⬆ Bump the github-actions group across 1 directory with 6 updates

[dependabot]

Bumps the github-actions group with 6 updates in the / directory:

Package	From	To
eps1lon/actions-label-merge-conflict	3.0.3	3.1.0
actions/labeler	6.0.1	6.1.0
tiangolo/latest-changes	0.4.1	0.5.0
mxschmitt/action-tmate	3.23	3.24
actions/upload-artifact	7.0.0	7.0.1
zizmorcore/zizmor-action	0.5.3	0.5.6

Updates eps1lon/actions-label-merge-conflict from 3.0.3 to 3.1.0

Release notes

Sourced from eps1lon/actions-label-merge-conflict's releases.

v3.1.0

What's Changed

• Add better permissions defaults for the example by @​oliviertassinari in eps1lon/actions-label-merge-conflict#151
• Update Node.js to 24 by @​oliviertassinari in eps1lon/actions-label-merge-conflict#152
• release: 3.1.0 by @​eps1lon in eps1lon/actions-label-merge-conflict#153

New Contributors

• @​oliviertassinari made their first contribution in eps1lon/actions-label-merge-conflict#151

Full Changelog: eps1lon/actions-label-merge-conflict@v3.0.3...v3.1.0

Changelog

Sourced from eps1lon/actions-label-merge-conflict's changelog.

Changelog

3.1.0

• Update Node.js to 24 (#152)

3.0.3

• Ensure outputs is populated (#136)

3.0.2

• Handle error when label is not available (part 2) (#126)

3.0.1

• Handle error when label is not available (#123)

3.0.0

• Update to node20 (#115)

2.1.0

• Address set-output deprecation (#92 by @​NotMyFault)
• Fix CVE-2022-35954 (#92 by @​NotMyFault)

2.0.1

• Improve retry logic (#31 by @​eps1lon)

2.0.0

• Only update PRs based off of the branch in the push event Previously we checked every open PR. Since a push to a branch can only create merge conflicts with that branch we can limit the set of checked PRs. This should help repositories with lots of PRs targetting different branches with rate limiting.
• Only leave comments if the dirtyLabel was added or removed

1.4.0

• Allow warning only if secrets aren't available (#22 by @​baywet)
• Remove requirement for removeOnDirtyLabel (#21 by @​baywet)

1.3.0

• set PRs and their dirty state as output (#17 by @​baywet)

Commits

• 0273be7 release: 3.1.0 (#153)
• 9d4606b Update Node.js to 24 (#152)
• 62d0db0 docs: Add better permissions defaults for the example (#151)
• See full diff in compare view

Updates actions/labeler from 6.0.1 to 6.1.0

Release notes

Sourced from actions/labeler's releases.

v6.1.0

Enhancements

• Add changed-files-labels-limit and max-files-changed configuration options to cap the number of labels added by @​bluca in actions/labeler#923

Bug Fixes

• Improve Labeler Action documentation and permission error handling by @​chiranjib-swain in actions/labeler#897
• Preserve manually added labels during workflow runs and refine label synchronization logic by @​chiranjib-swain in actions/labeler#917

Dependency Updates

• Upgrade brace-expansion from 1.1.11 to 1.1.12 and document breaking changes in v6 by @​dependabot in actions/labeler#877
• Upgrade minimatch from 10.0.1 to 10.2.3 by @​dependabot in actions/labeler#926
• Upgrade dependencies (@​actions/core, @​actions/github, js-yaml, minimatch, @​typescript-eslint) by @​Copilot in actions/labeler#934

New Contributors

• @​chiranjib-swain made their first contribution in actions/labeler#897
• @​bluca made their first contribution in actions/labeler#923
• @​Copilot made their first contribution in actions/labeler#934

Full Changelog: actions/labeler@v6...v6.1.0

Commits

• f27b608 chore: upgrade dependencies (@​actions/core, @​actions/github, js-yaml, minimat...
• c5dadc2 Add 'changed-files-labels-limit' and 'max-files-changed' configs to allow cap...
• e52e4fb Bump minimatch from 10.0.1 to 10.2.3 (#926)
• 77a4082 Fix: Preserve manually added labels during workflow run and refine label sync...
• 25abb3c Improve Labeler Action Documentation and Error Handling for Permissions (#897)
• 395c8cf Bump brace-expansion from 1.1.11 to 1.1.12 and document breaking changes in v...
• See full diff in compare view

Updates tiangolo/latest-changes from 0.4.1 to 0.5.0

Release notes

Sourced from tiangolo/latest-changes's releases.

0.5.0

Features

• ✨ Add support for skipping release PRs with skip_labels, with release skipped by default.

Refactors

• 🔥 Remove unused models.py file. PR #90 by @​tiangolo.

Docs

• 📝 Add permissions needed for private repos. PR #89 by @​tiangolo.

Commits

• eb3f6e7 ✨ Add support for skip labels, useful for making a PR with the actual release...
• 151c5c1 🔥 Remove config files now in central GitHub repo (#95)
• 82a0fda 👷 Update Dependabot (#92)
• 2318167 📝 Update release notes
• 0db4c74 🔥 Remove unused models.py file (#90)
• 844e4d3 📝 Update release notes
• de1d818 📝 Add permissions needed for private repos (#89)
• See full diff in compare view

Updates mxschmitt/action-tmate from 3.23 to 3.24

Release notes

Sourced from mxschmitt/action-tmate's releases.

v3.24

What's Changed

• chore(deps): bump js-yaml from 3.14.1 to 3.14.2 by @​dependabot[bot] in mxschmitt/action-tmate#236
• chore(deps): bump minimatch from 3.1.2 to 3.1.5 by @​dependabot[bot] in mxschmitt/action-tmate#237
• chore(deps-dev): bump picomatch from 2.3.1 to 2.3.2 by @​dependabot[bot] in mxschmitt/action-tmate#238
• chore(deps-dev): bump @​babel/plugin-transform-modules-systemjs from 7.22.11 to 7.29.4 by @​dependabot[bot] in mxschmitt/action-tmate#240
• Update Node.js runtime from 20 to 24 by @​Copilot in mxschmitt/action-tmate#242

New Contributors

• @​Copilot made their first contribution in mxschmitt/action-tmate#242

Full Changelog: mxschmitt/action-tmate@v3.23...v3.24

Commits

• 35b54af Update Node.js runtime from 20 to 24 (#242)
• ebce6f7 chore(deps-dev): bump @​babel/plugin-transform-modules-systemjs (#240)
• bc851d8 chore(deps-dev): bump picomatch from 2.3.1 to 2.3.2 (#238)
• 6c825b1 chore(deps): bump minimatch from 3.1.2 to 3.1.5 (#237)
• 10570f9 Merge pull request #236 from mxschmitt/dependabot/npm_and_yarn/js-yaml-3.14.2
• 7b3d87e chore(deps): bump js-yaml from 3.14.1 to 3.14.2
• See full diff in compare view

Updates actions/upload-artifact from 7.0.0 to 7.0.1

Release notes

Sourced from actions/upload-artifact's releases.

v7.0.1

What's Changed

• Update the readme with direct upload details by @​danwkennedy in actions/upload-artifact#795
• Readme: bump all the example versions to v7 by @​danwkennedy in actions/upload-artifact#796
• Include changes in typespec/ts-http-runtime 0.3.5 by @​yacaovsnc in actions/upload-artifact#797

Full Changelog: actions/upload-artifact@v7...v7.0.1

Commits

• 043fb46 Merge pull request #797 from actions/yacaovsnc/update-dependency
• 634250c Include changes in typespec/ts-http-runtime 0.3.5
• e454baa Readme: bump all the example versions to v7 (#796)
• 74fad66 Update the readme with direct upload details (#795)
• See full diff in compare view

Updates zizmorcore/zizmor-action from 0.5.3 to 0.5.6

Release notes

Sourced from zizmorcore/zizmor-action's releases.

v0.5.6

• 1.25.2 is now available via the action
• 1.25.2 is now the default version of zizmor used by the action

v0.5.5

This is a no-op release.

v0.5.4

• 1.25.0 is now available via the action
• 1.25.0 is now the default version of zizmor used by the action

Commits

• 5f14fd0 Sync zizmor versions (#114)
• a16621b Bump pins in README (#112)
• 1c03e04 chore(deps): bump github/codeql-action from 4.35.2 to 4.35.3 in the github-ac...
• b572f7b Sync zizmor versions (#111)
• 06928c5 chore(deps): bump github/codeql-action in the github-actions group (#109)
• 5ea8b96 docs: Update link to GitHub docs (#108)
• 849ac26 chore(deps): bump the github-actions group with 2 updates (#106)
• 814f977 Bump pins in README (#103)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

Labels

The following labels could not be found: github_actions. Please create it before Dependabot can add it to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.