Skip to content

chore(deps): bump actions/create-github-app-token from 2 to 3 in the release group#147

Open
dependabot[bot] wants to merge 1 commit intodevelopfrom
dependabot/github_actions/develop/release-1730de5550
Open

chore(deps): bump actions/create-github-app-token from 2 to 3 in the release group#147
dependabot[bot] wants to merge 1 commit intodevelopfrom
dependabot/github_actions/develop/release-1730de5550

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Mar 16, 2026
edited
Loading

Bumps the release group with 1 update: actions/create-github-app-token.

Updates actions/create-github-app-token from 2 to 3

Release notes

Sourced from actions/create-github-app-token's releases.

v3.0.0

3.0.0 (2026-03-14)

Bug Fixes

BREAKING CHANGES

  • Custom proxy handling has been removed. If you use HTTP_PROXY or HTTPS_PROXY, you must now also set NODE_USE_ENV_PROXY=1 on the action step.
  • Requires Actions Runner v2.327.1 or later if you are using a self-hosted runner.

v3.0.0-beta.6

3.0.0-beta.6 (2026-03-13)

Bug Fixes

  • deps: bump @​actions/core from 1.11.1 to 3.0.0 (#337) (b044133)
  • deps: bump minimatch from 9.0.5 to 9.0.9 (#335) (5cbc656)
  • deps: bump the production-dependencies group with 4 updates (#336) (6bda5bc)
  • deps: bump undici from 7.16.0 to 7.18.2 (#323) (b4f638f)

v3.0.0-beta.5

3.0.0-beta.5 (2026-03-13)

  • fix!: require NODE_USE_ENV_PROXY for proxy support (#342) (d53a1cd)

BREAKING CHANGES

  • Custom proxy handling has been removed. If you use HTTP_PROXY or HTTPS_PROXY, you must now also set NODE_USE_ENV_PROXY=1 on the action step.

v3.0.0-beta.4

3.0.0-beta.4 (2026-03-13)

Bug Fixes

  • deps: bump @​octokit/auth-app from 7.2.1 to 8.0.1 (#257) (bef1eaf)
  • deps: bump @​octokit/request from 9.2.3 to 10.0.2 (#256) (5d7307b)
  • deps: bump glob from 10.4.5 to 10.5.0 (#305) (5480f43)
  • deps: bump p-retry from 6.2.1 to 7.1.0 (#294) (dce3be8)

... (truncated)

Commits
  • f8d387b build(release): 3.0.0 [skip ci]
  • d2129bd style: remove extra blank line in release workflow
  • 77b94ef build: refresh generated artifacts
  • 3ab4c66 chore: move undici to devDependencies
  • 739cf66 docs: update README action versions
  • db40289 build(deps): bump actions versions in test.yml
  • 496a7ac test: migrate from AVA to Node.js native test runner (#346)
  • 3870dc3 Rename end-to-end proxy job in test workflow
  • 4451bcb fix!: require NODE_USE_ENV_PROXY for proxy support (#342)
  • dce0ab0 fix: remove custom proxy handling (#143)
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github Mar 16, 2026

Labels

The following labels could not be found: dependencies, github-actions. Please create them before Dependabot can add them to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

@dependabot dependabot bot requested a review from a team as a code owner March 16, 2026 11:30
@dependabot
chore(deps): bump actions/create-github-app-token in the release group
da7e7f3 
Bumps the release group with 1 update: [actions/create-github-app-token](https://github.com/actions/create-github-app-token).


Updates `actions/create-github-app-token` from 2 to 3
- [Release notes](https://github.com/actions/create-github-app-token/releases)
- [Commits](actions/create-github-app-token@v2...v3)

---
updated-dependencies:
- dependency-name: actions/create-github-app-token
  dependency-version: '3'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: release
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/github_actions/develop/release-1730de5550 branch from 5b426b8 to da7e7f3 Compare March 20, 2026 17:56
@lerian-studio lerian-studio added the size/XS PR changes < 50 lines label Mar 20, 2026
@github-actions github-actions bot added workflow Changes to one or more reusable workflow files typescript Changes to TypeScript or Frontend workflows labels Mar 20, 2026
@lerian-studio
Copy link

lerian-studio commented Mar 20, 2026

🔍 Lint Analysis

Check Files Scanned Status
YAML Lint 5 file(s) ✅ success
Action Lint 5 file(s) ❌ failure
Pinned Actions 5 file(s) ✅ success
Markdown Link Check no changes ⏭️ skipped
Spelling Check 5 file(s) ✅ success
Shell Check 5 file(s) ❌ failure
README Check 5 file(s) ✅ success
Composite Schema no changes ⏭️ skipped
❌ Failures (2)

Action Lint

.github/workflows/helm-update-chart.yml

  • .github/workflows/helm-update-chart.yml (line 376) — shellcheck reported issue in this script: SC2086:info:10:31: Double quote to prevent globbing and word splitting
  • .github/workflows/helm-update-chart.yml (line 201) — shellcheck reported issue in this script: SC2086:info:146:50: Double quote to prevent globbing and word splitting
  • .github/workflows/helm-update-chart.yml (line 112) — shellcheck reported issue in this script: SC2129:style:27:1: Consider using { cmd1; cmd2; } >> file instead of individual redirects
  • .github/workflows/helm-update-chart.yml (line 112) — shellcheck reported issue in this script: SC2086:info:33:38: Double quote to prevent globbing and word splitting
  • .github/workflows/helm-update-chart.yml (line 112) — shellcheck reported issue in this script: SC2086:info:32:36: Double quote to prevent globbing and word splitting
  • .github/workflows/helm-update-chart.yml (line 112) — shellcheck reported issue in this script: SC2086:info:31:40: Double quote to prevent globbing and word splitting
  • .github/workflows/helm-update-chart.yml (line 112) — shellcheck reported issue in this script: SC2086:info:30:38: Double quote to prevent globbing and word splitting
  • .github/workflows/helm-update-chart.yml (line 112) — shellcheck reported issue in this script: SC2086:info:29:36: Double quote to prevent globbing and word splitting
  • .github/workflows/helm-update-chart.yml (line 112) — shellcheck reported issue in this script: SC2086:info:28:48: Double quote to prevent globbing and word splitting
  • .github/workflows/helm-update-chart.yml (line 112) — shellcheck reported issue in this script: SC2086:info:27:26: Double quote to prevent globbing and word splitting

Shell Check

.github

  • .github (line 136) — Process completed with exit code 1.
  • .github (line 135) — Found 2 shellcheck error(s) in run: blocks.

🔍 View full scan logs

@bedatty bedatty self-assigned this Mar 20, 2026
bedatty
bedatty approved these changes Mar 20, 2026
View reviewed changes
Copy link
Contributor

@bedatty bedatty left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Dependency update reviewed. Major bump (v2 → v3). Breaking changes (proxy handling removal, runner version requirement) do not affect current usage — no custom proxy, GitHub-hosted runners. API inputs remain identical. Auto-approved.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@bedatty bedatty bedatty approved these changes

Assignees

@bedatty bedatty

Labels

size/XS PR changes < 50 lines typescript Changes to TypeScript or Frontend workflows workflow Changes to one or more reusable workflow files

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@lerian-studio @bedatty