From 14d22ffc1c6caaa3e1ffd154b34f2b774870eb55 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 24 Nov 2025 01:08:58 +0000
Subject: [PATCH] deps: bump the production-dependencies group with 3 updates

Bumps the production-dependencies group with 3 updates: [actions/checkout](https://github.com/actions/checkout), [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) and [actions/create-github-app-token](https://github.com/actions/create-github-app-token).


Updates `actions/checkout` from 5 to 6
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v5...v6)

Updates `peter-evans/create-pull-request` from 7.0.8 to 7.0.9
- [Release notes](https://github.com/peter-evans/create-pull-request/releases)
- [Commits](https://github.com/peter-evans/create-pull-request/compare/271a8d0340265f705b14b6d32b9829c1cb33d45e...84ae59a2cdc2258d6fa0732dd66352dddae2a412)

Updates `actions/create-github-app-token` from 2.1.4 to 2.2.0
- [Release notes](https://github.com/actions/create-github-app-token/releases)
- [Commits](https://github.com/actions/create-github-app-token/compare/67018539274d69449ef7c02e8e71183d1719ab42...7e473efe3cb98aa54f8d4bac15400b15fad77d94)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-version: '6'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: production-dependencies
- dependency-name: peter-evans/create-pull-request
  dependency-version: 7.0.9
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: production-dependencies
- dependency-name: actions/create-github-app-token
  dependency-version: 2.2.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: production-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 .github/workflows/build.yml               | 8 ++++----
 .github/workflows/copilot-setup-steps.yml | 2 +-
 .github/workflows/coverage.yml            | 2 +-
 .github/workflows/labeler.yml             | 2 +-
 .github/workflows/publish.yml             | 8 ++++----
 .github/workflows/release.yml             | 4 ++--
 .github/workflows/version.yml             | 6 +++---
 7 files changed, 16 insertions(+), 16 deletions(-)

diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml
index ffaae6f..1986a40 100644
--- a/.github/workflows/build.yml
+++ b/.github/workflows/build.yml
@@ -18,7 +18,7 @@ jobs:
         test-folders: ["library-tests", "queries-tests"]
     steps:
       - name: "Checkout"
-        uses: actions/checkout@v5
+        uses: actions/checkout@v6
         with:
           submodules: true
 
@@ -83,12 +83,12 @@ jobs:
 
   #   steps:
   #     - name: "Checkout"
-  #       uses: actions/checkout@v5
+  #       uses: actions/checkout@v6
   #       with:
   #         submodules: true
 
   #     - name: "Checkout"
-  #       uses: actions/checkout@v5
+  #       uses: actions/checkout@v6
   #       with:
   #         repository: ${{ matrix.project }}
   #         path: project
@@ -151,7 +151,7 @@ jobs:
   docs:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
       - uses: dorny/paths-filter@de90cc6fb38fc0963ad72b210f1f284cd68cea36 # v3.0.2
         id: changes
         with:
diff --git a/.github/workflows/copilot-setup-steps.yml b/.github/workflows/copilot-setup-steps.yml
index 0f72541..89609f8 100644
--- a/.github/workflows/copilot-setup-steps.yml
+++ b/.github/workflows/copilot-setup-steps.yml
@@ -31,7 +31,7 @@ jobs:
     # starts. If you do not check out your code, Copilot will do this for you.
     steps:
       - name: Checkout code
-        uses: actions/checkout@v5
+        uses: actions/checkout@v6
         with:
           submodules: true
 
diff --git a/.github/workflows/coverage.yml b/.github/workflows/coverage.yml
index 1493250..6134e4b 100644
--- a/.github/workflows/coverage.yml
+++ b/.github/workflows/coverage.yml
@@ -13,7 +13,7 @@ jobs:
       actions: write
 
     steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
 
       - name: "Run Coverage Report"
         if: github.ref == 'refs/heads/main'
diff --git a/.github/workflows/labeler.yml b/.github/workflows/labeler.yml
index 8c80efb..13889f5 100644
--- a/.github/workflows/labeler.yml
+++ b/.github/workflows/labeler.yml
@@ -17,7 +17,7 @@ jobs:
       pull-requests: write
 
     steps:
-    - uses: actions/checkout@v5
+    - uses: actions/checkout@v6
     - uses: actions/labeler@v6
       with:
         repo-token: "${{ secrets.GITHUB_TOKEN }}"
diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml
index 3b4a2c2..123b314 100644
--- a/.github/workflows/publish.yml
+++ b/.github/workflows/publish.yml
@@ -16,7 +16,7 @@ jobs:
       release: ${{ steps.get_version.outputs.release }}
       version: ${{ steps.get_version.outputs.version }}
     steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
 
       - name: "Check release version"
         id: get_version
@@ -53,7 +53,7 @@ jobs:
     if: ${{ needs.release-check.outputs.release == 'true' }}
     steps:
       - name: "Checkout"
-        uses: actions/checkout@v5
+        uses: actions/checkout@v6
         with:
           submodules: true
 
@@ -81,7 +81,7 @@ jobs:
 
     steps:
       - name: "Checkout"
-        uses: actions/checkout@v5
+        uses: actions/checkout@v6
         with:
           submodules: true
 
@@ -115,7 +115,7 @@ jobs:
 
     steps:
       - name: "Checkout"
-        uses: actions/checkout@v5
+        uses: actions/checkout@v6
 
       - name: "Check and Publish CodeQL Packs"
         env:
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index a4d9cdf..b061119 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -20,7 +20,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: "Checkout"
-        uses: actions/checkout@v5
+        uses: actions/checkout@v6
 
       - name: "Patch Release Me"
         uses: 42ByteLabs/patch-release-me@840ec9cfe2170a5704f77ba721bddeb4eb52317a    # 0.6.3
@@ -42,7 +42,7 @@ jobs:
           echo "release=true" >> "$GITHUB_ENV"
 
       - name: "Create Release"
-        uses: peter-evans/create-pull-request@271a8d0340265f705b14b6d32b9829c1cb33d45e  # v7.0.8
+        uses: peter-evans/create-pull-request@84ae59a2cdc2258d6fa0732dd66352dddae2a412  # v7.0.9
         with:
           token: ${{ github.token }}
           commit-message: "[chore]: Create release for ${{ steps.get_version.outcome.version }}"
diff --git a/.github/workflows/version.yml b/.github/workflows/version.yml
index 7865344..d1fe165 100644
--- a/.github/workflows/version.yml
+++ b/.github/workflows/version.yml
@@ -16,11 +16,11 @@ jobs:
 
     steps:
       - name: "Checkout"
-        uses: actions/checkout@v5
+        uses: actions/checkout@v6
 
       - name: Get Token
         id: get_workflow_token
-        uses: actions/create-github-app-token@67018539274d69449ef7c02e8e71183d1719ab42 # v2.1.4
+        uses: actions/create-github-app-token@7e473efe3cb98aa54f8d4bac15400b15fad77d94 # v2.2.0
         with:
           app-id: ${{ secrets.CODEQL_FIELD_BOT_ID }}
           private-key: ${{ secrets.CODEQL_FIELD_BOT_KEY }}
@@ -34,7 +34,7 @@ jobs:
             --bump "${{ github.event.inputs.bump }}"
 
       - name: Create Pull Request
-        uses: peter-evans/create-pull-request@271a8d0340265f705b14b6d32b9829c1cb33d45e # v7.0.8
+        uses: peter-evans/create-pull-request@84ae59a2cdc2258d6fa0732dd66352dddae2a412 # v7.0.9
         with:
           title: "[Bot] Version Bump - ${{ github.event.inputs.repository }}"
           body: "This PR was automatically generated to bump the version of IaC library and queries."