Bump @actions/core from 2.0.2 to 3.0.0

[dependabot]

Bumps @actions/core from 2.0.2 to 3.0.0.

Changelog

Sourced from @​actions/core's changelog.

3.0.0

• Breaking change: Package is now ESM-only
  • CommonJS consumers must use dynamic import() instead of require()

2.0.3

• Bump @actions/http-client to 3.0.2

2.0.1

• Bump @​actions/exec from 1.1.1 to 2.0.0 #2199

2.0.0

• Add support for Node 24 #2110
• Bump @​actions/http-client from 2.0.1 to 3.0.0

1.11.1

• Fix uses of crypto.randomUUID on Node 18 and earlier #1842

1.11.0

• Add platform info utilities #1551
• Remove dependency on uuid package #1824

1.10.1

• Fix error message reference in oidc utils #1511

1.10.0

• saveState and setOutput now use environment files if available #1178
• getMultilineInput now correctly trims whitespace by default #1185

1.9.1

• Randomize delimiter when calling core.exportVariable

1.9.0

• Added toPosixPath, toWin32Path and toPlatformPath utilities #1102

1.8.2

• Update to v2.0.1 of @actions/http-client #1087

1.8.1

... (truncated)

Commits

• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[johanwortel]

Tested with a temporary PR (in Online Teaching Connector) to run this workflow.

Changes in .github/workflows/check-pr.yml:

$ git diff development .github/workflows/check-pr.yml
diff --git a/.github/workflows/check-pr.yml b/.github/workflows/check-pr.yml
index 93ba014..792f610 100644
--- a/.github/workflows/check-pr.yml
+++ b/.github/workflows/check-pr.yml
@@ -5,12 +5,14 @@ on:
   # See: https://docs.github.com/en/actions/learn-github-actions/events-that-trigger-workflows#pull_request_target
   pull_request_target:
     types: [opened, edited]
+  workflow_dispatch:
+  pull_request:

 jobs:
   check-branches:
     name: Check Git Flow conventions
     runs-on: ubuntu-latest
     steps:
-      - uses: semestry/git-flow-action@v1
+      - uses: semestry/git-flow-action@dependabot/npm_and_yarn/actions/core-3.0.0
         env:
           GITHUB_TOKEN: ${{ secrets.GIT_FLOW_ACTION_PAT }}

The workflow_dispatch trigger was useless. I suppose it has to be in the base branch to be effective.
The pull_request trigger causes this workflow to run on a push. Specifically the version in the given branch.
Once the workflow is in GitHub, it can be re-run from the GitHub UI.