.5.0 (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/305\"\u003e#305\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/5480f4325a18c025ee16d7e081413854624e9edc\"\u003e5480f43\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump p-retry from 6.2.1 to 7.1.0 (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/294\"\u003e#294\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/dce3be8b284f45e65caed11a610e2bef738d15b4\"\u003edce3be8\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/create-github-app-token/blob/main/CHANGELOG.md\"\u003eactions/create-github-app-token's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/bcd2ba49218906704ab6c1aa796996da409d3eb1\"\u003e\u003ccode\u003ebcd2ba4\u003c/code\u003e\u003c/a\u003e chore(main): release 3.2.0 (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/370\"\u003e#370\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/f24bbd89643991c0de27ae823c01791b2c6bafdd\"\u003e\u003ccode\u003ef24bbd8\u003c/code\u003e\u003c/a\u003e fix: validate private-key input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/376\"\u003e#376\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/363531b6d972a60a00b3f1e6bb139e5e6c764cd9\"\u003e\u003ccode\u003e363531b\u003c/code\u003e\u003c/a\u003e docs: capitalize Git as a proper noun in README (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/374\"\u003e#374\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/fd2801133e469d2950f2c5af5e591d6b2ad833c8\"\u003e\u003ccode\u003efd28011\u003c/code\u003e\u003c/a\u003e docs: update procedure to configure Git (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/287\"\u003e#287\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/85eb8dd41472213aed25d1a126460e0069138ab6\"\u003e\u003ccode\u003e85eb8dd\u003c/code\u003e\u003c/a\u003e feat: support full repository names in \u003ccode\u003erepositories\u003c/code\u003e input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/372\"\u003e#372\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/c9aabb83728c3bd519212fa657ebc07e1f2a5dec\"\u003e\u003ccode\u003ec9aabb8\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump yaml from 2.8.3 to 2.8.4 in the development-dependencie...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/e02e816e5591415258a53bf735aff57977dcd5e2\"\u003e\u003ccode\u003ee02e816\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump undici from 7.24.6 to 8.2.0 (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/366\"\u003e#366\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/8d835bfd37aa48fcb8e709925115857568d98bc4\"\u003e\u003ccode\u003e8d835bf\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump esbuild from 0.27.4 to 0.28.0 in the development-depend...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/952a2a7073df6bfa5f49bc469ec895b6ec1acea4\"\u003e\u003ccode\u003e952a2a7\u003c/code\u003e\u003c/a\u003e feat: add support for enterprise-level GitHub Apps (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/263\"\u003e#263\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/43e5c345bfd4d4f3ecea019ad0042001a09dd857\"\u003e\u003ccode\u003e43e5c34\u003c/code\u003e\u003c/a\u003e fix(deps): bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1 in the production-dependenc...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/actions/create-github-app-token/compare/v2...v3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/create-github-app-token\u0026package-manager=github_actions\u0026previous-version=2\u0026new-version=3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/autowarefoundation/sync-file-templates/pull/81","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/autowarefoundation%2Fsync-file-templates/issues/81","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/81/packages"},{"uuid":"4522057761","node_id":"PR_kwDOP50I2M7fTHoc","number":765,"state":"closed","title":"build(deps): bump the github-actions group with 4 updates","user":"dependabot[bot]","labels":["dependencies","github_actions"],"assignees":[],"locked":false,"comments_count":3,"pull_request":true,"closed_at":"2026-05-26T06:59:38.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-26T06:51:27.000Z","updated_at":"2026-05-26T06:59:41.000Z","time_to_close":491,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"build(deps): bump","group_name":"github-actions","update_count":4,"packages":[{"name":"pnpm/action-setup","old_version":"6.0.4","new_version":"6.0.8","repository_url":"https://github.com/pnpm/action-setup"},{"name":"codecov/codecov-action","old_version":"6.0.0","new_version":"6.0.1","repository_url":"https://github.com/codecov/codecov-action"},{"name":"actions/create-github-app-token","old_version":"3.1.1","new_version":"3.2.0","repository_url":"https://github.com/actions/create-github-app-token"},{"name":"changesets/action","old_version":"1.7.0","new_version":"1.8.0","repository_url":"https://github.com/changesets/action"}],"path":null,"ecosystem":"actions"},"body":"Bumps the github-actions group with 4 updates: [pnpm/action-setup](https://github.com/pnpm/action-setup), [codecov/codecov-action](https://github.com/codecov/codecov-action), [actions/create-github-app-token](https://github.com/actions/create-github-app-token) and [changesets/action](https://github.com/changesets/action).\n\nUpdates `pnpm/action-setup` from 6.0.4 to 6.0.8\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pnpm/action-setup/releases\"\u003epnpm/action-setup's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.0.8\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edocs(README): fix \u003ccode\u003ecache_dependency_path\u003c/code\u003e type by \u003ca href=\"https://github.com/haines\"\u003e\u003ccode\u003e@​haines\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pnpm/action-setup/pull/257\"\u003epnpm/action-setup#257\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: drop patchPnpmEnv so standalone+self-update works on Windows by \u003ca href=\"https://github.com/zkochan\"\u003e\u003ccode\u003e@​zkochan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pnpm/action-setup/pull/258\"\u003epnpm/action-setup#258\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: update pnpm to 11.1.1 by \u003ca href=\"https://github.com/mungodewar\"\u003e\u003ccode\u003e@​mungodewar\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pnpm/action-setup/pull/248\"\u003epnpm/action-setup#248\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mungodewar\"\u003e\u003ccode\u003e@​mungodewar\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/pnpm/action-setup/pull/248\"\u003epnpm/action-setup#248\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pnpm/action-setup/compare/v6.0.7...v6.0.8\"\u003ehttps://github.com/pnpm/action-setup/compare/v6.0.7...v6.0.8\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.0.7\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: honor devEngines.packageManager.onFail=error (\u003ca href=\"https://redirect.github.com/pnpm/action-setup/issues/252\"\u003e#252\u003c/a\u003e) by \u003ca href=\"https://github.com/zkochan\"\u003e\u003ccode\u003e@​zkochan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pnpm/action-setup/pull/254\"\u003epnpm/action-setup#254\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: restore inputs from state in post by \u003ca href=\"https://github.com/haines\"\u003e\u003ccode\u003e@​haines\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pnpm/action-setup/pull/255\"\u003epnpm/action-setup#255\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: self-update bootstrap to packageManager-pinned version (\u003ca href=\"https://redirect.github.com/pnpm/action-setup/issues/233\"\u003e#233\u003c/a\u003e) by \u003ca href=\"https://github.com/zkochan\"\u003e\u003ccode\u003e@​zkochan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pnpm/action-setup/pull/256\"\u003epnpm/action-setup#256\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/haines\"\u003e\u003ccode\u003e@​haines\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/pnpm/action-setup/pull/255\"\u003epnpm/action-setup#255\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pnpm/action-setup/compare/v6.0.6...v6.0.7\"\u003ehttps://github.com/pnpm/action-setup/compare/v6.0.6...v6.0.7\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.0.6\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: bin_dest output points to self-updated pnpm, not bootstrap by \u003ca href=\"https://github.com/zkochan\"\u003e\u003ccode\u003e@​zkochan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pnpm/action-setup/pull/249\"\u003epnpm/action-setup#249\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pnpm/action-setup/compare/v6.0.5...v6.0.6\"\u003ehttps://github.com/pnpm/action-setup/compare/v6.0.5...v6.0.6\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.0.5\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: append (not prepend) action node dir to PATH for npm bootstrap by \u003ca href=\"https://github.com/zkochan\"\u003e\u003ccode\u003e@​zkochan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pnpm/action-setup/pull/241\"\u003epnpm/action-setup#241\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pnpm/action-setup/compare/v6.0.4...v6.0.5\"\u003ehttps://github.com/pnpm/action-setup/compare/v6.0.4...v6.0.5\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pnpm/action-setup/commit/0e279bb959325dab635dd2c09392533439d90093\"\u003e\u003ccode\u003e0e279bb\u003c/code\u003e\u003c/a\u003e fix: update pnpm to 11.1.1 (\u003ca href=\"https://redirect.github.com/pnpm/action-setup/issues/248\"\u003e#248\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pnpm/action-setup/commit/3e835812ef01165f4f8ae08ade56da44427ed4e0\"\u003e\u003ccode\u003e3e83581\u003c/code\u003e\u003c/a\u003e fix: drop patchPnpmEnv so standalone+self-update works on Windows (\u003ca href=\"https://redirect.github.com/pnpm/action-setup/issues/258\"\u003e#258\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pnpm/action-setup/commit/551b42e879e37e74d986effdd2a1647d2b02d464\"\u003e\u003ccode\u003e551b42e\u003c/code\u003e\u003c/a\u003e docs(README): fix \u003ccode\u003ecache_dependency_path\u003c/code\u003e type (\u003ca href=\"https://redirect.github.com/pnpm/action-setup/issues/257\"\u003e#257\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pnpm/action-setup/commit/739bfe42ca9233c5e6aca07c1a25a9d34aca49b0\"\u003e\u003ccode\u003e739bfe4\u003c/code\u003e\u003c/a\u003e fix: self-update bootstrap to packageManager-pinned version (\u003ca href=\"https://redirect.github.com/pnpm/action-setup/issues/233\"\u003e#233\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/pnpm/action-setup/issues/256\"\u003e#256\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pnpm/action-setup/commit/f61705d907761b3b5209e83910fafd1fea50c5a1\"\u003e\u003ccode\u003ef61705d\u003c/code\u003e\u003c/a\u003e chore: add CODEOWNERS\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pnpm/action-setup/commit/7a5507b117647ab83e96e9db317ba2234056ebf3\"\u003e\u003ccode\u003e7a5507b\u003c/code\u003e\u003c/a\u003e fix: restore inputs from state in post (\u003ca href=\"https://redirect.github.com/pnpm/action-setup/issues/255\"\u003e#255\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pnpm/action-setup/commit/1155470f3e5fb872accd4d104b8dfcda41f676ce\"\u003e\u003ccode\u003e1155470\u003c/code\u003e\u003c/a\u003e fix: honor devEngines.packageManager.onFail=error (\u003ca href=\"https://redirect.github.com/pnpm/action-setup/issues/252\"\u003e#252\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/pnpm/action-setup/issues/254\"\u003e#254\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pnpm/action-setup/commit/91ab88e2619ed1f46221f0ba42d1492c02baf788\"\u003e\u003ccode\u003e91ab88e\u003c/code\u003e\u003c/a\u003e fix: bin_dest output points to self-updated pnpm, not bootstrap (\u003ca href=\"https://redirect.github.com/pnpm/action-setup/issues/249\"\u003e#249\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pnpm/action-setup/commit/e578e19d19d31b011b841ba2aca34731a5f706a5\"\u003e\u003ccode\u003ee578e19\u003c/code\u003e\u003c/a\u003e fix: update pnpm to 11.0.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pnpm/action-setup/commit/8912a9102ac27614460f54aedde9e1e7f9aec20d\"\u003e\u003ccode\u003e8912a91\u003c/code\u003e\u003c/a\u003e fix: append (not prepend) action node dir to PATH for npm bootstrap (\u003ca href=\"https://redirect.github.com/pnpm/action-setup/issues/241\"\u003e#241\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/pnpm/action-setup/compare/26f6d4f2c533a43e6b5da0b4a5dd983f98f7b49a...0e279bb959325dab635dd2c09392533439d90093\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `codecov/codecov-action` from 6.0.0 to 6.0.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/codecov/codecov-action/releases\"\u003ecodecov/codecov-action's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.0.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: prevent template injection in run: steps (VULN-1652) by \u003ca href=\"https://github.com/thomasrockhu-codecov\"\u003e\u003ccode\u003e@​thomasrockhu-codecov\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1947\"\u003ecodecov/codecov-action#1947\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(release): 6.0.1 by \u003ca href=\"https://github.com/thomasrockhu-codecov\"\u003e\u003ccode\u003e@​thomasrockhu-codecov\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1949\"\u003ecodecov/codecov-action#1949\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/codecov/codecov-action/compare/v6.0.0...v6.0.1\"\u003ehttps://github.com/codecov/codecov-action/compare/v6.0.0...v6.0.1\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md\"\u003ecodecov/codecov-action's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.5.2\u003c/h2\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/codecov/codecov-action/compare/v5.5.1..v5.5.2\"\u003ehttps://github.com/codecov/codecov-action/compare/v5.5.1..v5.5.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.5.1\u003c/h2\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix: overwrite pr number on fork by \u003ca href=\"https://github.com/thomasrockhu-codecov\"\u003e\u003ccode\u003e@​thomasrockhu-codecov\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1871\"\u003ecodecov/codecov-action#1871\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/checkout from 4.2.2 to 5.0.0 by \u003ccode\u003e@​app/dependabot\u003c/code\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1868\"\u003ecodecov/codecov-action#1868\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.29.9 to 3.29.11 by \u003ccode\u003e@​app/dependabot\u003c/code\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1867\"\u003ecodecov/codecov-action#1867\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: update to use local app/ dir by \u003ca href=\"https://github.com/thomasrockhu-codecov\"\u003e\u003ccode\u003e@​thomasrockhu-codecov\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1872\"\u003ecodecov/codecov-action#1872\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: fix typo in README by \u003ca href=\"https://github.com/datalater\"\u003e\u003ccode\u003e@​datalater\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1866\"\u003ecodecov/codecov-action#1866\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDocument a \u003ccode\u003ecodecov-cli\u003c/code\u003e version reference example by \u003ca href=\"https://github.com/webknjaz\"\u003e\u003ccode\u003e@​webknjaz\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1774\"\u003ecodecov/codecov-action#1774\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.28.18 to 3.29.9 by \u003ccode\u003e@​app/dependabot\u003c/code\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1861\"\u003ecodecov/codecov-action#1861\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump ossf/scorecard-action from 2.4.1 to 2.4.2 by \u003ccode\u003e@​app/dependabot\u003c/code\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1833\"\u003ecodecov/codecov-action#1833\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/codecov/codecov-action/compare/v5.5.0..v5.5.1\"\u003ehttps://github.com/codecov/codecov-action/compare/v5.5.0..v5.5.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.5.0\u003c/h2\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efeat: upgrade wrapper to 0.2.4 by \u003ca href=\"https://github.com/jviall\"\u003e\u003ccode\u003e@​jviall\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1864\"\u003ecodecov/codecov-action#1864\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePin actions/github-script by Git SHA by \u003ca href=\"https://github.com/martincostello\"\u003e\u003ccode\u003e@​martincostello\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1859\"\u003ecodecov/codecov-action#1859\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: check reqs exist by \u003ca href=\"https://github.com/joseph-sentry\"\u003e\u003ccode\u003e@​joseph-sentry\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1835\"\u003ecodecov/codecov-action#1835\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: Typo in README by \u003ca href=\"https://github.com/spalmurray\"\u003e\u003ccode\u003e@​spalmurray\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1838\"\u003ecodecov/codecov-action#1838\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: Refine OIDC docs by \u003ca href=\"https://github.com/spalmurray\"\u003e\u003ccode\u003e@​spalmurray\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1837\"\u003ecodecov/codecov-action#1837\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.28.17 to 3.28.18 by \u003ccode\u003e@​app/dependabot\u003c/code\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1829\"\u003ecodecov/codecov-action#1829\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/codecov/codecov-action/compare/v5.4.3..v5.5.0\"\u003ehttps://github.com/codecov/codecov-action/compare/v5.4.3..v5.5.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.4.3\u003c/h2\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.28.13 to 3.28.17 by \u003ccode\u003e@​app/dependabot\u003c/code\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1822\"\u003ecodecov/codecov-action#1822\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: OIDC on forks by \u003ca href=\"https://github.com/joseph-sentry\"\u003e\u003ccode\u003e@​joseph-sentry\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1823\"\u003ecodecov/codecov-action#1823\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/codecov/codecov-action/compare/v5.4.2..v5.4.3\"\u003ehttps://github.com/codecov/codecov-action/compare/v5.4.2..v5.4.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.4.2\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/codecov/codecov-action/commit/e79a6962e0d4c0c17b229090214935d2e33f8354\"\u003e\u003ccode\u003ee79a696\u003c/code\u003e\u003c/a\u003e chore(release): 6.0.1 (\u003ca href=\"https://redirect.github.com/codecov/codecov-action/issues/1949\"\u003e#1949\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/codecov/codecov-action/commit/51e64229ac331acb0d7f7b17c67423995f991c79\"\u003e\u003ccode\u003e51e6422\u003c/code\u003e\u003c/a\u003e fix: prevent template injection in run: steps (VULN-1652) (\u003ca href=\"https://redirect.github.com/codecov/codecov-action/issues/1947\"\u003e#1947\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/codecov/codecov-action/compare/57e3a136b779b570ffcdbf80b3bdc90e7fab3de2...e79a6962e0d4c0c17b229090214935d2e33f8354\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `actions/create-github-app-token` from 3.1.1 to 3.2.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/create-github-app-token/releases\"\u003eactions/create-github-app-token's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.2.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/compare/v3.1.1...v3.2.0\"\u003e3.2.0\u003c/a\u003e (2026-05-12)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd support for enterprise-level GitHub Apps (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/263\"\u003e#263\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/952a2a7073df6bfa5f49bc469ec895b6ec1acea4\"\u003e952a2a7\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esupport full repository names in \u003ccode\u003erepositories\u003c/code\u003e input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/372\"\u003e#372\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/85eb8dd41472213aed25d1a126460e0069138ab6\"\u003e85eb8dd\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1 in the production-dependencies group (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/364\"\u003e#364\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/43e5c345bfd4d4f3ecea019ad0042001a09dd857\"\u003e43e5c34\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003evalidate private-key input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/376\"\u003e#376\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/f24bbd89643991c0de27ae823c01791b2c6bafdd\"\u003ef24bbd8\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/create-github-app-token/blob/main/CHANGELOG.md\"\u003eactions/create-github-app-token's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/compare/v3.1.1...v3.2.0\"\u003e3.2.0\u003c/a\u003e (2026-05-12)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd support for enterprise-level GitHub Apps (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/263\"\u003e#263\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/952a2a7073df6bfa5f49bc469ec895b6ec1acea4\"\u003e952a2a7\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esupport full repository names in \u003ccode\u003erepositories\u003c/code\u003e input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/372\"\u003e#372\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/85eb8dd41472213aed25d1a126460e0069138ab6\"\u003e85eb8dd\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1 in the production-dependencies group (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/364\"\u003e#364\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/43e5c345bfd4d4f3ecea019ad0042001a09dd857\"\u003e43e5c34\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003evalidate private-key input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/376\"\u003e#376\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/f24bbd89643991c0de27ae823c01791b2c6bafdd\"\u003ef24bbd8\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/bcd2ba49218906704ab6c1aa796996da409d3eb1\"\u003e\u003ccode\u003ebcd2ba4\u003c/code\u003e\u003c/a\u003e chore(main): release 3.2.0 (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/370\"\u003e#370\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/f24bbd89643991c0de27ae823c01791b2c6bafdd\"\u003e\u003ccode\u003ef24bbd8\u003c/code\u003e\u003c/a\u003e fix: validate private-key input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/376\"\u003e#376\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/363531b6d972a60a00b3f1e6bb139e5e6c764cd9\"\u003e\u003ccode\u003e363531b\u003c/code\u003e\u003c/a\u003e docs: capitalize Git as a proper noun in README (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/374\"\u003e#374\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/fd2801133e469d2950f2c5af5e591d6b2ad833c8\"\u003e\u003ccode\u003efd28011\u003c/code\u003e\u003c/a\u003e docs: update procedure to configure Git (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/287\"\u003e#287\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/85eb8dd41472213aed25d1a126460e0069138ab6\"\u003e\u003ccode\u003e85eb8dd\u003c/code\u003e\u003c/a\u003e feat: support full repository names in \u003ccode\u003erepositories\u003c/code\u003e input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/372\"\u003e#372\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/c9aabb83728c3bd519212fa657ebc07e1f2a5dec\"\u003e\u003ccode\u003ec9aabb8\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump yaml from 2.8.3 to 2.8.4 in the development-dependencie...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/e02e816e5591415258a53bf735aff57977dcd5e2\"\u003e\u003ccode\u003ee02e816\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump undici from 7.24.6 to 8.2.0 (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/366\"\u003e#366\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/8d835bfd37aa48fcb8e709925115857568d98bc4\"\u003e\u003ccode\u003e8d835bf\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump esbuild from 0.27.4 to 0.28.0 in the development-depend...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/952a2a7073df6bfa5f49bc469ec895b6ec1acea4\"\u003e\u003ccode\u003e952a2a7\u003c/code\u003e\u003c/a\u003e feat: add support for enterprise-level GitHub Apps (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/263\"\u003e#263\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/43e5c345bfd4d4f3ecea019ad0042001a09dd857\"\u003e\u003ccode\u003e43e5c34\u003c/code\u003e\u003c/a\u003e fix(deps): bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1 in the production-dependenc...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/actions/create-github-app-token/compare/1b10c78c7865c340bc4f6099eb2f838309f1e8c3...bcd2ba49218906704ab6c1aa796996da409d3eb1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `changesets/action` from 1.7.0 to 1.8.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/changesets/action/releases\"\u003echangesets/action's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.8.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/changesets/action/pull/258\"\u003e#258\u003c/a\u003e \u003ca href=\"https://github.com/changesets/action/commit/f5dbf72f96949cb0daf45152f0f63062df70e97d\"\u003e\u003ccode\u003ef5dbf72\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/tom-sherman\"\u003e\u003ccode\u003e@​tom-sherman\u003c/code\u003e\u003c/a\u003e! - Support draft version PR modes with a new \u003ccode\u003eprDraft\u003c/code\u003e input. Use \u003ccode\u003ecreate\u003c/code\u003e to create new version PRs as drafts, or \u003ccode\u003ealways\u003c/code\u003e to also convert existing version PRs back to draft when updating them.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/changesets/action/pull/502\"\u003e#502\u003c/a\u003e \u003ca href=\"https://github.com/changesets/action/commit/6002dbd987f49a3c0a134910d9c7bca975b79977\"\u003e\u003ccode\u003e6002dbd\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/oshytiko\"\u003e\u003ccode\u003e@​oshytiko\u003c/code\u003e\u003c/a\u003e! - Fixed initial \u003ccode\u003e.changeset\u003c/code\u003e state being picked up, when \u003ccode\u003ecwd\u003c/code\u003e parameter is provided\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/changesets/action/pull/536\"\u003e#536\u003c/a\u003e \u003ca href=\"https://github.com/changesets/action/commit/81b3f61ebffcb868f73e4c0b2682517149c834a2\"\u003e\u003ccode\u003e81b3f61\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/radnan\"\u003e\u003ccode\u003e@​radnan\u003c/code\u003e\u003c/a\u003e! - Fixed \u003ccode\u003e.changeset\u003c/code\u003e state being picked for the version command when \u003ccode\u003ecwd\u003c/code\u003e parameter is provided\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/changesets/action/blob/main/CHANGELOG.md\"\u003echangesets/action's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e\u003ccode\u003e@​changesets/action\u003c/code\u003e\u003c/h1\u003e\n\u003ch2\u003e1.8.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/changesets/action/pull/258\"\u003e#258\u003c/a\u003e \u003ca href=\"https://github.com/changesets/action/commit/f5dbf72f96949cb0daf45152f0f63062df70e97d\"\u003e\u003ccode\u003ef5dbf72\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/tom-sherman\"\u003e\u003ccode\u003e@​tom-sherman\u003c/code\u003e\u003c/a\u003e! - Support draft version PR modes with a new \u003ccode\u003eprDraft\u003c/code\u003e input. Use \u003ccode\u003ecreate\u003c/code\u003e to create new version PRs as drafts, or \u003ccode\u003ealways\u003c/code\u003e to also convert existing version PRs back to draft when updating them.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/changesets/action/pull/502\"\u003e#502\u003c/a\u003e \u003ca href=\"https://github.com/changesets/action/commit/6002dbd987f49a3c0a134910d9c7bca975b79977\"\u003e\u003ccode\u003e6002dbd\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/oshytiko\"\u003e\u003ccode\u003e@​oshytiko\u003c/code\u003e\u003c/a\u003e! - Fixed initial \u003ccode\u003e.changeset\u003c/code\u003e state being picked up, when \u003ccode\u003ecwd\u003c/code\u003e parameter is provided\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/changesets/action/pull/536\"\u003e#536\u003c/a\u003e \u003ca href=\"https://github.com/changesets/action/commit/81b3f61ebffcb868f73e4c0b2682517149c834a2\"\u003e\u003ccode\u003e81b3f61\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/radnan\"\u003e\u003ccode\u003e@​radnan\u003c/code\u003e\u003c/a\u003e! - Fixed \u003ccode\u003e.changeset\u003c/code\u003e state being picked for the version command when \u003ccode\u003ecwd\u003c/code\u003e parameter is provided\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.7.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/changesets/action/pull/564\"\u003e#564\u003c/a\u003e \u003ca href=\"https://github.com/changesets/action/commit/935fe876b0054dfc962ac86bcddf028460040d46\"\u003e\u003ccode\u003e935fe87\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/Andarist\"\u003e\u003ccode\u003e@​Andarist\u003c/code\u003e\u003c/a\u003e! - Automatically use the GitHub-provided token to allow most users to avoid explicit \u003ccode\u003eGITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}\u003c/code\u003e configuration.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/changesets/action/pull/545\"\u003e#545\u003c/a\u003e \u003ca href=\"https://github.com/changesets/action/commit/54220dd92c06e7da112b139f95d8beb933e4cdde\"\u003e\u003ccode\u003e54220dd\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/ryanbas21\"\u003e\u003ccode\u003e@​ryanbas21\u003c/code\u003e\u003c/a\u003e! - The \u003ccode\u003e.npmrc\u003c/code\u003e generation now intelligently handles both traditional NPM token authentication and trusted publishing scenarios by only appending the auth token when \u003ccode\u003eNPM_TOKEN\u003c/code\u003e is defined. This prevents 'undefined' from being written to the registry configuration when using OIDC tokens from GitHub Actions trusted publishing.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/changesets/action/pull/563\"\u003e#563\u003c/a\u003e \u003ca href=\"https://github.com/changesets/action/commit/6af4a7ec080d23ac6b304f69b67fd0aa92e089e7\"\u003e\u003ccode\u003e6af4a7e\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/Andarist\"\u003e\u003ccode\u003e@​Andarist\u003c/code\u003e\u003c/a\u003e! - Don't error on already committed symlinks and executables that stay untouched\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.6.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/changesets/action/pull/558\"\u003e#558\u003c/a\u003e \u003ca href=\"https://github.com/changesets/action/commit/342005d41242bccd9dd9ae8d3679efce96af48ae\"\u003e\u003ccode\u003e342005d\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/harsha-venugopal-ledn\"\u003e\u003ccode\u003e@​harsha-venugopal-ledn\u003c/code\u003e\u003c/a\u003e! - Upgrade from Node.js 20 to Node.js 24 LTS\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.5.3\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/changesets/action/pull/477\"\u003e#477\u003c/a\u003e \u003ca href=\"https://github.com/changesets/action/commit/9d933dcd11c284ac49a835db884c3c1008b2b96f\"\u003e\u003ccode\u003e9d933dc\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/Andarist\"\u003e\u003ccode\u003e@​Andarist\u003c/code\u003e\u003c/a\u003e! - Updated \u003ccode\u003e@actions/*\u003c/code\u003e and \u003ccode\u003e@octokit/*\u003c/code\u003e dependencies.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/changesets/action/pull/479\"\u003e#479\u003c/a\u003e \u003ca href=\"https://github.com/changesets/action/commit/cf373e45c90a0cc564cd2770de3e9a3a4cdd4603\"\u003e\u003ccode\u003ecf373e4\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/Andarist\"\u003e\u003ccode\u003e@​Andarist\u003c/code\u003e\u003c/a\u003e! - Switched to \u003ccode\u003eesbuild\u003c/code\u003e for bundling the dist file. This led to 45% file size reduction.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/changesets/action/pull/488\"\u003e#488\u003c/a\u003e \u003ca href=\"https://github.com/changesets/action/commit/022692ba027b33bf46d4d41907a317fbf04461a7\"\u003e\u003ccode\u003e022692b\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/s0\"\u003e\u003ccode\u003e@​s0\u003c/code\u003e\u003c/a\u003e! - Fix PRs sometimes not getting reopened with \u003ccode\u003ecommitMode: github-api\u003c/code\u003e\u003c/p\u003e\n\u003cp\u003eThere was a race-condition that means sometimes existing PRs would not be found,\nand new PRs would be opened. This has now been fixed by fetching existing PRs\nbefore making any changes.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/changesets/action/pull/486\"\u003e#486\u003c/a\u003e \u003ca href=\"https://github.com/changesets/action/commit/7ed195554624ebd75c08aa477b53110f61cc78f7\"\u003e\u003ccode\u003e7ed1955\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/s0\"\u003e\u003ccode\u003e@​s0\u003c/code\u003e\u003c/a\u003e! - Fixed situations in which \u003ccode\u003ecwd\u003c/code\u003e was specified as a relative path and used with (default) \u003ccode\u003ecommitMode: git-cli\u003c/code\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/changesets/action/pull/461\"\u003e#461\u003c/a\u003e \u003ca href=\"https://github.com/changesets/action/commit/e9c36b696406360bf04204ad32e3dcf3ad752b77\"\u003e\u003ccode\u003ee9c36b6\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/nayounsang\"\u003e\u003ccode\u003e@​nayounsang\u003c/code\u003e\u003c/a\u003e! - Avoid hitting a deprecation warning when encountering errors from \u003ccode\u003e@octokit/request-error\u003c/code\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/changesets/action/commit/63a615b9cd06ba9a3e6d13796c7fbcb080a60a0b\"\u003e\u003ccode\u003e63a615b\u003c/code\u003e\u003c/a\u003e v1.8.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/changesets/action/commit/84c24326acc93f51d3f24f30a546316c82e2115c\"\u003e\u003ccode\u003e84c2432\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://redirect.github.com/changesets/action/issues/598\"\u003e#598\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/changesets/action/commit/f5dbf72f96949cb0daf45152f0f63062df70e97d\"\u003e\u003ccode\u003ef5dbf72\u003c/code\u003e\u003c/a\u003e Add draft mode support (\u003ca href=\"https://redirect.github.com/changesets/action/issues/258\"\u003e#258\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/changesets/action/commit/91b911142e975cceaa134eecb302493230d68c05\"\u003e\u003ccode\u003e91b9111\u003c/code\u003e\u003c/a\u003e Protect publishes with env gate (\u003ca href=\"https://redirect.github.com/changesets/action/issues/610\"\u003e#610\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/changesets/action/commit/d4c53c294341eec8a419ec2d1927138bfdeec234\"\u003e\u003ccode\u003ed4c53c2\u003c/code\u003e\u003c/a\u003e Fix \u003ccode\u003eCODEOWNERS\u003c/code\u003e pattern\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/changesets/action/commit/2ae596f3dd74aaee4f346b31fda33a58528d3d40\"\u003e\u003ccode\u003e2ae596f\u003c/code\u003e\u003c/a\u003e Tweak CI setup (\u003ca href=\"https://redirect.github.com/changesets/action/issues/599\"\u003e#599\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/changesets/action/commit/0784b0ec8fcaa273fc06742c926ee7cfc946a8e7\"\u003e\u003ccode\u003e0784b0e\u003c/code\u003e\u003c/a\u003e Add \u003ccode\u003eCODEOWNERS\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/changesets/action/commit/81b3f61ebffcb868f73e4c0b2682517149c834a2\"\u003e\u003ccode\u003e81b3f61\u003c/code\u003e\u003c/a\u003e Fixed \u003ccode\u003e.changeset\u003c/code\u003e state being picked for the version command when \u003ccode\u003ecwd\u003c/code\u003e para...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/changesets/action/commit/6002dbd987f49a3c0a134910d9c7bca975b79977\"\u003e\u003ccode\u003e6002dbd\u003c/code\u003e\u003c/a\u003e Fix reading \u003ccode\u003e.changeset\u003c/code\u003e directory from path provided in \u003ccode\u003ecwd\u003c/code\u003e parameter (\u003ca href=\"https://redirect.github.com/changesets/action/issues/502\"\u003e#502\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/changesets/action/compare/6a0a831ff30acef54f2c6aa1cbbc1096b066edaf...63a615b9cd06ba9a3e6d13796c7fbcb080a60a0b\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\n\n\n\u003c/details\u003e","html_url":"https://github.com/nl-design-system/theme-wizard/pull/765","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/nl-design-system%2Ftheme-wizard/issues/765","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/765/packages"},{"uuid":"4518481397","node_id":"PR_kwDOPRF1G87fHh5F","number":32172,"state":"open","title":"chore(actions)(deps): bump actions/create-github-app-token from 1.9.3 to 3.2.0","user":"dependabot[bot]","labels":["dependencies"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-25T17:11:45.000Z","updated_at":"2026-05-25T17:12:36.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(actions)(deps)","packages":[{"name":"actions/create-github-app-token","old_version":"1.9.3","new_version":"3.2.0","repository_url":"https://github.com/actions/create-github-app-token"}],"path":null,"ecosystem":"actions"},"body":"Bumps [actions/create-github-app-token](https://github.com/actions/create-github-app-token) from 1.9.3 to 3.2.0.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/create-github-app-token/releases\"\u003eactions/create-github-app-token's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.2.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/compare/v3.1.1...v3.2.0\"\u003e3.2.0\u003c/a\u003e (2026-05-12)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd support for enterprise-level GitHub Apps (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/263\"\u003e#263\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/952a2a7073df6bfa5f49bc469ec895b6ec1acea4\"\u003e952a2a7\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esupport full repository names in \u003ccode\u003erepositories\u003c/code\u003e input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/372\"\u003e#372\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/85eb8dd41472213aed25d1a126460e0069138ab6\"\u003e85eb8dd\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1 in the production-dependencies group (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/364\"\u003e#364\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/43e5c345bfd4d4f3ecea019ad0042001a09dd857\"\u003e43e5c34\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003evalidate private-key input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/376\"\u003e#376\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/f24bbd89643991c0de27ae823c01791b2c6bafdd\"\u003ef24bbd8\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.1.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/compare/v3.1.0...v3.1.1\"\u003e3.1.1\u003c/a\u003e (2026-04-11)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eimprove error message when app identifier is empty (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/362\"\u003e#362\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/07e2b760664f080c40eec4eacf7477256582db36\"\u003e07e2b76\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/249\"\u003e#249\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.1.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/compare/v3.0.0...v3.1.0\"\u003e3.1.0\u003c/a\u003e (2026-04-11)\u003c/h1\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump p-retry from 7.1.1 to 8.0.0 (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/357\"\u003e#357\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/3bbe07d928e2d6c30bf3e37c6b89edbc4045facf\"\u003e3bbe07d\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd \u003ccode\u003eclient-id\u003c/code\u003e input and deprecate \u003ccode\u003eapp-id\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/353\"\u003e#353\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/e6bd4e6970172bed9fe138b2eaf4cbffa4cca8f9\"\u003ee6bd4e6\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupdate permission inputs (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/358\"\u003e#358\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/076e9480ca6e9633bff412d05eff0fc2f1e7d2be\"\u003e076e948\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.0.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/compare/v2.2.2...v3.0.0\"\u003e3.0.0\u003c/a\u003e (2026-03-14)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003efeat!: node 24 support (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/275\"\u003e#275\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/2e564a0bb8e7cc2b907b2401a2afe177882d4325\"\u003e2e564a0\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix!: require \u003ccode\u003eNODE_USE_ENV_PROXY\u003c/code\u003e for proxy support (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/342\"\u003e#342\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/4451bcbc139f8124b0bf04f968ea2586b17df458\"\u003e4451bcb\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eremove custom proxy handling (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/143\"\u003e#143\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/dce0ab05f36f30b22fd14289fd36655c618e4e8e\"\u003edce0ab0\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/create-github-app-token/blob/main/CHANGELOG.md\"\u003eactions/create-github-app-token's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/compare/v3.1.1...v3.2.0\"\u003e3.2.0\u003c/a\u003e (2026-05-12)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd support for enterprise-level GitHub Apps (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/263\"\u003e#263\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/952a2a7073df6bfa5f49bc469ec895b6ec1acea4\"\u003e952a2a7\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esupport full repository names in \u003ccode\u003erepositories\u003c/code\u003e input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/372\"\u003e#372\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/85eb8dd41472213aed25d1a126460e0069138ab6\"\u003e85eb8dd\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1 in the production-dependencies group (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/364\"\u003e#364\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/43e5c345bfd4d4f3ecea019ad0042001a09dd857\"\u003e43e5c34\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003evalidate private-key input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/376\"\u003e#376\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/f24bbd89643991c0de27ae823c01791b2c6bafdd\"\u003ef24bbd8\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/bcd2ba49218906704ab6c1aa796996da409d3eb1\"\u003e\u003ccode\u003ebcd2ba4\u003c/code\u003e\u003c/a\u003e chore(main): release 3.2.0 (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/370\"\u003e#370\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/f24bbd89643991c0de27ae823c01791b2c6bafdd\"\u003e\u003ccode\u003ef24bbd8\u003c/code\u003e\u003c/a\u003e fix: validate private-key input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/376\"\u003e#376\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/363531b6d972a60a00b3f1e6bb139e5e6c764cd9\"\u003e\u003ccode\u003e363531b\u003c/code\u003e\u003c/a\u003e docs: capitalize Git as a proper noun in README (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/374\"\u003e#374\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/fd2801133e469d2950f2c5af5e591d6b2ad833c8\"\u003e\u003ccode\u003efd28011\u003c/code\u003e\u003c/a\u003e docs: update procedure to configure Git (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/287\"\u003e#287\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/85eb8dd41472213aed25d1a126460e0069138ab6\"\u003e\u003ccode\u003e85eb8dd\u003c/code\u003e\u003c/a\u003e feat: support full repository names in \u003ccode\u003erepositories\u003c/code\u003e input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/372\"\u003e#372\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/c9aabb83728c3bd519212fa657ebc07e1f2a5dec\"\u003e\u003ccode\u003ec9aabb8\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump yaml from 2.8.3 to 2.8.4 in the development-dependencie...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/e02e816e5591415258a53bf735aff57977dcd5e2\"\u003e\u003ccode\u003ee02e816\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump undici from 7.24.6 to 8.2.0 (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/366\"\u003e#366\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/8d835bfd37aa48fcb8e709925115857568d98bc4\"\u003e\u003ccode\u003e8d835bf\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump esbuild from 0.27.4 to 0.28.0 in the development-depend...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/952a2a7073df6bfa5f49bc469ec895b6ec1acea4\"\u003e\u003ccode\u003e952a2a7\u003c/code\u003e\u003c/a\u003e feat: add support for enterprise-level GitHub Apps (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/263\"\u003e#263\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/43e5c345bfd4d4f3ecea019ad0042001a09dd857\"\u003e\u003ccode\u003e43e5c34\u003c/code\u003e\u003c/a\u003e fix(deps): bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1 in the production-dependenc...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/actions/create-github-app-token/compare/7bfa3a4717ef143a604ee0a99d859b8886a96d00...bcd2ba49218906704ab6c1aa796996da409d3eb1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/create-github-app-token\u0026package-manager=github_actions\u0026previous-version=1.9.3\u0026new-version=3.2.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/NousResearch/hermes-agent/pull/32172","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/NousResearch%2Fhermes-agent/issues/32172","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/32172/packages"},{"uuid":"4518363983","node_id":"PR_kwDOAB7Rz87fHJss","number":7762,"state":"open","title":"chore(deps): bump the github-actions group across 1 directory with 7 updates","user":"dependabot[bot]","labels":["sdou","dependencies"],"assignees":[],"locked":false,"comments_count":3,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-25T16:46:28.000Z","updated_at":"2026-05-30T04:00:59.145Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"github-actions","update_count":7,"packages":[{"name":"aws-actions/configure-aws-credentials","old_version":"4","new_version":"6","repository_url":"https://github.com/aws-actions/configure-aws-credentials"},{"name":"aws-actions/aws-secretsmanager-get-secrets","old_version":"2","new_version":"3","repository_url":"https://github.com/aws-actions/aws-secretsmanager-get-secrets"},{"name":"actions/github-script","old_version":"8","new_version":"9","repository_url":"https://github.com/actions/github-script"},{"name":"actions/create-github-app-token","old_version":"3.1.1","new_version":"3.2.0","repository_url":"https://github.com/actions/create-github-app-token"},{"name":"github/codeql-action","old_version":"4.35.2","new_version":"4.36.0","repository_url":"https://github.com/github/codeql-action"},{"name":"slackapi/slack-github-action","old_version":"3.0.2","new_version":"3.0.3","repository_url":"https://github.com/slackapi/slack-github-action"},{"name":"release-drafter/release-drafter","old_version":"7.2.0","new_version":"7.3.1","repository_url":"https://github.com/release-drafter/release-drafter"}],"path":null,"ecosystem":"actions"},"body":"[//]: # (dependabot-start)\n⚠️  **Dependabot is rebasing this PR** ⚠️ \n\nRebasing might not happen immediately, so don't worry if this takes some time.\n\nNote: if you make any changes to this PR yourself, they will take precedence over the rebase.\n\n---\n\n[//]: # (dependabot-end)\n\nBumps the github-actions group with 7 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [aws-actions/configure-aws-credentials](https://github.com/aws-actions/configure-aws-credentials) | `4` | `6` |\n| [aws-actions/aws-secretsmanager-get-secrets](https://github.com/aws-actions/aws-secretsmanager-get-secrets) | `2` | `3` |\n| [actions/github-script](https://github.com/actions/github-script) | `8` | `9` |\n| [actions/create-github-app-token](https://github.com/actions/create-github-app-token) | `3.1.1` | `3.2.0` |\n| [github/codeql-action](https://github.com/github/codeql-action) | `4.35.2` | `4.36.0` |\n| [slackapi/slack-github-action](https://github.com/slackapi/slack-github-action) | `3.0.2` | `3.0.3` |\n| [release-drafter/release-drafter](https://github.com/release-drafter/release-drafter) | `7.2.0` | `7.3.1` |\n\n\nUpdates `aws-actions/configure-aws-credentials` from 4 to 6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/aws-actions/configure-aws-credentials/releases\"\u003eaws-actions/configure-aws-credentials's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.0.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/aws-actions/configure-aws-credentials/compare/v5.1.1...v6.0.0\"\u003e6.0.0\u003c/a\u003e (2026-02-04)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate action to use node24 \u003cem\u003eNote this requires GitHub action runner version \u003ca href=\"https://github.com/actions/runner/releases/tag/v2.327.1\"\u003ev2.327.1\u003c/a\u003e or later\u003c/em\u003e (\u003ca href=\"https://redirect.github.com/aws-actions/configure-aws-credentials/pull/1632\"\u003e#1632\u003c/a\u003e) (\u003ca href=\"https://github.com/aws-actions/configure-aws-credentials/commit/a7a2c1125c67f40a1e95768f4e4a7d8f019f87af\"\u003ea7a2c11\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd support to define transitive tag keys (\u003ca href=\"https://redirect.github.com/aws-actions/configure-aws-credentials/pull/1316\"\u003e#1316\u003c/a\u003e) (\u003ca href=\"https://github.com/aws-actions/configure-aws-credentials/commit/232435c0c05e51137544f0203931b84893d13b74\"\u003e232435c\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/aws-actions/configure-aws-credentials/pull/1628/changes/930ebd9bcaed959c3ba9e21567e8abbc3cae72c0\"\u003e930ebd9\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eproperly output \u003ccode\u003eaws-account-id\u003c/code\u003e and \u003ccode\u003eauthenticated-arn\u003c/code\u003e when using role-chaining (\u003ca href=\"https://redirect.github.com/aws-actions/configure-aws-credentials/pull/1633\"\u003e#1633\u003c/a\u003e) (\u003ca href=\"https://github.com/aws-actions/configure-aws-credentials/commit/7ceaf96edc86cc1713cef59eba79feeb23f59da1\"\u003e7ceaf96\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.1.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/aws-actions/configure-aws-credentials/compare/v5.1.0...v5.1.1\"\u003e5.1.1\u003c/a\u003e (2025-11-24)\u003c/h2\u003e\n\u003ch3\u003eMiscellaneous Chores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003erelease 5.1.1 (\u003ca href=\"https://github.com/aws-actions/configure-aws-credentials/commit/56d6a583f00f6bad6d19d91d53a7bc3b8143d0e9\"\u003e56d6a58\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003evarious dependency updates\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.1.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/aws-actions/configure-aws-credentials/compare/v5.0.0...v5.1.0\"\u003e5.1.0\u003c/a\u003e (2025-10-06)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd global timeout support (\u003ca href=\"https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1487\"\u003e#1487\u003c/a\u003e) (\u003ca href=\"https://github.com/aws-actions/configure-aws-credentials/commit/1584b8b0e2062557287c28fbe9b8920df434e866\"\u003e1584b8b\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eadd no-proxy support (\u003ca href=\"https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1482\"\u003e#1482\u003c/a\u003e) (\u003ca href=\"https://github.com/aws-actions/configure-aws-credentials/commit/dde9b22a8e889a0821997a21a2c5a38020ee8de3\"\u003edde9b22\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eImprove debug logging in retry logic (\u003ca href=\"https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1485\"\u003e#1485\u003c/a\u003e) (\u003ca href=\"https://github.com/aws-actions/configure-aws-credentials/commit/97ef425d73aa532439f54f90d0e83101a186c5a6\"\u003e97ef425\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eproperly expose getProxyForUrl (introduced in \u003ca href=\"https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1482\"\u003e#1482\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1486\"\u003e#1486\u003c/a\u003e) (\u003ca href=\"https://github.com/aws-actions/configure-aws-credentials/commit/cea42985ac88b42678fbc84c18066a7f07f05176\"\u003ecea4298\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.0.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/aws-actions/configure-aws-credentials/compare/v4.3.1...v5.0.0\"\u003e5.0.0\u003c/a\u003e (2025-09-03)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCleanup input handling. Changes invalid boolean input behavior (see \u003ca href=\"https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1445\"\u003e#1445\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws-actions/configure-aws-credentials/commit/d979d5b3a71173a29b74b5b88418bfda9437d885\"\u003e\u003ccode\u003ed979d5b\u003c/code\u003e\u003c/a\u003e chore: release 6.1.1 (\u003ca href=\"https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1757\"\u003e#1757\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws-actions/configure-aws-credentials/commit/d4a9acd8d3a85678bd2eb9e0a2225949c8ce00f0\"\u003e\u003ccode\u003ed4a9acd\u003c/code\u003e\u003c/a\u003e chore: Update dist\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws-actions/configure-aws-credentials/commit/fc44f4ae4061c6145827c6bead5058cf4a09d3d7\"\u003e\u003ccode\u003efc44f4a\u003c/code\u003e\u003c/a\u003e chore(deps): bump \u003ccode\u003e@​aws-sdk/client-sts\u003c/code\u003e from 3.1033.0 to 3.1038.0 (\u003ca href=\"https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1749\"\u003e#1749\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws-actions/configure-aws-credentials/commit/0b8336f1bad4254674f1627a88cca9b70e5c1a99\"\u003e\u003ccode\u003e0b8336f\u003c/code\u003e\u003c/a\u003e chore: Update dist\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws-actions/configure-aws-credentials/commit/8c5bf33eedab7c569b2218bc0c1428d2c61479ed\"\u003e\u003ccode\u003e8c5bf33\u003c/code\u003e\u003c/a\u003e chore(deps-dev): bump \u003ccode\u003e@​aws-sdk/credential-provider-env\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1751\"\u003e#1751\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws-actions/configure-aws-credentials/commit/53df0c1c3279cace88c3da0c5a8791841d742b83\"\u003e\u003ccode\u003e53df0c1\u003c/code\u003e\u003c/a\u003e chore: Update dist\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws-actions/configure-aws-credentials/commit/c2c55827d200646241e6a76179dda6118b08577d\"\u003e\u003ccode\u003ec2c5582\u003c/code\u003e\u003c/a\u003e chore(deps): bump \u003ccode\u003e@​smithy/node-http-handler\u003c/code\u003e from 4.6.0 to 4.6.1 (\u003ca href=\"https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1750\"\u003e#1750\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws-actions/configure-aws-credentials/commit/bd0031d7c367b4b2496a30f8e318da766a6a0a7c\"\u003e\u003ccode\u003ebd0031d\u003c/code\u003e\u003c/a\u003e chore(deps): bump postcss from 8.5.6 to 8.5.12 (\u003ca href=\"https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1752\"\u003e#1752\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws-actions/configure-aws-credentials/commit/6ab499a6985908ab02d242935a89426bb7206e53\"\u003e\u003ccode\u003e6ab499a\u003c/code\u003e\u003c/a\u003e chore(deps-dev): bump \u003ccode\u003e@​biomejs/biome\u003c/code\u003e from 2.4.12 to 2.4.13 (\u003ca href=\"https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1747\"\u003e#1747\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws-actions/configure-aws-credentials/commit/bc9489585819302995bb108bbd899b7975f40303\"\u003e\u003ccode\u003ebc94895\u003c/code\u003e\u003c/a\u003e chore(deps-dev): bump \u003ccode\u003e@​biomejs/biome\u003c/code\u003e from 2.4.11 to 2.4.12 (\u003ca href=\"https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1739\"\u003e#1739\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/aws-actions/configure-aws-credentials/compare/v4...v6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `aws-actions/aws-secretsmanager-get-secrets` from 2 to 3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/aws-actions/aws-secretsmanager-get-secrets/releases\"\u003eaws-actions/aws-secretsmanager-get-secrets's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3\u003c/h2\u003e\n\u003cp\u003eThis tracks the latest v3.x.x version\u003c/p\u003e\n\u003ch2\u003ev2.0.10\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eExtend cleanup list if list already contains items by \u003ca href=\"https://github.com/rmennes\"\u003e\u003ccode\u003e@​rmennes\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/aws-actions/aws-secretsmanager-get-secrets/pull/236\"\u003eaws-actions/aws-secretsmanager-get-secrets#236\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Bump codecov/codecov-action from 4.5.0 to 5.4.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/aws-actions/aws-secretsmanager-get-secrets/pull/248\"\u003eaws-actions/aws-secretsmanager-get-secrets#248\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix invalid URL by \u003ca href=\"https://github.com/reyhankoyun\"\u003e\u003ccode\u003e@​reyhankoyun\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/aws-actions/aws-secretsmanager-get-secrets/pull/254\"\u003eaws-actions/aws-secretsmanager-get-secrets#254\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rmennes\"\u003e\u003ccode\u003e@​rmennes\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/aws-actions/aws-secretsmanager-get-secrets/pull/236\"\u003eaws-actions/aws-secretsmanager-get-secrets#236\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/reyhankoyun\"\u003e\u003ccode\u003e@​reyhankoyun\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/aws-actions/aws-secretsmanager-get-secrets/pull/254\"\u003eaws-actions/aws-secretsmanager-get-secrets#254\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/aws-actions/aws-secretsmanager-get-secrets/compare/v2...v2.0.10\"\u003ehttps://github.com/aws-actions/aws-secretsmanager-get-secrets/compare/v2...v2.0.10\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.0.9\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix edge case having a value with numeric start and also a prefix by \u003ca href=\"https://github.com/Geethik07\"\u003e\u003ccode\u003e@​Geethik07\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/aws-actions/aws-secretsmanager-get-secrets/pull/242\"\u003eaws-actions/aws-secretsmanager-get-secrets#242\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003enpm upgrade by \u003ca href=\"https://github.com/simonmarty\"\u003e\u003ccode\u003e@​simonmarty\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/aws-actions/aws-secretsmanager-get-secrets/pull/244\"\u003eaws-actions/aws-secretsmanager-get-secrets#244\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Geethik07\"\u003e\u003ccode\u003e@​Geethik07\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/aws-actions/aws-secretsmanager-get-secrets/pull/242\"\u003eaws-actions/aws-secretsmanager-get-secrets#242\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/aws-actions/aws-secretsmanager-get-secrets/compare/v2...v2.0.9\"\u003ehttps://github.com/aws-actions/aws-secretsmanager-get-secrets/compare/v2...v2.0.9\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.0.8\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eGroup minor version updates by \u003ca href=\"https://github.com/simonmarty\"\u003e\u003ccode\u003e@​simonmarty\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/aws-actions/aws-secretsmanager-get-secrets/pull/208\"\u003eaws-actions/aws-secretsmanager-get-secrets#208\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded Timeout Configuration by \u003ca href=\"https://github.com/nikvpat\"\u003e\u003ccode\u003e@​nikvpat\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/aws-actions/aws-secretsmanager-get-secrets/pull/228\"\u003eaws-actions/aws-secretsmanager-get-secrets#228\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nikvpat\"\u003e\u003ccode\u003e@​nikvpat\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/aws-actions/aws-secretsmanager-get-secrets/pull/228\"\u003eaws-actions/aws-secretsmanager-get-secrets#228\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/aws-actions/aws-secretsmanager-get-secrets/compare/v2...v2.0.8\"\u003ehttps://github.com/aws-actions/aws-secretsmanager-get-secrets/compare/v2...v2.0.8\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.0.7\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eIncreasing auto select family attempt timeout by \u003ca href=\"https://github.com/jirkafajfr\"\u003e\u003ccode\u003e@​jirkafajfr\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/aws-actions/aws-secretsmanager-get-secrets/pull/205\"\u003eaws-actions/aws-secretsmanager-get-secrets#205\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/aws-actions/aws-secretsmanager-get-secrets/compare/v2...v2.0.7\"\u003ehttps://github.com/aws-actions/aws-secretsmanager-get-secrets/compare/v2...v2.0.7\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.0.6\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBump \u003ccode\u003e@​aws-sdk/client-secrets-manager\u003c/code\u003e from 3.554.0 to 3.592.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/aws-actions/aws-secretsmanager-get-secrets/pull/140\"\u003eaws-actions/aws-secretsmanager-get-secrets#140\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Bump aws-sdk-client-mock and aws-sdk-client-mock-jest by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/aws-actions/aws-secretsmanager-get-secrets/pull/143\"\u003eaws-actions/aws-secretsmanager-get-secrets#143\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump codecov/codecov-action from 4.3.0 to 4.4.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/aws-actions/aws-secretsmanager-get-secrets/pull/132\"\u003eaws-actions/aws-secretsmanager-get-secrets#132\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eName transformation documentation by \u003ca href=\"https://github.com/jirkafajfr\"\u003e\u003ccode\u003e@​jirkafajfr\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/aws-actions/aws-secretsmanager-get-secrets/pull/139\"\u003eaws-actions/aws-secretsmanager-get-secrets#139\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​aws-sdk/client-secrets-manager\u003c/code\u003e from 3.592.0 to 3.598.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/aws-actions/aws-secretsmanager-get-secrets/pull/146\"\u003eaws-actions/aws-secretsmanager-get-secrets#146\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump codecov/codecov-action from 4.4.1 to 4.5.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/aws-actions/aws-secretsmanager-get-secrets/pull/148\"\u003eaws-actions/aws-secretsmanager-get-secrets#148\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws-actions/aws-secretsmanager-get-secrets/commit/2cb1a461cbd4865ac4299648312e4704c646cd53\"\u003e\u003ccode\u003e2cb1a46\u003c/code\u003e\u003c/a\u003e Bump handlebars from 4.7.8 to 4.7.9 (\u003ca href=\"https://redirect.github.com/aws-actions/aws-secretsmanager-get-secrets/issues/301\"\u003e#301\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws-actions/aws-secretsmanager-get-secrets/commit/ebbee5c9ef1443f7f28f56b608e1a613b57208e5\"\u003e\u003ccode\u003eebbee5c\u003c/code\u003e\u003c/a\u003e Grant write permissions to the release workflow (\u003ca href=\"https://redirect.github.com/aws-actions/aws-secretsmanager-get-secrets/issues/300\"\u003e#300\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws-actions/aws-secretsmanager-get-secrets/commit/3a411b6ec5cace3d626412dd917e7bfeac242cfa\"\u003e\u003ccode\u003e3a411b6\u003c/code\u003e\u003c/a\u003e Bump version from 2.0.11 to 3.0.0 (\u003ca href=\"https://redirect.github.com/aws-actions/aws-secretsmanager-get-secrets/issues/297\"\u003e#297\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws-actions/aws-secretsmanager-get-secrets/commit/07435e35124a6b5cbb3f2e97c28b6f3690a82e88\"\u003e\u003ccode\u003e07435e3\u003c/code\u003e\u003c/a\u003e Remove actions/github, update actions/core (\u003ca href=\"https://redirect.github.com/aws-actions/aws-secretsmanager-get-secrets/issues/299\"\u003e#299\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws-actions/aws-secretsmanager-get-secrets/commit/bed0d0991595422bd74f5b396e29983981f31669\"\u003e\u003ccode\u003ebed0d09\u003c/code\u003e\u003c/a\u003e Update dependencies (\u003ca href=\"https://redirect.github.com/aws-actions/aws-secretsmanager-get-secrets/issues/298\"\u003e#298\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws-actions/aws-secretsmanager-get-secrets/commit/ca8dc6202765164ed873845259b9e991c171e1bb\"\u003e\u003ccode\u003eca8dc62\u003c/code\u003e\u003c/a\u003e chore: Bump flatted from 3.3.3 to 3.4.2 (\u003ca href=\"https://redirect.github.com/aws-actions/aws-secretsmanager-get-secrets/issues/295\"\u003e#295\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws-actions/aws-secretsmanager-get-secrets/commit/9c2003cc85cc7b581f4390adbe77a22f401fb8f0\"\u003e\u003ccode\u003e9c2003c\u003c/code\u003e\u003c/a\u003e Update dependencies (\u003ca href=\"https://redirect.github.com/aws-actions/aws-secretsmanager-get-secrets/issues/292\"\u003e#292\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws-actions/aws-secretsmanager-get-secrets/commit/8d2df8d4e48177e0447d47b5effcacf211143bb6\"\u003e\u003ccode\u003e8d2df8d\u003c/code\u003e\u003c/a\u003e Add versioned user-agent to AWS API calls (\u003ca href=\"https://redirect.github.com/aws-actions/aws-secretsmanager-get-secrets/issues/272\"\u003e#272\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws-actions/aws-secretsmanager-get-secrets/commit/aa511bf28c6767d1dea7a8d2330722fd992b3a15\"\u003e\u003ccode\u003eaa511bf\u003c/code\u003e\u003c/a\u003e fix: use OIDC for Codecov (\u003ca href=\"https://redirect.github.com/aws-actions/aws-secretsmanager-get-secrets/issues/266\"\u003e#266\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws-actions/aws-secretsmanager-get-secrets/commit/3f3c9752b3fde1951196edb0185103a9dd5ce651\"\u003e\u003ccode\u003e3f3c975\u003c/code\u003e\u003c/a\u003e Replace push dist/ with check dist/ (\u003ca href=\"https://redirect.github.com/aws-actions/aws-secretsmanager-get-secrets/issues/256\"\u003e#256\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/aws-actions/aws-secretsmanager-get-secrets/compare/v2...v3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `actions/github-script` from 8 to 9\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/github-script/releases\"\u003eactions/github-script's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev9.0.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eNew features:\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003egetOctokit\u003c/code\u003e factory function\u003c/strong\u003e — Available directly in the script context. Create additional authenticated Octokit clients with different tokens for multi-token workflows, GitHub App tokens, and cross-org access. See \u003ca href=\"https://github.com/actions/github-script#creating-additional-clients-with-getoctokit\"\u003eCreating additional clients with \u003ccode\u003egetOctokit\u003c/code\u003e\u003c/a\u003e for details and examples.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eOrchestration ID in user-agent\u003c/strong\u003e — The \u003ccode\u003eACTIONS_ORCHESTRATION_ID\u003c/code\u003e environment variable is automatically appended to the user-agent string for request tracing.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eBreaking changes:\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003erequire('@actions/github')\u003c/code\u003e no longer works in scripts.\u003c/strong\u003e The upgrade to \u003ccode\u003e@actions/github\u003c/code\u003e v9 (ESM-only) means \u003ccode\u003erequire('@actions/github')\u003c/code\u003e will fail at runtime. If you previously used patterns like \u003ccode\u003econst { getOctokit } = require('@actions/github')\u003c/code\u003e to create secondary clients, use the new injected \u003ccode\u003egetOctokit\u003c/code\u003e function instead — it's available directly in the script context with no imports needed.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003egetOctokit\u003c/code\u003e is now an injected function parameter. Scripts that declare \u003ccode\u003econst getOctokit = ...\u003c/code\u003e or \u003ccode\u003elet getOctokit = ...\u003c/code\u003e will get a \u003ccode\u003eSyntaxError\u003c/code\u003e because JavaScript does not allow \u003ccode\u003econst\u003c/code\u003e/\u003ccode\u003elet\u003c/code\u003e redeclaration of function parameters. Use the injected \u003ccode\u003egetOctokit\u003c/code\u003e directly, or use \u003ccode\u003evar getOctokit = ...\u003c/code\u003e if you need to redeclare it.\u003c/li\u003e\n\u003cli\u003eIf your script accesses other \u003ccode\u003e@actions/github\u003c/code\u003e internals beyond the standard \u003ccode\u003egithub\u003c/code\u003e/\u003ccode\u003eoctokit\u003c/code\u003e client, you may need to update those references for v9 compatibility.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd ACTIONS_ORCHESTRATION_ID to user-agent string by \u003ca href=\"https://github.com/Copilot\"\u003e\u003ccode\u003e@​Copilot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/695\"\u003eactions/github-script#695\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: use deployment: false for integration test environments by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/712\"\u003eactions/github-script#712\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat!: add getOctokit to script context, upgrade \u003ccode\u003e@​actions/github\u003c/code\u003e v9, \u003ccode\u003e@​octokit/core\u003c/code\u003e v7, and related packages by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/700\"\u003eactions/github-script#700\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Copilot\"\u003e\u003ccode\u003e@​Copilot\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/695\"\u003eactions/github-script#695\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/github-script/compare/v8.0.0...v9.0.0\"\u003ehttps://github.com/actions/github-script/compare/v8.0.0...v9.0.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/github-script/commit/3a2844b7e9c422d3c10d287c895573f7108da1b3\"\u003e\u003ccode\u003e3a2844b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/github-script/issues/700\"\u003e#700\u003c/a\u003e from actions/salmanmkc/expose-getoctokit + prepare re...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/github-script/commit/ca10bbdd1a7739de09e99a200c7a59f5d73a4079\"\u003e\u003ccode\u003eca10bbd\u003c/code\u003e\u003c/a\u003e fix: use \u003ccode\u003e@​octokit/core/\u003c/code\u003etypes import for v7 compatibility\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/github-script/commit/86e48e20ac85c970ed1f96e718fd068173948b7b\"\u003e\u003ccode\u003e86e48e2\u003c/code\u003e\u003c/a\u003e merge: incorporate main branch changes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/github-script/commit/c1084728b5b935ec4ddc1e4cee877b01797b3ff9\"\u003e\u003ccode\u003ec108472\u003c/code\u003e\u003c/a\u003e chore: rebuild dist for v9 upgrade and getOctokit factory\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/github-script/commit/afff112e4f8b57c718168af75b89ce00bc8d091d\"\u003e\u003ccode\u003eafff112\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/github-script/issues/712\"\u003e#712\u003c/a\u003e from actions/salmanmkc/deployment-false + fix user-ag...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/github-script/commit/ff8117e5b78c415f814f39ad6998f424fee7b817\"\u003e\u003ccode\u003eff8117e\u003c/code\u003e\u003c/a\u003e ci: fix user-agent test to handle orchestration ID\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/github-script/commit/81c6b7876079abe10ff715951c9fc7b3e1ab389d\"\u003e\u003ccode\u003e81c6b78\u003c/code\u003e\u003c/a\u003e ci: use deployment: false to suppress deployment noise from integration tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/github-script/commit/3953caf8858d318f37b6cc53a9f5708859b5a7b7\"\u003e\u003ccode\u003e3953caf\u003c/code\u003e\u003c/a\u003e docs: update README examples from \u003ca href=\"https://github.com/v8\"\u003e\u003ccode\u003e@​v8\u003c/code\u003e\u003c/a\u003e to \u003ca href=\"https://github.com/v9\"\u003e\u003ccode\u003e@​v9\u003c/code\u003e\u003c/a\u003e, add getOctokit docs and v9 brea...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/github-script/commit/c17d55b90dcdb3d554d0027a6c180a7adc2daf78\"\u003e\u003ccode\u003ec17d55b\u003c/code\u003e\u003c/a\u003e ci: add getOctokit integration test job\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/github-script/commit/a047196d9a02fe92098771cafbb98c2f1814e408\"\u003e\u003ccode\u003ea047196\u003c/code\u003e\u003c/a\u003e test: add getOctokit integration tests via callAsyncFunction\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/actions/github-script/compare/v8...v9\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `actions/create-github-app-token` from 3.1.1 to 3.2.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/create-github-app-token/releases\"\u003eactions/create-github-app-token's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.2.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/compare/v3.1.1...v3.2.0\"\u003e3.2.0\u003c/a\u003e (2026-05-12)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd support for enterprise-level GitHub Apps (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/263\"\u003e#263\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/952a2a7073df6bfa5f49bc469ec895b6ec1acea4\"\u003e952a2a7\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esupport full repository names in \u003ccode\u003erepositories\u003c/code\u003e input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/372\"\u003e#372\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/85eb8dd41472213aed25d1a126460e0069138ab6\"\u003e85eb8dd\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1 in the production-dependencies group (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/364\"\u003e#364\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/43e5c345bfd4d4f3ecea019ad0042001a09dd857\"\u003e43e5c34\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003evalidate private-key input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/376\"\u003e#376\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/f24bbd89643991c0de27ae823c01791b2c6bafdd\"\u003ef24bbd8\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/create-github-app-token/blob/main/CHANGELOG.md\"\u003eactions/create-github-app-token's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/compare/v3.1.1...v3.2.0\"\u003e3.2.0\u003c/a\u003e (2026-05-12)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd support for enterprise-level GitHub Apps (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/263\"\u003e#263\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/952a2a7073df6bfa5f49bc469ec895b6ec1acea4\"\u003e952a2a7\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esupport full repository names in \u003ccode\u003erepositories\u003c/code\u003e input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/372\"\u003e#372\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/85eb8dd41472213aed25d1a126460e0069138ab6\"\u003e85eb8dd\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1 in the production-dependencies group (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/364\"\u003e#364\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/43e5c345bfd4d4f3ecea019ad0042001a09dd857\"\u003e43e5c34\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003evalidate private-key input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/376\"\u003e#376\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/f24bbd89643991c0de27ae823c01791b2c6bafdd\"\u003ef24bbd8\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/bcd2ba49218906704ab6c1aa796996da409d3eb1\"\u003e\u003ccode\u003ebcd2ba4\u003c/code\u003e\u003c/a\u003e chore(main): release 3.2.0 (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/370\"\u003e#370\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/f24bbd89643991c0de27ae823c01791b2c6bafdd\"\u003e\u003ccode\u003ef24bbd8\u003c/code\u003e\u003c/a\u003e fix: validate private-key input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/376\"\u003e#376\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/363531b6d972a60a00b3f1e6bb139e5e6c764cd9\"\u003e\u003ccode\u003e363531b\u003c/code\u003e\u003c/a\u003e docs: capitalize Git as a proper noun in README (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/374\"\u003e#374\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/fd2801133e469d2950f2c5af5e591d6b2ad833c8\"\u003e\u003ccode\u003efd28011\u003c/code\u003e\u003c/a\u003e docs: update procedure to configure Git (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/287\"\u003e#287\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/85eb8dd41472213aed25d1a126460e0069138ab6\"\u003e\u003ccode\u003e85eb8dd\u003c/code\u003e\u003c/a\u003e feat: support full repository names in \u003ccode\u003erepositories\u003c/code\u003e input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/372\"\u003e#372\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/c9aabb83728c3bd519212fa657ebc07e1f2a5dec\"\u003e\u003ccode\u003ec9aabb8\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump yaml from 2.8.3 to 2.8.4 in the development-dependencie...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/e02e816e5591415258a53bf735aff57977dcd5e2\"\u003e\u003ccode\u003ee02e816\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump undici from 7.24.6 to 8.2.0 (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/366\"\u003e#366\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/8d835bfd37aa48fcb8e709925115857568d98bc4\"\u003e\u003ccode\u003e8d835bf\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump esbuild from 0.27.4 to 0.28.0 in the development-depend...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/952a2a7073df6bfa5f49bc469ec895b6ec1acea4\"\u003e\u003ccode\u003e952a2a7\u003c/code\u003e\u003c/a\u003e feat: add support for enterprise-level GitHub Apps (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/263\"\u003e#263\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/43e5c345bfd4d4f3ecea019ad0042001a09dd857\"\u003e\u003ccode\u003e43e5c34\u003c/code\u003e\u003c/a\u003e fix(deps): bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1 in the production-dependenc...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/actions/create-github-app-token/compare/1b10c78c7865c340bc4f6099eb2f838309f1e8c3...bcd2ba49218906704ab6c1aa796996da409d3eb1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github/codeql-action` from 4.35.2 to 4.36.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/github/codeql-action/releases\"\u003egithub/codeql-action's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.36.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cem\u003eBreaking change\u003c/em\u003e: Bump the minimum required CodeQL bundle version to 2.19.4. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3894\"\u003e#3894\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd support for SHA-256 Git object IDs. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3893\"\u003e#3893\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.5\"\u003e2.25.5\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3926\"\u003e#3926\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.35.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eWe have improved how the JavaScript bundles for the CodeQL Action are generated to avoid duplication across bundles and reduce the size of the repository by around 70%. This should have no effect on the runtime behaviour of the CodeQL Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3899\"\u003e#3899\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFor performance and accuracy reasons, \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e will now only be enabled on a pull request when diff-informed analysis is also enabled for that run. If diff-informed analysis is unavailable (for example, because the PR diff ranges could not be computed), the action will fall back to a full analysis. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3791\"\u003e#3791\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIf multiple inputs are provided for the GitHub-internal \u003ccode\u003eanalysis-kinds\u003c/code\u003e input, only \u003ccode\u003ecode-scanning\u003c/code\u003e will be enabled. The \u003ccode\u003eanalysis-kinds\u003c/code\u003e input is experimental, for GitHub-internal use only, and may change without notice at any time. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3892\"\u003e#3892\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded an experimental change which, when running a Code Scanning analysis for a PR with \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e enabled, prefers CodeQL CLI versions that have a cached overlay-base database for the configured languages. This speeds up analysis for a repository when there is not yet a cached overlay-base database for the latest CLI version. We expect to roll this change out to everyone in May. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3880\"\u003e#3880\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.35.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.4\"\u003e2.25.4\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3881\"\u003e#3881\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.35.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cem\u003eUpcoming breaking change\u003c/em\u003e: Add a deprecation warning for customers using CodeQL version 2.19.3 and earlier. These versions of CodeQL were discontinued on 9 April 2026 alongside GitHub Enterprise Server 3.15, and will be unsupported by the next minor release of the CodeQL Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3837\"\u003e#3837\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eConfigurations for private registries that use Cloudsmith or GCP OIDC are now accepted. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3850\"\u003e#3850\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBest-effort connection tests for private registries now use \u003ccode\u003eGET\u003c/code\u003e requests instead of \u003ccode\u003eHEAD\u003c/code\u003e for better compatibility with various registry implementations. For NuGet feeds, the test is now always performed against the service index. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3853\"\u003e#3853\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed a bug where two diagnostics produced within the same millisecond could overwrite each other on disk, causing one of them to be lost. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3852\"\u003e#3852\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.3\"\u003e2.25.3\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3865\"\u003e#3865\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/github/codeql-action/blob/main/CHANGELOG.md\"\u003egithub/codeql-action's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eCodeQL Action Changelog\u003c/h1\u003e\n\u003cp\u003eSee the \u003ca href=\"https://github.com/github/codeql-action/releases\"\u003ereleases page\u003c/a\u003e for the relevant changes to the CodeQL CLI and language packs.\u003c/p\u003e\n\u003ch2\u003e[UNRELEASED]\u003c/h2\u003e\n\u003cp\u003eNo user facing changes.\u003c/p\u003e\n\u003ch2\u003e4.36.0 - 22 May 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cem\u003eBreaking change\u003c/em\u003e: Bump the minimum required CodeQL bundle version to 2.19.4. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3894\"\u003e#3894\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd support for SHA-256 Git object IDs. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3893\"\u003e#3893\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.5\"\u003e2.25.5\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3926\"\u003e#3926\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.5 - 15 May 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eWe have improved how the JavaScript bundles for the CodeQL Action are generated to avoid duplication across bundles and reduce the size of the repository by around 70%. This should have no effect on the runtime behaviour of the CodeQL Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3899\"\u003e#3899\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFor performance and accuracy reasons, \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e will now only be enabled on a pull request when diff-informed analysis is also enabled for that run. If diff-informed analysis is unavailable (for example, because the PR diff ranges could not be computed), the action will fall back to a full analysis. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3791\"\u003e#3791\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIf multiple inputs are provided for the GitHub-internal \u003ccode\u003eanalysis-kinds\u003c/code\u003e input, only \u003ccode\u003ecode-scanning\u003c/code\u003e will be enabled. The \u003ccode\u003eanalysis-kinds\u003c/code\u003e input is experimental, for GitHub-internal use only, and may change without notice at any time. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3892\"\u003e#3892\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded an experimental change which, when running a Code Scanning analysis for a PR with \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e enabled, prefers CodeQL CLI versions that have a cached overlay-base database for the configured languages. This speeds up analysis for a repository when there is not yet a cached overlay-base database for the latest CLI version. We expect to roll this change out to everyone in May. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3880\"\u003e#3880\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.4 - 07 May 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.4\"\u003e2.25.4\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3881\"\u003e#3881\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.3 - 01 May 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cem\u003eUpcoming breaking change\u003c/em\u003e: Add a deprecation warning for customers using CodeQL version 2.19.3 and earlier. These versions of CodeQL were discontinued on 9 April 2026 alongside GitHub Enterprise Server 3.15, and will be unsupported by the next minor release of the CodeQL Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3837\"\u003e#3837\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eConfigurations for private registries that use Cloudsmith or GCP OIDC are now accepted. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3850\"\u003e#3850\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBest-effort connection tests for private registries now use \u003ccode\u003eGET\u003c/code\u003e requests instead of \u003ccode\u003eHEAD\u003c/code\u003e for better compatibility with various registry implementations. For NuGet feeds, the test is now always performed against the service index. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3853\"\u003e#3853\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed a bug where two diagnostics produced within the same millisecond could overwrite each other on disk, causing one of them to be lost. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3852\"\u003e#3852\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.3\"\u003e2.25.3\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3865\"\u003e#3865\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.2 - 15 Apr 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eThe undocumented TRAP cache cleanup feature that could be enabled using the \u003ccode\u003eCODEQL_ACTION_CLEANUP_TRAP_CACHES\u003c/code\u003e environment variable is deprecated and will be removed in May 2026. If you are affected by this, we recommend disabling TRAP caching by passing the \u003ccode\u003etrap-caching: false\u003c/code\u003e input to the \u003ccode\u003einit\u003c/code\u003e Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3795\"\u003e#3795\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe Git version 2.36.0 requirement for improved incremental analysis now only applies to repositories that contain submodules. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3789\"\u003e#3789\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePython analysis on GHES no longer extracts the standard library, relying instead on models of the standard library. This should result in significantly faster extraction and analysis times, while the effect on alerts should be minimal. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3794\"\u003e#3794\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed a bug in the validation of OIDC configurations for private registries that was added in CodeQL Action 4.33.0 / 3.33.0. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3807\"\u003e#3807\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.2\"\u003e2.25.2\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3823\"\u003e#3823\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.1 - 27 Mar 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix incorrect minimum required Git version for \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e: it should have been 2.36.0, not 2.11.0. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3781\"\u003e#3781\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.0 - 27 Mar 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReduced the minimum Git version required for \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e from 2.38.0 to 2.11.0. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3767\"\u003e#3767\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.1\"\u003e2.25.1\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3773\"\u003e#3773\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/7211b7c8077ea37d8641b6271f6a365a22a5fbfa\"\u003e\u003ccode\u003e7211b7c\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3927\"\u003e#3927\u003c/a\u003e from github/update-v4.36.0-ebc2d9e2b\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/7740f2fb21add1d46278215acea47540db22f022\"\u003e\u003ccode\u003e7740f2f\u003c/code\u003e\u003c/a\u003e Update changelog for v4.36.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/ebc2d9e2bc247eec51bee8d4df806c4030eb0761\"\u003e\u003ccode\u003eebc2d9e\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3926\"\u003e#3926\u003c/a\u003e from github/update-bundle/codeql-bundle-v2.25.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/d1f74b777c95c777bf4f42ce4b250bc916e745c7\"\u003e\u003ccode\u003ed1f74b7\u003c/code\u003e\u003c/a\u003e Add changelog note\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/2dc40cec39bdc63d3561d74fa6100cebb0418ff4\"\u003e\u003ccode\u003e2dc40ce\u003c/code\u003e\u003c/a\u003e Update default bundle to codeql-bundle-v2.25.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/84498526a009a99c875e83ef4821a8ba52de7c22\"\u003e\u003ccode\u003e8449852\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3910\"\u003e#3910\u003c/a\u003e from github/henrymercer/repo-size-diff-check\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/72ac23c6d16b29fbe801e87e3439941558c53094\"\u003e\u003ccode\u003e72ac23c\u003c/code\u003e\u003c/a\u003e Update excluded required check list\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/c5297a28a2c3e6a8062041b58858bd7117cebe37\"\u003e\u003ccode\u003ec5297a2\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3919\"\u003e#3919\u003c/a\u003e from github/henrymercer/workflow-concurrency\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/8ffeae7d05bc1b914a009d197e64e4f5c9e14503\"\u003e\u003ccode\u003e8ffeae7\u003c/code\u003e\u003c/a\u003e CI: Automatically cancel non-generated workflows\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/f3f52bf568dc44a1069faafa538caa6b1fec40c9\"\u003e\u003ccode\u003ef3f52bf\u003c/code\u003e\u003c/a\u003e Revert \u003ccode\u003egetErrorMessage\u003c/code\u003e import\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/github/codeql-action/compare/95e58e9a2cdfd71adc6e0353d5c52f41a045d225...7211b7c8077ea37d8641b6271f6a365a22a5fbfa\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `slackapi/slack-github-action` from 3.0.2 to 3.0.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/slackapi/slack-github-action/releases\"\u003eslackapi/slack-github-action's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eSlack GitHub Action v3.0.3\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e66834e4: feat: add instrumentation to address error rates\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/slackapi/slack-github-action/blob/main/CHANGELOG.md\"\u003eslackapi/slack-github-action's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eslack-github-action\u003c/h1\u003e\n\u003ch2\u003e3.0.3\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e66834e4: feat: add instrumentation to address error rates\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.2\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e79529d7: fix: resolve url.parse deprecation warning for webhook techniques\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/slackapi/slack-github-action/commit/45a88b9581bfab2566dc881e2cd66d334e621e2c\"\u003e\u003ccode\u003e45a88b9\u003c/code\u003e\u003c/a\u003e chore: release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/slackapi/slack-github-action/commit/1c0bcf08feaa559a9bcfcc249184e13b136ffa55\"\u003e\u003ccode\u003e1c0bcf0\u003c/code\u003e\u003c/a\u003e chore: release (\u003ca href=\"https://redirect.github.com/slackapi/slack-github-action/issues/606\"\u003e#606\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/slackapi/slack-github-action/commit/66834e4b0cad4cbf09ca680587ad8af71d615d4b\"\u003e\u003ccode\u003e66834e4\u003c/code\u003e\u003c/a\u003e feat: add instrumentation to address error rates (\u003ca href=\"https://redirect.github.com/slackapi/slack-github-action/issues/600\"\u003e#600\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/slackapi/slack-github-action/commit/0fe0f902b9f8da107ca0e1314a388c0f57e20d48\"\u003e\u003ccode\u003e0fe0f90\u003c/code\u003e\u003c/a\u003e build(deps): bump \u003ccode\u003e@​actions/github\u003c/code\u003e from 9.0.0 to 9.1.1 (\u003ca href=\"https://redirect.github.com/slackapi/slack-github-action/issues/605\"\u003e#605\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/slackapi/slack-github-action/commit/c5e70597945c255539c5218d4178ed3c7d8188be\"\u003e\u003ccode\u003ec5e7059\u003c/code\u003e\u003c/a\u003e build(deps): bump \u003ccode\u003e@​slack/web-api\u003c/code\u003e from 7.15.0 to 7.15.1 (\u003ca href=\"https://redirect.github.com/slackapi/slack-github-action/issues/604\"\u003e#604\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/slackapi/slack-github-action/commit/0325526875571a27abcfd2b302453a90871abbff\"\u003e\u003ccode\u003e0325526\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump \u003ccode\u003e@​biomejs/biome\u003c/code\u003e from 2.4.10 to 2.4.13 (\u003ca href=\"https://redirect.github.com/slackapi/slack-github-action/issues/601\"\u003e#601\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/slackapi/slack-github-action/commit/900cd3e6fa9d6eacd8a5512ecff230d08e65aec7\"\u003e\u003ccode\u003e900cd3e\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump \u003ccode\u003e@​types/node\u003c/code\u003e from 24.12.0 to 24.12.2 (\u003ca href=\"https://redirect.github.com/slackapi/slack-github-action/issues/603\"\u003e#603\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/slackapi/slack-github-action/commit/53fdcffeb6e4d34cbdf3276f7beadb0ecc7c9fcd\"\u003e\u003ccode\u003e53fdcff\u003c/code\u003e\u003c/a\u003e build(deps): bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1 (\u003ca href=\"https://redirect.github.com/slackapi/slack-github-action/issues/602\"\u003e#602\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/slackapi/slack-github-action/commit/26856cc7fb2c1c2951483645f5fdc3643dbe96eb\"\u003e\u003ccode\u003e26856cc\u003c/code\u003e\u003c/a\u003e build(deps): bump slackapi/slack-github-action from 3.0.1 to 3.0.2 (\u003ca href=\"https://redirect.github.com/slackapi/slack-github-action/issues/596\"\u003e#596\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/slackapi/slack-github-action/commit/feba1e29702383a5a3cd5136af0559ba10859b04\"\u003e\u003ccode\u003efeba1e2\u003c/code\u003e\u003c/a\u003e ci: skip publish step if no release is needed (\u003ca href=\"https://redirect.github.com/slackapi/slack-github-action/issues/599\"\u003e#599\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/slackapi/slack-github-action/compare/03ea5433c137af7c0495bc0cad1af10403fc800c...45a88b9581bfab2566dc881e2cd66d334e621e2c\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `release-drafter/release-drafter` from 7.2.0 to 7.3.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/release-drafter/release-drafter/releases\"\u003erelease-drafter/release-drafter's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.3.1\u003c/h2\u003e\n\u003ch1\u003eWhat's Changed\u003c/h1\u003e\n\u003ch2\u003eBug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: output name and tag_name in dry-run mode (\u003ca href=\"https://redirect.github.com/release-drafter/release-drafter/issues/1625\"\u003e#1625\u003c/a\u003e) \u003ca href=\"https://github.com/cchanche\"\u003e\u003ccode\u003e@​cchanche\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eMaintenance\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003echore(deps): update graphql-codegen to 7.0.0 (\u003ca href=\"https://redirect.github.com/release-drafter/release-drafter/issues/1619\"\u003e#1619\u003c/a\u003e) @\u003ca href=\"https://github.com/apps/renovate\"\u003erenovate[bot]\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): update dependency nock to 14.0.15 (\u003ca href=\"https://redirect.github.com/release-drafter/release-drafter/issues/1609\"\u003e#1609\u003c/a\u003e) @\u003ca href=\"https://github.com/apps/renovate\"\u003erenovate[bot]\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): update graphql-codegen (\u003ca href=\"https://redirect.github.com/release-drafter/release-drafter/issues/1615\"\u003e#1615\u003c/a\u003e) @\u003ca href=\"https://github.com/apps/renovate\"\u003erenovate[bot]\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): update dependency typescript to 6.0.3 (\u003ca href=\"https://redirect.github.com/release-drafter/release-drafter/issues/1610\"\u003e#1610\u003c/a\u003e) @\u003ca href=\"https://github.com/apps/renovate\"\u003erenovate[bot]\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci(deps): update actions/download-artifact action to v8.0.1 (\u003ca href=\"https://redirect.github.com/release-drafter/release-drafter/issues/1620\"\u003e#1620\u003c/a\u003e) @\u003ca href=\"https://github.com/apps/renovate\"\u003erenovate[bot]\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): update dependency \u003ccode\u003e@​types/node\u003c/code\u003e to 24.12.3 (\u003ca href=\"https://redirect.github.com/release-drafter/release-drafter/issues/1608\"\u003e#1608\u003c/a\u003e) @\u003ca href=\"https://github.com/apps/renovate\"\u003erenovate[bot]\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): update vitest to 4.1.5 (\u003ca href=\"https://redirect.github.com/release-drafter/release-drafter/issues/1612\"\u003e#1612\u003c/a\u003e) @\u003ca href=\"https://github.com/apps/renovate\"\u003erenovate[bot]\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): update dependency \u003ccode\u003e@​biomejs/biome\u003c/code\u003e to 2.4.15 (\u003ca href=\"https://redirect.github.com/release-drafter/release-drafter/issues/1607\"\u003e#1607\u003c/a\u003e) @\u003ca href=\"https://github.com/apps/renovate\"\u003erenovate[bot]\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): update dependency vite to 8.0.11 (\u003ca href=\"https://redirect.github.com/release-drafter/release-drafter/issues/1611\"\u003e#1611\u003c/a\u003e) @\u003ca href=\"https://github.com/apps/renovate\"\u003erenovate[bot]\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci(deps): pin dependencies (\u003ca href=\"https://redirect.github.com/release-drafter/release-drafter/issues/1606\"\u003e#1606\u003c/a\u003e) @\u003ca href=\"https://github.com/apps/renovate\"\u003erenovate[bot]\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDependency Updates\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cul\u003e\n\u003cli\u003echore(deps): update node.js to v24.15.0 (\u003ca href=\"https://redirect.github.com/release-drafter/release-drafter/issues/1616\"\u003e#1616\u003c/a\u003e) @\u003ca href=\"https://github.com/apps/renovate\"\u003erenovate[bot]\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): update vite to v8.0.13 and vitest to v4.1.6 (\u003ca href=\"https://redirect.github.com/release-drafter/release-drafter/issues/1624\"\u003e#1624\u003c/a\u003e) \u003ca href=\"https://github.com/cchanche\"\u003e\u003ccode\u003e@​cchanche\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(deps): update dependency semver to 7.8.0 (\u003ca href=\"https://redirect.github.com/release-drafter/release-drafter/issues/1622\"\u003e#1622\u003c/a\u003e) @\u003ca href=\"https://github.com/apps/renovate\"\u003erenovate[bot]\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): update npm tool constraint to 11.14.1 (\u003ca href=\"https://redirect.github.com/release-drafter/release-drafter/issues/1617\"\u003e#1617\u003c/a\u003e) @\u003ca href=\"https://github.com/apps/renovate\"\u003erenovate[bot]\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(deps): update dependency zod to 4.4.3 (\u003ca href=\"https://redirect.github.com/release-drafter/release-drafter/issues/1618\"\u003e#1618\u003c/a\u003e) @\u003ca href=\"https://github.com/apps/renovate\"\u003erenovate[bot]\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(deps): update actions (\u003ca href=\"https://redirect.github.com/release-drafter/release-drafter/issues/1613\"\u003e#1613\u003c/a\u003e) @\u003ca href=\"https://github.com/apps/renovate\"\u003erenovate[bot]\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): update dependency \u003ccode\u003e@​biomejs/biome\u003c/code\u003e to 2.4.15 (\u003ca href=\"https://redirect.github.com/release-drafter/release-drafter/issues/1607\"\u003e#1607\u003c/a\u003e) @\u003ca href=\"https://github.com/apps/renovate\"\u003erenovate[bot]\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(deps): update dependency yaml to 2.8.4 (\u003ca href=\"https://redirect.github.com/release-drafter/release-drafter/issues/1614\"\u003e#1614\u003c/a\u003e) @\u003ca href=\"https://github.com/apps/renovate\"\u003erenovate[bot]\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/release-drafter/release-drafter/compare/v7.3.0...v7.3.1\"\u003ehttps://github.com/release-drafter/release-drafter/compare/v7.3.0...v7.3.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev7.3.0\u003c/h2\u003e\n\u003ch1\u003eWhat's Changed\u003c/h1\u003e\n\u003ch2\u003eNew\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat: recover recently merged PRs missed by associated PRs lag (\u003ca href=\"https://redirect.github.com/release-drafter/release-drafter/issues/1604\"\u003e#1604\u003c/a\u003e) \u003ca href=\"https://github.com/jetersen\"\u003e\u003ccode\u003e@​jetersen\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: switch release discovery to ref comparison and explicit missing-baseline warnings (\u003ca href=\"https://redirect.github.com/release-drafter/release-drafter/issues/1570\"\u003e#1570\u003c/a\u003e) \u003ca href=\"https://github.com/jetersen\"\u003e\u003ccode\u003e@​jetersen\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eBug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: restore prerelease-identifier on first run when no prior releases exist (\u003ca href=\"https://redirect.github.com/release-drafter/release-drafter/issues/1602\"\u003e#1602\u003c/a\u003e) \u003ca href=\"https://github.com/jrbeilke\"\u003e\u003ccode\u003e@​jrbeilke\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: prevent using commitish like refs/pull (\u003ca href=\"https://redirect.github.com/release-drafter/release-drafter/issues/1598\"\u003e#1598\u003c/a\u003e) \u003ca href=\"https://github.com/cchanche\"\u003e\u003ccode\u003e@​cchanche\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/release-drafter/release-drafter/commit/693d20e7c1ce1a81d3a41962f85914253b518449\"\u003e\u003ccode\u003e693d20e\u003c/code\u003e\u003c/a\u003e chore: release v7.3.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/release-drafter/release-drafter/commit/8339e41baa2bbe599e9144446202a730b0b512dc\"\u003e\u003ccode\u003e8339e41\u003c/code\u003e\u003c/a\u003e docs: update contributing docs for release process\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/release-drafter/release-drafter/commit/62d8da40388ce452db900d9dd413236c55d8527b\"\u003e\u003ccode\u003e62d8da4\u003c/code\u003e\u003c/a\u003e fix: output name and tag_name in dry-run mode (\u003ca href=\"https://redirect.github.com/release-drafter/release-drafter/issues/1625\"\u003e#1625\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/release-drafter/release-drafter/commit/2c6d3958ca8ff5559d1816902d569397e6e7cd40\"\u003e\u003ccode\u003e2c6d395\u003c/code\u003e\u003c/a\u003e chore(deps): update node.js to v24.15.0 (\u003ca href=\"https://redirect.github.com/release-drafter/release-drafter/issues/1616\"\u003e#1616\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/release-drafter/release-drafter/commit/3b62240da12f1ebb0e312c0e333efb7c975c9f83\"\u003e\u003ccode\u003e3b62240\u003c/code\u003e\u003c/a\u003e chore(deps): update vite to v8.0.13 and vitest to v4.1.6 (\u003ca href=\"https://redirect.github.com/release-drafter/release-drafter/issues/1624\"\u003e#1624\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/release-drafter/release-drafter/commit/446e1517c52f0f2658eccfb62fe528f3c863e2ce\"\u003e\u003ccode\u003e446e151\u003c/code\u003e\u003c/a\u003e fix(deps): adapt to graphql-codegen 7 type changes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/release-drafter/release-drafter/commit/4cd06dcb5f73b1a2c718f7902ca013a7b3ebffc1\"\u003e\u003ccode\u003e4cd06dc\u003c/code\u003e\u003c/a\u003e chore(deps): update graphql-codegen to 7.0.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/release-drafter/release-drafter/commit/80457684ebeb5980a2523289611de1d198148dc0\"\u003e\u003ccode\u003e8045768\u003c/code\u003e\u003c/a\u003e fix(deps): update dependency semver to 7.8.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/release-drafter/release-drafter/commit/1cf836b3aa269940ddd548267ab0a35726568d79\"\u003e\u003ccode\u003e1cf836b\u003c/code\u003e\u003c/a\u003e ci(release): use local action for publish step\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/release-drafter/release-drafter/commit/485c120935331ce9b7d39543ad7441a80d6c7194\"\u003e\u003ccode\u003e485c120\u003c/code\u003e\u003c/a\u003e chore(deps): update npm tool constraint to 11.14.1\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/release-drafter/release-drafter/compare/5de93583980a40bd78603b6dfdcda5b4df377b32...693d20e7c1ce1a81d3a41962f85914253b518449\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\n\n\n\u003c/details\u003e","html_url":"https://github.com/liquibase/liquibase/pull/7762","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/liquibase%2Fliquibase/issues/7762","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/7762/packages"},{"uuid":"4516020693","node_id":"PR_kwDODvD-Ss7e_lrs","number":3083,"state":"closed","title":"Bump actions/create-github-app-token from 3.1.1 to 3.2.0","user":"dependabot[bot]","labels":["dependencies","github-actions"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-05-27T11:58:40.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-25T09:58:43.000Z","updated_at":"2026-05-27T11:58:43.000Z","time_to_close":179997,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"actions/create-github-app-token","old_version":"3.1.1","new_version":"3.2.0","repository_url":"https://github.com/actions/create-github-app-token"}],"path":null,"ecosystem":"actions"},"body":"Bumps [actions/create-github-app-token](https://github.com/actions/create-github-app-token) from 3.1.1 to 3.2.0.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/create-github-app-token/releases\"\u003eactions/create-github-app-token's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.2.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/compare/v3.1.1...v3.2.0\"\u003e3.2.0\u003c/a\u003e (2026-05-12)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd support for enterprise-level GitHub Apps (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/263\"\u003e#263\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/952a2a7073df6bfa5f49bc469ec895b6ec1acea4\"\u003e952a2a7\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esupport full repository names in \u003ccode\u003erepositories\u003c/code\u003e input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/372\"\u003e#372\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/85eb8dd41472213aed25d1a126460e0069138ab6\"\u003e85eb8dd\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1 in the production-dependencies group (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/364\"\u003e#364\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/43e5c345bfd4d4f3ecea019ad0042001a09dd857\"\u003e43e5c34\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003evalidate private-key input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/376\"\u003e#376\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/f24bbd89643991c0de27ae823c01791b2c6bafdd\"\u003ef24bbd8\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/create-github-app-token/blob/main/CHANGELOG.md\"\u003eactions/create-github-app-token's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/compare/v3.1.1...v3.2.0\"\u003e3.2.0\u003c/a\u003e (2026-05-12)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd support for enterprise-level GitHub Apps (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/263\"\u003e#263\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/952a2a7073df6bfa5f49bc469ec895b6ec1acea4\"\u003e952a2a7\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esupport full repository names in \u003ccode\u003erepositories\u003c/code\u003e input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/372\"\u003e#372\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/85eb8dd41472213aed25d1a126460e0069138ab6\"\u003e85eb8dd\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1 in the production-dependencies group (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/364\"\u003e#364\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/43e5c345bfd4d4f3ecea019ad0042001a09dd857\"\u003e43e5c34\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003evalidate private-key input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/376\"\u003e#376\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/f24bbd89643991c0de27ae823c01791b2c6bafdd\"\u003ef24bbd8\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/bcd2ba49218906704ab6c1aa796996da409d3eb1\"\u003e\u003ccode\u003ebcd2ba4\u003c/code\u003e\u003c/a\u003e chore(main): release 3.2.0 (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/370\"\u003e#370\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/f24bbd89643991c0de27ae823c01791b2c6bafdd\"\u003e\u003ccode\u003ef24bbd8\u003c/code\u003e\u003c/a\u003e fix: validate private-key input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/376\"\u003e#376\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/363531b6d972a60a00b3f1e6bb139e5e6c764cd9\"\u003e\u003ccode\u003e363531b\u003c/code\u003e\u003c/a\u003e docs: capitalize Git as a proper noun in README (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/374\"\u003e#374\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/fd2801133e469d2950f2c5af5e591d6b2ad833c8\"\u003e\u003ccode\u003efd28011\u003c/code\u003e\u003c/a\u003e docs: update procedure to configure Git (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/287\"\u003e#287\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/85eb8dd41472213aed25d1a126460e0069138ab6\"\u003e\u003ccode\u003e85eb8dd\u003c/code\u003e\u003c/a\u003e feat: support full repository names in \u003ccode\u003erepositories\u003c/code\u003e input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/372\"\u003e#372\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/c9aabb83728c3bd519212fa657ebc07e1f2a5dec\"\u003e\u003ccode\u003ec9aabb8\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump yaml from 2.8.3 to 2.8.4 in the development-dependencie...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/e02e816e5591415258a53bf735aff57977dcd5e2\"\u003e\u003ccode\u003ee02e816\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump undici from 7.24.6 to 8.2.0 (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/366\"\u003e#366\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/8d835bfd37aa48fcb8e709925115857568d98bc4\"\u003e\u003ccode\u003e8d835bf\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump esbuild from 0.27.4 to 0.28.0 in the development-depend...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/952a2a7073df6bfa5f49bc469ec895b6ec1acea4\"\u003e\u003ccode\u003e952a2a7\u003c/code\u003e\u003c/a\u003e feat: add support for enterprise-level GitHub Apps (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/263\"\u003e#263\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/43e5c345bfd4d4f3ecea019ad0042001a09dd857\"\u003e\u003ccode\u003e43e5c34\u003c/code\u003e\u003c/a\u003e fix(deps): bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1 in the production-dependenc...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/actions/create-github-app-token/compare/v3.1.1...v3.2.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/create-github-app-token\u0026package-manager=github_actions\u0026previous-version=3.1.1\u0026new-version=3.2.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/opensafely-core/opencodelists/pull/3083","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/opensafely-core%2Fopencodelists/issues/3083","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/3083/packages"},{"uuid":"4514673162","node_id":"PR_kwDOPwkOmM7e7MvK","number":137,"state":"open","title":"chore(deps): bump actions/create-github-app-token from 3.1.1 to 3.2.0 in the minor-and-patch group","user":"dependabot[bot]","labels":["dependencies","github_actions"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-25T06:05:59.000Z","updated_at":"2026-05-25T06:06:57.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps)","packages":[{"name":"actions/create-github-app-token","old_version":"3.1.1","new_version":"3.2.0","repository_url":"https://github.com/actions/create-github-app-token"}],"path":"the minor-and-patch group","ecosystem":"actions"},"body":"Bumps the minor-and-patch group with 1 update: [actions/create-github-app-token](https://github.com/actions/create-github-app-token).\n\nUpdates `actions/create-github-app-token` from 3.1.1 to 3.2.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/create-github-app-token/releases\"\u003eactions/create-github-app-token's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.2.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/compare/v3.1.1...v3.2.0\"\u003e3.2.0\u003c/a\u003e (2026-05-12)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd support for enterprise-level GitHub Apps (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/263\"\u003e#263\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/952a2a7073df6bfa5f49bc469ec895b6ec1acea4\"\u003e952a2a7\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esupport full repository names in \u003ccode\u003erepositories\u003c/code\u003e input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/372\"\u003e#372\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/85eb8dd41472213aed25d1a126460e0069138ab6\"\u003e85eb8dd\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1 in the production-dependencies group (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/364\"\u003e#364\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/43e5c345bfd4d4f3ecea019ad0042001a09dd857\"\u003e43e5c34\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003evalidate private-key input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/376\"\u003e#376\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/f24bbd89643991c0de27ae823c01791b2c6bafdd\"\u003ef24bbd8\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/create-github-app-token/blob/main/CHANGELOG.md\"\u003eactions/create-github-app-token's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/compare/v3.1.1...v3.2.0\"\u003e3.2.0\u003c/a\u003e (2026-05-12)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd support for enterprise-level GitHub Apps (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/263\"\u003e#263\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/952a2a7073df6bfa5f49bc469ec895b6ec1acea4\"\u003e952a2a7\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esupport full repository names in \u003ccode\u003erepositories\u003c/code\u003e input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/372\"\u003e#372\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/85eb8dd41472213aed25d1a126460e0069138ab6\"\u003e85eb8dd\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1 in the production-dependencies group (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/364\"\u003e#364\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/43e5c345bfd4d4f3ecea019ad0042001a09dd857\"\u003e43e5c34\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003evalidate private-key input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/376\"\u003e#376\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/f24bbd89643991c0de27ae823c01791b2c6bafdd\"\u003ef24bbd8\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/bcd2ba49218906704ab6c1aa796996da409d3eb1\"\u003e\u003ccode\u003ebcd2ba4\u003c/code\u003e\u003c/a\u003e chore(main): release 3.2.0 (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/370\"\u003e#370\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/f24bbd89643991c0de27ae823c01791b2c6bafdd\"\u003e\u003ccode\u003ef24bbd8\u003c/code\u003e\u003c/a\u003e fix: validate private-key input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/376\"\u003e#376\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/363531b6d972a60a00b3f1e6bb139e5e6c764cd9\"\u003e\u003ccode\u003e363531b\u003c/code\u003e\u003c/a\u003e docs: capitalize Git as a proper noun in README (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/374\"\u003e#374\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/fd2801133e469d2950f2c5af5e591d6b2ad833c8\"\u003e\u003ccode\u003efd28011\u003c/code\u003e\u003c/a\u003e docs: update procedure to configure Git (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/287\"\u003e#287\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/85eb8dd41472213aed25d1a126460e0069138ab6\"\u003e\u003ccode\u003e85eb8dd\u003c/code\u003e\u003c/a\u003e feat: support full repository names in \u003ccode\u003erepositories\u003c/code\u003e input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/372\"\u003e#372\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/c9aabb83728c3bd519212fa657ebc07e1f2a5dec\"\u003e\u003ccode\u003ec9aabb8\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump yaml from 2.8.3 to 2.8.4 in the development-dependencie...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/e02e816e5591415258a53bf735aff57977dcd5e2\"\u003e\u003ccode\u003ee02e816\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump undici from 7.24.6 to 8.2.0 (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/366\"\u003e#366\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/8d835bfd37aa48fcb8e709925115857568d98bc4\"\u003e\u003ccode\u003e8d835bf\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump esbuild from 0.27.4 to 0.28.0 in the development-depend...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/952a2a7073df6bfa5f49bc469ec895b6ec1acea4\"\u003e\u003ccode\u003e952a2a7\u003c/code\u003e\u003c/a\u003e feat: add support for enterprise-level GitHub Apps (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/263\"\u003e#263\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/43e5c345bfd4d4f3ecea019ad0042001a09dd857\"\u003e\u003ccode\u003e43e5c34\u003c/code\u003e\u003c/a\u003e fix(deps): bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1 in the production-dependenc...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/actions/create-github-app-token/compare/1b10c78c7865c340bc4f6099eb2f838309f1e8c3...bcd2ba49218906704ab6c1aa796996da409d3eb1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/create-github-app-token\u0026package-manager=github_actions\u0026previous-version=3.1.1\u0026new-version=3.2.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\n\n\n\u003c/details\u003e","html_url":"https://github.com/developmentseed/contributor-network/pull/137","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/developmentseed%2Fcontributor-network/issues/137","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/137/packages"},{"uuid":"4513774718","node_id":"PR_kwDOR4vyfc7e4WqL","number":21,"state":"open","title":"ci: bump the github-actions group across 1 directory with 7 updates","user":"dependabot[bot]","labels":["dependencies","github_actions"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-25T02:06:25.000Z","updated_at":"2026-05-25T02:09:31.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"ci: bump","group_name":"github-actions","update_count":7,"packages":[{"name":"github/codeql-action","old_version":"4.35.1","new_version":"4.36.0","repository_url":"https://github.com/github/codeql-action"},{"name":"golangci/golangci-lint-action","old_version":"9.2.0","new_version":"9.2.1","repository_url":"https://github.com/golangci/golangci-lint-action"},{"name":"actions/dependency-review-action","old_version":"4.9.0","new_version":"5.0.0","repository_url":"https://github.com/actions/dependency-review-action"},{"name":"actions/create-github-app-token","old_version":"3.1.1","new_version":"3.2.0","repository_url":"https://github.com/actions/create-github-app-token"},{"name":"googleapis/release-please-action","old_version":"4.4.0","new_version":"5.0.0","repository_url":"https://github.com/googleapis/release-please-action"},{"name":"sigstore/cosign-installer","old_version":"4.1.1","new_version":"4.1.2","repository_url":"https://github.com/sigstore/cosign-installer"},{"name":"goreleaser/goreleaser-action","old_version":"7.0.0","new_version":"7.2.2","repository_url":"https://github.com/goreleaser/goreleaser-action"}],"path":null,"ecosystem":"actions"},"body":"Bumps the github-actions group with 7 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [github/codeql-action](https://github.com/github/codeql-action) | `4.35.1` | `4.36.0` |\n| [golangci/golangci-lint-action](https://github.com/golangci/golangci-lint-action) | `9.2.0` | `9.2.1` |\n| [actions/dependency-review-action](https://github.com/actions/dependency-review-action) | `4.9.0` | `5.0.0` |\n| [actions/create-github-app-token](https://github.com/actions/create-github-app-token) | `3.1.1` | `3.2.0` |\n| [googleapis/release-please-action](https://github.com/googleapis/release-please-action) | `4.4.0` | `5.0.0` |\n| [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) | `4.1.1` | `4.1.2` |\n| [goreleaser/goreleaser-action](https://github.com/goreleaser/goreleaser-action) | `7.0.0` | `7.2.2` |\n\n\nUpdates `github/codeql-action` from 4.35.1 to 4.36.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/github/codeql-action/releases\"\u003egithub/codeql-action's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.36.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cem\u003eBreaking change\u003c/em\u003e: Bump the minimum required CodeQL bundle version to 2.19.4. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3894\"\u003e#3894\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd support for SHA-256 Git object IDs. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3893\"\u003e#3893\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.5\"\u003e2.25.5\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3926\"\u003e#3926\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.35.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eWe have improved how the JavaScript bundles for the CodeQL Action are generated to avoid duplication across bundles and reduce the size of the repository by around 70%. This should have no effect on the runtime behaviour of the CodeQL Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3899\"\u003e#3899\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFor performance and accuracy reasons, \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e will now only be enabled on a pull request when diff-informed analysis is also enabled for that run. If diff-informed analysis is unavailable (for example, because the PR diff ranges could not be computed), the action will fall back to a full analysis. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3791\"\u003e#3791\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIf multiple inputs are provided for the GitHub-internal \u003ccode\u003eanalysis-kinds\u003c/code\u003e input, only \u003ccode\u003ecode-scanning\u003c/code\u003e will be enabled. The \u003ccode\u003eanalysis-kinds\u003c/code\u003e input is experimental, for GitHub-internal use only, and may change without notice at any time. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3892\"\u003e#3892\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded an experimental change which, when running a Code Scanning analysis for a PR with \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e enabled, prefers CodeQL CLI versions that have a cached overlay-base database for the configured languages. This speeds up analysis for a repository when there is not yet a cached overlay-base database for the latest CLI version. We expect to roll this change out to everyone in May. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3880\"\u003e#3880\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.35.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.4\"\u003e2.25.4\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3881\"\u003e#3881\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.35.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cem\u003eUpcoming breaking change\u003c/em\u003e: Add a deprecation warning for customers using CodeQL version 2.19.3 and earlier. These versions of CodeQL were discontinued on 9 April 2026 alongside GitHub Enterprise Server 3.15, and will be unsupported by the next minor release of the CodeQL Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3837\"\u003e#3837\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eConfigurations for private registries that use Cloudsmith or GCP OIDC are now accepted. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3850\"\u003e#3850\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBest-effort connection tests for private registries now use \u003ccode\u003eGET\u003c/code\u003e requests instead of \u003ccode\u003eHEAD\u003c/code\u003e for better compatibility with various registry implementations. For NuGet feeds, the test is now always performed against the service index. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3853\"\u003e#3853\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed a bug where two diagnostics produced within the same millisecond could overwrite each other on disk, causing one of them to be lost. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3852\"\u003e#3852\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.3\"\u003e2.25.3\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3865\"\u003e#3865\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.35.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eThe undocumented TRAP cache cleanup feature that could be enabled using the \u003ccode\u003eCODEQL_ACTION_CLEANUP_TRAP_CACHES\u003c/code\u003e environment variable is deprecated and will be removed in May 2026. If you are affected by this, we recommend disabling TRAP caching by passing the \u003ccode\u003etrap-caching: false\u003c/code\u003e input to the \u003ccode\u003einit\u003c/code\u003e Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3795\"\u003e#3795\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe Git version 2.36.0 requirement for improved incremental analysis now only applies to repositories that contain submodules. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3789\"\u003e#3789\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePython analysis on GHES no longer extracts the standard library, relying instead on models of the standard library. This should result in significantly faster extraction and analysis times, while the effect on alerts should be minimal. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3794\"\u003e#3794\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed a bug in the validation of OIDC configurations for private registries that was added in CodeQL Action 4.33.0 / 3.33.0. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3807\"\u003e#3807\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.2\"\u003e2.25.2\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3823\"\u003e#3823\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/github/codeql-action/blob/main/CHANGELOG.md\"\u003egithub/codeql-action's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eCodeQL Action Changelog\u003c/h1\u003e\n\u003cp\u003eSee the \u003ca href=\"https://github.com/github/codeql-action/releases\"\u003ereleases page\u003c/a\u003e for the relevant changes to the CodeQL CLI and language packs.\u003c/p\u003e\n\u003ch2\u003e[UNRELEASED]\u003c/h2\u003e\n\u003cp\u003eNo user facing changes.\u003c/p\u003e\n\u003ch2\u003e4.36.0 - 22 May 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cem\u003eBreaking change\u003c/em\u003e: Bump the minimum required CodeQL bundle version to 2.19.4. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3894\"\u003e#3894\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd support for SHA-256 Git object IDs. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3893\"\u003e#3893\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.5\"\u003e2.25.5\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3926\"\u003e#3926\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.5 - 15 May 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eWe have improved how the JavaScript bundles for the CodeQL Action are generated to avoid duplication across bundles and reduce the size of the repository by around 70%. This should have no effect on the runtime behaviour of the CodeQL Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3899\"\u003e#3899\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFor performance and accuracy reasons, \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e will now only be enabled on a pull request when diff-informed analysis is also enabled for that run. If diff-informed analysis is unavailable (for example, because the PR diff ranges could not be computed), the action will fall back to a full analysis. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3791\"\u003e#3791\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIf multiple inputs are provided for the GitHub-internal \u003ccode\u003eanalysis-kinds\u003c/code\u003e input, only \u003ccode\u003ecode-scanning\u003c/code\u003e will be enabled. The \u003ccode\u003eanalysis-kinds\u003c/code\u003e input is experimental, for GitHub-internal use only, and may change without notice at any time. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3892\"\u003e#3892\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded an experimental change which, when running a Code Scanning analysis for a PR with \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e enabled, prefers CodeQL CLI versions that have a cached overlay-base database for the configured languages. This speeds up analysis for a repository when there is not yet a cached overlay-base database for the latest CLI version. We expect to roll this change out to everyone in May. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3880\"\u003e#3880\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.4 - 07 May 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.4\"\u003e2.25.4\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3881\"\u003e#3881\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.3 - 01 May 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cem\u003eUpcoming breaking change\u003c/em\u003e: Add a deprecation warning for customers using CodeQL version 2.19.3 and earlier. These versions of CodeQL were discontinued on 9 April 2026 alongside GitHub Enterprise Server 3.15, and will be unsupported by the next minor release of the CodeQL Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3837\"\u003e#3837\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eConfigurations for private registries that use Cloudsmith or GCP OIDC are now accepted. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3850\"\u003e#3850\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBest-effort connection tests for private registries now use \u003ccode\u003eGET\u003c/code\u003e requests instead of \u003ccode\u003eHEAD\u003c/code\u003e for better compatibility with various registry implementations. For NuGet feeds, the test is now always performed against the service index. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3853\"\u003e#3853\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed a bug where two diagnostics produced within the same millisecond could overwrite each other on disk, causing one of them to be lost. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3852\"\u003e#3852\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.3\"\u003e2.25.3\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3865\"\u003e#3865\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.2 - 15 Apr 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eThe undocumented TRAP cache cleanup feature that could be enabled using the \u003ccode\u003eCODEQL_ACTION_CLEANUP_TRAP_CACHES\u003c/code\u003e environment variable is deprecated and will be removed in May 2026. If you are affected by this, we recommend disabling TRAP caching by passing the \u003ccode\u003etrap-caching: false\u003c/code\u003e input to the \u003ccode\u003einit\u003c/code\u003e Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3795\"\u003e#3795\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe Git version 2.36.0 requirement for improved incremental analysis now only applies to repositories that contain submodules. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3789\"\u003e#3789\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePython analysis on GHES no longer extracts the standard library, relying instead on models of the standard library. This should result in significantly faster extraction and analysis times, while the effect on alerts should be minimal. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3794\"\u003e#3794\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed a bug in the validation of OIDC configurations for private registries that was added in CodeQL Action 4.33.0 / 3.33.0. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3807\"\u003e#3807\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.2\"\u003e2.25.2\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3823\"\u003e#3823\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.1 - 27 Mar 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix incorrect minimum required Git version for \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e: it should have been 2.36.0, not 2.11.0. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3781\"\u003e#3781\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.0 - 27 Mar 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReduced the minimum Git version required for \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e from 2.38.0 to 2.11.0. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3767\"\u003e#3767\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.1\"\u003e2.25.1\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3773\"\u003e#3773\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/7211b7c8077ea37d8641b6271f6a365a22a5fbfa\"\u003e\u003ccode\u003e7211b7c\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3927\"\u003e#3927\u003c/a\u003e from github/update-v4.36.0-ebc2d9e2b\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/7740f2fb21add1d46278215acea47540db22f022\"\u003e\u003ccode\u003e7740f2f\u003c/code\u003e\u003c/a\u003e Update changelog for v4.36.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/ebc2d9e2bc247eec51bee8d4df806c4030eb0761\"\u003e\u003ccode\u003eebc2d9e\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3926\"\u003e#3926\u003c/a\u003e from github/update-bundle/codeql-bundle-v2.25.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/d1f74b777c95c777bf4f42ce4b250bc916e745c7\"\u003e\u003ccode\u003ed1f74b7\u003c/code\u003e\u003c/a\u003e Add changelog note\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/2dc40cec39bdc63d3561d74fa6100cebb0418ff4\"\u003e\u003ccode\u003e2dc40ce\u003c/code\u003e\u003c/a\u003e Update default bundle to codeql-bundle-v2.25.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/84498526a009a99c875e83ef4821a8ba52de7c22\"\u003e\u003ccode\u003e8449852\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3910\"\u003e#3910\u003c/a\u003e from github/henrymercer/repo-size-diff-check\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/72ac23c6d16b29fbe801e87e3439941558c53094\"\u003e\u003ccode\u003e72ac23c\u003c/code\u003e\u003c/a\u003e Update excluded required check list\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/c5297a28a2c3e6a8062041b58858bd7117cebe37\"\u003e\u003ccode\u003ec5297a2\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3919\"\u003e#3919\u003c/a\u003e from github/henrymercer/workflow-concurrency\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/8ffeae7d05bc1b914a009d197e64e4f5c9e14503\"\u003e\u003ccode\u003e8ffeae7\u003c/code\u003e\u003c/a\u003e CI: Automatically cancel non-generated workflows\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/f3f52bf568dc44a1069faafa538caa6b1fec40c9\"\u003e\u003ccode\u003ef3f52bf\u003c/code\u003e\u003c/a\u003e Revert \u003ccode\u003egetErrorMessage\u003c/code\u003e import\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/github/codeql-action/compare/c10b8064de6f491fea524254123dbe5e09572f13...7211b7c8077ea37d8641b6271f6a365a22a5fbfa\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `golangci/golangci-lint-action` from 9.2.0 to 9.2.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/golangci/golangci-lint-action/releases\"\u003egolangci/golangci-lint-action's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev9.2.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cp\u003eIMPORTANT: this is the first immutable release.\u003c/p\u003e\n\u003ch3\u003eChanges\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echore: improve workflows by \u003ca href=\"https://github.com/ldez\"\u003e\u003ccode\u003e@​ldez\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/golangci/golangci-lint-action/pull/1394\"\u003egolangci/golangci-lint-action#1394\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDependencies\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ebuild(deps-dev): bump the dev-dependencies group with 3 updates by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/golangci/golangci-lint-action/pull/1325\"\u003egolangci/golangci-lint-action#1325\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump the dev-dependencies group with 2 updates by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/golangci/golangci-lint-action/pull/1326\"\u003egolangci/golangci-lint-action#1326\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump the dependencies group with 4 updates by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/golangci/golangci-lint-action/pull/1327\"\u003egolangci/golangci-lint-action#1327\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump the dev-dependencies group with 2 updates by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/golangci/golangci-lint-action/pull/1328\"\u003egolangci/golangci-lint-action#1328\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump \u003ccode\u003e@​types/node\u003c/code\u003e from 25.0.2 to 25.0.3 in the dependencies group by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/golangci/golangci-lint-action/pull/1329\"\u003egolangci/golangci-lint-action#1329\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump the dev-dependencies group with 2 updates by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/golangci/golangci-lint-action/pull/1330\"\u003egolangci/golangci-lint-action#1330\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump the dev-dependencies group with 2 updates by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/golangci/golangci-lint-action/pull/1332\"\u003egolangci/golangci-lint-action#1332\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump the dev-dependencies group with 2 updates by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/golangci/golangci-lint-action/pull/1333\"\u003egolangci/golangci-lint-action#1333\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump the dependencies group with 6 updates by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/golangci/golangci-lint-action/pull/1334\"\u003egolangci/golangci-lint-action#1334\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump the dev-dependencies group with 4 updates by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/golangci/golangci-lint-action/pull/1335\"\u003egolangci/golangci-lint-action#1335\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump the dependencies group with 2 updates by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/golangci/golangci-lint-action/pull/1336\"\u003egolangci/golangci-lint-action#1336\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump the dev-dependencies group with 3 updates by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/golangci/golangci-lint-action/pull/1337\"\u003egolangci/golangci-lint-action#1337\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump \u003ccode\u003e@​types/node\u003c/code\u003e from 25.0.9 to 25.0.10 in the dependencies group by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/golangci/golangci-lint-action/pull/1338\"\u003egolangci/golangci-lint-action#1338\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump fast-xml-parser from 5.3.3 to 5.3.4 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/golangci/golangci-lint-action/pull/1339\"\u003egolangci/golangci-lint-action#1339\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump the dev-dependencies group with 2 updates by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/golangci/golangci-lint-action/pull/1340\"\u003egolangci/golangci-lint-action#1340\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump the dev-dependencies group across 1 directory with 3 updates by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/golangci/golangci-lint-action/pull/1344\"\u003egolangci/golangci-lint-action#1344\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump fast-xml-parser from 5.3.4 to 5.3.6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/golangci/golangci-lint-action/pull/1346\"\u003egolangci/golangci-lint-action#1346\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump minimatch by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/golangci/golangci-lint-action/pull/1348\"\u003egolangci/golangci-lint-action#1348\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump minimatch from 3.1.3 to 3.1.5 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/golangci/golangci-lint-action/pull/1350\"\u003egolangci/golangci-lint-action#1350\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump fast-xml-parser from 5.3.6 to 5.4.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/golangci/golangci-lint-action/pull/1351\"\u003egolangci/golangci-lint-action#1351\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump fast-xml-parser from 5.4.1 to 5.5.6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/golangci/golangci-lint-action/pull/1357\"\u003egolangci/golangci-lint-action#1357\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump fast-xml-parser from 5.5.6 to 5.5.7 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/golangci/golangci-lint-action/pull/1358\"\u003egolangci/golangci-lint-action#1358\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump flatted from 3.3.3 to 3.4.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/golangci/golangci-lint-action/pull/1359\"\u003egolangci/golangci-lint-action#1359\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump picomatch from 4.0.3 to 4.0.4 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/golangci/golangci-lint-action/pull/1364\"\u003egolangci/golangci-lint-action#1364\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump yaml from 2.8.2 to 2.8.3 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/golangci/golangci-lint-action/pull/1365\"\u003egolangci/golangci-lint-action#1365\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump brace-expansion by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/golangci/golangci-lint-action/pull/1370\"\u003egolangci/golangci-lint-action#1370\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump the dev-dependencies group across 1 directory with 7 updates by \u003ca href=\"https://github.com/ldez\"\u003e\u003ccode\u003e@​ldez\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/golangci/golangci-lint-action/pull/1374\"\u003egolangci/golangci-lint-action#1374\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 4 to 4.35.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/golangci/golangci-lint-action/pull/1384\"\u003egolangci/golangci-lint-action#1384\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump fast-xml-builder from 1.1.5 to 1.2.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/golangci/golangci-lint-action/pull/1386\"\u003egolangci/golangci-lint-action#1386\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 4.35.2 to 4.35.3 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/golangci/golangci-lint-action/pull/1389\"\u003egolangci/golangci-lint-action#1389\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 4.35.3 to 4.35.4 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/golangci/golangci-lint-action/pull/1391\"\u003egolangci/golangci-lint-action#1391\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/golangci/golangci-lint-action/compare/v9.2.0...v9.2.1\"\u003ehttps://github.com/golangci/golangci-lint-action/compare/v9.2.0...v9.2.1\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golangci/golangci-lint-action/commit/82606bf257cbaff209d206a39f5134f0cfbfd2ee\"\u003e\u003ccode\u003e82606bf\u003c/code\u003e\u003c/a\u003e chore: prepare release v9.2.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golangci/golangci-lint-action/commit/97c8387e660fa3be78f698fb592523e1f906a02c\"\u003e\u003ccode\u003e97c8387\u003c/code\u003e\u003c/a\u003e chore: improve workflows (\u003ca href=\"https://redirect.github.com/golangci/golangci-lint-action/issues/1394\"\u003e#1394\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golangci/golangci-lint-action/commit/28d0a191bb76f633872d1f12600dd9900ac73840\"\u003e\u003ccode\u003e28d0a19\u003c/code\u003e\u003c/a\u003e build(deps): bump the dependencies group across 1 directory with 2 updates\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golangci/golangci-lint-action/commit/633fbc7d54a1fe7d54f72fb83194a7d442beb929\"\u003e\u003ccode\u003e633fbc7\u003c/code\u003e\u003c/a\u003e build(deps): bump github/codeql-action from 4.35.3 to 4.35.4 (\u003ca href=\"https://redirect.github.com/golangci/golangci-lint-action/issues/1391\"\u003e#1391\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golangci/golangci-lint-action/commit/59f43e26c902dadac745307f8cf2537da50ad344\"\u003e\u003ccode\u003e59f43e2\u003c/code\u003e\u003c/a\u003e build(deps): bump github/codeql-action from 4.35.2 to 4.35.3 (\u003ca href=\"https://redirect.github.com/golangci/golangci-lint-action/issues/1389\"\u003e#1389\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golangci/golangci-lint-action/commit/9eb174e04acac69b4b7f6602f9a5cc384ba59b45\"\u003e\u003ccode\u003e9eb174e\u003c/code\u003e\u003c/a\u003e build(deps): bump fast-xml-builder from 1.1.5 to 1.2.0 (\u003ca href=\"https://redirect.github.com/golangci/golangci-lint-action/issues/1386\"\u003e#1386\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golangci/golangci-lint-action/commit/4f52504dfb47d09a983372e869f643e9e0d4014b\"\u003e\u003ccode\u003e4f52504\u003c/code\u003e\u003c/a\u003e build(deps): bump github/codeql-action from 4 to 4.35.2 (\u003ca href=\"https://redirect.github.com/golangci/golangci-lint-action/issues/1384\"\u003e#1384\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golangci/golangci-lint-action/commit/6f87dfdbd16618b59a5d86104adea6216152a47c\"\u003e\u003ccode\u003e6f87dfd\u003c/code\u003e\u003c/a\u003e docs: update examples\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golangci/golangci-lint-action/commit/c9500d7aa7797b3e999034a3e6a0b9a4f18e8708\"\u003e\u003ccode\u003ec9500d7\u003c/code\u003e\u003c/a\u003e chore: improve workflows\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golangci/golangci-lint-action/commit/03b1faa37ed78712fa70fc44b56fa553f0d7a6bc\"\u003e\u003ccode\u003e03b1faa\u003c/code\u003e\u003c/a\u003e chore: improve issue templates\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/golangci/golangci-lint-action/compare/1e7e51e771db61008b38414a730f564565cf7c20...82606bf257cbaff209d206a39f5134f0cfbfd2ee\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `actions/dependency-review-action` from 4.9.0 to 5.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/dependency-review-action/releases\"\u003eactions/dependency-review-action's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.0.0\u003c/h2\u003e\n\u003cp\u003eThis is a new major version of the Dependency Review Action which updates the runtime to node24. This requires a minimum Actions Runner version \u003ca href=\"https://github.com/actions/runner/releases/tag/v2.327.1\"\u003ev2.327.1\u003c/a\u003e to run.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd .github/copilot-instructions.md for Copilot coding agent by \u003ca href=\"https://github.com/ahpook\"\u003e\u003ccode\u003e@​ahpook\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1067\"\u003eactions/dependency-review-action#1067\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate Node.js runtime from 20 to 24 by \u003ca href=\"https://github.com/scottschreckengaust\"\u003e\u003ccode\u003e@​scottschreckengaust\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1084\"\u003eactions/dependency-review-action#1084\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump spdx-license-ids from 3.0.20 to 3.0.23 by \u003ca href=\"https://github.com/mongolyy\"\u003e\u003ccode\u003e@​mongolyy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1091\"\u003eactions/dependency-review-action#1091\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: bump actions/checkout from v4 to v6 in workflow examples by \u003ca href=\"https://github.com/Marukome0743\"\u003e\u003ccode\u003e@​Marukome0743\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1077\"\u003eactions/dependency-review-action#1077\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: patched version display for advisories with non-strict semver ranges (e.g. Maven beta versions) by \u003ca href=\"https://github.com/tspascoal\"\u003e\u003ccode\u003e@​tspascoal\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1076\"\u003eactions/dependency-review-action#1076\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eResolve security findings by \u003ca href=\"https://github.com/AshelyTC\"\u003e\u003ccode\u003e@​AshelyTC\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1094\"\u003eactions/dependency-review-action#1094\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ev5.0.0 release branch by \u003ca href=\"https://github.com/ahpook\"\u003e\u003ccode\u003e@​ahpook\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1098\"\u003eactions/dependency-review-action#1098\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/scottschreckengaust\"\u003e\u003ccode\u003e@​scottschreckengaust\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1084\"\u003eactions/dependency-review-action#1084\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mongolyy\"\u003e\u003ccode\u003e@​mongolyy\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1091\"\u003eactions/dependency-review-action#1091\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Marukome0743\"\u003e\u003ccode\u003e@​Marukome0743\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1077\"\u003eactions/dependency-review-action#1077\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/dependency-review-action/compare/v4.9.0...v5.0.0\"\u003ehttps://github.com/actions/dependency-review-action/compare/v4.9.0...v5.0.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/a1d282b36b6f3519aa1f3fc636f609c47dddb294\"\u003e\u003ccode\u003ea1d282b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/issues/1098\"\u003e#1098\u003c/a\u003e from actions/ahpook/v5-release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/eb6c199c5a85c7387f1f0b02b3ba5c6364740695\"\u003e\u003ccode\u003eeb6c199\u003c/code\u003e\u003c/a\u003e update examples to show \u003ca href=\"https://github.com/v5\"\u003e\u003ccode\u003e@​v5\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/3943c2c5beaaaf1806eb3758273c203dabcbf89c\"\u003e\u003ccode\u003e3943c2c\u003c/code\u003e\u003c/a\u003e v5.0.0 release branch\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/454943c880b147adbfe7de0cdd3ece1c00882033\"\u003e\u003ccode\u003e454943c\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/issues/1094\"\u003e#1094\u003c/a\u003e from actions/ashelytc/security-findings\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/6d92a1228e9e9db334f02c09f84fe9217d2b4463\"\u003e\u003ccode\u003e6d92a12\u003c/code\u003e\u003c/a\u003e revert \u003ccode\u003e@​typescript-eslint/parser\u003c/code\u003e update\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/a8e5a7e93695b41abf6d1083cd220bee39a720f0\"\u003e\u003ccode\u003ea8e5a7e\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/issues/1076\"\u003e#1076\u003c/a\u003e from tspascoal/fix-version-matching-for-non-string-s...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/b6b7079031ef4ed61656c221988f1f3bcbf35101\"\u003e\u003ccode\u003eb6b7079\u003c/code\u003e\u003c/a\u003e update \u003ccode\u003e@​typescript-eslint/parser\u003c/code\u003e to 8.40.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/821a21dd691f162c4c5c2e9754a344accde9a208\"\u003e\u003ccode\u003e821a21d\u003c/code\u003e\u003c/a\u003e update more dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/05aaaae45cf4c420de012addf2a72e3435ddaa63\"\u003e\u003ccode\u003e05aaaae\u003c/code\u003e\u003c/a\u003e run npm audit fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/55d3e754501fc13c84b95637ce51f135012d41ea\"\u003e\u003ccode\u003e55d3e75\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/issues/1077\"\u003e#1077\u003c/a\u003e from Marukome0743/docs/checkout\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/actions/dependency-review-action/compare/2031cfc080254a8a887f58cffee85186f0e49e48...a1d282b36b6f3519aa1f3fc636f609c47dddb294\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `actions/create-github-app-token` from 3.1.1 to 3.2.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/create-github-app-token/releases\"\u003eactions/create-github-app-token's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.2.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/compare/v3.1.1...v3.2.0\"\u003e3.2.0\u003c/a\u003e (2026-05-12)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd support for enterprise-level GitHub Apps (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/263\"\u003e#263\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/952a2a7073df6bfa5f49bc469ec895b6ec1acea4\"\u003e952a2a7\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esupport full repository names in \u003ccode\u003erepositories\u003c/code\u003e input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/372\"\u003e#372\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/85eb8dd41472213aed25d1a126460e0069138ab6\"\u003e85eb8dd\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1 in the production-dependencies group (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/364\"\u003e#364\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/43e5c345bfd4d4f3ecea019ad0042001a09dd857\"\u003e43e5c34\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003evalidate private-key input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/376\"\u003e#376\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/f24bbd89643991c0de27ae823c01791b2c6bafdd\"\u003ef24bbd8\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/create-github-app-token/blob/main/CHANGELOG.md\"\u003eactions/create-github-app-token's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/compare/v3.1.1...v3.2.0\"\u003e3.2.0\u003c/a\u003e (2026-05-12)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd support for enterprise-level GitHub Apps (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/263\"\u003e#263\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/952a2a7073df6bfa5f49bc469ec895b6ec1acea4\"\u003e952a2a7\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esupport full repository names in \u003ccode\u003erepositories\u003c/code\u003e input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/372\"\u003e#372\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/85eb8dd41472213aed25d1a126460e0069138ab6\"\u003e85eb8dd\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1 in the production-dependencies group (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/364\"\u003e#364\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/43e5c345bfd4d4f3ecea019ad0042001a09dd857\"\u003e43e5c34\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003evalidate private-key input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/376\"\u003e#376\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/f24bbd89643991c0de27ae823c01791b2c6bafdd\"\u003ef24bbd8\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/bcd2ba49218906704ab6c1aa796996da409d3eb1\"\u003e\u003ccode\u003ebcd2ba4\u003c/code\u003e\u003c/a\u003e chore(main): release 3.2.0 (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/370\"\u003e#370\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/f24bbd89643991c0de27ae823c01791b2c6bafdd\"\u003e\u003ccode\u003ef24bbd8\u003c/code\u003e\u003c/a\u003e fix: validate private-key input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/376\"\u003e#376\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/363531b6d972a60a00b3f1e6bb139e5e6c764cd9\"\u003e\u003ccode\u003e363531b\u003c/code\u003e\u003c/a\u003e docs: capitalize Git as a proper noun in README (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/374\"\u003e#374\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/fd2801133e469d2950f2c5af5e591d6b2ad833c8\"\u003e\u003ccode\u003efd28011\u003c/code\u003e\u003c/a\u003e docs: update procedure to configure Git (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/287\"\u003e#287\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/85eb8dd41472213aed25d1a126460e0069138ab6\"\u003e\u003ccode\u003e85eb8dd\u003c/code\u003e\u003c/a\u003e feat: support full repository names in \u003ccode\u003erepositories\u003c/code\u003e input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/372\"\u003e#372\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/c9aabb83728c3bd519212fa657ebc07e1f2a5dec\"\u003e\u003ccode\u003ec9aabb8\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump yaml from 2.8.3 to 2.8.4 in the development-dependencie...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/e02e816e5591415258a53bf735aff57977dcd5e2\"\u003e\u003ccode\u003ee02e816\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump undici from 7.24.6 to 8.2.0 (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/366\"\u003e#366\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/8d835bfd37aa48fcb8e709925115857568d98bc4\"\u003e\u003ccode\u003e8d835bf\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump esbuild from 0.27.4 to 0.28.0 in the development-depend...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/952a2a7073df6bfa5f49bc469ec895b6ec1acea4\"\u003e\u003ccode\u003e952a2a7\u003c/code\u003e\u003c/a\u003e feat: add support for enterprise-level GitHub Apps (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/263\"\u003e#263\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/43e5c345bfd4d4f3ecea019ad0042001a09dd857\"\u003e\u003ccode\u003e43e5c34\u003c/code\u003e\u003c/a\u003e fix(deps): bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1 in the production-dependenc...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/actions/create-github-app-token/compare/1b10c78c7865c340bc4f6099eb2f838309f1e8c3...bcd2ba49218906704ab6c1aa796996da409d3eb1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `googleapis/release-please-action` from 4.4.0 to 5.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/googleapis/release-please-action/releases\"\u003egoogleapis/release-please-action's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.0.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/googleapis/release-please-action/compare/v4.4.1...v5.0.0\"\u003e5.0.0\u003c/a\u003e (2026-04-22)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eupgrade to node24 (\u003ca href=\"https://redirect.github.com/googleapis/release-please-action/issues/1188\"\u003e#1188\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eupgrade to node24 (\u003ca href=\"https://redirect.github.com/googleapis/release-please-action/issues/1188\"\u003e#1188\u003c/a\u003e) (\u003ca href=\"https://github.com/googleapis/release-please-action/commit/46dfc01594fc6ec99626bc73e479c52bdf554f88\"\u003e46dfc01\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ebump release-please from 17.3.0 to 17.6.0 (\u003ca href=\"https://redirect.github.com/googleapis/release-please-action/issues/1199\"\u003e#1199\u003c/a\u003e) (\u003ca href=\"https://github.com/googleapis/release-please-action/commit/f533c26b74c2778db7edc90c96b63a7d08035765\"\u003ef533c26\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.4.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/googleapis/release-please-action/compare/v4.4.0...v4.4.1\"\u003e4.4.1\u003c/a\u003e (2026-02-20)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ebump release-please from 17.1.3 to 17.3.0 (\u003ca href=\"https://redirect.github.com/googleapis/release-please-action/issues/1183\"\u003e#1183\u003c/a\u003e) (\u003ca href=\"https://github.com/googleapis/release-please-action/commit/ef9c2745dbfb629d38ebfafa3347a81ab2d51409\"\u003eef9c274\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/googleapis/release-please-action/blob/main/CHANGELOG.md\"\u003egoogleapis/release-please-action's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/googleapis/release-please-action/compare/v4.4.1...v5.0.0\"\u003e5.0.0\u003c/a\u003e (2026-04-22)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eupgrade to node24 (\u003ca href=\"https://redirect.github.com/googleapis/release-please-action/issues/1188\"\u003e#1188\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eupgrade to node24 (\u003ca href=\"https://redirect.github.com/googleapis/release-please-action/issues/1188\"\u003e#1188\u003c/a\u003e) (\u003ca href=\"https://github.com/googleapis/release-please-action/commit/46dfc01594fc6ec99626bc73e479c52bdf554f88\"\u003e46dfc01\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ebump release-please from 17.3.0 to 17.6.0 (\u003ca href=\"https://redirect.github.com/googleapis/release-please-action/issues/1199\"\u003e#1199\u003c/a\u003e) (\u003ca href=\"https://github.com/googleapis/release-please-action/commit/f533c26b74c2778db7edc90c96b63a7d08035765\"\u003ef533c26\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/googleapis/release-please-action/compare/v4.4.0...v4.4.1\"\u003e4.4.1\u003c/a\u003e (2026-02-20)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ebump release-please from 17.1.3 to 17.3.0 (\u003ca href=\"https://redirect.github.com/googleapis/release-please-action/issues/1183\"\u003e#1183\u003c/a\u003e) (\u003ca href=\"https://github.com/googleapis/release-please-action/commit/ef9c2745dbfb629d38ebfafa3347a81ab2d51409\"\u003eef9c274\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/googleapis/release-please-action/compare/v4.3.0...v4.4.0\"\u003e4.4.0\u003c/a\u003e (2025-10-09)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd ability to select versioning-strategy and release-as (\u003ca href=\"https://redirect.github.com/googleapis/release-please-action/issues/1121\"\u003e#1121\u003c/a\u003e) (\u003ca href=\"https://github.com/googleapis/release-please-action/commit/ee0f5bae453367755be0c4340193531b3f538374\"\u003eee0f5ba\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003echangelog-host\u003c/code\u003e parameter ignored when using manifest configuration (\u003ca href=\"https://redirect.github.com/googleapis/release-please-action/issues/1151\"\u003e#1151\u003c/a\u003e) (\u003ca href=\"https://github.com/googleapis/release-please-action/commit/535c4130c1030110bdacd1b3076f98c046c3a227\"\u003e535c413\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ebump mocha from 11.7.1 to 11.7.2 in the npm_and_yarn group across 1 directory (\u003ca href=\"https://redirect.github.com/googleapis/release-please-action/issues/1149\"\u003e#1149\u003c/a\u003e) (\u003ca href=\"https://github.com/googleapis/release-please-action/commit/3612a99d75bd7a010bb03d6e2ee3e2392b7392fb\"\u003e3612a99\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ebump release-please from 17.1.2 to 17.1.3 (\u003ca href=\"https://redirect.github.com/googleapis/release-please-action/issues/1158\"\u003e#1158\u003c/a\u003e) (\u003ca href=\"https://github.com/googleapis/release-please-action/commit/66fbfe9439cb7a3660ecdc00d42573ef0bd00764\"\u003e66fbfe9\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/googleapis/release-please-action/compare/v4.2.0...v4.3.0\"\u003e4.3.0\u003c/a\u003e (2025-08-20)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update release-please to 17.1.2 (\u003ca href=\"https://github.com/googleapis/release-please-action/commit/f07192c046b10acd083f4665a3d8b6350526f9df\"\u003ef07192c\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/googleapis/release-please-action/compare/v4.1.5...v4.2.0\"\u003e4.2.0\u003c/a\u003e (2025-03-07)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/googleapis/release-please-action/commit/45996ed1f6d02564a971a2fa1b5860e934307cf7\"\u003e\u003ccode\u003e45996ed\u003c/code\u003e\u003c/a\u003e chore(main): release 5.0.0 (\u003ca href=\"https://redirect.github.com/googleapis/release-please-action/issues/1200\"\u003e#1200\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/googleapis/release-please-action/commit/a8121b99c9779b09ad890de46417b7cad74eb3a2\"\u003e\u003ccode\u003ea8121b9\u003c/code\u003e\u003c/a\u003e chore: build dist (\u003ca href=\"https://redirect.github.com/googleapis/release-please-action/issues/1201\"\u003e#1201\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/googleapis/release-please-action/commit/f533c26b74c2778db7edc90c96b63a7d08035765\"\u003e\u003ccode\u003ef533c26\u003c/code\u003e\u003c/a\u003e fix: bump release-please from 17.3.0 to 17.6.0 (\u003ca href=\"https://redirect.github.com/googleapis/release-please-action/issues/1199\"\u003e#1199\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/googleapis/release-please-action/commit/46dfc01594fc6ec99626bc73e479c52bdf554f88\"\u003e\u003ccode\u003e46dfc01\u003c/code\u003e\u003c/a\u003e feat!: upgrade to node24 (\u003ca href=\"https://redirect.github.com/googleapis/release-please-action/issues/1188\"\u003e#1188\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/googleapis/release-please-action/commit/5c625bfb5d1ff62eadeeb3772007f7f66fdcf071\"\u003e\u003ccode\u003e5c625bf\u003c/code\u003e\u003c/a\u003e chore(main): release 4.4.1 (\u003ca href=\"https://redirect.github.com/googleapis/release-please-action/issues/1187\"\u003e#1187\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/googleapis/release-please-action/commit/8bb7a2ed0f90c9802c83129a9488d235a1f31a7c\"\u003e\u003ccode\u003e8bb7a2e\u003c/code\u003e\u003c/a\u003e chore: build dist (\u003ca href=\"https://redirect.github.com/googleapis/release-please-action/issues/1186\"\u003e#1186\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/googleapis/release-please-action/commit/ef9c2745dbfb629d38ebfafa3347a81ab2d51409\"\u003e\u003ccode\u003eef9c274\u003c/code\u003e\u003c/a\u003e fix: bump release-please from 17.1.3 to 17.3.0 (\u003ca href=\"https://redirect.github.com/googleapis/release-please-action/issues/1183\"\u003e#1183\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/googleapis/release-please-action/commit/64d83e95d898ede84e4555719aba555c3244d469\"\u003e\u003ccode\u003e64d83e9\u003c/code\u003e\u003c/a\u003e docs(README): add missing action inputs + package options (\u003ca href=\"https://redirect.github.com/googleapis/release-please-action/issues/1176\"\u003e#1176\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/googleapis/release-please-action/compare/16a9c90856f42705d54a6fda1823352bdc62cf38...45996ed1f6d02564a971a2fa1b5860e934307cf7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `sigstore/cosign-installer` from 4.1.1 to 4.1.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sigstore/cosign-installer/releases\"\u003esigstore/cosign-installer's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.1.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBump cosign to 3.0.6 in \u003ca href=\"https://redirect.github.com/sigstore/cosign-installer/pull/232\"\u003esigstore/cosign-installer#232\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sigstore/cosign-installer/commit/6f9f17788090df1f26f669e9d70d6ae9567deba6\"\u003e\u003ccode\u003e6f9f177\u003c/code\u003e\u003c/a\u003e Bump cosign to 3.0.6 (\u003ca href=\"https://redirect.github.com/sigstore/cosign-installer/issues/232\"\u003e#232\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sigstore/cosign-installer/commit/b5e753ae2d39589c7b38850b463739151fc67f07\"\u003e\u003ccode\u003eb5e753a\u003c/code\u003e\u003c/a\u003e Bump actions/github-script from 8.0.0 to 9.0.0 (\u003ca href=\"https://redirect.github.com/sigstore/cosign-installer/issues/230\"\u003e#230\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sigstore/cosign-installer/commit/115e4ce455e573aa6e9ba51e8d040ddd5c1378af\"\u003e\u003ccode\u003e115e4ce\u003c/code\u003e\u003c/a\u003e Bump actions/setup-go from 6.3.0 to 6.4.0 (\u003ca href=\"https://redirect.github.com/sigstore/cosign-installer/issues/226\"\u003e#226\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/sigstore/cosign-installer/compare/cad07c2e89fa2edd6e2d7bab4c1aa38e53f76003...6f9f17788090df1f26f669e9d70d6ae9567deba6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `goreleaser/goreleaser-action` from 7.0.0 to 7.2.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/goreleaser/goreleaser-action/releases\"\u003egoreleaser/goreleaser-action's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.2.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eci(deps): bump the actions group with 3 updates by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/goreleaser/goreleaser-action/pull/560\"\u003egoreleaser/goreleaser-action#560\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: nightly resolution to select newest published release by \u003ca href=\"https://github.com/Copilot\"\u003e\u003ccode\u003e@​Copilot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/goreleaser/goreleaser-action/pull/562\"\u003egoreleaser/goreleaser-action#562\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Copilot\"\u003e\u003ccode\u003e@​Copilot\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/goreleaser/goreleaser-action/pull/562\"\u003egoreleaser/goreleaser-action#562\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/goreleaser/goreleaser-action/compare/v7...v7.2.2\"\u003ehttps://github.com/goreleaser/goreleaser-action/compare/v7...v7.2.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev7.2.1\u003c/h2\u003e\n\u003cp\u003eThis fully removes the usage of the old \u003ccode\u003enightly\u003c/code\u003e moving tag.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/goreleaser/goreleaser-action/compare/v7.2.0...v7.2.1\"\u003ehttps://github.com/goreleaser/goreleaser-action/compare/v7.2.0...v7.2.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev7.2.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003etest: cover install across release eras by \u003ca href=\"https://github.com/caarlos0\"\u003e\u003ccode\u003e@​caarlos0\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/goreleaser/goreleaser-action/pull/555\"\u003egoreleaser/goreleaser-action#555\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: add \u003ccode\u003eversion-file\u003c/code\u003e input by \u003ca href=\"https://github.com/caarlos0\"\u003e\u003ccode\u003e@​caarlos0\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/goreleaser/goreleaser-action/pull/556\"\u003egoreleaser/goreleaser-action#556\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: resolve nightly to latest vX.Y.Z-\u003c!-- raw HTML omitted --\u003e-nightly release by \u003ca href=\"https://github.com/caarlos0\"\u003e\u003ccode\u003e@​caarlos0\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/goreleaser/goreleaser-action/pull/558\"\u003egoreleaser/goreleaser-action#558\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/goreleaser/goreleaser-action/compare/v7...v7.2.0\"\u003ehttps://github.com/goreleaser/goreleaser-action/compare/v7...v7.2.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev7.1.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat: verify release checksum and cosign signature by \u003ca href=\"https://github.com/caarlos0\"\u003e\u003ccode\u003e@​caarlos0\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/goreleaser/goreleaser-action/pull/550\"\u003egoreleaser/goreleaser-action#550\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: document cosign verification in README by \u003ca href=\"https://github.com/caarlos0\"\u003e\u003ccode\u003e@​caarlos0\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/goreleaser/goreleaser-action/pull/553\"\u003egoreleaser/goreleaser-action#553\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: Upgrade import GPG action version by \u003ca href=\"https://github.com/flecno\"\u003e\u003ccode\u003e@​flecno\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/goreleaser/goreleaser-action/pull/547\"\u003egoreleaser/goreleaser-action#547\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: drop docker-bake in favor of plain npm by \u003ca href=\"https://github.com/caarlos0\"\u003e\u003ccode\u003e@​caarlos0\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/goreleaser/goreleaser-action/pull/551\"\u003egoreleaser/goreleaser-action#551\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add release-major-tag workflow by \u003ca href=\"https://github.com/caarlos0\"\u003e\u003ccode\u003e@​caarlos0\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/goreleaser/goreleaser-action/pull/552\"\u003egoreleaser/goreleaser-action#552\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: drop pre-cosign-v3 goreleaser versions from tests by \u003ca href=\"https://github.com/caarlos0\"\u003e\u003ccode\u003e@​caarlos0\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/goreleaser/goreleaser-action/pull/554\"\u003egoreleaser/goreleaser-action#554\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci(deps): bump the actions group with 2 updates by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/goreleaser/goreleaser-action/pull/543\"\u003egoreleaser/goreleaser-action#543\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci(deps): bump the actions group with 5 updates by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/goreleaser/goreleaser-action/pull/546\"\u003egoreleaser/goreleaser-action#546\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): bump undici from 6.23.0 to 6.24.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/goreleaser/goreleaser-action/pull/545\"\u003egoreleaser/goreleaser-action#545\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/flecno\"\u003e\u003ccode\u003e@​flecno\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/goreleaser/goreleaser-action/pull/547\"\u003egoreleaser/goreleaser-action#547\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/goreleaser/goreleaser-action/compare/v7...v7.1.0\"\u003ehttps://github.com/goreleaser/goreleaser-action/compare/v7...v7.1.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/goreleaser/goreleaser-action/commit/5daf1e915a5f0af01ddbcd89a43b8061ff4f1a89\"\u003e\u003ccode\u003e5daf1e9\u003c/code\u003e\u003c/a\u003e fix: nightly resolution to select newest published release (\u003ca href=\"https://redirect.github.com/goreleaser/goreleaser-action/issues/562\"\u003e#562\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/goreleaser/goreleaser-action/commit/5cc7ebb73d78b8f1d7b03c568e7df999c2889ccf\"\u003e\u003ccode\u003e5cc7ebb\u003c/code\u003e\u003c/a\u003e ci: update actions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/goreleaser/goreleaser-action/commit/702f5f91c9334614254ddeabeebaf820d707f0d6\"\u003e\u003ccode\u003e702f5f9\u003c/code\u003e\u003c/a\u003e ci(deps): bump the actions group with 3 updates (\u003ca href=\"https://redirect.github.com/goreleaser/goreleaser-action/issues/560\"\u003e#560\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/goreleaser/goreleaser-action/commit/1a80836c5c9d9e5755a25cb59ec6f45a3b5f41a8\"\u003e\u003ccode\u003e1a80836\u003c/code\u003e\u003c/a\u003e ci(nightly): pass GITHUB_TOKEN to nightly integration job\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/goreleaser/goreleaser-action/commit/a71152e8274c84525d8835ba71448d64d2023702\"\u003e\u003ccode\u003ea71152e\u003c/code\u003e\u003c/a\u003e refactor: drop legacy 'nightly' tag fallback\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/goreleaser/goreleaser-action/commit/4c6ab561adb47e50c45ef534e2155934e91c40c1\"\u003e\u003ccode\u003e4c6ab56\u003c/code\u003e\u003c/a\u003e feat: resolve nightly to latest vX.Y.Z-\u0026lt;sha\u0026gt;-nightly release (\u003ca href=\"https://redirect.github.com/goreleaser/goreleaser-action/issues/558\"\u003e#558\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/goreleaser/goreleaser-action/commit/4f96abf297f872baa17cd502a9b5ef0725fd1edc\"\u003e\u003ccode\u003e4f96abf\u003c/code\u003e\u003c/a\u003e feat: add \u003ccode\u003eversion-file\u003c/code\u003e input (\u003ca href=\"https://redirect.github.com/goreleaser/goreleaser-action/issues/556\"\u003e#556\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/goreleaser/goreleaser-action/commit/15fa2a96d4a23f516334bb340969ca4e9c82f0fa\"\u003e\u003ccode\u003e15fa2a9\u003c/code\u003e\u003c/a\u003e test: cover install across release eras (\u003ca href=\"https://redirect.github.com/goreleaser/goreleaser-action/issues/555\"\u003e#555\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/goreleaser/goreleaser-action/commit/e24998b8b67b290c2fa8b7c14fcfa7de2c5c9b8c\"\u003e\u003ccode\u003ee24998b\u003c/code\u003e\u003c/a\u003e ci: drop pre-cosign-v3 goreleaser versions from tests (\u003ca href=\"https://redirect.github.com/goreleaser/goreleaser-action/issues/554\"\u003e#554\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/goreleaser/goreleaser-action/commit/be2e8a39ba2f6daed623e98e8b6662f008cffc8d\"\u003e\u003ccode\u003ebe2e8a3\u003c/code\u003e\u003c/a\u003e docs: document cosign verification in README (\u003ca href=\"https://redirect.github.com/goreleaser/goreleaser-action/issues/553\"\u003e#553\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/goreleaser/goreleaser-action/compare/ec59f474b9834571250b370d4735c50f8e2d1e29...5daf1e915a5f0af01ddbcd89a43b8061ff4f1a89\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\n\n\n\u003c/details\u003e","html_url":"https://github.com/RoFz/vault-plugin-secrets-keycloak/pull/21","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/RoFz%2Fvault-plugin-secrets-keycloak/issues/21","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/21/packages"},{"uuid":"4513455388","node_id":"PR_kwDORpqulM7e3XhH","number":441,"state":"open","title":"chore(deps): bump the actions-minor-patch group with 3 updates","user":"dependabot[bot]","labels":["dependencies","release-notes:internal"],"assignees":[],"locked":false,"comments_count":5,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-25T00:30:45.000Z","updated_at":"2026-05-26T06:11:21.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"actions-minor-patch","update_count":3,"packages":[{"name":"codecov/codecov-action","old_version":"6.0.0","new_version":"6.0.1","repository_url":"https://github.com/codecov/codecov-action"},{"name":"ruby/setup-ruby","old_version":"1.307.0","new_version":"1.308.0","repository_url":"https://github.com/ruby/setup-ruby"},{"name":"actions/create-github-app-token","old_version":"3.1.1","new_version":"3.2.0","repository_url":"https://github.com/actions/create-github-app-token"}],"path":null,"ecosystem":"actions"},"body":"Bumps the actions-minor-patch group with 3 updates: [codecov/codecov-action](https://github.com/codecov/codecov-action), [ruby/setup-ruby](https://github.com/ruby/setup-ruby) and [actions/create-github-app-token](https://github.com/actions/create-github-app-token).\n\nUpdates `codecov/codecov-action` from 6.0.0 to 6.0.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/codecov/codecov-action/releases\"\u003ecodecov/codecov-action's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.0.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: prevent template injection in run: steps (VULN-1652) by \u003ca href=\"https://github.com/thomasrockhu-codecov\"\u003e\u003ccode\u003e@​thomasrockhu-codecov\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1947\"\u003ecodecov/codecov-action#1947\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(release): 6.0.1 by \u003ca href=\"https://github.com/thomasrockhu-codecov\"\u003e\u003ccode\u003e@​thomasrockhu-codecov\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1949\"\u003ecodecov/codecov-action#1949\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/codecov/codecov-action/compare/v6.0.0...v6.0.1\"\u003ehttps://github.com/codecov/codecov-action/compare/v6.0.0...v6.0.1\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md\"\u003ecodecov/codecov-action's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.5.2\u003c/h2\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/codecov/codecov-action/compare/v5.5.1..v5.5.2\"\u003ehttps://github.com/codecov/codecov-action/compare/v5.5.1..v5.5.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.5.1\u003c/h2\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix: overwrite pr number on fork by \u003ca href=\"https://github.com/thomasrockhu-codecov\"\u003e\u003ccode\u003e@​thomasrockhu-codecov\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1871\"\u003ecodecov/codecov-action#1871\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/checkout from 4.2.2 to 5.0.0 by \u003ccode\u003e@​app/dependabot\u003c/code\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1868\"\u003ecodecov/codecov-action#1868\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.29.9 to 3.29.11 by \u003ccode\u003e@​app/dependabot\u003c/code\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1867\"\u003ecodecov/codecov-action#1867\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: update to use local app/ dir by \u003ca href=\"https://github.com/thomasrockhu-codecov\"\u003e\u003ccode\u003e@​thomasrockhu-codecov\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1872\"\u003ecodecov/codecov-action#1872\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: fix typo in README by \u003ca href=\"https://github.com/datalater\"\u003e\u003ccode\u003e@​datalater\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1866\"\u003ecodecov/codecov-action#1866\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDocument a \u003ccode\u003ecodecov-cli\u003c/code\u003e version reference example by \u003ca href=\"https://github.com/webknjaz\"\u003e\u003ccode\u003e@​webknjaz\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1774\"\u003ecodecov/codecov-action#1774\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.28.18 to 3.29.9 by \u003ccode\u003e@​app/dependabot\u003c/code\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1861\"\u003ecodecov/codecov-action#1861\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump ossf/scorecard-action from 2.4.1 to 2.4.2 by \u003ccode\u003e@​app/dependabot\u003c/code\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1833\"\u003ecodecov/codecov-action#1833\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/codecov/codecov-action/compare/v5.5.0..v5.5.1\"\u003ehttps://github.com/codecov/codecov-action/compare/v5.5.0..v5.5.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.5.0\u003c/h2\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efeat: upgrade wrapper to 0.2.4 by \u003ca href=\"https://github.com/jviall\"\u003e\u003ccode\u003e@​jviall\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1864\"\u003ecodecov/codecov-action#1864\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePin actions/github-script by Git SHA by \u003ca href=\"https://github.com/martincostello\"\u003e\u003ccode\u003e@​martincostello\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1859\"\u003ecodecov/codecov-action#1859\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: check reqs exist by \u003ca href=\"https://github.com/joseph-sentry\"\u003e\u003ccode\u003e@​joseph-sentry\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1835\"\u003ecodecov/codecov-action#1835\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: Typo in README by \u003ca href=\"https://github.com/spalmurray\"\u003e\u003ccode\u003e@​spalmurray\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1838\"\u003ecodecov/codecov-action#1838\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: Refine OIDC docs by \u003ca href=\"https://github.com/spalmurray\"\u003e\u003ccode\u003e@​spalmurray\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1837\"\u003ecodecov/codecov-action#1837\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.28.17 to 3.28.18 by \u003ccode\u003e@​app/dependabot\u003c/code\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1829\"\u003ecodecov/codecov-action#1829\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/codecov/codecov-action/compare/v5.4.3..v5.5.0\"\u003ehttps://github.com/codecov/codecov-action/compare/v5.4.3..v5.5.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.4.3\u003c/h2\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.28.13 to 3.28.17 by \u003ccode\u003e@​app/dependabot\u003c/code\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1822\"\u003ecodecov/codecov-action#1822\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: OIDC on forks by \u003ca href=\"https://github.com/joseph-sentry\"\u003e\u003ccode\u003e@​joseph-sentry\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1823\"\u003ecodecov/codecov-action#1823\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/codecov/codecov-action/compare/v5.4.2..v5.4.3\"\u003ehttps://github.com/codecov/codecov-action/compare/v5.4.2..v5.4.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.4.2\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/codecov/codecov-action/commit/e79a6962e0d4c0c17b229090214935d2e33f8354\"\u003e\u003ccode\u003ee79a696\u003c/code\u003e\u003c/a\u003e chore(release): 6.0.1 (\u003ca href=\"https://redirect.github.com/codecov/codecov-action/issues/1949\"\u003e#1949\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/codecov/codecov-action/commit/51e64229ac331acb0d7f7b17c67423995f991c79\"\u003e\u003ccode\u003e51e6422\u003c/code\u003e\u003c/a\u003e fix: prevent template injection in run: steps (VULN-1652) (\u003ca href=\"https://redirect.github.com/codecov/codecov-action/issues/1947\"\u003e#1947\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/codecov/codecov-action/compare/57e3a136b779b570ffcdbf80b3bdc90e7fab3de2...e79a6962e0d4c0c17b229090214935d2e33f8354\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ruby/setup-ruby` from 1.307.0 to 1.308.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ruby/setup-ruby/releases\"\u003eruby/setup-ruby's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.308.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate CRuby releases on Windows by \u003ca href=\"https://github.com/ruby-builder-bot\"\u003e\u003ccode\u003e@​ruby-builder-bot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/setup-ruby/pull/912\"\u003eruby/setup-ruby#912\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ruby/setup-ruby/compare/v1.307.0...v1.308.0\"\u003ehttps://github.com/ruby/setup-ruby/compare/v1.307.0...v1.308.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/setup-ruby/commit/97ecb7b512899eb71ab1bf2310a624c6f1589ac6\"\u003e\u003ccode\u003e97ecb7b\u003c/code\u003e\u003c/a\u003e Update CRuby releases on Windows\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/ruby/setup-ruby/compare/v1.307.0...v1.308.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `actions/create-github-app-token` from 3.1.1 to 3.2.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/create-github-app-token/releases\"\u003eactions/create-github-app-token's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.2.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/compare/v3.1.1...v3.2.0\"\u003e3.2.0\u003c/a\u003e (2026-05-12)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd support for enterprise-level GitHub Apps (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/263\"\u003e#263\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/952a2a7073df6bfa5f49bc469ec895b6ec1acea4\"\u003e952a2a7\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esupport full repository names in \u003ccode\u003erepositories\u003c/code\u003e input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/372\"\u003e#372\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/85eb8dd41472213aed25d1a126460e0069138ab6\"\u003e85eb8dd\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1 in the production-dependencies group (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/364\"\u003e#364\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/43e5c345bfd4d4f3ecea019ad0042001a09dd857\"\u003e43e5c34\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003evalidate private-key input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/376\"\u003e#376\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/f24bbd89643991c0de27ae823c01791b2c6bafdd\"\u003ef24bbd8\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/create-github-app-token/blob/main/CHANGELOG.md\"\u003eactions/create-github-app-token's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/compare/v3.1.1...v3.2.0\"\u003e3.2.0\u003c/a\u003e (2026-05-12)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd support for enterprise-level GitHub Apps (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/263\"\u003e#263\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/952a2a7073df6bfa5f49bc469ec895b6ec1acea4\"\u003e952a2a7\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esupport full repository names in \u003ccode\u003erepositories\u003c/code\u003e input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/372\"\u003e#372\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/85eb8dd41472213aed25d1a126460e0069138ab6\"\u003e85eb8dd\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1 in the production-dependencies group (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/364\"\u003e#364\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/43e5c345bfd4d4f3ecea019ad0042001a09dd857\"\u003e43e5c34\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003evalidate private-key input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/376\"\u003e#376\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/f24bbd89643991c0de27ae823c01791b2c6bafdd\"\u003ef24bbd8\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/bcd2ba49218906704ab6c1aa796996da409d3eb1\"\u003e\u003ccode\u003ebcd2ba4\u003c/code\u003e\u003c/a\u003e chore(main): release 3.2.0 (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/370\"\u003e#370\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/f24bbd89643991c0de27ae823c01791b2c6bafdd\"\u003e\u003ccode\u003ef24bbd8\u003c/code\u003e\u003c/a\u003e fix: validate private-key input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/376\"\u003e#376\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/363531b6d972a60a00b3f1e6bb139e5e6c764cd9\"\u003e\u003ccode\u003e363531b\u003c/code\u003e\u003c/a\u003e docs: capitalize Git as a proper noun in README (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/374\"\u003e#374\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/fd2801133e469d2950f2c5af5e591d6b2ad833c8\"\u003e\u003ccode\u003efd28011\u003c/code\u003e\u003c/a\u003e docs: update procedure to configure Git (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/287\"\u003e#287\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/85eb8dd41472213aed25d1a126460e0069138ab6\"\u003e\u003ccode\u003e85eb8dd\u003c/code\u003e\u003c/a\u003e feat: support full repository names in \u003ccode\u003erepositories\u003c/code\u003e input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/372\"\u003e#372\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/c9aabb83728c3bd519212fa657ebc07e1f2a5dec\"\u003e\u003ccode\u003ec9aabb8\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump yaml from 2.8.3 to 2.8.4 in the development-dependencie...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/e02e816e5591415258a53bf735aff57977dcd5e2\"\u003e\u003ccode\u003ee02e816\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump undici from 7.24.6 to 8.2.0 (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/366\"\u003e#366\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/8d835bfd37aa48fcb8e709925115857568d98bc4\"\u003e\u003ccode\u003e8d835bf\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump esbuild from 0.27.4 to 0.28.0 in the development-depend...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/952a2a7073df6bfa5f49bc469ec895b6ec1acea4\"\u003e\u003ccode\u003e952a2a7\u003c/code\u003e\u003c/a\u003e feat: add support for enterprise-level GitHub Apps (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/263\"\u003e#263\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/43e5c345bfd4d4f3ecea019ad0042001a09dd857\"\u003e\u003ccode\u003e43e5c34\u003c/code\u003e\u003c/a\u003e fix(deps): bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1 in the production-dependenc...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/actions/create-github-app-token/compare/v3.1.1...v3.2.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\n\n\n\u003c/details\u003e","html_url":"https://github.com/fulgur-rs/fulgur/pull/441","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/fulgur-rs%2Ffulgur/issues/441","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/441/packages"},{"uuid":"4512652604","node_id":"PR_kwDOSmrC2c7e08KG","number":4,"state":"open","title":"chore(actions)(deps): bump actions/create-github-app-token from 1.9.3 to 3.2.0","user":"dependabot[bot]","labels":[],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-24T19:17:24.000Z","updated_at":"2026-05-24T19:18:30.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(actions)(deps)","packages":[{"name":"actions/create-github-app-token","old_version":"1.9.3","new_version":"3.2.0","repository_url":"https://github.com/actions/create-github-app-token"}],"path":null,"ecosystem":"actions"},"body":"Bumps [actions/create-github-app-token](https://github.com/actions/create-github-app-token) from 1.9.3 to 3.2.0.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/create-github-app-token/releases\"\u003eactions/create-github-app-token's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.2.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/compare/v3.1.1...v3.2.0\"\u003e3.2.0\u003c/a\u003e (2026-05-12)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd support for enterprise-level GitHub Apps (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/263\"\u003e#263\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/952a2a7073df6bfa5f49bc469ec895b6ec1acea4\"\u003e952a2a7\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esupport full repository names in \u003ccode\u003erepositories\u003c/code\u003e input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/372\"\u003e#372\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/85eb8dd41472213aed25d1a126460e0069138ab6\"\u003e85eb8dd\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1 in the production-dependencies group (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/364\"\u003e#364\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/43e5c345bfd4d4f3ecea019ad0042001a09dd857\"\u003e43e5c34\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003evalidate private-key input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/376\"\u003e#376\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/f24bbd89643991c0de27ae823c01791b2c6bafdd\"\u003ef24bbd8\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.1.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/compare/v3.1.0...v3.1.1\"\u003e3.1.1\u003c/a\u003e (2026-04-11)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eimprove error message when app identifier is empty (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/362\"\u003e#362\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/07e2b760664f080c40eec4eacf7477256582db36\"\u003e07e2b76\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/249\"\u003e#249\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.1.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/compare/v3.0.0...v3.1.0\"\u003e3.1.0\u003c/a\u003e (2026-04-11)\u003c/h1\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump p-retry from 7.1.1 to 8.0.0 (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/357\"\u003e#357\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/3bbe07d928e2d6c30bf3e37c6b89edbc4045facf\"\u003e3bbe07d\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd \u003ccode\u003eclient-id\u003c/code\u003e input and deprecate \u003ccode\u003eapp-id\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/353\"\u003e#353\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/e6bd4e6970172bed9fe138b2eaf4cbffa4cca8f9\"\u003ee6bd4e6\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupdate permission inputs (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/358\"\u003e#358\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/076e9480ca6e9633bff412d05eff0fc2f1e7d2be\"\u003e076e948\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.0.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/compare/v2.2.2...v3.0.0\"\u003e3.0.0\u003c/a\u003e (2026-03-14)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003efeat!: node 24 support (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/275\"\u003e#275\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/2e564a0bb8e7cc2b907b2401a2afe177882d4325\"\u003e2e564a0\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix!: require \u003ccode\u003eNODE_USE_ENV_PROXY\u003c/code\u003e for proxy support (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/342\"\u003e#342\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/4451bcbc139f8124b0bf04f968ea2586b17df458\"\u003e4451bcb\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eremove custom proxy handling (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/143\"\u003e#143\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/dce0ab05f36f30b22fd14289fd36655c618e4e8e\"\u003edce0ab0\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/create-github-app-token/blob/main/CHANGELOG.md\"\u003eactions/create-github-app-token's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/compare/v3.1.1...v3.2.0\"\u003e3.2.0\u003c/a\u003e (2026-05-12)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd support for enterprise-level GitHub Apps (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/263\"\u003e#263\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/952a2a7073df6bfa5f49bc469ec895b6ec1acea4\"\u003e952a2a7\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esupport full repository names in \u003ccode\u003erepositories\u003c/code\u003e input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/372\"\u003e#372\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/85eb8dd41472213aed25d1a126460e0069138ab6\"\u003e85eb8dd\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1 in the production-dependencies group (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/364\"\u003e#364\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/43e5c345bfd4d4f3ecea019ad0042001a09dd857\"\u003e43e5c34\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003evalidate private-key input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/376\"\u003e#376\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/f24bbd89643991c0de27ae823c01791b2c6bafdd\"\u003ef24bbd8\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/bcd2ba49218906704ab6c1aa796996da409d3eb1\"\u003e\u003ccode\u003ebcd2ba4\u003c/code\u003e\u003c/a\u003e chore(main): release 3.2.0 (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/370\"\u003e#370\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/f24bbd89643991c0de27ae823c01791b2c6bafdd\"\u003e\u003ccode\u003ef24bbd8\u003c/code\u003e\u003c/a\u003e fix: validate private-key input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/376\"\u003e#376\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/363531b6d972a60a00b3f1e6bb139e5e6c764cd9\"\u003e\u003ccode\u003e363531b\u003c/code\u003e\u003c/a\u003e docs: capitalize Git as a proper noun in README (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/374\"\u003e#374\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/fd2801133e469d2950f2c5af5e591d6b2ad833c8\"\u003e\u003ccode\u003efd28011\u003c/code\u003e\u003c/a\u003e docs: update procedure to configure Git (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/287\"\u003e#287\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/85eb8dd41472213aed25d1a126460e0069138ab6\"\u003e\u003ccode\u003e85eb8dd\u003c/code\u003e\u003c/a\u003e feat: support full repository names in \u003ccode\u003erepositories\u003c/code\u003e input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/372\"\u003e#372\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/c9aabb83728c3bd519212fa657ebc07e1f2a5dec\"\u003e\u003ccode\u003ec9aabb8\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump yaml from 2.8.3 to 2.8.4 in the development-dependencie...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/e02e816e5591415258a53bf735aff57977dcd5e2\"\u003e\u003ccode\u003ee02e816\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump undici from 7.24.6 to 8.2.0 (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/366\"\u003e#366\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/8d835bfd37aa48fcb8e709925115857568d98bc4\"\u003e\u003ccode\u003e8d835bf\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump esbuild from 0.27.4 to 0.28.0 in the development-depend...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/952a2a7073df6bfa5f49bc469ec895b6ec1acea4\"\u003e\u003ccode\u003e952a2a7\u003c/code\u003e\u003c/a\u003e feat: add support for enterprise-level GitHub Apps (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/263\"\u003e#263\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/43e5c345bfd4d4f3ecea019ad0042001a09dd857\"\u003e\u003ccode\u003e43e5c34\u003c/code\u003e\u003c/a\u003e fix(deps): bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1 in the production-dependenc...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/actions/create-github-app-token/compare/7bfa3a4717ef143a604ee0a99d859b8886a96d00...bcd2ba49218906704ab6c1aa796996da409d3eb1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/create-github-app-token\u0026package-manager=github_actions\u0026previous-version=1.9.3\u0026new-version=3.2.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/JonatasOliveira1983/1crypten-hermes-agent/pull/4","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/JonatasOliveira1983%2F1crypten-hermes-agent/issues/4","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/4/packages"},{"uuid":"4509335886","node_id":"PR_kwDOF93kBM7erQge","number":982,"state":"open","title":"chore(deps): bump actions/create-github-app-token from 3.1.1 to 3.2.0","user":"dependabot[bot]","labels":["dependencies"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-23T19:12:27.000Z","updated_at":"2026-05-23T19:13:12.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps)","packages":[{"name":"actions/create-github-app-token","old_version":"3.1.1","new_version":"3.2.0","repository_url":"https://github.com/actions/create-github-app-token"}],"path":null,"ecosystem":"actions"},"body":"Bumps [actions/create-github-app-token](https://github.com/actions/create-github-app-token) from 3.1.1 to 3.2.0.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/create-github-app-token/releases\"\u003eactions/create-github-app-token's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.2.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/compare/v3.1.1...v3.2.0\"\u003e3.2.0\u003c/a\u003e (2026-05-12)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd support for enterprise-level GitHub Apps (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/263\"\u003e#263\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/952a2a7073df6bfa5f49bc469ec895b6ec1acea4\"\u003e952a2a7\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esupport full repository names in \u003ccode\u003erepositories\u003c/code\u003e input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/372\"\u003e#372\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/85eb8dd41472213aed25d1a126460e0069138ab6\"\u003e85eb8dd\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1 in the production-dependencies group (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/364\"\u003e#364\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/43e5c345bfd4d4f3ecea019ad0042001a09dd857\"\u003e43e5c34\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003evalidate private-key input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/376\"\u003e#376\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/f24bbd89643991c0de27ae823c01791b2c6bafdd\"\u003ef24bbd8\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/create-github-app-token/blob/main/CHANGELOG.md\"\u003eactions/create-github-app-token's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/compare/v3.1.1...v3.2.0\"\u003e3.2.0\u003c/a\u003e (2026-05-12)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd support for enterprise-level GitHub Apps (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/263\"\u003e#263\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/952a2a7073df6bfa5f49bc469ec895b6ec1acea4\"\u003e952a2a7\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esupport full repository names in \u003ccode\u003erepositories\u003c/code\u003e input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/372\"\u003e#372\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/85eb8dd41472213aed25d1a126460e0069138ab6\"\u003e85eb8dd\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1 in the production-dependencies group (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/364\"\u003e#364\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/43e5c345bfd4d4f3ecea019ad0042001a09dd857\"\u003e43e5c34\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003evalidate private-key input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/376\"\u003e#376\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/f24bbd89643991c0de27ae823c01791b2c6bafdd\"\u003ef24bbd8\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/bcd2ba49218906704ab6c1aa796996da409d3eb1\"\u003e\u003ccode\u003ebcd2ba4\u003c/code\u003e\u003c/a\u003e chore(main): release 3.2.0 (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/370\"\u003e#370\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/f24bbd89643991c0de27ae823c01791b2c6bafdd\"\u003e\u003ccode\u003ef24bbd8\u003c/code\u003e\u003c/a\u003e fix: validate private-key input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/376\"\u003e#376\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/363531b6d972a60a00b3f1e6bb139e5e6c764cd9\"\u003e\u003ccode\u003e363531b\u003c/code\u003e\u003c/a\u003e docs: capitalize Git as a proper noun in README (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/374\"\u003e#374\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/fd2801133e469d2950f2c5af5e591d6b2ad833c8\"\u003e\u003ccode\u003efd28011\u003c/code\u003e\u003c/a\u003e docs: update procedure to configure Git (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/287\"\u003e#287\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/85eb8dd41472213aed25d1a126460e0069138ab6\"\u003e\u003ccode\u003e85eb8dd\u003c/code\u003e\u003c/a\u003e feat: support full repository names in \u003ccode\u003erepositories\u003c/code\u003e input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/372\"\u003e#372\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/c9aabb83728c3bd519212fa657ebc07e1f2a5dec\"\u003e\u003ccode\u003ec9aabb8\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump yaml from 2.8.3 to 2.8.4 in the development-dependencie...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/e02e816e5591415258a53bf735aff57977dcd5e2\"\u003e\u003ccode\u003ee02e816\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump undici from 7.24.6 to 8.2.0 (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/366\"\u003e#366\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/8d835bfd37aa48fcb8e709925115857568d98bc4\"\u003e\u003ccode\u003e8d835bf\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump esbuild from 0.27.4 to 0.28.0 in the development-depend...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/952a2a7073df6bfa5f49bc469ec895b6ec1acea4\"\u003e\u003ccode\u003e952a2a7\u003c/code\u003e\u003c/a\u003e feat: add support for enterprise-level GitHub Apps (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/263\"\u003e#263\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/43e5c345bfd4d4f3ecea019ad0042001a09dd857\"\u003e\u003ccode\u003e43e5c34\u003c/code\u003e\u003c/a\u003e fix(deps): bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1 in the production-dependenc...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/actions/create-github-app-token/compare/1b10c78c7865c340bc4f6099eb2f838309f1e8c3...bcd2ba49218906704ab6c1aa796996da409d3eb1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/create-github-app-token\u0026package-manager=github_actions\u0026previous-version=3.1.1\u0026new-version=3.2.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/CycloneDX/cyclonedx-python-lib/pull/982","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/CycloneDX%2Fcyclonedx-python-lib/issues/982","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/982/packages"},{"uuid":"4509028604","node_id":"PR_kwDORAIm-s7eqVw6","number":112,"state":"closed","title":"chore(deps): bump actions/create-github-app-token from 3.1.1 to 3.2.0","user":"dependabot[bot]","labels":["dependencies","github_actions"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":"2026-05-23T17:15:45.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-23T17:12:30.000Z","updated_at":"2026-05-23T17:15:48.000Z","time_to_close":195,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps)","packages":[{"name":"actions/create-github-app-token","old_version":"3.1.1","new_version":"3.2.0","repository_url":"https://github.com/actions/create-github-app-token"}],"path":null,"ecosystem":"actions"},"body":"Bumps [actions/create-github-app-token](https://github.com/actions/create-github-app-token) from 3.1.1 to 3.2.0.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/create-github-app-token/releases\"\u003eactions/create-github-app-token's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.2.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/compare/v3.1.1...v3.2.0\"\u003e3.2.0\u003c/a\u003e (2026-05-12)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd support for enterprise-level GitHub Apps (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/263\"\u003e#263\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/952a2a7073df6bfa5f49bc469ec895b6ec1acea4\"\u003e952a2a7\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esupport full repository names in \u003ccode\u003erepositories\u003c/code\u003e input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/372\"\u003e#372\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/85eb8dd41472213aed25d1a126460e0069138ab6\"\u003e85eb8dd\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1 in the production-dependencies group (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/364\"\u003e#364\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/43e5c345bfd4d4f3ecea019ad0042001a09dd857\"\u003e43e5c34\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003evalidate private-key input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/376\"\u003e#376\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/f24bbd89643991c0de27ae823c01791b2c6bafdd\"\u003ef24bbd8\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/create-github-app-token/blob/main/CHANGELOG.md\"\u003eactions/create-github-app-token's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/compare/v3.1.1...v3.2.0\"\u003e3.2.0\u003c/a\u003e (2026-05-12)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd support for enterprise-level GitHub Apps (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/263\"\u003e#263\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/952a2a7073df6bfa5f49bc469ec895b6ec1acea4\"\u003e952a2a7\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esupport full repository names in \u003ccode\u003erepositories\u003c/code\u003e input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/372\"\u003e#372\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/85eb8dd41472213aed25d1a126460e0069138ab6\"\u003e85eb8dd\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1 in the production-dependencies group (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/364\"\u003e#364\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/43e5c345bfd4d4f3ecea019ad0042001a09dd857\"\u003e43e5c34\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003evalidate private-key input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/376\"\u003e#376\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/f24bbd89643991c0de27ae823c01791b2c6bafdd\"\u003ef24bbd8\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/bcd2ba49218906704ab6c1aa796996da409d3eb1\"\u003e\u003ccode\u003ebcd2ba4\u003c/code\u003e\u003c/a\u003e chore(main): release 3.2.0 (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/370\"\u003e#370\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/f24bbd89643991c0de27ae823c01791b2c6bafdd\"\u003e\u003ccode\u003ef24bbd8\u003c/code\u003e\u003c/a\u003e fix: validate private-key input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/376\"\u003e#376\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/363531b6d972a60a00b3f1e6bb139e5e6c764cd9\"\u003e\u003ccode\u003e363531b\u003c/code\u003e\u003c/a\u003e docs: capitalize Git as a proper noun in README (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/374\"\u003e#374\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/fd2801133e469d2950f2c5af5e591d6b2ad833c8\"\u003e\u003ccode\u003efd28011\u003c/code\u003e\u003c/a\u003e docs: update procedure to configure Git (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/287\"\u003e#287\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/85eb8dd41472213aed25d1a126460e0069138ab6\"\u003e\u003ccode\u003e85eb8dd\u003c/code\u003e\u003c/a\u003e feat: support full repository names in \u003ccode\u003erepositories\u003c/code\u003e input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/372\"\u003e#372\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/c9aabb83728c3bd519212fa657ebc07e1f2a5dec\"\u003e\u003ccode\u003ec9aabb8\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump yaml from 2.8.3 to 2.8.4 in the development-dependencie...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/e02e816e5591415258a53bf735aff57977dcd5e2\"\u003e\u003ccode\u003ee02e816\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump undici from 7.24.6 to 8.2.0 (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/366\"\u003e#366\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/8d835bfd37aa48fcb8e709925115857568d98bc4\"\u003e\u003ccode\u003e8d835bf\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump esbuild from 0.27.4 to 0.28.0 in the development-depend...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/952a2a7073df6bfa5f49bc469ec895b6ec1acea4\"\u003e\u003ccode\u003e952a2a7\u003c/code\u003e\u003c/a\u003e feat: add support for enterprise-level GitHub Apps (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/263\"\u003e#263\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/43e5c345bfd4d4f3ecea019ad0042001a09dd857\"\u003e\u003ccode\u003e43e5c34\u003c/code\u003e\u003c/a\u003e fix(deps): bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1 in the production-dependenc...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/actions/create-github-app-token/compare/1b10c78c7865c340bc4f6099eb2f838309f1e8c3...bcd2ba49218906704ab6c1aa796996da409d3eb1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/create-github-app-token\u0026package-manager=github_actions\u0026previous-version=3.1.1\u0026new-version=3.2.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/noshiro-pf/synstate/pull/112","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/noshiro-pf%2Fsynstate/issues/112","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/112/packages"},{"uuid":"4507509970","node_id":"PR_kwDORYuFXM7elnZC","number":162,"state":"closed","title":"Bump the github-actions group across 1 directory with 6 updates","user":"dependabot[bot]","labels":["dependencies","github_actions"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":"2026-05-24T10:03:25.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-23T08:34:52.000Z","updated_at":"2026-05-24T10:03:27.000Z","time_to_close":91713,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"github-actions","update_count":6,"packages":[{"name":"actions/setup-python","old_version":"5.6.0","new_version":"6.2.0","repository_url":"https://github.com/actions/setup-python"},{"name":"github/codeql-action","old_version":"3.36.0","new_version":"4.36.0","repository_url":"https://github.com/github/codeql-action"},{"name":"milanhorvatovic/codex-ai-code-review-action","old_version":"32cedc30758526efb279b82567144f0585be8321","new_version":"af72a5bd7330432cee97137b04d04edebde80149","repository_url":"https://github.com/milanhorvatovic/codex-ai-code-review-action"},{"name":"actions/upload-artifact","old_version":"4.6.2","new_version":"7.0.1","repository_url":"https://github.com/actions/upload-artifact"},{"name":"actions/download-artifact","old_version":"4.3.0","new_version":"8.0.1","repository_url":"https://github.com/actions/download-artifact"},{"name":"actions/create-github-app-token","old_version":"3.1.1","new_version":"3.2.0","repository_url":"https://github.com/actions/create-github-app-token"}],"path":null,"ecosystem":"actions"},"body":"Bumps the github-actions group with 6 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [actions/setup-python](https://github.com/actions/setup-python) | `5.6.0` | `6.2.0` |\n| [github/codeql-action](https://github.com/github/codeql-action) | `3.36.0` | `4.36.0` |\n| [milanhorvatovic/codex-ai-code-review-action](https://github.com/milanhorvatovic/codex-ai-code-review-action) | `32cedc30758526efb279b82567144f0585be8321` | `af72a5bd7330432cee97137b04d04edebde80149` |\n| [actions/upload-artifact](https://github.com/actions/upload-artifact) | `4.6.2` | `7.0.1` |\n| [actions/download-artifact](https://github.com/actions/download-artifact) | `4.3.0` | `8.0.1` |\n| [actions/create-github-app-token](https://github.com/actions/create-github-app-token) | `3.1.1` | `3.2.0` |\n\n\nUpdates `actions/setup-python` from 5.6.0 to 6.2.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/setup-python/releases\"\u003eactions/setup-python's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.2.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eDependency Upgrades\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade dependencies to Node 24 compatible versions by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-python/pull/1259\"\u003eactions/setup-python#1259\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade urllib3 from 2.5.0 to 2.6.3 in \u003ccode\u003e/__tests__/data\u003c/code\u003e by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-python/pull/1253\"\u003eactions/setup-python#1253\u003c/a\u003e and \u003ca href=\"https://redirect.github.com/actions/setup-python/pull/1264\"\u003eactions/setup-python#1264\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/setup-python/compare/v6...v6.2.0\"\u003ehttps://github.com/actions/setup-python/compare/v6...v6.2.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.1.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eEnhancements:\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for \u003ccode\u003epip-install\u003c/code\u003e input by \u003ca href=\"https://github.com/gowridurgad\"\u003e\u003ccode\u003e@​gowridurgad\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-python/pull/1201\"\u003eactions/setup-python#1201\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd graalpy early-access and windows builds by \u003ca href=\"https://github.com/timfel\"\u003e\u003ccode\u003e@​timfel\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-python/pull/880\"\u003eactions/setup-python#880\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDependency and Documentation updates:\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eEnhanced wording and updated example usage for \u003ccode\u003eallow-prereleases\u003c/code\u003e by \u003ca href=\"https://github.com/yarikoptic\"\u003e\u003ccode\u003e@​yarikoptic\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-python/pull/979\"\u003eactions/setup-python#979\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade urllib3 from 1.26.19 to 2.5.0 and document breaking changes in v6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-python/pull/1139\"\u003eactions/setup-python#1139\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade typescript from 5.4.2 to 5.9.3 and Documentation update by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-python/pull/1094\"\u003eactions/setup-python#1094\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade actions/publish-action from 0.3.0 to 0.4.0 \u0026amp; Documentation update for pip-install input by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-python/pull/1199\"\u003eactions/setup-python#1199\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade requests from 2.32.2 to 2.32.4 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-python/pull/1130\"\u003eactions/setup-python#1130\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade prettier from 3.5.3 to 3.6.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-python/pull/1234\"\u003eactions/setup-python#1234\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade \u003ccode\u003e@​types/node\u003c/code\u003e from 24.1.0 to 24.9.1 and update macos-13 to macos-15-intel by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-python/pull/1235\"\u003eactions/setup-python#1235\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/yarikoptic\"\u003e\u003ccode\u003e@​yarikoptic\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/setup-python/pull/979\"\u003eactions/setup-python#979\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/setup-python/compare/v6...v6.1.0\"\u003ehttps://github.com/actions/setup-python/compare/v6...v6.1.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.0.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade to node 24 by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-python/pull/1164\"\u003eactions/setup-python#1164\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eMake sure your runner is on version v2.327.1 or later to ensure compatibility with this release. \u003ca href=\"https://github.com/actions/runner/releases/tag/v2.327.1\"\u003eSee Release Notes\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eEnhancements:\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for \u003ccode\u003epip-version\u003c/code\u003e  by \u003ca href=\"https://github.com/priyagupta108\"\u003e\u003ccode\u003e@​priyagupta108\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-python/pull/1129\"\u003eactions/setup-python#1129\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eEnhance reading from .python-version by \u003ca href=\"https://github.com/krystof-k\"\u003e\u003ccode\u003e@​krystof-k\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-python/pull/787\"\u003eactions/setup-python#787\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd version parsing from Pipfile by \u003ca href=\"https://github.com/aradkdj\"\u003e\u003ccode\u003e@​aradkdj\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-python/pull/1067\"\u003eactions/setup-python#1067\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug fixes:\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eClarify pythonLocation behaviour for PyPy and GraalPy in environment variables by \u003ca href=\"https://github.com/aparnajyothi-y\"\u003e\u003ccode\u003e@​aparnajyothi-y\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-python/pull/1183\"\u003eactions/setup-python#1183\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eChange missing cache directory error to warning  by \u003ca href=\"https://github.com/aparnajyothi-y\"\u003e\u003ccode\u003e@​aparnajyothi-y\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-python/pull/1182\"\u003eactions/setup-python#1182\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd Architecture-Specific PATH Management for Python with --user Flag on Windows by \u003ca href=\"https://github.com/aparnajyothi-y\"\u003e\u003ccode\u003e@​aparnajyothi-y\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-python/pull/1122\"\u003eactions/setup-python#1122\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eInclude python version in PyPy python-version output by \u003ca href=\"https://github.com/cdce8p\"\u003e\u003ccode\u003e@​cdce8p\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-python/pull/1110\"\u003eactions/setup-python#1110\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate docs: clarification on pip authentication with setup-python by \u003ca href=\"https://github.com/priya-kinthali\"\u003e\u003ccode\u003e@​priya-kinthali\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-python/pull/1156\"\u003eactions/setup-python#1156\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDependency updates:\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade idna from 2.9 to 3.7 in /\u003cstrong\u003etests\u003c/strong\u003e/data by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/setup-python/pull/843\"\u003eactions/setup-python#843\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade form-data to fix critical vulnerabilities \u003ca href=\"https://redirect.github.com/actions/setup-python/issues/182\"\u003e#182\u003c/a\u003e \u0026amp; \u003ca href=\"https://redirect.github.com/actions/setup-python/issues/183\"\u003e#183\u003c/a\u003e by \u003ca href=\"https://github.com/aparnajyothi-y\"\u003e\u003ccode\u003e@​aparnajyothi-y\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-python/pull/1163\"\u003eactions/setup-python#1163\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade setuptools to 78.1.1 to fix path traversal vulnerability in PackageIndex.download by \u003ca href=\"https://github.com/aparnajyothi-y\"\u003e\u003ccode\u003e@​aparnajyothi-y\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-python/pull/1165\"\u003eactions/setup-python#1165\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade actions/checkout from 4 to 5 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/setup-python/pull/1181\"\u003eactions/setup-python#1181\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade \u003ccode\u003e@​actions/tool-cache\u003c/code\u003e from 2.0.1 to 2.0.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/setup-python/pull/1095\"\u003eactions/setup-python#1095\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/setup-python/commit/a309ff8b426b58ec0e2a45f0f869d46889d02405\"\u003e\u003ccode\u003ea309ff8\u003c/code\u003e\u003c/a\u003e Bump urllib3 from 2.6.0 to 2.6.3 in /\u003cstrong\u003etests\u003c/strong\u003e/data (\u003ca href=\"https://redirect.github.com/actions/setup-python/issues/1264\"\u003e#1264\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/setup-python/commit/bfe8cc55a7890e3d6672eda6460ef37bfcc70755\"\u003e\u003ccode\u003ebfe8cc5\u003c/code\u003e\u003c/a\u003e Upgrade \u003ca href=\"https://github.com/actions\"\u003e\u003ccode\u003e@​actions\u003c/code\u003e\u003c/a\u003e dependencies to Node 24 compatible versions (\u003ca href=\"https://redirect.github.com/actions/setup-python/issues/1259\"\u003e#1259\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/setup-python/commit/4f41a90a1f38628c7ccc608d05fbafe701bc20ae\"\u003e\u003ccode\u003e4f41a90\u003c/code\u003e\u003c/a\u003e Bump urllib3 from 2.5.0 to 2.6.0 in /\u003cstrong\u003etests\u003c/strong\u003e/data (\u003ca href=\"https://redirect.github.com/actions/setup-python/issues/1253\"\u003e#1253\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/setup-python/commit/83679a892e2d95755f2dac6acb0bfd1e9ac5d548\"\u003e\u003ccode\u003e83679a8\u003c/code\u003e\u003c/a\u003e Bump \u003ccode\u003e@​types/node\u003c/code\u003e from 24.1.0 to 24.9.1 and update macos-13 to macos-15-intel ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/setup-python/commit/bfc4944b43a5d84377eca3cf6ab5b7992ba61923\"\u003e\u003ccode\u003ebfc4944\u003c/code\u003e\u003c/a\u003e Bump prettier from 3.5.3 to 3.6.2 (\u003ca href=\"https://redirect.github.com/actions/setup-python/issues/1234\"\u003e#1234\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/setup-python/commit/97aeb3efb8a852c559869050c7fb175b4efcc8cf\"\u003e\u003ccode\u003e97aeb3e\u003c/code\u003e\u003c/a\u003e Bump requests from 2.32.2 to 2.32.4 in /\u003cstrong\u003etests\u003c/strong\u003e/data (\u003ca href=\"https://redirect.github.com/actions/setup-python/issues/1130\"\u003e#1130\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/setup-python/commit/443da59188462e2402e2942686db5aa6723f4bed\"\u003e\u003ccode\u003e443da59\u003c/code\u003e\u003c/a\u003e Bump actions/publish-action from 0.3.0 to 0.4.0 \u0026amp; Documentation update for pi...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/setup-python/commit/cfd55ca82492758d853442341ad4d8010466803a\"\u003e\u003ccode\u003ecfd55ca\u003c/code\u003e\u003c/a\u003e graalpy: add graalpy early-access and windows builds (\u003ca href=\"https://redirect.github.com/actions/setup-python/issues/880\"\u003e#880\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/setup-python/commit/bba65e51ff35d50c6dbaaacd8a4681db13aa7cb4\"\u003e\u003ccode\u003ebba65e5\u003c/code\u003e\u003c/a\u003e Bump typescript from 5.4.2 to 5.9.3 and update docs/advanced-usage.md (\u003ca href=\"https://redirect.github.com/actions/setup-python/issues/1094\"\u003e#1094\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/setup-python/commit/18566f86b301499665bd3eb1a2247e0849c64fa5\"\u003e\u003ccode\u003e18566f8\u003c/code\u003e\u003c/a\u003e Improve wording and \u0026quot;fix example\u0026quot; (remove 3.13) on testing against pre-releas...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/actions/setup-python/compare/a26af69be951a213d495a4c3e4e4022e16d87065...a309ff8b426b58ec0e2a45f0f869d46889d02405\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github/codeql-action` from 3.36.0 to 4.36.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/github/codeql-action/releases\"\u003egithub/codeql-action's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.36.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cem\u003eBreaking change\u003c/em\u003e: Bump the minimum required CodeQL bundle version to 2.19.4. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3894\"\u003e#3894\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd support for SHA-256 Git object IDs. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3893\"\u003e#3893\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.5\"\u003e2.25.5\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3926\"\u003e#3926\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.35.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eWe have improved how the JavaScript bundles for the CodeQL Action are generated to avoid duplication across bundles and reduce the size of the repository by around 70%. This should have no effect on the runtime behaviour of the CodeQL Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3899\"\u003e#3899\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFor performance and accuracy reasons, \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e will now only be enabled on a pull request when diff-informed analysis is also enabled for that run. If diff-informed analysis is unavailable (for example, because the PR diff ranges could not be computed), the action will fall back to a full analysis. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3791\"\u003e#3791\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIf multiple inputs are provided for the GitHub-internal \u003ccode\u003eanalysis-kinds\u003c/code\u003e input, only \u003ccode\u003ecode-scanning\u003c/code\u003e will be enabled. The \u003ccode\u003eanalysis-kinds\u003c/code\u003e input is experimental, for GitHub-internal use only, and may change without notice at any time. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3892\"\u003e#3892\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded an experimental change which, when running a Code Scanning analysis for a PR with \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e enabled, prefers CodeQL CLI versions that have a cached overlay-base database for the configured languages. This speeds up analysis for a repository when there is not yet a cached overlay-base database for the latest CLI version. We expect to roll this change out to everyone in May. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3880\"\u003e#3880\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.35.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.4\"\u003e2.25.4\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3881\"\u003e#3881\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.35.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cem\u003eUpcoming breaking change\u003c/em\u003e: Add a deprecation warning for customers using CodeQL version 2.19.3 and earlier. These versions of CodeQL were discontinued on 9 April 2026 alongside GitHub Enterprise Server 3.15, and will be unsupported by the next minor release of the CodeQL Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3837\"\u003e#3837\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eConfigurations for private registries that use Cloudsmith or GCP OIDC are now accepted. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3850\"\u003e#3850\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBest-effort connection tests for private registries now use \u003ccode\u003eGET\u003c/code\u003e requests instead of \u003ccode\u003eHEAD\u003c/code\u003e for better compatibility with various registry implementations. For NuGet feeds, the test is now always performed against the service index. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3853\"\u003e#3853\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed a bug where two diagnostics produced within the same millisecond could overwrite each other on disk, causing one of them to be lost. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3852\"\u003e#3852\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.3\"\u003e2.25.3\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3865\"\u003e#3865\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.35.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eThe undocumented TRAP cache cleanup feature that could be enabled using the \u003ccode\u003eCODEQL_ACTION_CLEANUP_TRAP_CACHES\u003c/code\u003e environment variable is deprecated and will be removed in May 2026. If you are affected by this, we recommend disabling TRAP caching by passing the \u003ccode\u003etrap-caching: false\u003c/code\u003e input to the \u003ccode\u003einit\u003c/code\u003e Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3795\"\u003e#3795\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe Git version 2.36.0 requirement for improved incremental analysis now only applies to repositories that contain submodules. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3789\"\u003e#3789\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePython analysis on GHES no longer extracts the standard library, relying instead on models of the standard library. This should result in significantly faster extraction and analysis times, while the effect on alerts should be minimal. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3794\"\u003e#3794\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed a bug in the validation of OIDC configurations for private registries that was added in CodeQL Action 4.33.0 / 3.33.0. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3807\"\u003e#3807\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.2\"\u003e2.25.2\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3823\"\u003e#3823\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.35.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix incorrect minimum required Git version for \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e: it should have been 2.36.0, not 2.11.0. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3781\"\u003e#3781\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.35.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReduced the minimum Git version required for \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e from 2.38.0 to 2.11.0. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3767\"\u003e#3767\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.1\"\u003e2.25.1\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3773\"\u003e#3773\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.34.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDowngrade default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.3\"\u003e2.24.3\u003c/a\u003e due to issues with a small percentage of Actions and JavaScript analyses. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3762\"\u003e#3762\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.34.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded an experimental change which disables TRAP caching when \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e is enabled, since improved incremental analysis supersedes TRAP caching. This will improve performance and reduce Actions cache usage. We expect to roll this change out to everyone in March. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3569\"\u003e#3569\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eWe are rolling out improved incremental analysis to C/C++ analyses that use build mode \u003ccode\u003enone\u003c/code\u003e. We expect this rollout to be complete by the end of April 2026. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3584\"\u003e#3584\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.0\"\u003e2.25.0\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3585\"\u003e#3585\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.33.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eUpcoming change: Starting April 2026, the CodeQL Action will skip collecting file coverage information on pull requests to improve analysis performance. File coverage information will still be computed on non-PR analyses. Pull request analyses will log a warning about this upcoming change. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3562\"\u003e#3562\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eTo opt out of this change:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eRepositories owned by an organization:\u003c/strong\u003e Create a custom repository property with the name \u003ccode\u003egithub-codeql-file-coverage-on-prs\u003c/code\u003e and the type \u0026quot;True/false\u0026quot;, then set this property to \u003ccode\u003etrue\u003c/code\u003e in the repository's settings. For more information, see \u003ca href=\"https://docs.github.com/en/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization\"\u003eManaging custom properties for repositories in your organization\u003c/a\u003e. Alternatively, if you are using an advanced setup workflow, you can set the \u003ccode\u003eCODEQL_ACTION_FILE_COVERAGE_ON_PRS\u003c/code\u003e environment variable to \u003ccode\u003etrue\u003c/code\u003e in your workflow.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUser-owned repositories using default setup:\u003c/strong\u003e Switch to an advanced setup workflow and set the \u003ccode\u003eCODEQL_ACTION_FILE_COVERAGE_ON_PRS\u003c/code\u003e environment variable to \u003ccode\u003etrue\u003c/code\u003e in your workflow.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUser-owned repositories using advanced setup:\u003c/strong\u003e Set the \u003ccode\u003eCODEQL_ACTION_FILE_COVERAGE_ON_PRS\u003c/code\u003e environment variable to \u003ccode\u003etrue\u003c/code\u003e in your workflow.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/github/codeql-action/blob/main/CHANGELOG.md\"\u003egithub/codeql-action's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eCodeQL Action Changelog\u003c/h1\u003e\n\u003cp\u003eSee the \u003ca href=\"https://github.com/github/codeql-action/releases\"\u003ereleases page\u003c/a\u003e for the relevant changes to the CodeQL CLI and language packs.\u003c/p\u003e\n\u003ch2\u003e[UNRELEASED]\u003c/h2\u003e\n\u003cp\u003eNo user facing changes.\u003c/p\u003e\n\u003ch2\u003e4.36.0 - 22 May 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cem\u003eBreaking change\u003c/em\u003e: Bump the minimum required CodeQL bundle version to 2.19.4. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3894\"\u003e#3894\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd support for SHA-256 Git object IDs. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3893\"\u003e#3893\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.5\"\u003e2.25.5\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3926\"\u003e#3926\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.5 - 15 May 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eWe have improved how the JavaScript bundles for the CodeQL Action are generated to avoid duplication across bundles and reduce the size of the repository by around 70%. This should have no effect on the runtime behaviour of the CodeQL Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3899\"\u003e#3899\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFor performance and accuracy reasons, \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e will now only be enabled on a pull request when diff-informed analysis is also enabled for that run. If diff-informed analysis is unavailable (for example, because the PR diff ranges could not be computed), the action will fall back to a full analysis. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3791\"\u003e#3791\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIf multiple inputs are provided for the GitHub-internal \u003ccode\u003eanalysis-kinds\u003c/code\u003e input, only \u003ccode\u003ecode-scanning\u003c/code\u003e will be enabled. The \u003ccode\u003eanalysis-kinds\u003c/code\u003e input is experimental, for GitHub-internal use only, and may change without notice at any time. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3892\"\u003e#3892\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded an experimental change which, when running a Code Scanning analysis for a PR with \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e enabled, prefers CodeQL CLI versions that have a cached overlay-base database for the configured languages. This speeds up analysis for a repository when there is not yet a cached overlay-base database for the latest CLI version. We expect to roll this change out to everyone in May. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3880\"\u003e#3880\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.4 - 07 May 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.4\"\u003e2.25.4\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3881\"\u003e#3881\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.3 - 01 May 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cem\u003eUpcoming breaking change\u003c/em\u003e: Add a deprecation warning for customers using CodeQL version 2.19.3 and earlier. These versions of CodeQL were discontinued on 9 April 2026 alongside GitHub Enterprise Server 3.15, and will be unsupported by the next minor release of the CodeQL Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3837\"\u003e#3837\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eConfigurations for private registries that use Cloudsmith or GCP OIDC are now accepted. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3850\"\u003e#3850\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBest-effort connection tests for private registries now use \u003ccode\u003eGET\u003c/code\u003e requests instead of \u003ccode\u003eHEAD\u003c/code\u003e for better compatibility with various registry implementations. For NuGet feeds, the test is now always performed against the service index. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3853\"\u003e#3853\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed a bug where two diagnostics produced within the same millisecond could overwrite each other on disk, causing one of them to be lost. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3852\"\u003e#3852\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.3\"\u003e2.25.3\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3865\"\u003e#3865\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.2 - 15 Apr 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eThe undocumented TRAP cache cleanup feature that could be enabled using the \u003ccode\u003eCODEQL_ACTION_CLEANUP_TRAP_CACHES\u003c/code\u003e environment variable is deprecated and will be removed in May 2026. If you are affected by this, we recommend disabling TRAP caching by passing the \u003ccode\u003etrap-caching: false\u003c/code\u003e input to the \u003ccode\u003einit\u003c/code\u003e Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3795\"\u003e#3795\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe Git version 2.36.0 requirement for improved incremental analysis now only applies to repositories that contain submodules. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3789\"\u003e#3789\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePython analysis on GHES no longer extracts the standard library, relying instead on models of the standard library. This should result in significantly faster extraction and analysis times, while the effect on alerts should be minimal. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3794\"\u003e#3794\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed a bug in the validation of OIDC configurations for private registries that was added in CodeQL Action 4.33.0 / 3.33.0. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3807\"\u003e#3807\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.2\"\u003e2.25.2\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3823\"\u003e#3823\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.1 - 27 Mar 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix incorrect minimum required Git version for \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e: it should have been 2.36.0, not 2.11.0. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3781\"\u003e#3781\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.0 - 27 Mar 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReduced the minimum Git version required for \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e from 2.38.0 to 2.11.0. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3767\"\u003e#3767\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.1\"\u003e2.25.1\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3773\"\u003e#3773\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/8442bc0af97ee8be3c2911e416d000f604f3e676\"\u003e\u003ccode\u003e8442bc0\u003c/code\u003e\u003c/a\u003e Release process: Automatically rebuild PRs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/26a1e570a60fdfa4479615ce1b9b70530319e14f\"\u003e\u003ccode\u003e26a1e57\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3913\"\u003e#3913\u003c/a\u003e from github/henrymercer/downgrade-ava\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/9b6438e93682cb5c2fab835f4e49084118ab1106\"\u003e\u003ccode\u003e9b6438e\u003c/code\u003e\u003c/a\u003e Tweak workflow\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/b5b50d62f11c6c50894a7083c6e4cda7f1bf112a\"\u003e\u003ccode\u003eb5b50d6\u003c/code\u003e\u003c/a\u003e Merge branch 'main' into henrymercer/repo-size-diff-check\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/9665bc2f5a0208583e1c0e97e1cba8e6497d6d44\"\u003e\u003ccode\u003e9665bc2\u003c/code\u003e\u003c/a\u003e Downgrade ava to version 6.4.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/5a80681bb6c514957ebf142061bb9243575ad592\"\u003e\u003ccode\u003e5a80681\u003c/code\u003e\u003c/a\u003e Address review comments\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/github/codeql-action/compare/03e4368ac7daa2bd82b3e85262f3bf87ee112f57...7211b7c8077ea37d8641b6271f6a365a22a5fbfa\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `milanhorvatovic/codex-ai-code-review-action` from 32cedc30758526efb279b82567144f0585be8321 to af72a5bd7330432cee97137b04d04edebde80149\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/milanhorvatovic/codex-ai-code-review-action/blob/main/CHANGELOG.md\"\u003emilanhorvatovic/codex-ai-code-review-action's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003cp\u003eAll notable changes to this project will be documented in this file.\u003c/p\u003e\n\u003cp\u003eThe format is based on \u003ca href=\"https://keepachangelog.com/en/1.1.0/\"\u003eKeep a Changelog\u003c/a\u003e, and this project adheres to \u003ca href=\"https://semver.org/spec/v2.0.0.html\"\u003eSemantic Versioning\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003e[2.1.0] - 2026-05-13\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eci: dogfood the action on this repository's own PRs (\u003ca href=\"https://redirect.github.com/milanhorvatovic/codex-ai-code-review-action/pull/107\"\u003e#107\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eci: lint workflows with actionlint (\u003ca href=\"https://redirect.github.com/milanhorvatovic/codex-ai-code-review-action/pull/86\"\u003e#86\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efeat: automate release preparation via PR-driven workflow (\u003ca href=\"https://redirect.github.com/milanhorvatovic/codex-ai-code-review-action/pull/85\"\u003e#85\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efeat(prepare): add review-reference-source: base for tamper-resistant policy reads (\u003ca href=\"https://redirect.github.com/milanhorvatovic/codex-ai-code-review-action/pull/118\"\u003e#118\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBump vite to 8.0.5 to fix 3 Dependabot security alerts (\u003ca href=\"https://redirect.github.com/milanhorvatovic/codex-ai-code-review-action/pull/28\"\u003e#28\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003echore: unify and bump third-party action pins to latest (\u003ca href=\"https://redirect.github.com/milanhorvatovic/codex-ai-code-review-action/pull/67\"\u003e#67\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eci: harden Dependabot pipeline (concurrency + commit-message scope) (\u003ca href=\"https://redirect.github.com/milanhorvatovic/codex-ai-code-review-action/pull/142\"\u003e#142\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edocs: add enterprise fork/internal-mirror adoption path (\u003ca href=\"https://redirect.github.com/milanhorvatovic/codex-ai-code-review-action/pull/63\"\u003e#63\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edocs: add guidance for pinning action refs (\u003ca href=\"https://redirect.github.com/milanhorvatovic/codex-ai-code-review-action/pull/55\"\u003e#55\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edocs: add hardened production workflow example (\u003ca href=\"https://redirect.github.com/milanhorvatovic/codex-ai-code-review-action/pull/62\"\u003e#62\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edocs: add minimal quick start hardening disclaimer (\u003ca href=\"https://redirect.github.com/milanhorvatovic/codex-ai-code-review-action/pull/53\"\u003e#53\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edocs: add public-repo vs private-repo security guidance (\u003ca href=\"https://redirect.github.com/milanhorvatovic/codex-ai-code-review-action/pull/64\"\u003e#64\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edocs: add Responsibility boundary subsection to Security guidance (\u003ca href=\"https://redirect.github.com/milanhorvatovic/codex-ai-code-review-action/pull/65\"\u003e#65\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edocs: add Trust model section and refresh SECURITY.md (\u003ca href=\"https://redirect.github.com/milanhorvatovic/codex-ai-code-review-action/pull/60\"\u003e#60\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edocs: rename Quick start to Minimal quick start; add markdown-link-check config (\u003ca href=\"https://redirect.github.com/milanhorvatovic/codex-ai-code-review-action/pull/57\"\u003e#57\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edocs: standardize on US English and add documentation tone/style guide (\u003ca href=\"https://redirect.github.com/milanhorvatovic/codex-ai-code-review-action/pull/72\"\u003e#72\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edocs: warn against pull_request_target (\u003ca href=\"https://redirect.github.com/milanhorvatovic/codex-ai-code-review-action/pull/54\"\u003e#54\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eExtract verify-dist \u0026amp; setup-node-deps composites; split Verify Dist workflow; restore dist/ (\u003ca href=\"https://redirect.github.com/milanhorvatovic/codex-ai-code-review-action/pull/58\"\u003e#58\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efeat(prepare): add exclude-paths input for diff-level path exclusion (\u003ca href=\"https://redirect.github.com/milanhorvatovic/codex-ai-code-review-action/pull/121\"\u003e#121\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efeat(publish): flip fail-on-missing-chunks default to true in v2.1.0 (\u003ca href=\"https://redirect.github.com/milanhorvatovic/codex-ai-code-review-action/pull/116\"\u003e#116\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efeat(publish): Incomplete review banner + fail-on-missing-chunks input (\u003ca href=\"https://redirect.github.com/milanhorvatovic/codex-ai-code-review-action/pull/61\"\u003e#61\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix: stop SHA-only self-bumps from blocking Dependabot auto-merge (\u003ca href=\"https://redirect.github.com/milanhorvatovic/codex-ai-code-review-action/pull/113\"\u003e#113\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003esecurity: reject path traversal and symlinks in review-reference-file (\u003ca href=\"https://redirect.github.com/milanhorvatovic/codex-ai-code-review-action/pull/98\"\u003e#98\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edocs: document release-automation App identity in SECURITY.md (\u003ca href=\"https://redirect.github.com/milanhorvatovic/codex-ai-code-review-action/pull/84\"\u003e#84\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edocs: update production docs and setup guidance for v2.1.0 (\u003ca href=\"https://redirect.github.com/milanhorvatovic/codex-ai-code-review-action/pull/102\"\u003e#102\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esecurity: reject path traversal and symlinks in review-reference-file (\u003ca href=\"https://redirect.github.com/milanhorvatovic/codex-ai-code-review-action/pull/98\"\u003e#98\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDependencies\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echore: bump eslint from 10.2.1 to 10.3.0 in the dev-dependencies group (\u003ca href=\"https://redirect.github.com/milanhorvatovic/codex-ai-code-review-action/pull/111\"\u003e#111\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003echore: bump fast-xml-builder from 1.1.5 to 1.2.0 in the npm_and_yarn group across 1 directory (\u003ca href=\"https://redirect.github.com/milanhorvatovic/codex-ai-code-review-action/pull/130\"\u003e#130\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/milanhorvatovic/codex-ai-code-review-action/compare/32cedc30758526efb279b82567144f0585be8321...af72a5bd7330432cee97137b04d04edebde80149\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `actions/upload-artifact` from 4.6.2 to 7.0.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/upload-artifact/releases\"\u003eactions/upload-artifact's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.0.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate the readme with direct upload details by \u003ca href=\"https://github.com/danwkennedy\"\u003e\u003ccode\u003e@​danwkennedy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/upload-artifact/pull/795\"\u003eactions/upload-artifact#795\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eReadme: bump all the example versions to v7 by \u003ca href=\"https://github.com/danwkennedy\"\u003e\u003ccode\u003e@​danwkennedy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/upload-artifact/pull/796\"\u003eactions/upload-artifact#796\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eInclude changes in typespec/ts-http-runtime 0.3.5 by \u003ca href=\"https://github.com/yacaovsnc\"\u003e\u003ccode\u003e@​yacaovsnc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/upload-artifact/pull/797\"\u003eactions/upload-artifact#797\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/upload-artifact/compare/v7...v7.0.1\"\u003ehttps://github.com/actions/upload-artifact/compare/v7...v7.0.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev7.0.0\u003c/h2\u003e\n\u003ch2\u003ev7 What's new\u003c/h2\u003e\n\u003ch3\u003eDirect Uploads\u003c/h3\u003e\n\u003cp\u003eAdds support for uploading single files directly (unzipped). Callers can set the new \u003ccode\u003earchive\u003c/code\u003e parameter to \u003ccode\u003efalse\u003c/code\u003e to skip zipping the file during upload. Right now, we only support single files. The action will fail if the glob passed resolves to multiple files. The \u003ccode\u003ename\u003c/code\u003e parameter is also ignored with this setting. Instead, the name of the artifact will be the name of the uploaded file.\u003c/p\u003e\n\u003ch3\u003eESM\u003c/h3\u003e\n\u003cp\u003eTo support new versions of the \u003ccode\u003e@actions/*\u003c/code\u003e packages, we've upgraded the package to ESM.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd proxy integration test by \u003ca href=\"https://github.com/Link\"\u003e\u003ccode\u003e@​Link\u003c/code\u003e\u003c/a\u003e- in \u003ca href=\"https://redirect.github.com/actions/upload-artifact/pull/754\"\u003eactions/upload-artifact#754\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade the module to ESM and bump dependencies by \u003ca href=\"https://github.com/danwkennedy\"\u003e\u003ccode\u003e@​danwkennedy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/upload-artifact/pull/762\"\u003eactions/upload-artifact#762\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSupport direct file uploads by \u003ca href=\"https://github.com/danwkennedy\"\u003e\u003ccode\u003e@​danwkennedy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/upload-artifact/pull/764\"\u003eactions/upload-artifact#764\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Link\"\u003e\u003ccode\u003e@​Link\u003c/code\u003e\u003c/a\u003e- made their first contribution in \u003ca href=\"https://redirect.github.com/actions/upload-artifact/pull/754\"\u003eactions/upload-artifact#754\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/upload-artifact/compare/v6...v7.0.0\"\u003ehttps://github.com/actions/upload-artifact/compare/v6...v7.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.0.0\u003c/h2\u003e\n\u003ch2\u003ev6 - What's new\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!IMPORTANT]\nactions/upload-artifact@v6 now runs on Node.js 24 (\u003ccode\u003eruns.using: node24\u003c/code\u003e) and requires a minimum Actions Runner version of 2.327.1. If you are using self-hosted runners, ensure they are updated before upgrading.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003ch3\u003eNode.js 24\u003c/h3\u003e\n\u003cp\u003eThis release updates the runtime to Node.js 24. v5 had preliminary support for Node.js 24, however this action was by default still running on Node.js 20. Now this action by default will run on Node.js 24.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpload Artifact Node 24 support by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/upload-artifact/pull/719\"\u003eactions/upload-artifact#719\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: update \u003ccode\u003e@​actions/artifact\u003c/code\u003e for Node.js 24 punycode deprecation by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/upload-artifact/pull/744\"\u003eactions/upload-artifact#744\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eprepare release v6.0.0 for Node.js 24 support by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/upload-artifact/pull/745\"\u003eactions/upload-artifact#745\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/upload-artifact/compare/v5.0.0...v6.0.0\"\u003ehttps://github.com/actions/upload-artifact/compare/v5.0.0...v6.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.0.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-artifact/commit/043fb46d1a93c77aae656e7c1c64a875d1fc6a0a\"\u003e\u003ccode\u003e043fb46\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/upload-artifact/issues/797\"\u003e#797\u003c/a\u003e from actions/yacaovsnc/update-dependency\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-artifact/commit/634250c1388765ea7ed0f053e636f1f399000b94\"\u003e\u003ccode\u003e634250c\u003c/code\u003e\u003c/a\u003e Include changes in typespec/ts-http-runtime 0.3.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-artifact/commit/e454baaac2be505c9450e11b8f3215c6fc023ce8\"\u003e\u003ccode\u003ee454baa\u003c/code\u003e\u003c/a\u003e Readme: bump all the example versions to v7 (\u003ca href=\"https://redirect.github.com/actions/upload-artifact/issues/796\"\u003e#796\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-artifact/commit/74fad66b98a6d799dc004d3353ccd0e6f6b2530e\"\u003e\u003ccode\u003e74fad66\u003c/code\u003e\u003c/a\u003e Update the readme with direct upload details (\u003ca href=\"https://redirect.github.com/actions/upload-artifact/issues/795\"\u003e#795\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-artifact/commit/bbbca2ddaa5d8feaa63e36b76fdaad77386f024f\"\u003e\u003ccode\u003ebbbca2d\u003c/code\u003e\u003c/a\u003e Support direct file uploads (\u003ca href=\"https://redirect.github.com/actions/upload-artifact/issues/764\"\u003e#764\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-artifact/commit/589182c5a4cec8920b8c1bce3e2fab1c97a02296\"\u003e\u003ccode\u003e589182c\u003c/code\u003e\u003c/a\u003e Upgrade the module to ESM and bump dependencies (\u003ca href=\"https://redirect.github.com/actions/upload-artifact/issues/762\"\u003e#762\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-artifact/commit/47309c993abb98030a35d55ef7ff34b7fa1074b5\"\u003e\u003ccode\u003e47309c9\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/upload-artifact/issues/754\"\u003e#754\u003c/a\u003e from actions/Link-/add-proxy-integration-tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-artifact/commit/02a8460834e70dab0ce194c64360c59dc1475ef0\"\u003e\u003ccode\u003e02a8460\u003c/code\u003e\u003c/a\u003e Add proxy integration test\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-artifact/commit/b7c566a772e6b6bfb58ed0dc250532a479d7789f\"\u003e\u003ccode\u003eb7c566a\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/upload-artifact/issues/745\"\u003e#745\u003c/a\u003e from actions/upload-artifact-v6-release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-artifact/commit/e516bc8500aaf3d07d591fcd4ae6ab5f9c391d5b\"\u003e\u003ccode\u003ee516bc8\u003c/code\u003e\u003c/a\u003e docs: correct description of Node.js 24 support in README\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/actions/upload-artifact/compare/v4.6.2...043fb46d1a93c77aae656e7c1c64a875d1fc6a0a\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `actions/download-artifact` from 4.3.0 to 8.0.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/download-artifact/releases\"\u003eactions/download-artifact's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev8.0.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSupport for CJK characters in the artifact name by \u003ca href=\"https://github.com/danwkennedy\"\u003e\u003ccode\u003e@​danwkennedy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/download-artifact/pull/471\"\u003eactions/download-artifact#471\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd a regression test for artifact name + content-type mismatches by \u003ca href=\"https://github.com/danwkennedy\"\u003e\u003ccode\u003e@​danwkennedy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/download-artifact/pull/472\"\u003eactions/download-artifact#472\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/download-artifact/compare/v8...v8.0.1\"\u003ehttps://github.com/actions/download-artifact/compare/v8...v8.0.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev8.0.0\u003c/h2\u003e\n\u003ch2\u003ev8 - What's new\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!IMPORTANT]\nactions/download-artifact@v8 has been migrated to an ESM module. This should be transparent to the caller but forks might need to make significant changes.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!IMPORTANT]\nHash mismatches will now error by default. Users can override this behavior with a setting change (see below).\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003ch3\u003eDirect downloads\u003c/h3\u003e\n\u003cp\u003eTo support direct uploads in \u003ccode\u003eactions/upload-artifact\u003c/code\u003e, the action will no longer attempt to unzip all downloaded files. Instead, the action checks the \u003ccode\u003eContent-Type\u003c/code\u003e header ahead of unzipping and skips non-zipped files. Callers wishing to download a zipped file as-is can also set the new \u003ccode\u003eskip-decompress\u003c/code\u003e parameter to \u003ccode\u003etrue\u003c/code\u003e.\u003c/p\u003e\n\u003ch3\u003eEnforced checks (breaking)\u003c/h3\u003e\n\u003cp\u003eA previous release introduced digest checks on the download. If a download hash didn't match the expected hash from the server, the action would log a warning. Callers can now configure the behavior on mismatch with the \u003ccode\u003edigest-mismatch\u003c/code\u003e parameter. To be secure by default, we are now defaulting the behavior to \u003ccode\u003eerror\u003c/code\u003e which will fail the workflow run.\u003c/p\u003e\n\u003ch3\u003eESM\u003c/h3\u003e\n\u003cp\u003eTo support new versions of the @actions/* packages, we've upgraded the package to ESM.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDon't attempt to un-zip non-zipped downloads by \u003ca href=\"https://github.com/danwkennedy\"\u003e\u003ccode\u003e@​danwkennedy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/download-artifact/pull/460\"\u003eactions/download-artifact#460\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd a setting to specify what to do on hash mismatch and default it to \u003ccode\u003eerror\u003c/code\u003e by \u003ca href=\"https://github.com/danwkennedy\"\u003e\u003ccode\u003e@​danwkennedy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/download-artifact/pull/461\"\u003eactions/download-artifact#461\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/download-artifact/compare/v7...v8.0.0\"\u003ehttps://github.com/actions/download-artifact/compare/v7...v8.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev7.0.0\u003c/h2\u003e\n\u003ch2\u003ev7 - What's new\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!IMPORTANT]\nactions/download-artifact@v7 now runs on Node.js 24 (\u003ccode\u003eruns.using: node24\u003c/code\u003e) and requires a minimum Actions Runner version of 2.327.1. If you are using self-hosted runners, ensure they are updated before upgrading.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003ch3\u003eNode.js 24\u003c/h3\u003e\n\u003cp\u003eThis release updates the runtime to Node.js 24. v6 had preliminary support for Node 24, however this action was by default still running on Node.js 20. Now this action by default will run on Node.js 24.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate GHES guidance to include reference to Node 20 version by \u003ca href=\"https://github.com/patrikpolyak\"\u003e\u003ccode\u003e@​patrikpolyak\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/download-artifact/pull/440\"\u003eactions/download-artifact#440\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDownload Artifact Node24 support by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/download-artifact/pull/415\"\u003eactions/download-artifact#415\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: update \u003ccode\u003e@​actions/artifact\u003c/code\u003e to fix Node.js 24 punycode deprecation by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/download-artifact/pull/451\"\u003eactions/download-artifact#451\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eprepare release v7.0.0 for Node.js 24 support by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/download-artifact/pull/452\"\u003eactions/download-artifact#452\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/download-artifact/commit/3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c\"\u003e\u003ccode\u003e3e5f45b\u003c/code\u003e\u003c/a\u003e Add regression tests for CJK characters (\u003ca href=\"https://redirect.github.com/actions/download-artifact/issues/471\"\u003e#471\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/download-artifact/commit/e6d03f67377d4412c7aa56a8e2e4988e6ec479dd\"\u003e\u003ccode\u003ee6d03f6\u003c/code\u003e\u003c/a\u003e Add a regression test for artifact name + content-type mismatches (\u003ca href=\"https://redirect.github.com/actions/download-artifact/issues/472\"\u003e#472\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/download-artifact/commit/70fc10c6e5e1ce46ad2ea6f2b72d43f7d47b13c3\"\u003e\u003ccode\u003e70fc10c\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/download-artifact/issues/461\"\u003e#461\u003c/a\u003e from actions/danwkennedy/digest-mismatch-behavior\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/download-artifact/commit/f258da9a506b755b84a09a531814700b86ccfc62\"\u003e\u003ccode\u003ef258da9\u003c/code\u003e\u003c/a\u003e Add change docs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/download-artifact/commit/ccc058e5fbb0bb2352213eaec3491e117cbc4a5c\"\u003e\u003ccode\u003eccc058e\u003c/code\u003e\u003c/a\u003e Fix linting issues\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/download-artifact/commit/bd7976ba57ecea96e6f3df575eb922d11a12a9fd\"\u003e\u003ccode\u003ebd7976b\u003c/code\u003e\u003c/a\u003e Add a setting to specify what to do on hash mismatch and default it to \u003ccode\u003eerror\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/download-artifact/commit/ac21fcf45e0aaee541c0f7030558bdad38d77d6c\"\u003e\u003ccode\u003eac21fcf\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/download-artifact/issues/460\"\u003e#460\u003c/a\u003e from actions/danwkennedy/download-no-unzip\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/download-artifact/commit/15999bff51058bc7c19b50ebbba518eaef7c26c0\"\u003e\u003ccode\u003e15999bf\u003c/code\u003e\u003c/a\u003e Add note about package bumps\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/download-artifact/commit/974686ed5098c7f9c9289ec946b9058e496a2561\"\u003e\u003ccode\u003e974686e\u003c/code\u003e\u003c/a\u003e Bump the version to \u003ccode\u003ev8\u003c/code\u003e and add release notes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/download-artifact/commit/fbe48b1d2756394be4cd4358ed3bc1343b330e75\"\u003e\u003ccode\u003efbe48b1\u003c/code\u003e\u003c/a\u003e Update test names to make it clearer what they do\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/actions/download-artifact/compare/v4.3.0...3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `actions/create-github-app-token` from 3.1.1 to 3.2.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/create-github-app-token/releases\"\u003eactions/create-github-app-token's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.2.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/compare/v3.1.1...v3.2.0\"\u003e3.2.0\u003c/a\u003e (2026-05-12)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd support for enterprise-level GitHub Apps (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/263\"\u003e#263\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/952a2a7073df6bfa5f49bc469ec895b6ec1acea4\"\u003e952a2a7\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esupport full repository names in \u003ccode\u003erepositories\u003c/code\u003e input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/372\"\u003e#372\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/85eb8dd41472213aed25d1a126460e0069138ab6\"\u003e85eb8dd\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1 in the production-dependencies group (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/364\"\u003e#364\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/43e5c345bfd4d4f3ecea019ad0042001a09dd857\"\u003e43e5c34\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003evalidate private-key input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/376\"\u003e#376\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/f24bbd89643991c0de27ae823c01791b2c6bafdd\"\u003ef24bbd8\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/create-github-app-token/blob/main/CHANGELOG.md\"\u003eactions/create-github-app-token's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/compare/v3.1.1...v3.2.0\"\u003e3.2.0\u003c/a\u003e (2026-05-12)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd support for enterprise-level GitHub Apps (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/263\"\u003e#263\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/952a2a7073df6bfa5f49bc469ec895b6ec1acea4\"\u003e952a2a7\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esupport full repository names in \u003ccode\u003erepositories\u003c/code\u003e input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/372\"\u003e#372\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/85eb8dd41472213aed25d1a126460e0069138ab6\"\u003e85eb8dd\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1 in the production-dependencies group (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/364\"\u003e#364\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/43e5c345bfd4d4f3ecea019ad0042001a09dd857\"\u003e43e5c34\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003evalidate private-key input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/376\"\u003e#376\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/f24bbd89643991c0de27ae823c01791b2c6bafdd\"\u003ef24bbd8\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/bcd2ba49218906704ab6c1aa796996da409d3eb1\"\u003e\u003ccode\u003ebcd2ba4\u003c/code\u003e\u003c/a\u003e chore(main): release 3.2.0 (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/370\"\u003e#370\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/f24bbd89643991c0de27ae823c01791b2c6bafdd\"\u003e\u003ccode\u003ef24bbd8\u003c/code\u003e\u003c/a\u003e fix: validate private-key input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/376\"\u003e#376\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/363531b6d972a60a00b3f1e6bb139e5e6c764cd9\"\u003e\u003ccode\u003e363531b\u003c/code\u003e\u003c/a\u003e docs: capitalize Git as a proper noun in README (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/374\"\u003e#374\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/fd2801133e469d2950f2c5af5e591d6b2ad833c8\"\u003e\u003ccode\u003efd28011\u003c/code\u003e\u003c/a\u003e docs: update procedure to configure Git (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/287\"\u003e#287\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/85eb8dd41472213aed25d1a126460e0069138ab6\"\u003e\u003ccode\u003e85eb8dd\u003c/code\u003e\u003c/a\u003e feat: support full repository names in \u003ccode\u003erepositories\u003c/code\u003e input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/372\"\u003e#372\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/c9aabb83728c3bd519212fa657ebc07e1f2a5dec\"\u003e\u003ccode\u003ec9aabb8\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump yaml from 2.8.3 to 2.8.4 in the development-dependencie...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/e02e816e5591415258a53bf735aff57977dcd5e2\"\u003e\u003ccode\u003ee02e816\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump undici from 7.24.6 to 8.2.0 (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/366\"\u003e#366\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/8d835bfd37aa48fcb8e709925115857568d98bc4\"\u003e\u003ccode\u003e8d835bf\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump esbuild from 0.27.4 to 0.28.0 in the development-depend...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/952a2a7073df6bfa5f49bc469ec895b6ec1acea4\"\u003e\u003ccode\u003e952a2a7\u003c/code\u003e\u003c/a\u003e feat: add support for enterprise-level GitHub Apps (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/263\"\u003e#263\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/43e5c345bfd4d4f3ecea019ad0042001a09dd857\"\u003e\u003ccode\u003e43e5c34\u003c/code\u003e\u003c/a\u003e fix(deps): bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1 in the production-dependenc...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/actions/create-github-app-token/compare/1b10c78c7865c340bc4f6099eb2f838309f1e8c3...bcd2ba49218906704ab6c1aa796996da409d3eb1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e","html_url":"https://github.com/milanhorvatovic/skill-system-foundry/pull/162","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/milanhorvatovic%2Fskill-system-foundry/issues/162","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/162/packages"},{"uuid":"4507254182","node_id":"PR_kwDOSTHQ0c7ek0Tl","number":438,"state":"open","title":"chore: bump the actions group with 4 updates","user":"dependabot[bot]","labels":["chore","size/S","📦 dependencies"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-23T07:08:02.000Z","updated_at":"2026-05-23T07:08:15.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore: bump","group_name":"actions","update_count":4,"packages":[{"name":"rharkor/caching-for-turbo","old_version":"2.4.0","new_version":"2.4.2","repository_url":"https://github.com/rharkor/caching-for-turbo"},{"name":"github/codeql-action","old_version":"4.35.4","new_version":"4.35.5","repository_url":"https://github.com/github/codeql-action"},{"name":"actions/create-github-app-token","old_version":"3.1.1","new_version":"3.2.0","repository_url":"https://github.com/actions/create-github-app-token"},{"name":"azure/trusted-signing-action","old_version":"1.2.0","new_version":"2.0.0","repository_url":"https://github.com/azure/trusted-signing-action"}],"path":null,"ecosystem":"actions"},"body":"Bumps the actions group with 4 updates: [rharkor/caching-for-turbo](https://github.com/rharkor/caching-for-turbo), [github/codeql-action](https://github.com/github/codeql-action), [actions/create-github-app-token](https://github.com/actions/create-github-app-token) and [azure/trusted-signing-action](https://github.com/azure/trusted-signing-action).\n\nUpdates `rharkor/caching-for-turbo` from 2.4.0 to 2.4.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rharkor/caching-for-turbo/releases\"\u003erharkor/caching-for-turbo's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.4.2\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/rharkor/caching-for-turbo/compare/v2.4.1...v2.4.2\"\u003e2.4.2\u003c/a\u003e (2026-05-15)\u003c/h2\u003e\n\u003ch3\u003eMiscellaneous Chores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update aws-sdk-js-v3 monorepo to v3.1046.0 (\u003ca href=\"https://redirect.github.com/rharkor/caching-for-turbo/issues/924\"\u003e#924\u003c/a\u003e) (\u003ca href=\"https://github.com/rharkor/caching-for-turbo/commit/1097ea0917d4ea330e130d4e667ae03b78b09e80\"\u003e1097ea0\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update aws-sdk-js-v3 monorepo to v3.1047.0 (\u003ca href=\"https://redirect.github.com/rharkor/caching-for-turbo/issues/928\"\u003e#928\u003c/a\u003e) (\u003ca href=\"https://github.com/rharkor/caching-for-turbo/commit/e479b5ad758bb348b0a9b02844ae01c7c806e22c\"\u003ee479b5a\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update dependency \u003ccode\u003e@​types/node\u003c/code\u003e to v24.12.4 (\u003ca href=\"https://redirect.github.com/rharkor/caching-for-turbo/issues/922\"\u003e#922\u003c/a\u003e) (\u003ca href=\"https://github.com/rharkor/caching-for-turbo/commit/48e0a229bea36515b8f592d32a0612cbfb879d25\"\u003e48e0a22\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update dependency tsx to v4.21.1 (\u003ca href=\"https://redirect.github.com/rharkor/caching-for-turbo/issues/925\"\u003e#925\u003c/a\u003e) (\u003ca href=\"https://github.com/rharkor/caching-for-turbo/commit/a8fb8606bd25aa6aa8d907f3fa09750a1e197f0e\"\u003ea8fb860\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update dependency tsx to v4.22.0 (\u003ca href=\"https://redirect.github.com/rharkor/caching-for-turbo/issues/926\"\u003e#926\u003c/a\u003e) (\u003ca href=\"https://github.com/rharkor/caching-for-turbo/commit/be65592a32eee326ba0450df565df389b2d3fe22\"\u003ebe65592\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update dependency turbo to v2.9.14 (\u003ca href=\"https://redirect.github.com/rharkor/caching-for-turbo/issues/927\"\u003e#927\u003c/a\u003e) (\u003ca href=\"https://github.com/rharkor/caching-for-turbo/commit/228e10fa85ed2aa1a39b1ab8782e9a56e43f9be8\"\u003e228e10f\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update dependency wait-on to v9.0.10 (\u003ca href=\"https://redirect.github.com/rharkor/caching-for-turbo/issues/919\"\u003e#919\u003c/a\u003e) (\u003ca href=\"https://github.com/rharkor/caching-for-turbo/commit/e38d6a8f6756436e9b9dccffcad76f2ca5204052\"\u003ee38d6a8\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update typescript-eslint monorepo to v8.59.3 (\u003ca href=\"https://redirect.github.com/rharkor/caching-for-turbo/issues/921\"\u003e#921\u003c/a\u003e) (\u003ca href=\"https://github.com/rharkor/caching-for-turbo/commit/8b547c3077086499d515c4d7242e00c70643f93f\"\u003e8b547c3\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003esync:\u003c/strong\u003e restore package.json from main (\u003ca href=\"https://github.com/rharkor/caching-for-turbo/commit/45a958f8aaffc30acdeceb1aab6a6ac508b92386\"\u003e45a958f\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCI/CD\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003etrigger PR checks with pull_request instead of pull_request_target (\u003ca href=\"https://github.com/rharkor/caching-for-turbo/commit/a900bf2795960299444b4a5a981a7b9fd015e941\"\u003ea900bf2\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.4.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/rharkor/caching-for-turbo/compare/v2.4.0...v2.4.1\"\u003e2.4.1\u003c/a\u003e (2026-05-13)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eformat (\u003ca href=\"https://github.com/rharkor/caching-for-turbo/commit/b202f94262701ce5f5ceb0d3c6ec818edb12b1e1\"\u003eb202f94\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMiscellaneous Chores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003esync:\u003c/strong\u003e restore package.json from main (\u003ca href=\"https://github.com/rharkor/caching-for-turbo/commit/ee71897b0c458f948fe04a13808f750683359fca\"\u003eee71897\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rharkor/caching-for-turbo/commit/5d14fba18e450c09393333cfd4242e8b3cb455a6\"\u003e\u003ccode\u003e5d14fba\u003c/code\u003e\u003c/a\u003e chore(release): 2.4.2 [skip ci]\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rharkor/caching-for-turbo/commit/45a958f8aaffc30acdeceb1aab6a6ac508b92386\"\u003e\u003ccode\u003e45a958f\u003c/code\u003e\u003c/a\u003e chore(sync): restore package.json from main\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rharkor/caching-for-turbo/commit/3b4c3d80e7ba25b2efff7e332a08e4877dbf1880\"\u003e\u003ccode\u003e3b4c3d8\u003c/code\u003e\u003c/a\u003e Merge remote-tracking branch 'origin/main' into main-release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rharkor/caching-for-turbo/commit/7ca2ad4301ad4c5744006c694931f175b3b5f34f\"\u003e\u003ccode\u003e7ca2ad4\u003c/code\u003e\u003c/a\u003e Merge branch 'main' of github.com:rharkor/caching-for-turbo\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rharkor/caching-for-turbo/commit/a900bf2795960299444b4a5a981a7b9fd015e941\"\u003e\u003ccode\u003ea900bf2\u003c/code\u003e\u003c/a\u003e ci: trigger PR checks with pull_request instead of pull_request_target\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rharkor/caching-for-turbo/commit/e479b5ad758bb348b0a9b02844ae01c7c806e22c\"\u003e\u003ccode\u003ee479b5a\u003c/code\u003e\u003c/a\u003e chore(deps): update aws-sdk-js-v3 monorepo to v3.1047.0 (\u003ca href=\"https://redirect.github.com/rharkor/caching-for-turbo/issues/928\"\u003e#928\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rharkor/caching-for-turbo/commit/228e10fa85ed2aa1a39b1ab8782e9a56e43f9be8\"\u003e\u003ccode\u003e228e10f\u003c/code\u003e\u003c/a\u003e chore(deps): update dependency turbo to v2.9.14 (\u003ca href=\"https://redirect.github.com/rharkor/caching-for-turbo/issues/927\"\u003e#927\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rharkor/caching-for-turbo/commit/be65592a32eee326ba0450df565df389b2d3fe22\"\u003e\u003ccode\u003ebe65592\u003c/code\u003e\u003c/a\u003e chore(deps): update dependency tsx to v4.22.0 (\u003ca href=\"https://redirect.github.com/rharkor/caching-for-turbo/issues/926\"\u003e#926\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rharkor/caching-for-turbo/commit/a8fb8606bd25aa6aa8d907f3fa09750a1e197f0e\"\u003e\u003ccode\u003ea8fb860\u003c/code\u003e\u003c/a\u003e chore(deps): update dependency tsx to v4.21.1 (\u003ca href=\"https://redirect.github.com/rharkor/caching-for-turbo/issues/925\"\u003e#925\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rharkor/caching-for-turbo/commit/1097ea0917d4ea330e130d4e667ae03b78b09e80\"\u003e\u003ccode\u003e1097ea0\u003c/code\u003e\u003c/a\u003e chore(deps): update aws-sdk-js-v3 monorepo to v3.1046.0 (\u003ca href=\"https://redirect.github.com/rharkor/caching-for-turbo/issues/924\"\u003e#924\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/rharkor/caching-for-turbo/compare/564b6d155a4aec5ada97411ba7f7956e4bac890a...5d14fba18e450c09393333cfd4242e8b3cb455a6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github/codeql-action` from 4.35.4 to 4.35.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/github/codeql-action/releases\"\u003egithub/codeql-action's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.35.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eWe have improved how the JavaScript bundles for the CodeQL Action are generated to avoid duplication across bundles and reduce the size of the repository by around 70%. This should have no effect on the runtime behaviour of the CodeQL Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3899\"\u003e#3899\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFor performance and accuracy reasons, \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e will now only be enabled on a pull request when diff-informed analysis is also enabled for that run. If diff-informed analysis is unavailable (for example, because the PR diff ranges could not be computed), the action will fall back to a full analysis. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3791\"\u003e#3791\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIf multiple inputs are provided for the GitHub-internal \u003ccode\u003eanalysis-kinds\u003c/code\u003e input, only \u003ccode\u003ecode-scanning\u003c/code\u003e will be enabled. The \u003ccode\u003eanalysis-kinds\u003c/code\u003e input is experimental, for GitHub-internal use only, and may change without notice at any time. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3892\"\u003e#3892\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded an experimental change which, when running a Code Scanning analysis for a PR with \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e enabled, prefers CodeQL CLI versions that have a cached overlay-base database for the configured languages. This speeds up analysis for a repository when there is not yet a cached overlay-base database for the latest CLI version. We expect to roll this change out to everyone in May. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3880\"\u003e#3880\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/github/codeql-action/blob/main/CHANGELOG.md\"\u003egithub/codeql-action's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eCodeQL Action Changelog\u003c/h1\u003e\n\u003cp\u003eSee the \u003ca href=\"https://github.com/github/codeql-action/releases\"\u003ereleases page\u003c/a\u003e for the relevant changes to the CodeQL CLI and language packs.\u003c/p\u003e\n\u003ch2\u003e[UNRELEASED]\u003c/h2\u003e\n\u003cp\u003eNo user facing changes.\u003c/p\u003e\n\u003ch2\u003e4.36.0 - 22 May 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cem\u003eBreaking change\u003c/em\u003e: Bump the minimum required CodeQL bundle version to 2.19.4. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3894\"\u003e#3894\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd support for SHA-256 Git object IDs. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3893\"\u003e#3893\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.5\"\u003e2.25.5\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3926\"\u003e#3926\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.5 - 15 May 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eWe have improved how the JavaScript bundles for the CodeQL Action are generated to avoid duplication across bundles and reduce the size of the repository by around 70%. This should have no effect on the runtime behaviour of the CodeQL Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3899\"\u003e#3899\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFor performance and accuracy reasons, \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e will now only be enabled on a pull request when diff-informed analysis is also enabled for that run. If diff-informed analysis is unavailable (for example, because the PR diff ranges could not be computed), the action will fall back to a full analysis. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3791\"\u003e#3791\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIf multiple inputs are provided for the GitHub-internal \u003ccode\u003eanalysis-kinds\u003c/code\u003e input, only \u003ccode\u003ecode-scanning\u003c/code\u003e will be enabled. The \u003ccode\u003eanalysis-kinds\u003c/code\u003e input is experimental, for GitHub-internal use only, and may change without notice at any time. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3892\"\u003e#3892\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded an experimental change which, when running a Code Scanning analysis for a PR with \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e enabled, prefers CodeQL CLI versions that have a cached overlay-base database for the configured languages. This speeds up analysis for a repository when there is not yet a cached overlay-base database for the latest CLI version. We expect to roll this change out to everyone in May. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3880\"\u003e#3880\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.4 - 07 May 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.4\"\u003e2.25.4\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3881\"\u003e#3881\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.3 - 01 May 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cem\u003eUpcoming breaking change\u003c/em\u003e: Add a deprecation warning for customers using CodeQL version 2.19.3 and earlier. These versions of CodeQL were discontinued on 9 April 2026 alongside GitHub Enterprise Server 3.15, and will be unsupported by the next minor release of the CodeQL Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3837\"\u003e#3837\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eConfigurations for private registries that use Cloudsmith or GCP OIDC are now accepted. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3850\"\u003e#3850\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBest-effort connection tests for private registries now use \u003ccode\u003eGET\u003c/code\u003e requests instead of \u003ccode\u003eHEAD\u003c/code\u003e for better compatibility with various registry implementations. For NuGet feeds, the test is now always performed against the service index. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3853\"\u003e#3853\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed a bug where two diagnostics produced within the same millisecond could overwrite each other on disk, causing one of them to be lost. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3852\"\u003e#3852\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.3\"\u003e2.25.3\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3865\"\u003e#3865\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.2 - 15 Apr 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eThe undocumented TRAP cache cleanup feature that could be enabled using the \u003ccode\u003eCODEQL_ACTION_CLEANUP_TRAP_CACHES\u003c/code\u003e environment variable is deprecated and will be removed in May 2026. If you are affected by this, we recommend disabling TRAP caching by passing the \u003ccode\u003etrap-caching: false\u003c/code\u003e input to the \u003ccode\u003einit\u003c/code\u003e Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3795\"\u003e#3795\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe Git version 2.36.0 requirement for improved incremental analysis now only applies to repositories that contain submodules. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3789\"\u003e#3789\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePython analysis on GHES no longer extracts the standard library, relying instead on models of the standard library. This should result in significantly faster extraction and analysis times, while the effect on alerts should be minimal. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3794\"\u003e#3794\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed a bug in the validation of OIDC configurations for private registries that was added in CodeQL Action 4.33.0 / 3.33.0. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3807\"\u003e#3807\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.2\"\u003e2.25.2\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3823\"\u003e#3823\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.1 - 27 Mar 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix incorrect minimum required Git version for \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e: it should have been 2.36.0, not 2.11.0. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3781\"\u003e#3781\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.0 - 27 Mar 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReduced the minimum Git version required for \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e from 2.38.0 to 2.11.0. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3767\"\u003e#3767\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.1\"\u003e2.25.1\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3773\"\u003e#3773\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/9e0d7b8d25671d64c341c19c0152d693099fb5ba\"\u003e\u003ccode\u003e9e0d7b8\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3905\"\u003e#3905\u003c/a\u003e from github/update-v4.35.5-d4b485515\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/6d7d59927c0c7336c1d1247c7e159e79edbf7684\"\u003e\u003ccode\u003e6d7d599\u003c/code\u003e\u003c/a\u003e Add changelog entry for \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3899\"\u003e#3899\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/51f7e38c69d3cd7966375fe0ffff19669f22bd14\"\u003e\u003ccode\u003e51f7e38\u003c/code\u003e\u003c/a\u003e Update changelog for v4.35.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/d4b485515e8531d7071a39d526213eb5b2e74a11\"\u003e\u003ccode\u003ed4b4855\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3899\"\u003e#3899\u003c/a\u003e from github/mbg/esbuild/split\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/127de8117f134e8809c127d53e940b3ffc1db8e9\"\u003e\u003ccode\u003e127de81\u003c/code\u003e\u003c/a\u003e Merge remote-tracking branch 'origin/main' into mbg/esbuild/split\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/7fde13f26ad3f7008e8fe6755cb997b54f7a2f3b\"\u003e\u003ccode\u003e7fde13f\u003c/code\u003e\u003c/a\u003e Use src + basename in header to avoid issues on Windows\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/dfa61e7305ed28b74dcc2c68bd665b36751ad933\"\u003e\u003ccode\u003edfa61e7\u003c/code\u003e\u003c/a\u003e Improve pattern matching and error handling\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/52aafec07347933a26e670390c3f894c5c05e64a\"\u003e\u003ccode\u003e52aafec\u003c/code\u003e\u003c/a\u003e Import and call \u003ccode\u003erunWrapper\u003c/code\u003e normally in \u003ccode\u003eanalyze\u003c/code\u003e tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/0d08c01f7874da2f932e4d4e4d42b1c43be88111\"\u003e\u003ccode\u003e0d08c01\u003c/code\u003e\u003c/a\u003e Auto-generate shared bundle\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/14085a675cb6d8cddc805b946cc1d51e3232a204\"\u003e\u003ccode\u003e14085a6\u003c/code\u003e\u003c/a\u003e Auto-generate entry points\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/github/codeql-action/compare/68bde559dea0fdcac2102bfdf6230c5f70eb485e...9e0d7b8d25671d64c341c19c0152d693099fb5ba\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `actions/create-github-app-token` from 3.1.1 to 3.2.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/create-github-app-token/releases\"\u003eactions/create-github-app-token's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.2.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/compare/v3.1.1...v3.2.0\"\u003e3.2.0\u003c/a\u003e (2026-05-12)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd support for enterprise-level GitHub Apps (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/263\"\u003e#263\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/952a2a7073df6bfa5f49bc469ec895b6ec1acea4\"\u003e952a2a7\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esupport full repository names in \u003ccode\u003erepositories\u003c/code\u003e input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/372\"\u003e#372\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/85eb8dd41472213aed25d1a126460e0069138ab6\"\u003e85eb8dd\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1 in the production-dependencies group (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/364\"\u003e#364\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/43e5c345bfd4d4f3ecea019ad0042001a09dd857\"\u003e43e5c34\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003evalidate private-key input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/376\"\u003e#376\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/f24bbd89643991c0de27ae823c01791b2c6bafdd\"\u003ef24bbd8\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/create-github-app-token/blob/main/CHANGELOG.md\"\u003eactions/create-github-app-token's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/compare/v3.1.1...v3.2.0\"\u003e3.2.0\u003c/a\u003e (2026-05-12)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd support for enterprise-level GitHub Apps (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/263\"\u003e#263\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/952a2a7073df6bfa5f49bc469ec895b6ec1acea4\"\u003e952a2a7\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esupport full repository names in \u003ccode\u003erepositories\u003c/code\u003e input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/372\"\u003e#372\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/85eb8dd41472213aed25d1a126460e0069138ab6\"\u003e85eb8dd\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1 in the production-dependencies group (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/364\"\u003e#364\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/43e5c345bfd4d4f3ecea019ad0042001a09dd857\"\u003e43e5c34\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003evalidate private-key input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/376\"\u003e#376\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/f24bbd89643991c0de27ae823c01791b2c6bafdd\"\u003ef24bbd8\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/bcd2ba49218906704ab6c1aa796996da409d3eb1\"\u003e\u003ccode\u003ebcd2ba4\u003c/code\u003e\u003c/a\u003e chore(main): release 3.2.0 (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/370\"\u003e#370\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/f24bbd89643991c0de27ae823c01791b2c6bafdd\"\u003e\u003ccode\u003ef24bbd8\u003c/code\u003e\u003c/a\u003e fix: validate private-key input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/376\"\u003e#376\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/363531b6d972a60a00b3f1e6bb139e5e6c764cd9\"\u003e\u003ccode\u003e363531b\u003c/code\u003e\u003c/a\u003e docs: capitalize Git as a proper noun in README (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/374\"\u003e#374\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/fd2801133e469d2950f2c5af5e591d6b2ad833c8\"\u003e\u003ccode\u003efd28011\u003c/code\u003e\u003c/a\u003e docs: update procedure to configure Git (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/287\"\u003e#287\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/85eb8dd41472213aed25d1a126460e0069138ab6\"\u003e\u003ccode\u003e85eb8dd\u003c/code\u003e\u003c/a\u003e feat: support full repository names in \u003ccode\u003erepositories\u003c/code\u003e input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/372\"\u003e#372\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/c9aabb83728c3bd519212fa657ebc07e1f2a5dec\"\u003e\u003ccode\u003ec9aabb8\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump yaml from 2.8.3 to 2.8.4 in the development-dependencie...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/e02e816e5591415258a53bf735aff57977dcd5e2\"\u003e\u003ccode\u003ee02e816\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump undici from 7.24.6 to 8.2.0 (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/366\"\u003e#366\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/8d835bfd37aa48fcb8e709925115857568d98bc4\"\u003e\u003ccode\u003e8d835bf\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump esbuild from 0.27.4 to 0.28.0 in the development-depend...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/952a2a7073df6bfa5f49bc469ec895b6ec1acea4\"\u003e\u003ccode\u003e952a2a7\u003c/code\u003e\u003c/a\u003e feat: add support for enterprise-level GitHub Apps (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/263\"\u003e#263\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/43e5c345bfd4d4f3ecea019ad0042001a09dd857\"\u003e\u003ccode\u003e43e5c34\u003c/code\u003e\u003c/a\u003e fix(deps): bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1 in the production-dependenc...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/actions/create-github-app-token/compare/1b10c78c7865c340bc4f6099eb2f838309f1e8c3...bcd2ba49218906704ab6c1aa796996da409d3eb1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `azure/trusted-signing-action` from 1.2.0 to 2.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/azure/trusted-signing-action/releases\"\u003eazure/trusted-signing-action's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.0.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003erefactor: migrate to new artifactsigning module by \u003ca href=\"https://github.com/Jaxelr\"\u003e\u003ccode\u003e@​Jaxelr\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/Azure/artifact-signing-action/pull/133\"\u003eAzure/artifact-signing-action#133\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: update README runtime version and action references by \u003ca href=\"https://github.com/Jaxelr\"\u003e\u003ccode\u003e@​Jaxelr\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/Azure/artifact-signing-action/pull/139\"\u003eAzure/artifact-signing-action#139\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erefactor: upgrade packages to the latest versions by \u003ca href=\"https://github.com/Jaxelr\"\u003e\u003ccode\u003e@​Jaxelr\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/Azure/artifact-signing-action/pull/135\"\u003eAzure/artifact-signing-action#135\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/Azure/artifact-signing-action/compare/v1.2.0...v2.0.0\"\u003ehttps://github.com/Azure/artifact-signing-action/compare/v1.2.0...v2.0.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Azure/artifact-signing-action/commit/c7ab2a863ab5f9a846ddb8265964877ef296ee82\"\u003e\u003ccode\u003ec7ab2a8\u003c/code\u003e\u003c/a\u003e refactor: upgrade packages to the latest versions (\u003ca href=\"https://redirect.github.com/azure/trusted-signing-action/issues/135\"\u003e#135\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Azure/artifact-signing-action/commit/7664cea6ad50e2f1b08bf6d5b4a371527221231c\"\u003e\u003ccode\u003e7664cea\u003c/code\u003e\u003c/a\u003e docs: update README runtime version and action references (\u003ca href=\"https://redirect.github.com/azure/trusted-signing-action/issues/139\"\u003e#139\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Azure/artifact-signing-action/commit/64185d8ca9555a71ba666fc42fa2ed9461a9d583\"\u003e\u003ccode\u003e64185d8\u003c/code\u003e\u003c/a\u003e refactor: migrate to new artifactsigning module (\u003ca href=\"https://redirect.github.com/azure/trusted-signing-action/issues/133\"\u003e#133\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/azure/trusted-signing-action/compare/b443cf8ea4124818d2ea9f043cba29fc3ec47b16...c7ab2a863ab5f9a846ddb8265964877ef296ee82\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\n\n\n\u003c/details\u003e","html_url":"https://github.com/stella/stella/pull/438","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/stella%2Fstella/issues/438","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/438/packages"}],"issue_packages":[{"old_version":"1.9.3","new_version":"3.2.0","update_type":"major","path":null,"pr_created_at":"2026-05-31T06:48:27.000Z","version_change":"1.9.3 → 3.2.0","issue":{"uuid":"4556814404","node_id":"PR_kwDOSsxPT87hDejC","number":3,"state":"open","title":"chore(actions)(deps): bump actions/create-github-app-token from 1.9.3 to 3.2.0","user":"dependabot[bot]","labels":[],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-31T06:48:27.000Z","updated_at":"2026-05-31T06:48:27.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(actions)(deps)","packages":[{"name":"actions/create-github-app-token","old_version":"1.9.3","new_version":"3.2.0","repository_url":"https://github.com/actions/create-github-app-token"}],"path":null,"ecosystem":"actions"},"body":"Bumps [actions/create-github-app-token](https://github.com/actions/create-github-app-token) from 1.9.3 to 3.2.0.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/create-github-app-token/releases\"\u003eactions/create-github-app-token's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.2.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/compare/v3.1.1...v3.2.0\"\u003e3.2.0\u003c/a\u003e (2026-05-12)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd support for enterprise-level GitHub Apps (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/263\"\u003e#263\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/952a2a7073df6bfa5f49bc469ec895b6ec1acea4\"\u003e952a2a7\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esupport full repository names in \u003ccode\u003erepositories\u003c/code\u003e input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/372\"\u003e#372\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/85eb8dd41472213aed25d1a126460e0069138ab6\"\u003e85eb8dd\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1 in the production-dependencies group (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/364\"\u003e#364\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/43e5c345bfd4d4f3ecea019ad0042001a09dd857\"\u003e43e5c34\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003evalidate private-key input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/376\"\u003e#376\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/f24bbd89643991c0de27ae823c01791b2c6bafdd\"\u003ef24bbd8\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.1.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/compare/v3.1.0...v3.1.1\"\u003e3.1.1\u003c/a\u003e (2026-04-11)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eimprove error message when app identifier is empty (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/362\"\u003e#362\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/07e2b760664f080c40eec4eacf7477256582db36\"\u003e07e2b76\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/249\"\u003e#249\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.1.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/compare/v3.0.0...v3.1.0\"\u003e3.1.0\u003c/a\u003e (2026-04-11)\u003c/h1\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump p-retry from 7.1.1 to 8.0.0 (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/357\"\u003e#357\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/3bbe07d928e2d6c30bf3e37c6b89edbc4045facf\"\u003e3bbe07d\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd \u003ccode\u003eclient-id\u003c/code\u003e input and deprecate \u003ccode\u003eapp-id\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/353\"\u003e#353\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/e6bd4e6970172bed9fe138b2eaf4cbffa4cca8f9\"\u003ee6bd4e6\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupdate permission inputs (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/358\"\u003e#358\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/076e9480ca6e9633bff412d05eff0fc2f1e7d2be\"\u003e076e948\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.0.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/compare/v2.2.2...v3.0.0\"\u003e3.0.0\u003c/a\u003e (2026-03-14)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003efeat!: node 24 support (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/275\"\u003e#275\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/2e564a0bb8e7cc2b907b2401a2afe177882d4325\"\u003e2e564a0\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix!: require \u003ccode\u003eNODE_USE_ENV_PROXY\u003c/code\u003e for proxy support (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/342\"\u003e#342\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/4451bcbc139f8124b0bf04f968ea2586b17df458\"\u003e4451bcb\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eremove custom proxy handling (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/143\"\u003e#143\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/dce0ab05f36f30b22fd14289fd36655c618e4e8e\"\u003edce0ab0\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/create-github-app-token/blob/main/CHANGELOG.md\"\u003eactions/create-github-app-token's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/compare/v3.1.1...v3.2.0\"\u003e3.2.0\u003c/a\u003e (2026-05-12)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd support for enterprise-level GitHub Apps (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/263\"\u003e#263\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/952a2a7073df6bfa5f49bc469ec895b6ec1acea4\"\u003e952a2a7\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esupport full repository names in \u003ccode\u003erepositories\u003c/code\u003e input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/372\"\u003e#372\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/85eb8dd41472213aed25d1a126460e0069138ab6\"\u003e85eb8dd\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1 in the production-dependencies group (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/364\"\u003e#364\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/43e5c345bfd4d4f3ecea019ad0042001a09dd857\"\u003e43e5c34\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003evalidate private-key input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/376\"\u003e#376\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/f24bbd89643991c0de27ae823c01791b2c6bafdd\"\u003ef24bbd8\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/bcd2ba49218906704ab6c1aa796996da409d3eb1\"\u003e\u003ccode\u003ebcd2ba4\u003c/code\u003e\u003c/a\u003e chore(main): release 3.2.0 (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/370\"\u003e#370\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/f24bbd89643991c0de27ae823c01791b2c6bafdd\"\u003e\u003ccode\u003ef24bbd8\u003c/code\u003e\u003c/a\u003e fix: validate private-key input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/376\"\u003e#376\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/363531b6d972a60a00b3f1e6bb139e5e6c764cd9\"\u003e\u003ccode\u003e363531b\u003c/code\u003e\u003c/a\u003e docs: capitalize Git as a proper noun in README (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/374\"\u003e#374\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/fd2801133e469d2950f2c5af5e591d6b2ad833c8\"\u003e\u003ccode\u003efd28011\u003c/code\u003e\u003c/a\u003e docs: update procedure to configure Git (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/287\"\u003e#287\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/85eb8dd41472213aed25d1a126460e0069138ab6\"\u003e\u003ccode\u003e85eb8dd\u003c/code\u003e\u003c/a\u003e feat: support full repository names in \u003ccode\u003erepositories\u003c/code\u003e input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/372\"\u003e#372\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/c9aabb83728c3bd519212fa657ebc07e1f2a5dec\"\u003e\u003ccode\u003ec9aabb8\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump yaml from 2.8.3 to 2.8.4 in the development-dependencie...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/e02e816e5591415258a53bf735aff57977dcd5e2\"\u003e\u003ccode\u003ee02e816\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump undici from 7.24.6 to 8.2.0 (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/366\"\u003e#366\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/8d835bfd37aa48fcb8e709925115857568d98bc4\"\u003e\u003ccode\u003e8d835bf\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump esbuild from 0.27.4 to 0.28.0 in the development-depend...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/952a2a7073df6bfa5f49bc469ec895b6ec1acea4\"\u003e\u003ccode\u003e952a2a7\u003c/code\u003e\u003c/a\u003e feat: add support for enterprise-level GitHub Apps (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/263\"\u003e#263\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/43e5c345bfd4d4f3ecea019ad0042001a09dd857\"\u003e\u003ccode\u003e43e5c34\u003c/code\u003e\u003c/a\u003e fix(deps): bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1 in the production-dependenc...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/actions/create-github-app-token/compare/7bfa3a4717ef143a604ee0a99d859b8886a96d00...bcd2ba49218906704ab6c1aa796996da409d3eb1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/create-github-app-token\u0026package-manager=github_actions\u0026previous-version=1.9.3\u0026new-version=3.2.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/JaeCheon8587/hermes-agent-labs/pull/3","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/JaeCheon8587%2Fhermes-agent-labs/issues/3","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/3/packages"}},{"old_version":"3.1.1","new_version":"3.2.0","update_type":"minor","path":null,"pr_created_at":"2026-05-30T16:03:45.000Z","version_change":"3.1.1 → 3.2.0","issue":{"uuid":"4554929510","node_id":"PR_kwDOQk7AtM7g94-3","number":1652,"state":"open","title":"Bump actions/create-github-app-token from 3.1.1 to 3.2.0","user":"dependabot[bot]","labels":["dependencies","github_actions","zenable/risk:low"],"assignees":[],"locked":false,"comments_count":4,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-30T16:03:45.000Z","updated_at":"2026-05-30T16:08:17.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"actions/create-github-app-token","old_version":"3.1.1","new_version":"3.2.0","repository_url":"https://github.com/actions/create-github-app-token"}],"path":null,"ecosystem":"actions"},"body":"Bumps [actions/create-github-app-token](https://github.com/actions/create-github-app-token) from 3.1.1 to 3.2.0.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/create-github-app-token/releases\"\u003eactions/create-github-app-token's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.2.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/compare/v3.1.1...v3.2.0\"\u003e3.2.0\u003c/a\u003e (2026-05-12)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd support for enterprise-level GitHub Apps (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/263\"\u003e#263\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/952a2a7073df6bfa5f49bc469ec895b6ec1acea4\"\u003e952a2a7\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esupport full repository names in \u003ccode\u003erepositories\u003c/code\u003e input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/372\"\u003e#372\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/85eb8dd41472213aed25d1a126460e0069138ab6\"\u003e85eb8dd\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1 in the production-dependencies group (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/364\"\u003e#364\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/43e5c345bfd4d4f3ecea019ad0042001a09dd857\"\u003e43e5c34\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003evalidate private-key input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/376\"\u003e#376\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/f24bbd89643991c0de27ae823c01791b2c6bafdd\"\u003ef24bbd8\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/create-github-app-token/blob/main/CHANGELOG.md\"\u003eactions/create-github-app-token's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/compare/v3.1.1...v3.2.0\"\u003e3.2.0\u003c/a\u003e (2026-05-12)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd support for enterprise-level GitHub Apps (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/263\"\u003e#263\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/952a2a7073df6bfa5f49bc469ec895b6ec1acea4\"\u003e952a2a7\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esupport full repository names in \u003ccode\u003erepositories\u003c/code\u003e input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/372\"\u003e#372\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/85eb8dd41472213aed25d1a126460e0069138ab6\"\u003e85eb8dd\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1 in the production-dependencies group (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/364\"\u003e#364\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/43e5c345bfd4d4f3ecea019ad0042001a09dd857\"\u003e43e5c34\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003evalidate private-key input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/376\"\u003e#376\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/f24bbd89643991c0de27ae823c01791b2c6bafdd\"\u003ef24bbd8\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/bcd2ba49218906704ab6c1aa796996da409d3eb1\"\u003e\u003ccode\u003ebcd2ba4\u003c/code\u003e\u003c/a\u003e chore(main): release 3.2.0 (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/370\"\u003e#370\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/f24bbd89643991c0de27ae823c01791b2c6bafdd\"\u003e\u003ccode\u003ef24bbd8\u003c/code\u003e\u003c/a\u003e fix: validate private-key input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/376\"\u003e#376\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/363531b6d972a60a00b3f1e6bb139e5e6c764cd9\"\u003e\u003ccode\u003e363531b\u003c/code\u003e\u003c/a\u003e docs: capitalize Git as a proper noun in README (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/374\"\u003e#374\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/fd2801133e469d2950f2c5af5e591d6b2ad833c8\"\u003e\u003ccode\u003efd28011\u003c/code\u003e\u003c/a\u003e docs: update procedure to configure Git (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/287\"\u003e#287\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/85eb8dd41472213aed25d1a126460e0069138ab6\"\u003e\u003ccode\u003e85eb8dd\u003c/code\u003e\u003c/a\u003e feat: support full repository names in \u003ccode\u003erepositories\u003c/code\u003e input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/372\"\u003e#372\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/c9aabb83728c3bd519212fa657ebc07e1f2a5dec\"\u003e\u003ccode\u003ec9aabb8\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump yaml from 2.8.3 to 2.8.4 in the development-dependencie...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/e02e816e5591415258a53bf735aff57977dcd5e2\"\u003e\u003ccode\u003ee02e816\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump undici from 7.24.6 to 8.2.0 (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/366\"\u003e#366\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/8d835bfd37aa48fcb8e709925115857568d98bc4\"\u003e\u003ccode\u003e8d835bf\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump esbuild from 0.27.4 to 0.28.0 in the development-depend...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/952a2a7073df6bfa5f49bc469ec895b6ec1acea4\"\u003e\u003ccode\u003e952a2a7\u003c/code\u003e\u003c/a\u003e feat: add support for enterprise-level GitHub Apps (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/263\"\u003e#263\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/43e5c345bfd4d4f3ecea019ad0042001a09dd857\"\u003e\u003ccode\u003e43e5c34\u003c/code\u003e\u003c/a\u003e fix(deps): bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1 in the production-dependenc...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/actions/create-github-app-token/compare/v3.1.1...v3.2.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/create-github-app-token\u0026package-manager=github_actions\u0026previous-version=3.1.1\u0026new-version=3.2.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/Voornaamenachternaam/exchange_gateway/pull/1652","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Voornaamenachternaam%2Fexchange_gateway/issues/1652","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1652/packages"}},{"old_version":"3.1.1","new_version":"3.2.0","update_type":"minor","path":null,"pr_created_at":"2026-05-30T07:07:56.000Z","version_change":"3.1.1 → 3.2.0","issue":{"uuid":"4553655227","node_id":"PR_kwDOSadfsc7g6H3t","number":23,"state":"open","title":"chore: bump the actions group across 1 directory with 7 updates","user":"dependabot[bot]","labels":["chore","size/M"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-30T07:07:56.000Z","updated_at":"2026-05-30T07:08:10.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore: bump","group_name":"actions","update_count":7,"packages":[{"name":"rharkor/caching-for-turbo","old_version":"2.3.14","new_version":"2.4.2","repository_url":"https://github.com/rharkor/caching-for-turbo"},{"name":"github/codeql-action","old_version":"4.35.3","new_version":"4.36.0","repository_url":"https://github.com/github/codeql-action"},{"name":"actions/create-github-app-token","old_version":"3.1.1","new_version":"3.2.0","repository_url":"https://github.com/actions/create-github-app-token"},{"name":"docker/setup-buildx-action","old_version":"4.0.0","new_version":"4.1.0","repository_url":"https://github.com/docker/setup-buildx-action"},{"name":"docker/login-action","old_version":"4.1.0","new_version":"4.2.0","repository_url":"https://github.com/docker/login-action"},{"name":"docker/build-push-action","old_version":"7.1.0","new_version":"7.2.0","repository_url":"https://github.com/docker/build-push-action"},{"name":"azure/trusted-signing-action","old_version":"1.2.0","new_version":"2.0.0","repository_url":"https://github.com/azure/trusted-signing-action"}],"path":null,"ecosystem":"actions"},"body":"Bumps the actions group with 7 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [rharkor/caching-for-turbo](https://github.com/rharkor/caching-for-turbo) | `2.3.14` | `2.4.2` |\n| [github/codeql-action](https://github.com/github/codeql-action) | `4.35.3` | `4.36.0` |\n| [actions/create-github-app-token](https://github.com/actions/create-github-app-token) | `3.1.1` | `3.2.0` |\n| [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) | `4.0.0` | `4.1.0` |\n| [docker/login-action](https://github.com/docker/login-action) | `4.1.0` | `4.2.0` |\n| [docker/build-push-action](https://github.com/docker/build-push-action) | `7.1.0` | `7.2.0` |\n| [azure/trusted-signing-action](https://github.com/azure/trusted-signing-action) | `1.2.0` | `2.0.0` |\n\n\nUpdates `rharkor/caching-for-turbo` from 2.3.14 to 2.4.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rharkor/caching-for-turbo/releases\"\u003erharkor/caching-for-turbo's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.4.2\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/rharkor/caching-for-turbo/compare/v2.4.1...v2.4.2\"\u003e2.4.2\u003c/a\u003e (2026-05-15)\u003c/h2\u003e\n\u003ch3\u003eMiscellaneous Chores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update aws-sdk-js-v3 monorepo to v3.1046.0 (\u003ca href=\"https://redirect.github.com/rharkor/caching-for-turbo/issues/924\"\u003e#924\u003c/a\u003e) (\u003ca href=\"https://github.com/rharkor/caching-for-turbo/commit/1097ea0917d4ea330e130d4e667ae03b78b09e80\"\u003e1097ea0\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update aws-sdk-js-v3 monorepo to v3.1047.0 (\u003ca href=\"https://redirect.github.com/rharkor/caching-for-turbo/issues/928\"\u003e#928\u003c/a\u003e) (\u003ca href=\"https://github.com/rharkor/caching-for-turbo/commit/e479b5ad758bb348b0a9b02844ae01c7c806e22c\"\u003ee479b5a\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update dependency \u003ccode\u003e@​types/node\u003c/code\u003e to v24.12.4 (\u003ca href=\"https://redirect.github.com/rharkor/caching-for-turbo/issues/922\"\u003e#922\u003c/a\u003e) (\u003ca href=\"https://github.com/rharkor/caching-for-turbo/commit/48e0a229bea36515b8f592d32a0612cbfb879d25\"\u003e48e0a22\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update dependency tsx to v4.21.1 (\u003ca href=\"https://redirect.github.com/rharkor/caching-for-turbo/issues/925\"\u003e#925\u003c/a\u003e) (\u003ca href=\"https://github.com/rharkor/caching-for-turbo/commit/a8fb8606bd25aa6aa8d907f3fa09750a1e197f0e\"\u003ea8fb860\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update dependency tsx to v4.22.0 (\u003ca href=\"https://redirect.github.com/rharkor/caching-for-turbo/issues/926\"\u003e#926\u003c/a\u003e) (\u003ca href=\"https://github.com/rharkor/caching-for-turbo/commit/be65592a32eee326ba0450df565df389b2d3fe22\"\u003ebe65592\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update dependency turbo to v2.9.14 (\u003ca href=\"https://redirect.github.com/rharkor/caching-for-turbo/issues/927\"\u003e#927\u003c/a\u003e) (\u003ca href=\"https://github.com/rharkor/caching-for-turbo/commit/228e10fa85ed2aa1a39b1ab8782e9a56e43f9be8\"\u003e228e10f\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update dependency wait-on to v9.0.10 (\u003ca href=\"https://redirect.github.com/rharkor/caching-for-turbo/issues/919\"\u003e#919\u003c/a\u003e) (\u003ca href=\"https://github.com/rharkor/caching-for-turbo/commit/e38d6a8f6756436e9b9dccffcad76f2ca5204052\"\u003ee38d6a8\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update typescript-eslint monorepo to v8.59.3 (\u003ca href=\"https://redirect.github.com/rharkor/caching-for-turbo/issues/921\"\u003e#921\u003c/a\u003e) (\u003ca href=\"https://github.com/rharkor/caching-for-turbo/commit/8b547c3077086499d515c4d7242e00c70643f93f\"\u003e8b547c3\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003esync:\u003c/strong\u003e restore package.json from main (\u003ca href=\"https://github.com/rharkor/caching-for-turbo/commit/45a958f8aaffc30acdeceb1aab6a6ac508b92386\"\u003e45a958f\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCI/CD\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003etrigger PR checks with pull_request instead of pull_request_target (\u003ca href=\"https://github.com/rharkor/caching-for-turbo/commit/a900bf2795960299444b4a5a981a7b9fd015e941\"\u003ea900bf2\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.4.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/rharkor/caching-for-turbo/compare/v2.4.0...v2.4.1\"\u003e2.4.1\u003c/a\u003e (2026-05-13)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eformat (\u003ca href=\"https://github.com/rharkor/caching-for-turbo/commit/b202f94262701ce5f5ceb0d3c6ec818edb12b1e1\"\u003eb202f94\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMiscellaneous Chores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003esync:\u003c/strong\u003e restore package.json from main (\u003ca href=\"https://github.com/rharkor/caching-for-turbo/commit/ee71897b0c458f948fe04a13808f750683359fca\"\u003eee71897\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.4.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/rharkor/caching-for-turbo/compare/v2.3.14...v2.4.0\"\u003e2.4.0\u003c/a\u003e (2026-05-11)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003esupport port 0 for automatic port assignment (\u003ca href=\"https://github.com/rharkor/caching-for-turbo/commit/a384771fbbc2bc42c74a4ff7d31578655c7ba19e\"\u003ea384771\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/rharkor/caching-for-turbo/issues/917\"\u003e#917\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eformat (\u003ca href=\"https://github.com/rharkor/caching-for-turbo/commit/5e6c588b628d6eba5796ef8decd7881467c43a0e\"\u003e5e6c588\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eport stuck devrun (\u003ca href=\"https://github.com/rharkor/caching-for-turbo/commit/4c3a62318cf4c51fb13aaf67e84c4cef076aafa6\"\u003e4c3a623\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMiscellaneous Chores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update aws-sdk-js-v3 monorepo to v3.1036.0 (\u003ca href=\"https://redirect.github.com/rharkor/caching-for-turbo/issues/889\"\u003e#889\u003c/a\u003e) (\u003ca href=\"https://github.com/rharkor/caching-for-turbo/commit/146dba66e3df34ac64f1121885026bfb9e9975b7\"\u003e146dba6\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update aws-sdk-js-v3 monorepo to v3.1037.0 (\u003ca href=\"https://redirect.github.com/rharkor/caching-for-turbo/issues/890\"\u003e#890\u003c/a\u003e) (\u003ca href=\"https://github.com/rharkor/caching-for-turbo/commit/4cd0f589bcd7f761d83d7e047f0144478297ba82\"\u003e4cd0f58\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update aws-sdk-js-v3 monorepo to v3.1038.0 (\u003ca href=\"https://redirect.github.com/rharkor/caching-for-turbo/issues/892\"\u003e#892\u003c/a\u003e) (\u003ca href=\"https://github.com/rharkor/caching-for-turbo/commit/db644453afe16bd45111e74234a0b553adf0f646\"\u003edb64445\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update aws-sdk-js-v3 monorepo to v3.1039.0 (\u003ca href=\"https://redirect.github.com/rharkor/caching-for-turbo/issues/893\"\u003e#893\u003c/a\u003e) (\u003ca href=\"https://github.com/rharkor/caching-for-turbo/commit/38aabd9da3d830b63866379c9b285aa4320ef560\"\u003e38aabd9\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update aws-sdk-js-v3 monorepo to v3.1040.0 (\u003ca href=\"https://redirect.github.com/rharkor/caching-for-turbo/issues/894\"\u003e#894\u003c/a\u003e) (\u003ca href=\"https://github.com/rharkor/caching-for-turbo/commit/94bcc4142feeedd7d1f565cd41eacec9df746285\"\u003e94bcc41\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update aws-sdk-js-v3 monorepo to v3.1041.0 (\u003ca href=\"https://redirect.github.com/rharkor/caching-for-turbo/issues/898\"\u003e#898\u003c/a\u003e) (\u003ca href=\"https://github.com/rharkor/caching-for-turbo/commit/427799b92cdfe2ec67a9cb680bf2c2aedb1c1068\"\u003e427799b\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rharkor/caching-for-turbo/commit/5d14fba18e450c09393333cfd4242e8b3cb455a6\"\u003e\u003ccode\u003e5d14fba\u003c/code\u003e\u003c/a\u003e chore(release): 2.4.2 [skip ci]\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rharkor/caching-for-turbo/commit/45a958f8aaffc30acdeceb1aab6a6ac508b92386\"\u003e\u003ccode\u003e45a958f\u003c/code\u003e\u003c/a\u003e chore(sync): restore package.json from main\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rharkor/caching-for-turbo/commit/3b4c3d80e7ba25b2efff7e332a08e4877dbf1880\"\u003e\u003ccode\u003e3b4c3d8\u003c/code\u003e\u003c/a\u003e Merge remote-tracking branch 'origin/main' into main-release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rharkor/caching-for-turbo/commit/7ca2ad4301ad4c5744006c694931f175b3b5f34f\"\u003e\u003ccode\u003e7ca2ad4\u003c/code\u003e\u003c/a\u003e Merge branch 'main' of github.com:rharkor/caching-for-turbo\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rharkor/caching-for-turbo/commit/a900bf2795960299444b4a5a981a7b9fd015e941\"\u003e\u003ccode\u003ea900bf2\u003c/code\u003e\u003c/a\u003e ci: trigger PR checks with pull_request instead of pull_request_target\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rharkor/caching-for-turbo/commit/e479b5ad758bb348b0a9b02844ae01c7c806e22c\"\u003e\u003ccode\u003ee479b5a\u003c/code\u003e\u003c/a\u003e chore(deps): update aws-sdk-js-v3 monorepo to v3.1047.0 (\u003ca href=\"https://redirect.github.com/rharkor/caching-for-turbo/issues/928\"\u003e#928\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rharkor/caching-for-turbo/commit/228e10fa85ed2aa1a39b1ab8782e9a56e43f9be8\"\u003e\u003ccode\u003e228e10f\u003c/code\u003e\u003c/a\u003e chore(deps): update dependency turbo to v2.9.14 (\u003ca href=\"https://redirect.github.com/rharkor/caching-for-turbo/issues/927\"\u003e#927\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rharkor/caching-for-turbo/commit/be65592a32eee326ba0450df565df389b2d3fe22\"\u003e\u003ccode\u003ebe65592\u003c/code\u003e\u003c/a\u003e chore(deps): update dependency tsx to v4.22.0 (\u003ca href=\"https://redirect.github.com/rharkor/caching-for-turbo/issues/926\"\u003e#926\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rharkor/caching-for-turbo/commit/a8fb8606bd25aa6aa8d907f3fa09750a1e197f0e\"\u003e\u003ccode\u003ea8fb860\u003c/code\u003e\u003c/a\u003e chore(deps): update dependency tsx to v4.21.1 (\u003ca href=\"https://redirect.github.com/rharkor/caching-for-turbo/issues/925\"\u003e#925\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rharkor/caching-for-turbo/commit/1097ea0917d4ea330e130d4e667ae03b78b09e80\"\u003e\u003ccode\u003e1097ea0\u003c/code\u003e\u003c/a\u003e chore(deps): update aws-sdk-js-v3 monorepo to v3.1046.0 (\u003ca href=\"https://redirect.github.com/rharkor/caching-for-turbo/issues/924\"\u003e#924\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/rharkor/caching-for-turbo/compare/56219402aacc0d06b650d898c222996dbc1191ec...5d14fba18e450c09393333cfd4242e8b3cb455a6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github/codeql-action` from 4.35.3 to 4.36.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/github/codeql-action/releases\"\u003egithub/codeql-action's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.36.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cem\u003eBreaking change\u003c/em\u003e: Bump the minimum required CodeQL bundle version to 2.19.4. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3894\"\u003e#3894\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd support for SHA-256 Git object IDs. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3893\"\u003e#3893\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.5\"\u003e2.25.5\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3926\"\u003e#3926\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.35.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eWe have improved how the JavaScript bundles for the CodeQL Action are generated to avoid duplication across bundles and reduce the size of the repository by around 70%. This should have no effect on the runtime behaviour of the CodeQL Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3899\"\u003e#3899\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFor performance and accuracy reasons, \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e will now only be enabled on a pull request when diff-informed analysis is also enabled for that run. If diff-informed analysis is unavailable (for example, because the PR diff ranges could not be computed), the action will fall back to a full analysis. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3791\"\u003e#3791\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIf multiple inputs are provided for the GitHub-internal \u003ccode\u003eanalysis-kinds\u003c/code\u003e input, only \u003ccode\u003ecode-scanning\u003c/code\u003e will be enabled. The \u003ccode\u003eanalysis-kinds\u003c/code\u003e input is experimental, for GitHub-internal use only, and may change without notice at any time. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3892\"\u003e#3892\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded an experimental change which, when running a Code Scanning analysis for a PR with \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e enabled, prefers CodeQL CLI versions that have a cached overlay-base database for the configured languages. This speeds up analysis for a repository when there is not yet a cached overlay-base database for the latest CLI version. We expect to roll this change out to everyone in May. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3880\"\u003e#3880\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.35.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.4\"\u003e2.25.4\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3881\"\u003e#3881\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/github/codeql-action/blob/main/CHANGELOG.md\"\u003egithub/codeql-action's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eCodeQL Action Changelog\u003c/h1\u003e\n\u003cp\u003eSee the \u003ca href=\"https://github.com/github/codeql-action/releases\"\u003ereleases page\u003c/a\u003e for the relevant changes to the CodeQL CLI and language packs.\u003c/p\u003e\n\u003ch2\u003e[UNRELEASED]\u003c/h2\u003e\n\u003cp\u003eNo user facing changes.\u003c/p\u003e\n\u003ch2\u003e4.36.0 - 22 May 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cem\u003eBreaking change\u003c/em\u003e: Bump the minimum required CodeQL bundle version to 2.19.4. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3894\"\u003e#3894\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd support for SHA-256 Git object IDs. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3893\"\u003e#3893\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.5\"\u003e2.25.5\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3926\"\u003e#3926\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.5 - 15 May 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eWe have improved how the JavaScript bundles for the CodeQL Action are generated to avoid duplication across bundles and reduce the size of the repository by around 70%. This should have no effect on the runtime behaviour of the CodeQL Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3899\"\u003e#3899\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFor performance and accuracy reasons, \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e will now only be enabled on a pull request when diff-informed analysis is also enabled for that run. If diff-informed analysis is unavailable (for example, because the PR diff ranges could not be computed), the action will fall back to a full analysis. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3791\"\u003e#3791\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIf multiple inputs are provided for the GitHub-internal \u003ccode\u003eanalysis-kinds\u003c/code\u003e input, only \u003ccode\u003ecode-scanning\u003c/code\u003e will be enabled. The \u003ccode\u003eanalysis-kinds\u003c/code\u003e input is experimental, for GitHub-internal use only, and may change without notice at any time. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3892\"\u003e#3892\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded an experimental change which, when running a Code Scanning analysis for a PR with \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e enabled, prefers CodeQL CLI versions that have a cached overlay-base database for the configured languages. This speeds up analysis for a repository when there is not yet a cached overlay-base database for the latest CLI version. We expect to roll this change out to everyone in May. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3880\"\u003e#3880\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.4 - 07 May 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.4\"\u003e2.25.4\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3881\"\u003e#3881\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.3 - 01 May 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cem\u003eUpcoming breaking change\u003c/em\u003e: Add a deprecation warning for customers using CodeQL version 2.19.3 and earlier. These versions of CodeQL were discontinued on 9 April 2026 alongside GitHub Enterprise Server 3.15, and will be unsupported by the next minor release of the CodeQL Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3837\"\u003e#3837\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eConfigurations for private registries that use Cloudsmith or GCP OIDC are now accepted. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3850\"\u003e#3850\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBest-effort connection tests for private registries now use \u003ccode\u003eGET\u003c/code\u003e requests instead of \u003ccode\u003eHEAD\u003c/code\u003e for better compatibility with various registry implementations. For NuGet feeds, the test is now always performed against the service index. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3853\"\u003e#3853\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed a bug where two diagnostics produced within the same millisecond could overwrite each other on disk, causing one of them to be lost. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3852\"\u003e#3852\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.3\"\u003e2.25.3\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3865\"\u003e#3865\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.2 - 15 Apr 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eThe undocumented TRAP cache cleanup feature that could be enabled using the \u003ccode\u003eCODEQL_ACTION_CLEANUP_TRAP_CACHES\u003c/code\u003e environment variable is deprecated and will be removed in May 2026. If you are affected by this, we recommend disabling TRAP caching by passing the \u003ccode\u003etrap-caching: false\u003c/code\u003e input to the \u003ccode\u003einit\u003c/code\u003e Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3795\"\u003e#3795\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe Git version 2.36.0 requirement for improved incremental analysis now only applies to repositories that contain submodules. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3789\"\u003e#3789\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePython analysis on GHES no longer extracts the standard library, relying instead on models of the standard library. This should result in significantly faster extraction and analysis times, while the effect on alerts should be minimal. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3794\"\u003e#3794\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed a bug in the validation of OIDC configurations for private registries that was added in CodeQL Action 4.33.0 / 3.33.0. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3807\"\u003e#3807\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.2\"\u003e2.25.2\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3823\"\u003e#3823\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.1 - 27 Mar 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix incorrect minimum required Git version for \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e: it should have been 2.36.0, not 2.11.0. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3781\"\u003e#3781\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.0 - 27 Mar 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReduced the minimum Git version required for \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e from 2.38.0 to 2.11.0. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3767\"\u003e#3767\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.1\"\u003e2.25.1\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3773\"\u003e#3773\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/7211b7c8077ea37d8641b6271f6a365a22a5fbfa\"\u003e\u003ccode\u003e7211b7c\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3927\"\u003e#3927\u003c/a\u003e from github/update-v4.36.0-ebc2d9e2b\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/7740f2fb21add1d46278215acea47540db22f022\"\u003e\u003ccode\u003e7740f2f\u003c/code\u003e\u003c/a\u003e Update changelog for v4.36.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/ebc2d9e2bc247eec51bee8d4df806c4030eb0761\"\u003e\u003ccode\u003eebc2d9e\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3926\"\u003e#3926\u003c/a\u003e from github/update-bundle/codeql-bundle-v2.25.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/d1f74b777c95c777bf4f42ce4b250bc916e745c7\"\u003e\u003ccode\u003ed1f74b7\u003c/code\u003e\u003c/a\u003e Add changelog note\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/2dc40cec39bdc63d3561d74fa6100cebb0418ff4\"\u003e\u003ccode\u003e2dc40ce\u003c/code\u003e\u003c/a\u003e Update default bundle to codeql-bundle-v2.25.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/84498526a009a99c875e83ef4821a8ba52de7c22\"\u003e\u003ccode\u003e8449852\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3910\"\u003e#3910\u003c/a\u003e from github/henrymercer/repo-size-diff-check\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/72ac23c6d16b29fbe801e87e3439941558c53094\"\u003e\u003ccode\u003e72ac23c\u003c/code\u003e\u003c/a\u003e Update excluded required check list\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/c5297a28a2c3e6a8062041b58858bd7117cebe37\"\u003e\u003ccode\u003ec5297a2\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3919\"\u003e#3919\u003c/a\u003e from github/henrymercer/workflow-concurrency\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/8ffeae7d05bc1b914a009d197e64e4f5c9e14503\"\u003e\u003ccode\u003e8ffeae7\u003c/code\u003e\u003c/a\u003e CI: Automatically cancel non-generated workflows\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/f3f52bf568dc44a1069faafa538caa6b1fec40c9\"\u003e\u003ccode\u003ef3f52bf\u003c/code\u003e\u003c/a\u003e Revert \u003ccode\u003egetErrorMessage\u003c/code\u003e import\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/github/codeql-action/compare/e46ed2cbd01164d986452f91f178727624ae40d7...7211b7c8077ea37d8641b6271f6a365a22a5fbfa\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `actions/create-github-app-token` from 3.1.1 to 3.2.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/create-github-app-token/releases\"\u003eactions/create-github-app-token's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.2.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/compare/v3.1.1...v3.2.0\"\u003e3.2.0\u003c/a\u003e (2026-05-12)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd support for enterprise-level GitHub Apps (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/263\"\u003e#263\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/952a2a7073df6bfa5f49bc469ec895b6ec1acea4\"\u003e952a2a7\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esupport full repository names in \u003ccode\u003erepositories\u003c/code\u003e input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/372\"\u003e#372\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/85eb8dd41472213aed25d1a126460e0069138ab6\"\u003e85eb8dd\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1 in the production-dependencies group (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/364\"\u003e#364\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/43e5c345bfd4d4f3ecea019ad0042001a09dd857\"\u003e43e5c34\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003evalidate private-key input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/376\"\u003e#376\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/f24bbd89643991c0de27ae823c01791b2c6bafdd\"\u003ef24bbd8\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/create-github-app-token/blob/main/CHANGELOG.md\"\u003eactions/create-github-app-token's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/compare/v3.1.1...v3.2.0\"\u003e3.2.0\u003c/a\u003e (2026-05-12)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd support for enterprise-level GitHub Apps (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/263\"\u003e#263\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/952a2a7073df6bfa5f49bc469ec895b6ec1acea4\"\u003e952a2a7\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esupport full repository names in \u003ccode\u003erepositories\u003c/code\u003e input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/372\"\u003e#372\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/85eb8dd41472213aed25d1a126460e0069138ab6\"\u003e85eb8dd\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1 in the production-dependencies group (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/364\"\u003e#364\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/43e5c345bfd4d4f3ecea019ad0042001a09dd857\"\u003e43e5c34\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003evalidate private-key input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/376\"\u003e#376\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/f24bbd89643991c0de27ae823c01791b2c6bafdd\"\u003ef24bbd8\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/bcd2ba49218906704ab6c1aa796996da409d3eb1\"\u003e\u003ccode\u003ebcd2ba4\u003c/code\u003e\u003c/a\u003e chore(main): release 3.2.0 (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/370\"\u003e#370\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/f24bbd89643991c0de27ae823c01791b2c6bafdd\"\u003e\u003ccode\u003ef24bbd8\u003c/code\u003e\u003c/a\u003e fix: validate private-key input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/376\"\u003e#376\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/363531b6d972a60a00b3f1e6bb139e5e6c764cd9\"\u003e\u003ccode\u003e363531b\u003c/code\u003e\u003c/a\u003e docs: capitalize Git as a proper noun in README (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/374\"\u003e#374\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/fd2801133e469d2950f2c5af5e591d6b2ad833c8\"\u003e\u003ccode\u003efd28011\u003c/code\u003e\u003c/a\u003e docs: update procedure to configure Git (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/287\"\u003e#287\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/85eb8dd41472213aed25d1a126460e0069138ab6\"\u003e\u003ccode\u003e85eb8dd\u003c/code\u003e\u003c/a\u003e feat: support full repository names in \u003ccode\u003erepositories\u003c/code\u003e input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/372\"\u003e#372\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/c9aabb83728c3bd519212fa657ebc07e1f2a5dec\"\u003e\u003ccode\u003ec9aabb8\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump yaml from 2.8.3 to 2.8.4 in the development-dependencie...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/e02e816e5591415258a53bf735aff57977dcd5e2\"\u003e\u003ccode\u003ee02e816\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump undici from 7.24.6 to 8.2.0 (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/366\"\u003e#366\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/8d835bfd37aa48fcb8e709925115857568d98bc4\"\u003e\u003ccode\u003e8d835bf\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump esbuild from 0.27.4 to 0.28.0 in the development-depend...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/952a2a7073df6bfa5f49bc469ec895b6ec1acea4\"\u003e\u003ccode\u003e952a2a7\u003c/code\u003e\u003c/a\u003e feat: add support for enterprise-level GitHub Apps (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/263\"\u003e#263\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/43e5c345bfd4d4f3ecea019ad0042001a09dd857\"\u003e\u003ccode\u003e43e5c34\u003c/code\u003e\u003c/a\u003e fix(deps): bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1 in the production-dependenc...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/actions/create-github-app-token/compare/1b10c78c7865c340bc4f6099eb2f838309f1e8c3...bcd2ba49218906704ab6c1aa796996da409d3eb1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `docker/setup-buildx-action` from 4.0.0 to 4.1.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/docker/setup-buildx-action/releases\"\u003edocker/setup-buildx-action's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.1.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBump \u003ccode\u003e@​docker/actions-toolkit\u003c/code\u003e from 0.79.0 to 0.90.0 in \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/pull/489\"\u003edocker/setup-buildx-action#489\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump brace-expansion from 1.1.12 to 5.0.6 in \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/pull/547\"\u003edocker/setup-buildx-action#547\u003c/a\u003e \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/pull/508\"\u003edocker/setup-buildx-action#508\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump fast-xml-builder from 1.0.0 to 1.2.0 in \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/pull/540\"\u003edocker/setup-buildx-action#540\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump fast-xml-parser from 5.4.2 to 5.8.0 in \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/pull/496\"\u003edocker/setup-buildx-action#496\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump flatted from 3.3.3 to 3.4.2 in \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/pull/499\"\u003edocker/setup-buildx-action#499\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump glob from 10.3.12 to 13.0.6 in \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/pull/495\"\u003edocker/setup-buildx-action#495\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump handlebars from 4.7.8 to 4.7.9 in \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/pull/504\"\u003edocker/setup-buildx-action#504\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump lodash from 4.17.23 to 4.18.1 in \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/pull/523\"\u003edocker/setup-buildx-action#523\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump picomatch from 4.0.3 to 4.0.4 in \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/pull/503\"\u003edocker/setup-buildx-action#503\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump postcss from 8.5.6 to 8.5.10 in \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/pull/537\"\u003edocker/setup-buildx-action#537\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump tar from 6.2.1 to 7.5.15 in \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/pull/545\"\u003edocker/setup-buildx-action#545\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump undici from 6.23.0 to 6.25.0 in \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/pull/492\"\u003edocker/setup-buildx-action#492\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump vite from 7.3.1 to 7.3.2 in \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/pull/520\"\u003edocker/setup-buildx-action#520\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/docker/setup-buildx-action/compare/v4.0.0...v4.1.0\"\u003ehttps://github.com/docker/setup-buildx-action/compare/v4.0.0...v4.1.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/setup-buildx-action/commit/d7f5e7f509e45cec5c76c4d5afdd7de93d0b3df5\"\u003e\u003ccode\u003ed7f5e7f\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/issues/489\"\u003e#489\u003c/a\u003e from docker/dependabot/npm_and_yarn/docker/actions-to...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/setup-buildx-action/commit/92bc5c9777806d0a73d9d668ba2114fa1177f164\"\u003e\u003ccode\u003e92bc5c9\u003c/code\u003e\u003c/a\u003e chore: update generated content\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/setup-buildx-action/commit/da11e35abee0f20cb4f1c1b7c461d37c29be52f5\"\u003e\u003ccode\u003eda11e35\u003c/code\u003e\u003c/a\u003e build(deps): bump \u003ccode\u003e@​docker/actions-toolkit\u003c/code\u003e from 0.79.0 to 0.90.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/setup-buildx-action/commit/f021e162ef95b6fba51af1c6674f537f25bce851\"\u003e\u003ccode\u003ef021e16\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/issues/492\"\u003e#492\u003c/a\u003e from docker/dependabot/npm_and_yarn/undici-6.24.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/setup-buildx-action/commit/b5af94fab700aee0c64d6077e0e34ae987815b67\"\u003e\u003ccode\u003eb5af94f\u003c/code\u003e\u003c/a\u003e chore: update generated content\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/setup-buildx-action/commit/16ad9776a801d0c47f0a05f007b88a3789aa8ab6\"\u003e\u003ccode\u003e16ad977\u003c/code\u003e\u003c/a\u003e build(deps): bump undici from 6.23.0 to 6.25.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/setup-buildx-action/commit/d7a12d7df895b33bd02a9b4bf62a12f2b9a24458\"\u003e\u003ccode\u003ed7a12d7\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/issues/495\"\u003e#495\u003c/a\u003e from docker/dependabot/npm_and_yarn/glob-10.5.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/setup-buildx-action/commit/28ff27de4eed7518d361591f2cd1dfb69c34a7cb\"\u003e\u003ccode\u003e28ff27d\u003c/code\u003e\u003c/a\u003e build(deps): bump glob from 10.3.12 to 13.0.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/setup-buildx-action/commit/daf436b50e13d9053b9730cbc16516891878b019\"\u003e\u003ccode\u003edaf436b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/issues/496\"\u003e#496\u003c/a\u003e from docker/dependabot/npm_and_yarn/fast-xml-parser-5...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/setup-buildx-action/commit/9725348367859764880f2f2e688a6b0c353e3f35\"\u003e\u003ccode\u003e9725348\u003c/code\u003e\u003c/a\u003e chore: update generated content\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/docker/setup-buildx-action/compare/4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd...d7f5e7f509e45cec5c76c4d5afdd7de93d0b3df5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `docker/login-action` from 4.1.0 to 4.2.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/docker/login-action/releases\"\u003edocker/login-action's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.2.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1 in \u003ca href=\"https://redirect.github.com/docker/login-action/pull/976\"\u003edocker/login-action#976\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​aws-sdk/client-ecr\u003c/code\u003e and \u003ccode\u003e@​aws-sdk/client-ecr-public\u003c/code\u003e to 3.1050.0 in \u003ca href=\"https://redirect.github.com/docker/login-action/pull/960\"\u003edocker/login-action#960\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​docker/actions-toolkit\u003c/code\u003e from 0.86.0 to 0.90.0 in \u003ca href=\"https://redirect.github.com/docker/login-action/pull/970\"\u003edocker/login-action#970\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump brace-expansion from 2.0.1 to 5.0.6 in \u003ca href=\"https://redirect.github.com/docker/login-action/pull/993\"\u003edocker/login-action#993\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump fast-xml-builder from 1.1.4 to 1.2.0 in \u003ca href=\"https://redirect.github.com/docker/login-action/pull/985\"\u003edocker/login-action#985\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump fast-xml-parser from 5.3.6 to 5.8.0 in \u003ca href=\"https://redirect.github.com/docker/login-action/pull/963\"\u003edocker/login-action#963\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump http-proxy-agent and https-proxy-agent to 9.0.0 in \u003ca href=\"https://redirect.github.com/docker/login-action/pull/961\"\u003edocker/login-action#961\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump postcss from 8.5.6 to 8.5.10 in \u003ca href=\"https://redirect.github.com/docker/login-action/pull/979\"\u003edocker/login-action#979\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump tar from 6.2.1 to 7.5.15 in \u003ca href=\"https://redirect.github.com/docker/login-action/pull/991\"\u003edocker/login-action#991\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump vite from 7.3.1 to 7.3.3 in \u003ca href=\"https://redirect.github.com/docker/login-action/pull/986\"\u003edocker/login-action#986\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/docker/login-action/compare/v4.1.0...v4.2.0\"\u003ehttps://github.com/docker/login-action/compare/v4.1.0...v4.2.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/login-action/commit/650006c6eb7dba73a995cc03b0b2d7f5ca915bee\"\u003e\u003ccode\u003e650006c\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/docker/login-action/issues/960\"\u003e#960\u003c/a\u003e from docker/dependabot/npm_and_yarn/aws-sdk-dependenc...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/login-action/commit/99df1a3f6d65e48177ea57671a50e2242eae4b63\"\u003e\u003ccode\u003e99df1a3\u003c/code\u003e\u003c/a\u003e chore: update generated content\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/login-action/commit/3ab375f324f46da5f6901efeda4be4e2566ebaa2\"\u003e\u003ccode\u003e3ab375f\u003c/code\u003e\u003c/a\u003e build(deps): bump the aws-sdk-dependencies group across 1 directory with 2 up...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/login-action/commit/39d85804ae465a1816c68ff58158ec66883981b4\"\u003e\u003ccode\u003e39d8580\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/docker/login-action/issues/970\"\u003e#970\u003c/a\u003e from docker/dependabot/npm_and_yarn/docker/actions-to...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/login-action/commit/4eefcd33ca7213989697445a78b6730274bfaba6\"\u003e\u003ccode\u003e4eefcd3\u003c/code\u003e\u003c/a\u003e chore: update generated content\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/login-action/commit/56d092c8b3f04006c22f4fc20a2b3d2442caed56\"\u003e\u003ccode\u003e56d092c\u003c/code\u003e\u003c/a\u003e build(deps): bump \u003ccode\u003e@​docker/actions-toolkit\u003c/code\u003e from 0.86.0 to 0.90.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/login-action/commit/e2e31ca87063ae00fd41ad3b9c548dd8ec24c5ff\"\u003e\u003ccode\u003ee2e31ca\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/docker/login-action/issues/976\"\u003e#976\u003c/a\u003e from docker/dependabot/npm_and_yarn/actions/core-3.0.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/login-action/commit/0bced941e843afc786fbfd58b1c6c13ca11e09c9\"\u003e\u003ccode\u003e0bced94\u003c/code\u003e\u003c/a\u003e chore: update generated content\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/login-action/commit/3e75a0f266b07e09777a621d0ca5f4432ef9f10c\"\u003e\u003ccode\u003e3e75a0f\u003c/code\u003e\u003c/a\u003e build(deps): bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/login-action/commit/365bebd9d646160567ebad47824f026e09ee6970\"\u003e\u003ccode\u003e365bebd\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/docker/login-action/issues/984\"\u003e#984\u003c/a\u003e from docker/dependabot/github_actions/aws-actions/con...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/docker/login-action/compare/4907a6ddec9925e35a0a9e82d7399ccc52663121...650006c6eb7dba73a995cc03b0b2d7f5ca915bee\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `docker/build-push-action` from 7.1.0 to 7.2.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/docker/build-push-action/releases\"\u003edocker/build-push-action's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.2.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1 in \u003ca href=\"https://redirect.github.com/docker/build-push-action/pull/1525\"\u003edocker/build-push-action#1525\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​docker/actions-toolkit\u003c/code\u003e from 0.87.0 to 0.90.0 in \u003ca href=\"https://redirect.github.com/docker/build-push-action/pull/1517\"\u003edocker/build-push-action#1517\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump brace-expansion from 2.0.2 to 5.0.6 in \u003ca href=\"https://redirect.github.com/docker/build-push-action/pull/1534\"\u003edocker/build-push-action#1534\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump fast-xml-builder from 1.1.4 to 1.2.0 in \u003ca href=\"https://redirect.github.com/docker/build-push-action/pull/1529\"\u003edocker/build-push-action#1529\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump fast-xml-parser from 5.5.7 to 5.8.0 in \u003ca href=\"https://redirect.github.com/docker/build-push-action/pull/1521\"\u003edocker/build-push-action#1521\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump postcss from 8.5.6 to 8.5.10 in \u003ca href=\"https://redirect.github.com/docker/build-push-action/pull/1526\"\u003edocker/build-push-action#1526\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump tar from 6.2.1 to 7.5.15 in \u003ca href=\"https://redirect.github.com/docker/build-push-action/pull/1533\"\u003edocker/build-push-action#1533\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/docker/build-push-action/compare/v7.1.0...v7.2.0\"\u003ehttps://github.com/docker/build-push-action/compare/v7.1.0...v7.2.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/build-push-action/commit/f9f3042f7e2789586610d6e8b85c8f03e5195baf\"\u003e\u003ccode\u003ef9f3042\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/docker/build-push-action/issues/1517\"\u003e#1517\u003c/a\u003e from docker/dependabot/npm_and_yarn/docker/actions-t...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/build-push-action/commit/812d5fd9212a4c5d419e5be02fd8e9bb435c5d76\"\u003e\u003ccode\u003e812d5fd\u003c/code\u003e\u003c/a\u003e chore: update generated content\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/build-push-action/commit/b6f66930769f2917a3275dc4d81f15583ac7e105\"\u003e\u003ccode\u003eb6f6693\u003c/code\u003e\u003c/a\u003e chore(deps): Bump \u003ccode\u003e@​docker/actions-toolkit\u003c/code\u003e from 0.87.0 to 0.90.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/build-push-action/commit/c1c626eced73a500ec65c4256c620b3b9e8278c0\"\u003e\u003ccode\u003ec1c626e\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/docker/build-push-action/issues/1525\"\u003e#1525\u003c/a\u003e from docker/dependabot/npm_and_yarn/actions/core-3.0.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/build-push-action/commit/51bb284cd4d05650aa6f5e4e22cb96d2cbfe62b7\"\u003e\u003ccode\u003e51bb284\u003c/code\u003e\u003c/a\u003e chore: update generated content\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/build-push-action/commit/5f7884def8f133e8ef40c53d003d1471c05621c6\"\u003e\u003ccode\u003e5f7884d\u003c/code\u003e\u003c/a\u003e chore(deps): Bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/build-push-action/commit/e01deff7d956c756a20f3e19ff7ddc0e4a50fc1d\"\u003e\u003ccode\u003ee01deff\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/docker/build-push-action/issues/1521\"\u003e#1521\u003c/a\u003e from docker/dependabot/npm_and_yarn/fast-xml-parser-...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/build-push-action/commit/3804d497934b39bd591ee9d1c6c9e593b4488a67\"\u003e\u003ccode\u003e3804d49\u003c/code\u003e\u003c/a\u003e chore: update generated content\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/build-push-action/commit/71e8947aac5dad23ce83a43e9c98f750e02de2f3\"\u003e\u003ccode\u003e71e8947\u003c/code\u003e\u003c/a\u003e chore(deps): Bump fast-xml-parser from 5.5.7 to 5.8.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/build-push-action/commit/4925ad24cdbc42ff492d76cf9fe7a30b79976b60\"\u003e\u003ccode\u003e4925ad2\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/docker/build-push-action/issues/1526\"\u003e#1526\u003c/a\u003e from docker/dependabot/npm_and_yarn/postcss-8.5.10\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/docker/build-push-action/compare/bcafcacb16a39f128d818304e6c9c0c18556b85f...f9f3042f7e2789586610d6e8b85c8f03e5195baf\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `azure/trusted-signing-action` from 1.2.0 to 2.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/azure/trusted-signing-action/releases\"\u003eazure/trusted-signing-action's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.0.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003erefactor: migrate to new artifactsigning module by \u003ca href=\"https://github.com/Jaxelr\"\u003e\u003ccode\u003e@​Jaxelr\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/Azure/artifact-signing-action/pull/133\"\u003eAzure/artifact-signing-action#133\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: update README runtime version and action references by \u003ca href=\"https://github.com/Jaxelr\"\u003e\u003ccode\u003e@​Jaxelr\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/Azure/artifact-signing-action/pull/139\"\u003eAzure/artifact-signing-action#139\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erefactor: upgrade packages to the latest versions by \u003ca href=\"https://github.com/Jaxelr\"\u003e\u003ccode\u003e@​Jaxelr\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/Azure/artifact-signing-action/pull/135\"\u003eAzure/artifact-signing-action#135\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/Azure/artifact-signing-action/compare/v1.2.0...v2.0.0\"\u003ehttps://github.com/Azure/artifact-signing-action/compare/v1.2.0...v2.0.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Azure/artifact-signing-action/commit/c7ab2a863ab5f9a846ddb8265964877ef296ee82\"\u003e\u003ccode\u003ec7ab2a8\u003c/code\u003e\u003c/a\u003e refactor: upgrade packages to the latest versions (\u003ca href=\"https://redirect.github.com/azure/trusted-signing-action/issues/135\"\u003e#135\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Azure/artifact-signing-action/commit/7664cea6ad50e2f1b08bf6d5b4a371527221231c\"\u003e\u003ccode\u003e7664cea\u003c/code\u003e\u003c/a\u003e docs: update README runtime version and action references (\u003ca href=\"https://redirect.github.com/azure/trusted-signing-action/issues/139\"\u003e#139\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Azure/artifact-signing-action/commit/64185d8ca9555a71ba666fc42fa2ed9461a9d583\"\u003e\u003ccode\u003e64185d8\u003c/code\u003e\u003c/a\u003e refactor: migrate to new artifactsigning module (\u003ca href=\"https://redirect.github.com/azure/trusted-signing-action/issues/133\"\u003e#133\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/azure/trusted-signing-action/compare/b443cf8ea4124818d2ea9f043cba29fc3ec47b16...c7ab2a863ab5f9a846ddb8265964877ef296ee82\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\n\n\n\u003c/details\u003e","html_url":"https://github.com/jon-aiken/stella/pull/23","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/jon-aiken%2Fstella/issues/23","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/23/packages"}},{"old_version":"1","new_version":"3","update_type":null,"path":null,"pr_created_at":"2026-05-29T19:45:43.000Z","version_change":"1 → 3","issue":{"uuid":"4551177626","node_id":"PR_kwDOOBqI787gyJhM","number":16,"state":"open","title":"Bump actions/create-github-app-token from 1 to 3","user":"dependabot[bot]","labels":["dependencies","github_actions"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-29T19:45:43.000Z","updated_at":"2026-05-29T19:46:31.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"actions/create-github-app-token","old_version":"1","new_version":"3","repository_url":"https://github.com/actions/create-github-app-token"}],"path":null,"ecosystem":"actions"},"body":"Bumps [actions/create-github-app-token](https://github.com/actions/create-github-app-token) from 1 to 3.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/create-github-app-token/releases\"\u003eactions/create-github-app-token's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.0.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/compare/v2.2.2...v3.0.0\"\u003e3.0.0\u003c/a\u003e (2026-03-14)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003efeat!: node 24 support (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/275\"\u003e#275\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/2e564a0bb8e7cc2b907b2401a2afe177882d4325\"\u003e2e564a0\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix!: require \u003ccode\u003eNODE_USE_ENV_PROXY\u003c/code\u003e for proxy support (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/342\"\u003e#342\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/4451bcbc139f8124b0bf04f968ea2586b17df458\"\u003e4451bcb\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eremove custom proxy handling (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/143\"\u003e#143\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/dce0ab05f36f30b22fd14289fd36655c618e4e8e\"\u003edce0ab0\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCustom proxy handling has been removed. If you use HTTP_PROXY or HTTPS_PROXY, you must now also set NODE_USE_ENV_PROXY=1 on the action step.\u003c/li\u003e\n\u003cli\u003eRequires \u003ca href=\"https://github.com/actions/runner/releases/tag/v2.327.1\"\u003eActions Runner v2.327.1\u003c/a\u003e or later if you are using a self-hosted runner.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.0.0-beta.6\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/compare/v3.0.0-beta.5...v3.0.0-beta.6\"\u003e3.0.0-beta.6\u003c/a\u003e (2026-03-13)\u003c/h1\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 1.11.1 to 3.0.0 (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/337\"\u003e#337\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/b04413352d4644ac2131b9a90c074f5e93ca18a1\"\u003eb044133\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump minimatch from 9.0.5 to 9.0.9 (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/335\"\u003e#335\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/5cbc65624c9ddc4589492bda7c8b146223e8c3e4\"\u003e5cbc656\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump the production-dependencies group with 4 updates (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/336\"\u003e#336\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/6bda5bc1410576b9a0879ce6076d53345485bba9\"\u003e6bda5bc\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump undici from 7.16.0 to 7.18.2 (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/323\"\u003e#323\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/b4f638f48ee0dcdbb0bc646c48e4cb2a2de847fe\"\u003eb4f638f\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.0.0-beta.5\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/compare/v3.0.0-beta.4...v3.0.0-beta.5\"\u003e3.0.0-beta.5\u003c/a\u003e (2026-03-13)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003efix!: require \u003ccode\u003eNODE_USE_ENV_PROXY\u003c/code\u003e for proxy support (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/342\"\u003e#342\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/d53a1cdfde844c958786293adcaf739ecb8b5eb9\"\u003ed53a1cd\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCustom proxy handling has been removed. If you use HTTP_PROXY or HTTPS_PROXY, you must now also set NODE_USE_ENV_PROXY=1 on the action step.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.0.0-beta.4\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/compare/v3.0.0-beta.3...v3.0.0-beta.4\"\u003e3.0.0-beta.4\u003c/a\u003e (2026-03-13)\u003c/h1\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump \u003ccode\u003e@​octokit/auth-app\u003c/code\u003e from 7.2.1 to 8.0.1 (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/257\"\u003e#257\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/bef1eaf1c0ac2b148ee2a0a74c65fbe6db0631f1\"\u003ebef1eaf\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump \u003ccode\u003e@​octokit/request\u003c/code\u003e from 9.2.3 to 10.0.2 (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/256\"\u003e#256\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/5d7307be63501c0070c634b0ae8fec74e8208130\"\u003e5d7307b\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump glob from 10.4.5 to 10.5.0 (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/305\"\u003e#305\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/5480f4325a18c025ee16d7e081413854624e9edc\"\u003e5480f43\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump p-retry from 6.2.1 to 7.1.0 (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/294\"\u003e#294\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/dce3be8b284f45e65caed11a610e2bef738d15b4\"\u003edce3be8\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/create-github-app-token/blob/main/CHANGELOG.md\"\u003eactions/create-github-app-token's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/compare/v3.1.1...v3.2.0\"\u003e3.2.0\u003c/a\u003e (2026-05-12)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd support for enterprise-level GitHub Apps (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/263\"\u003e#263\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/952a2a7073df6bfa5f49bc469ec895b6ec1acea4\"\u003e952a2a7\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esupport full repository names in \u003ccode\u003erepositories\u003c/code\u003e input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/372\"\u003e#372\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/85eb8dd41472213aed25d1a126460e0069138ab6\"\u003e85eb8dd\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1 in the production-dependencies group (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/364\"\u003e#364\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/43e5c345bfd4d4f3ecea019ad0042001a09dd857\"\u003e43e5c34\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003evalidate private-key input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/376\"\u003e#376\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/f24bbd89643991c0de27ae823c01791b2c6bafdd\"\u003ef24bbd8\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/bcd2ba49218906704ab6c1aa796996da409d3eb1\"\u003e\u003ccode\u003ebcd2ba4\u003c/code\u003e\u003c/a\u003e chore(main): release 3.2.0 (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/370\"\u003e#370\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/f24bbd89643991c0de27ae823c01791b2c6bafdd\"\u003e\u003ccode\u003ef24bbd8\u003c/code\u003e\u003c/a\u003e fix: validate private-key input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/376\"\u003e#376\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/363531b6d972a60a00b3f1e6bb139e5e6c764cd9\"\u003e\u003ccode\u003e363531b\u003c/code\u003e\u003c/a\u003e docs: capitalize Git as a proper noun in README (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/374\"\u003e#374\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/fd2801133e469d2950f2c5af5e591d6b2ad833c8\"\u003e\u003ccode\u003efd28011\u003c/code\u003e\u003c/a\u003e docs: update procedure to configure Git (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/287\"\u003e#287\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/85eb8dd41472213aed25d1a126460e0069138ab6\"\u003e\u003ccode\u003e85eb8dd\u003c/code\u003e\u003c/a\u003e feat: support full repository names in \u003ccode\u003erepositories\u003c/code\u003e input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/372\"\u003e#372\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/c9aabb83728c3bd519212fa657ebc07e1f2a5dec\"\u003e\u003ccode\u003ec9aabb8\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump yaml from 2.8.3 to 2.8.4 in the development-dependencie...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/e02e816e5591415258a53bf735aff57977dcd5e2\"\u003e\u003ccode\u003ee02e816\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump undici from 7.24.6 to 8.2.0 (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/366\"\u003e#366\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/8d835bfd37aa48fcb8e709925115857568d98bc4\"\u003e\u003ccode\u003e8d835bf\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump esbuild from 0.27.4 to 0.28.0 in the development-depend...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/952a2a7073df6bfa5f49bc469ec895b6ec1acea4\"\u003e\u003ccode\u003e952a2a7\u003c/code\u003e\u003c/a\u003e feat: add support for enterprise-level GitHub Apps (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/263\"\u003e#263\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/43e5c345bfd4d4f3ecea019ad0042001a09dd857\"\u003e\u003ccode\u003e43e5c34\u003c/code\u003e\u003c/a\u003e fix(deps): bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1 in the production-dependenc...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/actions/create-github-app-token/compare/v1...v3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/create-github-app-token\u0026package-manager=github_actions\u0026previous-version=1\u0026new-version=3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/georgebaskervil/geor.me/pull/16","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/georgebaskervil%2Fgeor.me/issues/16","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/16/packages"}},{"old_version":"1.9.3","new_version":"3.2.0","update_type":"major","path":null,"pr_created_at":"2026-05-29T10:10:53.000Z","version_change":"1.9.3 → 3.2.0","issue":{"uuid":"4547610486","node_id":"PR_kwDOSrNuCM7gmZIQ","number":2,"state":"open","title":"chore(actions)(deps): bump actions/create-github-app-token from 1.9.3 to 3.2.0","user":"dependabot[bot]","labels":[],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-29T10:10:53.000Z","updated_at":"2026-05-29T10:11:33.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(actions)(deps)","packages":[{"name":"actions/create-github-app-token","old_version":"1.9.3","new_version":"3.2.0","repository_url":"https://github.com/actions/create-github-app-token"}],"path":null,"ecosystem":"actions"},"body":"Bumps [actions/create-github-app-token](https://github.com/actions/create-github-app-token) from 1.9.3 to 3.2.0.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/create-github-app-token/releases\"\u003eactions/create-github-app-token's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.2.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/compare/v3.1.1...v3.2.0\"\u003e3.2.0\u003c/a\u003e (2026-05-12)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd support for enterprise-level GitHub Apps (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/263\"\u003e#263\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/952a2a7073df6bfa5f49bc469ec895b6ec1acea4\"\u003e952a2a7\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esupport full repository names in \u003ccode\u003erepositories\u003c/code\u003e input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/372\"\u003e#372\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/85eb8dd41472213aed25d1a126460e0069138ab6\"\u003e85eb8dd\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1 in the production-dependencies group (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/364\"\u003e#364\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/43e5c345bfd4d4f3ecea019ad0042001a09dd857\"\u003e43e5c34\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003evalidate private-key input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/376\"\u003e#376\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/f24bbd89643991c0de27ae823c01791b2c6bafdd\"\u003ef24bbd8\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.1.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/compare/v3.1.0...v3.1.1\"\u003e3.1.1\u003c/a\u003e (2026-04-11)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eimprove error message when app identifier is empty (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/362\"\u003e#362\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/07e2b760664f080c40eec4eacf7477256582db36\"\u003e07e2b76\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/249\"\u003e#249\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.1.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/compare/v3.0.0...v3.1.0\"\u003e3.1.0\u003c/a\u003e (2026-04-11)\u003c/h1\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump p-retry from 7.1.1 to 8.0.0 (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/357\"\u003e#357\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/3bbe07d928e2d6c30bf3e37c6b89edbc4045facf\"\u003e3bbe07d\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd \u003ccode\u003eclient-id\u003c/code\u003e input and deprecate \u003ccode\u003eapp-id\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/353\"\u003e#353\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/e6bd4e6970172bed9fe138b2eaf4cbffa4cca8f9\"\u003ee6bd4e6\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupdate permission inputs (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/358\"\u003e#358\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/076e9480ca6e9633bff412d05eff0fc2f1e7d2be\"\u003e076e948\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.0.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/compare/v2.2.2...v3.0.0\"\u003e3.0.0\u003c/a\u003e (2026-03-14)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003efeat!: node 24 support (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/275\"\u003e#275\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/2e564a0bb8e7cc2b907b2401a2afe177882d4325\"\u003e2e564a0\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix!: require \u003ccode\u003eNODE_USE_ENV_PROXY\u003c/code\u003e for proxy support (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/342\"\u003e#342\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/4451bcbc139f8124b0bf04f968ea2586b17df458\"\u003e4451bcb\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eremove custom proxy handling (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/143\"\u003e#143\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/dce0ab05f36f30b22fd14289fd36655c618e4e8e\"\u003edce0ab0\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/create-github-app-token/blob/main/CHANGELOG.md\"\u003eactions/create-github-app-token's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/compare/v3.1.1...v3.2.0\"\u003e3.2.0\u003c/a\u003e (2026-05-12)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd support for enterprise-level GitHub Apps (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/263\"\u003e#263\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/952a2a7073df6bfa5f49bc469ec895b6ec1acea4\"\u003e952a2a7\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esupport full repository names in \u003ccode\u003erepositories\u003c/code\u003e input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/372\"\u003e#372\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/85eb8dd41472213aed25d1a126460e0069138ab6\"\u003e85eb8dd\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1 in the production-dependencies group (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/364\"\u003e#364\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/43e5c345bfd4d4f3ecea019ad0042001a09dd857\"\u003e43e5c34\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003evalidate private-key input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/376\"\u003e#376\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/f24bbd89643991c0de27ae823c01791b2c6bafdd\"\u003ef24bbd8\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/bcd2ba49218906704ab6c1aa796996da409d3eb1\"\u003e\u003ccode\u003ebcd2ba4\u003c/code\u003e\u003c/a\u003e chore(main): release 3.2.0 (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/370\"\u003e#370\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/f24bbd89643991c0de27ae823c01791b2c6bafdd\"\u003e\u003ccode\u003ef24bbd8\u003c/code\u003e\u003c/a\u003e fix: validate private-key input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/376\"\u003e#376\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/363531b6d972a60a00b3f1e6bb139e5e6c764cd9\"\u003e\u003ccode\u003e363531b\u003c/code\u003e\u003c/a\u003e docs: capitalize Git as a proper noun in README (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/374\"\u003e#374\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/fd2801133e469d2950f2c5af5e591d6b2ad833c8\"\u003e\u003ccode\u003efd28011\u003c/code\u003e\u003c/a\u003e docs: update procedure to configure Git (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/287\"\u003e#287\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/85eb8dd41472213aed25d1a126460e0069138ab6\"\u003e\u003ccode\u003e85eb8dd\u003c/code\u003e\u003c/a\u003e feat: support full repository names in \u003ccode\u003erepositories\u003c/code\u003e input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/372\"\u003e#372\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/c9aabb83728c3bd519212fa657ebc07e1f2a5dec\"\u003e\u003ccode\u003ec9aabb8\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump yaml from 2.8.3 to 2.8.4 in the development-dependencie...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/e02e816e5591415258a53bf735aff57977dcd5e2\"\u003e\u003ccode\u003ee02e816\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump undici from 7.24.6 to 8.2.0 (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/366\"\u003e#366\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/8d835bfd37aa48fcb8e709925115857568d98bc4\"\u003e\u003ccode\u003e8d835bf\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump esbuild from 0.27.4 to 0.28.0 in the development-depend...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/952a2a7073df6bfa5f49bc469ec895b6ec1acea4\"\u003e\u003ccode\u003e952a2a7\u003c/code\u003e\u003c/a\u003e feat: add support for enterprise-level GitHub Apps (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/263\"\u003e#263\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/43e5c345bfd4d4f3ecea019ad0042001a09dd857\"\u003e\u003ccode\u003e43e5c34\u003c/code\u003e\u003c/a\u003e fix(deps): bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1 in the production-dependenc...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/actions/create-github-app-token/compare/7bfa3a4717ef143a604ee0a99d859b8886a96d00...bcd2ba49218906704ab6c1aa796996da409d3eb1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/create-github-app-token\u0026package-manager=github_actions\u0026previous-version=1.9.3\u0026new-version=3.2.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/San20506/friday/pull/2","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/San20506%2Ffriday/issues/2","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/2/packages"}},{"old_version":"1.9.3","new_version":"3.2.0","update_type":"major","path":null,"pr_created_at":"2026-05-28T21:32:34.000Z","version_change":"1.9.3 → 3.2.0","issue":{"uuid":"4543967937","node_id":"PR_kwDOSqJpxc7gag_Q","number":2,"state":"open","title":"chore(actions)(deps): bump actions/create-github-app-token from 1.9.3 to 3.2.0","user":"dependabot[bot]","labels":[],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-28T21:32:34.000Z","updated_at":"2026-05-28T21:34:21.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(actions)(deps)","packages":[{"name":"actions/create-github-app-token","old_version":"1.9.3","new_version":"3.2.0","repository_url":"https://github.com/actions/create-github-app-token"}],"path":null,"ecosystem":"actions"},"body":"Bumps [actions/create-github-app-token](https://github.com/actions/create-github-app-token) from 1.9.3 to 3.2.0.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/create-github-app-token/releases\"\u003eactions/create-github-app-token's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.2.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/compare/v3.1.1...v3.2.0\"\u003e3.2.0\u003c/a\u003e (2026-05-12)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd support for enterprise-level GitHub Apps (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/263\"\u003e#263\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/952a2a7073df6bfa5f49bc469ec895b6ec1acea4\"\u003e952a2a7\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esupport full repository names in \u003ccode\u003erepositories\u003c/code\u003e input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/372\"\u003e#372\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/85eb8dd41472213aed25d1a126460e0069138ab6\"\u003e85eb8dd\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1 in the production-dependencies group (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/364\"\u003e#364\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/43e5c345bfd4d4f3ecea019ad0042001a09dd857\"\u003e43e5c34\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003evalidate private-key input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/376\"\u003e#376\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/f24bbd89643991c0de27ae823c01791b2c6bafdd\"\u003ef24bbd8\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.1.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/compare/v3.1.0...v3.1.1\"\u003e3.1.1\u003c/a\u003e (2026-04-11)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eimprove error message when app identifier is empty (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/362\"\u003e#362\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/07e2b760664f080c40eec4eacf7477256582db36\"\u003e07e2b76\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/249\"\u003e#249\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.1.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/compare/v3.0.0...v3.1.0\"\u003e3.1.0\u003c/a\u003e (2026-04-11)\u003c/h1\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump p-retry from 7.1.1 to 8.0.0 (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/357\"\u003e#357\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/3bbe07d928e2d6c30bf3e37c6b89edbc4045facf\"\u003e3bbe07d\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd \u003ccode\u003eclient-id\u003c/code\u003e input and deprecate \u003ccode\u003eapp-id\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/353\"\u003e#353\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/e6bd4e6970172bed9fe138b2eaf4cbffa4cca8f9\"\u003ee6bd4e6\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupdate permission inputs (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/358\"\u003e#358\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/076e9480ca6e9633bff412d05eff0fc2f1e7d2be\"\u003e076e948\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.0.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/compare/v2.2.2...v3.0.0\"\u003e3.0.0\u003c/a\u003e (2026-03-14)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003efeat!: node 24 support (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/275\"\u003e#275\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/2e564a0bb8e7cc2b907b2401a2afe177882d4325\"\u003e2e564a0\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix!: require \u003ccode\u003eNODE_USE_ENV_PROXY\u003c/code\u003e for proxy support (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/342\"\u003e#342\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/4451bcbc139f8124b0bf04f968ea2586b17df458\"\u003e4451bcb\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eremove custom proxy handling (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/143\"\u003e#143\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/dce0ab05f36f30b22fd14289fd36655c618e4e8e\"\u003edce0ab0\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/create-github-app-token/blob/main/CHANGELOG.md\"\u003eactions/create-github-app-token's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/compare/v3.1.1...v3.2.0\"\u003e3.2.0\u003c/a\u003e (2026-05-12)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd support for enterprise-level GitHub Apps (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/263\"\u003e#263\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/952a2a7073df6bfa5f49bc469ec895b6ec1acea4\"\u003e952a2a7\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esupport full repository names in \u003ccode\u003erepositories\u003c/code\u003e input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/372\"\u003e#372\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/85eb8dd41472213aed25d1a126460e0069138ab6\"\u003e85eb8dd\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1 in the production-dependencies group (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/364\"\u003e#364\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/43e5c345bfd4d4f3ecea019ad0042001a09dd857\"\u003e43e5c34\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003evalidate private-key input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/376\"\u003e#376\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/f24bbd89643991c0de27ae823c01791b2c6bafdd\"\u003ef24bbd8\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/bcd2ba49218906704ab6c1aa796996da409d3eb1\"\u003e\u003ccode\u003ebcd2ba4\u003c/code\u003e\u003c/a\u003e chore(main): release 3.2.0 (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/370\"\u003e#370\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/f24bbd89643991c0de27ae823c01791b2c6bafdd\"\u003e\u003ccode\u003ef24bbd8\u003c/code\u003e\u003c/a\u003e fix: validate private-key input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/376\"\u003e#376\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/363531b6d972a60a00b3f1e6bb139e5e6c764cd9\"\u003e\u003ccode\u003e363531b\u003c/code\u003e\u003c/a\u003e docs: capitalize Git as a proper noun in README (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/374\"\u003e#374\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/fd2801133e469d2950f2c5af5e591d6b2ad833c8\"\u003e\u003ccode\u003efd28011\u003c/code\u003e\u003c/a\u003e docs: update procedure to configure Git (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/287\"\u003e#287\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/85eb8dd41472213aed25d1a126460e0069138ab6\"\u003e\u003ccode\u003e85eb8dd\u003c/code\u003e\u003c/a\u003e feat: support full repository names in \u003ccode\u003erepositories\u003c/code\u003e input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/372\"\u003e#372\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/c9aabb83728c3bd519212fa657ebc07e1f2a5dec\"\u003e\u003ccode\u003ec9aabb8\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump yaml from 2.8.3 to 2.8.4 in the development-dependencie...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/e02e816e5591415258a53bf735aff57977dcd5e2\"\u003e\u003ccode\u003ee02e816\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump undici from 7.24.6 to 8.2.0 (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/366\"\u003e#366\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/8d835bfd37aa48fcb8e709925115857568d98bc4\"\u003e\u003ccode\u003e8d835bf\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump esbuild from 0.27.4 to 0.28.0 in the development-depend...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/952a2a7073df6bfa5f49bc469ec895b6ec1acea4\"\u003e\u003ccode\u003e952a2a7\u003c/code\u003e\u003c/a\u003e feat: add support for enterprise-level GitHub Apps (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/263\"\u003e#263\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/43e5c345bfd4d4f3ecea019ad0042001a09dd857\"\u003e\u003ccode\u003e43e5c34\u003c/code\u003e\u003c/a\u003e fix(deps): bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1 in the production-dependenc...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/actions/create-github-app-token/compare/7bfa3a4717ef143a604ee0a99d859b8886a96d00...bcd2ba49218906704ab6c1aa796996da409d3eb1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/create-github-app-token\u0026package-manager=github_actions\u0026previous-version=1.9.3\u0026new-version=3.2.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/Swarpfoundation/The-Synthetic-Firm/pull/2","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Swarpfoundation%2FThe-Synthetic-Firm/issues/2","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/2/packages"}},{"old_version":"2.2.2","new_version":"3.2.0","update_type":"major","path":null,"pr_created_at":"2026-05-28T10:42:46.000Z","version_change":"2.2.2 → 3.2.0","issue":{"uuid":"4539754150","node_id":"PR_kwDOOmBWg87gModc","number":1803,"state":"open","title":"chore(ci)(deps): bump the major group across 1 directory with 7 updates","user":"dependabot[bot]","labels":["major-update","needs-review"],"assignees":[],"locked":false,"comments_count":5,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-28T10:42:46.000Z","updated_at":"2026-05-28T10:46:55.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(ci)(deps): bump","group_name":"major","update_count":7,"packages":[{"name":"actions/setup-node","old_version":"4.4.0","new_version":"6.4.0","repository_url":"https://github.com/actions/setup-node"},{"name":"actions/github-script","old_version":"7.1.0","new_version":"9.0.0","repository_url":"https://github.com/actions/github-script"},{"name":"pnpm/action-setup","old_version":"4.3.0","new_version":"6.0.8","repository_url":"https://github.com/pnpm/action-setup"},{"name":"actions/setup-dotnet","old_version":"4.3.1","new_version":"5.3.0","repository_url":"https://github.com/actions/setup-dotnet"},{"name":"actions/setup-python","old_version":"5.6.0","new_version":"6.2.0","repository_url":"https://github.com/actions/setup-python"},{"name":"actions/create-github-app-token","old_version":"2.2.2","new_version":"3.2.0","repository_url":"https://github.com/actions/create-github-app-token"},{"name":"github/codeql-action","old_version":"3.35.4","new_version":"4.36.0","repository_url":"https://github.com/github/codeql-action"}],"path":null,"ecosystem":"actions"},"body":"Bumps the major group with 7 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [actions/setup-node](https://github.com/actions/setup-node) | `4.4.0` | `6.4.0` |\n| [actions/github-script](https://github.com/actions/github-script) | `7.1.0` | `9.0.0` |\n| [pnpm/action-setup](https://github.com/pnpm/action-setup) | `4.3.0` | `6.0.8` |\n| [actions/setup-dotnet](https://github.com/actions/setup-dotnet) | `4.3.1` | `5.3.0` |\n| [actions/setup-python](https://github.com/actions/setup-python) | `5.6.0` | `6.2.0` |\n| [actions/create-github-app-token](https://github.com/actions/create-github-app-token) | `2.2.2` | `3.2.0` |\n| [github/codeql-action](https://github.com/github/codeql-action) | `3.35.4` | `4.36.0` |\n\n\nUpdates `actions/setup-node` from 4.4.0 to 6.4.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/setup-node/releases\"\u003eactions/setup-node's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.4.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eDependency updates:\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade \u003ca href=\"https://github.com/actions\"\u003e\u003ccode\u003e@​actions\u003c/code\u003e\u003c/a\u003e dependencies by \u003ca href=\"https://github.com/Copilot\"\u003e\u003ccode\u003e@​Copilot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-node/pull/1525\"\u003eactions/setup-node#1525\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate Node.js versions in versions.yml and bump package to v6.4.0  by \u003ca href=\"https://github.com/priya-kinthali\"\u003e\u003ccode\u003e@​priya-kinthali\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-node/pull/1533\"\u003eactions/setup-node#1533\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Copilot\"\u003e\u003ccode\u003e@​Copilot\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/setup-node/pull/1525\"\u003eactions/setup-node#1525\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/setup-node/compare/v6...v6.4.0\"\u003ehttps://github.com/actions/setup-node/compare/v6...v6.4.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.3.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eEnhancements:\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eSupport parsing \u003ccode\u003edevEngines\u003c/code\u003e field by \u003ca href=\"https://github.com/susnux\"\u003e\u003ccode\u003e@​susnux\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-node/pull/1283\"\u003eactions/setup-node#1283\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cblockquote\u003e\n\u003cp\u003eWhen using node-version-file: package.json, setup-node now prefers devEngines.runtime over engines.node.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003ch3\u003eDependency updates:\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eFix npm audit issues by \u003ca href=\"https://github.com/gowridurgad\"\u003e\u003ccode\u003e@​gowridurgad\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-node/pull/1491\"\u003eactions/setup-node#1491\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eReplace uuid with crypto.randomUUID() by \u003ca href=\"https://github.com/trivikr\"\u003e\u003ccode\u003e@​trivikr\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-node/pull/1378\"\u003eactions/setup-node#1378\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade minimatch from 3.1.2 to 3.1.5 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-node/pull/1498\"\u003eactions/setup-node#1498\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug fixes:\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eRemove hardcoded bearer for mirror-url \u003ca href=\"https://github.com/marco-ippolito\"\u003e\u003ccode\u003e@​marco-ippolito\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-node/pull/1467\"\u003eactions/setup-node#1467\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eScope test lockfiles by package manager and update cache tests by \u003ca href=\"https://github.com/gowridurgad\"\u003e\u003ccode\u003e@​gowridurgad\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-node/pull/1495\"\u003eactions/setup-node#1495\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/susnux\"\u003e\u003ccode\u003e@​susnux\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/setup-node/pull/1283\"\u003eactions/setup-node#1283\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/setup-node/compare/v6...v6.3.0\"\u003ehttps://github.com/actions/setup-node/compare/v6...v6.3.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.2.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDocumentation update related to absence of Lockfile by \u003ca href=\"https://github.com/mahabaleshwars\"\u003e\u003ccode\u003e@​mahabaleshwars\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-node/pull/1454\"\u003eactions/setup-node#1454\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCorrect mirror option typos by \u003ca href=\"https://github.com/MikeMcC399\"\u003e\u003ccode\u003e@​MikeMcC399\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-node/pull/1442\"\u003eactions/setup-node#1442\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eReadme update on checkout version v6 by \u003ca href=\"https://github.com/deining\"\u003e\u003ccode\u003e@​deining\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-node/pull/1446\"\u003eactions/setup-node#1446\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eReadme typo fixes \u003ca href=\"https://github.com/munyari\"\u003e\u003ccode\u003e@​munyari\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-node/pull/1226\"\u003eactions/setup-node#1226\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdvanced document update on checkout version v6 by \u003ca href=\"https://github.com/aparnajyothi-y\"\u003e\u003ccode\u003e@​aparnajyothi-y\u003c/code\u003e\u003c/a\u003e  in \u003ca href=\"https://redirect.github.com/actions/setup-node/pull/1468\"\u003eactions/setup-node#1468\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDependency updates:\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade \u003ccode\u003e@​actions/cache\u003c/code\u003e to v5.0.1 by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-node/pull/1449\"\u003eactions/setup-node#1449\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mahabaleshwars\"\u003e\u003ccode\u003e@​mahabaleshwars\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/setup-node/pull/1454\"\u003eactions/setup-node#1454\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/MikeMcC399\"\u003e\u003ccode\u003e@​MikeMcC399\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/setup-node/pull/1442\"\u003eactions/setup-node#1442\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/deining\"\u003e\u003ccode\u003e@​deining\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/setup-node/pull/1446\"\u003eactions/setup-node#1446\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/setup-node/commit/48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e\"\u003e\u003ccode\u003e48b55a0\u003c/code\u003e\u003c/a\u003e Update Node.js versions in versions.yml and bump package to v6.4.0 (\u003ca href=\"https://redirect.github.com/actions/setup-node/issues/1533\"\u003e#1533\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/setup-node/commit/ab72c7e7eba0eaa11f8cab0f5679243900c2cac9\"\u003e\u003ccode\u003eab72c7e\u003c/code\u003e\u003c/a\u003e Upgrade \u003ca href=\"https://github.com/actions\"\u003e\u003ccode\u003e@​actions\u003c/code\u003e\u003c/a\u003e dependencies (\u003ca href=\"https://redirect.github.com/actions/setup-node/issues/1525\"\u003e#1525\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/setup-node/commit/53b83947a5a98c8d113130e565377fae1a50d02f\"\u003e\u003ccode\u003e53b8394\u003c/code\u003e\u003c/a\u003e Bump minimatch from 3.1.2 to 3.1.5 (\u003ca href=\"https://redirect.github.com/actions/setup-node/issues/1498\"\u003e#1498\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/setup-node/commit/54045abd5dcd3b0fee9ca02fa24c57545834c9cc\"\u003e\u003ccode\u003e54045ab\u003c/code\u003e\u003c/a\u003e Scope test lockfiles by package manager and update cache tests (\u003ca href=\"https://redirect.github.com/actions/setup-node/issues/1495\"\u003e#1495\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/setup-node/commit/c882bffdbd4df51ace6b940023952e8669c9932a\"\u003e\u003ccode\u003ec882bff\u003c/code\u003e\u003c/a\u003e Replace uuid with crypto.randomUUID() (\u003ca href=\"https://redirect.github.com/actions/setup-node/issues/1378\"\u003e#1378\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/setup-node/commit/774c1d62961e73038a114d59c8847023c003194d\"\u003e\u003ccode\u003e774c1d6\u003c/code\u003e\u003c/a\u003e feat(node-version-file): support parsing \u003ccode\u003edevEngines\u003c/code\u003e field (\u003ca href=\"https://redirect.github.com/actions/setup-node/issues/1283\"\u003e#1283\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/setup-node/commit/efcb663fc60e97218a2b2d6d827f7830f164739e\"\u003e\u003ccode\u003eefcb663\u003c/code\u003e\u003c/a\u003e fix: remove hardcoded bearer (\u003ca href=\"https://redirect.github.com/actions/setup-node/issues/1467\"\u003e#1467\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/setup-node/commit/d02c89dce7e1ba9ef629ce0680989b3a1cc72edb\"\u003e\u003ccode\u003ed02c89d\u003c/code\u003e\u003c/a\u003e Fix npm audit issues (\u003ca href=\"https://redirect.github.com/actions/setup-node/issues/1491\"\u003e#1491\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/setup-node/commit/6044e13b5dc448c55e2357c09f80417699197238\"\u003e\u003ccode\u003e6044e13\u003c/code\u003e\u003c/a\u003e Docs: bump actions/checkout from v5 to v6 (\u003ca href=\"https://redirect.github.com/actions/setup-node/issues/1468\"\u003e#1468\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/setup-node/commit/8e494633d082d609d1e9ff931be32f8a44f1f657\"\u003e\u003ccode\u003e8e49463\u003c/code\u003e\u003c/a\u003e Fix README typo (\u003ca href=\"https://redirect.github.com/actions/setup-node/issues/1226\"\u003e#1226\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/actions/setup-node/compare/49933ea5288caeca8642d1e84afbd3f7d6820020...48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `actions/github-script` from 7.1.0 to 9.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/github-script/releases\"\u003eactions/github-script's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev9.0.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eNew features:\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003egetOctokit\u003c/code\u003e factory function\u003c/strong\u003e — Available directly in the script context. Create additional authenticated Octokit clients with different tokens for multi-token workflows, GitHub App tokens, and cross-org access. See \u003ca href=\"https://github.com/actions/github-script#creating-additional-clients-with-getoctokit\"\u003eCreating additional clients with \u003ccode\u003egetOctokit\u003c/code\u003e\u003c/a\u003e for details and examples.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eOrchestration ID in user-agent\u003c/strong\u003e — The \u003ccode\u003eACTIONS_ORCHESTRATION_ID\u003c/code\u003e environment variable is automatically appended to the user-agent string for request tracing.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eBreaking changes:\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003erequire('@actions/github')\u003c/code\u003e no longer works in scripts.\u003c/strong\u003e The upgrade to \u003ccode\u003e@actions/github\u003c/code\u003e v9 (ESM-only) means \u003ccode\u003erequire('@actions/github')\u003c/code\u003e will fail at runtime. If you previously used patterns like \u003ccode\u003econst { getOctokit } = require('@actions/github')\u003c/code\u003e to create secondary clients, use the new injected \u003ccode\u003egetOctokit\u003c/code\u003e function instead — it's available directly in the script context with no imports needed.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003egetOctokit\u003c/code\u003e is now an injected function parameter. Scripts that declare \u003ccode\u003econst getOctokit = ...\u003c/code\u003e or \u003ccode\u003elet getOctokit = ...\u003c/code\u003e will get a \u003ccode\u003eSyntaxError\u003c/code\u003e because JavaScript does not allow \u003ccode\u003econst\u003c/code\u003e/\u003ccode\u003elet\u003c/code\u003e redeclaration of function parameters. Use the injected \u003ccode\u003egetOctokit\u003c/code\u003e directly, or use \u003ccode\u003evar getOctokit = ...\u003c/code\u003e if you need to redeclare it.\u003c/li\u003e\n\u003cli\u003eIf your script accesses other \u003ccode\u003e@actions/github\u003c/code\u003e internals beyond the standard \u003ccode\u003egithub\u003c/code\u003e/\u003ccode\u003eoctokit\u003c/code\u003e client, you may need to update those references for v9 compatibility.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd ACTIONS_ORCHESTRATION_ID to user-agent string by \u003ca href=\"https://github.com/Copilot\"\u003e\u003ccode\u003e@​Copilot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/695\"\u003eactions/github-script#695\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: use deployment: false for integration test environments by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/712\"\u003eactions/github-script#712\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat!: add getOctokit to script context, upgrade \u003ccode\u003e@​actions/github\u003c/code\u003e v9, \u003ccode\u003e@​octokit/core\u003c/code\u003e v7, and related packages by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/700\"\u003eactions/github-script#700\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Copilot\"\u003e\u003ccode\u003e@​Copilot\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/695\"\u003eactions/github-script#695\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/github-script/compare/v8.0.0...v9.0.0\"\u003ehttps://github.com/actions/github-script/compare/v8.0.0...v9.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev8.0.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate Node.js version support to 24.x by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/637\"\u003eactions/github-script#637\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eREADME for updating actions/github-script from v7 to v8 by \u003ca href=\"https://github.com/sneha-krip\"\u003e\u003ccode\u003e@​sneha-krip\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/653\"\u003eactions/github-script#653\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e⚠️ Minimum Compatible Runner Version\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003ev2.327.1\u003c/strong\u003e\u003cbr /\u003e\n\u003ca href=\"https://github.com/actions/runner/releases/tag/v2.327.1\"\u003eRelease Notes\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eMake sure your runner is updated to this version or newer to use this release.\u003c/p\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/637\"\u003eactions/github-script#637\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sneha-krip\"\u003e\u003ccode\u003e@​sneha-krip\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/653\"\u003eactions/github-script#653\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/github-script/compare/v7.1.0...v8.0.0\"\u003ehttps://github.com/actions/github-script/compare/v7.1.0...v8.0.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/github-script/commit/3a2844b7e9c422d3c10d287c895573f7108da1b3\"\u003e\u003ccode\u003e3a2844b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/github-script/issues/700\"\u003e#700\u003c/a\u003e from actions/salmanmkc/expose-getoctokit + prepare re...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/github-script/commit/ca10bbdd1a7739de09e99a200c7a59f5d73a4079\"\u003e\u003ccode\u003eca10bbd\u003c/code\u003e\u003c/a\u003e fix: use \u003ccode\u003e@​octokit/core/\u003c/code\u003etypes import for v7 compatibility\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/github-script/commit/86e48e20ac85c970ed1f96e718fd068173948b7b\"\u003e\u003ccode\u003e86e48e2\u003c/code\u003e\u003c/a\u003e merge: incorporate main branch changes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/github-script/commit/c1084728b5b935ec4ddc1e4cee877b01797b3ff9\"\u003e\u003ccode\u003ec108472\u003c/code\u003e\u003c/a\u003e chore: rebuild dist for v9 upgrade and getOctokit factory\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/github-script/commit/afff112e4f8b57c718168af75b89ce00bc8d091d\"\u003e\u003ccode\u003eafff112\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/github-script/issues/712\"\u003e#712\u003c/a\u003e from actions/salmanmkc/deployment-false + fix user-ag...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/github-script/commit/ff8117e5b78c415f814f39ad6998f424fee7b817\"\u003e\u003ccode\u003eff8117e\u003c/code\u003e\u003c/a\u003e ci: fix user-agent test to handle orchestration ID\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/github-script/commit/81c6b7876079abe10ff715951c9fc7b3e1ab389d\"\u003e\u003ccode\u003e81c6b78\u003c/code\u003e\u003c/a\u003e ci: use deployment: false to suppress deployment noise from integration tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/github-script/commit/3953caf8858d318f37b6cc53a9f5708859b5a7b7\"\u003e\u003ccode\u003e3953caf\u003c/code\u003e\u003c/a\u003e docs: update README examples from \u003ca href=\"https://github.com/v8\"\u003e\u003ccode\u003e@​v8\u003c/code\u003e\u003c/a\u003e to \u003ca href=\"https://github.com/v9\"\u003e\u003ccode\u003e@​v9\u003c/code\u003e\u003c/a\u003e, add getOctokit docs and v9 brea...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/github-script/commit/c17d55b90dcdb3d554d0027a6c180a7adc2daf78\"\u003e\u003ccode\u003ec17d55b\u003c/code\u003e\u003c/a\u003e ci: add getOctokit integration test job\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/github-script/commit/a047196d9a02fe92098771cafbb98c2f1814e408\"\u003e\u003ccode\u003ea047196\u003c/code\u003e\u003c/a\u003e test: add getOctokit integration tests via callAsyncFunction\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/actions/github-script/compare/f28e40c7f34bde8b3046d885e986cb6290c5673b...3a2844b7e9c422d3c10d287c895573f7108da1b3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `pnpm/action-setup` from 4.3.0 to 6.0.8\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pnpm/action-setup/releases\"\u003epnpm/action-setup's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.0.8\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edocs(README): fix \u003ccode\u003ecache_dependency_path\u003c/code\u003e type by \u003ca href=\"https://github.com/haines\"\u003e\u003ccode\u003e@​haines\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pnpm/action-setup/pull/257\"\u003epnpm/action-setup#257\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: drop patchPnpmEnv so standalone+self-update works on Windows by \u003ca href=\"https://github.com/zkochan\"\u003e\u003ccode\u003e@​zkochan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pnpm/action-setup/pull/258\"\u003epnpm/action-setup#258\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: update pnpm to 11.1.1 by \u003ca href=\"https://github.com/mungodewar\"\u003e\u003ccode\u003e@​mungodewar\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pnpm/action-setup/pull/248\"\u003epnpm/action-setup#248\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mungodewar\"\u003e\u003ccode\u003e@​mungodewar\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/pnpm/action-setup/pull/248\"\u003epnpm/action-setup#248\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pnpm/action-setup/compare/v6.0.7...v6.0.8\"\u003ehttps://github.com/pnpm/action-setup/compare/v6.0.7...v6.0.8\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.0.7\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: honor devEngines.packageManager.onFail=error (\u003ca href=\"https://redirect.github.com/pnpm/action-setup/issues/252\"\u003e#252\u003c/a\u003e) by \u003ca href=\"https://github.com/zkochan\"\u003e\u003ccode\u003e@​zkochan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pnpm/action-setup/pull/254\"\u003epnpm/action-setup#254\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: restore inputs from state in post by \u003ca href=\"https://github.com/haines\"\u003e\u003ccode\u003e@​haines\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pnpm/action-setup/pull/255\"\u003epnpm/action-setup#255\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: self-update bootstrap to packageManager-pinned version (\u003ca href=\"https://redirect.github.com/pnpm/action-setup/issues/233\"\u003e#233\u003c/a\u003e) by \u003ca href=\"https://github.com/zkochan\"\u003e\u003ccode\u003e@​zkochan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pnpm/action-setup/pull/256\"\u003epnpm/action-setup#256\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/haines\"\u003e\u003ccode\u003e@​haines\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/pnpm/action-setup/pull/255\"\u003epnpm/action-setup#255\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pnpm/action-setup/compare/v6.0.6...v6.0.7\"\u003ehttps://github.com/pnpm/action-setup/compare/v6.0.6...v6.0.7\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.0.6\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: bin_dest output points to self-updated pnpm, not bootstrap by \u003ca href=\"https://github.com/zkochan\"\u003e\u003ccode\u003e@​zkochan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pnpm/action-setup/pull/249\"\u003epnpm/action-setup#249\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pnpm/action-setup/compare/v6.0.5...v6.0.6\"\u003ehttps://github.com/pnpm/action-setup/compare/v6.0.5...v6.0.6\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.0.5\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: append (not prepend) action node dir to PATH for npm bootstrap by \u003ca href=\"https://github.com/zkochan\"\u003e\u003ccode\u003e@​zkochan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pnpm/action-setup/pull/241\"\u003epnpm/action-setup#241\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pnpm/action-setup/compare/v6.0.4...v6.0.5\"\u003ehttps://github.com/pnpm/action-setup/compare/v6.0.4...v6.0.5\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.0.4\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: use npm co-located with the action node binary by \u003ca href=\"https://github.com/benquarmby\"\u003e\u003ccode\u003e@​benquarmby\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pnpm/action-setup/pull/239\"\u003epnpm/action-setup#239\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/benquarmby\"\u003e\u003ccode\u003e@​benquarmby\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/pnpm/action-setup/pull/239\"\u003epnpm/action-setup#239\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pnpm/action-setup/compare/v6.0.3...v6.0.4\"\u003ehttps://github.com/pnpm/action-setup/compare/v6.0.3...v6.0.4\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.0.3\u003c/h2\u003e\n\u003cp\u003eUpdated pnpm to v11.0.0-rc.5\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pnpm/action-setup/compare/v6.0.2...v6.0.3\"\u003ehttps://github.com/pnpm/action-setup/compare/v6.0.2...v6.0.3\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pnpm/action-setup/commit/0e279bb959325dab635dd2c09392533439d90093\"\u003e\u003ccode\u003e0e279bb\u003c/code\u003e\u003c/a\u003e fix: update pnpm to 11.1.1 (\u003ca href=\"https://redirect.github.com/pnpm/action-setup/issues/248\"\u003e#248\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pnpm/action-setup/commit/3e835812ef01165f4f8ae08ade56da44427ed4e0\"\u003e\u003ccode\u003e3e83581\u003c/code\u003e\u003c/a\u003e fix: drop patchPnpmEnv so standalone+self-update works on Windows (\u003ca href=\"https://redirect.github.com/pnpm/action-setup/issues/258\"\u003e#258\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pnpm/action-setup/commit/551b42e879e37e74d986effdd2a1647d2b02d464\"\u003e\u003ccode\u003e551b42e\u003c/code\u003e\u003c/a\u003e docs(README): fix \u003ccode\u003ecache_dependency_path\u003c/code\u003e type (\u003ca href=\"https://redirect.github.com/pnpm/action-setup/issues/257\"\u003e#257\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pnpm/action-setup/commit/739bfe42ca9233c5e6aca07c1a25a9d34aca49b0\"\u003e\u003ccode\u003e739bfe4\u003c/code\u003e\u003c/a\u003e fix: self-update bootstrap to packageManager-pinned version (\u003ca href=\"https://redirect.github.com/pnpm/action-setup/issues/233\"\u003e#233\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/pnpm/action-setup/issues/256\"\u003e#256\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pnpm/action-setup/commit/f61705d907761b3b5209e83910fafd1fea50c5a1\"\u003e\u003ccode\u003ef61705d\u003c/code\u003e\u003c/a\u003e chore: add CODEOWNERS\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pnpm/action-setup/commit/7a5507b117647ab83e96e9db317ba2234056ebf3\"\u003e\u003ccode\u003e7a5507b\u003c/code\u003e\u003c/a\u003e fix: restore inputs from state in post (\u003ca href=\"https://redirect.github.com/pnpm/action-setup/issues/255\"\u003e#255\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pnpm/action-setup/commit/1155470f3e5fb872accd4d104b8dfcda41f676ce\"\u003e\u003ccode\u003e1155470\u003c/code\u003e\u003c/a\u003e fix: honor devEngines.packageManager.onFail=error (\u003ca href=\"https://redirect.github.com/pnpm/action-setup/issues/252\"\u003e#252\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/pnpm/action-setup/issues/254\"\u003e#254\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pnpm/action-setup/commit/91ab88e2619ed1f46221f0ba42d1492c02baf788\"\u003e\u003ccode\u003e91ab88e\u003c/code\u003e\u003c/a\u003e fix: bin_dest output points to self-updated pnpm, not bootstrap (\u003ca href=\"https://redirect.github.com/pnpm/action-setup/issues/249\"\u003e#249\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pnpm/action-setup/commit/e578e19d19d31b011b841ba2aca34731a5f706a5\"\u003e\u003ccode\u003ee578e19\u003c/code\u003e\u003c/a\u003e fix: update pnpm to 11.0.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pnpm/action-setup/commit/8912a9102ac27614460f54aedde9e1e7f9aec20d\"\u003e\u003ccode\u003e8912a91\u003c/code\u003e\u003c/a\u003e fix: append (not prepend) action node dir to PATH for npm bootstrap (\u003ca href=\"https://redirect.github.com/pnpm/action-setup/issues/241\"\u003e#241\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/pnpm/action-setup/compare/b906affcce14559ad1aafd4ab0e942779e9f58b1...0e279bb959325dab635dd2c09392533439d90093\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `actions/setup-dotnet` from 4.3.1 to 5.3.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/setup-dotnet/releases\"\u003eactions/setup-dotnet's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.3.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd dotnet-version: latest support with dotnet-channel input by \u003ca href=\"https://github.com/mahabaleshwars\"\u003e\u003ccode\u003e@​mahabaleshwars\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-dotnet/pull/730\"\u003eactions/setup-dotnet#730\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSupport global.json's rollForward latest* variants by \u003ca href=\"https://github.com/js6pak\"\u003e\u003ccode\u003e@​js6pak\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-dotnet/pull/538\"\u003eactions/setup-dotnet#538\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImprove version resolution by \u003ca href=\"https://github.com/akoeplinger\"\u003e\u003ccode\u003e@​akoeplinger\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-dotnet/pull/560\"\u003eactions/setup-dotnet#560\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDependency Updates\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade @actions/* and fast-xml-parser dependencies by \u003ca href=\"https://github.com/Copilot\"\u003e\u003ccode\u003e@​Copilot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-dotnet/pull/728\"\u003eactions/setup-dotnet#728\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate install scripts to v2026.05.19 (preserve archive links) by \u003ca href=\"https://github.com/MichaelSimons\"\u003e\u003ccode\u003e@​MichaelSimons\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-dotnet/pull/736\"\u003eactions/setup-dotnet#736\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd rollForward note in README, improve proxy health check in e2e tests and bump version to v5.3.0 by \u003ca href=\"https://github.com/priyagupta108\"\u003e\u003ccode\u003e@​priyagupta108\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-dotnet/pull/738\"\u003eactions/setup-dotnet#738\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate Test Proxy job by \u003ca href=\"https://github.com/priya-kinthali\"\u003e\u003ccode\u003e@​priya-kinthali\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-dotnet/pull/703\"\u003eactions/setup-dotnet#703\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Copilot\"\u003e\u003ccode\u003e@​Copilot\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/setup-dotnet/pull/728\"\u003eactions/setup-dotnet#728\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/akoeplinger\"\u003e\u003ccode\u003e@​akoeplinger\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/setup-dotnet/pull/560\"\u003eactions/setup-dotnet#560\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/MichaelSimons\"\u003e\u003ccode\u003e@​MichaelSimons\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/setup-dotnet/pull/736\"\u003eactions/setup-dotnet#736\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/js6pak\"\u003e\u003ccode\u003e@​js6pak\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/setup-dotnet/pull/538\"\u003eactions/setup-dotnet#538\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/setup-dotnet/compare/v5...v5.3.0\"\u003ehttps://github.com/actions/setup-dotnet/compare/v5...v5.3.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.2.0\u003c/h2\u003e\n\u003ch2\u003eWhat's changed\u003c/h2\u003e\n\u003ch3\u003eEnhancements\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for workloads input by \u003ca href=\"https://github.com/gowridurgad\"\u003e\u003ccode\u003e@​gowridurgad\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-dotnet/pull/693\"\u003eactions/setup-dotnet#693\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd support for optional architecture input for cross-architecture .NET installs by \u003ca href=\"https://github.com/priya-kinthali\"\u003e\u003ccode\u003e@​priya-kinthali\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-dotnet/pull/700\"\u003eactions/setup-dotnet#700\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDependency Updates\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade fast-xml-parser from 4.4.1 to 5.3.6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-dotnet/pull/671\"\u003eactions/setup-dotnet#671\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade minimatch from 3.1.2 to 3.1.5 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-dotnet/pull/705\"\u003eactions/setup-dotnet#705\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/setup-dotnet/compare/v5...v5.2.0\"\u003ehttps://github.com/actions/setup-dotnet/compare/v5...v5.2.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.1.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eDocumentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eReadme update for environment variable on self hosted linux runners by \u003ca href=\"https://github.com/priya-kinthali\"\u003e\u003ccode\u003e@​priya-kinthali\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-dotnet/pull/689\"\u003eactions/setup-dotnet#689\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eContributor icon updates by \u003ca href=\"https://github.com/Falco20019\"\u003e\u003ccode\u003e@​Falco20019\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-dotnet/pull/604\"\u003eactions/setup-dotnet#604\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDependency updates\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade actions/checkout from 5 to 6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-dotnet/pull/684\"\u003eactions/setup-dotnet#684\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade to latest actions packages by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-dotnet/pull/687\"\u003eactions/setup-dotnet#687\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade dependencies in testproject and checkout in Readme by \u003ca href=\"https://github.com/priya-kinthali\"\u003e\u003ccode\u003e@​priya-kinthali\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-dotnet/pull/692\"\u003eactions/setup-dotnet#692\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/setup-dotnet/commit/9a946fdbd5fb07b82b2f5a4466058b876ab72bb2\"\u003e\u003ccode\u003e9a946fd\u003c/code\u003e\u003c/a\u003e Add rollForward note in README, improve proxy health check in e2e tests and b...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/setup-dotnet/commit/98af08bf649b02f9e94783278906d34780362f6f\"\u003e\u003ccode\u003e98af08b\u003c/code\u003e\u003c/a\u003e Support global.json's rollForward latest* variants (\u003ca href=\"https://redirect.github.com/actions/setup-dotnet/issues/538\"\u003e#538\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/setup-dotnet/commit/84042723628274fd730a70726fbf57ef89e586de\"\u003e\u003ccode\u003e8404272\u003c/code\u003e\u003c/a\u003e Update install scripts to v2026.05.19 (\u003ca href=\"https://redirect.github.com/actions/setup-dotnet/issues/736\"\u003e#736\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/setup-dotnet/commit/f1970f5ca30a3ba974274132e05c4bb012faac74\"\u003e\u003ccode\u003ef1970f5\u003c/code\u003e\u003c/a\u003e Don't download releases-index.json to resolve major version (\u003ca href=\"https://redirect.github.com/actions/setup-dotnet/issues/560\"\u003e#560\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/setup-dotnet/commit/af9211b1364d382bc386cd82c6386875ad2ad796\"\u003e\u003ccode\u003eaf9211b\u003c/code\u003e\u003c/a\u003e Add dotnet-version: latest support with dotnet-channel input (\u003ca href=\"https://redirect.github.com/actions/setup-dotnet/issues/730\"\u003e#730\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/setup-dotnet/commit/df991aeaf2a76aae144b0b70ce23e455c66f061e\"\u003e\u003ccode\u003edf991ae\u003c/code\u003e\u003c/a\u003e chore: bump @actions/* and fast-xml-parser dependencies (\u003ca href=\"https://redirect.github.com/actions/setup-dotnet/issues/728\"\u003e#728\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/setup-dotnet/commit/a66eefa2bf2572fc311ea6ff65a7b6ecc4df96a6\"\u003e\u003ccode\u003ea66eefa\u003c/code\u003e\u003c/a\u003e CI: remove manual PowerShell install from test-proxy job (e2e-tests.yml) (\u003ca href=\"https://redirect.github.com/actions/setup-dotnet/issues/703\"\u003e#703\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/setup-dotnet/commit/c2fa09f4bde5ebb9d1777cf28262a3eb3db3ced7\"\u003e\u003ccode\u003ec2fa09f\u003c/code\u003e\u003c/a\u003e Bump minimatch from 3.1.2 to 3.1.5 (\u003ca href=\"https://redirect.github.com/actions/setup-dotnet/issues/705\"\u003e#705\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/setup-dotnet/commit/02574b18e2dc57a218ee4e11ba1e1603c67236e8\"\u003e\u003ccode\u003e02574b1\u003c/code\u003e\u003c/a\u003e Add support for optional architecture input for cross-architecture .NET insta...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/setup-dotnet/commit/16c7b3c2fa55a0e394467d22512b84fda46adf63\"\u003e\u003ccode\u003e16c7b3c\u003c/code\u003e\u003c/a\u003e Bump fast-xml-parser from 4.4.1 to 5.3.6 (\u003ca href=\"https://redirect.github.com/actions/setup-dotnet/issues/671\"\u003e#671\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/actions/setup-dotnet/compare/67a3573c9a986a3f9c594539f4ab511d57bb3ce9...9a946fdbd5fb07b82b2f5a4466058b876ab72bb2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `actions/setup-python` from 5.6.0 to 6.2.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/setup-python/releases\"\u003eactions/setup-python's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.2.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eDependency Upgrades\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade dependencies to Node 24 compatible versions by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-python/pull/1259\"\u003eactions/setup-python#1259\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade urllib3 from 2.5.0 to 2.6.3 in \u003ccode\u003e/__tests__/data\u003c/code\u003e by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-python/pull/1253\"\u003eactions/setup-python#1253\u003c/a\u003e and \u003ca href=\"https://redirect.github.com/actions/setup-python/pull/1264\"\u003eactions/setup-python#1264\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/setup-python/compare/v6...v6.2.0\"\u003ehttps://github.com/actions/setup-python/compare/v6...v6.2.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.1.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eEnhancements:\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for \u003ccode\u003epip-install\u003c/code\u003e input by \u003ca href=\"https://github.com/gowridurgad\"\u003e\u003ccode\u003e@​gowridurgad\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-python/pull/1201\"\u003eactions/setup-python#1201\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd graalpy early-access and windows builds by \u003ca href=\"https://github.com/timfel\"\u003e\u003ccode\u003e@​timfel\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-python/pull/880\"\u003eactions/setup-python#880\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDependency and Documentation updates:\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eEnhanced wording and updated example usage for \u003ccode\u003eallow-prereleases\u003c/code\u003e by \u003ca href=\"https://github.com/yarikoptic\"\u003e\u003ccode\u003e@​yarikoptic\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-python/pull/979\"\u003eactions/setup-python#979\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade urllib3 from 1.26.19 to 2.5.0 and document breaking changes in v6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-python/pull/1139\"\u003eactions/setup-python#1139\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade typescript from 5.4.2 to 5.9.3 and Documentation update by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-python/pull/1094\"\u003eactions/setup-python#1094\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade actions/publish-action from 0.3.0 to 0.4.0 \u0026amp; Documentation update for pip-install input by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-python/pull/1199\"\u003eactions/setup-python#1199\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade requests from 2.32.2 to 2.32.4 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-python/pull/1130\"\u003eactions/setup-python#1130\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade prettier from 3.5.3 to 3.6.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-python/pull/1234\"\u003eactions/setup-python#1234\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade \u003ccode\u003e@​types/node\u003c/code\u003e from 24.1.0 to 24.9.1 and update macos-13 to macos-15-intel by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-python/pull/1235\"\u003eactions/setup-python#1235\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/yarikoptic\"\u003e\u003ccode\u003e@​yarikoptic\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/setup-python/pull/979\"\u003eactions/setup-python#979\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/setup-python/compare/v6...v6.1.0\"\u003ehttps://github.com/actions/setup-python/compare/v6...v6.1.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.0.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade to node 24 by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-python/pull/1164\"\u003eactions/setup-python#1164\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eMake sure your runner is on version v2.327.1 or later to ensure compatibility with this release. \u003ca href=\"https://github.com/actions/runner/releases/tag/v2.327.1\"\u003eSee Release Notes\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eEnhancements:\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for \u003ccode\u003epip-version\u003c/code\u003e  by \u003ca href=\"https://github.com/priyagupta108\"\u003e\u003ccode\u003e@​priyagupta108\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-python/pull/1129\"\u003eactions/setup-python#1129\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eEnhance reading from .python-version by \u003ca href=\"https://github.com/krystof-k\"\u003e\u003ccode\u003e@​krystof-k\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-python/pull/787\"\u003eactions/setup-python#787\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd version parsing from Pipfile by \u003ca href=\"https://github.com/aradkdj\"\u003e\u003ccode\u003e@​aradkdj\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-python/pull/1067\"\u003eactions/setup-python#1067\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug fixes:\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eClarify pythonLocation behaviour for PyPy and GraalPy in environment variables by \u003ca href=\"https://github.com/aparnajyothi-y\"\u003e\u003ccode\u003e@​aparnajyothi-y\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-python/pull/1183\"\u003eactions/setup-python#1183\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eChange missing cache directory error to warning  by \u003ca href=\"https://github.com/aparnajyothi-y\"\u003e\u003ccode\u003e@​aparnajyothi-y\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-python/pull/1182\"\u003eactions/setup-python#1182\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd Architecture-Specific PATH Management for Python with --user Flag on Windows by \u003ca href=\"https://github.com/aparnajyothi-y\"\u003e\u003ccode\u003e@​aparnajyothi-y\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-python/pull/1122\"\u003eactions/setup-python#1122\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eInclude python version in PyPy python-version output by \u003ca href=\"https://github.com/cdce8p\"\u003e\u003ccode\u003e@​cdce8p\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-python/pull/1110\"\u003eactions/setup-python#1110\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate docs: clarification on pip authentication with setup-python by \u003ca href=\"https://github.com/priya-kinthali\"\u003e\u003ccode\u003e@​priya-kinthali\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-python/pull/1156\"\u003eactions/setup-python#1156\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDependency updates:\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade idna from 2.9 to 3.7 in /\u003cstrong\u003etests\u003c/strong\u003e/data by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/setup-python/pull/843\"\u003eactions/setup-python#843\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade form-data to fix critical vulnerabilities \u003ca href=\"https://redirect.github.com/actions/setup-python/issues/182\"\u003e#182\u003c/a\u003e \u0026amp; \u003ca href=\"https://redirect.github.com/actions/setup-python/issues/183\"\u003e#183\u003c/a\u003e by \u003ca href=\"https://github.com/aparnajyothi-y\"\u003e\u003ccode\u003e@​aparnajyothi-y\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-python/pull/1163\"\u003eactions/setup-python#1163\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade setuptools to 78.1.1 to fix path traversal vulnerability in PackageIndex.download by \u003ca href=\"https://github.com/aparnajyothi-y\"\u003e\u003ccode\u003e@​aparnajyothi-y\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-python/pull/1165\"\u003eactions/setup-python#1165\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade actions/checkout from 4 to 5 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/setup-python/pull/1181\"\u003eactions/setup-python#1181\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade \u003ccode\u003e@​actions/tool-cache\u003c/code\u003e from 2.0.1 to 2.0.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/setup-python/pull/1095\"\u003eactions/setup-python#1095\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/setup-python/commit/a309ff8b426b58ec0e2a45f0f869d46889d02405\"\u003e\u003ccode\u003ea309ff8\u003c/code\u003e\u003c/a\u003e Bump urllib3 from 2.6.0 to 2.6.3 in /\u003cstrong\u003etests\u003c/strong\u003e/data (\u003ca href=\"https://redirect.github.com/actions/setup-python/issues/1264\"\u003e#1264\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/setup-python/commit/bfe8cc55a7890e3d6672eda6460ef37bfcc70755\"\u003e\u003ccode\u003ebfe8cc5\u003c/code\u003e\u003c/a\u003e Upgrade \u003ca href=\"https://github.com/actions\"\u003e\u003ccode\u003e@​actions\u003c/code\u003e\u003c/a\u003e dependencies to Node 24 compatible versions (\u003ca href=\"https://redirect.github.com/actions/setup-python/issues/1259\"\u003e#1259\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/setup-python/commit/4f41a90a1f38628c7ccc608d05fbafe701bc20ae\"\u003e\u003ccode\u003e4f41a90\u003c/code\u003e\u003c/a\u003e Bump urllib3 from 2.5.0 to 2.6.0 in /\u003cstrong\u003etests\u003c/strong\u003e/data (\u003ca href=\"https://redirect.github.com/actions/setup-python/issues/1253\"\u003e#1253\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/setup-python/commit/83679a892e2d95755f2dac6acb0bfd1e9ac5d548\"\u003e\u003ccode\u003e83679a8\u003c/code\u003e\u003c/a\u003e Bump \u003ccode\u003e@​types/node\u003c/code\u003e from 24.1.0 to 24.9.1 and update macos-13 to macos-15-intel ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/setup-python/commit/bfc4944b43a5d84377eca3cf6ab5b7992ba61923\"\u003e\u003ccode\u003ebfc4944\u003c/code\u003e\u003c/a\u003e Bump prettier from 3.5.3 to 3.6.2 (\u003ca href=\"https://redirect.github.com/actions/setup-python/issues/1234\"\u003e#1234\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/setup-python/commit/97aeb3efb8a852c559869050c7fb175b4efcc8cf\"\u003e\u003ccode\u003e97aeb3e\u003c/code\u003e\u003c/a\u003e Bump requests from 2.32.2 to 2.32.4 in /\u003cstrong\u003etests\u003c/strong\u003e/data (\u003ca href=\"https://redirect.github.com/actions/setup-python/issues/1130\"\u003e#1130\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/setup-python/commit/443da59188462e2402e2942686db5aa6723f4bed\"\u003e\u003ccode\u003e443da59\u003c/code\u003e\u003c/a\u003e Bump actions/publish-action from 0.3.0 to 0.4.0 \u0026amp; Documentation update for pi...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/setup-python/commit/cfd55ca82492758d853442341ad4d8010466803a\"\u003e\u003ccode\u003ecfd55ca\u003c/code\u003e\u003c/a\u003e graalpy: add graalpy early-access and windows builds (\u003ca href=\"https://redirect.github.com/actions/setup-python/issues/880\"\u003e#880\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/setup-python/commit/bba65e51ff35d50c6dbaaacd8a4681db13aa7cb4\"\u003e\u003ccode\u003ebba65e5\u003c/code\u003e\u003c/a\u003e Bump typescript from 5.4.2 to 5.9.3 and update docs/advanced-usage.md (\u003ca href=\"https://redirect.github.com/actions/setup-python/issues/1094\"\u003e#1094\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/setup-python/commit/18566f86b301499665bd3eb1a2247e0849c64fa5\"\u003e\u003ccode\u003e18566f8\u003c/code\u003e\u003c/a\u003e Improve wording and \u0026quot;fix example\u0026quot; (remove 3.13) on testing against pre-releas...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/actions/setup-python/compare/a26af69be951a213d495a4c3e4e4022e16d87065...a309ff8b426b58ec0e2a45f0f869d46889d02405\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `actions/create-github-app-token` from 2.2.2 to 3.2.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/create-github-app-token/releases\"\u003eactions/create-github-app-token's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.2.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/compare/v3.1.1...v3.2.0\"\u003e3.2.0\u003c/a\u003e (2026-05-12)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd support for enterprise-level GitHub Apps (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/263\"\u003e#263\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/952a2a7073df6bfa5f49bc469ec895b6ec1acea4\"\u003e952a2a7\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esupport full repository names in \u003ccode\u003erepositories\u003c/code\u003e input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/372\"\u003e#372\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/85eb8dd41472213aed25d1a126460e0069138ab6\"\u003e85eb8dd\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1 in the production-dependencies group (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/364\"\u003e#364\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/43e5c345bfd4d4f3ecea019ad0042001a09dd857\"\u003e43e5c34\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003evalidate private-key input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/376\"\u003e#376\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/f24bbd89643991c0de27ae823c01791b2c6bafdd\"\u003ef24bbd8\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.1.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/compare/v3.1.0...v3.1.1\"\u003e3.1.1\u003c/a\u003e (2026-04-11)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eimprove error message when app identifier is empty (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/362\"\u003e#362\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/07e2b760664f080c40eec4eacf7477256582db36\"\u003e07e2b76\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/249\"\u003e#249\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.1.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/compare/v3.0.0...v3.1.0\"\u003e3.1.0\u003c/a\u003e (2026-04-11)\u003c/h1\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump p-retry from 7.1.1 to 8.0.0 (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/357\"\u003e#357\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/3bbe07d928e2d6c30bf3e37c6b89edbc4045facf\"\u003e3bbe07d\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd \u003ccode\u003eclient-id\u003c/code\u003e input and deprecate \u003ccode\u003eapp-id\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/353\"\u003e#353\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/e6bd4e6970172bed9fe138b2eaf4cbffa4cca8f9\"\u003ee6bd4e6\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupdate permission inputs (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/358\"\u003e#358\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/076e9480ca6e9633bff412d05eff0fc2f1e7d2be\"\u003e076e948\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.0.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/compare/v2.2.2...v3.0.0\"\u003e3.0.0\u003c/a\u003e (2026-03-14)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003efeat!: node 24 support (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/275\"\u003e#275\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/2e564a0bb8e7cc2b907b2401a2afe177882d4325\"\u003e2e564a0\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix!: require \u003ccode\u003eNODE_USE_ENV_PROXY\u003c/code\u003e for proxy support (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/342\"\u003e#342\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/4451bcbc139f8124b0bf04f968ea2586b17df458\"\u003e4451bcb\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eremove custom proxy handling (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/143\"\u003e#143\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/dce0ab05f36f30b22fd14289fd36655c618e4e8e\"\u003edce0ab0\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/create-github-app-token/blob/main/CHANGELOG.md\"\u003eactions/create-github-app-token's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/compare/v3.1.1...v3.2.0\"\u003e3.2.0\u003c/a\u003e (2026-05-12)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd support for enterprise-level GitHub Apps (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/263\"\u003e#263\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/952a2a7073df6bfa5f49bc469ec895b6ec1acea4\"\u003e952a2a7\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esupport full repository names in \u003ccode\u003erepositories\u003c/code\u003e input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/372\"\u003e#372\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/85eb8dd41472213aed25d1a126460e0069138ab6\"\u003e85eb8dd\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1 in the production-dependencies group (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/364\"\u003e#364\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/43e5c345bfd4d4f3ecea019ad0042001a09dd857\"\u003e43e5c34\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003evalidate private-key input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/376\"\u003e#376\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/f24bbd89643991c0de27ae823c01791b2c6bafdd\"\u003ef24bbd8\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/bcd2ba49218906704ab6c1aa796996da409d3eb1\"\u003e\u003ccode\u003ebcd2ba4\u003c/code\u003e\u003c/a\u003e chore(main): release 3.2.0 (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/370\"\u003e#370\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/f24bbd89643991c0de27ae823c01791b2c6bafdd\"\u003e\u003ccode\u003ef24bbd8\u003c/code\u003e\u003c/a\u003e fix: validate private-key input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/376\"\u003e#376\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/363531b6d972a60a00b3f1e6bb139e5e6c764cd9\"\u003e\u003ccode\u003e363531b\u003c/code\u003e\u003c/a\u003e docs: capitalize Git as a proper noun in README (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/374\"\u003e#374\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/fd2801133e469d2950f2c5af5e591d6b2ad833c8\"\u003e\u003ccode\u003efd28011\u003c/code\u003e\u003c/a\u003e docs: update procedure to configure Git (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/287\"\u003e#287\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/85eb8dd41472213aed25d1a126460e0069138ab6\"\u003e\u003ccode\u003e85eb8dd\u003c/code\u003e\u003c/a\u003e feat: support full repository names in \u003ccode\u003erepositories\u003c/code\u003e input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/372\"\u003e#372\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/c9aabb83728c3bd519212fa657ebc07e1f2a5dec\"\u003e\u003ccode\u003ec9aabb8\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump yaml from 2.8.3 to 2.8.4 in the development-dependencie...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/e02e816e5591415258a53bf735aff57977dcd5e2\"\u003e\u003ccode\u003ee02e816\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump undici from 7.24.6 to 8.2.0 (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/366\"\u003e#366\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/8d835bfd37aa48fcb8e709925115857568d98bc4\"\u003e\u003ccode\u003e8d835bf\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump esbuild from 0.27.4 to 0.28.0 in the development-depend...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/952a2a7073df6bfa5f49bc469ec895b6ec1acea4\"\u003e\u003ccode\u003e952a2a7\u003c/code\u003e\u003c/a\u003e feat: add support for enterprise-level GitHub Apps (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/263\"\u003e#263\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/43e5c345bfd4d4f3ecea019ad0042001a09dd857\"\u003e\u003ccode\u003e43e5c34\u003c/code\u003e\u003c/a\u003e fix(deps): bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1 in the production-dependenc...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/actions/create-github-app-token/compare/fee1f7d63c2ff003460e3d139729b119787bc349...bcd2ba49218906704ab6c1aa796996da409d3eb1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github/codeql-action` from 3.35.4 to 4.36.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/github/codeql-action/releases\"\u003egithub/codeql-action's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.36.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cem\u003eBreaking change\u003c/em\u003e: Bump the minimum required CodeQL bundle version to 2.19.4. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3894\"\u003e#3894\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd support for SHA-256 Git object IDs. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3893\"\u003e#3893\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.5\"\u003e2.25.5\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3926\"\u003e#3926\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.35.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eWe have improved how the JavaScript bundles for the CodeQL Action are generated to avoid duplication across bundles and reduce the size of the repository by around 70%. This should have no effect on the runtime behaviour of the CodeQL Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3899\"\u003e#3899\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFor performance and accuracy reasons, \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e will now only be enabled on a pull request when diff-informed analysis is also enabled for that run. If diff-informed analysis is unavailable (for example, because the PR diff ranges could not be computed), the action will fall back to a full analysis. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3791\"\u003e#3791\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIf multiple inputs are provided for the GitHub-internal \u003ccode\u003eanalysis-kinds\u003c/code\u003e input, only \u003ccode\u003ecode-scanning\u003c/code\u003e will be enabled. The \u003ccode\u003eanalysis-kinds\u003c/code\u003e input is experimental, for GitHub-internal use only, and may change without notice at any time. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3892\"\u003e#3892\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded an experimental change which, when running a Code Scanning analysis for a PR with \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e enabled, prefers CodeQL CLI versions that have a cached overlay-base database for the configured languages. This speeds up analysis for a repository when there is not yet a cached overlay-base database for the latest CLI version. We expect to roll this change out to everyone in May. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3880\"\u003e#3880\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.35.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.4\"\u003e2.25.4\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3881\"\u003e#3881\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.35.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cem\u003eUpcoming breaking change\u003c/em\u003e: Add a deprecation warning for customers using CodeQL version 2.19.3 and earlier. These versions of CodeQL were discontinued on 9 April 2026 alongside GitHub Enterprise Server 3.15, and will be unsupported by the next minor release of the CodeQL Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3837\"\u003e#3837\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eConfigurations for private registries that use Cloudsmith or GCP OIDC are now accepted. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3850\"\u003e#3850\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBest-effort connection tests for private registries now use \u003ccode\u003eGET\u003c/code\u003e requests instead of \u003ccode\u003eHEAD\u003c/code\u003e for better compatibility with various registry implementations. For NuGet feeds, the test is now always performed against the service index. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3853\"\u003e#3853\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed a bug where two diagnostics produced within the same millisecond could overwrite each other on disk, causing one of them to be lost. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3852\"\u003e#3852\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.3\"\u003e2.25.3\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3865\"\u003e#3865\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.35.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eThe undocumented TRAP cache cleanup feature that could be enabled using the \u003ccode\u003eCODEQL_ACTION_CLEANUP_TRAP_CACHES\u003c/code\u003e environment variable is deprecated and will be removed in May 2026. If you are affected by this, we recommend disabling TRAP caching by passing the \u003ccode\u003etrap-caching: false\u003c/code\u003e input to the \u003ccode\u003einit\u003c/code\u003e Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3795\"\u003e#3795\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe Git version 2.36.0 requirement for improved incremental analysis now only applies to repositories that contain submodules. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3789\"\u003e#3789\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePython analysis on GHES no longer extracts the standard library, relying instead on models of the standard library. This should result in significantly faster extraction and analysis times, while the effect on alerts should be minimal. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3794\"\u003e#3794\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed a bug in the validation of OIDC configurations for private registries that was added in CodeQL Action 4.33.0 / 3.33.0. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3807\"\u003e#3807\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.2\"\u003e2.25.2\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3823\"\u003e#3823\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.35.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix incorrect minimum required Git version for \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e: it should have been 2.36.0, not 2.11.0. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3781\"\u003e#3781\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.35.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReduced the minimum Git version required for \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e from 2.38.0 to 2.11.0. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3767\"\u003e#3767\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.1\"\u003e2.25.1\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3773\"\u003e#3773\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.34.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDowngrade default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.3\"\u003e2.24.3\u003c/a\u003e due to issues with a small percentage of Actions and JavaScript analyses. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3762\"\u003e#3762\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.34.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded an experimental change which disables TRAP caching when \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e is enabled, since improved incremental analysis supersedes TRAP caching. This will improve performance and reduce Actions cache usage. We expect to roll this change out to everyone in March. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3569\"\u003e#3569\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eWe are rolling out improved incremental analysis to C/C++ analyses that use build mode \u003ccode\u003enone\u003c/code\u003e. We expect this rollout to be complete by the end of April 2026. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3584\"\u003e#3584\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.0\"\u003e2.25.0\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3585\"\u003e#3585\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.33.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eUpcoming change: Starting April 2026, the CodeQL Action will skip collecting file coverage information on pull requests to improve analysis performance. File coverage information will still be computed on non-PR analyses. Pull request analyses will log a warning about this upcoming change. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3562\"\u003e#3562\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eTo opt out of this change:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eRepositories owned by an organization:\u003c/strong\u003e Create a custom repository property with the name \u003ccode\u003egithub-codeql-file-coverage-on-prs\u003c/code\u003e and the type \u0026quot;True/false\u0026quot;, then set this property to \u003ccode\u003etrue\u003c/code\u003e in the repository's settings. For more information, see \u003ca href=\"https://docs.github.com/en/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization\"\u003eManaging custom properties for repositories in your organization\u003c/a\u003e. Alternatively, if you are using an advanced setup workflow, you can set the \u003ccode\u003eCODEQL_ACTION_FILE_COVERAGE_ON_PRS\u003c/code\u003e environment variable to \u003ccode\u003etrue\u003c/code\u003e in your workflow.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUser-owned repositories using default setup:\u003c/strong\u003e Switch to an advanced setup workflow and set the \u003ccode\u003eCODEQL_ACTION_FILE_COVERAGE_ON_PRS\u003c/code\u003e environment variable to \u003ccode\u003etrue\u003c/code\u003e in your workflow.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUser-owned repositories using advanced setup:\u003c/strong\u003e Set the \u003ccode\u003eCODEQL_ACTION_FILE_COVERAGE_ON_PRS\u003c/code\u003e environment variable to \u003ccode\u003etrue\u003c/code\u003e in your workflow.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/github/codeql-action/blob/main/CHANGELOG.md\"\u003egithub/codeql-action's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eCodeQL Action Changelog\u003c/h1\u003e\n\u003cp\u003eSee the \u003ca href=\"https://github.com/github/codeql-action/releases\"\u003ereleases page\u003c/a\u003e for the relevant changes to the CodeQL CLI and language packs.\u003c/p\u003e\n\u003ch2\u003e[UNRELEASED]\u003c/h2\u003e\n\u003cp\u003eNo user facing changes.\u003c/p\u003e\n\u003ch2\u003e4.36.0 - 22 May 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cem\u003eBreaking change\u003c/em\u003e: Bump the minimum required CodeQL bundle version to 2.19.4. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3894\"\u003e#3894\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd support for SHA-256 Git object IDs. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3893\"\u003e#3893\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.5\"\u003e2.25.5\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3926\"\u003e#3926\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.5 - 15 May 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eWe have improved how the JavaScript bundles for the CodeQL Action are generated to avoid duplication across bundles and reduce the size of the repository by around 70%. This should have no effect on the runtime behaviour of the CodeQL Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3899\"\u003e#3899\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFor performance and accuracy reasons, \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e will now only be enabled on a pull request when diff-informed analysis is also enabled for that run. If diff-informed analysis is unavailable (for example, because the PR diff ranges could not be computed), the action will fall back to a full analysis. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3791\"\u003e#3791\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIf multiple inputs are provided for the GitHub-internal \u003ccode\u003eanalysis-kinds\u003c/code\u003e input, only \u003ccode\u003ecode-scanning\u003c/code\u003e will be enabled. The \u003ccode\u003eanalysis-kinds\u003c/code\u003e input is experimental, for GitHub-internal use only, and may change without notice at any time. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3892\"\u003e#3892\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded an experimental change which, when running a Code Scanning analysis for a PR with \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e enabled, prefers CodeQL CLI versions that have a cached overlay-base database for the configured languages. This speeds up analysis for a repository when there is not yet a cached overlay-base database for the latest CLI version. We expect to roll this change out to everyone in May. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3880\"\u003e#3880\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.4 - 07 May 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.4\"\u003e2.25.4\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3881\"\u003e#3881\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.3 - 01 May 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cem\u003eUpcoming breaking change\u003c/em\u003e: Add a deprecation warning for customers using CodeQL version 2.19.3 and earlier. These versions of CodeQL were discontinued on 9 April 2026 alongside GitHub Enterprise Server 3.15, and will be unsupported by the next minor release of the CodeQL Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3837\"\u003e#3837\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eConfigurations for private registries that use Cloudsmith or GCP OIDC are now accepted. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3850\"\u003e#3850\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBest-effort connection tests for private registries now use \u003ccode\u003eGET\u003c/code\u003e requests instead of \u003ccode\u003eHEAD\u003c/code\u003e for better compatibility with various registry implementations. For NuGet feeds, the test is now always performed against the service index. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3853\"\u003e#3853\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed a bug where two diagnostics produced within the same millisecond could overwrite each other on disk, causing one of them to be lost. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3852\"\u003e#3852\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.3\"\u003e2.25.3\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3865\"\u003e#3865\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.2 - 15 Apr 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eThe undocumented TRAP cache cleanup feature that could be enabled using the \u003ccode\u003eCODEQL_ACTION_CLEANUP_TRAP_CACHES\u003c/code\u003e environment variable is deprecated and will be removed in May 20...\n\n_Description has been truncated_","html_url":"https://github.com/ag-ui-protocol/ag-ui/pull/1803","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/ag-ui-protocol%2Fag-ui/issues/1803","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/1803/packages"}},{"old_version":"2","new_version":"3","update_type":null,"path":"/sources/.github/workflows","pr_created_at":"2026-05-26T10:23:55.000Z","version_change":"2 → 3","issue":{"uuid":"4523444706","node_id":"PR_kwDOK5HtWM7fXo03","number":81,"state":"open","title":"build(deps): bump actions/create-github-app-token from 2 to 3 in /sources/.github/workflows","user":"dependabot[bot]","labels":["tag:bot","type:github-actions"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-26T10:23:55.000Z","updated_at":"2026-05-26T10:24:05.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"build(deps)","packages":[{"name":"actions/create-github-app-token","old_version":"2","new_version":"3","repository_url":"https://github.com/actions/create-github-app-token"}],"path":"/sources/.github/workflows","ecosystem":"actions"},"body":"Bumps [actions/create-github-app-token](https://github.com/actions/create-github-app-token) from 2 to 3.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/create-github-app-token/releases\"\u003eactions/create-github-app-token's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.0.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/compare/v2.2.2...v3.0.0\"\u003e3.0.0\u003c/a\u003e (2026-03-14)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003efeat!: node 24 support (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/275\"\u003e#275\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/2e564a0bb8e7cc2b907b2401a2afe177882d4325\"\u003e2e564a0\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix!: require \u003ccode\u003eNODE_USE_ENV_PROXY\u003c/code\u003e for proxy support (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/342\"\u003e#342\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/4451bcbc139f8124b0bf04f968ea2586b17df458\"\u003e4451bcb\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eremove custom proxy handling (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/143\"\u003e#143\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/dce0ab05f36f30b22fd14289fd36655c618e4e8e\"\u003edce0ab0\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCustom proxy handling has been removed. If you use HTTP_PROXY or HTTPS_PROXY, you must now also set NODE_USE_ENV_PROXY=1 on the action step.\u003c/li\u003e\n\u003cli\u003eRequires \u003ca href=\"https://github.com/actions/runner/releases/tag/v2.327.1\"\u003eActions Runner v2.327.1\u003c/a\u003e or later if you are using a self-hosted runner.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.0.0-beta.6\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/compare/v3.0.0-beta.5...v3.0.0-beta.6\"\u003e3.0.0-beta.6\u003c/a\u003e (2026-03-13)\u003c/h1\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 1.11.1 to 3.0.0 (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/337\"\u003e#337\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/b04413352d4644ac2131b9a90c074f5e93ca18a1\"\u003eb044133\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump minimatch from 9.0.5 to 9.0.9 (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/335\"\u003e#335\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/5cbc65624c9ddc4589492bda7c8b146223e8c3e4\"\u003e5cbc656\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump the production-dependencies group with 4 updates (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/336\"\u003e#336\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/6bda5bc1410576b9a0879ce6076d53345485bba9\"\u003e6bda5bc\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump undici from 7.16.0 to 7.18.2 (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/323\"\u003e#323\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/b4f638f48ee0dcdbb0bc646c48e4cb2a2de847fe\"\u003eb4f638f\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.0.0-beta.5\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/compare/v3.0.0-beta.4...v3.0.0-beta.5\"\u003e3.0.0-beta.5\u003c/a\u003e (2026-03-13)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003efix!: require \u003ccode\u003eNODE_USE_ENV_PROXY\u003c/code\u003e for proxy support (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/342\"\u003e#342\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/d53a1cdfde844c958786293adcaf739ecb8b5eb9\"\u003ed53a1cd\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCustom proxy handling has been removed. If you use HTTP_PROXY or HTTPS_PROXY, you must now also set NODE_USE_ENV_PROXY=1 on the action step.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.0.0-beta.4\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/compare/v3.0.0-beta.3...v3.0.0-beta.4\"\u003e3.0.0-beta.4\u003c/a\u003e (2026-03-13)\u003c/h1\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump \u003ccode\u003e@​octokit/auth-app\u003c/code\u003e from 7.2.1 to 8.0.1 (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/257\"\u003e#257\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/bef1eaf1c0ac2b148ee2a0a74c65fbe6db0631f1\"\u003ebef1eaf\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump \u003ccode\u003e@​octokit/request\u003c/code\u003e from 9.2.3 to 10.0.2 (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/256\"\u003e#256\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/5d7307be63501c0070c634b0ae8fec74e8208130\"\u003e5d7307b\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump glob from 10.4.5 to 10.5.0 (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/305\"\u003e#305\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/5480f4325a18c025ee16d7e081413854624e9edc\"\u003e5480f43\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump p-retry from 6.2.1 to 7.1.0 (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/294\"\u003e#294\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/dce3be8b284f45e65caed11a610e2bef738d15b4\"\u003edce3be8\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/create-github-app-token/blob/main/CHANGELOG.md\"\u003eactions/create-github-app-token's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/bcd2ba49218906704ab6c1aa796996da409d3eb1\"\u003e\u003ccode\u003ebcd2ba4\u003c/code\u003e\u003c/a\u003e chore(main): release 3.2.0 (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/370\"\u003e#370\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/f24bbd89643991c0de27ae823c01791b2c6bafdd\"\u003e\u003ccode\u003ef24bbd8\u003c/code\u003e\u003c/a\u003e fix: validate private-key input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/376\"\u003e#376\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/363531b6d972a60a00b3f1e6bb139e5e6c764cd9\"\u003e\u003ccode\u003e363531b\u003c/code\u003e\u003c/a\u003e docs: capitalize Git as a proper noun in README (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/374\"\u003e#374\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/fd2801133e469d2950f2c5af5e591d6b2ad833c8\"\u003e\u003ccode\u003efd28011\u003c/code\u003e\u003c/a\u003e docs: update procedure to configure Git (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/287\"\u003e#287\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/85eb8dd41472213aed25d1a126460e0069138ab6\"\u003e\u003ccode\u003e85eb8dd\u003c/code\u003e\u003c/a\u003e feat: support full repository names in \u003ccode\u003erepositories\u003c/code\u003e input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/372\"\u003e#372\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/c9aabb83728c3bd519212fa657ebc07e1f2a5dec\"\u003e\u003ccode\u003ec9aabb8\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump yaml from 2.8.3 to 2.8.4 in the development-dependencie...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/e02e816e5591415258a53bf735aff57977dcd5e2\"\u003e\u003ccode\u003ee02e816\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump undici from 7.24.6 to 8.2.0 (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/366\"\u003e#366\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/8d835bfd37aa48fcb8e709925115857568d98bc4\"\u003e\u003ccode\u003e8d835bf\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump esbuild from 0.27.4 to 0.28.0 in the development-depend...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/952a2a7073df6bfa5f49bc469ec895b6ec1acea4\"\u003e\u003ccode\u003e952a2a7\u003c/code\u003e\u003c/a\u003e feat: add support for enterprise-level GitHub Apps (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/263\"\u003e#263\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/43e5c345bfd4d4f3ecea019ad0042001a09dd857\"\u003e\u003ccode\u003e43e5c34\u003c/code\u003e\u003c/a\u003e fix(deps): bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1 in the production-dependenc...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/actions/create-github-app-token/compare/v2...v3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/create-github-app-token\u0026package-manager=github_actions\u0026previous-version=2\u0026new-version=3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/autowarefoundation/sync-file-templates/pull/81","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/autowarefoundation%2Fsync-file-templates/issues/81","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/81/packages"}},{"old_version":"3.1.1","new_version":"3.2.0","update_type":"minor","path":null,"pr_created_at":"2026-05-26T06:51:27.000Z","version_change":"3.1.1 → 3.2.0","issue":{"uuid":"4522057761","node_id":"PR_kwDOP50I2M7fTHoc","number":765,"state":"closed","title":"build(deps): bump the github-actions group with 4 updates","user":"dependabot[bot]","labels":["dependencies","github_actions"],"assignees":[],"locked":false,"comments_count":3,"pull_request":true,"closed_at":"2026-05-26T06:59:38.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-26T06:51:27.000Z","updated_at":"2026-05-26T06:59:41.000Z","time_to_close":491,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"build(deps): bump","group_name":"github-actions","update_count":4,"packages":[{"name":"pnpm/action-setup","old_version":"6.0.4","new_version":"6.0.8","repository_url":"https://github.com/pnpm/action-setup"},{"name":"codecov/codecov-action","old_version":"6.0.0","new_version":"6.0.1","repository_url":"https://github.com/codecov/codecov-action"},{"name":"actions/create-github-app-token","old_version":"3.1.1","new_version":"3.2.0","repository_url":"https://github.com/actions/create-github-app-token"},{"name":"changesets/action","old_version":"1.7.0","new_version":"1.8.0","repository_url":"https://github.com/changesets/action"}],"path":null,"ecosystem":"actions"},"body":"Bumps the github-actions group with 4 updates: [pnpm/action-setup](https://github.com/pnpm/action-setup), [codecov/codecov-action](https://github.com/codecov/codecov-action), [actions/create-github-app-token](https://github.com/actions/create-github-app-token) and [changesets/action](https://github.com/changesets/action).\n\nUpdates `pnpm/action-setup` from 6.0.4 to 6.0.8\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pnpm/action-setup/releases\"\u003epnpm/action-setup's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.0.8\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edocs(README): fix \u003ccode\u003ecache_dependency_path\u003c/code\u003e type by \u003ca href=\"https://github.com/haines\"\u003e\u003ccode\u003e@​haines\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pnpm/action-setup/pull/257\"\u003epnpm/action-setup#257\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: drop patchPnpmEnv so standalone+self-update works on Windows by \u003ca href=\"https://github.com/zkochan\"\u003e\u003ccode\u003e@​zkochan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pnpm/action-setup/pull/258\"\u003epnpm/action-setup#258\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: update pnpm to 11.1.1 by \u003ca href=\"https://github.com/mungodewar\"\u003e\u003ccode\u003e@​mungodewar\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pnpm/action-setup/pull/248\"\u003epnpm/action-setup#248\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mungodewar\"\u003e\u003ccode\u003e@​mungodewar\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/pnpm/action-setup/pull/248\"\u003epnpm/action-setup#248\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pnpm/action-setup/compare/v6.0.7...v6.0.8\"\u003ehttps://github.com/pnpm/action-setup/compare/v6.0.7...v6.0.8\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.0.7\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: honor devEngines.packageManager.onFail=error (\u003ca href=\"https://redirect.github.com/pnpm/action-setup/issues/252\"\u003e#252\u003c/a\u003e) by \u003ca href=\"https://github.com/zkochan\"\u003e\u003ccode\u003e@​zkochan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pnpm/action-setup/pull/254\"\u003epnpm/action-setup#254\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: restore inputs from state in post by \u003ca href=\"https://github.com/haines\"\u003e\u003ccode\u003e@​haines\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pnpm/action-setup/pull/255\"\u003epnpm/action-setup#255\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: self-update bootstrap to packageManager-pinned version (\u003ca href=\"https://redirect.github.com/pnpm/action-setup/issues/233\"\u003e#233\u003c/a\u003e) by \u003ca href=\"https://github.com/zkochan\"\u003e\u003ccode\u003e@​zkochan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pnpm/action-setup/pull/256\"\u003epnpm/action-setup#256\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/haines\"\u003e\u003ccode\u003e@​haines\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/pnpm/action-setup/pull/255\"\u003epnpm/action-setup#255\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pnpm/action-setup/compare/v6.0.6...v6.0.7\"\u003ehttps://github.com/pnpm/action-setup/compare/v6.0.6...v6.0.7\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.0.6\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: bin_dest output points to self-updated pnpm, not bootstrap by \u003ca href=\"https://github.com/zkochan\"\u003e\u003ccode\u003e@​zkochan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pnpm/action-setup/pull/249\"\u003epnpm/action-setup#249\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pnpm/action-setup/compare/v6.0.5...v6.0.6\"\u003ehttps://github.com/pnpm/action-setup/compare/v6.0.5...v6.0.6\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.0.5\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: append (not prepend) action node dir to PATH for npm bootstrap by \u003ca href=\"https://github.com/zkochan\"\u003e\u003ccode\u003e@​zkochan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pnpm/action-setup/pull/241\"\u003epnpm/action-setup#241\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pnpm/action-setup/compare/v6.0.4...v6.0.5\"\u003ehttps://github.com/pnpm/action-setup/compare/v6.0.4...v6.0.5\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pnpm/action-setup/commit/0e279bb959325dab635dd2c09392533439d90093\"\u003e\u003ccode\u003e0e279bb\u003c/code\u003e\u003c/a\u003e fix: update pnpm to 11.1.1 (\u003ca href=\"https://redirect.github.com/pnpm/action-setup/issues/248\"\u003e#248\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pnpm/action-setup/commit/3e835812ef01165f4f8ae08ade56da44427ed4e0\"\u003e\u003ccode\u003e3e83581\u003c/code\u003e\u003c/a\u003e fix: drop patchPnpmEnv so standalone+self-update works on Windows (\u003ca href=\"https://redirect.github.com/pnpm/action-setup/issues/258\"\u003e#258\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pnpm/action-setup/commit/551b42e879e37e74d986effdd2a1647d2b02d464\"\u003e\u003ccode\u003e551b42e\u003c/code\u003e\u003c/a\u003e docs(README): fix \u003ccode\u003ecache_dependency_path\u003c/code\u003e type (\u003ca href=\"https://redirect.github.com/pnpm/action-setup/issues/257\"\u003e#257\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pnpm/action-setup/commit/739bfe42ca9233c5e6aca07c1a25a9d34aca49b0\"\u003e\u003ccode\u003e739bfe4\u003c/code\u003e\u003c/a\u003e fix: self-update bootstrap to packageManager-pinned version (\u003ca href=\"https://redirect.github.com/pnpm/action-setup/issues/233\"\u003e#233\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/pnpm/action-setup/issues/256\"\u003e#256\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pnpm/action-setup/commit/f61705d907761b3b5209e83910fafd1fea50c5a1\"\u003e\u003ccode\u003ef61705d\u003c/code\u003e\u003c/a\u003e chore: add CODEOWNERS\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pnpm/action-setup/commit/7a5507b117647ab83e96e9db317ba2234056ebf3\"\u003e\u003ccode\u003e7a5507b\u003c/code\u003e\u003c/a\u003e fix: restore inputs from state in post (\u003ca href=\"https://redirect.github.com/pnpm/action-setup/issues/255\"\u003e#255\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pnpm/action-setup/commit/1155470f3e5fb872accd4d104b8dfcda41f676ce\"\u003e\u003ccode\u003e1155470\u003c/code\u003e\u003c/a\u003e fix: honor devEngines.packageManager.onFail=error (\u003ca href=\"https://redirect.github.com/pnpm/action-setup/issues/252\"\u003e#252\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/pnpm/action-setup/issues/254\"\u003e#254\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pnpm/action-setup/commit/91ab88e2619ed1f46221f0ba42d1492c02baf788\"\u003e\u003ccode\u003e91ab88e\u003c/code\u003e\u003c/a\u003e fix: bin_dest output points to self-updated pnpm, not bootstrap (\u003ca href=\"https://redirect.github.com/pnpm/action-setup/issues/249\"\u003e#249\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pnpm/action-setup/commit/e578e19d19d31b011b841ba2aca34731a5f706a5\"\u003e\u003ccode\u003ee578e19\u003c/code\u003e\u003c/a\u003e fix: update pnpm to 11.0.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pnpm/action-setup/commit/8912a9102ac27614460f54aedde9e1e7f9aec20d\"\u003e\u003ccode\u003e8912a91\u003c/code\u003e\u003c/a\u003e fix: append (not prepend) action node dir to PATH for npm bootstrap (\u003ca href=\"https://redirect.github.com/pnpm/action-setup/issues/241\"\u003e#241\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/pnpm/action-setup/compare/26f6d4f2c533a43e6b5da0b4a5dd983f98f7b49a...0e279bb959325dab635dd2c09392533439d90093\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `codecov/codecov-action` from 6.0.0 to 6.0.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/codecov/codecov-action/releases\"\u003ecodecov/codecov-action's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.0.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: prevent template injection in run: steps (VULN-1652) by \u003ca href=\"https://github.com/thomasrockhu-codecov\"\u003e\u003ccode\u003e@​thomasrockhu-codecov\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1947\"\u003ecodecov/codecov-action#1947\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(release): 6.0.1 by \u003ca href=\"https://github.com/thomasrockhu-codecov\"\u003e\u003ccode\u003e@​thomasrockhu-codecov\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1949\"\u003ecodecov/codecov-action#1949\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/codecov/codecov-action/compare/v6.0.0...v6.0.1\"\u003ehttps://github.com/codecov/codecov-action/compare/v6.0.0...v6.0.1\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md\"\u003ecodecov/codecov-action's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.5.2\u003c/h2\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/codecov/codecov-action/compare/v5.5.1..v5.5.2\"\u003ehttps://github.com/codecov/codecov-action/compare/v5.5.1..v5.5.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.5.1\u003c/h2\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix: overwrite pr number on fork by \u003ca href=\"https://github.com/thomasrockhu-codecov\"\u003e\u003ccode\u003e@​thomasrockhu-codecov\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1871\"\u003ecodecov/codecov-action#1871\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/checkout from 4.2.2 to 5.0.0 by \u003ccode\u003e@​app/dependabot\u003c/code\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1868\"\u003ecodecov/codecov-action#1868\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.29.9 to 3.29.11 by \u003ccode\u003e@​app/dependabot\u003c/code\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1867\"\u003ecodecov/codecov-action#1867\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: update to use local app/ dir by \u003ca href=\"https://github.com/thomasrockhu-codecov\"\u003e\u003ccode\u003e@​thomasrockhu-codecov\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1872\"\u003ecodecov/codecov-action#1872\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: fix typo in README by \u003ca href=\"https://github.com/datalater\"\u003e\u003ccode\u003e@​datalater\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1866\"\u003ecodecov/codecov-action#1866\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDocument a \u003ccode\u003ecodecov-cli\u003c/code\u003e version reference example by \u003ca href=\"https://github.com/webknjaz\"\u003e\u003ccode\u003e@​webknjaz\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1774\"\u003ecodecov/codecov-action#1774\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.28.18 to 3.29.9 by \u003ccode\u003e@​app/dependabot\u003c/code\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1861\"\u003ecodecov/codecov-action#1861\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump ossf/scorecard-action from 2.4.1 to 2.4.2 by \u003ccode\u003e@​app/dependabot\u003c/code\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1833\"\u003ecodecov/codecov-action#1833\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/codecov/codecov-action/compare/v5.5.0..v5.5.1\"\u003ehttps://github.com/codecov/codecov-action/compare/v5.5.0..v5.5.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.5.0\u003c/h2\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efeat: upgrade wrapper to 0.2.4 by \u003ca href=\"https://github.com/jviall\"\u003e\u003ccode\u003e@​jviall\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1864\"\u003ecodecov/codecov-action#1864\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePin actions/github-script by Git SHA by \u003ca href=\"https://github.com/martincostello\"\u003e\u003ccode\u003e@​martincostello\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1859\"\u003ecodecov/codecov-action#1859\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: check reqs exist by \u003ca href=\"https://github.com/joseph-sentry\"\u003e\u003ccode\u003e@​joseph-sentry\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1835\"\u003ecodecov/codecov-action#1835\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: Typo in README by \u003ca href=\"https://github.com/spalmurray\"\u003e\u003ccode\u003e@​spalmurray\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1838\"\u003ecodecov/codecov-action#1838\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: Refine OIDC docs by \u003ca href=\"https://github.com/spalmurray\"\u003e\u003ccode\u003e@​spalmurray\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1837\"\u003ecodecov/codecov-action#1837\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.28.17 to 3.28.18 by \u003ccode\u003e@​app/dependabot\u003c/code\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1829\"\u003ecodecov/codecov-action#1829\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/codecov/codecov-action/compare/v5.4.3..v5.5.0\"\u003ehttps://github.com/codecov/codecov-action/compare/v5.4.3..v5.5.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.4.3\u003c/h2\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.28.13 to 3.28.17 by \u003ccode\u003e@​app/dependabot\u003c/code\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1822\"\u003ecodecov/codecov-action#1822\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: OIDC on forks by \u003ca href=\"https://github.com/joseph-sentry\"\u003e\u003ccode\u003e@​joseph-sentry\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1823\"\u003ecodecov/codecov-action#1823\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/codecov/codecov-action/compare/v5.4.2..v5.4.3\"\u003ehttps://github.com/codecov/codecov-action/compare/v5.4.2..v5.4.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.4.2\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/codecov/codecov-action/commit/e79a6962e0d4c0c17b229090214935d2e33f8354\"\u003e\u003ccode\u003ee79a696\u003c/code\u003e\u003c/a\u003e chore(release): 6.0.1 (\u003ca href=\"https://redirect.github.com/codecov/codecov-action/issues/1949\"\u003e#1949\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/codecov/codecov-action/commit/51e64229ac331acb0d7f7b17c67423995f991c79\"\u003e\u003ccode\u003e51e6422\u003c/code\u003e\u003c/a\u003e fix: prevent template injection in run: steps (VULN-1652) (\u003ca href=\"https://redirect.github.com/codecov/codecov-action/issues/1947\"\u003e#1947\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/codecov/codecov-action/compare/57e3a136b779b570ffcdbf80b3bdc90e7fab3de2...e79a6962e0d4c0c17b229090214935d2e33f8354\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `actions/create-github-app-token` from 3.1.1 to 3.2.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/create-github-app-token/releases\"\u003eactions/create-github-app-token's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.2.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/compare/v3.1.1...v3.2.0\"\u003e3.2.0\u003c/a\u003e (2026-05-12)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd support for enterprise-level GitHub Apps (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/263\"\u003e#263\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/952a2a7073df6bfa5f49bc469ec895b6ec1acea4\"\u003e952a2a7\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esupport full repository names in \u003ccode\u003erepositories\u003c/code\u003e input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/372\"\u003e#372\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/85eb8dd41472213aed25d1a126460e0069138ab6\"\u003e85eb8dd\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1 in the production-dependencies group (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/364\"\u003e#364\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/43e5c345bfd4d4f3ecea019ad0042001a09dd857\"\u003e43e5c34\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003evalidate private-key input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/376\"\u003e#376\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/f24bbd89643991c0de27ae823c01791b2c6bafdd\"\u003ef24bbd8\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/create-github-app-token/blob/main/CHANGELOG.md\"\u003eactions/create-github-app-token's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/compare/v3.1.1...v3.2.0\"\u003e3.2.0\u003c/a\u003e (2026-05-12)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd support for enterprise-level GitHub Apps (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/263\"\u003e#263\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/952a2a7073df6bfa5f49bc469ec895b6ec1acea4\"\u003e952a2a7\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esupport full repository names in \u003ccode\u003erepositories\u003c/code\u003e input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/372\"\u003e#372\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/85eb8dd41472213aed25d1a126460e0069138ab6\"\u003e85eb8dd\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1 in the production-dependencies group (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/364\"\u003e#364\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/43e5c345bfd4d4f3ecea019ad0042001a09dd857\"\u003e43e5c34\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003evalidate private-key input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/376\"\u003e#376\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/f24bbd89643991c0de27ae823c01791b2c6bafdd\"\u003ef24bbd8\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/bcd2ba49218906704ab6c1aa796996da409d3eb1\"\u003e\u003ccode\u003ebcd2ba4\u003c/code\u003e\u003c/a\u003e chore(main): release 3.2.0 (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/370\"\u003e#370\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/f24bbd89643991c0de27ae823c01791b2c6bafdd\"\u003e\u003ccode\u003ef24bbd8\u003c/code\u003e\u003c/a\u003e fix: validate private-key input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/376\"\u003e#376\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/363531b6d972a60a00b3f1e6bb139e5e6c764cd9\"\u003e\u003ccode\u003e363531b\u003c/code\u003e\u003c/a\u003e docs: capitalize Git as a proper noun in README (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/374\"\u003e#374\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/fd2801133e469d2950f2c5af5e591d6b2ad833c8\"\u003e\u003ccode\u003efd28011\u003c/code\u003e\u003c/a\u003e docs: update procedure to configure Git (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/287\"\u003e#287\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/85eb8dd41472213aed25d1a126460e0069138ab6\"\u003e\u003ccode\u003e85eb8dd\u003c/code\u003e\u003c/a\u003e feat: support full repository names in \u003ccode\u003erepositories\u003c/code\u003e input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/372\"\u003e#372\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/c9aabb83728c3bd519212fa657ebc07e1f2a5dec\"\u003e\u003ccode\u003ec9aabb8\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump yaml from 2.8.3 to 2.8.4 in the development-dependencie...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/e02e816e5591415258a53bf735aff57977dcd5e2\"\u003e\u003ccode\u003ee02e816\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump undici from 7.24.6 to 8.2.0 (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/366\"\u003e#366\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/8d835bfd37aa48fcb8e709925115857568d98bc4\"\u003e\u003ccode\u003e8d835bf\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump esbuild from 0.27.4 to 0.28.0 in the development-depend...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/952a2a7073df6bfa5f49bc469ec895b6ec1acea4\"\u003e\u003ccode\u003e952a2a7\u003c/code\u003e\u003c/a\u003e feat: add support for enterprise-level GitHub Apps (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/263\"\u003e#263\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/43e5c345bfd4d4f3ecea019ad0042001a09dd857\"\u003e\u003ccode\u003e43e5c34\u003c/code\u003e\u003c/a\u003e fix(deps): bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1 in the production-dependenc...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/actions/create-github-app-token/compare/1b10c78c7865c340bc4f6099eb2f838309f1e8c3...bcd2ba49218906704ab6c1aa796996da409d3eb1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `changesets/action` from 1.7.0 to 1.8.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/changesets/action/releases\"\u003echangesets/action's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.8.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/changesets/action/pull/258\"\u003e#258\u003c/a\u003e \u003ca href=\"https://github.com/changesets/action/commit/f5dbf72f96949cb0daf45152f0f63062df70e97d\"\u003e\u003ccode\u003ef5dbf72\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/tom-sherman\"\u003e\u003ccode\u003e@​tom-sherman\u003c/code\u003e\u003c/a\u003e! - Support draft version PR modes with a new \u003ccode\u003eprDraft\u003c/code\u003e input. Use \u003ccode\u003ecreate\u003c/code\u003e to create new version PRs as drafts, or \u003ccode\u003ealways\u003c/code\u003e to also convert existing version PRs back to draft when updating them.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/changesets/action/pull/502\"\u003e#502\u003c/a\u003e \u003ca href=\"https://github.com/changesets/action/commit/6002dbd987f49a3c0a134910d9c7bca975b79977\"\u003e\u003ccode\u003e6002dbd\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/oshytiko\"\u003e\u003ccode\u003e@​oshytiko\u003c/code\u003e\u003c/a\u003e! - Fixed initial \u003ccode\u003e.changeset\u003c/code\u003e state being picked up, when \u003ccode\u003ecwd\u003c/code\u003e parameter is provided\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/changesets/action/pull/536\"\u003e#536\u003c/a\u003e \u003ca href=\"https://github.com/changesets/action/commit/81b3f61ebffcb868f73e4c0b2682517149c834a2\"\u003e\u003ccode\u003e81b3f61\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/radnan\"\u003e\u003ccode\u003e@​radnan\u003c/code\u003e\u003c/a\u003e! - Fixed \u003ccode\u003e.changeset\u003c/code\u003e state being picked for the version command when \u003ccode\u003ecwd\u003c/code\u003e parameter is provided\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/changesets/action/blob/main/CHANGELOG.md\"\u003echangesets/action's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003e\u003ccode\u003e@​changesets/action\u003c/code\u003e\u003c/h1\u003e\n\u003ch2\u003e1.8.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/changesets/action/pull/258\"\u003e#258\u003c/a\u003e \u003ca href=\"https://github.com/changesets/action/commit/f5dbf72f96949cb0daf45152f0f63062df70e97d\"\u003e\u003ccode\u003ef5dbf72\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/tom-sherman\"\u003e\u003ccode\u003e@​tom-sherman\u003c/code\u003e\u003c/a\u003e! - Support draft version PR modes with a new \u003ccode\u003eprDraft\u003c/code\u003e input. Use \u003ccode\u003ecreate\u003c/code\u003e to create new version PRs as drafts, or \u003ccode\u003ealways\u003c/code\u003e to also convert existing version PRs back to draft when updating them.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/changesets/action/pull/502\"\u003e#502\u003c/a\u003e \u003ca href=\"https://github.com/changesets/action/commit/6002dbd987f49a3c0a134910d9c7bca975b79977\"\u003e\u003ccode\u003e6002dbd\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/oshytiko\"\u003e\u003ccode\u003e@​oshytiko\u003c/code\u003e\u003c/a\u003e! - Fixed initial \u003ccode\u003e.changeset\u003c/code\u003e state being picked up, when \u003ccode\u003ecwd\u003c/code\u003e parameter is provided\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/changesets/action/pull/536\"\u003e#536\u003c/a\u003e \u003ca href=\"https://github.com/changesets/action/commit/81b3f61ebffcb868f73e4c0b2682517149c834a2\"\u003e\u003ccode\u003e81b3f61\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/radnan\"\u003e\u003ccode\u003e@​radnan\u003c/code\u003e\u003c/a\u003e! - Fixed \u003ccode\u003e.changeset\u003c/code\u003e state being picked for the version command when \u003ccode\u003ecwd\u003c/code\u003e parameter is provided\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.7.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/changesets/action/pull/564\"\u003e#564\u003c/a\u003e \u003ca href=\"https://github.com/changesets/action/commit/935fe876b0054dfc962ac86bcddf028460040d46\"\u003e\u003ccode\u003e935fe87\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/Andarist\"\u003e\u003ccode\u003e@​Andarist\u003c/code\u003e\u003c/a\u003e! - Automatically use the GitHub-provided token to allow most users to avoid explicit \u003ccode\u003eGITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}\u003c/code\u003e configuration.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/changesets/action/pull/545\"\u003e#545\u003c/a\u003e \u003ca href=\"https://github.com/changesets/action/commit/54220dd92c06e7da112b139f95d8beb933e4cdde\"\u003e\u003ccode\u003e54220dd\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/ryanbas21\"\u003e\u003ccode\u003e@​ryanbas21\u003c/code\u003e\u003c/a\u003e! - The \u003ccode\u003e.npmrc\u003c/code\u003e generation now intelligently handles both traditional NPM token authentication and trusted publishing scenarios by only appending the auth token when \u003ccode\u003eNPM_TOKEN\u003c/code\u003e is defined. This prevents 'undefined' from being written to the registry configuration when using OIDC tokens from GitHub Actions trusted publishing.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/changesets/action/pull/563\"\u003e#563\u003c/a\u003e \u003ca href=\"https://github.com/changesets/action/commit/6af4a7ec080d23ac6b304f69b67fd0aa92e089e7\"\u003e\u003ccode\u003e6af4a7e\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/Andarist\"\u003e\u003ccode\u003e@​Andarist\u003c/code\u003e\u003c/a\u003e! - Don't error on already committed symlinks and executables that stay untouched\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.6.0\u003c/h2\u003e\n\u003ch3\u003eMinor Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://redirect.github.com/changesets/action/pull/558\"\u003e#558\u003c/a\u003e \u003ca href=\"https://github.com/changesets/action/commit/342005d41242bccd9dd9ae8d3679efce96af48ae\"\u003e\u003ccode\u003e342005d\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/harsha-venugopal-ledn\"\u003e\u003ccode\u003e@​harsha-venugopal-ledn\u003c/code\u003e\u003c/a\u003e! - Upgrade from Node.js 20 to Node.js 24 LTS\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e1.5.3\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/changesets/action/pull/477\"\u003e#477\u003c/a\u003e \u003ca href=\"https://github.com/changesets/action/commit/9d933dcd11c284ac49a835db884c3c1008b2b96f\"\u003e\u003ccode\u003e9d933dc\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/Andarist\"\u003e\u003ccode\u003e@​Andarist\u003c/code\u003e\u003c/a\u003e! - Updated \u003ccode\u003e@actions/*\u003c/code\u003e and \u003ccode\u003e@octokit/*\u003c/code\u003e dependencies.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/changesets/action/pull/479\"\u003e#479\u003c/a\u003e \u003ca href=\"https://github.com/changesets/action/commit/cf373e45c90a0cc564cd2770de3e9a3a4cdd4603\"\u003e\u003ccode\u003ecf373e4\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/Andarist\"\u003e\u003ccode\u003e@​Andarist\u003c/code\u003e\u003c/a\u003e! - Switched to \u003ccode\u003eesbuild\u003c/code\u003e for bundling the dist file. This led to 45% file size reduction.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/changesets/action/pull/488\"\u003e#488\u003c/a\u003e \u003ca href=\"https://github.com/changesets/action/commit/022692ba027b33bf46d4d41907a317fbf04461a7\"\u003e\u003ccode\u003e022692b\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/s0\"\u003e\u003ccode\u003e@​s0\u003c/code\u003e\u003c/a\u003e! - Fix PRs sometimes not getting reopened with \u003ccode\u003ecommitMode: github-api\u003c/code\u003e\u003c/p\u003e\n\u003cp\u003eThere was a race-condition that means sometimes existing PRs would not be found,\nand new PRs would be opened. This has now been fixed by fetching existing PRs\nbefore making any changes.\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/changesets/action/pull/486\"\u003e#486\u003c/a\u003e \u003ca href=\"https://github.com/changesets/action/commit/7ed195554624ebd75c08aa477b53110f61cc78f7\"\u003e\u003ccode\u003e7ed1955\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/s0\"\u003e\u003ccode\u003e@​s0\u003c/code\u003e\u003c/a\u003e! - Fixed situations in which \u003ccode\u003ecwd\u003c/code\u003e was specified as a relative path and used with (default) \u003ccode\u003ecommitMode: git-cli\u003c/code\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003e\u003ca href=\"https://redirect.github.com/changesets/action/pull/461\"\u003e#461\u003c/a\u003e \u003ca href=\"https://github.com/changesets/action/commit/e9c36b696406360bf04204ad32e3dcf3ad752b77\"\u003e\u003ccode\u003ee9c36b6\u003c/code\u003e\u003c/a\u003e Thanks \u003ca href=\"https://github.com/nayounsang\"\u003e\u003ccode\u003e@​nayounsang\u003c/code\u003e\u003c/a\u003e! - Avoid hitting a deprecation warning when encountering errors from \u003ccode\u003e@octokit/request-error\u003c/code\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/changesets/action/commit/63a615b9cd06ba9a3e6d13796c7fbcb080a60a0b\"\u003e\u003ccode\u003e63a615b\u003c/code\u003e\u003c/a\u003e v1.8.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/changesets/action/commit/84c24326acc93f51d3f24f30a546316c82e2115c\"\u003e\u003ccode\u003e84c2432\u003c/code\u003e\u003c/a\u003e Version Packages (\u003ca href=\"https://redirect.github.com/changesets/action/issues/598\"\u003e#598\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/changesets/action/commit/f5dbf72f96949cb0daf45152f0f63062df70e97d\"\u003e\u003ccode\u003ef5dbf72\u003c/code\u003e\u003c/a\u003e Add draft mode support (\u003ca href=\"https://redirect.github.com/changesets/action/issues/258\"\u003e#258\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/changesets/action/commit/91b911142e975cceaa134eecb302493230d68c05\"\u003e\u003ccode\u003e91b9111\u003c/code\u003e\u003c/a\u003e Protect publishes with env gate (\u003ca href=\"https://redirect.github.com/changesets/action/issues/610\"\u003e#610\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/changesets/action/commit/d4c53c294341eec8a419ec2d1927138bfdeec234\"\u003e\u003ccode\u003ed4c53c2\u003c/code\u003e\u003c/a\u003e Fix \u003ccode\u003eCODEOWNERS\u003c/code\u003e pattern\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/changesets/action/commit/2ae596f3dd74aaee4f346b31fda33a58528d3d40\"\u003e\u003ccode\u003e2ae596f\u003c/code\u003e\u003c/a\u003e Tweak CI setup (\u003ca href=\"https://redirect.github.com/changesets/action/issues/599\"\u003e#599\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/changesets/action/commit/0784b0ec8fcaa273fc06742c926ee7cfc946a8e7\"\u003e\u003ccode\u003e0784b0e\u003c/code\u003e\u003c/a\u003e Add \u003ccode\u003eCODEOWNERS\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/changesets/action/commit/81b3f61ebffcb868f73e4c0b2682517149c834a2\"\u003e\u003ccode\u003e81b3f61\u003c/code\u003e\u003c/a\u003e Fixed \u003ccode\u003e.changeset\u003c/code\u003e state being picked for the version command when \u003ccode\u003ecwd\u003c/code\u003e para...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/changesets/action/commit/6002dbd987f49a3c0a134910d9c7bca975b79977\"\u003e\u003ccode\u003e6002dbd\u003c/code\u003e\u003c/a\u003e Fix reading \u003ccode\u003e.changeset\u003c/code\u003e directory from path provided in \u003ccode\u003ecwd\u003c/code\u003e parameter (\u003ca href=\"https://redirect.github.com/changesets/action/issues/502\"\u003e#502\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/changesets/action/compare/6a0a831ff30acef54f2c6aa1cbbc1096b066edaf...63a615b9cd06ba9a3e6d13796c7fbcb080a60a0b\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\n\n\n\u003c/details\u003e","html_url":"https://github.com/nl-design-system/theme-wizard/pull/765","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/nl-design-system%2Ftheme-wizard/issues/765","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/765/packages"}},{"old_version":"1.9.3","new_version":"3.2.0","update_type":"major","path":null,"pr_created_at":"2026-05-25T17:11:45.000Z","version_change":"1.9.3 → 3.2.0","issue":{"uuid":"4518481397","node_id":"PR_kwDOPRF1G87fHh5F","number":32172,"state":"open","title":"chore(actions)(deps): bump actions/create-github-app-token from 1.9.3 to 3.2.0","user":"dependabot[bot]","labels":["dependencies"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-25T17:11:45.000Z","updated_at":"2026-05-25T17:12:36.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(actions)(deps)","packages":[{"name":"actions/create-github-app-token","old_version":"1.9.3","new_version":"3.2.0","repository_url":"https://github.com/actions/create-github-app-token"}],"path":null,"ecosystem":"actions"},"body":"Bumps [actions/create-github-app-token](https://github.com/actions/create-github-app-token) from 1.9.3 to 3.2.0.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/create-github-app-token/releases\"\u003eactions/create-github-app-token's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.2.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/compare/v3.1.1...v3.2.0\"\u003e3.2.0\u003c/a\u003e (2026-05-12)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd support for enterprise-level GitHub Apps (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/263\"\u003e#263\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/952a2a7073df6bfa5f49bc469ec895b6ec1acea4\"\u003e952a2a7\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esupport full repository names in \u003ccode\u003erepositories\u003c/code\u003e input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/372\"\u003e#372\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/85eb8dd41472213aed25d1a126460e0069138ab6\"\u003e85eb8dd\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1 in the production-dependencies group (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/364\"\u003e#364\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/43e5c345bfd4d4f3ecea019ad0042001a09dd857\"\u003e43e5c34\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003evalidate private-key input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/376\"\u003e#376\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/f24bbd89643991c0de27ae823c01791b2c6bafdd\"\u003ef24bbd8\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.1.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/compare/v3.1.0...v3.1.1\"\u003e3.1.1\u003c/a\u003e (2026-04-11)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eimprove error message when app identifier is empty (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/362\"\u003e#362\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/07e2b760664f080c40eec4eacf7477256582db36\"\u003e07e2b76\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/249\"\u003e#249\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.1.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/compare/v3.0.0...v3.1.0\"\u003e3.1.0\u003c/a\u003e (2026-04-11)\u003c/h1\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump p-retry from 7.1.1 to 8.0.0 (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/357\"\u003e#357\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/3bbe07d928e2d6c30bf3e37c6b89edbc4045facf\"\u003e3bbe07d\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd \u003ccode\u003eclient-id\u003c/code\u003e input and deprecate \u003ccode\u003eapp-id\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/353\"\u003e#353\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/e6bd4e6970172bed9fe138b2eaf4cbffa4cca8f9\"\u003ee6bd4e6\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupdate permission inputs (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/358\"\u003e#358\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/076e9480ca6e9633bff412d05eff0fc2f1e7d2be\"\u003e076e948\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.0.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/compare/v2.2.2...v3.0.0\"\u003e3.0.0\u003c/a\u003e (2026-03-14)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003efeat!: node 24 support (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/275\"\u003e#275\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/2e564a0bb8e7cc2b907b2401a2afe177882d4325\"\u003e2e564a0\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix!: require \u003ccode\u003eNODE_USE_ENV_PROXY\u003c/code\u003e for proxy support (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/342\"\u003e#342\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/4451bcbc139f8124b0bf04f968ea2586b17df458\"\u003e4451bcb\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eremove custom proxy handling (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/143\"\u003e#143\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/dce0ab05f36f30b22fd14289fd36655c618e4e8e\"\u003edce0ab0\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/create-github-app-token/blob/main/CHANGELOG.md\"\u003eactions/create-github-app-token's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/compare/v3.1.1...v3.2.0\"\u003e3.2.0\u003c/a\u003e (2026-05-12)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd support for enterprise-level GitHub Apps (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/263\"\u003e#263\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/952a2a7073df6bfa5f49bc469ec895b6ec1acea4\"\u003e952a2a7\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esupport full repository names in \u003ccode\u003erepositories\u003c/code\u003e input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/372\"\u003e#372\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/85eb8dd41472213aed25d1a126460e0069138ab6\"\u003e85eb8dd\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1 in the production-dependencies group (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/364\"\u003e#364\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/43e5c345bfd4d4f3ecea019ad0042001a09dd857\"\u003e43e5c34\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003evalidate private-key input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/376\"\u003e#376\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/f24bbd89643991c0de27ae823c01791b2c6bafdd\"\u003ef24bbd8\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/bcd2ba49218906704ab6c1aa796996da409d3eb1\"\u003e\u003ccode\u003ebcd2ba4\u003c/code\u003e\u003c/a\u003e chore(main): release 3.2.0 (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/370\"\u003e#370\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/f24bbd89643991c0de27ae823c01791b2c6bafdd\"\u003e\u003ccode\u003ef24bbd8\u003c/code\u003e\u003c/a\u003e fix: validate private-key input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/376\"\u003e#376\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/363531b6d972a60a00b3f1e6bb139e5e6c764cd9\"\u003e\u003ccode\u003e363531b\u003c/code\u003e\u003c/a\u003e docs: capitalize Git as a proper noun in README (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/374\"\u003e#374\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/fd2801133e469d2950f2c5af5e591d6b2ad833c8\"\u003e\u003ccode\u003efd28011\u003c/code\u003e\u003c/a\u003e docs: update procedure to configure Git (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/287\"\u003e#287\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/85eb8dd41472213aed25d1a126460e0069138ab6\"\u003e\u003ccode\u003e85eb8dd\u003c/code\u003e\u003c/a\u003e feat: support full repository names in \u003ccode\u003erepositories\u003c/code\u003e input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/372\"\u003e#372\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/c9aabb83728c3bd519212fa657ebc07e1f2a5dec\"\u003e\u003ccode\u003ec9aabb8\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump yaml from 2.8.3 to 2.8.4 in the development-dependencie...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/e02e816e5591415258a53bf735aff57977dcd5e2\"\u003e\u003ccode\u003ee02e816\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump undici from 7.24.6 to 8.2.0 (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/366\"\u003e#366\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/8d835bfd37aa48fcb8e709925115857568d98bc4\"\u003e\u003ccode\u003e8d835bf\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump esbuild from 0.27.4 to 0.28.0 in the development-depend...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/952a2a7073df6bfa5f49bc469ec895b6ec1acea4\"\u003e\u003ccode\u003e952a2a7\u003c/code\u003e\u003c/a\u003e feat: add support for enterprise-level GitHub Apps (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/263\"\u003e#263\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/43e5c345bfd4d4f3ecea019ad0042001a09dd857\"\u003e\u003ccode\u003e43e5c34\u003c/code\u003e\u003c/a\u003e fix(deps): bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1 in the production-dependenc...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/actions/create-github-app-token/compare/7bfa3a4717ef143a604ee0a99d859b8886a96d00...bcd2ba49218906704ab6c1aa796996da409d3eb1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/create-github-app-token\u0026package-manager=github_actions\u0026previous-version=1.9.3\u0026new-version=3.2.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/NousResearch/hermes-agent/pull/32172","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/NousResearch%2Fhermes-agent/issues/32172","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/32172/packages"}},{"old_version":"3.1.1","new_version":"3.2.0","update_type":"minor","path":null,"pr_created_at":"2026-05-25T16:46:28.000Z","version_change":"3.1.1 → 3.2.0","issue":{"uuid":"4518363983","node_id":"PR_kwDOAB7Rz87fHJss","number":7762,"state":"open","title":"chore(deps): bump the github-actions group across 1 directory with 7 updates","user":"dependabot[bot]","labels":["sdou","dependencies"],"assignees":[],"locked":false,"comments_count":3,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-25T16:46:28.000Z","updated_at":"2026-05-30T04:00:59.145Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"github-actions","update_count":7,"packages":[{"name":"aws-actions/configure-aws-credentials","old_version":"4","new_version":"6","repository_url":"https://github.com/aws-actions/configure-aws-credentials"},{"name":"aws-actions/aws-secretsmanager-get-secrets","old_version":"2","new_version":"3","repository_url":"https://github.com/aws-actions/aws-secretsmanager-get-secrets"},{"name":"actions/github-script","old_version":"8","new_version":"9","repository_url":"https://github.com/actions/github-script"},{"name":"actions/create-github-app-token","old_version":"3.1.1","new_version":"3.2.0","repository_url":"https://github.com/actions/create-github-app-token"},{"name":"github/codeql-action","old_version":"4.35.2","new_version":"4.36.0","repository_url":"https://github.com/github/codeql-action"},{"name":"slackapi/slack-github-action","old_version":"3.0.2","new_version":"3.0.3","repository_url":"https://github.com/slackapi/slack-github-action"},{"name":"release-drafter/release-drafter","old_version":"7.2.0","new_version":"7.3.1","repository_url":"https://github.com/release-drafter/release-drafter"}],"path":null,"ecosystem":"actions"},"body":"[//]: # (dependabot-start)\n⚠️  **Dependabot is rebasing this PR** ⚠️ \n\nRebasing might not happen immediately, so don't worry if this takes some time.\n\nNote: if you make any changes to this PR yourself, they will take precedence over the rebase.\n\n---\n\n[//]: # (dependabot-end)\n\nBumps the github-actions group with 7 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [aws-actions/configure-aws-credentials](https://github.com/aws-actions/configure-aws-credentials) | `4` | `6` |\n| [aws-actions/aws-secretsmanager-get-secrets](https://github.com/aws-actions/aws-secretsmanager-get-secrets) | `2` | `3` |\n| [actions/github-script](https://github.com/actions/github-script) | `8` | `9` |\n| [actions/create-github-app-token](https://github.com/actions/create-github-app-token) | `3.1.1` | `3.2.0` |\n| [github/codeql-action](https://github.com/github/codeql-action) | `4.35.2` | `4.36.0` |\n| [slackapi/slack-github-action](https://github.com/slackapi/slack-github-action) | `3.0.2` | `3.0.3` |\n| [release-drafter/release-drafter](https://github.com/release-drafter/release-drafter) | `7.2.0` | `7.3.1` |\n\n\nUpdates `aws-actions/configure-aws-credentials` from 4 to 6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/aws-actions/configure-aws-credentials/releases\"\u003eaws-actions/configure-aws-credentials's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.0.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/aws-actions/configure-aws-credentials/compare/v5.1.1...v6.0.0\"\u003e6.0.0\u003c/a\u003e (2026-02-04)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate action to use node24 \u003cem\u003eNote this requires GitHub action runner version \u003ca href=\"https://github.com/actions/runner/releases/tag/v2.327.1\"\u003ev2.327.1\u003c/a\u003e or later\u003c/em\u003e (\u003ca href=\"https://redirect.github.com/aws-actions/configure-aws-credentials/pull/1632\"\u003e#1632\u003c/a\u003e) (\u003ca href=\"https://github.com/aws-actions/configure-aws-credentials/commit/a7a2c1125c67f40a1e95768f4e4a7d8f019f87af\"\u003ea7a2c11\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd support to define transitive tag keys (\u003ca href=\"https://redirect.github.com/aws-actions/configure-aws-credentials/pull/1316\"\u003e#1316\u003c/a\u003e) (\u003ca href=\"https://github.com/aws-actions/configure-aws-credentials/commit/232435c0c05e51137544f0203931b84893d13b74\"\u003e232435c\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/aws-actions/configure-aws-credentials/pull/1628/changes/930ebd9bcaed959c3ba9e21567e8abbc3cae72c0\"\u003e930ebd9\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eproperly output \u003ccode\u003eaws-account-id\u003c/code\u003e and \u003ccode\u003eauthenticated-arn\u003c/code\u003e when using role-chaining (\u003ca href=\"https://redirect.github.com/aws-actions/configure-aws-credentials/pull/1633\"\u003e#1633\u003c/a\u003e) (\u003ca href=\"https://github.com/aws-actions/configure-aws-credentials/commit/7ceaf96edc86cc1713cef59eba79feeb23f59da1\"\u003e7ceaf96\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.1.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/aws-actions/configure-aws-credentials/compare/v5.1.0...v5.1.1\"\u003e5.1.1\u003c/a\u003e (2025-11-24)\u003c/h2\u003e\n\u003ch3\u003eMiscellaneous Chores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003erelease 5.1.1 (\u003ca href=\"https://github.com/aws-actions/configure-aws-credentials/commit/56d6a583f00f6bad6d19d91d53a7bc3b8143d0e9\"\u003e56d6a58\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003evarious dependency updates\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.1.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/aws-actions/configure-aws-credentials/compare/v5.0.0...v5.1.0\"\u003e5.1.0\u003c/a\u003e (2025-10-06)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd global timeout support (\u003ca href=\"https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1487\"\u003e#1487\u003c/a\u003e) (\u003ca href=\"https://github.com/aws-actions/configure-aws-credentials/commit/1584b8b0e2062557287c28fbe9b8920df434e866\"\u003e1584b8b\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eadd no-proxy support (\u003ca href=\"https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1482\"\u003e#1482\u003c/a\u003e) (\u003ca href=\"https://github.com/aws-actions/configure-aws-credentials/commit/dde9b22a8e889a0821997a21a2c5a38020ee8de3\"\u003edde9b22\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eImprove debug logging in retry logic (\u003ca href=\"https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1485\"\u003e#1485\u003c/a\u003e) (\u003ca href=\"https://github.com/aws-actions/configure-aws-credentials/commit/97ef425d73aa532439f54f90d0e83101a186c5a6\"\u003e97ef425\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eproperly expose getProxyForUrl (introduced in \u003ca href=\"https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1482\"\u003e#1482\u003c/a\u003e) (\u003ca href=\"https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1486\"\u003e#1486\u003c/a\u003e) (\u003ca href=\"https://github.com/aws-actions/configure-aws-credentials/commit/cea42985ac88b42678fbc84c18066a7f07f05176\"\u003ecea4298\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.0.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/aws-actions/configure-aws-credentials/compare/v4.3.1...v5.0.0\"\u003e5.0.0\u003c/a\u003e (2025-09-03)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eCleanup input handling. Changes invalid boolean input behavior (see \u003ca href=\"https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1445\"\u003e#1445\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws-actions/configure-aws-credentials/commit/d979d5b3a71173a29b74b5b88418bfda9437d885\"\u003e\u003ccode\u003ed979d5b\u003c/code\u003e\u003c/a\u003e chore: release 6.1.1 (\u003ca href=\"https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1757\"\u003e#1757\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws-actions/configure-aws-credentials/commit/d4a9acd8d3a85678bd2eb9e0a2225949c8ce00f0\"\u003e\u003ccode\u003ed4a9acd\u003c/code\u003e\u003c/a\u003e chore: Update dist\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws-actions/configure-aws-credentials/commit/fc44f4ae4061c6145827c6bead5058cf4a09d3d7\"\u003e\u003ccode\u003efc44f4a\u003c/code\u003e\u003c/a\u003e chore(deps): bump \u003ccode\u003e@​aws-sdk/client-sts\u003c/code\u003e from 3.1033.0 to 3.1038.0 (\u003ca href=\"https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1749\"\u003e#1749\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws-actions/configure-aws-credentials/commit/0b8336f1bad4254674f1627a88cca9b70e5c1a99\"\u003e\u003ccode\u003e0b8336f\u003c/code\u003e\u003c/a\u003e chore: Update dist\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws-actions/configure-aws-credentials/commit/8c5bf33eedab7c569b2218bc0c1428d2c61479ed\"\u003e\u003ccode\u003e8c5bf33\u003c/code\u003e\u003c/a\u003e chore(deps-dev): bump \u003ccode\u003e@​aws-sdk/credential-provider-env\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1751\"\u003e#1751\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws-actions/configure-aws-credentials/commit/53df0c1c3279cace88c3da0c5a8791841d742b83\"\u003e\u003ccode\u003e53df0c1\u003c/code\u003e\u003c/a\u003e chore: Update dist\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws-actions/configure-aws-credentials/commit/c2c55827d200646241e6a76179dda6118b08577d\"\u003e\u003ccode\u003ec2c5582\u003c/code\u003e\u003c/a\u003e chore(deps): bump \u003ccode\u003e@​smithy/node-http-handler\u003c/code\u003e from 4.6.0 to 4.6.1 (\u003ca href=\"https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1750\"\u003e#1750\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws-actions/configure-aws-credentials/commit/bd0031d7c367b4b2496a30f8e318da766a6a0a7c\"\u003e\u003ccode\u003ebd0031d\u003c/code\u003e\u003c/a\u003e chore(deps): bump postcss from 8.5.6 to 8.5.12 (\u003ca href=\"https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1752\"\u003e#1752\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws-actions/configure-aws-credentials/commit/6ab499a6985908ab02d242935a89426bb7206e53\"\u003e\u003ccode\u003e6ab499a\u003c/code\u003e\u003c/a\u003e chore(deps-dev): bump \u003ccode\u003e@​biomejs/biome\u003c/code\u003e from 2.4.12 to 2.4.13 (\u003ca href=\"https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1747\"\u003e#1747\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws-actions/configure-aws-credentials/commit/bc9489585819302995bb108bbd899b7975f40303\"\u003e\u003ccode\u003ebc94895\u003c/code\u003e\u003c/a\u003e chore(deps-dev): bump \u003ccode\u003e@​biomejs/biome\u003c/code\u003e from 2.4.11 to 2.4.12 (\u003ca href=\"https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1739\"\u003e#1739\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/aws-actions/configure-aws-credentials/compare/v4...v6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `aws-actions/aws-secretsmanager-get-secrets` from 2 to 3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/aws-actions/aws-secretsmanager-get-secrets/releases\"\u003eaws-actions/aws-secretsmanager-get-secrets's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3\u003c/h2\u003e\n\u003cp\u003eThis tracks the latest v3.x.x version\u003c/p\u003e\n\u003ch2\u003ev2.0.10\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eExtend cleanup list if list already contains items by \u003ca href=\"https://github.com/rmennes\"\u003e\u003ccode\u003e@​rmennes\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/aws-actions/aws-secretsmanager-get-secrets/pull/236\"\u003eaws-actions/aws-secretsmanager-get-secrets#236\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Bump codecov/codecov-action from 4.5.0 to 5.4.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/aws-actions/aws-secretsmanager-get-secrets/pull/248\"\u003eaws-actions/aws-secretsmanager-get-secrets#248\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix invalid URL by \u003ca href=\"https://github.com/reyhankoyun\"\u003e\u003ccode\u003e@​reyhankoyun\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/aws-actions/aws-secretsmanager-get-secrets/pull/254\"\u003eaws-actions/aws-secretsmanager-get-secrets#254\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rmennes\"\u003e\u003ccode\u003e@​rmennes\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/aws-actions/aws-secretsmanager-get-secrets/pull/236\"\u003eaws-actions/aws-secretsmanager-get-secrets#236\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/reyhankoyun\"\u003e\u003ccode\u003e@​reyhankoyun\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/aws-actions/aws-secretsmanager-get-secrets/pull/254\"\u003eaws-actions/aws-secretsmanager-get-secrets#254\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/aws-actions/aws-secretsmanager-get-secrets/compare/v2...v2.0.10\"\u003ehttps://github.com/aws-actions/aws-secretsmanager-get-secrets/compare/v2...v2.0.10\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.0.9\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix edge case having a value with numeric start and also a prefix by \u003ca href=\"https://github.com/Geethik07\"\u003e\u003ccode\u003e@​Geethik07\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/aws-actions/aws-secretsmanager-get-secrets/pull/242\"\u003eaws-actions/aws-secretsmanager-get-secrets#242\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003enpm upgrade by \u003ca href=\"https://github.com/simonmarty\"\u003e\u003ccode\u003e@​simonmarty\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/aws-actions/aws-secretsmanager-get-secrets/pull/244\"\u003eaws-actions/aws-secretsmanager-get-secrets#244\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Geethik07\"\u003e\u003ccode\u003e@​Geethik07\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/aws-actions/aws-secretsmanager-get-secrets/pull/242\"\u003eaws-actions/aws-secretsmanager-get-secrets#242\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/aws-actions/aws-secretsmanager-get-secrets/compare/v2...v2.0.9\"\u003ehttps://github.com/aws-actions/aws-secretsmanager-get-secrets/compare/v2...v2.0.9\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.0.8\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eGroup minor version updates by \u003ca href=\"https://github.com/simonmarty\"\u003e\u003ccode\u003e@​simonmarty\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/aws-actions/aws-secretsmanager-get-secrets/pull/208\"\u003eaws-actions/aws-secretsmanager-get-secrets#208\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded Timeout Configuration by \u003ca href=\"https://github.com/nikvpat\"\u003e\u003ccode\u003e@​nikvpat\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/aws-actions/aws-secretsmanager-get-secrets/pull/228\"\u003eaws-actions/aws-secretsmanager-get-secrets#228\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nikvpat\"\u003e\u003ccode\u003e@​nikvpat\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/aws-actions/aws-secretsmanager-get-secrets/pull/228\"\u003eaws-actions/aws-secretsmanager-get-secrets#228\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/aws-actions/aws-secretsmanager-get-secrets/compare/v2...v2.0.8\"\u003ehttps://github.com/aws-actions/aws-secretsmanager-get-secrets/compare/v2...v2.0.8\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.0.7\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eIncreasing auto select family attempt timeout by \u003ca href=\"https://github.com/jirkafajfr\"\u003e\u003ccode\u003e@​jirkafajfr\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/aws-actions/aws-secretsmanager-get-secrets/pull/205\"\u003eaws-actions/aws-secretsmanager-get-secrets#205\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/aws-actions/aws-secretsmanager-get-secrets/compare/v2...v2.0.7\"\u003ehttps://github.com/aws-actions/aws-secretsmanager-get-secrets/compare/v2...v2.0.7\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.0.6\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBump \u003ccode\u003e@​aws-sdk/client-secrets-manager\u003c/code\u003e from 3.554.0 to 3.592.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/aws-actions/aws-secretsmanager-get-secrets/pull/140\"\u003eaws-actions/aws-secretsmanager-get-secrets#140\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: Bump aws-sdk-client-mock and aws-sdk-client-mock-jest by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/aws-actions/aws-secretsmanager-get-secrets/pull/143\"\u003eaws-actions/aws-secretsmanager-get-secrets#143\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump codecov/codecov-action from 4.3.0 to 4.4.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/aws-actions/aws-secretsmanager-get-secrets/pull/132\"\u003eaws-actions/aws-secretsmanager-get-secrets#132\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eName transformation documentation by \u003ca href=\"https://github.com/jirkafajfr\"\u003e\u003ccode\u003e@​jirkafajfr\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/aws-actions/aws-secretsmanager-get-secrets/pull/139\"\u003eaws-actions/aws-secretsmanager-get-secrets#139\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​aws-sdk/client-secrets-manager\u003c/code\u003e from 3.592.0 to 3.598.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/aws-actions/aws-secretsmanager-get-secrets/pull/146\"\u003eaws-actions/aws-secretsmanager-get-secrets#146\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump codecov/codecov-action from 4.4.1 to 4.5.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/aws-actions/aws-secretsmanager-get-secrets/pull/148\"\u003eaws-actions/aws-secretsmanager-get-secrets#148\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws-actions/aws-secretsmanager-get-secrets/commit/2cb1a461cbd4865ac4299648312e4704c646cd53\"\u003e\u003ccode\u003e2cb1a46\u003c/code\u003e\u003c/a\u003e Bump handlebars from 4.7.8 to 4.7.9 (\u003ca href=\"https://redirect.github.com/aws-actions/aws-secretsmanager-get-secrets/issues/301\"\u003e#301\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws-actions/aws-secretsmanager-get-secrets/commit/ebbee5c9ef1443f7f28f56b608e1a613b57208e5\"\u003e\u003ccode\u003eebbee5c\u003c/code\u003e\u003c/a\u003e Grant write permissions to the release workflow (\u003ca href=\"https://redirect.github.com/aws-actions/aws-secretsmanager-get-secrets/issues/300\"\u003e#300\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws-actions/aws-secretsmanager-get-secrets/commit/3a411b6ec5cace3d626412dd917e7bfeac242cfa\"\u003e\u003ccode\u003e3a411b6\u003c/code\u003e\u003c/a\u003e Bump version from 2.0.11 to 3.0.0 (\u003ca href=\"https://redirect.github.com/aws-actions/aws-secretsmanager-get-secrets/issues/297\"\u003e#297\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws-actions/aws-secretsmanager-get-secrets/commit/07435e35124a6b5cbb3f2e97c28b6f3690a82e88\"\u003e\u003ccode\u003e07435e3\u003c/code\u003e\u003c/a\u003e Remove actions/github, update actions/core (\u003ca href=\"https://redirect.github.com/aws-actions/aws-secretsmanager-get-secrets/issues/299\"\u003e#299\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws-actions/aws-secretsmanager-get-secrets/commit/bed0d0991595422bd74f5b396e29983981f31669\"\u003e\u003ccode\u003ebed0d09\u003c/code\u003e\u003c/a\u003e Update dependencies (\u003ca href=\"https://redirect.github.com/aws-actions/aws-secretsmanager-get-secrets/issues/298\"\u003e#298\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws-actions/aws-secretsmanager-get-secrets/commit/ca8dc6202765164ed873845259b9e991c171e1bb\"\u003e\u003ccode\u003eca8dc62\u003c/code\u003e\u003c/a\u003e chore: Bump flatted from 3.3.3 to 3.4.2 (\u003ca href=\"https://redirect.github.com/aws-actions/aws-secretsmanager-get-secrets/issues/295\"\u003e#295\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws-actions/aws-secretsmanager-get-secrets/commit/9c2003cc85cc7b581f4390adbe77a22f401fb8f0\"\u003e\u003ccode\u003e9c2003c\u003c/code\u003e\u003c/a\u003e Update dependencies (\u003ca href=\"https://redirect.github.com/aws-actions/aws-secretsmanager-get-secrets/issues/292\"\u003e#292\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws-actions/aws-secretsmanager-get-secrets/commit/8d2df8d4e48177e0447d47b5effcacf211143bb6\"\u003e\u003ccode\u003e8d2df8d\u003c/code\u003e\u003c/a\u003e Add versioned user-agent to AWS API calls (\u003ca href=\"https://redirect.github.com/aws-actions/aws-secretsmanager-get-secrets/issues/272\"\u003e#272\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws-actions/aws-secretsmanager-get-secrets/commit/aa511bf28c6767d1dea7a8d2330722fd992b3a15\"\u003e\u003ccode\u003eaa511bf\u003c/code\u003e\u003c/a\u003e fix: use OIDC for Codecov (\u003ca href=\"https://redirect.github.com/aws-actions/aws-secretsmanager-get-secrets/issues/266\"\u003e#266\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aws-actions/aws-secretsmanager-get-secrets/commit/3f3c9752b3fde1951196edb0185103a9dd5ce651\"\u003e\u003ccode\u003e3f3c975\u003c/code\u003e\u003c/a\u003e Replace push dist/ with check dist/ (\u003ca href=\"https://redirect.github.com/aws-actions/aws-secretsmanager-get-secrets/issues/256\"\u003e#256\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/aws-actions/aws-secretsmanager-get-secrets/compare/v2...v3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `actions/github-script` from 8 to 9\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/github-script/releases\"\u003eactions/github-script's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev9.0.0\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eNew features:\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003egetOctokit\u003c/code\u003e factory function\u003c/strong\u003e — Available directly in the script context. Create additional authenticated Octokit clients with different tokens for multi-token workflows, GitHub App tokens, and cross-org access. See \u003ca href=\"https://github.com/actions/github-script#creating-additional-clients-with-getoctokit\"\u003eCreating additional clients with \u003ccode\u003egetOctokit\u003c/code\u003e\u003c/a\u003e for details and examples.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eOrchestration ID in user-agent\u003c/strong\u003e — The \u003ccode\u003eACTIONS_ORCHESTRATION_ID\u003c/code\u003e environment variable is automatically appended to the user-agent string for request tracing.\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eBreaking changes:\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003e\u003ccode\u003erequire('@actions/github')\u003c/code\u003e no longer works in scripts.\u003c/strong\u003e The upgrade to \u003ccode\u003e@actions/github\u003c/code\u003e v9 (ESM-only) means \u003ccode\u003erequire('@actions/github')\u003c/code\u003e will fail at runtime. If you previously used patterns like \u003ccode\u003econst { getOctokit } = require('@actions/github')\u003c/code\u003e to create secondary clients, use the new injected \u003ccode\u003egetOctokit\u003c/code\u003e function instead — it's available directly in the script context with no imports needed.\u003c/li\u003e\n\u003cli\u003e\u003ccode\u003egetOctokit\u003c/code\u003e is now an injected function parameter. Scripts that declare \u003ccode\u003econst getOctokit = ...\u003c/code\u003e or \u003ccode\u003elet getOctokit = ...\u003c/code\u003e will get a \u003ccode\u003eSyntaxError\u003c/code\u003e because JavaScript does not allow \u003ccode\u003econst\u003c/code\u003e/\u003ccode\u003elet\u003c/code\u003e redeclaration of function parameters. Use the injected \u003ccode\u003egetOctokit\u003c/code\u003e directly, or use \u003ccode\u003evar getOctokit = ...\u003c/code\u003e if you need to redeclare it.\u003c/li\u003e\n\u003cli\u003eIf your script accesses other \u003ccode\u003e@actions/github\u003c/code\u003e internals beyond the standard \u003ccode\u003egithub\u003c/code\u003e/\u003ccode\u003eoctokit\u003c/code\u003e client, you may need to update those references for v9 compatibility.\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd ACTIONS_ORCHESTRATION_ID to user-agent string by \u003ca href=\"https://github.com/Copilot\"\u003e\u003ccode\u003e@​Copilot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/695\"\u003eactions/github-script#695\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: use deployment: false for integration test environments by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/712\"\u003eactions/github-script#712\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat!: add getOctokit to script context, upgrade \u003ccode\u003e@​actions/github\u003c/code\u003e v9, \u003ccode\u003e@​octokit/core\u003c/code\u003e v7, and related packages by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/700\"\u003eactions/github-script#700\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Copilot\"\u003e\u003ccode\u003e@​Copilot\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/github-script/pull/695\"\u003eactions/github-script#695\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/github-script/compare/v8.0.0...v9.0.0\"\u003ehttps://github.com/actions/github-script/compare/v8.0.0...v9.0.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/github-script/commit/3a2844b7e9c422d3c10d287c895573f7108da1b3\"\u003e\u003ccode\u003e3a2844b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/github-script/issues/700\"\u003e#700\u003c/a\u003e from actions/salmanmkc/expose-getoctokit + prepare re...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/github-script/commit/ca10bbdd1a7739de09e99a200c7a59f5d73a4079\"\u003e\u003ccode\u003eca10bbd\u003c/code\u003e\u003c/a\u003e fix: use \u003ccode\u003e@​octokit/core/\u003c/code\u003etypes import for v7 compatibility\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/github-script/commit/86e48e20ac85c970ed1f96e718fd068173948b7b\"\u003e\u003ccode\u003e86e48e2\u003c/code\u003e\u003c/a\u003e merge: incorporate main branch changes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/github-script/commit/c1084728b5b935ec4ddc1e4cee877b01797b3ff9\"\u003e\u003ccode\u003ec108472\u003c/code\u003e\u003c/a\u003e chore: rebuild dist for v9 upgrade and getOctokit factory\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/github-script/commit/afff112e4f8b57c718168af75b89ce00bc8d091d\"\u003e\u003ccode\u003eafff112\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/github-script/issues/712\"\u003e#712\u003c/a\u003e from actions/salmanmkc/deployment-false + fix user-ag...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/github-script/commit/ff8117e5b78c415f814f39ad6998f424fee7b817\"\u003e\u003ccode\u003eff8117e\u003c/code\u003e\u003c/a\u003e ci: fix user-agent test to handle orchestration ID\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/github-script/commit/81c6b7876079abe10ff715951c9fc7b3e1ab389d\"\u003e\u003ccode\u003e81c6b78\u003c/code\u003e\u003c/a\u003e ci: use deployment: false to suppress deployment noise from integration tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/github-script/commit/3953caf8858d318f37b6cc53a9f5708859b5a7b7\"\u003e\u003ccode\u003e3953caf\u003c/code\u003e\u003c/a\u003e docs: update README examples from \u003ca href=\"https://github.com/v8\"\u003e\u003ccode\u003e@​v8\u003c/code\u003e\u003c/a\u003e to \u003ca href=\"https://github.com/v9\"\u003e\u003ccode\u003e@​v9\u003c/code\u003e\u003c/a\u003e, add getOctokit docs and v9 brea...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/github-script/commit/c17d55b90dcdb3d554d0027a6c180a7adc2daf78\"\u003e\u003ccode\u003ec17d55b\u003c/code\u003e\u003c/a\u003e ci: add getOctokit integration test job\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/github-script/commit/a047196d9a02fe92098771cafbb98c2f1814e408\"\u003e\u003ccode\u003ea047196\u003c/code\u003e\u003c/a\u003e test: add getOctokit integration tests via callAsyncFunction\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/actions/github-script/compare/v8...v9\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `actions/create-github-app-token` from 3.1.1 to 3.2.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/create-github-app-token/releases\"\u003eactions/create-github-app-token's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.2.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/compare/v3.1.1...v3.2.0\"\u003e3.2.0\u003c/a\u003e (2026-05-12)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd support for enterprise-level GitHub Apps (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/263\"\u003e#263\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/952a2a7073df6bfa5f49bc469ec895b6ec1acea4\"\u003e952a2a7\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esupport full repository names in \u003ccode\u003erepositories\u003c/code\u003e input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/372\"\u003e#372\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/85eb8dd41472213aed25d1a126460e0069138ab6\"\u003e85eb8dd\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1 in the production-dependencies group (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/364\"\u003e#364\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/43e5c345bfd4d4f3ecea019ad0042001a09dd857\"\u003e43e5c34\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003evalidate private-key input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/376\"\u003e#376\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/f24bbd89643991c0de27ae823c01791b2c6bafdd\"\u003ef24bbd8\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/create-github-app-token/blob/main/CHANGELOG.md\"\u003eactions/create-github-app-token's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/compare/v3.1.1...v3.2.0\"\u003e3.2.0\u003c/a\u003e (2026-05-12)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd support for enterprise-level GitHub Apps (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/263\"\u003e#263\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/952a2a7073df6bfa5f49bc469ec895b6ec1acea4\"\u003e952a2a7\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esupport full repository names in \u003ccode\u003erepositories\u003c/code\u003e input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/372\"\u003e#372\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/85eb8dd41472213aed25d1a126460e0069138ab6\"\u003e85eb8dd\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1 in the production-dependencies group (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/364\"\u003e#364\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/43e5c345bfd4d4f3ecea019ad0042001a09dd857\"\u003e43e5c34\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003evalidate private-key input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/376\"\u003e#376\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/f24bbd89643991c0de27ae823c01791b2c6bafdd\"\u003ef24bbd8\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/bcd2ba49218906704ab6c1aa796996da409d3eb1\"\u003e\u003ccode\u003ebcd2ba4\u003c/code\u003e\u003c/a\u003e chore(main): release 3.2.0 (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/370\"\u003e#370\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/f24bbd89643991c0de27ae823c01791b2c6bafdd\"\u003e\u003ccode\u003ef24bbd8\u003c/code\u003e\u003c/a\u003e fix: validate private-key input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/376\"\u003e#376\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/363531b6d972a60a00b3f1e6bb139e5e6c764cd9\"\u003e\u003ccode\u003e363531b\u003c/code\u003e\u003c/a\u003e docs: capitalize Git as a proper noun in README (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/374\"\u003e#374\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/fd2801133e469d2950f2c5af5e591d6b2ad833c8\"\u003e\u003ccode\u003efd28011\u003c/code\u003e\u003c/a\u003e docs: update procedure to configure Git (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/287\"\u003e#287\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/85eb8dd41472213aed25d1a126460e0069138ab6\"\u003e\u003ccode\u003e85eb8dd\u003c/code\u003e\u003c/a\u003e feat: support full repository names in \u003ccode\u003erepositories\u003c/code\u003e input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/372\"\u003e#372\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/c9aabb83728c3bd519212fa657ebc07e1f2a5dec\"\u003e\u003ccode\u003ec9aabb8\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump yaml from 2.8.3 to 2.8.4 in the development-dependencie...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/e02e816e5591415258a53bf735aff57977dcd5e2\"\u003e\u003ccode\u003ee02e816\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump undici from 7.24.6 to 8.2.0 (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/366\"\u003e#366\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/8d835bfd37aa48fcb8e709925115857568d98bc4\"\u003e\u003ccode\u003e8d835bf\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump esbuild from 0.27.4 to 0.28.0 in the development-depend...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/952a2a7073df6bfa5f49bc469ec895b6ec1acea4\"\u003e\u003ccode\u003e952a2a7\u003c/code\u003e\u003c/a\u003e feat: add support for enterprise-level GitHub Apps (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/263\"\u003e#263\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/43e5c345bfd4d4f3ecea019ad0042001a09dd857\"\u003e\u003ccode\u003e43e5c34\u003c/code\u003e\u003c/a\u003e fix(deps): bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1 in the production-dependenc...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/actions/create-github-app-token/compare/1b10c78c7865c340bc4f6099eb2f838309f1e8c3...bcd2ba49218906704ab6c1aa796996da409d3eb1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github/codeql-action` from 4.35.2 to 4.36.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/github/codeql-action/releases\"\u003egithub/codeql-action's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.36.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cem\u003eBreaking change\u003c/em\u003e: Bump the minimum required CodeQL bundle version to 2.19.4. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3894\"\u003e#3894\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd support for SHA-256 Git object IDs. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3893\"\u003e#3893\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.5\"\u003e2.25.5\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3926\"\u003e#3926\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.35.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eWe have improved how the JavaScript bundles for the CodeQL Action are generated to avoid duplication across bundles and reduce the size of the repository by around 70%. This should have no effect on the runtime behaviour of the CodeQL Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3899\"\u003e#3899\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFor performance and accuracy reasons, \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e will now only be enabled on a pull request when diff-informed analysis is also enabled for that run. If diff-informed analysis is unavailable (for example, because the PR diff ranges could not be computed), the action will fall back to a full analysis. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3791\"\u003e#3791\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIf multiple inputs are provided for the GitHub-internal \u003ccode\u003eanalysis-kinds\u003c/code\u003e input, only \u003ccode\u003ecode-scanning\u003c/code\u003e will be enabled. The \u003ccode\u003eanalysis-kinds\u003c/code\u003e input is experimental, for GitHub-internal use only, and may change without notice at any time. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3892\"\u003e#3892\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded an experimental change which, when running a Code Scanning analysis for a PR with \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e enabled, prefers CodeQL CLI versions that have a cached overlay-base database for the configured languages. This speeds up analysis for a repository when there is not yet a cached overlay-base database for the latest CLI version. We expect to roll this change out to everyone in May. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3880\"\u003e#3880\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.35.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.4\"\u003e2.25.4\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3881\"\u003e#3881\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.35.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cem\u003eUpcoming breaking change\u003c/em\u003e: Add a deprecation warning for customers using CodeQL version 2.19.3 and earlier. These versions of CodeQL were discontinued on 9 April 2026 alongside GitHub Enterprise Server 3.15, and will be unsupported by the next minor release of the CodeQL Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3837\"\u003e#3837\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eConfigurations for private registries that use Cloudsmith or GCP OIDC are now accepted. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3850\"\u003e#3850\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBest-effort connection tests for private registries now use \u003ccode\u003eGET\u003c/code\u003e requests instead of \u003ccode\u003eHEAD\u003c/code\u003e for better compatibility with various registry implementations. For NuGet feeds, the test is now always performed against the service index. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3853\"\u003e#3853\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed a bug where two diagnostics produced within the same millisecond could overwrite each other on disk, causing one of them to be lost. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3852\"\u003e#3852\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.3\"\u003e2.25.3\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3865\"\u003e#3865\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/github/codeql-action/blob/main/CHANGELOG.md\"\u003egithub/codeql-action's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eCodeQL Action Changelog\u003c/h1\u003e\n\u003cp\u003eSee the \u003ca href=\"https://github.com/github/codeql-action/releases\"\u003ereleases page\u003c/a\u003e for the relevant changes to the CodeQL CLI and language packs.\u003c/p\u003e\n\u003ch2\u003e[UNRELEASED]\u003c/h2\u003e\n\u003cp\u003eNo user facing changes.\u003c/p\u003e\n\u003ch2\u003e4.36.0 - 22 May 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cem\u003eBreaking change\u003c/em\u003e: Bump the minimum required CodeQL bundle version to 2.19.4. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3894\"\u003e#3894\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd support for SHA-256 Git object IDs. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3893\"\u003e#3893\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.5\"\u003e2.25.5\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3926\"\u003e#3926\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.5 - 15 May 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eWe have improved how the JavaScript bundles for the CodeQL Action are generated to avoid duplication across bundles and reduce the size of the repository by around 70%. This should have no effect on the runtime behaviour of the CodeQL Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3899\"\u003e#3899\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFor performance and accuracy reasons, \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e will now only be enabled on a pull request when diff-informed analysis is also enabled for that run. If diff-informed analysis is unavailable (for example, because the PR diff ranges could not be computed), the action will fall back to a full analysis. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3791\"\u003e#3791\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIf multiple inputs are provided for the GitHub-internal \u003ccode\u003eanalysis-kinds\u003c/code\u003e input, only \u003ccode\u003ecode-scanning\u003c/code\u003e will be enabled. The \u003ccode\u003eanalysis-kinds\u003c/code\u003e input is experimental, for GitHub-internal use only, and may change without notice at any time. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3892\"\u003e#3892\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded an experimental change which, when running a Code Scanning analysis for a PR with \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e enabled, prefers CodeQL CLI versions that have a cached overlay-base database for the configured languages. This speeds up analysis for a repository when there is not yet a cached overlay-base database for the latest CLI version. We expect to roll this change out to everyone in May. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3880\"\u003e#3880\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.4 - 07 May 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.4\"\u003e2.25.4\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3881\"\u003e#3881\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.3 - 01 May 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cem\u003eUpcoming breaking change\u003c/em\u003e: Add a deprecation warning for customers using CodeQL version 2.19.3 and earlier. These versions of CodeQL were discontinued on 9 April 2026 alongside GitHub Enterprise Server 3.15, and will be unsupported by the next minor release of the CodeQL Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3837\"\u003e#3837\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eConfigurations for private registries that use Cloudsmith or GCP OIDC are now accepted. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3850\"\u003e#3850\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBest-effort connection tests for private registries now use \u003ccode\u003eGET\u003c/code\u003e requests instead of \u003ccode\u003eHEAD\u003c/code\u003e for better compatibility with various registry implementations. For NuGet feeds, the test is now always performed against the service index. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3853\"\u003e#3853\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed a bug where two diagnostics produced within the same millisecond could overwrite each other on disk, causing one of them to be lost. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3852\"\u003e#3852\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.3\"\u003e2.25.3\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3865\"\u003e#3865\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.2 - 15 Apr 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eThe undocumented TRAP cache cleanup feature that could be enabled using the \u003ccode\u003eCODEQL_ACTION_CLEANUP_TRAP_CACHES\u003c/code\u003e environment variable is deprecated and will be removed in May 2026. If you are affected by this, we recommend disabling TRAP caching by passing the \u003ccode\u003etrap-caching: false\u003c/code\u003e input to the \u003ccode\u003einit\u003c/code\u003e Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3795\"\u003e#3795\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe Git version 2.36.0 requirement for improved incremental analysis now only applies to repositories that contain submodules. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3789\"\u003e#3789\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePython analysis on GHES no longer extracts the standard library, relying instead on models of the standard library. This should result in significantly faster extraction and analysis times, while the effect on alerts should be minimal. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3794\"\u003e#3794\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed a bug in the validation of OIDC configurations for private registries that was added in CodeQL Action 4.33.0 / 3.33.0. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3807\"\u003e#3807\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.2\"\u003e2.25.2\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3823\"\u003e#3823\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.1 - 27 Mar 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix incorrect minimum required Git version for \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e: it should have been 2.36.0, not 2.11.0. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3781\"\u003e#3781\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.0 - 27 Mar 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReduced the minimum Git version required for \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e from 2.38.0 to 2.11.0. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3767\"\u003e#3767\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.1\"\u003e2.25.1\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3773\"\u003e#3773\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/7211b7c8077ea37d8641b6271f6a365a22a5fbfa\"\u003e\u003ccode\u003e7211b7c\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3927\"\u003e#3927\u003c/a\u003e from github/update-v4.36.0-ebc2d9e2b\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/7740f2fb21add1d46278215acea47540db22f022\"\u003e\u003ccode\u003e7740f2f\u003c/code\u003e\u003c/a\u003e Update changelog for v4.36.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/ebc2d9e2bc247eec51bee8d4df806c4030eb0761\"\u003e\u003ccode\u003eebc2d9e\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3926\"\u003e#3926\u003c/a\u003e from github/update-bundle/codeql-bundle-v2.25.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/d1f74b777c95c777bf4f42ce4b250bc916e745c7\"\u003e\u003ccode\u003ed1f74b7\u003c/code\u003e\u003c/a\u003e Add changelog note\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/2dc40cec39bdc63d3561d74fa6100cebb0418ff4\"\u003e\u003ccode\u003e2dc40ce\u003c/code\u003e\u003c/a\u003e Update default bundle to codeql-bundle-v2.25.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/84498526a009a99c875e83ef4821a8ba52de7c22\"\u003e\u003ccode\u003e8449852\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3910\"\u003e#3910\u003c/a\u003e from github/henrymercer/repo-size-diff-check\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/72ac23c6d16b29fbe801e87e3439941558c53094\"\u003e\u003ccode\u003e72ac23c\u003c/code\u003e\u003c/a\u003e Update excluded required check list\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/c5297a28a2c3e6a8062041b58858bd7117cebe37\"\u003e\u003ccode\u003ec5297a2\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3919\"\u003e#3919\u003c/a\u003e from github/henrymercer/workflow-concurrency\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/8ffeae7d05bc1b914a009d197e64e4f5c9e14503\"\u003e\u003ccode\u003e8ffeae7\u003c/code\u003e\u003c/a\u003e CI: Automatically cancel non-generated workflows\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/f3f52bf568dc44a1069faafa538caa6b1fec40c9\"\u003e\u003ccode\u003ef3f52bf\u003c/code\u003e\u003c/a\u003e Revert \u003ccode\u003egetErrorMessage\u003c/code\u003e import\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/github/codeql-action/compare/95e58e9a2cdfd71adc6e0353d5c52f41a045d225...7211b7c8077ea37d8641b6271f6a365a22a5fbfa\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `slackapi/slack-github-action` from 3.0.2 to 3.0.3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/slackapi/slack-github-action/releases\"\u003eslackapi/slack-github-action's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eSlack GitHub Action v3.0.3\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e66834e4: feat: add instrumentation to address error rates\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/slackapi/slack-github-action/blob/main/CHANGELOG.md\"\u003eslackapi/slack-github-action's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eslack-github-action\u003c/h1\u003e\n\u003ch2\u003e3.0.3\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e66834e4: feat: add instrumentation to address error rates\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e3.0.2\u003c/h2\u003e\n\u003ch3\u003ePatch Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e79529d7: fix: resolve url.parse deprecation warning for webhook techniques\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/slackapi/slack-github-action/commit/45a88b9581bfab2566dc881e2cd66d334e621e2c\"\u003e\u003ccode\u003e45a88b9\u003c/code\u003e\u003c/a\u003e chore: release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/slackapi/slack-github-action/commit/1c0bcf08feaa559a9bcfcc249184e13b136ffa55\"\u003e\u003ccode\u003e1c0bcf0\u003c/code\u003e\u003c/a\u003e chore: release (\u003ca href=\"https://redirect.github.com/slackapi/slack-github-action/issues/606\"\u003e#606\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/slackapi/slack-github-action/commit/66834e4b0cad4cbf09ca680587ad8af71d615d4b\"\u003e\u003ccode\u003e66834e4\u003c/code\u003e\u003c/a\u003e feat: add instrumentation to address error rates (\u003ca href=\"https://redirect.github.com/slackapi/slack-github-action/issues/600\"\u003e#600\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/slackapi/slack-github-action/commit/0fe0f902b9f8da107ca0e1314a388c0f57e20d48\"\u003e\u003ccode\u003e0fe0f90\u003c/code\u003e\u003c/a\u003e build(deps): bump \u003ccode\u003e@​actions/github\u003c/code\u003e from 9.0.0 to 9.1.1 (\u003ca href=\"https://redirect.github.com/slackapi/slack-github-action/issues/605\"\u003e#605\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/slackapi/slack-github-action/commit/c5e70597945c255539c5218d4178ed3c7d8188be\"\u003e\u003ccode\u003ec5e7059\u003c/code\u003e\u003c/a\u003e build(deps): bump \u003ccode\u003e@​slack/web-api\u003c/code\u003e from 7.15.0 to 7.15.1 (\u003ca href=\"https://redirect.github.com/slackapi/slack-github-action/issues/604\"\u003e#604\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/slackapi/slack-github-action/commit/0325526875571a27abcfd2b302453a90871abbff\"\u003e\u003ccode\u003e0325526\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump \u003ccode\u003e@​biomejs/biome\u003c/code\u003e from 2.4.10 to 2.4.13 (\u003ca href=\"https://redirect.github.com/slackapi/slack-github-action/issues/601\"\u003e#601\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/slackapi/slack-github-action/commit/900cd3e6fa9d6eacd8a5512ecff230d08e65aec7\"\u003e\u003ccode\u003e900cd3e\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump \u003ccode\u003e@​types/node\u003c/code\u003e from 24.12.0 to 24.12.2 (\u003ca href=\"https://redirect.github.com/slackapi/slack-github-action/issues/603\"\u003e#603\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/slackapi/slack-github-action/commit/53fdcffeb6e4d34cbdf3276f7beadb0ecc7c9fcd\"\u003e\u003ccode\u003e53fdcff\u003c/code\u003e\u003c/a\u003e build(deps): bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1 (\u003ca href=\"https://redirect.github.com/slackapi/slack-github-action/issues/602\"\u003e#602\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/slackapi/slack-github-action/commit/26856cc7fb2c1c2951483645f5fdc3643dbe96eb\"\u003e\u003ccode\u003e26856cc\u003c/code\u003e\u003c/a\u003e build(deps): bump slackapi/slack-github-action from 3.0.1 to 3.0.2 (\u003ca href=\"https://redirect.github.com/slackapi/slack-github-action/issues/596\"\u003e#596\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/slackapi/slack-github-action/commit/feba1e29702383a5a3cd5136af0559ba10859b04\"\u003e\u003ccode\u003efeba1e2\u003c/code\u003e\u003c/a\u003e ci: skip publish step if no release is needed (\u003ca href=\"https://redirect.github.com/slackapi/slack-github-action/issues/599\"\u003e#599\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/slackapi/slack-github-action/compare/03ea5433c137af7c0495bc0cad1af10403fc800c...45a88b9581bfab2566dc881e2cd66d334e621e2c\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `release-drafter/release-drafter` from 7.2.0 to 7.3.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/release-drafter/release-drafter/releases\"\u003erelease-drafter/release-drafter's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.3.1\u003c/h2\u003e\n\u003ch1\u003eWhat's Changed\u003c/h1\u003e\n\u003ch2\u003eBug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: output name and tag_name in dry-run mode (\u003ca href=\"https://redirect.github.com/release-drafter/release-drafter/issues/1625\"\u003e#1625\u003c/a\u003e) \u003ca href=\"https://github.com/cchanche\"\u003e\u003ccode\u003e@​cchanche\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eMaintenance\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003echore(deps): update graphql-codegen to 7.0.0 (\u003ca href=\"https://redirect.github.com/release-drafter/release-drafter/issues/1619\"\u003e#1619\u003c/a\u003e) @\u003ca href=\"https://github.com/apps/renovate\"\u003erenovate[bot]\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): update dependency nock to 14.0.15 (\u003ca href=\"https://redirect.github.com/release-drafter/release-drafter/issues/1609\"\u003e#1609\u003c/a\u003e) @\u003ca href=\"https://github.com/apps/renovate\"\u003erenovate[bot]\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): update graphql-codegen (\u003ca href=\"https://redirect.github.com/release-drafter/release-drafter/issues/1615\"\u003e#1615\u003c/a\u003e) @\u003ca href=\"https://github.com/apps/renovate\"\u003erenovate[bot]\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): update dependency typescript to 6.0.3 (\u003ca href=\"https://redirect.github.com/release-drafter/release-drafter/issues/1610\"\u003e#1610\u003c/a\u003e) @\u003ca href=\"https://github.com/apps/renovate\"\u003erenovate[bot]\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci(deps): update actions/download-artifact action to v8.0.1 (\u003ca href=\"https://redirect.github.com/release-drafter/release-drafter/issues/1620\"\u003e#1620\u003c/a\u003e) @\u003ca href=\"https://github.com/apps/renovate\"\u003erenovate[bot]\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): update dependency \u003ccode\u003e@​types/node\u003c/code\u003e to 24.12.3 (\u003ca href=\"https://redirect.github.com/release-drafter/release-drafter/issues/1608\"\u003e#1608\u003c/a\u003e) @\u003ca href=\"https://github.com/apps/renovate\"\u003erenovate[bot]\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): update vitest to 4.1.5 (\u003ca href=\"https://redirect.github.com/release-drafter/release-drafter/issues/1612\"\u003e#1612\u003c/a\u003e) @\u003ca href=\"https://github.com/apps/renovate\"\u003erenovate[bot]\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): update dependency \u003ccode\u003e@​biomejs/biome\u003c/code\u003e to 2.4.15 (\u003ca href=\"https://redirect.github.com/release-drafter/release-drafter/issues/1607\"\u003e#1607\u003c/a\u003e) @\u003ca href=\"https://github.com/apps/renovate\"\u003erenovate[bot]\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): update dependency vite to 8.0.11 (\u003ca href=\"https://redirect.github.com/release-drafter/release-drafter/issues/1611\"\u003e#1611\u003c/a\u003e) @\u003ca href=\"https://github.com/apps/renovate\"\u003erenovate[bot]\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci(deps): pin dependencies (\u003ca href=\"https://redirect.github.com/release-drafter/release-drafter/issues/1606\"\u003e#1606\u003c/a\u003e) @\u003ca href=\"https://github.com/apps/renovate\"\u003erenovate[bot]\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDependency Updates\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cul\u003e\n\u003cli\u003echore(deps): update node.js to v24.15.0 (\u003ca href=\"https://redirect.github.com/release-drafter/release-drafter/issues/1616\"\u003e#1616\u003c/a\u003e) @\u003ca href=\"https://github.com/apps/renovate\"\u003erenovate[bot]\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): update vite to v8.0.13 and vitest to v4.1.6 (\u003ca href=\"https://redirect.github.com/release-drafter/release-drafter/issues/1624\"\u003e#1624\u003c/a\u003e) \u003ca href=\"https://github.com/cchanche\"\u003e\u003ccode\u003e@​cchanche\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(deps): update dependency semver to 7.8.0 (\u003ca href=\"https://redirect.github.com/release-drafter/release-drafter/issues/1622\"\u003e#1622\u003c/a\u003e) @\u003ca href=\"https://github.com/apps/renovate\"\u003erenovate[bot]\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): update npm tool constraint to 11.14.1 (\u003ca href=\"https://redirect.github.com/release-drafter/release-drafter/issues/1617\"\u003e#1617\u003c/a\u003e) @\u003ca href=\"https://github.com/apps/renovate\"\u003erenovate[bot]\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(deps): update dependency zod to 4.4.3 (\u003ca href=\"https://redirect.github.com/release-drafter/release-drafter/issues/1618\"\u003e#1618\u003c/a\u003e) @\u003ca href=\"https://github.com/apps/renovate\"\u003erenovate[bot]\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(deps): update actions (\u003ca href=\"https://redirect.github.com/release-drafter/release-drafter/issues/1613\"\u003e#1613\u003c/a\u003e) @\u003ca href=\"https://github.com/apps/renovate\"\u003erenovate[bot]\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): update dependency \u003ccode\u003e@​biomejs/biome\u003c/code\u003e to 2.4.15 (\u003ca href=\"https://redirect.github.com/release-drafter/release-drafter/issues/1607\"\u003e#1607\u003c/a\u003e) @\u003ca href=\"https://github.com/apps/renovate\"\u003erenovate[bot]\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix(deps): update dependency yaml to 2.8.4 (\u003ca href=\"https://redirect.github.com/release-drafter/release-drafter/issues/1614\"\u003e#1614\u003c/a\u003e) @\u003ca href=\"https://github.com/apps/renovate\"\u003erenovate[bot]\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/release-drafter/release-drafter/compare/v7.3.0...v7.3.1\"\u003ehttps://github.com/release-drafter/release-drafter/compare/v7.3.0...v7.3.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev7.3.0\u003c/h2\u003e\n\u003ch1\u003eWhat's Changed\u003c/h1\u003e\n\u003ch2\u003eNew\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat: recover recently merged PRs missed by associated PRs lag (\u003ca href=\"https://redirect.github.com/release-drafter/release-drafter/issues/1604\"\u003e#1604\u003c/a\u003e) \u003ca href=\"https://github.com/jetersen\"\u003e\u003ccode\u003e@​jetersen\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: switch release discovery to ref comparison and explicit missing-baseline warnings (\u003ca href=\"https://redirect.github.com/release-drafter/release-drafter/issues/1570\"\u003e#1570\u003c/a\u003e) \u003ca href=\"https://github.com/jetersen\"\u003e\u003ccode\u003e@​jetersen\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eBug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: restore prerelease-identifier on first run when no prior releases exist (\u003ca href=\"https://redirect.github.com/release-drafter/release-drafter/issues/1602\"\u003e#1602\u003c/a\u003e) \u003ca href=\"https://github.com/jrbeilke\"\u003e\u003ccode\u003e@​jrbeilke\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: prevent using commitish like refs/pull (\u003ca href=\"https://redirect.github.com/release-drafter/release-drafter/issues/1598\"\u003e#1598\u003c/a\u003e) \u003ca href=\"https://github.com/cchanche\"\u003e\u003ccode\u003e@​cchanche\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/release-drafter/release-drafter/commit/693d20e7c1ce1a81d3a41962f85914253b518449\"\u003e\u003ccode\u003e693d20e\u003c/code\u003e\u003c/a\u003e chore: release v7.3.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/release-drafter/release-drafter/commit/8339e41baa2bbe599e9144446202a730b0b512dc\"\u003e\u003ccode\u003e8339e41\u003c/code\u003e\u003c/a\u003e docs: update contributing docs for release process\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/release-drafter/release-drafter/commit/62d8da40388ce452db900d9dd413236c55d8527b\"\u003e\u003ccode\u003e62d8da4\u003c/code\u003e\u003c/a\u003e fix: output name and tag_name in dry-run mode (\u003ca href=\"https://redirect.github.com/release-drafter/release-drafter/issues/1625\"\u003e#1625\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/release-drafter/release-drafter/commit/2c6d3958ca8ff5559d1816902d569397e6e7cd40\"\u003e\u003ccode\u003e2c6d395\u003c/code\u003e\u003c/a\u003e chore(deps): update node.js to v24.15.0 (\u003ca href=\"https://redirect.github.com/release-drafter/release-drafter/issues/1616\"\u003e#1616\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/release-drafter/release-drafter/commit/3b62240da12f1ebb0e312c0e333efb7c975c9f83\"\u003e\u003ccode\u003e3b62240\u003c/code\u003e\u003c/a\u003e chore(deps): update vite to v8.0.13 and vitest to v4.1.6 (\u003ca href=\"https://redirect.github.com/release-drafter/release-drafter/issues/1624\"\u003e#1624\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/release-drafter/release-drafter/commit/446e1517c52f0f2658eccfb62fe528f3c863e2ce\"\u003e\u003ccode\u003e446e151\u003c/code\u003e\u003c/a\u003e fix(deps): adapt to graphql-codegen 7 type changes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/release-drafter/release-drafter/commit/4cd06dcb5f73b1a2c718f7902ca013a7b3ebffc1\"\u003e\u003ccode\u003e4cd06dc\u003c/code\u003e\u003c/a\u003e chore(deps): update graphql-codegen to 7.0.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/release-drafter/release-drafter/commit/80457684ebeb5980a2523289611de1d198148dc0\"\u003e\u003ccode\u003e8045768\u003c/code\u003e\u003c/a\u003e fix(deps): update dependency semver to 7.8.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/release-drafter/release-drafter/commit/1cf836b3aa269940ddd548267ab0a35726568d79\"\u003e\u003ccode\u003e1cf836b\u003c/code\u003e\u003c/a\u003e ci(release): use local action for publish step\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/release-drafter/release-drafter/commit/485c120935331ce9b7d39543ad7441a80d6c7194\"\u003e\u003ccode\u003e485c120\u003c/code\u003e\u003c/a\u003e chore(deps): update npm tool constraint to 11.14.1\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/release-drafter/release-drafter/compare/5de93583980a40bd78603b6dfdcda5b4df377b32...693d20e7c1ce1a81d3a41962f85914253b518449\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\n\n\n\u003c/details\u003e","html_url":"https://github.com/liquibase/liquibase/pull/7762","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/liquibase%2Fliquibase/issues/7762","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/7762/packages"}},{"old_version":"3.1.1","new_version":"3.2.0","update_type":"minor","path":null,"pr_created_at":"2026-05-25T09:58:43.000Z","version_change":"3.1.1 → 3.2.0","issue":{"uuid":"4516020693","node_id":"PR_kwDODvD-Ss7e_lrs","number":3083,"state":"closed","title":"Bump actions/create-github-app-token from 3.1.1 to 3.2.0","user":"dependabot[bot]","labels":["dependencies","github-actions"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-05-27T11:58:40.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-25T09:58:43.000Z","updated_at":"2026-05-27T11:58:43.000Z","time_to_close":179997,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"actions/create-github-app-token","old_version":"3.1.1","new_version":"3.2.0","repository_url":"https://github.com/actions/create-github-app-token"}],"path":null,"ecosystem":"actions"},"body":"Bumps [actions/create-github-app-token](https://github.com/actions/create-github-app-token) from 3.1.1 to 3.2.0.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/create-github-app-token/releases\"\u003eactions/create-github-app-token's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.2.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/compare/v3.1.1...v3.2.0\"\u003e3.2.0\u003c/a\u003e (2026-05-12)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd support for enterprise-level GitHub Apps (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/263\"\u003e#263\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/952a2a7073df6bfa5f49bc469ec895b6ec1acea4\"\u003e952a2a7\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esupport full repository names in \u003ccode\u003erepositories\u003c/code\u003e input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/372\"\u003e#372\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/85eb8dd41472213aed25d1a126460e0069138ab6\"\u003e85eb8dd\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1 in the production-dependencies group (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/364\"\u003e#364\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/43e5c345bfd4d4f3ecea019ad0042001a09dd857\"\u003e43e5c34\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003evalidate private-key input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/376\"\u003e#376\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/f24bbd89643991c0de27ae823c01791b2c6bafdd\"\u003ef24bbd8\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/create-github-app-token/blob/main/CHANGELOG.md\"\u003eactions/create-github-app-token's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/compare/v3.1.1...v3.2.0\"\u003e3.2.0\u003c/a\u003e (2026-05-12)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd support for enterprise-level GitHub Apps (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/263\"\u003e#263\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/952a2a7073df6bfa5f49bc469ec895b6ec1acea4\"\u003e952a2a7\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esupport full repository names in \u003ccode\u003erepositories\u003c/code\u003e input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/372\"\u003e#372\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/85eb8dd41472213aed25d1a126460e0069138ab6\"\u003e85eb8dd\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1 in the production-dependencies group (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/364\"\u003e#364\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/43e5c345bfd4d4f3ecea019ad0042001a09dd857\"\u003e43e5c34\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003evalidate private-key input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/376\"\u003e#376\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/f24bbd89643991c0de27ae823c01791b2c6bafdd\"\u003ef24bbd8\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/bcd2ba49218906704ab6c1aa796996da409d3eb1\"\u003e\u003ccode\u003ebcd2ba4\u003c/code\u003e\u003c/a\u003e chore(main): release 3.2.0 (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/370\"\u003e#370\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/f24bbd89643991c0de27ae823c01791b2c6bafdd\"\u003e\u003ccode\u003ef24bbd8\u003c/code\u003e\u003c/a\u003e fix: validate private-key input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/376\"\u003e#376\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/363531b6d972a60a00b3f1e6bb139e5e6c764cd9\"\u003e\u003ccode\u003e363531b\u003c/code\u003e\u003c/a\u003e docs: capitalize Git as a proper noun in README (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/374\"\u003e#374\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/fd2801133e469d2950f2c5af5e591d6b2ad833c8\"\u003e\u003ccode\u003efd28011\u003c/code\u003e\u003c/a\u003e docs: update procedure to configure Git (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/287\"\u003e#287\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/85eb8dd41472213aed25d1a126460e0069138ab6\"\u003e\u003ccode\u003e85eb8dd\u003c/code\u003e\u003c/a\u003e feat: support full repository names in \u003ccode\u003erepositories\u003c/code\u003e input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/372\"\u003e#372\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/c9aabb83728c3bd519212fa657ebc07e1f2a5dec\"\u003e\u003ccode\u003ec9aabb8\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump yaml from 2.8.3 to 2.8.4 in the development-dependencie...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/e02e816e5591415258a53bf735aff57977dcd5e2\"\u003e\u003ccode\u003ee02e816\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump undici from 7.24.6 to 8.2.0 (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/366\"\u003e#366\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/8d835bfd37aa48fcb8e709925115857568d98bc4\"\u003e\u003ccode\u003e8d835bf\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump esbuild from 0.27.4 to 0.28.0 in the development-depend...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/952a2a7073df6bfa5f49bc469ec895b6ec1acea4\"\u003e\u003ccode\u003e952a2a7\u003c/code\u003e\u003c/a\u003e feat: add support for enterprise-level GitHub Apps (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/263\"\u003e#263\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/43e5c345bfd4d4f3ecea019ad0042001a09dd857\"\u003e\u003ccode\u003e43e5c34\u003c/code\u003e\u003c/a\u003e fix(deps): bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1 in the production-dependenc...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/actions/create-github-app-token/compare/v3.1.1...v3.2.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/create-github-app-token\u0026package-manager=github_actions\u0026previous-version=3.1.1\u0026new-version=3.2.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/opensafely-core/opencodelists/pull/3083","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/opensafely-core%2Fopencodelists/issues/3083","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/3083/packages"}},{"old_version":"3.1.1","new_version":"3.2.0","update_type":"minor","path":"the minor-and-patch group","pr_created_at":"2026-05-25T06:05:59.000Z","version_change":"3.1.1 → 3.2.0","issue":{"uuid":"4514673162","node_id":"PR_kwDOPwkOmM7e7MvK","number":137,"state":"open","title":"chore(deps): bump actions/create-github-app-token from 3.1.1 to 3.2.0 in the minor-and-patch group","user":"dependabot[bot]","labels":["dependencies","github_actions"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-25T06:05:59.000Z","updated_at":"2026-05-25T06:06:57.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps)","packages":[{"name":"actions/create-github-app-token","old_version":"3.1.1","new_version":"3.2.0","repository_url":"https://github.com/actions/create-github-app-token"}],"path":"the minor-and-patch group","ecosystem":"actions"},"body":"Bumps the minor-and-patch group with 1 update: [actions/create-github-app-token](https://github.com/actions/create-github-app-token).\n\nUpdates `actions/create-github-app-token` from 3.1.1 to 3.2.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/create-github-app-token/releases\"\u003eactions/create-github-app-token's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.2.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/compare/v3.1.1...v3.2.0\"\u003e3.2.0\u003c/a\u003e (2026-05-12)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd support for enterprise-level GitHub Apps (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/263\"\u003e#263\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/952a2a7073df6bfa5f49bc469ec895b6ec1acea4\"\u003e952a2a7\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esupport full repository names in \u003ccode\u003erepositories\u003c/code\u003e input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/372\"\u003e#372\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/85eb8dd41472213aed25d1a126460e0069138ab6\"\u003e85eb8dd\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1 in the production-dependencies group (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/364\"\u003e#364\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/43e5c345bfd4d4f3ecea019ad0042001a09dd857\"\u003e43e5c34\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003evalidate private-key input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/376\"\u003e#376\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/f24bbd89643991c0de27ae823c01791b2c6bafdd\"\u003ef24bbd8\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/create-github-app-token/blob/main/CHANGELOG.md\"\u003eactions/create-github-app-token's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/compare/v3.1.1...v3.2.0\"\u003e3.2.0\u003c/a\u003e (2026-05-12)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd support for enterprise-level GitHub Apps (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/263\"\u003e#263\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/952a2a7073df6bfa5f49bc469ec895b6ec1acea4\"\u003e952a2a7\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esupport full repository names in \u003ccode\u003erepositories\u003c/code\u003e input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/372\"\u003e#372\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/85eb8dd41472213aed25d1a126460e0069138ab6\"\u003e85eb8dd\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1 in the production-dependencies group (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/364\"\u003e#364\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/43e5c345bfd4d4f3ecea019ad0042001a09dd857\"\u003e43e5c34\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003evalidate private-key input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/376\"\u003e#376\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/f24bbd89643991c0de27ae823c01791b2c6bafdd\"\u003ef24bbd8\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/bcd2ba49218906704ab6c1aa796996da409d3eb1\"\u003e\u003ccode\u003ebcd2ba4\u003c/code\u003e\u003c/a\u003e chore(main): release 3.2.0 (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/370\"\u003e#370\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/f24bbd89643991c0de27ae823c01791b2c6bafdd\"\u003e\u003ccode\u003ef24bbd8\u003c/code\u003e\u003c/a\u003e fix: validate private-key input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/376\"\u003e#376\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/363531b6d972a60a00b3f1e6bb139e5e6c764cd9\"\u003e\u003ccode\u003e363531b\u003c/code\u003e\u003c/a\u003e docs: capitalize Git as a proper noun in README (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/374\"\u003e#374\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/fd2801133e469d2950f2c5af5e591d6b2ad833c8\"\u003e\u003ccode\u003efd28011\u003c/code\u003e\u003c/a\u003e docs: update procedure to configure Git (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/287\"\u003e#287\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/85eb8dd41472213aed25d1a126460e0069138ab6\"\u003e\u003ccode\u003e85eb8dd\u003c/code\u003e\u003c/a\u003e feat: support full repository names in \u003ccode\u003erepositories\u003c/code\u003e input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/372\"\u003e#372\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/c9aabb83728c3bd519212fa657ebc07e1f2a5dec\"\u003e\u003ccode\u003ec9aabb8\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump yaml from 2.8.3 to 2.8.4 in the development-dependencie...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/e02e816e5591415258a53bf735aff57977dcd5e2\"\u003e\u003ccode\u003ee02e816\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump undici from 7.24.6 to 8.2.0 (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/366\"\u003e#366\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/8d835bfd37aa48fcb8e709925115857568d98bc4\"\u003e\u003ccode\u003e8d835bf\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump esbuild from 0.27.4 to 0.28.0 in the development-depend...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/952a2a7073df6bfa5f49bc469ec895b6ec1acea4\"\u003e\u003ccode\u003e952a2a7\u003c/code\u003e\u003c/a\u003e feat: add support for enterprise-level GitHub Apps (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/263\"\u003e#263\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/43e5c345bfd4d4f3ecea019ad0042001a09dd857\"\u003e\u003ccode\u003e43e5c34\u003c/code\u003e\u003c/a\u003e fix(deps): bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1 in the production-dependenc...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/actions/create-github-app-token/compare/1b10c78c7865c340bc4f6099eb2f838309f1e8c3...bcd2ba49218906704ab6c1aa796996da409d3eb1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/create-github-app-token\u0026package-manager=github_actions\u0026previous-version=3.1.1\u0026new-version=3.2.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\n\n\n\u003c/details\u003e","html_url":"https://github.com/developmentseed/contributor-network/pull/137","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/developmentseed%2Fcontributor-network/issues/137","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/137/packages"}},{"old_version":"3.1.1","new_version":"3.2.0","update_type":"minor","path":null,"pr_created_at":"2026-05-25T02:06:25.000Z","version_change":"3.1.1 → 3.2.0","issue":{"uuid":"4513774718","node_id":"PR_kwDOR4vyfc7e4WqL","number":21,"state":"open","title":"ci: bump the github-actions group across 1 directory with 7 updates","user":"dependabot[bot]","labels":["dependencies","github_actions"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-25T02:06:25.000Z","updated_at":"2026-05-25T02:09:31.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"ci: bump","group_name":"github-actions","update_count":7,"packages":[{"name":"github/codeql-action","old_version":"4.35.1","new_version":"4.36.0","repository_url":"https://github.com/github/codeql-action"},{"name":"golangci/golangci-lint-action","old_version":"9.2.0","new_version":"9.2.1","repository_url":"https://github.com/golangci/golangci-lint-action"},{"name":"actions/dependency-review-action","old_version":"4.9.0","new_version":"5.0.0","repository_url":"https://github.com/actions/dependency-review-action"},{"name":"actions/create-github-app-token","old_version":"3.1.1","new_version":"3.2.0","repository_url":"https://github.com/actions/create-github-app-token"},{"name":"googleapis/release-please-action","old_version":"4.4.0","new_version":"5.0.0","repository_url":"https://github.com/googleapis/release-please-action"},{"name":"sigstore/cosign-installer","old_version":"4.1.1","new_version":"4.1.2","repository_url":"https://github.com/sigstore/cosign-installer"},{"name":"goreleaser/goreleaser-action","old_version":"7.0.0","new_version":"7.2.2","repository_url":"https://github.com/goreleaser/goreleaser-action"}],"path":null,"ecosystem":"actions"},"body":"Bumps the github-actions group with 7 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [github/codeql-action](https://github.com/github/codeql-action) | `4.35.1` | `4.36.0` |\n| [golangci/golangci-lint-action](https://github.com/golangci/golangci-lint-action) | `9.2.0` | `9.2.1` |\n| [actions/dependency-review-action](https://github.com/actions/dependency-review-action) | `4.9.0` | `5.0.0` |\n| [actions/create-github-app-token](https://github.com/actions/create-github-app-token) | `3.1.1` | `3.2.0` |\n| [googleapis/release-please-action](https://github.com/googleapis/release-please-action) | `4.4.0` | `5.0.0` |\n| [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) | `4.1.1` | `4.1.2` |\n| [goreleaser/goreleaser-action](https://github.com/goreleaser/goreleaser-action) | `7.0.0` | `7.2.2` |\n\n\nUpdates `github/codeql-action` from 4.35.1 to 4.36.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/github/codeql-action/releases\"\u003egithub/codeql-action's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.36.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cem\u003eBreaking change\u003c/em\u003e: Bump the minimum required CodeQL bundle version to 2.19.4. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3894\"\u003e#3894\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd support for SHA-256 Git object IDs. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3893\"\u003e#3893\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.5\"\u003e2.25.5\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3926\"\u003e#3926\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.35.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eWe have improved how the JavaScript bundles for the CodeQL Action are generated to avoid duplication across bundles and reduce the size of the repository by around 70%. This should have no effect on the runtime behaviour of the CodeQL Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3899\"\u003e#3899\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFor performance and accuracy reasons, \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e will now only be enabled on a pull request when diff-informed analysis is also enabled for that run. If diff-informed analysis is unavailable (for example, because the PR diff ranges could not be computed), the action will fall back to a full analysis. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3791\"\u003e#3791\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIf multiple inputs are provided for the GitHub-internal \u003ccode\u003eanalysis-kinds\u003c/code\u003e input, only \u003ccode\u003ecode-scanning\u003c/code\u003e will be enabled. The \u003ccode\u003eanalysis-kinds\u003c/code\u003e input is experimental, for GitHub-internal use only, and may change without notice at any time. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3892\"\u003e#3892\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded an experimental change which, when running a Code Scanning analysis for a PR with \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e enabled, prefers CodeQL CLI versions that have a cached overlay-base database for the configured languages. This speeds up analysis for a repository when there is not yet a cached overlay-base database for the latest CLI version. We expect to roll this change out to everyone in May. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3880\"\u003e#3880\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.35.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.4\"\u003e2.25.4\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3881\"\u003e#3881\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.35.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cem\u003eUpcoming breaking change\u003c/em\u003e: Add a deprecation warning for customers using CodeQL version 2.19.3 and earlier. These versions of CodeQL were discontinued on 9 April 2026 alongside GitHub Enterprise Server 3.15, and will be unsupported by the next minor release of the CodeQL Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3837\"\u003e#3837\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eConfigurations for private registries that use Cloudsmith or GCP OIDC are now accepted. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3850\"\u003e#3850\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBest-effort connection tests for private registries now use \u003ccode\u003eGET\u003c/code\u003e requests instead of \u003ccode\u003eHEAD\u003c/code\u003e for better compatibility with various registry implementations. For NuGet feeds, the test is now always performed against the service index. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3853\"\u003e#3853\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed a bug where two diagnostics produced within the same millisecond could overwrite each other on disk, causing one of them to be lost. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3852\"\u003e#3852\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.3\"\u003e2.25.3\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3865\"\u003e#3865\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.35.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eThe undocumented TRAP cache cleanup feature that could be enabled using the \u003ccode\u003eCODEQL_ACTION_CLEANUP_TRAP_CACHES\u003c/code\u003e environment variable is deprecated and will be removed in May 2026. If you are affected by this, we recommend disabling TRAP caching by passing the \u003ccode\u003etrap-caching: false\u003c/code\u003e input to the \u003ccode\u003einit\u003c/code\u003e Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3795\"\u003e#3795\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe Git version 2.36.0 requirement for improved incremental analysis now only applies to repositories that contain submodules. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3789\"\u003e#3789\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePython analysis on GHES no longer extracts the standard library, relying instead on models of the standard library. This should result in significantly faster extraction and analysis times, while the effect on alerts should be minimal. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3794\"\u003e#3794\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed a bug in the validation of OIDC configurations for private registries that was added in CodeQL Action 4.33.0 / 3.33.0. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3807\"\u003e#3807\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.2\"\u003e2.25.2\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3823\"\u003e#3823\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/github/codeql-action/blob/main/CHANGELOG.md\"\u003egithub/codeql-action's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eCodeQL Action Changelog\u003c/h1\u003e\n\u003cp\u003eSee the \u003ca href=\"https://github.com/github/codeql-action/releases\"\u003ereleases page\u003c/a\u003e for the relevant changes to the CodeQL CLI and language packs.\u003c/p\u003e\n\u003ch2\u003e[UNRELEASED]\u003c/h2\u003e\n\u003cp\u003eNo user facing changes.\u003c/p\u003e\n\u003ch2\u003e4.36.0 - 22 May 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cem\u003eBreaking change\u003c/em\u003e: Bump the minimum required CodeQL bundle version to 2.19.4. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3894\"\u003e#3894\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd support for SHA-256 Git object IDs. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3893\"\u003e#3893\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.5\"\u003e2.25.5\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3926\"\u003e#3926\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.5 - 15 May 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eWe have improved how the JavaScript bundles for the CodeQL Action are generated to avoid duplication across bundles and reduce the size of the repository by around 70%. This should have no effect on the runtime behaviour of the CodeQL Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3899\"\u003e#3899\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFor performance and accuracy reasons, \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e will now only be enabled on a pull request when diff-informed analysis is also enabled for that run. If diff-informed analysis is unavailable (for example, because the PR diff ranges could not be computed), the action will fall back to a full analysis. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3791\"\u003e#3791\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIf multiple inputs are provided for the GitHub-internal \u003ccode\u003eanalysis-kinds\u003c/code\u003e input, only \u003ccode\u003ecode-scanning\u003c/code\u003e will be enabled. The \u003ccode\u003eanalysis-kinds\u003c/code\u003e input is experimental, for GitHub-internal use only, and may change without notice at any time. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3892\"\u003e#3892\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded an experimental change which, when running a Code Scanning analysis for a PR with \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e enabled, prefers CodeQL CLI versions that have a cached overlay-base database for the configured languages. This speeds up analysis for a repository when there is not yet a cached overlay-base database for the latest CLI version. We expect to roll this change out to everyone in May. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3880\"\u003e#3880\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.4 - 07 May 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.4\"\u003e2.25.4\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3881\"\u003e#3881\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.3 - 01 May 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cem\u003eUpcoming breaking change\u003c/em\u003e: Add a deprecation warning for customers using CodeQL version 2.19.3 and earlier. These versions of CodeQL were discontinued on 9 April 2026 alongside GitHub Enterprise Server 3.15, and will be unsupported by the next minor release of the CodeQL Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3837\"\u003e#3837\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eConfigurations for private registries that use Cloudsmith or GCP OIDC are now accepted. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3850\"\u003e#3850\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBest-effort connection tests for private registries now use \u003ccode\u003eGET\u003c/code\u003e requests instead of \u003ccode\u003eHEAD\u003c/code\u003e for better compatibility with various registry implementations. For NuGet feeds, the test is now always performed against the service index. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3853\"\u003e#3853\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed a bug where two diagnostics produced within the same millisecond could overwrite each other on disk, causing one of them to be lost. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3852\"\u003e#3852\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.3\"\u003e2.25.3\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3865\"\u003e#3865\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.2 - 15 Apr 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eThe undocumented TRAP cache cleanup feature that could be enabled using the \u003ccode\u003eCODEQL_ACTION_CLEANUP_TRAP_CACHES\u003c/code\u003e environment variable is deprecated and will be removed in May 2026. If you are affected by this, we recommend disabling TRAP caching by passing the \u003ccode\u003etrap-caching: false\u003c/code\u003e input to the \u003ccode\u003einit\u003c/code\u003e Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3795\"\u003e#3795\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe Git version 2.36.0 requirement for improved incremental analysis now only applies to repositories that contain submodules. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3789\"\u003e#3789\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePython analysis on GHES no longer extracts the standard library, relying instead on models of the standard library. This should result in significantly faster extraction and analysis times, while the effect on alerts should be minimal. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3794\"\u003e#3794\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed a bug in the validation of OIDC configurations for private registries that was added in CodeQL Action 4.33.0 / 3.33.0. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3807\"\u003e#3807\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.2\"\u003e2.25.2\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3823\"\u003e#3823\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.1 - 27 Mar 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix incorrect minimum required Git version for \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e: it should have been 2.36.0, not 2.11.0. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3781\"\u003e#3781\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.0 - 27 Mar 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReduced the minimum Git version required for \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e from 2.38.0 to 2.11.0. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3767\"\u003e#3767\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.1\"\u003e2.25.1\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3773\"\u003e#3773\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/7211b7c8077ea37d8641b6271f6a365a22a5fbfa\"\u003e\u003ccode\u003e7211b7c\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3927\"\u003e#3927\u003c/a\u003e from github/update-v4.36.0-ebc2d9e2b\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/7740f2fb21add1d46278215acea47540db22f022\"\u003e\u003ccode\u003e7740f2f\u003c/code\u003e\u003c/a\u003e Update changelog for v4.36.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/ebc2d9e2bc247eec51bee8d4df806c4030eb0761\"\u003e\u003ccode\u003eebc2d9e\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3926\"\u003e#3926\u003c/a\u003e from github/update-bundle/codeql-bundle-v2.25.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/d1f74b777c95c777bf4f42ce4b250bc916e745c7\"\u003e\u003ccode\u003ed1f74b7\u003c/code\u003e\u003c/a\u003e Add changelog note\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/2dc40cec39bdc63d3561d74fa6100cebb0418ff4\"\u003e\u003ccode\u003e2dc40ce\u003c/code\u003e\u003c/a\u003e Update default bundle to codeql-bundle-v2.25.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/84498526a009a99c875e83ef4821a8ba52de7c22\"\u003e\u003ccode\u003e8449852\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3910\"\u003e#3910\u003c/a\u003e from github/henrymercer/repo-size-diff-check\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/72ac23c6d16b29fbe801e87e3439941558c53094\"\u003e\u003ccode\u003e72ac23c\u003c/code\u003e\u003c/a\u003e Update excluded required check list\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/c5297a28a2c3e6a8062041b58858bd7117cebe37\"\u003e\u003ccode\u003ec5297a2\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3919\"\u003e#3919\u003c/a\u003e from github/henrymercer/workflow-concurrency\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/8ffeae7d05bc1b914a009d197e64e4f5c9e14503\"\u003e\u003ccode\u003e8ffeae7\u003c/code\u003e\u003c/a\u003e CI: Automatically cancel non-generated workflows\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/f3f52bf568dc44a1069faafa538caa6b1fec40c9\"\u003e\u003ccode\u003ef3f52bf\u003c/code\u003e\u003c/a\u003e Revert \u003ccode\u003egetErrorMessage\u003c/code\u003e import\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/github/codeql-action/compare/c10b8064de6f491fea524254123dbe5e09572f13...7211b7c8077ea37d8641b6271f6a365a22a5fbfa\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `golangci/golangci-lint-action` from 9.2.0 to 9.2.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/golangci/golangci-lint-action/releases\"\u003egolangci/golangci-lint-action's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev9.2.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cp\u003eIMPORTANT: this is the first immutable release.\u003c/p\u003e\n\u003ch3\u003eChanges\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echore: improve workflows by \u003ca href=\"https://github.com/ldez\"\u003e\u003ccode\u003e@​ldez\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/golangci/golangci-lint-action/pull/1394\"\u003egolangci/golangci-lint-action#1394\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDependencies\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ebuild(deps-dev): bump the dev-dependencies group with 3 updates by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/golangci/golangci-lint-action/pull/1325\"\u003egolangci/golangci-lint-action#1325\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump the dev-dependencies group with 2 updates by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/golangci/golangci-lint-action/pull/1326\"\u003egolangci/golangci-lint-action#1326\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump the dependencies group with 4 updates by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/golangci/golangci-lint-action/pull/1327\"\u003egolangci/golangci-lint-action#1327\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump the dev-dependencies group with 2 updates by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/golangci/golangci-lint-action/pull/1328\"\u003egolangci/golangci-lint-action#1328\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump \u003ccode\u003e@​types/node\u003c/code\u003e from 25.0.2 to 25.0.3 in the dependencies group by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/golangci/golangci-lint-action/pull/1329\"\u003egolangci/golangci-lint-action#1329\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump the dev-dependencies group with 2 updates by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/golangci/golangci-lint-action/pull/1330\"\u003egolangci/golangci-lint-action#1330\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump the dev-dependencies group with 2 updates by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/golangci/golangci-lint-action/pull/1332\"\u003egolangci/golangci-lint-action#1332\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump the dev-dependencies group with 2 updates by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/golangci/golangci-lint-action/pull/1333\"\u003egolangci/golangci-lint-action#1333\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump the dependencies group with 6 updates by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/golangci/golangci-lint-action/pull/1334\"\u003egolangci/golangci-lint-action#1334\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump the dev-dependencies group with 4 updates by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/golangci/golangci-lint-action/pull/1335\"\u003egolangci/golangci-lint-action#1335\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump the dependencies group with 2 updates by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/golangci/golangci-lint-action/pull/1336\"\u003egolangci/golangci-lint-action#1336\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump the dev-dependencies group with 3 updates by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/golangci/golangci-lint-action/pull/1337\"\u003egolangci/golangci-lint-action#1337\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump \u003ccode\u003e@​types/node\u003c/code\u003e from 25.0.9 to 25.0.10 in the dependencies group by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/golangci/golangci-lint-action/pull/1338\"\u003egolangci/golangci-lint-action#1338\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump fast-xml-parser from 5.3.3 to 5.3.4 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/golangci/golangci-lint-action/pull/1339\"\u003egolangci/golangci-lint-action#1339\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump the dev-dependencies group with 2 updates by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/golangci/golangci-lint-action/pull/1340\"\u003egolangci/golangci-lint-action#1340\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump the dev-dependencies group across 1 directory with 3 updates by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/golangci/golangci-lint-action/pull/1344\"\u003egolangci/golangci-lint-action#1344\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump fast-xml-parser from 5.3.4 to 5.3.6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/golangci/golangci-lint-action/pull/1346\"\u003egolangci/golangci-lint-action#1346\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump minimatch by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/golangci/golangci-lint-action/pull/1348\"\u003egolangci/golangci-lint-action#1348\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump minimatch from 3.1.3 to 3.1.5 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/golangci/golangci-lint-action/pull/1350\"\u003egolangci/golangci-lint-action#1350\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump fast-xml-parser from 5.3.6 to 5.4.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/golangci/golangci-lint-action/pull/1351\"\u003egolangci/golangci-lint-action#1351\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump fast-xml-parser from 5.4.1 to 5.5.6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/golangci/golangci-lint-action/pull/1357\"\u003egolangci/golangci-lint-action#1357\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump fast-xml-parser from 5.5.6 to 5.5.7 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/golangci/golangci-lint-action/pull/1358\"\u003egolangci/golangci-lint-action#1358\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump flatted from 3.3.3 to 3.4.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/golangci/golangci-lint-action/pull/1359\"\u003egolangci/golangci-lint-action#1359\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump picomatch from 4.0.3 to 4.0.4 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/golangci/golangci-lint-action/pull/1364\"\u003egolangci/golangci-lint-action#1364\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump yaml from 2.8.2 to 2.8.3 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/golangci/golangci-lint-action/pull/1365\"\u003egolangci/golangci-lint-action#1365\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump brace-expansion by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/golangci/golangci-lint-action/pull/1370\"\u003egolangci/golangci-lint-action#1370\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump the dev-dependencies group across 1 directory with 7 updates by \u003ca href=\"https://github.com/ldez\"\u003e\u003ccode\u003e@​ldez\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/golangci/golangci-lint-action/pull/1374\"\u003egolangci/golangci-lint-action#1374\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 4 to 4.35.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/golangci/golangci-lint-action/pull/1384\"\u003egolangci/golangci-lint-action#1384\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump fast-xml-builder from 1.1.5 to 1.2.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/golangci/golangci-lint-action/pull/1386\"\u003egolangci/golangci-lint-action#1386\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 4.35.2 to 4.35.3 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/golangci/golangci-lint-action/pull/1389\"\u003egolangci/golangci-lint-action#1389\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 4.35.3 to 4.35.4 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/golangci/golangci-lint-action/pull/1391\"\u003egolangci/golangci-lint-action#1391\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/golangci/golangci-lint-action/compare/v9.2.0...v9.2.1\"\u003ehttps://github.com/golangci/golangci-lint-action/compare/v9.2.0...v9.2.1\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golangci/golangci-lint-action/commit/82606bf257cbaff209d206a39f5134f0cfbfd2ee\"\u003e\u003ccode\u003e82606bf\u003c/code\u003e\u003c/a\u003e chore: prepare release v9.2.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golangci/golangci-lint-action/commit/97c8387e660fa3be78f698fb592523e1f906a02c\"\u003e\u003ccode\u003e97c8387\u003c/code\u003e\u003c/a\u003e chore: improve workflows (\u003ca href=\"https://redirect.github.com/golangci/golangci-lint-action/issues/1394\"\u003e#1394\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golangci/golangci-lint-action/commit/28d0a191bb76f633872d1f12600dd9900ac73840\"\u003e\u003ccode\u003e28d0a19\u003c/code\u003e\u003c/a\u003e build(deps): bump the dependencies group across 1 directory with 2 updates\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golangci/golangci-lint-action/commit/633fbc7d54a1fe7d54f72fb83194a7d442beb929\"\u003e\u003ccode\u003e633fbc7\u003c/code\u003e\u003c/a\u003e build(deps): bump github/codeql-action from 4.35.3 to 4.35.4 (\u003ca href=\"https://redirect.github.com/golangci/golangci-lint-action/issues/1391\"\u003e#1391\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golangci/golangci-lint-action/commit/59f43e26c902dadac745307f8cf2537da50ad344\"\u003e\u003ccode\u003e59f43e2\u003c/code\u003e\u003c/a\u003e build(deps): bump github/codeql-action from 4.35.2 to 4.35.3 (\u003ca href=\"https://redirect.github.com/golangci/golangci-lint-action/issues/1389\"\u003e#1389\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golangci/golangci-lint-action/commit/9eb174e04acac69b4b7f6602f9a5cc384ba59b45\"\u003e\u003ccode\u003e9eb174e\u003c/code\u003e\u003c/a\u003e build(deps): bump fast-xml-builder from 1.1.5 to 1.2.0 (\u003ca href=\"https://redirect.github.com/golangci/golangci-lint-action/issues/1386\"\u003e#1386\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golangci/golangci-lint-action/commit/4f52504dfb47d09a983372e869f643e9e0d4014b\"\u003e\u003ccode\u003e4f52504\u003c/code\u003e\u003c/a\u003e build(deps): bump github/codeql-action from 4 to 4.35.2 (\u003ca href=\"https://redirect.github.com/golangci/golangci-lint-action/issues/1384\"\u003e#1384\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golangci/golangci-lint-action/commit/6f87dfdbd16618b59a5d86104adea6216152a47c\"\u003e\u003ccode\u003e6f87dfd\u003c/code\u003e\u003c/a\u003e docs: update examples\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golangci/golangci-lint-action/commit/c9500d7aa7797b3e999034a3e6a0b9a4f18e8708\"\u003e\u003ccode\u003ec9500d7\u003c/code\u003e\u003c/a\u003e chore: improve workflows\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/golangci/golangci-lint-action/commit/03b1faa37ed78712fa70fc44b56fa553f0d7a6bc\"\u003e\u003ccode\u003e03b1faa\u003c/code\u003e\u003c/a\u003e chore: improve issue templates\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/golangci/golangci-lint-action/compare/1e7e51e771db61008b38414a730f564565cf7c20...82606bf257cbaff209d206a39f5134f0cfbfd2ee\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `actions/dependency-review-action` from 4.9.0 to 5.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/dependency-review-action/releases\"\u003eactions/dependency-review-action's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.0.0\u003c/h2\u003e\n\u003cp\u003eThis is a new major version of the Dependency Review Action which updates the runtime to node24. This requires a minimum Actions Runner version \u003ca href=\"https://github.com/actions/runner/releases/tag/v2.327.1\"\u003ev2.327.1\u003c/a\u003e to run.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd .github/copilot-instructions.md for Copilot coding agent by \u003ca href=\"https://github.com/ahpook\"\u003e\u003ccode\u003e@​ahpook\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1067\"\u003eactions/dependency-review-action#1067\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate Node.js runtime from 20 to 24 by \u003ca href=\"https://github.com/scottschreckengaust\"\u003e\u003ccode\u003e@​scottschreckengaust\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1084\"\u003eactions/dependency-review-action#1084\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump spdx-license-ids from 3.0.20 to 3.0.23 by \u003ca href=\"https://github.com/mongolyy\"\u003e\u003ccode\u003e@​mongolyy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1091\"\u003eactions/dependency-review-action#1091\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: bump actions/checkout from v4 to v6 in workflow examples by \u003ca href=\"https://github.com/Marukome0743\"\u003e\u003ccode\u003e@​Marukome0743\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1077\"\u003eactions/dependency-review-action#1077\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: patched version display for advisories with non-strict semver ranges (e.g. Maven beta versions) by \u003ca href=\"https://github.com/tspascoal\"\u003e\u003ccode\u003e@​tspascoal\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1076\"\u003eactions/dependency-review-action#1076\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eResolve security findings by \u003ca href=\"https://github.com/AshelyTC\"\u003e\u003ccode\u003e@​AshelyTC\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1094\"\u003eactions/dependency-review-action#1094\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ev5.0.0 release branch by \u003ca href=\"https://github.com/ahpook\"\u003e\u003ccode\u003e@​ahpook\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1098\"\u003eactions/dependency-review-action#1098\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/scottschreckengaust\"\u003e\u003ccode\u003e@​scottschreckengaust\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1084\"\u003eactions/dependency-review-action#1084\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mongolyy\"\u003e\u003ccode\u003e@​mongolyy\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1091\"\u003eactions/dependency-review-action#1091\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Marukome0743\"\u003e\u003ccode\u003e@​Marukome0743\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1077\"\u003eactions/dependency-review-action#1077\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/dependency-review-action/compare/v4.9.0...v5.0.0\"\u003ehttps://github.com/actions/dependency-review-action/compare/v4.9.0...v5.0.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/a1d282b36b6f3519aa1f3fc636f609c47dddb294\"\u003e\u003ccode\u003ea1d282b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/issues/1098\"\u003e#1098\u003c/a\u003e from actions/ahpook/v5-release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/eb6c199c5a85c7387f1f0b02b3ba5c6364740695\"\u003e\u003ccode\u003eeb6c199\u003c/code\u003e\u003c/a\u003e update examples to show \u003ca href=\"https://github.com/v5\"\u003e\u003ccode\u003e@​v5\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/3943c2c5beaaaf1806eb3758273c203dabcbf89c\"\u003e\u003ccode\u003e3943c2c\u003c/code\u003e\u003c/a\u003e v5.0.0 release branch\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/454943c880b147adbfe7de0cdd3ece1c00882033\"\u003e\u003ccode\u003e454943c\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/issues/1094\"\u003e#1094\u003c/a\u003e from actions/ashelytc/security-findings\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/6d92a1228e9e9db334f02c09f84fe9217d2b4463\"\u003e\u003ccode\u003e6d92a12\u003c/code\u003e\u003c/a\u003e revert \u003ccode\u003e@​typescript-eslint/parser\u003c/code\u003e update\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/a8e5a7e93695b41abf6d1083cd220bee39a720f0\"\u003e\u003ccode\u003ea8e5a7e\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/issues/1076\"\u003e#1076\u003c/a\u003e from tspascoal/fix-version-matching-for-non-string-s...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/b6b7079031ef4ed61656c221988f1f3bcbf35101\"\u003e\u003ccode\u003eb6b7079\u003c/code\u003e\u003c/a\u003e update \u003ccode\u003e@​typescript-eslint/parser\u003c/code\u003e to 8.40.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/821a21dd691f162c4c5c2e9754a344accde9a208\"\u003e\u003ccode\u003e821a21d\u003c/code\u003e\u003c/a\u003e update more dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/05aaaae45cf4c420de012addf2a72e3435ddaa63\"\u003e\u003ccode\u003e05aaaae\u003c/code\u003e\u003c/a\u003e run npm audit fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/55d3e754501fc13c84b95637ce51f135012d41ea\"\u003e\u003ccode\u003e55d3e75\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/issues/1077\"\u003e#1077\u003c/a\u003e from Marukome0743/docs/checkout\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/actions/dependency-review-action/compare/2031cfc080254a8a887f58cffee85186f0e49e48...a1d282b36b6f3519aa1f3fc636f609c47dddb294\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `actions/create-github-app-token` from 3.1.1 to 3.2.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/create-github-app-token/releases\"\u003eactions/create-github-app-token's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.2.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/compare/v3.1.1...v3.2.0\"\u003e3.2.0\u003c/a\u003e (2026-05-12)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd support for enterprise-level GitHub Apps (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/263\"\u003e#263\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/952a2a7073df6bfa5f49bc469ec895b6ec1acea4\"\u003e952a2a7\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esupport full repository names in \u003ccode\u003erepositories\u003c/code\u003e input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/372\"\u003e#372\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/85eb8dd41472213aed25d1a126460e0069138ab6\"\u003e85eb8dd\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1 in the production-dependencies group (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/364\"\u003e#364\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/43e5c345bfd4d4f3ecea019ad0042001a09dd857\"\u003e43e5c34\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003evalidate private-key input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/376\"\u003e#376\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/f24bbd89643991c0de27ae823c01791b2c6bafdd\"\u003ef24bbd8\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/create-github-app-token/blob/main/CHANGELOG.md\"\u003eactions/create-github-app-token's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/compare/v3.1.1...v3.2.0\"\u003e3.2.0\u003c/a\u003e (2026-05-12)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd support for enterprise-level GitHub Apps (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/263\"\u003e#263\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/952a2a7073df6bfa5f49bc469ec895b6ec1acea4\"\u003e952a2a7\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esupport full repository names in \u003ccode\u003erepositories\u003c/code\u003e input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/372\"\u003e#372\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/85eb8dd41472213aed25d1a126460e0069138ab6\"\u003e85eb8dd\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1 in the production-dependencies group (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/364\"\u003e#364\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/43e5c345bfd4d4f3ecea019ad0042001a09dd857\"\u003e43e5c34\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003evalidate private-key input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/376\"\u003e#376\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/f24bbd89643991c0de27ae823c01791b2c6bafdd\"\u003ef24bbd8\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/bcd2ba49218906704ab6c1aa796996da409d3eb1\"\u003e\u003ccode\u003ebcd2ba4\u003c/code\u003e\u003c/a\u003e chore(main): release 3.2.0 (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/370\"\u003e#370\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/f24bbd89643991c0de27ae823c01791b2c6bafdd\"\u003e\u003ccode\u003ef24bbd8\u003c/code\u003e\u003c/a\u003e fix: validate private-key input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/376\"\u003e#376\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/363531b6d972a60a00b3f1e6bb139e5e6c764cd9\"\u003e\u003ccode\u003e363531b\u003c/code\u003e\u003c/a\u003e docs: capitalize Git as a proper noun in README (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/374\"\u003e#374\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/fd2801133e469d2950f2c5af5e591d6b2ad833c8\"\u003e\u003ccode\u003efd28011\u003c/code\u003e\u003c/a\u003e docs: update procedure to configure Git (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/287\"\u003e#287\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/85eb8dd41472213aed25d1a126460e0069138ab6\"\u003e\u003ccode\u003e85eb8dd\u003c/code\u003e\u003c/a\u003e feat: support full repository names in \u003ccode\u003erepositories\u003c/code\u003e input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/372\"\u003e#372\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/c9aabb83728c3bd519212fa657ebc07e1f2a5dec\"\u003e\u003ccode\u003ec9aabb8\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump yaml from 2.8.3 to 2.8.4 in the development-dependencie...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/e02e816e5591415258a53bf735aff57977dcd5e2\"\u003e\u003ccode\u003ee02e816\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump undici from 7.24.6 to 8.2.0 (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/366\"\u003e#366\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/8d835bfd37aa48fcb8e709925115857568d98bc4\"\u003e\u003ccode\u003e8d835bf\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump esbuild from 0.27.4 to 0.28.0 in the development-depend...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/952a2a7073df6bfa5f49bc469ec895b6ec1acea4\"\u003e\u003ccode\u003e952a2a7\u003c/code\u003e\u003c/a\u003e feat: add support for enterprise-level GitHub Apps (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/263\"\u003e#263\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/43e5c345bfd4d4f3ecea019ad0042001a09dd857\"\u003e\u003ccode\u003e43e5c34\u003c/code\u003e\u003c/a\u003e fix(deps): bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1 in the production-dependenc...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/actions/create-github-app-token/compare/1b10c78c7865c340bc4f6099eb2f838309f1e8c3...bcd2ba49218906704ab6c1aa796996da409d3eb1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `googleapis/release-please-action` from 4.4.0 to 5.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/googleapis/release-please-action/releases\"\u003egoogleapis/release-please-action's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.0.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/googleapis/release-please-action/compare/v4.4.1...v5.0.0\"\u003e5.0.0\u003c/a\u003e (2026-04-22)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eupgrade to node24 (\u003ca href=\"https://redirect.github.com/googleapis/release-please-action/issues/1188\"\u003e#1188\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eupgrade to node24 (\u003ca href=\"https://redirect.github.com/googleapis/release-please-action/issues/1188\"\u003e#1188\u003c/a\u003e) (\u003ca href=\"https://github.com/googleapis/release-please-action/commit/46dfc01594fc6ec99626bc73e479c52bdf554f88\"\u003e46dfc01\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ebump release-please from 17.3.0 to 17.6.0 (\u003ca href=\"https://redirect.github.com/googleapis/release-please-action/issues/1199\"\u003e#1199\u003c/a\u003e) (\u003ca href=\"https://github.com/googleapis/release-please-action/commit/f533c26b74c2778db7edc90c96b63a7d08035765\"\u003ef533c26\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.4.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/googleapis/release-please-action/compare/v4.4.0...v4.4.1\"\u003e4.4.1\u003c/a\u003e (2026-02-20)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ebump release-please from 17.1.3 to 17.3.0 (\u003ca href=\"https://redirect.github.com/googleapis/release-please-action/issues/1183\"\u003e#1183\u003c/a\u003e) (\u003ca href=\"https://github.com/googleapis/release-please-action/commit/ef9c2745dbfb629d38ebfafa3347a81ab2d51409\"\u003eef9c274\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/googleapis/release-please-action/blob/main/CHANGELOG.md\"\u003egoogleapis/release-please-action's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/googleapis/release-please-action/compare/v4.4.1...v5.0.0\"\u003e5.0.0\u003c/a\u003e (2026-04-22)\u003c/h2\u003e\n\u003ch3\u003e⚠ BREAKING CHANGES\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eupgrade to node24 (\u003ca href=\"https://redirect.github.com/googleapis/release-please-action/issues/1188\"\u003e#1188\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eupgrade to node24 (\u003ca href=\"https://redirect.github.com/googleapis/release-please-action/issues/1188\"\u003e#1188\u003c/a\u003e) (\u003ca href=\"https://github.com/googleapis/release-please-action/commit/46dfc01594fc6ec99626bc73e479c52bdf554f88\"\u003e46dfc01\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ebump release-please from 17.3.0 to 17.6.0 (\u003ca href=\"https://redirect.github.com/googleapis/release-please-action/issues/1199\"\u003e#1199\u003c/a\u003e) (\u003ca href=\"https://github.com/googleapis/release-please-action/commit/f533c26b74c2778db7edc90c96b63a7d08035765\"\u003ef533c26\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/googleapis/release-please-action/compare/v4.4.0...v4.4.1\"\u003e4.4.1\u003c/a\u003e (2026-02-20)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ebump release-please from 17.1.3 to 17.3.0 (\u003ca href=\"https://redirect.github.com/googleapis/release-please-action/issues/1183\"\u003e#1183\u003c/a\u003e) (\u003ca href=\"https://github.com/googleapis/release-please-action/commit/ef9c2745dbfb629d38ebfafa3347a81ab2d51409\"\u003eef9c274\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/googleapis/release-please-action/compare/v4.3.0...v4.4.0\"\u003e4.4.0\u003c/a\u003e (2025-10-09)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd ability to select versioning-strategy and release-as (\u003ca href=\"https://redirect.github.com/googleapis/release-please-action/issues/1121\"\u003e#1121\u003c/a\u003e) (\u003ca href=\"https://github.com/googleapis/release-please-action/commit/ee0f5bae453367755be0c4340193531b3f538374\"\u003eee0f5ba\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003echangelog-host\u003c/code\u003e parameter ignored when using manifest configuration (\u003ca href=\"https://redirect.github.com/googleapis/release-please-action/issues/1151\"\u003e#1151\u003c/a\u003e) (\u003ca href=\"https://github.com/googleapis/release-please-action/commit/535c4130c1030110bdacd1b3076f98c046c3a227\"\u003e535c413\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ebump mocha from 11.7.1 to 11.7.2 in the npm_and_yarn group across 1 directory (\u003ca href=\"https://redirect.github.com/googleapis/release-please-action/issues/1149\"\u003e#1149\u003c/a\u003e) (\u003ca href=\"https://github.com/googleapis/release-please-action/commit/3612a99d75bd7a010bb03d6e2ee3e2392b7392fb\"\u003e3612a99\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003ebump release-please from 17.1.2 to 17.1.3 (\u003ca href=\"https://redirect.github.com/googleapis/release-please-action/issues/1158\"\u003e#1158\u003c/a\u003e) (\u003ca href=\"https://github.com/googleapis/release-please-action/commit/66fbfe9439cb7a3660ecdc00d42573ef0bd00764\"\u003e66fbfe9\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/googleapis/release-please-action/compare/v4.2.0...v4.3.0\"\u003e4.3.0\u003c/a\u003e (2025-08-20)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update release-please to 17.1.2 (\u003ca href=\"https://github.com/googleapis/release-please-action/commit/f07192c046b10acd083f4665a3d8b6350526f9df\"\u003ef07192c\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/googleapis/release-please-action/compare/v4.1.5...v4.2.0\"\u003e4.2.0\u003c/a\u003e (2025-03-07)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/googleapis/release-please-action/commit/45996ed1f6d02564a971a2fa1b5860e934307cf7\"\u003e\u003ccode\u003e45996ed\u003c/code\u003e\u003c/a\u003e chore(main): release 5.0.0 (\u003ca href=\"https://redirect.github.com/googleapis/release-please-action/issues/1200\"\u003e#1200\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/googleapis/release-please-action/commit/a8121b99c9779b09ad890de46417b7cad74eb3a2\"\u003e\u003ccode\u003ea8121b9\u003c/code\u003e\u003c/a\u003e chore: build dist (\u003ca href=\"https://redirect.github.com/googleapis/release-please-action/issues/1201\"\u003e#1201\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/googleapis/release-please-action/commit/f533c26b74c2778db7edc90c96b63a7d08035765\"\u003e\u003ccode\u003ef533c26\u003c/code\u003e\u003c/a\u003e fix: bump release-please from 17.3.0 to 17.6.0 (\u003ca href=\"https://redirect.github.com/googleapis/release-please-action/issues/1199\"\u003e#1199\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/googleapis/release-please-action/commit/46dfc01594fc6ec99626bc73e479c52bdf554f88\"\u003e\u003ccode\u003e46dfc01\u003c/code\u003e\u003c/a\u003e feat!: upgrade to node24 (\u003ca href=\"https://redirect.github.com/googleapis/release-please-action/issues/1188\"\u003e#1188\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/googleapis/release-please-action/commit/5c625bfb5d1ff62eadeeb3772007f7f66fdcf071\"\u003e\u003ccode\u003e5c625bf\u003c/code\u003e\u003c/a\u003e chore(main): release 4.4.1 (\u003ca href=\"https://redirect.github.com/googleapis/release-please-action/issues/1187\"\u003e#1187\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/googleapis/release-please-action/commit/8bb7a2ed0f90c9802c83129a9488d235a1f31a7c\"\u003e\u003ccode\u003e8bb7a2e\u003c/code\u003e\u003c/a\u003e chore: build dist (\u003ca href=\"https://redirect.github.com/googleapis/release-please-action/issues/1186\"\u003e#1186\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/googleapis/release-please-action/commit/ef9c2745dbfb629d38ebfafa3347a81ab2d51409\"\u003e\u003ccode\u003eef9c274\u003c/code\u003e\u003c/a\u003e fix: bump release-please from 17.1.3 to 17.3.0 (\u003ca href=\"https://redirect.github.com/googleapis/release-please-action/issues/1183\"\u003e#1183\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/googleapis/release-please-action/commit/64d83e95d898ede84e4555719aba555c3244d469\"\u003e\u003ccode\u003e64d83e9\u003c/code\u003e\u003c/a\u003e docs(README): add missing action inputs + package options (\u003ca href=\"https://redirect.github.com/googleapis/release-please-action/issues/1176\"\u003e#1176\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/googleapis/release-please-action/compare/16a9c90856f42705d54a6fda1823352bdc62cf38...45996ed1f6d02564a971a2fa1b5860e934307cf7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `sigstore/cosign-installer` from 4.1.1 to 4.1.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/sigstore/cosign-installer/releases\"\u003esigstore/cosign-installer's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.1.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBump cosign to 3.0.6 in \u003ca href=\"https://redirect.github.com/sigstore/cosign-installer/pull/232\"\u003esigstore/cosign-installer#232\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sigstore/cosign-installer/commit/6f9f17788090df1f26f669e9d70d6ae9567deba6\"\u003e\u003ccode\u003e6f9f177\u003c/code\u003e\u003c/a\u003e Bump cosign to 3.0.6 (\u003ca href=\"https://redirect.github.com/sigstore/cosign-installer/issues/232\"\u003e#232\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sigstore/cosign-installer/commit/b5e753ae2d39589c7b38850b463739151fc67f07\"\u003e\u003ccode\u003eb5e753a\u003c/code\u003e\u003c/a\u003e Bump actions/github-script from 8.0.0 to 9.0.0 (\u003ca href=\"https://redirect.github.com/sigstore/cosign-installer/issues/230\"\u003e#230\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sigstore/cosign-installer/commit/115e4ce455e573aa6e9ba51e8d040ddd5c1378af\"\u003e\u003ccode\u003e115e4ce\u003c/code\u003e\u003c/a\u003e Bump actions/setup-go from 6.3.0 to 6.4.0 (\u003ca href=\"https://redirect.github.com/sigstore/cosign-installer/issues/226\"\u003e#226\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/sigstore/cosign-installer/compare/cad07c2e89fa2edd6e2d7bab4c1aa38e53f76003...6f9f17788090df1f26f669e9d70d6ae9567deba6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `goreleaser/goreleaser-action` from 7.0.0 to 7.2.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/goreleaser/goreleaser-action/releases\"\u003egoreleaser/goreleaser-action's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.2.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eci(deps): bump the actions group with 3 updates by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/goreleaser/goreleaser-action/pull/560\"\u003egoreleaser/goreleaser-action#560\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: nightly resolution to select newest published release by \u003ca href=\"https://github.com/Copilot\"\u003e\u003ccode\u003e@​Copilot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/goreleaser/goreleaser-action/pull/562\"\u003egoreleaser/goreleaser-action#562\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Copilot\"\u003e\u003ccode\u003e@​Copilot\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/goreleaser/goreleaser-action/pull/562\"\u003egoreleaser/goreleaser-action#562\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/goreleaser/goreleaser-action/compare/v7...v7.2.2\"\u003ehttps://github.com/goreleaser/goreleaser-action/compare/v7...v7.2.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev7.2.1\u003c/h2\u003e\n\u003cp\u003eThis fully removes the usage of the old \u003ccode\u003enightly\u003c/code\u003e moving tag.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/goreleaser/goreleaser-action/compare/v7.2.0...v7.2.1\"\u003ehttps://github.com/goreleaser/goreleaser-action/compare/v7.2.0...v7.2.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev7.2.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003etest: cover install across release eras by \u003ca href=\"https://github.com/caarlos0\"\u003e\u003ccode\u003e@​caarlos0\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/goreleaser/goreleaser-action/pull/555\"\u003egoreleaser/goreleaser-action#555\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: add \u003ccode\u003eversion-file\u003c/code\u003e input by \u003ca href=\"https://github.com/caarlos0\"\u003e\u003ccode\u003e@​caarlos0\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/goreleaser/goreleaser-action/pull/556\"\u003egoreleaser/goreleaser-action#556\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat: resolve nightly to latest vX.Y.Z-\u003c!-- raw HTML omitted --\u003e-nightly release by \u003ca href=\"https://github.com/caarlos0\"\u003e\u003ccode\u003e@​caarlos0\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/goreleaser/goreleaser-action/pull/558\"\u003egoreleaser/goreleaser-action#558\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/goreleaser/goreleaser-action/compare/v7...v7.2.0\"\u003ehttps://github.com/goreleaser/goreleaser-action/compare/v7...v7.2.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev7.1.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat: verify release checksum and cosign signature by \u003ca href=\"https://github.com/caarlos0\"\u003e\u003ccode\u003e@​caarlos0\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/goreleaser/goreleaser-action/pull/550\"\u003egoreleaser/goreleaser-action#550\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: document cosign verification in README by \u003ca href=\"https://github.com/caarlos0\"\u003e\u003ccode\u003e@​caarlos0\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/goreleaser/goreleaser-action/pull/553\"\u003egoreleaser/goreleaser-action#553\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: Upgrade import GPG action version by \u003ca href=\"https://github.com/flecno\"\u003e\u003ccode\u003e@​flecno\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/goreleaser/goreleaser-action/pull/547\"\u003egoreleaser/goreleaser-action#547\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: drop docker-bake in favor of plain npm by \u003ca href=\"https://github.com/caarlos0\"\u003e\u003ccode\u003e@​caarlos0\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/goreleaser/goreleaser-action/pull/551\"\u003egoreleaser/goreleaser-action#551\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: add release-major-tag workflow by \u003ca href=\"https://github.com/caarlos0\"\u003e\u003ccode\u003e@​caarlos0\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/goreleaser/goreleaser-action/pull/552\"\u003egoreleaser/goreleaser-action#552\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci: drop pre-cosign-v3 goreleaser versions from tests by \u003ca href=\"https://github.com/caarlos0\"\u003e\u003ccode\u003e@​caarlos0\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/goreleaser/goreleaser-action/pull/554\"\u003egoreleaser/goreleaser-action#554\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci(deps): bump the actions group with 2 updates by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/goreleaser/goreleaser-action/pull/543\"\u003egoreleaser/goreleaser-action#543\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci(deps): bump the actions group with 5 updates by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/goreleaser/goreleaser-action/pull/546\"\u003egoreleaser/goreleaser-action#546\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): bump undici from 6.23.0 to 6.24.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/goreleaser/goreleaser-action/pull/545\"\u003egoreleaser/goreleaser-action#545\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/flecno\"\u003e\u003ccode\u003e@​flecno\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/goreleaser/goreleaser-action/pull/547\"\u003egoreleaser/goreleaser-action#547\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/goreleaser/goreleaser-action/compare/v7...v7.1.0\"\u003ehttps://github.com/goreleaser/goreleaser-action/compare/v7...v7.1.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/goreleaser/goreleaser-action/commit/5daf1e915a5f0af01ddbcd89a43b8061ff4f1a89\"\u003e\u003ccode\u003e5daf1e9\u003c/code\u003e\u003c/a\u003e fix: nightly resolution to select newest published release (\u003ca href=\"https://redirect.github.com/goreleaser/goreleaser-action/issues/562\"\u003e#562\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/goreleaser/goreleaser-action/commit/5cc7ebb73d78b8f1d7b03c568e7df999c2889ccf\"\u003e\u003ccode\u003e5cc7ebb\u003c/code\u003e\u003c/a\u003e ci: update actions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/goreleaser/goreleaser-action/commit/702f5f91c9334614254ddeabeebaf820d707f0d6\"\u003e\u003ccode\u003e702f5f9\u003c/code\u003e\u003c/a\u003e ci(deps): bump the actions group with 3 updates (\u003ca href=\"https://redirect.github.com/goreleaser/goreleaser-action/issues/560\"\u003e#560\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/goreleaser/goreleaser-action/commit/1a80836c5c9d9e5755a25cb59ec6f45a3b5f41a8\"\u003e\u003ccode\u003e1a80836\u003c/code\u003e\u003c/a\u003e ci(nightly): pass GITHUB_TOKEN to nightly integration job\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/goreleaser/goreleaser-action/commit/a71152e8274c84525d8835ba71448d64d2023702\"\u003e\u003ccode\u003ea71152e\u003c/code\u003e\u003c/a\u003e refactor: drop legacy 'nightly' tag fallback\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/goreleaser/goreleaser-action/commit/4c6ab561adb47e50c45ef534e2155934e91c40c1\"\u003e\u003ccode\u003e4c6ab56\u003c/code\u003e\u003c/a\u003e feat: resolve nightly to latest vX.Y.Z-\u0026lt;sha\u0026gt;-nightly release (\u003ca href=\"https://redirect.github.com/goreleaser/goreleaser-action/issues/558\"\u003e#558\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/goreleaser/goreleaser-action/commit/4f96abf297f872baa17cd502a9b5ef0725fd1edc\"\u003e\u003ccode\u003e4f96abf\u003c/code\u003e\u003c/a\u003e feat: add \u003ccode\u003eversion-file\u003c/code\u003e input (\u003ca href=\"https://redirect.github.com/goreleaser/goreleaser-action/issues/556\"\u003e#556\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/goreleaser/goreleaser-action/commit/15fa2a96d4a23f516334bb340969ca4e9c82f0fa\"\u003e\u003ccode\u003e15fa2a9\u003c/code\u003e\u003c/a\u003e test: cover install across release eras (\u003ca href=\"https://redirect.github.com/goreleaser/goreleaser-action/issues/555\"\u003e#555\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/goreleaser/goreleaser-action/commit/e24998b8b67b290c2fa8b7c14fcfa7de2c5c9b8c\"\u003e\u003ccode\u003ee24998b\u003c/code\u003e\u003c/a\u003e ci: drop pre-cosign-v3 goreleaser versions from tests (\u003ca href=\"https://redirect.github.com/goreleaser/goreleaser-action/issues/554\"\u003e#554\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/goreleaser/goreleaser-action/commit/be2e8a39ba2f6daed623e98e8b6662f008cffc8d\"\u003e\u003ccode\u003ebe2e8a3\u003c/code\u003e\u003c/a\u003e docs: document cosign verification in README (\u003ca href=\"https://redirect.github.com/goreleaser/goreleaser-action/issues/553\"\u003e#553\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/goreleaser/goreleaser-action/compare/ec59f474b9834571250b370d4735c50f8e2d1e29...5daf1e915a5f0af01ddbcd89a43b8061ff4f1a89\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\n\n\n\u003c/details\u003e","html_url":"https://github.com/RoFz/vault-plugin-secrets-keycloak/pull/21","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/RoFz%2Fvault-plugin-secrets-keycloak/issues/21","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/21/packages"}},{"old_version":"3.1.1","new_version":"3.2.0","update_type":"minor","path":null,"pr_created_at":"2026-05-25T00:30:45.000Z","version_change":"3.1.1 → 3.2.0","issue":{"uuid":"4513455388","node_id":"PR_kwDORpqulM7e3XhH","number":441,"state":"open","title":"chore(deps): bump the actions-minor-patch group with 3 updates","user":"dependabot[bot]","labels":["dependencies","release-notes:internal"],"assignees":[],"locked":false,"comments_count":5,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-25T00:30:45.000Z","updated_at":"2026-05-26T06:11:21.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): bump","group_name":"actions-minor-patch","update_count":3,"packages":[{"name":"codecov/codecov-action","old_version":"6.0.0","new_version":"6.0.1","repository_url":"https://github.com/codecov/codecov-action"},{"name":"ruby/setup-ruby","old_version":"1.307.0","new_version":"1.308.0","repository_url":"https://github.com/ruby/setup-ruby"},{"name":"actions/create-github-app-token","old_version":"3.1.1","new_version":"3.2.0","repository_url":"https://github.com/actions/create-github-app-token"}],"path":null,"ecosystem":"actions"},"body":"Bumps the actions-minor-patch group with 3 updates: [codecov/codecov-action](https://github.com/codecov/codecov-action), [ruby/setup-ruby](https://github.com/ruby/setup-ruby) and [actions/create-github-app-token](https://github.com/actions/create-github-app-token).\n\nUpdates `codecov/codecov-action` from 6.0.0 to 6.0.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/codecov/codecov-action/releases\"\u003ecodecov/codecov-action's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.0.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: prevent template injection in run: steps (VULN-1652) by \u003ca href=\"https://github.com/thomasrockhu-codecov\"\u003e\u003ccode\u003e@​thomasrockhu-codecov\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1947\"\u003ecodecov/codecov-action#1947\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(release): 6.0.1 by \u003ca href=\"https://github.com/thomasrockhu-codecov\"\u003e\u003ccode\u003e@​thomasrockhu-codecov\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1949\"\u003ecodecov/codecov-action#1949\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/codecov/codecov-action/compare/v6.0.0...v6.0.1\"\u003ehttps://github.com/codecov/codecov-action/compare/v6.0.0...v6.0.1\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md\"\u003ecodecov/codecov-action's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.5.2\u003c/h2\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/codecov/codecov-action/compare/v5.5.1..v5.5.2\"\u003ehttps://github.com/codecov/codecov-action/compare/v5.5.1..v5.5.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.5.1\u003c/h2\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efix: overwrite pr number on fork by \u003ca href=\"https://github.com/thomasrockhu-codecov\"\u003e\u003ccode\u003e@​thomasrockhu-codecov\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1871\"\u003ecodecov/codecov-action#1871\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/checkout from 4.2.2 to 5.0.0 by \u003ccode\u003e@​app/dependabot\u003c/code\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1868\"\u003ecodecov/codecov-action#1868\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.29.9 to 3.29.11 by \u003ccode\u003e@​app/dependabot\u003c/code\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1867\"\u003ecodecov/codecov-action#1867\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: update to use local app/ dir by \u003ca href=\"https://github.com/thomasrockhu-codecov\"\u003e\u003ccode\u003e@​thomasrockhu-codecov\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1872\"\u003ecodecov/codecov-action#1872\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: fix typo in README by \u003ca href=\"https://github.com/datalater\"\u003e\u003ccode\u003e@​datalater\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1866\"\u003ecodecov/codecov-action#1866\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDocument a \u003ccode\u003ecodecov-cli\u003c/code\u003e version reference example by \u003ca href=\"https://github.com/webknjaz\"\u003e\u003ccode\u003e@​webknjaz\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1774\"\u003ecodecov/codecov-action#1774\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.28.18 to 3.29.9 by \u003ccode\u003e@​app/dependabot\u003c/code\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1861\"\u003ecodecov/codecov-action#1861\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump ossf/scorecard-action from 2.4.1 to 2.4.2 by \u003ccode\u003e@​app/dependabot\u003c/code\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1833\"\u003ecodecov/codecov-action#1833\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/codecov/codecov-action/compare/v5.5.0..v5.5.1\"\u003ehttps://github.com/codecov/codecov-action/compare/v5.5.0..v5.5.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.5.0\u003c/h2\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003efeat: upgrade wrapper to 0.2.4 by \u003ca href=\"https://github.com/jviall\"\u003e\u003ccode\u003e@​jviall\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1864\"\u003ecodecov/codecov-action#1864\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePin actions/github-script by Git SHA by \u003ca href=\"https://github.com/martincostello\"\u003e\u003ccode\u003e@​martincostello\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1859\"\u003ecodecov/codecov-action#1859\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: check reqs exist by \u003ca href=\"https://github.com/joseph-sentry\"\u003e\u003ccode\u003e@​joseph-sentry\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1835\"\u003ecodecov/codecov-action#1835\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: Typo in README by \u003ca href=\"https://github.com/spalmurray\"\u003e\u003ccode\u003e@​spalmurray\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1838\"\u003ecodecov/codecov-action#1838\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: Refine OIDC docs by \u003ca href=\"https://github.com/spalmurray\"\u003e\u003ccode\u003e@​spalmurray\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1837\"\u003ecodecov/codecov-action#1837\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.28.17 to 3.28.18 by \u003ccode\u003e@​app/dependabot\u003c/code\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1829\"\u003ecodecov/codecov-action#1829\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/codecov/codecov-action/compare/v5.4.3..v5.5.0\"\u003ehttps://github.com/codecov/codecov-action/compare/v5.4.3..v5.5.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.4.3\u003c/h2\u003e\n\u003ch3\u003eWhat's Changed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ebuild(deps): bump github/codeql-action from 3.28.13 to 3.28.17 by \u003ccode\u003e@​app/dependabot\u003c/code\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1822\"\u003ecodecov/codecov-action#1822\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: OIDC on forks by \u003ca href=\"https://github.com/joseph-sentry\"\u003e\u003ccode\u003e@​joseph-sentry\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/codecov/codecov-action/pull/1823\"\u003ecodecov/codecov-action#1823\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/codecov/codecov-action/compare/v5.4.2..v5.4.3\"\u003ehttps://github.com/codecov/codecov-action/compare/v5.4.2..v5.4.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.4.2\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/codecov/codecov-action/commit/e79a6962e0d4c0c17b229090214935d2e33f8354\"\u003e\u003ccode\u003ee79a696\u003c/code\u003e\u003c/a\u003e chore(release): 6.0.1 (\u003ca href=\"https://redirect.github.com/codecov/codecov-action/issues/1949\"\u003e#1949\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/codecov/codecov-action/commit/51e64229ac331acb0d7f7b17c67423995f991c79\"\u003e\u003ccode\u003e51e6422\u003c/code\u003e\u003c/a\u003e fix: prevent template injection in run: steps (VULN-1652) (\u003ca href=\"https://redirect.github.com/codecov/codecov-action/issues/1947\"\u003e#1947\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/codecov/codecov-action/compare/57e3a136b779b570ffcdbf80b3bdc90e7fab3de2...e79a6962e0d4c0c17b229090214935d2e33f8354\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `ruby/setup-ruby` from 1.307.0 to 1.308.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/ruby/setup-ruby/releases\"\u003eruby/setup-ruby's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.308.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate CRuby releases on Windows by \u003ca href=\"https://github.com/ruby-builder-bot\"\u003e\u003ccode\u003e@​ruby-builder-bot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/ruby/setup-ruby/pull/912\"\u003eruby/setup-ruby#912\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/ruby/setup-ruby/compare/v1.307.0...v1.308.0\"\u003ehttps://github.com/ruby/setup-ruby/compare/v1.307.0...v1.308.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ruby/setup-ruby/commit/97ecb7b512899eb71ab1bf2310a624c6f1589ac6\"\u003e\u003ccode\u003e97ecb7b\u003c/code\u003e\u003c/a\u003e Update CRuby releases on Windows\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/ruby/setup-ruby/compare/v1.307.0...v1.308.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `actions/create-github-app-token` from 3.1.1 to 3.2.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/create-github-app-token/releases\"\u003eactions/create-github-app-token's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.2.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/compare/v3.1.1...v3.2.0\"\u003e3.2.0\u003c/a\u003e (2026-05-12)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd support for enterprise-level GitHub Apps (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/263\"\u003e#263\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/952a2a7073df6bfa5f49bc469ec895b6ec1acea4\"\u003e952a2a7\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esupport full repository names in \u003ccode\u003erepositories\u003c/code\u003e input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/372\"\u003e#372\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/85eb8dd41472213aed25d1a126460e0069138ab6\"\u003e85eb8dd\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1 in the production-dependencies group (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/364\"\u003e#364\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/43e5c345bfd4d4f3ecea019ad0042001a09dd857\"\u003e43e5c34\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003evalidate private-key input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/376\"\u003e#376\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/f24bbd89643991c0de27ae823c01791b2c6bafdd\"\u003ef24bbd8\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/create-github-app-token/blob/main/CHANGELOG.md\"\u003eactions/create-github-app-token's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/compare/v3.1.1...v3.2.0\"\u003e3.2.0\u003c/a\u003e (2026-05-12)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd support for enterprise-level GitHub Apps (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/263\"\u003e#263\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/952a2a7073df6bfa5f49bc469ec895b6ec1acea4\"\u003e952a2a7\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esupport full repository names in \u003ccode\u003erepositories\u003c/code\u003e input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/372\"\u003e#372\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/85eb8dd41472213aed25d1a126460e0069138ab6\"\u003e85eb8dd\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1 in the production-dependencies group (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/364\"\u003e#364\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/43e5c345bfd4d4f3ecea019ad0042001a09dd857\"\u003e43e5c34\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003evalidate private-key input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/376\"\u003e#376\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/f24bbd89643991c0de27ae823c01791b2c6bafdd\"\u003ef24bbd8\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/bcd2ba49218906704ab6c1aa796996da409d3eb1\"\u003e\u003ccode\u003ebcd2ba4\u003c/code\u003e\u003c/a\u003e chore(main): release 3.2.0 (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/370\"\u003e#370\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/f24bbd89643991c0de27ae823c01791b2c6bafdd\"\u003e\u003ccode\u003ef24bbd8\u003c/code\u003e\u003c/a\u003e fix: validate private-key input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/376\"\u003e#376\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/363531b6d972a60a00b3f1e6bb139e5e6c764cd9\"\u003e\u003ccode\u003e363531b\u003c/code\u003e\u003c/a\u003e docs: capitalize Git as a proper noun in README (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/374\"\u003e#374\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/fd2801133e469d2950f2c5af5e591d6b2ad833c8\"\u003e\u003ccode\u003efd28011\u003c/code\u003e\u003c/a\u003e docs: update procedure to configure Git (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/287\"\u003e#287\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/85eb8dd41472213aed25d1a126460e0069138ab6\"\u003e\u003ccode\u003e85eb8dd\u003c/code\u003e\u003c/a\u003e feat: support full repository names in \u003ccode\u003erepositories\u003c/code\u003e input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/372\"\u003e#372\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/c9aabb83728c3bd519212fa657ebc07e1f2a5dec\"\u003e\u003ccode\u003ec9aabb8\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump yaml from 2.8.3 to 2.8.4 in the development-dependencie...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/e02e816e5591415258a53bf735aff57977dcd5e2\"\u003e\u003ccode\u003ee02e816\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump undici from 7.24.6 to 8.2.0 (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/366\"\u003e#366\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/8d835bfd37aa48fcb8e709925115857568d98bc4\"\u003e\u003ccode\u003e8d835bf\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump esbuild from 0.27.4 to 0.28.0 in the development-depend...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/952a2a7073df6bfa5f49bc469ec895b6ec1acea4\"\u003e\u003ccode\u003e952a2a7\u003c/code\u003e\u003c/a\u003e feat: add support for enterprise-level GitHub Apps (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/263\"\u003e#263\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/43e5c345bfd4d4f3ecea019ad0042001a09dd857\"\u003e\u003ccode\u003e43e5c34\u003c/code\u003e\u003c/a\u003e fix(deps): bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1 in the production-dependenc...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/actions/create-github-app-token/compare/v3.1.1...v3.2.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\n\n\n\u003c/details\u003e","html_url":"https://github.com/fulgur-rs/fulgur/pull/441","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/fulgur-rs%2Ffulgur/issues/441","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/441/packages"}},{"old_version":"1.9.3","new_version":"3.2.0","update_type":"major","path":null,"pr_created_at":"2026-05-24T19:17:24.000Z","version_change":"1.9.3 → 3.2.0","issue":{"uuid":"4512652604","node_id":"PR_kwDOSmrC2c7e08KG","number":4,"state":"open","title":"chore(actions)(deps): bump actions/create-github-app-token from 1.9.3 to 3.2.0","user":"dependabot[bot]","labels":[],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-24T19:17:24.000Z","updated_at":"2026-05-24T19:18:30.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(actions)(deps)","packages":[{"name":"actions/create-github-app-token","old_version":"1.9.3","new_version":"3.2.0","repository_url":"https://github.com/actions/create-github-app-token"}],"path":null,"ecosystem":"actions"},"body":"Bumps [actions/create-github-app-token](https://github.com/actions/create-github-app-token) from 1.9.3 to 3.2.0.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/create-github-app-token/releases\"\u003eactions/create-github-app-token's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.2.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/compare/v3.1.1...v3.2.0\"\u003e3.2.0\u003c/a\u003e (2026-05-12)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd support for enterprise-level GitHub Apps (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/263\"\u003e#263\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/952a2a7073df6bfa5f49bc469ec895b6ec1acea4\"\u003e952a2a7\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esupport full repository names in \u003ccode\u003erepositories\u003c/code\u003e input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/372\"\u003e#372\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/85eb8dd41472213aed25d1a126460e0069138ab6\"\u003e85eb8dd\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1 in the production-dependencies group (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/364\"\u003e#364\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/43e5c345bfd4d4f3ecea019ad0042001a09dd857\"\u003e43e5c34\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003evalidate private-key input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/376\"\u003e#376\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/f24bbd89643991c0de27ae823c01791b2c6bafdd\"\u003ef24bbd8\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.1.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/compare/v3.1.0...v3.1.1\"\u003e3.1.1\u003c/a\u003e (2026-04-11)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eimprove error message when app identifier is empty (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/362\"\u003e#362\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/07e2b760664f080c40eec4eacf7477256582db36\"\u003e07e2b76\u003c/a\u003e), closes \u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/249\"\u003e#249\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.1.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/compare/v3.0.0...v3.1.0\"\u003e3.1.0\u003c/a\u003e (2026-04-11)\u003c/h1\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump p-retry from 7.1.1 to 8.0.0 (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/357\"\u003e#357\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/3bbe07d928e2d6c30bf3e37c6b89edbc4045facf\"\u003e3bbe07d\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd \u003ccode\u003eclient-id\u003c/code\u003e input and deprecate \u003ccode\u003eapp-id\u003c/code\u003e (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/353\"\u003e#353\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/e6bd4e6970172bed9fe138b2eaf4cbffa4cca8f9\"\u003ee6bd4e6\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eupdate permission inputs (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/358\"\u003e#358\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/076e9480ca6e9633bff412d05eff0fc2f1e7d2be\"\u003e076e948\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.0.0\u003c/h2\u003e\n\u003ch1\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/compare/v2.2.2...v3.0.0\"\u003e3.0.0\u003c/a\u003e (2026-03-14)\u003c/h1\u003e\n\u003cul\u003e\n\u003cli\u003efeat!: node 24 support (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/275\"\u003e#275\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/2e564a0bb8e7cc2b907b2401a2afe177882d4325\"\u003e2e564a0\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix!: require \u003ccode\u003eNODE_USE_ENV_PROXY\u003c/code\u003e for proxy support (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/342\"\u003e#342\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/4451bcbc139f8124b0bf04f968ea2586b17df458\"\u003e4451bcb\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eremove custom proxy handling (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/143\"\u003e#143\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/dce0ab05f36f30b22fd14289fd36655c618e4e8e\"\u003edce0ab0\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/create-github-app-token/blob/main/CHANGELOG.md\"\u003eactions/create-github-app-token's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/compare/v3.1.1...v3.2.0\"\u003e3.2.0\u003c/a\u003e (2026-05-12)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd support for enterprise-level GitHub Apps (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/263\"\u003e#263\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/952a2a7073df6bfa5f49bc469ec895b6ec1acea4\"\u003e952a2a7\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esupport full repository names in \u003ccode\u003erepositories\u003c/code\u003e input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/372\"\u003e#372\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/85eb8dd41472213aed25d1a126460e0069138ab6\"\u003e85eb8dd\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1 in the production-dependencies group (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/364\"\u003e#364\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/43e5c345bfd4d4f3ecea019ad0042001a09dd857\"\u003e43e5c34\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003evalidate private-key input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/376\"\u003e#376\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/f24bbd89643991c0de27ae823c01791b2c6bafdd\"\u003ef24bbd8\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/bcd2ba49218906704ab6c1aa796996da409d3eb1\"\u003e\u003ccode\u003ebcd2ba4\u003c/code\u003e\u003c/a\u003e chore(main): release 3.2.0 (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/370\"\u003e#370\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/f24bbd89643991c0de27ae823c01791b2c6bafdd\"\u003e\u003ccode\u003ef24bbd8\u003c/code\u003e\u003c/a\u003e fix: validate private-key input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/376\"\u003e#376\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/363531b6d972a60a00b3f1e6bb139e5e6c764cd9\"\u003e\u003ccode\u003e363531b\u003c/code\u003e\u003c/a\u003e docs: capitalize Git as a proper noun in README (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/374\"\u003e#374\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/fd2801133e469d2950f2c5af5e591d6b2ad833c8\"\u003e\u003ccode\u003efd28011\u003c/code\u003e\u003c/a\u003e docs: update procedure to configure Git (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/287\"\u003e#287\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/85eb8dd41472213aed25d1a126460e0069138ab6\"\u003e\u003ccode\u003e85eb8dd\u003c/code\u003e\u003c/a\u003e feat: support full repository names in \u003ccode\u003erepositories\u003c/code\u003e input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/372\"\u003e#372\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/c9aabb83728c3bd519212fa657ebc07e1f2a5dec\"\u003e\u003ccode\u003ec9aabb8\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump yaml from 2.8.3 to 2.8.4 in the development-dependencie...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/e02e816e5591415258a53bf735aff57977dcd5e2\"\u003e\u003ccode\u003ee02e816\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump undici from 7.24.6 to 8.2.0 (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/366\"\u003e#366\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/8d835bfd37aa48fcb8e709925115857568d98bc4\"\u003e\u003ccode\u003e8d835bf\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump esbuild from 0.27.4 to 0.28.0 in the development-depend...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/952a2a7073df6bfa5f49bc469ec895b6ec1acea4\"\u003e\u003ccode\u003e952a2a7\u003c/code\u003e\u003c/a\u003e feat: add support for enterprise-level GitHub Apps (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/263\"\u003e#263\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/43e5c345bfd4d4f3ecea019ad0042001a09dd857\"\u003e\u003ccode\u003e43e5c34\u003c/code\u003e\u003c/a\u003e fix(deps): bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1 in the production-dependenc...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/actions/create-github-app-token/compare/7bfa3a4717ef143a604ee0a99d859b8886a96d00...bcd2ba49218906704ab6c1aa796996da409d3eb1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/create-github-app-token\u0026package-manager=github_actions\u0026previous-version=1.9.3\u0026new-version=3.2.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/JonatasOliveira1983/1crypten-hermes-agent/pull/4","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/JonatasOliveira1983%2F1crypten-hermes-agent/issues/4","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/4/packages"}},{"old_version":"3.1.1","new_version":"3.2.0","update_type":"minor","path":null,"pr_created_at":"2026-05-23T19:12:27.000Z","version_change":"3.1.1 → 3.2.0","issue":{"uuid":"4509335886","node_id":"PR_kwDOF93kBM7erQge","number":982,"state":"open","title":"chore(deps): bump actions/create-github-app-token from 3.1.1 to 3.2.0","user":"dependabot[bot]","labels":["dependencies"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-23T19:12:27.000Z","updated_at":"2026-05-23T19:13:12.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps)","packages":[{"name":"actions/create-github-app-token","old_version":"3.1.1","new_version":"3.2.0","repository_url":"https://github.com/actions/create-github-app-token"}],"path":null,"ecosystem":"actions"},"body":"Bumps [actions/create-github-app-token](https://github.com/actions/create-github-app-token) from 3.1.1 to 3.2.0.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/create-github-app-token/releases\"\u003eactions/create-github-app-token's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.2.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/compare/v3.1.1...v3.2.0\"\u003e3.2.0\u003c/a\u003e (2026-05-12)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd support for enterprise-level GitHub Apps (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/263\"\u003e#263\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/952a2a7073df6bfa5f49bc469ec895b6ec1acea4\"\u003e952a2a7\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esupport full repository names in \u003ccode\u003erepositories\u003c/code\u003e input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/372\"\u003e#372\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/85eb8dd41472213aed25d1a126460e0069138ab6\"\u003e85eb8dd\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1 in the production-dependencies group (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/364\"\u003e#364\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/43e5c345bfd4d4f3ecea019ad0042001a09dd857\"\u003e43e5c34\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003evalidate private-key input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/376\"\u003e#376\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/f24bbd89643991c0de27ae823c01791b2c6bafdd\"\u003ef24bbd8\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/create-github-app-token/blob/main/CHANGELOG.md\"\u003eactions/create-github-app-token's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/compare/v3.1.1...v3.2.0\"\u003e3.2.0\u003c/a\u003e (2026-05-12)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd support for enterprise-level GitHub Apps (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/263\"\u003e#263\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/952a2a7073df6bfa5f49bc469ec895b6ec1acea4\"\u003e952a2a7\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esupport full repository names in \u003ccode\u003erepositories\u003c/code\u003e input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/372\"\u003e#372\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/85eb8dd41472213aed25d1a126460e0069138ab6\"\u003e85eb8dd\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1 in the production-dependencies group (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/364\"\u003e#364\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/43e5c345bfd4d4f3ecea019ad0042001a09dd857\"\u003e43e5c34\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003evalidate private-key input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/376\"\u003e#376\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/f24bbd89643991c0de27ae823c01791b2c6bafdd\"\u003ef24bbd8\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/bcd2ba49218906704ab6c1aa796996da409d3eb1\"\u003e\u003ccode\u003ebcd2ba4\u003c/code\u003e\u003c/a\u003e chore(main): release 3.2.0 (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/370\"\u003e#370\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/f24bbd89643991c0de27ae823c01791b2c6bafdd\"\u003e\u003ccode\u003ef24bbd8\u003c/code\u003e\u003c/a\u003e fix: validate private-key input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/376\"\u003e#376\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/363531b6d972a60a00b3f1e6bb139e5e6c764cd9\"\u003e\u003ccode\u003e363531b\u003c/code\u003e\u003c/a\u003e docs: capitalize Git as a proper noun in README (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/374\"\u003e#374\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/fd2801133e469d2950f2c5af5e591d6b2ad833c8\"\u003e\u003ccode\u003efd28011\u003c/code\u003e\u003c/a\u003e docs: update procedure to configure Git (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/287\"\u003e#287\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/85eb8dd41472213aed25d1a126460e0069138ab6\"\u003e\u003ccode\u003e85eb8dd\u003c/code\u003e\u003c/a\u003e feat: support full repository names in \u003ccode\u003erepositories\u003c/code\u003e input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/372\"\u003e#372\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/c9aabb83728c3bd519212fa657ebc07e1f2a5dec\"\u003e\u003ccode\u003ec9aabb8\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump yaml from 2.8.3 to 2.8.4 in the development-dependencie...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/e02e816e5591415258a53bf735aff57977dcd5e2\"\u003e\u003ccode\u003ee02e816\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump undici from 7.24.6 to 8.2.0 (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/366\"\u003e#366\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/8d835bfd37aa48fcb8e709925115857568d98bc4\"\u003e\u003ccode\u003e8d835bf\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump esbuild from 0.27.4 to 0.28.0 in the development-depend...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/952a2a7073df6bfa5f49bc469ec895b6ec1acea4\"\u003e\u003ccode\u003e952a2a7\u003c/code\u003e\u003c/a\u003e feat: add support for enterprise-level GitHub Apps (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/263\"\u003e#263\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/43e5c345bfd4d4f3ecea019ad0042001a09dd857\"\u003e\u003ccode\u003e43e5c34\u003c/code\u003e\u003c/a\u003e fix(deps): bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1 in the production-dependenc...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/actions/create-github-app-token/compare/1b10c78c7865c340bc4f6099eb2f838309f1e8c3...bcd2ba49218906704ab6c1aa796996da409d3eb1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/create-github-app-token\u0026package-manager=github_actions\u0026previous-version=3.1.1\u0026new-version=3.2.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/CycloneDX/cyclonedx-python-lib/pull/982","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/CycloneDX%2Fcyclonedx-python-lib/issues/982","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/982/packages"}},{"old_version":"3.1.1","new_version":"3.2.0","update_type":"minor","path":null,"pr_created_at":"2026-05-23T17:12:30.000Z","version_change":"3.1.1 → 3.2.0","issue":{"uuid":"4509028604","node_id":"PR_kwDORAIm-s7eqVw6","number":112,"state":"closed","title":"chore(deps): bump actions/create-github-app-token from 3.1.1 to 3.2.0","user":"dependabot[bot]","labels":["dependencies","github_actions"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":"2026-05-23T17:15:45.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-23T17:12:30.000Z","updated_at":"2026-05-23T17:15:48.000Z","time_to_close":195,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps)","packages":[{"name":"actions/create-github-app-token","old_version":"3.1.1","new_version":"3.2.0","repository_url":"https://github.com/actions/create-github-app-token"}],"path":null,"ecosystem":"actions"},"body":"Bumps [actions/create-github-app-token](https://github.com/actions/create-github-app-token) from 3.1.1 to 3.2.0.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/create-github-app-token/releases\"\u003eactions/create-github-app-token's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.2.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/compare/v3.1.1...v3.2.0\"\u003e3.2.0\u003c/a\u003e (2026-05-12)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd support for enterprise-level GitHub Apps (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/263\"\u003e#263\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/952a2a7073df6bfa5f49bc469ec895b6ec1acea4\"\u003e952a2a7\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esupport full repository names in \u003ccode\u003erepositories\u003c/code\u003e input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/372\"\u003e#372\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/85eb8dd41472213aed25d1a126460e0069138ab6\"\u003e85eb8dd\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1 in the production-dependencies group (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/364\"\u003e#364\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/43e5c345bfd4d4f3ecea019ad0042001a09dd857\"\u003e43e5c34\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003evalidate private-key input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/376\"\u003e#376\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/f24bbd89643991c0de27ae823c01791b2c6bafdd\"\u003ef24bbd8\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/create-github-app-token/blob/main/CHANGELOG.md\"\u003eactions/create-github-app-token's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/compare/v3.1.1...v3.2.0\"\u003e3.2.0\u003c/a\u003e (2026-05-12)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd support for enterprise-level GitHub Apps (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/263\"\u003e#263\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/952a2a7073df6bfa5f49bc469ec895b6ec1acea4\"\u003e952a2a7\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esupport full repository names in \u003ccode\u003erepositories\u003c/code\u003e input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/372\"\u003e#372\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/85eb8dd41472213aed25d1a126460e0069138ab6\"\u003e85eb8dd\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1 in the production-dependencies group (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/364\"\u003e#364\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/43e5c345bfd4d4f3ecea019ad0042001a09dd857\"\u003e43e5c34\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003evalidate private-key input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/376\"\u003e#376\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/f24bbd89643991c0de27ae823c01791b2c6bafdd\"\u003ef24bbd8\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/bcd2ba49218906704ab6c1aa796996da409d3eb1\"\u003e\u003ccode\u003ebcd2ba4\u003c/code\u003e\u003c/a\u003e chore(main): release 3.2.0 (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/370\"\u003e#370\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/f24bbd89643991c0de27ae823c01791b2c6bafdd\"\u003e\u003ccode\u003ef24bbd8\u003c/code\u003e\u003c/a\u003e fix: validate private-key input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/376\"\u003e#376\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/363531b6d972a60a00b3f1e6bb139e5e6c764cd9\"\u003e\u003ccode\u003e363531b\u003c/code\u003e\u003c/a\u003e docs: capitalize Git as a proper noun in README (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/374\"\u003e#374\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/fd2801133e469d2950f2c5af5e591d6b2ad833c8\"\u003e\u003ccode\u003efd28011\u003c/code\u003e\u003c/a\u003e docs: update procedure to configure Git (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/287\"\u003e#287\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/85eb8dd41472213aed25d1a126460e0069138ab6\"\u003e\u003ccode\u003e85eb8dd\u003c/code\u003e\u003c/a\u003e feat: support full repository names in \u003ccode\u003erepositories\u003c/code\u003e input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/372\"\u003e#372\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/c9aabb83728c3bd519212fa657ebc07e1f2a5dec\"\u003e\u003ccode\u003ec9aabb8\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump yaml from 2.8.3 to 2.8.4 in the development-dependencie...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/e02e816e5591415258a53bf735aff57977dcd5e2\"\u003e\u003ccode\u003ee02e816\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump undici from 7.24.6 to 8.2.0 (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/366\"\u003e#366\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/8d835bfd37aa48fcb8e709925115857568d98bc4\"\u003e\u003ccode\u003e8d835bf\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump esbuild from 0.27.4 to 0.28.0 in the development-depend...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/952a2a7073df6bfa5f49bc469ec895b6ec1acea4\"\u003e\u003ccode\u003e952a2a7\u003c/code\u003e\u003c/a\u003e feat: add support for enterprise-level GitHub Apps (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/263\"\u003e#263\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/43e5c345bfd4d4f3ecea019ad0042001a09dd857\"\u003e\u003ccode\u003e43e5c34\u003c/code\u003e\u003c/a\u003e fix(deps): bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1 in the production-dependenc...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/actions/create-github-app-token/compare/1b10c78c7865c340bc4f6099eb2f838309f1e8c3...bcd2ba49218906704ab6c1aa796996da409d3eb1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/create-github-app-token\u0026package-manager=github_actions\u0026previous-version=3.1.1\u0026new-version=3.2.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/noshiro-pf/synstate/pull/112","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/noshiro-pf%2Fsynstate/issues/112","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/112/packages"}},{"old_version":"3.1.1","new_version":"3.2.0","update_type":"minor","path":null,"pr_created_at":"2026-05-23T08:34:52.000Z","version_change":"3.1.1 → 3.2.0","issue":{"uuid":"4507509970","node_id":"PR_kwDORYuFXM7elnZC","number":162,"state":"closed","title":"Bump the github-actions group across 1 directory with 6 updates","user":"dependabot[bot]","labels":["dependencies","github_actions"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":"2026-05-24T10:03:25.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-23T08:34:52.000Z","updated_at":"2026-05-24T10:03:27.000Z","time_to_close":91713,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","group_name":"github-actions","update_count":6,"packages":[{"name":"actions/setup-python","old_version":"5.6.0","new_version":"6.2.0","repository_url":"https://github.com/actions/setup-python"},{"name":"github/codeql-action","old_version":"3.36.0","new_version":"4.36.0","repository_url":"https://github.com/github/codeql-action"},{"name":"milanhorvatovic/codex-ai-code-review-action","old_version":"32cedc30758526efb279b82567144f0585be8321","new_version":"af72a5bd7330432cee97137b04d04edebde80149","repository_url":"https://github.com/milanhorvatovic/codex-ai-code-review-action"},{"name":"actions/upload-artifact","old_version":"4.6.2","new_version":"7.0.1","repository_url":"https://github.com/actions/upload-artifact"},{"name":"actions/download-artifact","old_version":"4.3.0","new_version":"8.0.1","repository_url":"https://github.com/actions/download-artifact"},{"name":"actions/create-github-app-token","old_version":"3.1.1","new_version":"3.2.0","repository_url":"https://github.com/actions/create-github-app-token"}],"path":null,"ecosystem":"actions"},"body":"Bumps the github-actions group with 6 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [actions/setup-python](https://github.com/actions/setup-python) | `5.6.0` | `6.2.0` |\n| [github/codeql-action](https://github.com/github/codeql-action) | `3.36.0` | `4.36.0` |\n| [milanhorvatovic/codex-ai-code-review-action](https://github.com/milanhorvatovic/codex-ai-code-review-action) | `32cedc30758526efb279b82567144f0585be8321` | `af72a5bd7330432cee97137b04d04edebde80149` |\n| [actions/upload-artifact](https://github.com/actions/upload-artifact) | `4.6.2` | `7.0.1` |\n| [actions/download-artifact](https://github.com/actions/download-artifact) | `4.3.0` | `8.0.1` |\n| [actions/create-github-app-token](https://github.com/actions/create-github-app-token) | `3.1.1` | `3.2.0` |\n\n\nUpdates `actions/setup-python` from 5.6.0 to 6.2.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/setup-python/releases\"\u003eactions/setup-python's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.2.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eDependency Upgrades\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade dependencies to Node 24 compatible versions by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-python/pull/1259\"\u003eactions/setup-python#1259\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade urllib3 from 2.5.0 to 2.6.3 in \u003ccode\u003e/__tests__/data\u003c/code\u003e by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-python/pull/1253\"\u003eactions/setup-python#1253\u003c/a\u003e and \u003ca href=\"https://redirect.github.com/actions/setup-python/pull/1264\"\u003eactions/setup-python#1264\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/setup-python/compare/v6...v6.2.0\"\u003ehttps://github.com/actions/setup-python/compare/v6...v6.2.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.1.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eEnhancements:\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for \u003ccode\u003epip-install\u003c/code\u003e input by \u003ca href=\"https://github.com/gowridurgad\"\u003e\u003ccode\u003e@​gowridurgad\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-python/pull/1201\"\u003eactions/setup-python#1201\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd graalpy early-access and windows builds by \u003ca href=\"https://github.com/timfel\"\u003e\u003ccode\u003e@​timfel\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-python/pull/880\"\u003eactions/setup-python#880\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDependency and Documentation updates:\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eEnhanced wording and updated example usage for \u003ccode\u003eallow-prereleases\u003c/code\u003e by \u003ca href=\"https://github.com/yarikoptic\"\u003e\u003ccode\u003e@​yarikoptic\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-python/pull/979\"\u003eactions/setup-python#979\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade urllib3 from 1.26.19 to 2.5.0 and document breaking changes in v6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-python/pull/1139\"\u003eactions/setup-python#1139\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade typescript from 5.4.2 to 5.9.3 and Documentation update by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-python/pull/1094\"\u003eactions/setup-python#1094\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade actions/publish-action from 0.3.0 to 0.4.0 \u0026amp; Documentation update for pip-install input by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-python/pull/1199\"\u003eactions/setup-python#1199\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade requests from 2.32.2 to 2.32.4 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-python/pull/1130\"\u003eactions/setup-python#1130\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade prettier from 3.5.3 to 3.6.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-python/pull/1234\"\u003eactions/setup-python#1234\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade \u003ccode\u003e@​types/node\u003c/code\u003e from 24.1.0 to 24.9.1 and update macos-13 to macos-15-intel by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-python/pull/1235\"\u003eactions/setup-python#1235\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/yarikoptic\"\u003e\u003ccode\u003e@​yarikoptic\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/setup-python/pull/979\"\u003eactions/setup-python#979\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/setup-python/compare/v6...v6.1.0\"\u003ehttps://github.com/actions/setup-python/compare/v6...v6.1.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.0.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade to node 24 by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-python/pull/1164\"\u003eactions/setup-python#1164\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eMake sure your runner is on version v2.327.1 or later to ensure compatibility with this release. \u003ca href=\"https://github.com/actions/runner/releases/tag/v2.327.1\"\u003eSee Release Notes\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eEnhancements:\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for \u003ccode\u003epip-version\u003c/code\u003e  by \u003ca href=\"https://github.com/priyagupta108\"\u003e\u003ccode\u003e@​priyagupta108\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-python/pull/1129\"\u003eactions/setup-python#1129\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eEnhance reading from .python-version by \u003ca href=\"https://github.com/krystof-k\"\u003e\u003ccode\u003e@​krystof-k\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-python/pull/787\"\u003eactions/setup-python#787\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd version parsing from Pipfile by \u003ca href=\"https://github.com/aradkdj\"\u003e\u003ccode\u003e@​aradkdj\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-python/pull/1067\"\u003eactions/setup-python#1067\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug fixes:\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eClarify pythonLocation behaviour for PyPy and GraalPy in environment variables by \u003ca href=\"https://github.com/aparnajyothi-y\"\u003e\u003ccode\u003e@​aparnajyothi-y\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-python/pull/1183\"\u003eactions/setup-python#1183\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eChange missing cache directory error to warning  by \u003ca href=\"https://github.com/aparnajyothi-y\"\u003e\u003ccode\u003e@​aparnajyothi-y\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-python/pull/1182\"\u003eactions/setup-python#1182\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd Architecture-Specific PATH Management for Python with --user Flag on Windows by \u003ca href=\"https://github.com/aparnajyothi-y\"\u003e\u003ccode\u003e@​aparnajyothi-y\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-python/pull/1122\"\u003eactions/setup-python#1122\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eInclude python version in PyPy python-version output by \u003ca href=\"https://github.com/cdce8p\"\u003e\u003ccode\u003e@​cdce8p\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-python/pull/1110\"\u003eactions/setup-python#1110\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate docs: clarification on pip authentication with setup-python by \u003ca href=\"https://github.com/priya-kinthali\"\u003e\u003ccode\u003e@​priya-kinthali\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-python/pull/1156\"\u003eactions/setup-python#1156\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDependency updates:\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade idna from 2.9 to 3.7 in /\u003cstrong\u003etests\u003c/strong\u003e/data by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/setup-python/pull/843\"\u003eactions/setup-python#843\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade form-data to fix critical vulnerabilities \u003ca href=\"https://redirect.github.com/actions/setup-python/issues/182\"\u003e#182\u003c/a\u003e \u0026amp; \u003ca href=\"https://redirect.github.com/actions/setup-python/issues/183\"\u003e#183\u003c/a\u003e by \u003ca href=\"https://github.com/aparnajyothi-y\"\u003e\u003ccode\u003e@​aparnajyothi-y\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-python/pull/1163\"\u003eactions/setup-python#1163\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade setuptools to 78.1.1 to fix path traversal vulnerability in PackageIndex.download by \u003ca href=\"https://github.com/aparnajyothi-y\"\u003e\u003ccode\u003e@​aparnajyothi-y\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-python/pull/1165\"\u003eactions/setup-python#1165\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade actions/checkout from 4 to 5 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/setup-python/pull/1181\"\u003eactions/setup-python#1181\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade \u003ccode\u003e@​actions/tool-cache\u003c/code\u003e from 2.0.1 to 2.0.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/setup-python/pull/1095\"\u003eactions/setup-python#1095\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/setup-python/commit/a309ff8b426b58ec0e2a45f0f869d46889d02405\"\u003e\u003ccode\u003ea309ff8\u003c/code\u003e\u003c/a\u003e Bump urllib3 from 2.6.0 to 2.6.3 in /\u003cstrong\u003etests\u003c/strong\u003e/data (\u003ca href=\"https://redirect.github.com/actions/setup-python/issues/1264\"\u003e#1264\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/setup-python/commit/bfe8cc55a7890e3d6672eda6460ef37bfcc70755\"\u003e\u003ccode\u003ebfe8cc5\u003c/code\u003e\u003c/a\u003e Upgrade \u003ca href=\"https://github.com/actions\"\u003e\u003ccode\u003e@​actions\u003c/code\u003e\u003c/a\u003e dependencies to Node 24 compatible versions (\u003ca href=\"https://redirect.github.com/actions/setup-python/issues/1259\"\u003e#1259\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/setup-python/commit/4f41a90a1f38628c7ccc608d05fbafe701bc20ae\"\u003e\u003ccode\u003e4f41a90\u003c/code\u003e\u003c/a\u003e Bump urllib3 from 2.5.0 to 2.6.0 in /\u003cstrong\u003etests\u003c/strong\u003e/data (\u003ca href=\"https://redirect.github.com/actions/setup-python/issues/1253\"\u003e#1253\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/setup-python/commit/83679a892e2d95755f2dac6acb0bfd1e9ac5d548\"\u003e\u003ccode\u003e83679a8\u003c/code\u003e\u003c/a\u003e Bump \u003ccode\u003e@​types/node\u003c/code\u003e from 24.1.0 to 24.9.1 and update macos-13 to macos-15-intel ...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/setup-python/commit/bfc4944b43a5d84377eca3cf6ab5b7992ba61923\"\u003e\u003ccode\u003ebfc4944\u003c/code\u003e\u003c/a\u003e Bump prettier from 3.5.3 to 3.6.2 (\u003ca href=\"https://redirect.github.com/actions/setup-python/issues/1234\"\u003e#1234\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/setup-python/commit/97aeb3efb8a852c559869050c7fb175b4efcc8cf\"\u003e\u003ccode\u003e97aeb3e\u003c/code\u003e\u003c/a\u003e Bump requests from 2.32.2 to 2.32.4 in /\u003cstrong\u003etests\u003c/strong\u003e/data (\u003ca href=\"https://redirect.github.com/actions/setup-python/issues/1130\"\u003e#1130\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/setup-python/commit/443da59188462e2402e2942686db5aa6723f4bed\"\u003e\u003ccode\u003e443da59\u003c/code\u003e\u003c/a\u003e Bump actions/publish-action from 0.3.0 to 0.4.0 \u0026amp; Documentation update for pi...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/setup-python/commit/cfd55ca82492758d853442341ad4d8010466803a\"\u003e\u003ccode\u003ecfd55ca\u003c/code\u003e\u003c/a\u003e graalpy: add graalpy early-access and windows builds (\u003ca href=\"https://redirect.github.com/actions/setup-python/issues/880\"\u003e#880\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/setup-python/commit/bba65e51ff35d50c6dbaaacd8a4681db13aa7cb4\"\u003e\u003ccode\u003ebba65e5\u003c/code\u003e\u003c/a\u003e Bump typescript from 5.4.2 to 5.9.3 and update docs/advanced-usage.md (\u003ca href=\"https://redirect.github.com/actions/setup-python/issues/1094\"\u003e#1094\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/setup-python/commit/18566f86b301499665bd3eb1a2247e0849c64fa5\"\u003e\u003ccode\u003e18566f8\u003c/code\u003e\u003c/a\u003e Improve wording and \u0026quot;fix example\u0026quot; (remove 3.13) on testing against pre-releas...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/actions/setup-python/compare/a26af69be951a213d495a4c3e4e4022e16d87065...a309ff8b426b58ec0e2a45f0f869d46889d02405\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github/codeql-action` from 3.36.0 to 4.36.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/github/codeql-action/releases\"\u003egithub/codeql-action's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.36.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cem\u003eBreaking change\u003c/em\u003e: Bump the minimum required CodeQL bundle version to 2.19.4. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3894\"\u003e#3894\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd support for SHA-256 Git object IDs. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3893\"\u003e#3893\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.5\"\u003e2.25.5\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3926\"\u003e#3926\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.35.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eWe have improved how the JavaScript bundles for the CodeQL Action are generated to avoid duplication across bundles and reduce the size of the repository by around 70%. This should have no effect on the runtime behaviour of the CodeQL Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3899\"\u003e#3899\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFor performance and accuracy reasons, \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e will now only be enabled on a pull request when diff-informed analysis is also enabled for that run. If diff-informed analysis is unavailable (for example, because the PR diff ranges could not be computed), the action will fall back to a full analysis. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3791\"\u003e#3791\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIf multiple inputs are provided for the GitHub-internal \u003ccode\u003eanalysis-kinds\u003c/code\u003e input, only \u003ccode\u003ecode-scanning\u003c/code\u003e will be enabled. The \u003ccode\u003eanalysis-kinds\u003c/code\u003e input is experimental, for GitHub-internal use only, and may change without notice at any time. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3892\"\u003e#3892\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded an experimental change which, when running a Code Scanning analysis for a PR with \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e enabled, prefers CodeQL CLI versions that have a cached overlay-base database for the configured languages. This speeds up analysis for a repository when there is not yet a cached overlay-base database for the latest CLI version. We expect to roll this change out to everyone in May. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3880\"\u003e#3880\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.35.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.4\"\u003e2.25.4\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3881\"\u003e#3881\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.35.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cem\u003eUpcoming breaking change\u003c/em\u003e: Add a deprecation warning for customers using CodeQL version 2.19.3 and earlier. These versions of CodeQL were discontinued on 9 April 2026 alongside GitHub Enterprise Server 3.15, and will be unsupported by the next minor release of the CodeQL Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3837\"\u003e#3837\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eConfigurations for private registries that use Cloudsmith or GCP OIDC are now accepted. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3850\"\u003e#3850\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBest-effort connection tests for private registries now use \u003ccode\u003eGET\u003c/code\u003e requests instead of \u003ccode\u003eHEAD\u003c/code\u003e for better compatibility with various registry implementations. For NuGet feeds, the test is now always performed against the service index. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3853\"\u003e#3853\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed a bug where two diagnostics produced within the same millisecond could overwrite each other on disk, causing one of them to be lost. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3852\"\u003e#3852\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.3\"\u003e2.25.3\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3865\"\u003e#3865\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.35.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eThe undocumented TRAP cache cleanup feature that could be enabled using the \u003ccode\u003eCODEQL_ACTION_CLEANUP_TRAP_CACHES\u003c/code\u003e environment variable is deprecated and will be removed in May 2026. If you are affected by this, we recommend disabling TRAP caching by passing the \u003ccode\u003etrap-caching: false\u003c/code\u003e input to the \u003ccode\u003einit\u003c/code\u003e Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3795\"\u003e#3795\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe Git version 2.36.0 requirement for improved incremental analysis now only applies to repositories that contain submodules. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3789\"\u003e#3789\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePython analysis on GHES no longer extracts the standard library, relying instead on models of the standard library. This should result in significantly faster extraction and analysis times, while the effect on alerts should be minimal. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3794\"\u003e#3794\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed a bug in the validation of OIDC configurations for private registries that was added in CodeQL Action 4.33.0 / 3.33.0. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3807\"\u003e#3807\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.2\"\u003e2.25.2\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3823\"\u003e#3823\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.35.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix incorrect minimum required Git version for \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e: it should have been 2.36.0, not 2.11.0. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3781\"\u003e#3781\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.35.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReduced the minimum Git version required for \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e from 2.38.0 to 2.11.0. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3767\"\u003e#3767\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.1\"\u003e2.25.1\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3773\"\u003e#3773\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.34.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDowngrade default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.3\"\u003e2.24.3\u003c/a\u003e due to issues with a small percentage of Actions and JavaScript analyses. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3762\"\u003e#3762\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.34.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded an experimental change which disables TRAP caching when \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e is enabled, since improved incremental analysis supersedes TRAP caching. This will improve performance and reduce Actions cache usage. We expect to roll this change out to everyone in March. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3569\"\u003e#3569\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eWe are rolling out improved incremental analysis to C/C++ analyses that use build mode \u003ccode\u003enone\u003c/code\u003e. We expect this rollout to be complete by the end of April 2026. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3584\"\u003e#3584\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.0\"\u003e2.25.0\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3585\"\u003e#3585\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.33.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eUpcoming change: Starting April 2026, the CodeQL Action will skip collecting file coverage information on pull requests to improve analysis performance. File coverage information will still be computed on non-PR analyses. Pull request analyses will log a warning about this upcoming change. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3562\"\u003e#3562\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eTo opt out of this change:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eRepositories owned by an organization:\u003c/strong\u003e Create a custom repository property with the name \u003ccode\u003egithub-codeql-file-coverage-on-prs\u003c/code\u003e and the type \u0026quot;True/false\u0026quot;, then set this property to \u003ccode\u003etrue\u003c/code\u003e in the repository's settings. For more information, see \u003ca href=\"https://docs.github.com/en/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization\"\u003eManaging custom properties for repositories in your organization\u003c/a\u003e. Alternatively, if you are using an advanced setup workflow, you can set the \u003ccode\u003eCODEQL_ACTION_FILE_COVERAGE_ON_PRS\u003c/code\u003e environment variable to \u003ccode\u003etrue\u003c/code\u003e in your workflow.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUser-owned repositories using default setup:\u003c/strong\u003e Switch to an advanced setup workflow and set the \u003ccode\u003eCODEQL_ACTION_FILE_COVERAGE_ON_PRS\u003c/code\u003e environment variable to \u003ccode\u003etrue\u003c/code\u003e in your workflow.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUser-owned repositories using advanced setup:\u003c/strong\u003e Set the \u003ccode\u003eCODEQL_ACTION_FILE_COVERAGE_ON_PRS\u003c/code\u003e environment variable to \u003ccode\u003etrue\u003c/code\u003e in your workflow.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/github/codeql-action/blob/main/CHANGELOG.md\"\u003egithub/codeql-action's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eCodeQL Action Changelog\u003c/h1\u003e\n\u003cp\u003eSee the \u003ca href=\"https://github.com/github/codeql-action/releases\"\u003ereleases page\u003c/a\u003e for the relevant changes to the CodeQL CLI and language packs.\u003c/p\u003e\n\u003ch2\u003e[UNRELEASED]\u003c/h2\u003e\n\u003cp\u003eNo user facing changes.\u003c/p\u003e\n\u003ch2\u003e4.36.0 - 22 May 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cem\u003eBreaking change\u003c/em\u003e: Bump the minimum required CodeQL bundle version to 2.19.4. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3894\"\u003e#3894\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd support for SHA-256 Git object IDs. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3893\"\u003e#3893\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.5\"\u003e2.25.5\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3926\"\u003e#3926\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.5 - 15 May 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eWe have improved how the JavaScript bundles for the CodeQL Action are generated to avoid duplication across bundles and reduce the size of the repository by around 70%. This should have no effect on the runtime behaviour of the CodeQL Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3899\"\u003e#3899\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFor performance and accuracy reasons, \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e will now only be enabled on a pull request when diff-informed analysis is also enabled for that run. If diff-informed analysis is unavailable (for example, because the PR diff ranges could not be computed), the action will fall back to a full analysis. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3791\"\u003e#3791\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIf multiple inputs are provided for the GitHub-internal \u003ccode\u003eanalysis-kinds\u003c/code\u003e input, only \u003ccode\u003ecode-scanning\u003c/code\u003e will be enabled. The \u003ccode\u003eanalysis-kinds\u003c/code\u003e input is experimental, for GitHub-internal use only, and may change without notice at any time. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3892\"\u003e#3892\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded an experimental change which, when running a Code Scanning analysis for a PR with \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e enabled, prefers CodeQL CLI versions that have a cached overlay-base database for the configured languages. This speeds up analysis for a repository when there is not yet a cached overlay-base database for the latest CLI version. We expect to roll this change out to everyone in May. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3880\"\u003e#3880\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.4 - 07 May 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.4\"\u003e2.25.4\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3881\"\u003e#3881\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.3 - 01 May 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cem\u003eUpcoming breaking change\u003c/em\u003e: Add a deprecation warning for customers using CodeQL version 2.19.3 and earlier. These versions of CodeQL were discontinued on 9 April 2026 alongside GitHub Enterprise Server 3.15, and will be unsupported by the next minor release of the CodeQL Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3837\"\u003e#3837\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eConfigurations for private registries that use Cloudsmith or GCP OIDC are now accepted. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3850\"\u003e#3850\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBest-effort connection tests for private registries now use \u003ccode\u003eGET\u003c/code\u003e requests instead of \u003ccode\u003eHEAD\u003c/code\u003e for better compatibility with various registry implementations. For NuGet feeds, the test is now always performed against the service index. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3853\"\u003e#3853\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed a bug where two diagnostics produced within the same millisecond could overwrite each other on disk, causing one of them to be lost. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3852\"\u003e#3852\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.3\"\u003e2.25.3\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3865\"\u003e#3865\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.2 - 15 Apr 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eThe undocumented TRAP cache cleanup feature that could be enabled using the \u003ccode\u003eCODEQL_ACTION_CLEANUP_TRAP_CACHES\u003c/code\u003e environment variable is deprecated and will be removed in May 2026. If you are affected by this, we recommend disabling TRAP caching by passing the \u003ccode\u003etrap-caching: false\u003c/code\u003e input to the \u003ccode\u003einit\u003c/code\u003e Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3795\"\u003e#3795\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe Git version 2.36.0 requirement for improved incremental analysis now only applies to repositories that contain submodules. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3789\"\u003e#3789\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePython analysis on GHES no longer extracts the standard library, relying instead on models of the standard library. This should result in significantly faster extraction and analysis times, while the effect on alerts should be minimal. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3794\"\u003e#3794\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed a bug in the validation of OIDC configurations for private registries that was added in CodeQL Action 4.33.0 / 3.33.0. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3807\"\u003e#3807\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.2\"\u003e2.25.2\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3823\"\u003e#3823\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.1 - 27 Mar 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix incorrect minimum required Git version for \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e: it should have been 2.36.0, not 2.11.0. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3781\"\u003e#3781\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.0 - 27 Mar 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReduced the minimum Git version required for \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e from 2.38.0 to 2.11.0. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3767\"\u003e#3767\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.1\"\u003e2.25.1\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3773\"\u003e#3773\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/8442bc0af97ee8be3c2911e416d000f604f3e676\"\u003e\u003ccode\u003e8442bc0\u003c/code\u003e\u003c/a\u003e Release process: Automatically rebuild PRs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/26a1e570a60fdfa4479615ce1b9b70530319e14f\"\u003e\u003ccode\u003e26a1e57\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3913\"\u003e#3913\u003c/a\u003e from github/henrymercer/downgrade-ava\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/9b6438e93682cb5c2fab835f4e49084118ab1106\"\u003e\u003ccode\u003e9b6438e\u003c/code\u003e\u003c/a\u003e Tweak workflow\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/b5b50d62f11c6c50894a7083c6e4cda7f1bf112a\"\u003e\u003ccode\u003eb5b50d6\u003c/code\u003e\u003c/a\u003e Merge branch 'main' into henrymercer/repo-size-diff-check\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/9665bc2f5a0208583e1c0e97e1cba8e6497d6d44\"\u003e\u003ccode\u003e9665bc2\u003c/code\u003e\u003c/a\u003e Downgrade ava to version 6.4.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/5a80681bb6c514957ebf142061bb9243575ad592\"\u003e\u003ccode\u003e5a80681\u003c/code\u003e\u003c/a\u003e Address review comments\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/github/codeql-action/compare/03e4368ac7daa2bd82b3e85262f3bf87ee112f57...7211b7c8077ea37d8641b6271f6a365a22a5fbfa\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `milanhorvatovic/codex-ai-code-review-action` from 32cedc30758526efb279b82567144f0585be8321 to af72a5bd7330432cee97137b04d04edebde80149\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/milanhorvatovic/codex-ai-code-review-action/blob/main/CHANGELOG.md\"\u003emilanhorvatovic/codex-ai-code-review-action's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003cp\u003eAll notable changes to this project will be documented in this file.\u003c/p\u003e\n\u003cp\u003eThe format is based on \u003ca href=\"https://keepachangelog.com/en/1.1.0/\"\u003eKeep a Changelog\u003c/a\u003e, and this project adheres to \u003ca href=\"https://semver.org/spec/v2.0.0.html\"\u003eSemantic Versioning\u003c/a\u003e.\u003c/p\u003e\n\u003ch2\u003e[2.1.0] - 2026-05-13\u003c/h2\u003e\n\u003ch3\u003eAdded\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eci: dogfood the action on this repository's own PRs (\u003ca href=\"https://redirect.github.com/milanhorvatovic/codex-ai-code-review-action/pull/107\"\u003e#107\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eci: lint workflows with actionlint (\u003ca href=\"https://redirect.github.com/milanhorvatovic/codex-ai-code-review-action/pull/86\"\u003e#86\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efeat: automate release preparation via PR-driven workflow (\u003ca href=\"https://redirect.github.com/milanhorvatovic/codex-ai-code-review-action/pull/85\"\u003e#85\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efeat(prepare): add review-reference-source: base for tamper-resistant policy reads (\u003ca href=\"https://redirect.github.com/milanhorvatovic/codex-ai-code-review-action/pull/118\"\u003e#118\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eChanged\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBump vite to 8.0.5 to fix 3 Dependabot security alerts (\u003ca href=\"https://redirect.github.com/milanhorvatovic/codex-ai-code-review-action/pull/28\"\u003e#28\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003echore: unify and bump third-party action pins to latest (\u003ca href=\"https://redirect.github.com/milanhorvatovic/codex-ai-code-review-action/pull/67\"\u003e#67\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eci: harden Dependabot pipeline (concurrency + commit-message scope) (\u003ca href=\"https://redirect.github.com/milanhorvatovic/codex-ai-code-review-action/pull/142\"\u003e#142\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edocs: add enterprise fork/internal-mirror adoption path (\u003ca href=\"https://redirect.github.com/milanhorvatovic/codex-ai-code-review-action/pull/63\"\u003e#63\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edocs: add guidance for pinning action refs (\u003ca href=\"https://redirect.github.com/milanhorvatovic/codex-ai-code-review-action/pull/55\"\u003e#55\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edocs: add hardened production workflow example (\u003ca href=\"https://redirect.github.com/milanhorvatovic/codex-ai-code-review-action/pull/62\"\u003e#62\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edocs: add minimal quick start hardening disclaimer (\u003ca href=\"https://redirect.github.com/milanhorvatovic/codex-ai-code-review-action/pull/53\"\u003e#53\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edocs: add public-repo vs private-repo security guidance (\u003ca href=\"https://redirect.github.com/milanhorvatovic/codex-ai-code-review-action/pull/64\"\u003e#64\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edocs: add Responsibility boundary subsection to Security guidance (\u003ca href=\"https://redirect.github.com/milanhorvatovic/codex-ai-code-review-action/pull/65\"\u003e#65\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edocs: add Trust model section and refresh SECURITY.md (\u003ca href=\"https://redirect.github.com/milanhorvatovic/codex-ai-code-review-action/pull/60\"\u003e#60\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edocs: rename Quick start to Minimal quick start; add markdown-link-check config (\u003ca href=\"https://redirect.github.com/milanhorvatovic/codex-ai-code-review-action/pull/57\"\u003e#57\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edocs: standardize on US English and add documentation tone/style guide (\u003ca href=\"https://redirect.github.com/milanhorvatovic/codex-ai-code-review-action/pull/72\"\u003e#72\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edocs: warn against pull_request_target (\u003ca href=\"https://redirect.github.com/milanhorvatovic/codex-ai-code-review-action/pull/54\"\u003e#54\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eExtract verify-dist \u0026amp; setup-node-deps composites; split Verify Dist workflow; restore dist/ (\u003ca href=\"https://redirect.github.com/milanhorvatovic/codex-ai-code-review-action/pull/58\"\u003e#58\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efeat(prepare): add exclude-paths input for diff-level path exclusion (\u003ca href=\"https://redirect.github.com/milanhorvatovic/codex-ai-code-review-action/pull/121\"\u003e#121\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efeat(publish): flip fail-on-missing-chunks default to true in v2.1.0 (\u003ca href=\"https://redirect.github.com/milanhorvatovic/codex-ai-code-review-action/pull/116\"\u003e#116\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efeat(publish): Incomplete review banner + fail-on-missing-chunks input (\u003ca href=\"https://redirect.github.com/milanhorvatovic/codex-ai-code-review-action/pull/61\"\u003e#61\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003efix: stop SHA-only self-bumps from blocking Dependabot auto-merge (\u003ca href=\"https://redirect.github.com/milanhorvatovic/codex-ai-code-review-action/pull/113\"\u003e#113\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eFixed\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003esecurity: reject path traversal and symlinks in review-reference-file (\u003ca href=\"https://redirect.github.com/milanhorvatovic/codex-ai-code-review-action/pull/98\"\u003e#98\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eSecurity\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003edocs: document release-automation App identity in SECURITY.md (\u003ca href=\"https://redirect.github.com/milanhorvatovic/codex-ai-code-review-action/pull/84\"\u003e#84\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003edocs: update production docs and setup guidance for v2.1.0 (\u003ca href=\"https://redirect.github.com/milanhorvatovic/codex-ai-code-review-action/pull/102\"\u003e#102\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esecurity: reject path traversal and symlinks in review-reference-file (\u003ca href=\"https://redirect.github.com/milanhorvatovic/codex-ai-code-review-action/pull/98\"\u003e#98\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDependencies\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003echore: bump eslint from 10.2.1 to 10.3.0 in the dev-dependencies group (\u003ca href=\"https://redirect.github.com/milanhorvatovic/codex-ai-code-review-action/pull/111\"\u003e#111\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003echore: bump fast-xml-builder from 1.1.5 to 1.2.0 in the npm_and_yarn group across 1 directory (\u003ca href=\"https://redirect.github.com/milanhorvatovic/codex-ai-code-review-action/pull/130\"\u003e#130\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/milanhorvatovic/codex-ai-code-review-action/compare/32cedc30758526efb279b82567144f0585be8321...af72a5bd7330432cee97137b04d04edebde80149\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `actions/upload-artifact` from 4.6.2 to 7.0.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/upload-artifact/releases\"\u003eactions/upload-artifact's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.0.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate the readme with direct upload details by \u003ca href=\"https://github.com/danwkennedy\"\u003e\u003ccode\u003e@​danwkennedy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/upload-artifact/pull/795\"\u003eactions/upload-artifact#795\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eReadme: bump all the example versions to v7 by \u003ca href=\"https://github.com/danwkennedy\"\u003e\u003ccode\u003e@​danwkennedy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/upload-artifact/pull/796\"\u003eactions/upload-artifact#796\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eInclude changes in typespec/ts-http-runtime 0.3.5 by \u003ca href=\"https://github.com/yacaovsnc\"\u003e\u003ccode\u003e@​yacaovsnc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/upload-artifact/pull/797\"\u003eactions/upload-artifact#797\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/upload-artifact/compare/v7...v7.0.1\"\u003ehttps://github.com/actions/upload-artifact/compare/v7...v7.0.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev7.0.0\u003c/h2\u003e\n\u003ch2\u003ev7 What's new\u003c/h2\u003e\n\u003ch3\u003eDirect Uploads\u003c/h3\u003e\n\u003cp\u003eAdds support for uploading single files directly (unzipped). Callers can set the new \u003ccode\u003earchive\u003c/code\u003e parameter to \u003ccode\u003efalse\u003c/code\u003e to skip zipping the file during upload. Right now, we only support single files. The action will fail if the glob passed resolves to multiple files. The \u003ccode\u003ename\u003c/code\u003e parameter is also ignored with this setting. Instead, the name of the artifact will be the name of the uploaded file.\u003c/p\u003e\n\u003ch3\u003eESM\u003c/h3\u003e\n\u003cp\u003eTo support new versions of the \u003ccode\u003e@actions/*\u003c/code\u003e packages, we've upgraded the package to ESM.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd proxy integration test by \u003ca href=\"https://github.com/Link\"\u003e\u003ccode\u003e@​Link\u003c/code\u003e\u003c/a\u003e- in \u003ca href=\"https://redirect.github.com/actions/upload-artifact/pull/754\"\u003eactions/upload-artifact#754\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade the module to ESM and bump dependencies by \u003ca href=\"https://github.com/danwkennedy\"\u003e\u003ccode\u003e@​danwkennedy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/upload-artifact/pull/762\"\u003eactions/upload-artifact#762\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSupport direct file uploads by \u003ca href=\"https://github.com/danwkennedy\"\u003e\u003ccode\u003e@​danwkennedy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/upload-artifact/pull/764\"\u003eactions/upload-artifact#764\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Link\"\u003e\u003ccode\u003e@​Link\u003c/code\u003e\u003c/a\u003e- made their first contribution in \u003ca href=\"https://redirect.github.com/actions/upload-artifact/pull/754\"\u003eactions/upload-artifact#754\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/upload-artifact/compare/v6...v7.0.0\"\u003ehttps://github.com/actions/upload-artifact/compare/v6...v7.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.0.0\u003c/h2\u003e\n\u003ch2\u003ev6 - What's new\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!IMPORTANT]\nactions/upload-artifact@v6 now runs on Node.js 24 (\u003ccode\u003eruns.using: node24\u003c/code\u003e) and requires a minimum Actions Runner version of 2.327.1. If you are using self-hosted runners, ensure they are updated before upgrading.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003ch3\u003eNode.js 24\u003c/h3\u003e\n\u003cp\u003eThis release updates the runtime to Node.js 24. v5 had preliminary support for Node.js 24, however this action was by default still running on Node.js 20. Now this action by default will run on Node.js 24.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpload Artifact Node 24 support by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/upload-artifact/pull/719\"\u003eactions/upload-artifact#719\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: update \u003ccode\u003e@​actions/artifact\u003c/code\u003e for Node.js 24 punycode deprecation by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/upload-artifact/pull/744\"\u003eactions/upload-artifact#744\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eprepare release v6.0.0 for Node.js 24 support by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/upload-artifact/pull/745\"\u003eactions/upload-artifact#745\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/upload-artifact/compare/v5.0.0...v6.0.0\"\u003ehttps://github.com/actions/upload-artifact/compare/v5.0.0...v6.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.0.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-artifact/commit/043fb46d1a93c77aae656e7c1c64a875d1fc6a0a\"\u003e\u003ccode\u003e043fb46\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/upload-artifact/issues/797\"\u003e#797\u003c/a\u003e from actions/yacaovsnc/update-dependency\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-artifact/commit/634250c1388765ea7ed0f053e636f1f399000b94\"\u003e\u003ccode\u003e634250c\u003c/code\u003e\u003c/a\u003e Include changes in typespec/ts-http-runtime 0.3.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-artifact/commit/e454baaac2be505c9450e11b8f3215c6fc023ce8\"\u003e\u003ccode\u003ee454baa\u003c/code\u003e\u003c/a\u003e Readme: bump all the example versions to v7 (\u003ca href=\"https://redirect.github.com/actions/upload-artifact/issues/796\"\u003e#796\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-artifact/commit/74fad66b98a6d799dc004d3353ccd0e6f6b2530e\"\u003e\u003ccode\u003e74fad66\u003c/code\u003e\u003c/a\u003e Update the readme with direct upload details (\u003ca href=\"https://redirect.github.com/actions/upload-artifact/issues/795\"\u003e#795\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-artifact/commit/bbbca2ddaa5d8feaa63e36b76fdaad77386f024f\"\u003e\u003ccode\u003ebbbca2d\u003c/code\u003e\u003c/a\u003e Support direct file uploads (\u003ca href=\"https://redirect.github.com/actions/upload-artifact/issues/764\"\u003e#764\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-artifact/commit/589182c5a4cec8920b8c1bce3e2fab1c97a02296\"\u003e\u003ccode\u003e589182c\u003c/code\u003e\u003c/a\u003e Upgrade the module to ESM and bump dependencies (\u003ca href=\"https://redirect.github.com/actions/upload-artifact/issues/762\"\u003e#762\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-artifact/commit/47309c993abb98030a35d55ef7ff34b7fa1074b5\"\u003e\u003ccode\u003e47309c9\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/upload-artifact/issues/754\"\u003e#754\u003c/a\u003e from actions/Link-/add-proxy-integration-tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-artifact/commit/02a8460834e70dab0ce194c64360c59dc1475ef0\"\u003e\u003ccode\u003e02a8460\u003c/code\u003e\u003c/a\u003e Add proxy integration test\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-artifact/commit/b7c566a772e6b6bfb58ed0dc250532a479d7789f\"\u003e\u003ccode\u003eb7c566a\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/upload-artifact/issues/745\"\u003e#745\u003c/a\u003e from actions/upload-artifact-v6-release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-artifact/commit/e516bc8500aaf3d07d591fcd4ae6ab5f9c391d5b\"\u003e\u003ccode\u003ee516bc8\u003c/code\u003e\u003c/a\u003e docs: correct description of Node.js 24 support in README\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/actions/upload-artifact/compare/v4.6.2...043fb46d1a93c77aae656e7c1c64a875d1fc6a0a\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `actions/download-artifact` from 4.3.0 to 8.0.1\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/download-artifact/releases\"\u003eactions/download-artifact's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev8.0.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSupport for CJK characters in the artifact name by \u003ca href=\"https://github.com/danwkennedy\"\u003e\u003ccode\u003e@​danwkennedy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/download-artifact/pull/471\"\u003eactions/download-artifact#471\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd a regression test for artifact name + content-type mismatches by \u003ca href=\"https://github.com/danwkennedy\"\u003e\u003ccode\u003e@​danwkennedy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/download-artifact/pull/472\"\u003eactions/download-artifact#472\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/download-artifact/compare/v8...v8.0.1\"\u003ehttps://github.com/actions/download-artifact/compare/v8...v8.0.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev8.0.0\u003c/h2\u003e\n\u003ch2\u003ev8 - What's new\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!IMPORTANT]\nactions/download-artifact@v8 has been migrated to an ESM module. This should be transparent to the caller but forks might need to make significant changes.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!IMPORTANT]\nHash mismatches will now error by default. Users can override this behavior with a setting change (see below).\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003ch3\u003eDirect downloads\u003c/h3\u003e\n\u003cp\u003eTo support direct uploads in \u003ccode\u003eactions/upload-artifact\u003c/code\u003e, the action will no longer attempt to unzip all downloaded files. Instead, the action checks the \u003ccode\u003eContent-Type\u003c/code\u003e header ahead of unzipping and skips non-zipped files. Callers wishing to download a zipped file as-is can also set the new \u003ccode\u003eskip-decompress\u003c/code\u003e parameter to \u003ccode\u003etrue\u003c/code\u003e.\u003c/p\u003e\n\u003ch3\u003eEnforced checks (breaking)\u003c/h3\u003e\n\u003cp\u003eA previous release introduced digest checks on the download. If a download hash didn't match the expected hash from the server, the action would log a warning. Callers can now configure the behavior on mismatch with the \u003ccode\u003edigest-mismatch\u003c/code\u003e parameter. To be secure by default, we are now defaulting the behavior to \u003ccode\u003eerror\u003c/code\u003e which will fail the workflow run.\u003c/p\u003e\n\u003ch3\u003eESM\u003c/h3\u003e\n\u003cp\u003eTo support new versions of the @actions/* packages, we've upgraded the package to ESM.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDon't attempt to un-zip non-zipped downloads by \u003ca href=\"https://github.com/danwkennedy\"\u003e\u003ccode\u003e@​danwkennedy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/download-artifact/pull/460\"\u003eactions/download-artifact#460\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd a setting to specify what to do on hash mismatch and default it to \u003ccode\u003eerror\u003c/code\u003e by \u003ca href=\"https://github.com/danwkennedy\"\u003e\u003ccode\u003e@​danwkennedy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/download-artifact/pull/461\"\u003eactions/download-artifact#461\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/download-artifact/compare/v7...v8.0.0\"\u003ehttps://github.com/actions/download-artifact/compare/v7...v8.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev7.0.0\u003c/h2\u003e\n\u003ch2\u003ev7 - What's new\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!IMPORTANT]\nactions/download-artifact@v7 now runs on Node.js 24 (\u003ccode\u003eruns.using: node24\u003c/code\u003e) and requires a minimum Actions Runner version of 2.327.1. If you are using self-hosted runners, ensure they are updated before upgrading.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003ch3\u003eNode.js 24\u003c/h3\u003e\n\u003cp\u003eThis release updates the runtime to Node.js 24. v6 had preliminary support for Node 24, however this action was by default still running on Node.js 20. Now this action by default will run on Node.js 24.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate GHES guidance to include reference to Node 20 version by \u003ca href=\"https://github.com/patrikpolyak\"\u003e\u003ccode\u003e@​patrikpolyak\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/download-artifact/pull/440\"\u003eactions/download-artifact#440\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDownload Artifact Node24 support by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/download-artifact/pull/415\"\u003eactions/download-artifact#415\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: update \u003ccode\u003e@​actions/artifact\u003c/code\u003e to fix Node.js 24 punycode deprecation by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/download-artifact/pull/451\"\u003eactions/download-artifact#451\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eprepare release v7.0.0 for Node.js 24 support by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/download-artifact/pull/452\"\u003eactions/download-artifact#452\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/download-artifact/commit/3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c\"\u003e\u003ccode\u003e3e5f45b\u003c/code\u003e\u003c/a\u003e Add regression tests for CJK characters (\u003ca href=\"https://redirect.github.com/actions/download-artifact/issues/471\"\u003e#471\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/download-artifact/commit/e6d03f67377d4412c7aa56a8e2e4988e6ec479dd\"\u003e\u003ccode\u003ee6d03f6\u003c/code\u003e\u003c/a\u003e Add a regression test for artifact name + content-type mismatches (\u003ca href=\"https://redirect.github.com/actions/download-artifact/issues/472\"\u003e#472\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/download-artifact/commit/70fc10c6e5e1ce46ad2ea6f2b72d43f7d47b13c3\"\u003e\u003ccode\u003e70fc10c\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/download-artifact/issues/461\"\u003e#461\u003c/a\u003e from actions/danwkennedy/digest-mismatch-behavior\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/download-artifact/commit/f258da9a506b755b84a09a531814700b86ccfc62\"\u003e\u003ccode\u003ef258da9\u003c/code\u003e\u003c/a\u003e Add change docs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/download-artifact/commit/ccc058e5fbb0bb2352213eaec3491e117cbc4a5c\"\u003e\u003ccode\u003eccc058e\u003c/code\u003e\u003c/a\u003e Fix linting issues\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/download-artifact/commit/bd7976ba57ecea96e6f3df575eb922d11a12a9fd\"\u003e\u003ccode\u003ebd7976b\u003c/code\u003e\u003c/a\u003e Add a setting to specify what to do on hash mismatch and default it to \u003ccode\u003eerror\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/download-artifact/commit/ac21fcf45e0aaee541c0f7030558bdad38d77d6c\"\u003e\u003ccode\u003eac21fcf\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/download-artifact/issues/460\"\u003e#460\u003c/a\u003e from actions/danwkennedy/download-no-unzip\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/download-artifact/commit/15999bff51058bc7c19b50ebbba518eaef7c26c0\"\u003e\u003ccode\u003e15999bf\u003c/code\u003e\u003c/a\u003e Add note about package bumps\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/download-artifact/commit/974686ed5098c7f9c9289ec946b9058e496a2561\"\u003e\u003ccode\u003e974686e\u003c/code\u003e\u003c/a\u003e Bump the version to \u003ccode\u003ev8\u003c/code\u003e and add release notes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/download-artifact/commit/fbe48b1d2756394be4cd4358ed3bc1343b330e75\"\u003e\u003ccode\u003efbe48b1\u003c/code\u003e\u003c/a\u003e Update test names to make it clearer what they do\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/actions/download-artifact/compare/v4.3.0...3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `actions/create-github-app-token` from 3.1.1 to 3.2.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/create-github-app-token/releases\"\u003eactions/create-github-app-token's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.2.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/compare/v3.1.1...v3.2.0\"\u003e3.2.0\u003c/a\u003e (2026-05-12)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd support for enterprise-level GitHub Apps (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/263\"\u003e#263\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/952a2a7073df6bfa5f49bc469ec895b6ec1acea4\"\u003e952a2a7\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esupport full repository names in \u003ccode\u003erepositories\u003c/code\u003e input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/372\"\u003e#372\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/85eb8dd41472213aed25d1a126460e0069138ab6\"\u003e85eb8dd\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1 in the production-dependencies group (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/364\"\u003e#364\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/43e5c345bfd4d4f3ecea019ad0042001a09dd857\"\u003e43e5c34\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003evalidate private-key input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/376\"\u003e#376\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/f24bbd89643991c0de27ae823c01791b2c6bafdd\"\u003ef24bbd8\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/create-github-app-token/blob/main/CHANGELOG.md\"\u003eactions/create-github-app-token's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/compare/v3.1.1...v3.2.0\"\u003e3.2.0\u003c/a\u003e (2026-05-12)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd support for enterprise-level GitHub Apps (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/263\"\u003e#263\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/952a2a7073df6bfa5f49bc469ec895b6ec1acea4\"\u003e952a2a7\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esupport full repository names in \u003ccode\u003erepositories\u003c/code\u003e input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/372\"\u003e#372\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/85eb8dd41472213aed25d1a126460e0069138ab6\"\u003e85eb8dd\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1 in the production-dependencies group (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/364\"\u003e#364\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/43e5c345bfd4d4f3ecea019ad0042001a09dd857\"\u003e43e5c34\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003evalidate private-key input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/376\"\u003e#376\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/f24bbd89643991c0de27ae823c01791b2c6bafdd\"\u003ef24bbd8\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/bcd2ba49218906704ab6c1aa796996da409d3eb1\"\u003e\u003ccode\u003ebcd2ba4\u003c/code\u003e\u003c/a\u003e chore(main): release 3.2.0 (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/370\"\u003e#370\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/f24bbd89643991c0de27ae823c01791b2c6bafdd\"\u003e\u003ccode\u003ef24bbd8\u003c/code\u003e\u003c/a\u003e fix: validate private-key input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/376\"\u003e#376\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/363531b6d972a60a00b3f1e6bb139e5e6c764cd9\"\u003e\u003ccode\u003e363531b\u003c/code\u003e\u003c/a\u003e docs: capitalize Git as a proper noun in README (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/374\"\u003e#374\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/fd2801133e469d2950f2c5af5e591d6b2ad833c8\"\u003e\u003ccode\u003efd28011\u003c/code\u003e\u003c/a\u003e docs: update procedure to configure Git (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/287\"\u003e#287\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/85eb8dd41472213aed25d1a126460e0069138ab6\"\u003e\u003ccode\u003e85eb8dd\u003c/code\u003e\u003c/a\u003e feat: support full repository names in \u003ccode\u003erepositories\u003c/code\u003e input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/372\"\u003e#372\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/c9aabb83728c3bd519212fa657ebc07e1f2a5dec\"\u003e\u003ccode\u003ec9aabb8\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump yaml from 2.8.3 to 2.8.4 in the development-dependencie...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/e02e816e5591415258a53bf735aff57977dcd5e2\"\u003e\u003ccode\u003ee02e816\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump undici from 7.24.6 to 8.2.0 (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/366\"\u003e#366\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/8d835bfd37aa48fcb8e709925115857568d98bc4\"\u003e\u003ccode\u003e8d835bf\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump esbuild from 0.27.4 to 0.28.0 in the development-depend...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/952a2a7073df6bfa5f49bc469ec895b6ec1acea4\"\u003e\u003ccode\u003e952a2a7\u003c/code\u003e\u003c/a\u003e feat: add support for enterprise-level GitHub Apps (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/263\"\u003e#263\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/43e5c345bfd4d4f3ecea019ad0042001a09dd857\"\u003e\u003ccode\u003e43e5c34\u003c/code\u003e\u003c/a\u003e fix(deps): bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1 in the production-dependenc...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/actions/create-github-app-token/compare/1b10c78c7865c340bc4f6099eb2f838309f1e8c3...bcd2ba49218906704ab6c1aa796996da409d3eb1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e","html_url":"https://github.com/milanhorvatovic/skill-system-foundry/pull/162","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/milanhorvatovic%2Fskill-system-foundry/issues/162","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/162/packages"}},{"old_version":"3.1.1","new_version":"3.2.0","update_type":"minor","path":null,"pr_created_at":"2026-05-23T07:08:02.000Z","version_change":"3.1.1 → 3.2.0","issue":{"uuid":"4507254182","node_id":"PR_kwDOSTHQ0c7ek0Tl","number":438,"state":"open","title":"chore: bump the actions group with 4 updates","user":"dependabot[bot]","labels":["chore","size/S","📦 dependencies"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-23T07:08:02.000Z","updated_at":"2026-05-23T07:08:15.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore: bump","group_name":"actions","update_count":4,"packages":[{"name":"rharkor/caching-for-turbo","old_version":"2.4.0","new_version":"2.4.2","repository_url":"https://github.com/rharkor/caching-for-turbo"},{"name":"github/codeql-action","old_version":"4.35.4","new_version":"4.35.5","repository_url":"https://github.com/github/codeql-action"},{"name":"actions/create-github-app-token","old_version":"3.1.1","new_version":"3.2.0","repository_url":"https://github.com/actions/create-github-app-token"},{"name":"azure/trusted-signing-action","old_version":"1.2.0","new_version":"2.0.0","repository_url":"https://github.com/azure/trusted-signing-action"}],"path":null,"ecosystem":"actions"},"body":"Bumps the actions group with 4 updates: [rharkor/caching-for-turbo](https://github.com/rharkor/caching-for-turbo), [github/codeql-action](https://github.com/github/codeql-action), [actions/create-github-app-token](https://github.com/actions/create-github-app-token) and [azure/trusted-signing-action](https://github.com/azure/trusted-signing-action).\n\nUpdates `rharkor/caching-for-turbo` from 2.4.0 to 2.4.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/rharkor/caching-for-turbo/releases\"\u003erharkor/caching-for-turbo's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.4.2\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/rharkor/caching-for-turbo/compare/v2.4.1...v2.4.2\"\u003e2.4.2\u003c/a\u003e (2026-05-15)\u003c/h2\u003e\n\u003ch3\u003eMiscellaneous Chores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update aws-sdk-js-v3 monorepo to v3.1046.0 (\u003ca href=\"https://redirect.github.com/rharkor/caching-for-turbo/issues/924\"\u003e#924\u003c/a\u003e) (\u003ca href=\"https://github.com/rharkor/caching-for-turbo/commit/1097ea0917d4ea330e130d4e667ae03b78b09e80\"\u003e1097ea0\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update aws-sdk-js-v3 monorepo to v3.1047.0 (\u003ca href=\"https://redirect.github.com/rharkor/caching-for-turbo/issues/928\"\u003e#928\u003c/a\u003e) (\u003ca href=\"https://github.com/rharkor/caching-for-turbo/commit/e479b5ad758bb348b0a9b02844ae01c7c806e22c\"\u003ee479b5a\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update dependency \u003ccode\u003e@​types/node\u003c/code\u003e to v24.12.4 (\u003ca href=\"https://redirect.github.com/rharkor/caching-for-turbo/issues/922\"\u003e#922\u003c/a\u003e) (\u003ca href=\"https://github.com/rharkor/caching-for-turbo/commit/48e0a229bea36515b8f592d32a0612cbfb879d25\"\u003e48e0a22\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update dependency tsx to v4.21.1 (\u003ca href=\"https://redirect.github.com/rharkor/caching-for-turbo/issues/925\"\u003e#925\u003c/a\u003e) (\u003ca href=\"https://github.com/rharkor/caching-for-turbo/commit/a8fb8606bd25aa6aa8d907f3fa09750a1e197f0e\"\u003ea8fb860\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update dependency tsx to v4.22.0 (\u003ca href=\"https://redirect.github.com/rharkor/caching-for-turbo/issues/926\"\u003e#926\u003c/a\u003e) (\u003ca href=\"https://github.com/rharkor/caching-for-turbo/commit/be65592a32eee326ba0450df565df389b2d3fe22\"\u003ebe65592\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update dependency turbo to v2.9.14 (\u003ca href=\"https://redirect.github.com/rharkor/caching-for-turbo/issues/927\"\u003e#927\u003c/a\u003e) (\u003ca href=\"https://github.com/rharkor/caching-for-turbo/commit/228e10fa85ed2aa1a39b1ab8782e9a56e43f9be8\"\u003e228e10f\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update dependency wait-on to v9.0.10 (\u003ca href=\"https://redirect.github.com/rharkor/caching-for-turbo/issues/919\"\u003e#919\u003c/a\u003e) (\u003ca href=\"https://github.com/rharkor/caching-for-turbo/commit/e38d6a8f6756436e9b9dccffcad76f2ca5204052\"\u003ee38d6a8\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e update typescript-eslint monorepo to v8.59.3 (\u003ca href=\"https://redirect.github.com/rharkor/caching-for-turbo/issues/921\"\u003e#921\u003c/a\u003e) (\u003ca href=\"https://github.com/rharkor/caching-for-turbo/commit/8b547c3077086499d515c4d7242e00c70643f93f\"\u003e8b547c3\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003esync:\u003c/strong\u003e restore package.json from main (\u003ca href=\"https://github.com/rharkor/caching-for-turbo/commit/45a958f8aaffc30acdeceb1aab6a6ac508b92386\"\u003e45a958f\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eCI/CD\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003etrigger PR checks with pull_request instead of pull_request_target (\u003ca href=\"https://github.com/rharkor/caching-for-turbo/commit/a900bf2795960299444b4a5a981a7b9fd015e941\"\u003ea900bf2\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev2.4.1\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/rharkor/caching-for-turbo/compare/v2.4.0...v2.4.1\"\u003e2.4.1\u003c/a\u003e (2026-05-13)\u003c/h2\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eformat (\u003ca href=\"https://github.com/rharkor/caching-for-turbo/commit/b202f94262701ce5f5ceb0d3c6ec818edb12b1e1\"\u003eb202f94\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMiscellaneous Chores\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003esync:\u003c/strong\u003e restore package.json from main (\u003ca href=\"https://github.com/rharkor/caching-for-turbo/commit/ee71897b0c458f948fe04a13808f750683359fca\"\u003eee71897\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rharkor/caching-for-turbo/commit/5d14fba18e450c09393333cfd4242e8b3cb455a6\"\u003e\u003ccode\u003e5d14fba\u003c/code\u003e\u003c/a\u003e chore(release): 2.4.2 [skip ci]\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rharkor/caching-for-turbo/commit/45a958f8aaffc30acdeceb1aab6a6ac508b92386\"\u003e\u003ccode\u003e45a958f\u003c/code\u003e\u003c/a\u003e chore(sync): restore package.json from main\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rharkor/caching-for-turbo/commit/3b4c3d80e7ba25b2efff7e332a08e4877dbf1880\"\u003e\u003ccode\u003e3b4c3d8\u003c/code\u003e\u003c/a\u003e Merge remote-tracking branch 'origin/main' into main-release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rharkor/caching-for-turbo/commit/7ca2ad4301ad4c5744006c694931f175b3b5f34f\"\u003e\u003ccode\u003e7ca2ad4\u003c/code\u003e\u003c/a\u003e Merge branch 'main' of github.com:rharkor/caching-for-turbo\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rharkor/caching-for-turbo/commit/a900bf2795960299444b4a5a981a7b9fd015e941\"\u003e\u003ccode\u003ea900bf2\u003c/code\u003e\u003c/a\u003e ci: trigger PR checks with pull_request instead of pull_request_target\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rharkor/caching-for-turbo/commit/e479b5ad758bb348b0a9b02844ae01c7c806e22c\"\u003e\u003ccode\u003ee479b5a\u003c/code\u003e\u003c/a\u003e chore(deps): update aws-sdk-js-v3 monorepo to v3.1047.0 (\u003ca href=\"https://redirect.github.com/rharkor/caching-for-turbo/issues/928\"\u003e#928\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rharkor/caching-for-turbo/commit/228e10fa85ed2aa1a39b1ab8782e9a56e43f9be8\"\u003e\u003ccode\u003e228e10f\u003c/code\u003e\u003c/a\u003e chore(deps): update dependency turbo to v2.9.14 (\u003ca href=\"https://redirect.github.com/rharkor/caching-for-turbo/issues/927\"\u003e#927\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rharkor/caching-for-turbo/commit/be65592a32eee326ba0450df565df389b2d3fe22\"\u003e\u003ccode\u003ebe65592\u003c/code\u003e\u003c/a\u003e chore(deps): update dependency tsx to v4.22.0 (\u003ca href=\"https://redirect.github.com/rharkor/caching-for-turbo/issues/926\"\u003e#926\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rharkor/caching-for-turbo/commit/a8fb8606bd25aa6aa8d907f3fa09750a1e197f0e\"\u003e\u003ccode\u003ea8fb860\u003c/code\u003e\u003c/a\u003e chore(deps): update dependency tsx to v4.21.1 (\u003ca href=\"https://redirect.github.com/rharkor/caching-for-turbo/issues/925\"\u003e#925\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/rharkor/caching-for-turbo/commit/1097ea0917d4ea330e130d4e667ae03b78b09e80\"\u003e\u003ccode\u003e1097ea0\u003c/code\u003e\u003c/a\u003e chore(deps): update aws-sdk-js-v3 monorepo to v3.1046.0 (\u003ca href=\"https://redirect.github.com/rharkor/caching-for-turbo/issues/924\"\u003e#924\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/rharkor/caching-for-turbo/compare/564b6d155a4aec5ada97411ba7f7956e4bac890a...5d14fba18e450c09393333cfd4242e8b3cb455a6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github/codeql-action` from 4.35.4 to 4.35.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/github/codeql-action/releases\"\u003egithub/codeql-action's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.35.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eWe have improved how the JavaScript bundles for the CodeQL Action are generated to avoid duplication across bundles and reduce the size of the repository by around 70%. This should have no effect on the runtime behaviour of the CodeQL Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3899\"\u003e#3899\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFor performance and accuracy reasons, \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e will now only be enabled on a pull request when diff-informed analysis is also enabled for that run. If diff-informed analysis is unavailable (for example, because the PR diff ranges could not be computed), the action will fall back to a full analysis. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3791\"\u003e#3791\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIf multiple inputs are provided for the GitHub-internal \u003ccode\u003eanalysis-kinds\u003c/code\u003e input, only \u003ccode\u003ecode-scanning\u003c/code\u003e will be enabled. The \u003ccode\u003eanalysis-kinds\u003c/code\u003e input is experimental, for GitHub-internal use only, and may change without notice at any time. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3892\"\u003e#3892\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded an experimental change which, when running a Code Scanning analysis for a PR with \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e enabled, prefers CodeQL CLI versions that have a cached overlay-base database for the configured languages. This speeds up analysis for a repository when there is not yet a cached overlay-base database for the latest CLI version. We expect to roll this change out to everyone in May. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3880\"\u003e#3880\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/github/codeql-action/blob/main/CHANGELOG.md\"\u003egithub/codeql-action's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eCodeQL Action Changelog\u003c/h1\u003e\n\u003cp\u003eSee the \u003ca href=\"https://github.com/github/codeql-action/releases\"\u003ereleases page\u003c/a\u003e for the relevant changes to the CodeQL CLI and language packs.\u003c/p\u003e\n\u003ch2\u003e[UNRELEASED]\u003c/h2\u003e\n\u003cp\u003eNo user facing changes.\u003c/p\u003e\n\u003ch2\u003e4.36.0 - 22 May 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cem\u003eBreaking change\u003c/em\u003e: Bump the minimum required CodeQL bundle version to 2.19.4. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3894\"\u003e#3894\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd support for SHA-256 Git object IDs. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3893\"\u003e#3893\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.5\"\u003e2.25.5\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3926\"\u003e#3926\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.5 - 15 May 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eWe have improved how the JavaScript bundles for the CodeQL Action are generated to avoid duplication across bundles and reduce the size of the repository by around 70%. This should have no effect on the runtime behaviour of the CodeQL Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3899\"\u003e#3899\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFor performance and accuracy reasons, \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e will now only be enabled on a pull request when diff-informed analysis is also enabled for that run. If diff-informed analysis is unavailable (for example, because the PR diff ranges could not be computed), the action will fall back to a full analysis. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3791\"\u003e#3791\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIf multiple inputs are provided for the GitHub-internal \u003ccode\u003eanalysis-kinds\u003c/code\u003e input, only \u003ccode\u003ecode-scanning\u003c/code\u003e will be enabled. The \u003ccode\u003eanalysis-kinds\u003c/code\u003e input is experimental, for GitHub-internal use only, and may change without notice at any time. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3892\"\u003e#3892\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded an experimental change which, when running a Code Scanning analysis for a PR with \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e enabled, prefers CodeQL CLI versions that have a cached overlay-base database for the configured languages. This speeds up analysis for a repository when there is not yet a cached overlay-base database for the latest CLI version. We expect to roll this change out to everyone in May. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3880\"\u003e#3880\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.4 - 07 May 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.4\"\u003e2.25.4\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3881\"\u003e#3881\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.3 - 01 May 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cem\u003eUpcoming breaking change\u003c/em\u003e: Add a deprecation warning for customers using CodeQL version 2.19.3 and earlier. These versions of CodeQL were discontinued on 9 April 2026 alongside GitHub Enterprise Server 3.15, and will be unsupported by the next minor release of the CodeQL Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3837\"\u003e#3837\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eConfigurations for private registries that use Cloudsmith or GCP OIDC are now accepted. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3850\"\u003e#3850\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBest-effort connection tests for private registries now use \u003ccode\u003eGET\u003c/code\u003e requests instead of \u003ccode\u003eHEAD\u003c/code\u003e for better compatibility with various registry implementations. For NuGet feeds, the test is now always performed against the service index. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3853\"\u003e#3853\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed a bug where two diagnostics produced within the same millisecond could overwrite each other on disk, causing one of them to be lost. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3852\"\u003e#3852\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.3\"\u003e2.25.3\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3865\"\u003e#3865\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.2 - 15 Apr 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eThe undocumented TRAP cache cleanup feature that could be enabled using the \u003ccode\u003eCODEQL_ACTION_CLEANUP_TRAP_CACHES\u003c/code\u003e environment variable is deprecated and will be removed in May 2026. If you are affected by this, we recommend disabling TRAP caching by passing the \u003ccode\u003etrap-caching: false\u003c/code\u003e input to the \u003ccode\u003einit\u003c/code\u003e Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3795\"\u003e#3795\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe Git version 2.36.0 requirement for improved incremental analysis now only applies to repositories that contain submodules. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3789\"\u003e#3789\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePython analysis on GHES no longer extracts the standard library, relying instead on models of the standard library. This should result in significantly faster extraction and analysis times, while the effect on alerts should be minimal. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3794\"\u003e#3794\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed a bug in the validation of OIDC configurations for private registries that was added in CodeQL Action 4.33.0 / 3.33.0. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3807\"\u003e#3807\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.2\"\u003e2.25.2\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3823\"\u003e#3823\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.1 - 27 Mar 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix incorrect minimum required Git version for \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e: it should have been 2.36.0, not 2.11.0. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3781\"\u003e#3781\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.0 - 27 Mar 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReduced the minimum Git version required for \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e from 2.38.0 to 2.11.0. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3767\"\u003e#3767\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.1\"\u003e2.25.1\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3773\"\u003e#3773\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/9e0d7b8d25671d64c341c19c0152d693099fb5ba\"\u003e\u003ccode\u003e9e0d7b8\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3905\"\u003e#3905\u003c/a\u003e from github/update-v4.35.5-d4b485515\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/6d7d59927c0c7336c1d1247c7e159e79edbf7684\"\u003e\u003ccode\u003e6d7d599\u003c/code\u003e\u003c/a\u003e Add changelog entry for \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3899\"\u003e#3899\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/51f7e38c69d3cd7966375fe0ffff19669f22bd14\"\u003e\u003ccode\u003e51f7e38\u003c/code\u003e\u003c/a\u003e Update changelog for v4.35.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/d4b485515e8531d7071a39d526213eb5b2e74a11\"\u003e\u003ccode\u003ed4b4855\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3899\"\u003e#3899\u003c/a\u003e from github/mbg/esbuild/split\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/127de8117f134e8809c127d53e940b3ffc1db8e9\"\u003e\u003ccode\u003e127de81\u003c/code\u003e\u003c/a\u003e Merge remote-tracking branch 'origin/main' into mbg/esbuild/split\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/7fde13f26ad3f7008e8fe6755cb997b54f7a2f3b\"\u003e\u003ccode\u003e7fde13f\u003c/code\u003e\u003c/a\u003e Use src + basename in header to avoid issues on Windows\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/dfa61e7305ed28b74dcc2c68bd665b36751ad933\"\u003e\u003ccode\u003edfa61e7\u003c/code\u003e\u003c/a\u003e Improve pattern matching and error handling\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/52aafec07347933a26e670390c3f894c5c05e64a\"\u003e\u003ccode\u003e52aafec\u003c/code\u003e\u003c/a\u003e Import and call \u003ccode\u003erunWrapper\u003c/code\u003e normally in \u003ccode\u003eanalyze\u003c/code\u003e tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/0d08c01f7874da2f932e4d4e4d42b1c43be88111\"\u003e\u003ccode\u003e0d08c01\u003c/code\u003e\u003c/a\u003e Auto-generate shared bundle\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/14085a675cb6d8cddc805b946cc1d51e3232a204\"\u003e\u003ccode\u003e14085a6\u003c/code\u003e\u003c/a\u003e Auto-generate entry points\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/github/codeql-action/compare/68bde559dea0fdcac2102bfdf6230c5f70eb485e...9e0d7b8d25671d64c341c19c0152d693099fb5ba\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `actions/create-github-app-token` from 3.1.1 to 3.2.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/create-github-app-token/releases\"\u003eactions/create-github-app-token's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.2.0\u003c/h2\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/compare/v3.1.1...v3.2.0\"\u003e3.2.0\u003c/a\u003e (2026-05-12)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd support for enterprise-level GitHub Apps (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/263\"\u003e#263\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/952a2a7073df6bfa5f49bc469ec895b6ec1acea4\"\u003e952a2a7\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esupport full repository names in \u003ccode\u003erepositories\u003c/code\u003e input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/372\"\u003e#372\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/85eb8dd41472213aed25d1a126460e0069138ab6\"\u003e85eb8dd\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1 in the production-dependencies group (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/364\"\u003e#364\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/43e5c345bfd4d4f3ecea019ad0042001a09dd857\"\u003e43e5c34\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003evalidate private-key input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/376\"\u003e#376\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/f24bbd89643991c0de27ae823c01791b2c6bafdd\"\u003ef24bbd8\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/create-github-app-token/blob/main/CHANGELOG.md\"\u003eactions/create-github-app-token's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/compare/v3.1.1...v3.2.0\"\u003e3.2.0\u003c/a\u003e (2026-05-12)\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd support for enterprise-level GitHub Apps (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/263\"\u003e#263\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/952a2a7073df6bfa5f49bc469ec895b6ec1acea4\"\u003e952a2a7\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003esupport full repository names in \u003ccode\u003erepositories\u003c/code\u003e input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/372\"\u003e#372\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/85eb8dd41472213aed25d1a126460e0069138ab6\"\u003e85eb8dd\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003edeps:\u003c/strong\u003e bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1 in the production-dependencies group (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/364\"\u003e#364\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/43e5c345bfd4d4f3ecea019ad0042001a09dd857\"\u003e43e5c34\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003evalidate private-key input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/376\"\u003e#376\u003c/a\u003e) (\u003ca href=\"https://github.com/actions/create-github-app-token/commit/f24bbd89643991c0de27ae823c01791b2c6bafdd\"\u003ef24bbd8\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/bcd2ba49218906704ab6c1aa796996da409d3eb1\"\u003e\u003ccode\u003ebcd2ba4\u003c/code\u003e\u003c/a\u003e chore(main): release 3.2.0 (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/370\"\u003e#370\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/f24bbd89643991c0de27ae823c01791b2c6bafdd\"\u003e\u003ccode\u003ef24bbd8\u003c/code\u003e\u003c/a\u003e fix: validate private-key input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/376\"\u003e#376\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/363531b6d972a60a00b3f1e6bb139e5e6c764cd9\"\u003e\u003ccode\u003e363531b\u003c/code\u003e\u003c/a\u003e docs: capitalize Git as a proper noun in README (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/374\"\u003e#374\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/fd2801133e469d2950f2c5af5e591d6b2ad833c8\"\u003e\u003ccode\u003efd28011\u003c/code\u003e\u003c/a\u003e docs: update procedure to configure Git (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/287\"\u003e#287\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/85eb8dd41472213aed25d1a126460e0069138ab6\"\u003e\u003ccode\u003e85eb8dd\u003c/code\u003e\u003c/a\u003e feat: support full repository names in \u003ccode\u003erepositories\u003c/code\u003e input (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/372\"\u003e#372\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/c9aabb83728c3bd519212fa657ebc07e1f2a5dec\"\u003e\u003ccode\u003ec9aabb8\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump yaml from 2.8.3 to 2.8.4 in the development-dependencie...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/e02e816e5591415258a53bf735aff57977dcd5e2\"\u003e\u003ccode\u003ee02e816\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump undici from 7.24.6 to 8.2.0 (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/366\"\u003e#366\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/8d835bfd37aa48fcb8e709925115857568d98bc4\"\u003e\u003ccode\u003e8d835bf\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump esbuild from 0.27.4 to 0.28.0 in the development-depend...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/952a2a7073df6bfa5f49bc469ec895b6ec1acea4\"\u003e\u003ccode\u003e952a2a7\u003c/code\u003e\u003c/a\u003e feat: add support for enterprise-level GitHub Apps (\u003ca href=\"https://redirect.github.com/actions/create-github-app-token/issues/263\"\u003e#263\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/create-github-app-token/commit/43e5c345bfd4d4f3ecea019ad0042001a09dd857\"\u003e\u003ccode\u003e43e5c34\u003c/code\u003e\u003c/a\u003e fix(deps): bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1 in the production-dependenc...\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/actions/create-github-app-token/compare/1b10c78c7865c340bc4f6099eb2f838309f1e8c3...bcd2ba49218906704ab6c1aa796996da409d3eb1\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `azure/trusted-signing-action` from 1.2.0 to 2.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/azure/trusted-signing-action/releases\"\u003eazure/trusted-signing-action's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.0.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003erefactor: migrate to new artifactsigning module by \u003ca href=\"https://github.com/Jaxelr\"\u003e\u003ccode\u003e@​Jaxelr\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/Azure/artifact-signing-action/pull/133\"\u003eAzure/artifact-signing-action#133\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: update README runtime version and action references by \u003ca href=\"https://github.com/Jaxelr\"\u003e\u003ccode\u003e@​Jaxelr\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/Azure/artifact-signing-action/pull/139\"\u003eAzure/artifact-signing-action#139\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003erefactor: upgrade packages to the latest versions by \u003ca href=\"https://github.com/Jaxelr\"\u003e\u003ccode\u003e@​Jaxelr\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/Azure/artifact-signing-action/pull/135\"\u003eAzure/artifact-signing-action#135\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/Azure/artifact-signing-action/compare/v1.2.0...v2.0.0\"\u003ehttps://github.com/Azure/artifact-signing-action/compare/v1.2.0...v2.0.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Azure/artifact-signing-action/commit/c7ab2a863ab5f9a846ddb8265964877ef296ee82\"\u003e\u003ccode\u003ec7ab2a8\u003c/code\u003e\u003c/a\u003e refactor: upgrade packages to the latest versions (\u003ca href=\"https://redirect.github.com/azure/trusted-signing-action/issues/135\"\u003e#135\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Azure/artifact-signing-action/commit/7664cea6ad50e2f1b08bf6d5b4a371527221231c\"\u003e\u003ccode\u003e7664cea\u003c/code\u003e\u003c/a\u003e docs: update README runtime version and action references (\u003ca href=\"https://redirect.github.com/azure/trusted-signing-action/issues/139\"\u003e#139\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Azure/artifact-signing-action/commit/64185d8ca9555a71ba666fc42fa2ed9461a9d583\"\u003e\u003ccode\u003e64185d8\u003c/code\u003e\u003c/a\u003e refactor: migrate to new artifactsigning module (\u003ca href=\"https://redirect.github.com/azure/trusted-signing-action/issues/133\"\u003e#133\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/azure/trusted-signing-action/compare/b443cf8ea4124818d2ea9f043cba29fc3ec47b16...c7ab2a863ab5f9a846ddb8265964877ef296ee82\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\n\n\n\u003c/details\u003e","html_url":"https://github.com/stella/stella/pull/438","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/stella%2Fstella/issues/438","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/438/packages"}}]}