dependabot[bot]
f2d0878d23
chore: bump actions/github-script from 8.0.0 to 9.0.0 ( #37121 )
...
Bumps [actions/github-script](https://github.com/actions/github-script )
from 8.0.0 to 9.0.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/github-script/releases ">actions/github-script's
releases</a>.</em></p>
<blockquote>
<h2>v9.0.0</h2>
<p><strong>New features:</strong></p>
<ul>
<li><strong><code>getOctokit</code> factory function</strong> —
Available directly in the script context. Create additional
authenticated Octokit clients with different tokens for multi-token
workflows, GitHub App tokens, and cross-org access. See <a
href="https://github.com/actions/github-script#creating-additional-clients-with-getoctokit ">Creating
additional clients with <code>getOctokit</code></a> for details and
examples.</li>
<li><strong>Orchestration ID in user-agent</strong> — The
<code>ACTIONS_ORCHESTRATION_ID</code> environment variable is
automatically appended to the user-agent string for request
tracing.</li>
</ul>
<p><strong>Breaking changes:</strong></p>
<ul>
<li><strong><code>require('@actions/github')</code> no longer works in
scripts.</strong> The upgrade to <code>@actions/github</code> v9
(ESM-only) means <code>require('@actions/github')</code> will fail at
runtime. If you previously used patterns like <code>const { getOctokit }
= require('@actions/github')</code> to create secondary clients, use the
new injected <code>getOctokit</code> function instead — it's available
directly in the script context with no imports needed.</li>
<li><code>getOctokit</code> is now an injected function parameter.
Scripts that declare <code>const getOctokit = ...</code> or <code>let
getOctokit = ...</code> will get a <code>SyntaxError</code> because
JavaScript does not allow <code>const</code>/<code>let</code>
redeclaration of function parameters. Use the injected
<code>getOctokit</code> directly, or use <code>var getOctokit =
...</code> if you need to redeclare it.</li>
<li>If your script accesses other <code>@actions/github</code> internals
beyond the standard <code>github</code>/<code>octokit</code> client, you
may need to update those references for v9 compatibility.</li>
</ul>
<h2>What's Changed</h2>
<ul>
<li>Add ACTIONS_ORCHESTRATION_ID to user-agent string by <a
href="https://github.com/Copilot "><code>@Copilot</code></a> in <a
href="https://redirect.github.com/actions/github-script/pull/695 ">actions/github-script#695</a></li>
<li>ci: use deployment: false for integration test environments by <a
href="https://github.com/salmanmkc "><code>@salmanmkc</code></a> in <a
href="https://redirect.github.com/actions/github-script/pull/712 ">actions/github-script#712</a></li>
<li>feat!: add getOctokit to script context, upgrade
<code>@actions/github</code> v9, <code>@octokit/core</code> v7, and
related packages by <a
href="https://github.com/salmanmkc "><code>@salmanmkc</code></a> in <a
href="https://redirect.github.com/actions/github-script/pull/700 ">actions/github-script#700</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/Copilot "><code>@Copilot</code></a> made
their first contribution in <a
href="https://redirect.github.com/actions/github-script/pull/695 ">actions/github-script#695</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/github-script/compare/v8.0.0...v9.0.0 ">https://github.com/actions/github-script/compare/v8.0.0...v9.0.0 </a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="3a2844b7e9https://redirect.github.com/actions/github-script/issues/700 ">#700</a>
from actions/salmanmkc/expose-getoctokit + prepare re...</li>
<li><a
href="ca10bbdd1a86e48e20acc1084728b5afff112e4fhttps://redirect.github.com/actions/github-script/issues/712 ">#712</a>
from actions/salmanmkc/deployment-false + fix user-ag...</li>
<li><a
href="ff8117e5b781c6b787603953caf885https://github.com/v8 "><code>@v8</code></a> to <a
href="https://github.com/v9 "><code>@v9</code></a>, add getOctokit docs
and v9 brea...</li>
<li><a
href="c17d55b90da047196d9aed597411d8...3a2844b7e9https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/github-script&package-manager=github_actions&previous-version=8.0.0&new-version=9.0.0 )](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores )
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-05-01 10:11:35 -04:00
dependabot[bot]
5c27249e27
chore: bump the minor-and-patch group with 5 updates ( #37119 )
...
Bumps the minor-and-patch group with 5 updates:
| Package | From | To |
| --- | --- | --- |
|
[actions/create-github-app-token](https://github.com/actions/create-github-app-token )
| `3.0.0` | `3.1.1` |
|
[peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request )
| `8.1.0` | `8.1.1` |
| [actions/upload-artifact](https://github.com/actions/upload-artifact )
| `7.0.0` | `7.0.1` |
|
[pypa/gh-action-pypi-publish](https://github.com/pypa/gh-action-pypi-publish )
| `1.13.0` | `1.14.0` |
|
[aws-actions/configure-aws-credentials](https://github.com/aws-actions/configure-aws-credentials )
| `6.0.0` | `6.1.0` |
Updates `actions/create-github-app-token` from 3.0.0 to 3.1.1
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/create-github-app-token/releases ">actions/create-github-app-token's
releases</a>.</em></p>
<blockquote>
<h2>v3.1.1</h2>
<h2><a
href="https://github.com/actions/create-github-app-token/compare/v3.1.0...v3.1.1 ">3.1.1</a>
(2026-04-11)</h2>
<h3>Bug Fixes</h3>
<ul>
<li>improve error message when app identifier is empty (<a
href="https://redirect.github.com/actions/create-github-app-token/issues/362 ">#362</a>)
(<a
href="07e2b76066https://redirect.github.com/actions/create-github-app-token/issues/249 ">#249</a></li>
</ul>
<h2>v3.1.0</h2>
<h1><a
href="https://github.com/actions/create-github-app-token/compare/v3.0.0...v3.1.0 ">3.1.0</a>
(2026-04-11)</h1>
<h3>Bug Fixes</h3>
<ul>
<li><strong>deps:</strong> bump p-retry from 7.1.1 to 8.0.0 (<a
href="https://redirect.github.com/actions/create-github-app-token/issues/357 ">#357</a>)
(<a
href="3bbe07d928https://redirect.github.com/actions/create-github-app-token/issues/353 ">#353</a>)
(<a
href="e6bd4e6970https://redirect.github.com/actions/create-github-app-token/issues/358 ">#358</a>)
(<a
href="076e9480ca1b10c78c7807e2b76066https://redirect.github.com/actions/create-github-app-token/issues/362 ">#362</a>)</li>
<li><a
href="ea0121618bhttps://redirect.github.com/actions/create-github-app-token/issues/361 ">#361</a>)</li>
<li><a
href="7bd0371149e6bd4e6970https://redirect.github.com/actions/create-github-app-token/issues/353 ">#353</a>)</li>
<li><a
href="076e9480cahttps://redirect.github.com/actions/create-github-app-token/issues/358 ">#358</a>)</li>
<li><a
href="3bbe07d928https://redirect.github.com/actions/create-github-app-token/issues/357 ">#357</a>)</li>
<li><a
href="28a99e369c4df50600ef4843c538d9f8d387b68d...1b10c78c78https://github.com/peter-evans/create-pull-request/releases ">peter-evans/create-pull-request's
releases</a>.</em></p>
<blockquote>
<h2>Create Pull Request v8.1.1</h2>
<h2>What's Changed</h2>
<ul>
<li>build(deps-dev): bump the npm group with 2 updates by <a
href="https://github.com/dependabot "><code>@dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/4305 ">peter-evans/create-pull-request#4305</a></li>
<li>build(deps): bump minimatch by <a
href="https://github.com/dependabot "><code>@dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/4311 ">peter-evans/create-pull-request#4311</a></li>
<li>build(deps): bump the github-actions group with 2 updates by <a
href="https://github.com/dependabot "><code>@dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/4316 ">peter-evans/create-pull-request#4316</a></li>
<li>build(deps): bump <code>@tootallnate/once</code> and
jest-environment-jsdom by <a
href="https://github.com/dependabot "><code>@dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/4323 ">peter-evans/create-pull-request#4323</a></li>
<li>build(deps-dev): bump undici from 6.23.0 to 6.24.0 by <a
href="https://github.com/dependabot "><code>@dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/4328 ">peter-evans/create-pull-request#4328</a></li>
<li>build(deps-dev): bump flatted from 3.3.1 to 3.4.2 by <a
href="https://github.com/dependabot "><code>@dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/4334 ">peter-evans/create-pull-request#4334</a></li>
<li>build(deps): bump picomatch by <a
href="https://github.com/dependabot "><code>@dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/4339 ">peter-evans/create-pull-request#4339</a></li>
<li>build(deps-dev): bump handlebars from 4.7.8 to 4.7.9 by <a
href="https://github.com/dependabot "><code>@dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/4344 ">peter-evans/create-pull-request#4344</a></li>
<li>build(deps-dev): bump the npm group with 3 updates by <a
href="https://github.com/dependabot "><code>@dependabot</code></a>[bot]
in <a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/4349 ">peter-evans/create-pull-request#4349</a></li>
<li>fix: retry post-creation API calls on 422 eventual consistency
errors by <a
href="https://github.com/peter-evans "><code>@peter-evans</code></a> in
<a
href="https://redirect.github.com/peter-evans/create-pull-request/pull/4356 ">peter-evans/create-pull-request#4356</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/peter-evans/create-pull-request/compare/v8.1.0...v8.1.1 ">https://github.com/peter-evans/create-pull-request/compare/v8.1.0...v8.1.1 </a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="5f6978faf0https://redirect.github.com/peter-evans/create-pull-request/issues/4356 ">#4356</a>)</li>
<li><a
href="d32e88dac7https://redirect.github.com/peter-evans/create-pull-request/issues/4349 ">#4349</a>)</li>
<li><a
href="8170bccad1https://redirect.github.com/peter-evans/create-pull-request/issues/4344 ">#4344</a>)</li>
<li><a
href="00418193b4https://redirect.github.com/peter-evans/create-pull-request/issues/4339 ">#4339</a>)</li>
<li><a
href="b993918c85https://redirect.github.com/peter-evans/create-pull-request/issues/4334 ">#4334</a>)</li>
<li><a
href="36d7c8468bhttps://redirect.github.com/peter-evans/create-pull-request/issues/4328 ">#4328</a>)</li>
<li><a
href="a45d1fb447https://redirect.github.com/peter-evans/create-pull-request/issues/4323 ">#4323</a>)</li>
<li><a
href="3499eb6183https://redirect.github.com/peter-evans/create-pull-request/issues/4316 ">#4316</a>)</li>
<li><a
href="3f3b473b8chttps://redirect.github.com/peter-evans/create-pull-request/issues/4311 ">#4311</a>)</li>
<li><a
href="6699836a21https://redirect.github.com/peter-evans/create-pull-request/issues/4305 ">#4305</a>)</li>
<li>See full diff in <a
href="c0f553fe54...5f6978faf0https://github.com/actions/upload-artifact/releases ">actions/upload-artifact's
releases</a>.</em></p>
<blockquote>
<h2>v7.0.1</h2>
<h2>What's Changed</h2>
<ul>
<li>Update the readme with direct upload details by <a
href="https://github.com/danwkennedy "><code>@danwkennedy</code></a> in
<a
href="https://redirect.github.com/actions/upload-artifact/pull/795 ">actions/upload-artifact#795</a></li>
<li>Readme: bump all the example versions to v7 by <a
href="https://github.com/danwkennedy "><code>@danwkennedy</code></a> in
<a
href="https://redirect.github.com/actions/upload-artifact/pull/796 ">actions/upload-artifact#796</a></li>
<li>Include changes in typespec/ts-http-runtime 0.3.5 by <a
href="https://github.com/yacaovsnc "><code>@yacaovsnc</code></a> in <a
href="https://redirect.github.com/actions/upload-artifact/pull/797 ">actions/upload-artifact#797</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/actions/upload-artifact/compare/v7...v7.0.1 ">https://github.com/actions/upload-artifact/compare/v7...v7.0.1 </a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="043fb46d1ahttps://redirect.github.com/actions/upload-artifact/issues/797 ">#797</a>
from actions/yacaovsnc/update-dependency</li>
<li><a
href="634250c138e454baaac2https://redirect.github.com/actions/upload-artifact/issues/796 ">#796</a>)</li>
<li><a
href="74fad66b98https://redirect.github.com/actions/upload-artifact/issues/795 ">#795</a>)</li>
<li>See full diff in <a
href="bbbca2ddaa...043fb46d1ahttps://github.com/pypa/gh-action-pypi-publish/releases ">pypa/gh-action-pypi-publish's
releases</a>.</em></p>
<blockquote>
<h2>v1.14.0</h2>
<!-- raw HTML omitted -->
<h2>✨ What's Changed</h2>
<p>The main change in this release is that <code>verbose</code> and
<code>print-hash</code> inputs are now on by default. This was
contributed by <a
href="https://github.com/whitequark "><code>@whitequark</code></a><a
href="https://github.com/sponsors/whitequark ">💰 </a> in <a
href="https://redirect.github.com/pypa/gh-action-pypi-publish/issues/397 ">#397</a>.</p>
<h2>📝 Docs</h2>
<p><a href="https://github.com/woodruffw "><code>@woodruffw</code></a><a
href="https://github.com/sponsors/woodruffw ">💰 </a> updated the mentions
of PEP 740 to stop implying that it might be experimental (it hasn't
been for quite a while!) in <a
href="https://redirect.github.com/pypa/gh-action-pypi-publish/issues/388 ">#388</a>
and <a href="https://github.com/him2him2 "><code>@him2him2</code></a><a
href="https://github.com/sponsors/him2him2 ">💰 </a> brushed up some
grammar in the README and SECURITY docs via <a
href="https://redirect.github.com/pypa/gh-action-pypi-publish/issues/395 ">#395</a>.</p>
<h2>🛠️ Internal Updates</h2>
<p><a href="https://github.com/woodruffw "><code>@woodruffw</code></a><a
href="https://github.com/sponsors/woodruffw ">💰 </a> bumped
<code>sigstore</code> and <code>pypi-attestations</code> in the lock
file (<a
href="https://redirect.github.com/pypa/gh-action-pypi-publish/issues/391 ">#391</a>)
and <a href="https://github.com/webknjaz "><code>@webknjaz</code></a><a
href="https://github.com/sponsors/webknjaz ">💰 </a> added infra for using
type annotations in the project (<a
href="https://redirect.github.com/pypa/gh-action-pypi-publish/issues/381 ">#381</a>).</p>
<h2>💪 New Contributors</h2>
<ul>
<li><a href="https://github.com/him2him2 "><code>@him2him2</code></a>
made their first contribution in <a
href="https://redirect.github.com/pypa/gh-action-pypi-publish/issues/395 ">#395</a></li>
<li><a
href="https://github.com/whitequark "><code>@whitequark</code></a> made
their first contribution in <a
href="https://redirect.github.com/pypa/gh-action-pypi-publish/issues/397 ">#397</a></li>
</ul>
<p><strong>🪞 Full Diff</strong>: <a
href="https://github.com/pypa/gh-action-pypi-publish/compare/v1.13.0...v1.14.0 ">https://github.com/pypa/gh-action-pypi-publish/compare/v1.13.0...v1.14.0 </a></p>
<p><strong>🧔♂️ Release Manager:</strong> <a
href="https://github.com/sponsors/webknjaz "><code>@webknjaz</code></a>
<a href="https://stand-with-ukraine.pp.ua ">🇺🇦 </a></p>
<p><strong>🙏 Special Thanks</strong> to <a
href="https://github.com/facutuesca "><code>@facutuesca</code></a><a
href="https://github.com/sponsors/facutuesca ">💰 </a> and <a
href="https://github.com/woodruffw "><code>@woodruffw</code></a><a
href="https://github.com/sponsors/woodruffw ">💰 </a> for helping maintain
this project when <a href="https://github.com/sponsors/webknjaz ">I</a>
can't!</p>
<p><strong>💬 Discuss</strong> <a
href="https://bsky.app/profile/webknjaz.me/post/3mivwsz3qzk2e ">on
Bluesky 🦋 </a>, <a
href="https://mastodon.social/@webknjaz/116363779997051422 ">on Mastodon
🐘 </a> and <a
href="https://github.com/pypa/gh-action-pypi-publish/discussions/404 ">on
GitHub</a>.</p>
<p><a href="https://github.com/sponsors/webknjaz "><img
src="https://img.shields.io/badge/%40webknjaz-transparent?logo=githubsponsors&logoColor=%23EA4AAA&label=Sponsor&color=2a313c "
alt="GH Sponsors badge" /></a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="cef221092ehttps://redirect.github.com/pypa/gh-action-pypi-publish/issues/397 ">#397</a>
from whitequark/patch-1</li>
<li><a
href="b4595e2555e2bab26859https://redirect.github.com/pypa/gh-action-pypi-publish/issues/395 ">#395</a>
from him2him2/docs/fix-typos-and-grammar</li>
<li><a
href="7495c384ec03f86fee9ahttps://redirect.github.com/pypa/gh-action-pypi-publish/issues/388 ">#388</a>
from woodruffw-forks/ww/rm-experimental</li>
<li><a
href="4c78f1c53cb5a6e8ba26a48a03e7588087a88a463317ede93a🧪 Integrate actionlint via pre-commit framework</li>
<li>Additional commits viewable in <a
href="ed0c53931b...cef221092ehttps://github.com/aws-actions/configure-aws-credentials/releases ">aws-actions/configure-aws-credentials's
releases</a>.</em></p>
<blockquote>
<h2>v6.1.0</h2>
<h2><a
href="https://github.com/aws-actions/configure-aws-credentials/compare/v6.0.0...v6.1.0 ">6.1.0</a>
(2026-04-06)</h2>
<h3>Features</h3>
<ul>
<li>add skip cleanup option (<a
href="https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1716 ">#1716</a>)
(<a
href="11b1c58b24https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1545 ">#1545</a></li>
<li>Support usage of AWS Profiles (<a
href="https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1696 ">#1696</a>)
(<a
href="a7f0c828achttps://github.com/aws-actions/configure-aws-credentials/blob/main/CHANGELOG.md ">aws-actions/configure-aws-credentials's
changelog</a>.</em></p>
<blockquote>
<h1>Changelog</h1>
<p>All notable changes to this project will be documented in this file.
See <a
href="https://github.com/conventional-changelog/standard-version ">standard-version</a>
for commit guidelines.</p>
<h2><a
href="https://github.com/aws-actions/configure-aws-credentials/compare/v6.0.0...v6.1.0 ">6.1.0</a>
(2026-04-06)</h2>
<h3>Features</h3>
<ul>
<li>add skip cleanup option (<a
href="https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1716 ">#1716</a>)
(<a
href="11b1c58b24https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1545 ">#1545</a></li>
<li>Support usage of AWS Profiles (<a
href="https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1696 ">#1696</a>)
(<a
href="a7f0c828achttps://github.com/aws-actions/configure-aws-credentials/compare/v5.1.1...v6.0.0 ">6.0.0</a>
(2026-02-04)</h2>
<h3>⚠ BREAKING CHANGES</h3>
<ul>
<li>Update action to use node24 (<a
href="https://redirect.github.com/aws-actions/configure-aws-credentials/pull/1632 ">#1632</a>)
(<a
href="a7a2c1125chttps://redirect.github.com/aws-actions/configure-aws-credentials/pull/1316 ">#1316</a>)
(<a
href="232435c0c0930ebd9bcahttps://redirect.github.com/aws-actions/configure-aws-credentials/pull/1633 ">#1633</a>)
(<a
href="7ceaf96edchttps://github.com/aws-actions/configure-aws-credentials/compare/v5.1.0...v5.1.1 ">5.1.1</a>
(2025-11-24)</h2>
<h3>Miscellaneous Chores</h3>
<ul>
<li>release 5.1.1 (<a
href="56d6a583f0https://github.com/aws-actions/configure-aws-credentials/compare/v5.0.0...v5.1.0 ">5.1.0</a>
(2025-10-06)</h2>
<h3>Features</h3>
<ul>
<li>Add global timeout support (<a
href="https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1487 ">#1487</a>)
(<a
href="1584b8b0e2https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1482 ">#1482</a>)
(<a
href="dde9b22a8ehttps://redirect.github.com/aws-actions/configure-aws-credentials/issues/1485 ">#1485</a>)
(<a
href="97ef425d73https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1482 ">#1482</a>)
(<a
href="https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1486 ">#1486</a>)
(<a
href="cea42985achttps://github.com/aws-actions/configure-aws-credentials/compare/v4.3.1...v5.0.0 ">5.0.0</a>
(2025-09-03)</h2>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="ec61189d14https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1717 ">#1717</a>)</li>
<li><a
href="81676eb9ebhttps://redirect.github.com/aws-actions/configure-aws-credentials/issues/1721 ">#1721</a>)</li>
<li><a
href="dc64d28371https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1720 ">#1720</a>)</li>
<li><a
href="bc0a50afbe9ea6412abahttps://redirect.github.com/aws-actions/configure-aws-credentials/issues/1686 ">#1686</a>)</li>
<li><a
href="0a8759496ba7f0c828achttps://redirect.github.com/aws-actions/configure-aws-credentials/issues/1696 ">#1696</a>)</li>
<li><a
href="e6bb6e5ff3https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1719 ">#1719</a>)</li>
<li><a
href="11b1c58b24https://redirect.github.com/aws-actions/configure-aws-credentials/issues/1716 ">#1716</a>)</li>
<li><a
href="51635dbf418df5847569...ec61189d14support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2026-05-01 10:09:34 -04:00
Mason Daugherty
fd901803f7
ci: auto-close issues without issue type from external users ( #36857 )
...
Port https://github.com/langchain-ai/deepagents/pull/2809
2026-04-17 16:23:29 -05:00
Mason Daugherty
a06c205738
ci(infra): validate issue checkboxes by section ( #36811 )
...
Port https://github.com/langchain-ai/deepagents/pull/2769
2026-04-15 23:09:34 -06:00
Mason Daugherty
6443612fa3
ci: pin all actions to full-length commit SHAs ( #36621 )
...
Pin all remaining GitHub Actions references to full-length commit SHAs,
matching the convention already established by third-party actions in
this repo. This is a prerequisite for enabling GitHub's "Require actions
to be pinned to a full-length commit SHA" repository ruleset, which
mitigates tag-hijacking supply chain attacks.
2026-04-08 19:02:58 -04:00
Mason Daugherty
29b7c79bb4
ci: auto-close issues that bypass template checkboxes ( #36377 )
...
GitHub issue forms enforce `required: true` checkboxes in the web UI,
but the API bypasses form validation — bots and scripts can open issues
with every box unchecked or skip the template entirely. This adds a
workflow that auto-closes those issues, with an org-membership carve-out
so maintainers can still open free-form issues.
2026-03-30 16:54:55 +00:00
dependabot[bot]
Mason Daugherty