Skip to content

chore: security workflows consolidation and github actions upgrade#2023

Merged
AlexanderBarabanov merged 6 commits into
developfrom
renovate/github-actions
Feb 11, 2026
Merged

chore: security workflows consolidation and github actions upgrade#2023
AlexanderBarabanov merged 6 commits into
developfrom
renovate/github-actions

Conversation

@oep-renovate

@oep-renovate oep-renovate Bot commented Feb 1, 2026

Copy link
Copy Markdown
Contributor

ℹ️ Note

This PR body was truncated due to platform limits.

This PR consolidates security workflows into one workflow and contains the following updates:

Package Type Update Change
actions/checkout action patch v6.0.1v6.0.2
actions/setup-python action minor v6.1.0v6.2.0
astral-sh/setup-uv action minor v7.1.6v7.3.0
github/codeql-action action minor v4.31.9v4.32.2
open-edge-platform/geti-ci action digest d30e3223a4b81e
renovatebot/github-action action major v44.2.2v46.0.2
step-security/harden-runner action patch v2.14.0v2.14.2

Release Notes

actions/checkout (actions/checkout)

v6.0.2

Compare Source

actions/setup-python (actions/setup-python)

v6.2.0

Compare Source

What's Changed
Dependency Upgrades

Full Changelog: actions/setup-python@v6...v6.2.0

astral-sh/setup-uv (astral-sh/setup-uv)

v7.3.0: 🌈 New features and bug fixes for activate-environment

Compare Source

Changes

This release contains a few bug fixes and a new feature for the activate-environment functionality.

🐛 Bug fixes
🚀 Enhancements
🧰 Maintenance
📚 Documentation
⬆️ Dependency updates

v7.2.1: 🌈 update known checksums up to 0.9.28

Compare Source

Changes
🧰 Maintenance
📚 Documentation
⬆️ Dependency updates

v7.2.0: 🌈 add outputs python-version and python-cache-hit

Compare Source

Changes

Among some minor typo fixes and quality of life features for developers of actions the main feature of this release are new outputs:

  • python-version: The Python version that was set (same content as existing UV_PYTHON)
  • python-cache-hit: A boolean value to indicate the Python cache entry was found

While implementing this it became clear, that it is easier to handle the Python binaries in a separate cache entry. The added benefit for users is that the "normal" cache containing the dependencies can be used in all runs no matter if these cache the Python binaries or not.

[!NOTE]
This release will invalidate caches that contain the Python binaries. This happens a single time.

🐛 Bug fixes
  • chore: remove stray space from UV_PYTHON_INSTALL_DIR message @​akx (#​720)
🚀 Enhancements
🧰 Maintenance
⬆️ Dependency updates
github/codeql-action (github/codeql-action)

v4.32.2

Compare Source

v4.32.1

Compare Source

  • A warning is now shown in Default Setup workflow logs if a private package registry is configured using a GitHub Personal Access Token (PAT), but no username is configured. #​3422
  • Fixed a bug which caused the CodeQL Action to fail when repository properties cannot successfully be retrieved. #​3421

v4.32.0

Compare Source

v4.31.11

Compare Source

  • When running a Default Setup workflow with Actions debugging enabled, the CodeQL Action will now use more unique names when uploading logs from the Dependabot authentication proxy as workflow artifacts. This ensures that the artifact names do not clash between multiple jobs in a build matrix. #​3409
  • Improved error handling throughout the CodeQL Action. #​3415
  • Added experimental support for automatically excluding generated files from the analysis. This feature is not currently enabled for any analysis. In the future, it may be enabled by default for some GitHub-managed analyses. #​3318
  • The changelog extracts that are included with releases of the CodeQL Action are now shorter to avoid duplicated information from appearing in Dependabot PRs. #​3403

v4.31.10

Compare Source

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

4.31.10 - 12 Jan 2026
  • Update default CodeQL bundle version to 2.23.9. #​3393

See the full CHANGELOG.md for more information.

renovatebot/github-action (renovatebot/github-action)

v46.0.2

Compare Source

Documentation
  • update references to renovatebot/github-action to v46.0.1 (c8c35d4)
Miscellaneous Chores
Build System
  • deps: lock file maintenance (9f5abc6)
Continuous Integration
  • deps: update ghcr.io/renovatebot/renovate docker tag to v43.0.10 (b9249f3)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v43.2.0 (dc3429f)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v43.2.1 (018d1e4)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v43.2.4 (1e4f4a8)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v43.2.5 (4301d7a)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v43.2.6 (c971e62)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v43.2.7 (63929db)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v43.2.8 (d638fa7)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v43.3.0 (#​1015) (7d877f2)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v43.3.1 (d07fed8)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v43.3.2 (0e34171)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v43.3.3 (9911dbb)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v43.3.4 (8c7764c)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v43.3.5 (84044a1)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v43.3.6 (eb848ca)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v43.4.0 (36c59f2)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v43.4.1 (3285d31)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v43.4.2 (c65676e)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v43.4.3 (a1fbfe1)

v46.0.1

Compare Source

Miscellaneous Chores
Build System
  • deps: lock file maintenance (2fec032)
Continuous Integration
  • deps: update ghcr.io/renovatebot/renovate docker tag to v43.0.6 (d361423)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v43.0.8 (c0ab525)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v43.0.9 (9f55a79)

v46.0.0

Compare Source

⚠ BREAKING CHANGES
  • deps: Update ghcr.io/renovatebot/renovate Docker tag to v43 (#​993)
Features
  • deps: Update ghcr.io/renovatebot/renovate Docker tag to v43 (#​993) (ae99b37)

v45.0.3

Compare Source

Bug Fixes

v45.0.2

Compare Source

Bug Fixes
Miscellaneous Chores

v45.0.1

Compare Source

Bug Fixes
Miscellaneous Chores
Continuous Integration

v45.0.0

Compare Source

⚠ BREAKING CHANGES
Features
Miscellaneous Chores
  • allow js explicit (#​991) (5b01b35)
  • deps: update actions/cache action to v5.0.3 (5075ddc)
  • deps: update dependency typescript-eslint to v8.53.1 (066c0b5)
  • deps: update pnpm to v10.28.1 (c0fa679)
  • renovate: group all Renovate updates together (#​992) (253db8a)
  • renovater: exclude major from docs grouping (#​996) (4dfbc50)
Continuous Integration
  • add auto reviewer (#​990) (5aaf050)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v42.92.10 (b74d2be)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v42.92.11 (6eb6ef2)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v42.92.5 (7996fff)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v42.92.9 (df65844)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v42.94.6 (4990c24)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v42.94.7 (e9974c0)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v42.95.0 (21d8fc4)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v42.95.1 (9332c36)
  • deps: update renovate docker tag to v42.92.10 (d798112)
  • deps: update renovate docker tag to v42.92.11 (a058a2f)
  • deps: update renovate docker tag to v42.94.6 (68f0c4c)
  • deps: update renovate docker tag to v42.94.7 (30bf1bf)
  • deps: update renovate docker tag to v42.95.1 (416d47f)

v44.2.6

Compare Source

Documentation
  • update references to actions/checkout to v6.0.2 (c493b2d)
  • update references to ghcr.io/renovatebot/renovate to v42.92.4 (75fe498)
  • update references to renovatebot/github-action to v44.2.5 (8627919)
Miscellaneous Chores
Build System
  • deps: lock file maintenance (8267212)
Continuous Integration
  • deps: update actions/checkout action to v6.0.2 (bca8c02)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v42.85.4 (52745be)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v42.85.5 (6ebcfac)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v42.85.6 (e3e66f1)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v42.85.7 (312511e)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v42.85.8 (d94ec39)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v42.86.0 (3bab076)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v42.86.1 (48d3490)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v42.87.0 (bbd25ac)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v42.88.2 (d587065)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v42.89.2 (9d5f277)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v42.89.4 (f7d4fc7)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v42.90.0 (28f1aa9)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v42.90.1 (fe77734)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v42.90.2 (6e8ea66)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v42.92.0 (#​987) (0d4c9d2)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v42.92.1 (c4feabe)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v42.92.2 (be0a612)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v42.92.3 (fd97c3a)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v42.92.4 (5ec2068)
  • deps: update renovate docker tag to v42.85.3 (f0b16d5)
  • deps: update renovate docker tag to v42.85.4 (19046c0)
  • deps: update renovate docker tag to v42.85.5 (2523d2e)
  • deps: update renovate docker tag to v42.85.6 (7ffd65f)
  • deps: update renovate docker tag to v42.85.7 (4171b3b)
  • deps: update renovate docker tag to v42.85.8 (1c5ac30)
  • deps: update renovate docker tag to v42.86.0 (0256625)
  • deps: update renovate docker tag to v42.86.1 (5430625)
  • deps: update renovate docker tag to v42.87.0 (c8fd526)
  • deps: update renovate docker tag to v42.88.2 (32fbc45)
  • deps: update renovate docker tag to v42.89.2 (f5b09cb)
  • deps: update renovate docker tag to v42.89.3 (2128873)
  • deps: update renovate docker tag to v42.89.4 (80dcf09)
  • deps: update renovate docker tag to v42.90.0 (481c844)
  • deps: update renovate docker tag to v42.90.2 (65f6aaf)
  • deps: update renovate docker tag to v42.92.0 (7cf9d8e)
  • deps: update renovate docker tag to v42.92.1 (e39ac1d)
  • deps: update renovate docker tag to v42.92.2 (39f256b)
  • deps: update renovate docker tag to v42.92.3 (67fe0c3)
  • deps: update renovate docker tag to v42.92.4 (9216196)

v44.2.5

Compare Source

Documentation
  • update references to ghcr.io/renovatebot/renovate to v42.84.2 (bee68c6)
  • update references to renovatebot/github-action to v44.2.4 (155b66f)
Miscellaneous Chores
  • deps: update actions/cache action to v5.0.2 (6b82695)
  • deps: update actions/setup-node action to v6.2.0 (13b6940)
  • deps: update commitlint monorepo to v20.3.1 (9725b51)
  • deps: update dependency @​types/node to v20.19.28 (afd25d6)
  • deps: update dependency typescript-eslint to v8.52.0 (5440251)
  • deps: update node.js to v24.13.0 (abda118)
  • deps: update pnpm to v10.28.0 (7e73d9a)
Build System
  • deps: lock file maintenance (40d0e4f)
Continuous Integration
  • deps: update ghcr.io/renovatebot/renovate docker tag to v42.79.2 (0c847db)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v42.80.0 (ce838c6)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v42.80.1 (28448a0)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v42.80.2 (34d045f)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v42.81.0 (cad1a9f)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v42.81.1 (61f6467)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v42.81.11 (827eecb)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v42.81.13 (4dad087)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v42.81.15 (2fbf483)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v42.81.2 (341e799)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v42.81.3 (c1e52d7)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v42.81.4 (c837398)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v42.81.5 (d3ef4cc)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v42.81.7 (7db10dc)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v42.81.8 (9a4c598)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v42.82.1 (91336be)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v42.82.3 (50179b9)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v42.83.0 (584d04a)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v42.83.1 (5050627)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v42.84.0 (37f4ae6)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v42.84.2 (213c451)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v42.85.3 (e3f9bec)
  • deps: update renovate docker tag to v42.79.2 (866508e)
  • deps: update renovate docker tag to v42.80.0 (fd69857)
  • deps: update renovate docker tag to v42.80.1 (415ac31)
  • deps: update renovate docker tag to v42.80.2 (616daf5)
  • deps: update renovate docker tag to v42.81.0 (d0f3cb0)
  • deps: update renovate docker tag to v42.81.1 (d61fab0)
  • deps: update renovate docker tag to v42.81.11 (7e3ecb9)
  • deps: update renovate docker tag to v42.81.13 (56dbe58)
  • deps: update renovate docker tag to v42.81.2 (b0e457c)
  • deps: update renovate docker tag to v42.81.3 (21dcf73)
  • deps: update renovate docker tag to v42.81.4 (211b1b5)
  • deps: update renovate docker tag to v42.81.5 (19894e9)
  • deps: update renovate docker tag to v42.81.7 (877c171)
  • deps: update renovate docker tag to v42.81.8 (f0ffaaa)
  • deps: update renovate docker tag to v42.82.1 (7deb14c)
  • deps: update renovate docker tag to v42.82.3 (911651e)
  • deps: update renovate docker tag to v42.83.0 (#​986) (2c196f3)
  • deps: update renovate docker tag to v42.83.1 (690cf78)
  • deps: update renovate docker tag to v42.84.0 (dc4c585)
  • deps: update renovate docker tag to v42.84.2 (55f2982)

v44.2.4

Compare Source

Documentation
  • update references to ghcr.io/renovatebot/renovate to v42.78.2 (73927c7)
  • update references to renovatebot/github-action to v44.2.3 (954e659)
Miscellaneous Chores
  • deps: update commitlint monorepo to v20.3.0 (d78356e)
  • deps: update dependency typescript-eslint to v8.51.0 (2d66e07)
  • deps: update pnpm to v10.27.0 (218102a)
Build System
  • deps: lock file maintenance (bc3dd85)
Continuous Integration
  • deps: update ghcr.io/renovatebot/renovate docker tag to v42.71.2 (d6fad5d)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v42.71.3 (b7dc84e)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v42.71.4 (944ec86)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v42.72.0 (3ab930c)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v42.74.1 (92bf334)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v42.74.2 (a4c0964)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v42.74.3 (fe61c45)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v42.74.5 (3c17b91)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v42.74.6 (4dbd3e7)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v42.74.7 (b0ca42a)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v42.75.0 (ea73cb1)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v42.75.1 (06b32e3)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v42.76.0 (f1aee6d)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v42.76.2 (1553f89)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v42.76.3 (b1da167)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v42.76.4 (8af1825)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v42.76.5 (f54c19e)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v42.78.0 (502f344)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v42.78.1 (ed6fad8)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v42.78.2 (c0cccbb)
  • deps: update renovate docker tag to v42.71.2 (619d0d5)
  • deps: update renovate docker tag to v42.71.3 (bebaad8)
  • deps: update renovate docker tag to v42.71.4 (827ef45)
  • deps: update renovate docker tag to v42.72.0 (1444bca)
  • deps: update renovate docker tag to v42.74.1 (dc12d57)
  • deps: update renovate docker tag to v42.74.2 (c995eac)
  • deps: update renovate docker tag to v42.74.3 (56f6b97)
  • deps: update renovate docker tag to v42.74.5 (66e50c8)
  • deps: update renovate docker tag to v42.74.6 (f6dc4d0)
  • deps: update renovate docker tag to v42.74.7 (0565b9d)
  • deps: update renovate docker tag to v42.75.0 (d7cae0f)
  • deps: update renovate docker tag to v42.75.1 (003df67)
  • deps: update renovate docker tag to v42.76.0 (70878eb)
  • deps: update renovate docker tag to v42.76.2 (57308dd)
  • deps: update renovate docker tag to v42.76.3 (3fba8a9)
  • deps: update renovate docker tag to v42.76.4 (d1aa322)
  • deps: update renovate docker tag to v42.76.

Configuration

📅 Schedule: Branch creation - On day 1 of the month ( * * 1 * * ) (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.


  • If you want to rebase/retry this PR, check this box

This PR has been generated by Renovate Bot.

@oep-renovate oep-renovate Bot requested a review from a team as a code owner February 1, 2026 03:10
@github-advanced-security

Copy link
Copy Markdown

This pull request sets up GitHub code scanning for this repository. Once the scans have completed and the checks have passed, the analysis results for this pull request branch will appear on this overview. Once you merge this pull request, the 'Security' tab will show more code scanning analysis results (for example, for the default branch). Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results. For more information about GitHub code scanning, check out the documentation.

@codecov-commenter

Copy link
Copy Markdown

⚠️ Please install the 'codecov app svg image' to ensure uploads and comments are reliably processed by Codecov.

Codecov Report

✅ All modified and coverable lines are covered by tests.

📢 Thoughts on this report? Let us know!

@oep-renovate oep-renovate Bot force-pushed the renovate/github-actions branch 2 times, most recently from 49a28a7 to 0b2bfbc Compare February 3, 2026 03:07
@AlexanderBarabanov AlexanderBarabanov added this pull request to the merge queue Feb 3, 2026
@github-merge-queue github-merge-queue Bot removed this pull request from the merge queue due to failed status checks Feb 3, 2026
@AlexanderBarabanov AlexanderBarabanov added this pull request to the merge queue Feb 3, 2026
github-merge-queue Bot pushed a commit that referenced this pull request Feb 3, 2026
This PR contains the following updates:

| Package | Type | Update | Change |
|---|---|---|---|
| [actions/checkout](https://redirect.github.com/actions/checkout) |
action | patch | `v6.0.1` → `v6.0.2` |
|
[actions/setup-python](https://redirect.github.com/actions/setup-python)
| action | minor | `v6.1.0` → `v6.2.0` |
| [astral-sh/setup-uv](https://redirect.github.com/astral-sh/setup-uv) |
action | minor | `v7.1.6` → `v7.2.1` |
|
[github/codeql-action](https://redirect.github.com/github/codeql-action)
| action | minor | `v4.31.9` → `v4.32.1` |
| open-edge-platform/geti-ci | action | digest | `d30e322` → `eee8dda` |
|
[renovatebot/github-action](https://redirect.github.com/renovatebot/github-action)
| action | major | `v44.2.2` → `v46.0.1` |
|
[step-security/harden-runner](https://redirect.github.com/step-security/harden-runner)
| action | patch | `v2.14.0` → `v2.14.1` |

---

### Release Notes

<details>
<summary>actions/checkout (actions/checkout)</summary>

###
[`v6.0.2`](https://redirect.github.com/actions/checkout/blob/HEAD/CHANGELOG.md#v602)

[Compare
Source](https://redirect.github.com/actions/checkout/compare/v6.0.1...v6.0.2)

- Fix tag handling: preserve annotations and explicit fetch-tags by
[@&#8203;ericsciple](https://redirect.github.com/ericsciple) in
[#&#8203;2356](https://redirect.github.com/actions/checkout/pull/2356)

</details>

<details>
<summary>actions/setup-python (actions/setup-python)</summary>

###
[`v6.2.0`](https://redirect.github.com/actions/setup-python/releases/tag/v6.2.0)

[Compare
Source](https://redirect.github.com/actions/setup-python/compare/v6.1.0...v6.2.0)

##### What's Changed

##### Dependency Upgrades

- Upgrade dependencies to Node 24 compatible versions by
[@&#8203;salmanmkc](https://redirect.github.com/salmanmkc) in
[#&#8203;1259](https://redirect.github.com/actions/setup-python/pull/1259)
- Upgrade urllib3 from 2.5.0 to 2.6.3 in `/__tests__/data` by
[@&#8203;dependabot](https://redirect.github.com/dependabot) in
[#&#8203;1253](https://redirect.github.com/actions/setup-python/pull/1253)
and
[#&#8203;1264](https://redirect.github.com/actions/setup-python/pull/1264)

**Full Changelog**:
<https://github.com/actions/setup-python/compare/v6...v6.2.0>

</details>

<details>
<summary>astral-sh/setup-uv (astral-sh/setup-uv)</summary>

###
[`v7.2.1`](https://redirect.github.com/astral-sh/setup-uv/releases/tag/v7.2.1):
🌈 update known checksums up to 0.9.28

[Compare
Source](https://redirect.github.com/astral-sh/setup-uv/compare/v7.2.0...v7.2.1)

##### Changes

##### 🧰 Maintenance

- chore: update known checksums for 0.9.28
@&#8203;[github-actions\[bot\]](https://redirect.github.com/apps/github-actions)
([#&#8203;744](https://redirect.github.com/astral-sh/setup-uv/issues/744))
- chore: update known checksums for 0.9.27
@&#8203;[github-actions\[bot\]](https://redirect.github.com/apps/github-actions)
([#&#8203;742](https://redirect.github.com/astral-sh/setup-uv/issues/742))
- chore: update known checksums for 0.9.26
@&#8203;[github-actions\[bot\]](https://redirect.github.com/apps/github-actions)
([#&#8203;734](https://redirect.github.com/astral-sh/setup-uv/issues/734))
- chore: update known checksums for 0.9.25
@&#8203;[github-actions\[bot\]](https://redirect.github.com/apps/github-actions)
([#&#8203;733](https://redirect.github.com/astral-sh/setup-uv/issues/733))
- chore: update known checksums for 0.9.24
@&#8203;[github-actions\[bot\]](https://redirect.github.com/apps/github-actions)
([#&#8203;730](https://redirect.github.com/astral-sh/setup-uv/issues/730))

##### 📚 Documentation

- Clarify impact of using actions/setup-python
[@&#8203;eifinger](https://redirect.github.com/eifinger)
([#&#8203;732](https://redirect.github.com/astral-sh/setup-uv/issues/732))

##### ⬆️ Dependency updates

- Bump zizmorcore/zizmor-action from 0.3.0 to 0.4.1
@&#8203;[dependabot\[bot\]](https://redirect.github.com/apps/dependabot)
([#&#8203;741](https://redirect.github.com/astral-sh/setup-uv/issues/741))

###
[`v7.2.0`](https://redirect.github.com/astral-sh/setup-uv/releases/tag/v7.2.0):
🌈 add outputs python-version and python-cache-hit

[Compare
Source](https://redirect.github.com/astral-sh/setup-uv/compare/v7.1.6...v7.2.0)

##### Changes

Among some minor typo fixes and quality of life features for developers
of actions the main feature of this release are new outputs:

- **python-version:** The Python version that was set (same content as
existing `UV_PYTHON`)
- **python-cache-hit:** A boolean value to indicate the Python cache
entry was found

While implementing this it became clear, that it is easier to handle the
Python binaries in a separate cache entry. The added benefit for users
is that the "normal" cache containing the dependencies can be used in
all runs no matter if these cache the Python binaries or not.

> \[!NOTE]\
> This release will invalidate caches that contain the Python binaries.
This happens a single time.

##### 🐛 Bug fixes

- chore: remove stray space from UV\_PYTHON\_INSTALL\_DIR message
[@&#8203;akx](https://redirect.github.com/akx)
([#&#8203;720](https://redirect.github.com/astral-sh/setup-uv/issues/720))

##### 🚀 Enhancements

- add outputs python-version and python-cache-hit
[@&#8203;eifinger](https://redirect.github.com/eifinger)
([#&#8203;728](https://redirect.github.com/astral-sh/setup-uv/issues/728))
- Add action typings with validation
[@&#8203;krzema12](https://redirect.github.com/krzema12)
([#&#8203;721](https://redirect.github.com/astral-sh/setup-uv/issues/721))

##### 🧰 Maintenance

- fix: use uv\_build backend for old-python-constraint-project
[@&#8203;eifinger](https://redirect.github.com/eifinger)
([#&#8203;729](https://redirect.github.com/astral-sh/setup-uv/issues/729))
- chore: update known checksums for 0.9.22
@&#8203;[github-actions\[bot\]](https://redirect.github.com/apps/github-actions)
([#&#8203;727](https://redirect.github.com/astral-sh/setup-uv/issues/727))
- chore: update known checksums for 0.9.21
@&#8203;[github-actions\[bot\]](https://redirect.github.com/apps/github-actions)
([#&#8203;726](https://redirect.github.com/astral-sh/setup-uv/issues/726))
- chore: update known checksums for 0.9.20
@&#8203;[github-actions\[bot\]](https://redirect.github.com/apps/github-actions)
([#&#8203;725](https://redirect.github.com/astral-sh/setup-uv/issues/725))
- chore: update known checksums for 0.9.18
@&#8203;[github-actions\[bot\]](https://redirect.github.com/apps/github-actions)
([#&#8203;718](https://redirect.github.com/astral-sh/setup-uv/issues/718))

##### ⬆️ Dependency updates

- Bump peter-evans/create-pull-request from 7.0.9 to 8.0.0
@&#8203;[dependabot\[bot\]](https://redirect.github.com/apps/dependabot)
([#&#8203;719](https://redirect.github.com/astral-sh/setup-uv/issues/719))
- Bump github/codeql-action from 4.31.6 to 4.31.9
@&#8203;[dependabot\[bot\]](https://redirect.github.com/apps/dependabot)
([#&#8203;723](https://redirect.github.com/astral-sh/setup-uv/issues/723))

</details>

<details>
<summary>github/codeql-action (github/codeql-action)</summary>

###
[`v4.32.1`](https://redirect.github.com/github/codeql-action/releases/tag/v4.32.1)

[Compare
Source](https://redirect.github.com/github/codeql-action/compare/v4.32.0...v4.32.1)

- A warning is now shown in Default Setup workflow logs if a [private
package registry is
configured](https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries)
using a GitHub Personal Access Token (PAT), but no username is
configured.
[#&#8203;3422](https://redirect.github.com/github/codeql-action/pull/3422)
- Fixed a bug which caused the CodeQL Action to fail when repository
properties cannot successfully be retrieved.
[#&#8203;3421](https://redirect.github.com/github/codeql-action/pull/3421)

###
[`v4.32.0`](https://redirect.github.com/github/codeql-action/releases/tag/v4.32.0)

[Compare
Source](https://redirect.github.com/github/codeql-action/compare/v4.31.11...v4.32.0)

- Update default CodeQL bundle version to
[2.24.0](https://redirect.github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.0).
[#&#8203;3425](https://redirect.github.com/github/codeql-action/pull/3425)

###
[`v4.31.11`](https://redirect.github.com/github/codeql-action/releases/tag/v4.31.11)

[Compare
Source](https://redirect.github.com/github/codeql-action/compare/v4.31.10...v4.31.11)

- When running a Default Setup workflow with [Actions debugging
enabled](https://docs.github.com/en/actions/how-tos/monitor-workflows/enable-debug-logging),
the CodeQL Action will now use more unique names when uploading logs
from the Dependabot authentication proxy as workflow artifacts. This
ensures that the artifact names do not clash between multiple jobs in a
build matrix.
[#&#8203;3409](https://redirect.github.com/github/codeql-action/pull/3409)
- Improved error handling throughout the CodeQL Action.
[#&#8203;3415](https://redirect.github.com/github/codeql-action/pull/3415)
- Added experimental support for automatically excluding [generated
files](https://docs.github.com/en/repositories/working-with-files/managing-files/customizing-how-changed-files-appear-on-github)
from the analysis. This feature is not currently enabled for any
analysis. In the future, it may be enabled by default for some
GitHub-managed analyses.
[#&#8203;3318](https://redirect.github.com/github/codeql-action/pull/3318)
- The changelog extracts that are included with releases of the CodeQL
Action are now shorter to avoid duplicated information from appearing in
Dependabot PRs.
[#&#8203;3403](https://redirect.github.com/github/codeql-action/pull/3403)

###
[`v4.31.10`](https://redirect.github.com/github/codeql-action/releases/tag/v4.31.10)

[Compare
Source](https://redirect.github.com/github/codeql-action/compare/v4.31.9...v4.31.10)

##### CodeQL Action Changelog

See the [releases
page](https://redirect.github.com/github/codeql-action/releases) for the
relevant changes to the CodeQL CLI and language packs.

##### 4.31.10 - 12 Jan 2026

- Update default CodeQL bundle version to 2.23.9.
[#&#8203;3393](https://redirect.github.com/github/codeql-action/pull/3393)

See the full
[CHANGELOG.md](https://redirect.github.com/github/codeql-action/blob/v4.31.10/CHANGELOG.md)
for more information.

</details>

<details>
<summary>renovatebot/github-action (renovatebot/github-action)</summary>

###
[`v46.0.1`](https://redirect.github.com/renovatebot/github-action/releases/tag/v46.0.1)

[Compare
Source](https://redirect.github.com/renovatebot/github-action/compare/v46.0.0...v46.0.1)

##### Miscellaneous Chores

- **deps:** update dependency
[@&#8203;tsconfig/strictest](https://redirect.github.com/tsconfig/strictest)
to v2.0.8
([#&#8203;959](https://redirect.github.com/renovatebot/github-action/issues/959))
([6ba4a5c](https://redirect.github.com/renovatebot/github-action/commit/6ba4a5c49bdc84e5abe747dbed81d165c999671b))
- **deps:** update dependency prettier-plugin-packagejson to v3
([#&#8203;999](https://redirect.github.com/renovatebot/github-action/issues/999))
([bce6a9f](https://redirect.github.com/renovatebot/github-action/commit/bce6a9f3a2fda6ad56daafcf36a91a1f46d1257e))
- **deps:** update dependency renovatebot/github-action to v46
([#&#8203;1011](https://redirect.github.com/renovatebot/github-action/issues/1011))
([4d7de57](https://redirect.github.com/renovatebot/github-action/commit/4d7de5784c7b92e319fd32b1af7a8d38fe64460b))
- **deps:** update prettier packages
([#&#8203;988](https://redirect.github.com/renovatebot/github-action/issues/988))
([8a6192f](https://redirect.github.com/renovatebot/github-action/commit/8a6192ff3afc4d35378faa05f1263bd5d581f0e3))

##### Build System

- **deps:** lock file maintenance
([2fec032](https://redirect.github.com/renovatebot/github-action/commit/2fec0324c9ed9958e191c1584cbbe6393bd4201f))

##### Continuous Integration

- **deps:** update ghcr.io/renovatebot/renovate docker tag to v43.0.6
([d361423](https://redirect.github.com/renovatebot/github-action/commit/d361423d7ca6c8b6aecac06de635f3eab4c50fba))
- **deps:** update ghcr.io/renovatebot/renovate docker tag to v43.0.8
([c0ab525](https://redirect.github.com/renovatebot/github-action/commit/c0ab525a8c1ce24e8cfd103da4fc815757517cea))
- **deps:** update ghcr.io/renovatebot/renovate docker tag to v43.0.9
([9f55a79](https://redirect.github.com/renovatebot/github-action/commit/9f55a793098a593ef48e940e86d2ef8a6d2aaef3))

###
[`v46.0.0`](https://redirect.github.com/renovatebot/github-action/releases/tag/v46.0.0)

[Compare
Source](https://redirect.github.com/renovatebot/github-action/compare/v45.0.3...v46.0.0)

##### ⚠ BREAKING CHANGES

- **deps:** Update ghcr.io/renovatebot/renovate Docker tag to v43
([#&#8203;993](https://redirect.github.com/renovatebot/github-action/issues/993))

##### Features

- **deps:** Update ghcr.io/renovatebot/renovate Docker tag to v43
([#&#8203;993](https://redirect.github.com/renovatebot/github-action/issues/993))
([ae99b37](https://redirect.github.com/renovatebot/github-action/commit/ae99b3785a62172a73624ed1b9675e3253859a7b))

###
[`v45.0.3`](https://redirect.github.com/renovatebot/github-action/releases/tag/v45.0.3)

[Compare
Source](https://redirect.github.com/renovatebot/github-action/compare/v45.0.2...v45.0.3)

##### Bug Fixes

- **deps:** update dependency
[@&#8203;actions/core](https://redirect.github.com/actions/core) to v3
([#&#8203;1008](https://redirect.github.com/renovatebot/github-action/issues/1008))
([d724dd3](https://redirect.github.com/renovatebot/github-action/commit/d724dd314fec182f6a6763dc421f460bc8161514))

###
[`v45.0.2`](https://redirect.github.com/renovatebot/github-action/releases/tag/v45.0.2)

[Compare
Source](https://redirect.github.com/renovatebot/github-action/compare/v45.0.1...v45.0.2)

##### Bug Fixes

- **deps:** update dependency
[@&#8203;actions/exec](https://redirect.github.com/actions/exec) to v3
([#&#8203;1009](https://redirect.github.com/renovatebot/github-action/issues/1009))
([e098430](https://redirect.github.com/renovatebot/github-action/commit/e098430c9cb1d90887f879b0a0a7d4179bbb0c13))

##### Miscellaneous Chores

- **deps:** replace dependency
[@&#8203;tsconfig/node20](https://redirect.github.com/tsconfig/node20)
with
[@&#8203;tsconfig/node22](https://redirect.github.com/tsconfig/node22)
([#&#8203;1010](https://redirect.github.com/renovatebot/github-action/issues/1010))
([df519dc](https://redirect.github.com/renovatebot/github-action/commit/df519dcd60c57f54daf148ccbc3127b040e77977))
- **deps:** update dependency
[@&#8203;tsconfig/node22](https://redirect.github.com/tsconfig/node22)
to v22.0.5
([29e7d61](https://redirect.github.com/renovatebot/github-action/commit/29e7d615e01933658c14b6943d39bceed217e12c))

###
[`v45.0.1`](https://redirect.github.com/renovatebot/github-action/releases/tag/v45.0.1)

[Compare
Source](https://redirect.github.com/renovatebot/github-action/compare/v45.0.0...v45.0.1)

##### Bug Fixes

- **deps:** update dependency
[@&#8203;actions/core](https://redirect.github.com/actions/core) to v2
([#&#8203;1005](https://redirect.github.com/renovatebot/github-action/issues/1005))
([ffd1bc7](https://redirect.github.com/renovatebot/github-action/commit/ffd1bc72a666c7cc29569b7688cca376dd91fddb))
- **deps:** update dependency
[@&#8203;actions/exec](https://redirect.github.com/actions/exec) to v2
([#&#8203;1007](https://redirect.github.com/renovatebot/github-action/issues/1007))
([8680378](https://redirect.github.com/renovatebot/github-action/commit/86803785c4bf9fba44efff62d01c2cd99ed35b82))

##### Miscellaneous Chores

- **deps:** update dependency
[@&#8203;types/node](https://redirect.github.com/types/node) to v24
([#&#8203;976](https://redirect.github.com/renovatebot/github-action/issues/976))
([d2b9da6](https://redirect.github.com/renovatebot/github-action/commit/d2b9da6597028229837625c6da3c9f31d47d25b3))
- **deps:** update dependency globals to v17
([#&#8203;1001](https://redirect.github.com/renovatebot/github-action/issues/1001))
([f391c83](https://redirect.github.com/renovatebot/github-action/commit/f391c83282f19ca8fee9cbf91e562a449e441f3e))
- **deps:** update dependency renovatebot/github-action to v45
([#&#8203;1006](https://redirect.github.com/renovatebot/github-action/issues/1006))
([19b5bd8](https://redirect.github.com/renovatebot/github-action/commit/19b5bd8e8d1f6fde5487dc2504029ea599673e6b))
- **renovate:** fix config
([#&#8203;998](https://redirect.github.com/renovatebot/github-action/issues/998))
([dffa4d4](https://redirect.github.com/renovatebot/github-action/commit/dffa4d470d5e18f50245b958b6d5246d88434905))
- **renovate:** group all renovate major updates
([#&#8203;1003](https://redirect.github.com/renovatebot/github-action/issues/1003))
([969380c](https://redirect.github.com/renovatebot/github-action/commit/969380c2b49e94b0b6afde3330fbb5d141e6043b))

##### Continuous Integration

- fix renovate comment for grouping
([#&#8203;1004](https://redirect.github.com/renovatebot/github-action/issues/1004))
([a07086a](https://redirect.github.com/renovatebot/github-action/commit/a07086ad34eb188e9864831ed9710574c3b1d6e2))

###
[`v45.0.0`](https://redirect.github.com/renovatebot/github-action/releases/tag/v45.0.0)

[Compare
Source](https://redirect.github.com/renovatebot/github-action/compare/v44.2.6...v45.0.0)

##### ⚠ BREAKING CHANGES

- Require node v24
([#&#8203;989](https://redirect.github.com/renovatebot/github-action/issues/989))

##### Features

- Require node v24
([#&#8203;989](https://redirect.github.com/renovatebot/github-action/issues/989))
([569b928](https://redirect.github.com/renovatebot/github-action/commit/569b92826f6a7e3df94e82f5dad229063ff7d6d7))

##### Miscellaneous Chores

- allow js explicit
([#&#8203;991](https://redirect.github.com/renovatebot/github-action/issues/991))
([5b01b35](https://redirect.github.com/renovatebot/github-action/commit/5b01b3588fa5db5a944177e7cfa40aaab600e886))
- **deps:** update actions/cache action to v5.0.3
([5075ddc](https://redirect.github.com/renovatebot/github-action/commit/5075ddc5f208d54794cbd95d08e0c1a8ff53e9e6))
- **deps:** update dependency typescript-eslint to v8.53.1
([066c0b5](https://redirect.github.com/renovatebot/github-action/commit/066c0b536ae0443e21d16dc65649f83d308de162))
- **deps:** update pnpm to v10.28.1
([c0fa679](https://redirect.github.com/renovatebot/github-action/commit/c0fa67965700b9f30489700e7973b6dce85b2f1e))
- **renovate:** group all Renovate updates together
([#&#8203;992](https://redirect.github.com/renovatebot/github-action/issues/992))
([253db8a](https://redirect.github.com/renovatebot/github-action/commit/253db8a282b831ac1e65973118fbdd60127a5bd6))
- **renovater:** exclude major from docs grouping
([#&#8203;996](https://redirect.github.com/renovatebot/github-action/issues/996))
([4dfbc50](https://redirect.github.com/renovatebot/github-action/commit/4dfbc50e4cd57a07cbc4e677d553416802052323))

##### Continuous Integration

- add auto reviewer
([#&#8203;990](https://redirect.github.com/renovatebot/github-action/issues/990))
([5aaf050](https://redirect.github.com/renovatebot/github-action/commit/5aaf05075dbb328cdfe10e0d2f205fdaf6fc88e2))
- **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.92.10
([b74d2be](https://redirect.github.com/renovatebot/github-action/commit/b74d2be509260ab0942b9c20d17d1f2e92ca36bb))
- **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.92.11
([6eb6ef2](https://redirect.github.com/renovatebot/github-action/commit/6eb6ef2c88dc495e6545063fa18b2ba5959cdc98))
- **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.92.5
([7996fff](https://redirect.github.com/renovatebot/github-action/commit/7996fff47b57d15d883cdafa60896733fbf2caf3))
- **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.92.9
([df65844](https://redirect.github.com/renovatebot/github-action/commit/df6584424320266dff91a05b337e8c271e36631c))
- **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.94.6
([4990c24](https://redirect.github.com/renovatebot/github-action/commit/4990c2463a605b5d268739c2e0e3acd35bdb22de))
- **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.94.7
([e9974c0](https://redirect.github.com/renovatebot/github-action/commit/e9974c0c75a032401fe5155716049b7d67e113a7))
- **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.95.0
([21d8fc4](https://redirect.github.com/renovatebot/github-action/commit/21d8fc497ef3a5b2bf20231f60e3b19c64761e24))
- **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.95.1
([9332c36](https://redirect.github.com/renovatebot/github-action/commit/9332c36063d686fedea4e0169b6365b92e828619))
- **deps:** update renovate docker tag to v42.92.10
([d798112](https://redirect.github.com/renovatebot/github-action/commit/d79811201e6072dbaa766f14308ab8ee6d09f25c))
- **deps:** update renovate docker tag to v42.92.11
([a058a2f](https://redirect.github.com/renovatebot/github-action/commit/a058a2fe1e17f63d76fb171471c0ea30dfcc822a))
- **deps:** update renovate docker tag to v42.94.6
([68f0c4c](https://redirect.github.com/renovatebot/github-action/commit/68f0c4cd667b2b492ea1bc05de732c6952473b53))
- **deps:** update renovate docker tag to v42.94.7
([30bf1bf](https://redirect.github.com/renovatebot/github-action/commit/30bf1bf6d608f685d2e6a14476ea48f04153ab96))
- **deps:** update renovate docker tag to v42.95.1
([416d47f](https://redirect.github.com/renovatebot/github-action/commit/416d47fe4291763dcc05040d390951994fa5c74b))

###
[`v44.2.6`](https://redirect.github.com/renovatebot/github-action/releases/tag/v44.2.6)

[Compare
Source](https://redirect.github.com/renovatebot/github-action/compare/v44.2.5...v44.2.6)

##### Documentation

- update references to actions/checkout to v6.0.2
([c493b2d](https://redirect.github.com/renovatebot/github-action/commit/c493b2df50126f1ed2a7584b5609028477004d10))
- update references to ghcr.io/renovatebot/renovate to v42.92.4
([75fe498](https://redirect.github.com/renovatebot/github-action/commit/75fe4986fc09e12ee7e38caae4181b5e3e80cc93))
- update references to renovatebot/github-action to v44.2.5
([8627919](https://redirect.github.com/renovatebot/github-action/commit/862791922488c9b10d6ffa62da1d21abe38f7cb5))

##### Miscellaneous Chores

- **deps:** update dependency
[@&#8203;types/node](https://redirect.github.com/types/node) to
v20.19.29
([b8ce015](https://redirect.github.com/renovatebot/github-action/commit/b8ce01539a8a2d7b455ad8cdab9c8495a999accf))
- **deps:** update dependency
[@&#8203;types/node](https://redirect.github.com/types/node) to
v20.19.30
([c2d6419](https://redirect.github.com/renovatebot/github-action/commit/c2d6419e25b9a8dee75f9d9e171d4025c7c191fa))
- **deps:** update dependency prettier to v3.8.0
([d0197d9](https://redirect.github.com/renovatebot/github-action/commit/d0197d9a2eecb4144b83b40182b0ed0ccbef2ad7))
- **deps:** update dependency prettier-plugin-packagejson to v2.5.21
([0725f72](https://redirect.github.com/renovatebot/github-action/commit/0725f725f5d81d9f4778460fb2cd6c496780bfcc))
- **deps:** update dependency typescript-eslint to v8.53.0
([c3071bc](https://redirect.github.com/renovatebot/github-action/commit/c3071bc0c8635c1307f07ce75e2108efd93e21b7))

##### Build System

- **deps:** lock file maintenance
([8267212](https://redirect.github.com/renovatebot/github-action/commit/8267212ee8fc6a4bb5bf6118249caf977a159b12))

##### Continuous Integration

- **deps:** update actions/checkout action to v6.0.2
([bca8c02](https://redirect.github.com/renovatebot/github-action/commit/bca8c029ef60bf8ceb262a139e7ab7be13c992b6))
- **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.85.4
([52745be](https://redirect.github.com/renovatebot/github-action/commit/52745be575dfffffd5782383db2e88caa73ce0fe))
- **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.85.5
([6ebcfac](https://redirect.github.com/renovatebot/github-action/commit/6ebcfac57b64780ca3cd43778ed7826806cfc052))
- **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.85.6
([e3e66f1](https://redirect.github.com/renovatebot/github-action/commit/e3e66f1d2a89ce8cedc8a5a743f88dee57704b64))
- **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.85.7
([312511e](https://redirect.github.com/renovatebot/github-action/commit/312511e6cacb2bd13d042c31ebfd3a3282ecf173))
- **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.85.8
([d94ec39](https://redirect.github.com/renovatebot/github-action/commit/d94ec392f99a446b4102a7478f0a52bab8a7f66e))
- **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.86.0
([3bab076](https://redirect.github.com/renovatebot/github-action/commit/3bab076751c5b9c5459fdcf888ab1504f190fe71))
- **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.86.1
([48d3490](https://redirect.github.com/renovatebot/github-action/commit/48d349050ac2cc1fc962d1cda3fc498d63754a38))
- **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.87.0
([bbd25ac](https://redirect.github.com/renovatebot/github-action/commit/bbd25ac6ff9369fab986d3b7ad3ffc8bc1294c70))
- **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.88.2
([d587065](https://redirect.github.com/renovatebot/github-action/commit/d58706580f28a0a8103e7a83f033bb8575431aca))
- **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.89.2
([9d5f277](https://redirect.github.com/renovatebot/github-action/commit/9d5f277e432f618e6eda1c554bcdb9ee90e7b9b6))
- **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.89.4
([f7d4fc7](https://redirect.github.com/renovatebot/github-action/commit/f7d4fc73fef5c8989b1a177527de0036f111ae03))
- **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.90.0
([28f1aa9](https://redirect.github.com/renovatebot/github-action/commit/28f1aa9045dfa99e260cd5efd71d0b93d6a1f3c4))
- **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.90.1
([fe77734](https://redirect.github.com/renovatebot/github-action/commit/fe777345b0c2584d17c82528f4b08b3a0a0438c0))
- **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.90.2
([6e8ea66](https://redirect.github.com/renovatebot/github-action/commit/6e8ea66de8e70481d0bdbaed9a826eb391d1fd1b))
- **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.92.0
([#&#8203;987](https://redirect.github.com/renovatebot/github-action/issues/987))
([0d4c9d2](https://redirect.github.com/renovatebot/github-action/commit/0d4c9d226942f8e710bec406b7c07aefbb55d526))
- **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.92.1
([c4feabe](https://redirect.github.com/renovatebot/github-action/commit/c4feabe257cbd8981b68fbe7db059812746ab449))
- **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.92.2
([be0a612](https://redirect.github.com/renovatebot/github-action/commit/be0a61256e3f9d7baa8abf07c03a3400dfc1306e))
- **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.92.3
([fd97c3a](https://redirect.github.com/renovatebot/github-action/commit/fd97c3ac4d776c76c0596595af1cb11bbd20334c))
- **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.92.4
([5ec2068](https://redirect.github.com/renovatebot/github-action/commit/5ec2068dacb1060fcce91378a45de5631874d907))
- **deps:** update renovate docker tag to v42.85.3
([f0b16d5](https://redirect.github.com/renovatebot/github-action/commit/f0b16d522df9b7184c324e3c34dc9d363a6a139f))
- **deps:** update renovate docker tag to v42.85.4
([19046c0](https://redirect.github.com/renovatebot/github-action/commit/19046c0b1c3a98246153121860130c8afaea26ac))
- **deps:** update renovate docker tag to v42.85.5
([2523d2e](https://redirect.github.com/renovatebot/github-action/commit/2523d2e45a8a88fbfc43b2d24b19cd9c9bd15280))
- **deps:** update renovate docker tag to v42.85.6
([7ffd65f](https://redirect.github.com/renovatebot/github-action/commit/7ffd65f43cbfb3c147cd06c59b52bb72c0fa7e45))
- **deps:** update renovate docker tag to v42.85.7
([4171b3b](https://redirect.github.com/renovatebot/github-action/commit/4171b3b9ef1391132adc1c065bedaf5f63a5c628))
- **deps:** update renovate docker tag to v42.85.8
([1c5ac30](https://redirect.github.com/renovatebot/github-action/commit/1c5ac30c32fe1e3683db47e91763cbcf2ddf7aeb))
- **deps:** update renovate docker tag to v42.86.0
([0256625](https://redirect.github.com/renovatebot/github-action/commit/0256625e586c6a017967cd898dd2b41744fd4e5b))
- **deps:** update renovate docker tag to v42.86.1
([5430625](https://redirect.github.com/renovatebot/github-action/commit/5430625a62960a83ffeebc8cf1fb09147b9fec68))
- **deps:** update renovate docker tag to v42.87.0
([c8fd526](https://redirect.github.com/renovatebot/github-action/commit/c8fd5266dcbd52e3c1285f6dbc4ca0aae4d4c0e7))
- **deps:** update renovate docker tag to v42.88.2
([32fbc45](https://redirect.github.com/renovatebot/github-action/commit/32fbc452d90c7c10413b234d0de0da4555cf4973))
- **deps:** update renovate docker tag to v42.89.2
([f5b09cb](https://redirect.github.com/renovatebot/github-action/commit/f5b09cb510af71a0787f72be7d699abc4ebfbd93))
- **deps:** update renovate docker tag to v42.89.3
([2128873](https://redirect.github.com/renovatebot/github-action/commit/21288739c342d5148a6147881e9e516ab739ef36))
- **deps:** update renovate docker tag to v42.89.4
([80dcf09](https://redirect.github.com/renovatebot/github-action/commit/80dcf09c980662d8f4fe902bd609fa3719f2cf3c))
- **deps:** update renovate docker tag to v42.90.0
([481c844](https://redirect.github.com/renovatebot/github-action/commit/481c84412238aea7f4e1f50fb4c3b66c24b28be7))
- **deps:** update renovate docker tag to v42.90.2
([65f6aaf](https://redirect.github.com/renovatebot/github-action/commit/65f6aaf7f047eef7286c354a39bafa2d5dcfef7d))
- **deps:** update renovate docker tag to v42.92.0
([7cf9d8e](https://redirect.github.com/renovatebot/github-action/commit/7cf9d8ea17208ebd9a44cc531e5fa3cdee144c1c))
- **deps:** update renovate docker tag to v42.92.1
([e39ac1d](https://redirect.github.com/renovatebot/github-action/commit/e39ac1d6a04cb7b1376eab09c5bcac931b1c54d0))
- **deps:** update renovate docker tag to v42.92.2
([39f256b](https://redirect.github.com/renovatebot/github-action/commit/39f256bd8ba89b3fbeb226aeb6ac403515c24eaa))
- **deps:** update renovate docker tag to v42.92.3
([67fe0c3](https://redirect.github.com/renovatebot/github-action/commit/67fe0c36c9262933eb0cb7c1e337b193582a18ec))
- **deps:** update renovate docker tag to v42.92.4
([9216196](https://redirect.github.com/renovatebot/github-action/commit/9216196086fde6845d30aff0ea5e8d0497ae717e))

###
[`v44.2.5`](https://redirect.github.com/renovatebot/github-action/releases/tag/v44.2.5)

[Compare
Source](https://redirect.github.com/renovatebot/github-action/compare/v44.2.4...v44.2.5)

##### Documentation

- update references to ghcr.io/renovatebot/renovate to v42.84.2
([bee68c6](https://redirect.github.com/renovatebot/github-action/commit/bee68c6b42e9d7a194c88cdf869a453e0c2f4cf0))
- update references to renovatebot/github-action to v44.2.4
([155b66f](https://redirect.github.com/renovatebot/github-action/commit/155b66f279faa124e70467aca245188cc64831e7))

##### Miscellaneous Chores

- **deps:** update actions/cache action to v5.0.2
([6b82695](https://redirect.github.com/renovatebot/github-action/commit/6b82695fd98bcc86e02fed1139beb3cd38a16807))
- **deps:** update actions/setup-node action to v6.2.0
([13b6940](https://redirect.github.com/renovatebot/github-action/commit/13b6940c1cde6aecf007d48cbede634d5eba2844))
- **deps:** update commitlint monorepo to v20.3.1
([9725b51](https://redirect.github.com/renovatebot/github-action/commit/9725b51221820e783c5a9315501edffe1592e540))
- **deps:** update dependency
[@&#8203;types/node](https://redirect.github.com/types/node) to
v20.19.28
([afd25d6](https://redirect.github.com/renovatebot/github-action/commit/afd25d6eb6dd02957f87b97325e7771483510e3a))
- **deps:** update dependency typescript-eslint to v8.52.0
([5440251](https://redirect.github.com/renovatebot/github-action/commit/54402511510b73e7cee73738a38d8274c808e045))
- **deps:** update node.js to v24.13.0
([abda118](https://redirect.github.com/renovatebot/github-action/commit/abda118d56c972a29531bf8e0cbb3a7cd470e670))
- **deps:** update pnpm to v10.28.0
([7e73d9a](https://redirect.github.com/renovatebot/github-action/commit/7e73d9ab182234cbf9483b9bb47e53d12e0a2dc1))

##### Build System

- **deps:** lock file maintenance
([40d0e4f](https://redirect.github.com/renovatebot/github-action/commit/40d0e4f770aee3d5e3234187bfeed232c6b6eabd))

##### Continuous Integration

- **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.79.2
([0c847db](https://redirect.github.com/renovatebot/github-action/commit/0c847dbd22f599545e06bbae7f15a13aa9c916e1))
- **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.80.0
([ce838c6](https://redirect.github.com/renovatebot/github-action/commit/ce838c6ff6983f1902e108a1a8e8815423a296b7))
- **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.80.1
([28448a0](https://redirect.github.com/renovatebot/github-action/commit/28448a032e6f5f285bafea4d6f64792a0315caa3))
- **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.80.2
([34d045f](https://redirect.github.com/renovatebot/github-action/commit/34d045f6ec248e0556899059778f012a0d1dde00))
- **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.81.0
([cad1a9f](https://redirect.github.com/renovatebot/github-action/commit/cad1a9f9a484883e23096d7eb2dcc0baa6be2a8f))
- **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.81.1
([61f6467](https://redirect.github.com/renovatebot/github-action/commit/61f6467333e91510488ec4cfe27a7315a36e8436))
- **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.81.11
([827eecb](https://redirect.github.com/renovatebot/github-action/commit/827eecb12bcd4e43675ba7c80c198ef8e6ba0641))
- **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.81.13
([4dad087](https://redirect.github.com/renovatebot/github-action/commit/4dad0877aece9841117077d650458766ba4af791))
- **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.81.15
([2fbf483](https://redirect.github.com/renovatebot/github-action/commit/2fbf483c4dbb7cbc4ff8c7614430e8a8eb2dfded))
- **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.81.2
([341e799](https://redirect.github.com/renovatebot/github-action/commit/341e799bcee0866618f10fc29997ecfdf19322c6))
- **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.81.3
([c1e52d7](https://redirect.github.com/renovatebot/github-action/commit/c1e52d7db30ea5541c88adcf193b47d052f47efa))
- **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.81.4
([c837398](https://redirect.github.com/renovatebot/github-action/commit/c837398dd077e77b797a122b46f8327b85d85d9c))
- **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.81.5
([d3ef4cc](https://redirect.github.com/renovatebot/github-action/commit/d3ef4cc6785a50acf6fd88095a088247ecf9e681))
- **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.81.7
([7db10dc](https://redirect.github.com/renovatebot/github-action/commit/7db10dc83896f6a83536cf612aa3fc1fd2100486))
- **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.81.8
([9a4c598](https://redirect.github.com/renovatebot/github-action/commit/9a4c5980681b14a22581c0107addcb3c2c13cc24))
- **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.82.1
([91336be](https://redirect.github.com/renovatebot/github-action/commit/91336be3d3da073197cf85dd4f789d14e45213e4))
- **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.82.3
([50179b9](https://redirect.github.com/renovatebot/github-action/commit/50179b9570bf017940ba8de9e49b694b4872a1fd))
- **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.83.0
([584d04a](https://redirect.github.com/renovatebot/github-action/commit/584d04a136e07ce648ce8b9f2b766c0bfd41daa3))
- **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.83.1
([5050627](https://redirect.github.com/renovatebot/github-action/commit/50506271a36aefe00f6d9cbcbaa27eed0d4c8b64))
- **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.84.0
([37f4ae6](https://redirect.github.com/renovatebot/github-action/commit/37f4ae6101b45701a0441f4f7cb656246160892f))
- **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.84.2
([213c451](https://redirect.github.com/renovatebot/github-action/commit/213c451fb3d5eb3efbcb5b585980df7ef5f13fc0))
- **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.85.3
([e3f9bec](https://redirect.github.com/renovatebot/github-action/commit/e3f9bec661d5636df1fe718ca9c2ad8f61e34599))
- **deps:** update renovate docker tag to v42.79.2
([866508e](https://redirect.github.com/renovatebot/github-action/commit/866508e644ffae175ce95724c6c071467ea6732e))
- **deps:** update renovate docker tag to v42.80.0
([fd69857](https://redirect.github.com/renovatebot/github-action/commit/fd6985724493e66e8b0d11f1b40b6666ef7ce923))
- **deps:** update renovate docker tag to v42.80.1
([415ac31](https://redirect.github.com/renovatebot/github-action/commit/415ac314d9facdd317633c7313e37c513cf9d77a))
- **deps:** update renovate docker tag to v42.80.2
([616daf5](https://redirect.github.com/renovatebot/github-action/commit/616daf590f51095778845ef7848a6aac892a7edd))
- **deps:** update renovate docker tag to v42.81.0
([d0f3cb0](https://redirect.github.com/renovatebot/github-action/commit/d0f3cb0f685d8f4193bed0dbf322da991805bd10))
- **deps:** update renovate docker tag to v42.81.1
([d61fab0](https://redirect.github.com/renovatebot/github-action/commit/d61fab04d170a491e5a90042de2a02774ce35817))
- **deps:** update renovate docker tag to v42.81.11
([7e3ecb9](https://redirect.github.com/renovatebot/github-action/commit/7e3ecb996d47d569b5596f013ad6d25f3e2d2d45))
- **deps:** update renovate docker tag to v42.81.13
([56dbe58](https://redirect.github.com/renovatebot/github-action/commit/56dbe580daf517487a72893f584cd6ae22f2b8f6))
- **deps:** update renovate docker tag to v42.81.2
([b0e457c](https://redirect.github.com/renovatebot/github-action/commit/b0e457ce30da3f52984c6908a96940d909e8fe5a))
- **deps:** update renovate docker tag to v42.81.3
([21dcf73](https://redirect.github.com/renovatebot/github-action/commit/21dcf73de6c8bca93e903ae7d7ecbcdf8d9757fc))
- **deps:** update renovate docker tag to v42.81.4
([211b1b5](https://redirect.github.com/renovatebot/github-action/commit/211b1b5bed7595cad455ac5538924028da6aac24))
- **deps:** update renovate docker tag to v42.81.5
([19894e9](https://redirect.github.com/renovatebot/github-action/commit/19894e9e4f162eaa70d88aba3efe4ab2fd705b0b))
- **deps:** update renovate docker tag to v42.81.7
([877c171](https://redirect.github.com/renovatebot/github-action/commit/877c17183a2f7c1b465ccd2ac9347a18daa38b61))
- **deps:** update renovate docker tag to v42.81.8
([f0ffaaa](https://redirect.github.com/renovatebot/github-action/commit/f0ffaaa8f34633168a5d24421c8b5dece47f0c78))
- **deps:** update renovate docker tag to v42.82.1
([7deb14c](https://redirect.github.com/renovatebot/github-action/commit/7deb14cb296ffcac5eba067c6cc39d2082aeacad))
- **deps:** update renovate docker tag to v42.82.3
([911651e](https://redirect.github.com/renovatebot/github-action/commit/911651e5cf0dd10e3af942e6e2401da49beb356f))
- **deps:** update renovate docker tag to v42.83.0
([#&#8203;986](https://redirect.github.com/renovatebot/github-action/issues/986))
([2c196f3](https://redirect.github.com/renovatebot/github-action/commit/2c196f3458186d45413e50630d138d9ea36ca058))
- **deps:** update renovate docker tag to v42.83.1
([690cf78](https://redirect.github.com/renovatebot/github-action/commit/690cf78d306309db19976963ba0c0de910e2ba2a))
- **deps:** update renovate docker tag to v42.84.0
([dc4c585](https://redirect.github.com/renovatebot/github-action/commit/dc4c585b88109bea01ca360b9dffdc5fe79ca3a6))
- **deps:** update renovate docker tag to v42.84.2
([55f2982](https://redirect.github.com/renovatebot/github-action/commit/55f2982c578af4b1b524049e2a61c472f3fe8f0c))

###
[`v44.2.4`](https://redirect.github.com/renovatebot/github-action/releases/tag/v44.2.4)

[Compare
Source](https://redirect.github.com/renovatebot/github-action/compare/v44.2.3...v44.2.4)

##### Documentation

- update references to ghcr.io/renovatebot/renovate to v42.78.2
([73927c7](https://redirect.github.com/renovatebot/github-action/commit/73927c7be00603a8b4730e01972e84f45f13e0ab))
- update references to renovatebot/github-action to v44.2.3
([954e659](https://redirect.github.com/renovatebot/github-action/commit/954e6598f4780a11d86a5e420798d45d1db3a91e))

##### Miscellaneous Chores

- **deps:** update commitlint monorepo to v20.3.0
([d78356e](https://redirect.github.com/renovatebot/github-action/commit/d78356e959dbc4b4131b1e178a5b175afc9caee6))
- **deps:** update dependency typescript-eslint to v8.51.0
([2d66e07](https://redirect.github.com/renovatebot/github-action/commit/2d66e071df4b73f98f9705dda06834862e9ada8f))
- **deps:** update pnpm to v10.27.0
([218102a](https://redirect.github.com/renovatebot/github-action/commit/218102a5af48b691d9688cc99cf486e197ef8f07))

##### Build System

- **deps:** lock file maintenance
([bc3dd85](https://redirect.github.com/renovatebot/github-action/commit/bc3dd85978ee68d4d4aaec85d77bf8888d6327fd))

##### Continuous Integration

- **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.71.2
([d6fad5d](https://redirect.github.com/renovatebot/github-action/commit/d6fad5d2e15ce8f7c3ef5b21ae139734203f62bc))
- **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.71.3
([b7dc84e](https://redirect.github.com/renovatebot/github-action/commit/b7dc84e40afd9b200a4e55e755bd923bd9045972))
- **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.71.4
([944ec86](https://redirect.github.com/renovatebot/github-action/commit/944ec86e89e800c14d3aa312b9daeb0f7a77f3b1))
- **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.72.0
([3ab930c](https://redirect.github.com/renovatebot/github-action/commit/3ab930c2ac265d58b0788ab56aca82bfc69f6427))
- **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.74.1
([92bf334](https://redirect.github.com/renovatebot/github-action/commit/92bf334c35b929e23a23ed94fd3fb5b11ff943d3))
- **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.74.2
([a4c0964](https://redirect.github.com/renovatebot/github-action/commit/a4c096439bfc89fd4cc32066bd551bcf976595b9))
- **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.74.3
([fe61c45](https://redirect.github.com/renovatebot/github-action/commit/fe61c4590fb1c9fcd5702da6c2e5d3359b04b440))
- **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.74.5
([3c17b91](https://redirect.github.com/renovatebot/github-action/commit/3c17b91350f6270c916eda0f05edf0623f776b45))
- **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.74.6
([4dbd3e7](https://redirect.github.com/renovatebot/github-action/commit/4dbd3e796f418067a01beeb3154adff3f47bf69d))
- **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.74.7
([b0ca42a](https://redirect.github.com/renovatebot/github-action/commit/b0ca42af510638d86e4067d81a5621d3aeaf1ce5))
- **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.75.0
([ea73cb1](https://redirect.github.com/renovatebot/github-action/commit/ea73cb1bd108c9b3797d6809dac497464ebf46db))
- **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.75.1
([06b32e3](https://redirect.github.com/renovatebot/github-action/commit/06b32e359685ff955eedd33ef45d005c0db8c914))
- **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.76.0
([f1aee6d](https://redirect.github.com/renovatebot/github-action/commit/f1aee6d1b980a3806b0bfbe99ca4bec2c1e74d35))
- **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.76.2
([1553f89](https://redirect.github.com/renovatebot/github-action/commit/1553f89559636ff27edb5807ea174b4521f01df1))
- **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.76.3
([b1da167](https://redirect.github.com/renovatebot/github-action/commit/b1da1679acf44d8d7575717b4d249f157d259b30))
- **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.76.4
([8af1825](https://redirect.github.com/renovatebot/github-action/commit/8af182566182744ba07c19988abe768b844266d8))
- **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.76.5
([f54c19e](https://redirect.github.com/renovatebot/github-action/commit/f54c19eeb39126feb3c4d9f9aef2541d77cc51c1))
- **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.78.0
([502f344](https://redirect.github.com/renovatebot/github-action/commit/502f3445625a72fcb40034cdce9ddd4f05ec413d))
- **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.78.1
([ed6fad8](https://redirect.github.com/renovatebot/github-action/commit/ed6fad858bbac29b3413eab79d608ed65ee5e786))
- **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.78.2
([c0cccbb](https://redirect.github.com/renovatebot/github-action/commit/c0cccbb67ae860a674cd097584a27d09d58609f0))
- **deps:** update renovate docker tag to v42.71.2
([619d0d5](https://redirect.github.com/renovatebot/github-action/commit/619d0d5ea6a33d3e2c4cdb90f8d54db41b1bf146))
- **deps:** update renovate docker tag to v42.71.3
([bebaad8](https://redirect.github.com/renovatebot/github-action/commit/bebaad8609a7719f3b392386ee3b1cd52ba93d11))
- **deps:** update renovate docker tag to v42.71.4
([827ef45](https://redirect.github.com/renovatebot/github-action/commit/827ef45f70f92a89d5752654a98108314d72fd7d))
- **deps:** update renovate docker tag to v42.72.0
([1444bca](https://redirect.github.com/renovatebot/github-action/commit/1444bcab8b47f38e3050b62964111ff757f2223b))
- **deps:** update renovate docker tag to v42.74.1
([dc12d57](https://redirect.github.com/renovatebot/github-action/commit/dc12d57cb9711924bba9369485bc20d91f6c7214))
- **deps:** update renovate docker tag to v42.74.2
([c995eac](https://redirect.github.com/renovatebot/github-action/commit/c995eac1d02a23e4855cf02cfdffa6487945d69e))
- **deps:** update renovate docker tag to v42.74.3
([56f6b97](https://redirect.github.com/renovatebot/github-action/commit/56f6b97043c24697795634e4c1533f182b99b11f))
- **deps:** update renovate docker tag to v42.74.5
([66e50c8](https://redirect.github.com/renovatebot/github-action/commit/66e50c8991ff07946760c3150126dabb739b7ca4))
- **deps:** update renovate docker tag to v42.74.6
([f6dc4d0](https://redirect.github.com/renovatebot/github-action/commit/f6dc4d0850d581f22414fbe41c663d186358ffc2))
- **deps:** update renovate docker tag to v42.74.7
([0565b9d](https://redirect.github.com/renovatebot/github-action/commit/0565b9d00a7405265b3bc113cc0de11c0db4c931))
- **deps:** update renovate docker tag to v42.75.0
([d7cae0f](https://redirect.github.com/renovatebot/github-action/commit/d7cae0fe8666475178bcd461b9462e1c50275c09))
- **deps:** update renovate docker tag to v42.75.1
([003df67](https://redirect.github.com/renovatebot/github-action/commit/003df6787ef7f5c65bc6f6832ebdb7bd51c296f1))
- **deps:** update renovate docker tag to v42.76.0
([70878eb](https://redirect.github.com/renovatebot/github-action/commit/70878ebdae0a144a343468b06cb207374cd6d5bd))
- **deps:** update renovate docker tag to v42.76.2
([57308dd](https://redirect.github.com/renovatebot/github-action/commit/57308dd727ceeae15bba05e385328362b81cb548))
- **deps:** update renovate docker tag to v42.76.3
([3fba8a9](https://redirect.github.com/renovatebot/github-action/commit/3fba8a978b01bea93e9aef43049dfc8b517ddf19))
- **deps:** update renovate docker tag to v42.76.4
([d1aa322](https://redirect.github.com/renovatebot/github-action/commit/d1aa322c4d350b99b319ff608cd16bc110fafe18))
- **deps:** update renovate docker tag to v42.76.5
([6eb7831](https://redirect.github.com/renovatebot/github-action/commit/6eb783190bae8d5e13580c8bf2a064971d8aea94))
- **deps:** update renovate docker tag to v42.78.0
([e1424c9](https://redirect.github.com/renovatebot/github-action/commit/e1424c9600bb087f0d6b082ca71defd4502d4b92))
- **deps:** update renovate docker tag to v42.78.1
([fe39a9a](https://redirect.github.com/renovatebot/github-action/commit/fe39a9a20f31c7ac4cdc5716e52f1b68a66dc744))
- **deps:** update renovate docker tag to v42.78.2
([d6327fa](https://redirect.github.com/renovatebot/github-action/commit/d6327fad525ac4db642391abe8298c03ee493469))

###
[`v44.2.3`](https://redirect.github.com/renovatebot/github-action/releases/tag/v44.2.3)

[Compare
Source](https://redirect.github.com/renovatebot/github-action/compare/v44.2.2...v44.2.3)

##### Documentation

- update references to ghcr.io/renovatebot/renovate to v42.71.0
([2e1a0f9](https://redirect.github.com/renovatebot/github-action/commit/2e1a0f9c75dccf03287d41410b8a4789a044d988))
- update references to renovatebot/github-action to v44.2.2
([842ebb2](https://redirect.github.com/renovatebot/github-action/commit/842ebb2cb9731416d8335e33aa5d26052770b076))

##### Miscellaneous Chores

- **deps:** update dependency typescript-eslint to v8.50.1
([d8c97fc](https://redirect.github.com/renovatebot/github-action/commit/d8c97fc1bd9291d28d21a20cc7c1c86f5abc1cc0))
- **deps:** update pnpm to v10.26.2
([c51011e](https://redirect.github.com/renovatebot/github-action/commit/c51011e4269e1522f2edd82c75f1e27282fc75c7))

##### Build System

- **deps:** lock file maintenance
([84a386f](https://redirect.github.com/renovatebot/github-action/commit/84a386f5d4912e8f09ae25deb557aeb016d697b9))

##### Continuous Integration

- **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.66.12
([544013d](https://redirect.github.com/renovatebot/github-action/commit/544013de27307d8bc7bb8739db0c35436acfc33c))
- **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.66.13
([f0bf83f](https://redirect.github.com/renovatebot/github-action/commit/f0bf83fa878b98ac9747c76b1cf585e771326d91))
- **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.66.14
([c594a5a](https://redirect.github.com/renovatebot/github-action/commit/c594a5ad74736cbed684d7210801a652384b73b1))
- **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.68.0
([21c9d59](https://redirect.github.com/renovatebot/github-action/commit/21c9d591bb2e2998cf451a32fd1b979fce11deb4))
- **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.68.1
([f425754](https://redirect.github.com/renovatebot/github-action/commit/f4257548aa36770c6b01a6166bbfc74cd5eb8648))
- **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.68.4
([45e917f](https://redirect.github.com/renovatebot/github-action/commit/45e917fd0f8fc84a0c7da09deed8e0a7682bd4ab))
- **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.68.5
([387e335](https://redirect.github.com/renovatebot/github-action/commit/387e3357344da65ca0dce962cfaf96cec8d8da4d))
- **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.69.1
([28fe39e](https://redirect.github.com/renovatebot/github-action/commit/28fe39e962653c8c99902dea0ab18332278a9d02))
- **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.69.2
([3f20abe](https://redirect.github.com/renovatebot/github-action/commit/3f20abef11086471973991294efde8f7b582f6ba))
- **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.70.0
([805577b](https://redirect.github.com/renovatebot/github-action/commit/805577b996bd1ebd23a5cd9172dfa68f56ed7936))
- **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.70.2
([822f674](https://redirect.github.com/renovatebot/github-action/commit/822f6742b7e21a75af1d283cd31341cd87a5efbf))
- **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.70.3
([114b33b](https://redirect.github.com/renovatebot/github-action/commit/114b33b492426d42c1476444a97564fb339ea5a9))
- **deps:** update ghcr.io/renovatebot/renovate docker tag to v42.71.0
([177dca0](https://redirect.github.com/renovatebot/github-action/commit/177dca0421dfbb2f7b6c95423ecbfd95239df4e5))
- **deps:** update renovate docker tag to v42.66.12
([0a66490](https://redirect.github.com/renovatebot/github-action/commit/0a6649057e131a302104ecc893f7cc15b614faab))
- **deps:** update renovate docker tag to v42.66.13
([56997a6](https://redirect.github.com/renovatebot/github-action/commit/56997a64ac163724fff968c8457fee6ab988f471))
- **deps:** update renovate docker tag to v42.66.14
([319456c](https://redirect.github.com/renovatebot/github-action/commit/319456c81c30f6399938d881853a894045e623ef))
- **deps:** update renovate docker tag to v42.68.0
([a4bb308](https://redirect.github.com/renovatebot/github-action/commit/a4bb3084a4ef1bbdce02e67b2229ccecbc266ba0))
- **deps:** update renovate docker tag to v42.68.4
([325177b](https://redirect.github.com/renovatebot/github-action/commit/325177b6281b7ebe424e0eea6d4b79977811ccf2))
- **deps:** update renovate docker tag to v42.68.5
([2ff242c](https://redirect.github.com/renovatebot/github-action/commit/2ff242cd23c7c3dc7e93ec394846219c666b310d))
- **deps:** update renovate docker tag to v42.69.1
([cd90faa](https://redirect.github.com/renovatebot/github-action/commit/cd90faa22bd373d680bd60019fee67fbbbb9da67))
- **deps:** update renovate docker tag to v42.69.2
([05aba88](https://redirect.github.com/renovatebot/github-action/commit/05aba882af8dccac3192d9c7e79a398c4b91fa1d))
- **deps:** update renovate docker tag to v42.70.0
([6fe3c0a](https://redirect.github.com/renovatebot/github-action/commit/6fe3c0a2cddaa66a4eeccf2a6e1a48ae4ed894d8))
- **deps:** update renovate docker tag to v42.70.2
([1d95636](https://redirect.github.com/renovatebot/github-action/commit/1d956362670e88593d79285dbb0474152ca3a319))
- **deps:** update renovate docker tag to v42.70.3
([1e1b89a](https://redirect.github.com/renovatebot/github-action/commit/1e1b89aded4bb048c459edd6a5dfb32714555d18))
- **deps:** update renovate docker tag to v42.71.0
([a9bef4c](https://redirect.github.com/renovatebot/github-action/commit/a9bef4c8a03ca169626d29f0e7dc17be910a5c42))

</details>

<details>
<summary>step-security/harden-runner
(step-security/harden-runner)</summary>

###
[`v2.14.1`](https://redirect.github.com/step-security/harden-runner/releases/tag/v2.14.1)

[Compare
Source](https://redirect.github.com/step-security/harden-runner/compare/v2.14.0...v2.14.1)

##### What's Changed

1. In some self-hosted environments, the agent could briefly fall back
to public DNS resolvers during startup if the system DNS was not yet
available. This behavior was unintended for GitHub-hosted runners and
has now been fixed to prevent any use of public DNS resolvers.

2. Fixed npm audit vulnerabilities

**Full Changelog**:
<https://github.com/step-security/harden-runner/compare/v2.14.0...v2.14.1>

</details>

---

### Configuration

📅 **Schedule**: Branch creation - On day 1 of the month ( * * 1 * * )
(UTC), Automerge - At any time (no schedule defined).

🚦 **Automerge**: Disabled by config. Please merge this manually once you
are satisfied.

♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the
rebase/retry checkbox.

👻 **Immortal**: This PR will be recreated if closed unmerged. Get
[config
help](https://redirect.github.com/renovatebot/renovate/discussions) if
that's undesired.

---

- [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check
this box

---

This PR has been generated by [Renovate
Bot](https://redirect.github.com/renovatebot/renovate).

<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0Mi45NS4yIiwidXBkYXRlZEluVmVyIjoiNDIuOTUuMiIsInRhcmdldEJyYW5jaCI6ImRldmVsb3AiLCJsYWJlbHMiOltdfQ==-->

Signed-off-by: oep-renovate[bot] <212772560+oep-renovate[bot]@users.noreply.github.com>
Co-authored-by: oep-renovate[bot] <212772560+oep-renovate[bot]@users.noreply.github.com>
@github-merge-queue github-merge-queue Bot removed this pull request from the merge queue due to failed status checks Feb 3, 2026
@AlexanderBarabanov AlexanderBarabanov self-assigned this Feb 3, 2026
@AlexanderBarabanov AlexanderBarabanov marked this pull request as draft February 3, 2026 09:49
@AlexanderBarabanov AlexanderBarabanov marked this pull request as draft February 3, 2026 09:49
@oep-renovate oep-renovate Bot force-pushed the renovate/github-actions branch 3 times, most recently from 90a1b34 to 736b847 Compare February 7, 2026 03:02
Signed-off-by: oep-renovate[bot] <212772560+oep-renovate[bot]@users.noreply.github.com>
@oep-renovate oep-renovate Bot force-pushed the renovate/github-actions branch from 736b847 to bd88192 Compare February 9, 2026 03:10
Signed-off-by: Barabanov, Alexander <alexander.barabanov@intel.com>
Signed-off-by: Barabanov, Alexander <alexander.barabanov@intel.com>
Signed-off-by: Barabanov, Alexander <alexander.barabanov@intel.com>
@oep-renovate

oep-renovate Bot commented Feb 10, 2026

Copy link
Copy Markdown
Contributor Author

Edited/Blocked Notification

Renovate will not automatically rebase this PR, because it does not recognize the last commit author and assumes somebody else may have edited the PR.

You can manually request rebase by checking the rebase/retry box above.

⚠️ Warning: custom changes will be lost.

@AlexanderBarabanov AlexanderBarabanov marked this pull request as ready for review February 10, 2026 09:58
Copilot AI review requested due to automatic review settings February 10, 2026 09:58

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

Updates pinned GitHub Actions dependencies across workflows and adjusts security scanning workflows to run in more PR/merge-queue contexts while reducing duplication.

Changes:

  • Bumped pinned SHAs for multiple GitHub Actions (checkout, setup-python, setup-uv, harden-runner, CodeQL upload, Renovate action, and open-edge-platform/geti-ci actions).
  • Extended security-scan.yml triggers to include pull_request and merge_group, and made scan behavior conditional on event type.
  • Refactored security-scan.yml steps using YAML anchors and removed PR-only Zizmor/Bandit jobs from linter.yml.

Reviewed changes

Copilot reviewed 12 out of 12 changed files in this pull request and generated 6 comments.

Show a summary per file
File Description
.github/workflows/security-scan.yml Adds PR/merge-group triggers, introduces anchors for repeated steps, and makes scan scope/fail behavior conditional.
.github/workflows/scorecard.yml Updates pinned SHAs for harden-runner, checkout, and CodeQL SARIF upload.
.github/workflows/renovate.yml Updates pinned SHAs for checkout and renovatebot/github-action.
.github/workflows/renovate-config-validator.yml Updates pinned SHA for checkout.
.github/workflows/publish_to_pypi.yml Updates pinned SHAs for harden-runner, checkout, and setup-python.
.github/workflows/pr_check.yml Updates pinned SHAs for harden-runner, checkout, and setup-uv.
.github/workflows/linter.yml Updates pinned SHAs and removes PR-only Zizmor/Bandit jobs (likely moved to security-scan).
.github/workflows/docs_stable.yml Updates pinned SHAs for harden-runner, checkout, and setup-uv.
.github/workflows/docs_latest.yml Updates pinned SHAs for harden-runner, checkout, and setup-uv.
.github/workflows/dependency-review.yml Updates pinned SHAs for harden-runner and checkout.
.github/workflows/collect-sbom-library.yaml Updates pinned SHAs for checkout and collect-sbom-library action.
.github/workflows/codeql.yml Updates pinned SHAs for harden-runner, checkout, and CodeQL init/analyze steps.

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Comment thread .github/workflows/security-scan.yml Outdated
Comment thread .github/workflows/security-scan.yml Outdated
Comment thread .github/workflows/security-scan.yml Outdated
Comment thread .github/workflows/security-scan.yml Outdated
Comment thread .github/workflows/security-scan.yml Outdated
Comment thread .github/workflows/security-scan.yml
Signed-off-by: Barabanov, Alexander <alexander.barabanov@intel.com>
Signed-off-by: Barabanov, Alexander <alexander.barabanov@intel.com>
@AlexanderBarabanov AlexanderBarabanov changed the title chore(deps): update github actions chore: security workflows consolidation and github actions upgrade Feb 10, 2026
@AlexanderBarabanov AlexanderBarabanov requested a review from a team February 10, 2026 11:36

@ivanzati ivanzati left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Thank you, Alexander!

@AlexanderBarabanov AlexanderBarabanov added this pull request to the merge queue Feb 11, 2026
Merged via the queue into develop with commit b0cc16c Feb 11, 2026
19 checks passed
@AlexanderBarabanov AlexanderBarabanov deleted the renovate/github-actions branch February 11, 2026 11:30
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

5 participants