From 2fc620076a5ef732da3a6c4ba09d35df144fbe7c Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Wed, 3 Jun 2026 07:30:51 +0000 Subject: [PATCH] ci(deps): bump the actions group with 2 updates Bumps the actions group with 2 updates: [changesets/action](https://github.com/changesets/action) and [gitleaks/gitleaks-action](https://github.com/gitleaks/gitleaks-action). Updates `changesets/action` from 1.8.0 to 1.9.0 - [Release notes](https://github.com/changesets/action/releases) - [Changelog](https://github.com/changesets/action/blob/main/CHANGELOG.md) - [Commits](https://github.com/changesets/action/compare/63a615b9cd06ba9a3e6d13796c7fbcb080a60a0b...a45c4d594aa4e2c509dc14a9f2b3b67ba3780d0d) Updates `gitleaks/gitleaks-action` from 2.3.9 to 3.0.0 - [Release notes](https://github.com/gitleaks/gitleaks-action/releases) - [Commits](https://github.com/gitleaks/gitleaks-action/compare/ff98106e4c7b2bc287b24eaf42907196329070c7...e0c47f4f8be36e29cdc102c57e68cb5cbf0e8d1e) --- updated-dependencies: - dependency-name: changesets/action dependency-version: 1.9.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions - dependency-name: gitleaks/gitleaks-action dependency-version: 3.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions ... Signed-off-by: dependabot[bot] --- .github/workflows/release.yml | 2 +- .github/workflows/security.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 1ff6f62..7a98ff6 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -32,7 +32,7 @@ jobs: run: npm ci - name: Create Release PR or publish to GitHub Releases - uses: changesets/action@63a615b9cd06ba9a3e6d13796c7fbcb080a60a0b # v1 + uses: changesets/action@a45c4d594aa4e2c509dc14a9f2b3b67ba3780d0d # v1 with: # `version` updates package.json + CHANGELOG.md from pending changesets # and opens / updates a "Version Packages" PR. Merging that PR triggers diff --git a/.github/workflows/security.yml b/.github/workflows/security.yml index 51cf914..100169d 100644 --- a/.github/workflows/security.yml +++ b/.github/workflows/security.yml @@ -29,7 +29,7 @@ jobs: fetch-depth: 0 - name: Run gitleaks - uses: gitleaks/gitleaks-action@ff98106e4c7b2bc287b24eaf42907196329070c7 # v2 + uses: gitleaks/gitleaks-action@e0c47f4f8be36e29cdc102c57e68cb5cbf0e8d1e # v3.0.0 env: GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }} GITLEAKS_CONFIG: .gitleaks.toml