[Sync] Update project files from source repository (2d4c60b)

[mrz1836]

What Changed

• Updated 1 individual file(s) to synchronize with the source repository
• Synchronized 4 file(s) from directory mappings
• Applied file transformations and updates based on sync configuration
• Brought target repository in line with source repository state at commit e3a63c6

Directory Synchronization Details

The following directories were synchronized:

.github/tech-conventions → .github/tech-conventions

• Files synced: 0
• Files examined: 15
• Files excluded: 0
• Processing time: 1046ms

.github/ISSUE_TEMPLATE → .github/ISSUE_TEMPLATE

• Files synced: 0
• Files examined: 3
• Files excluded: 0
• Processing time: 470ms

.github/workflows → .github/workflows

• Files synced: 4
• Files examined: 26
• Files excluded: 0
• Processing time: 1538ms

.github/actions → .github/actions

• Files synced: 0
• Files examined: 16
• Files excluded: 0
• Processing time: 1103ms

.vscode → .vscode

• Files synced: 0
• Files examined: 4
• Files excluded: 0
• Processing time: 495ms

Performance Metrics

• Files processed: 84 (5 changed, 0 deleted, 79 skipped)
• Files attempted to change: 5 (go-broadcast processing)
• File processing time: 8154ms

Why It Was Necessary

This synchronization ensures the target repository stays up-to-date with the latest changes from the configured source repository. The sync operation identifies and applies only the necessary file changes while maintaining consistency across repositories.

Testing Performed

• Validated sync configuration and file mappings
• Verified file transformations applied correctly
• Confirmed no unintended changes were introduced
• All automated checks and linters passed

Impact / Risk

• Low Risk: Standard sync operation with established patterns
• No Breaking Changes: File updates maintain backward compatibility
• Performance: No impact on application performance
• Dependencies: No dependency changes included in this sync

[Copilot]

Pull Request Overview

This PR synchronizes workflow configurations and settings from the source repository (mrz1836/go-broadcast) to bring the target repository up to date with the latest automation improvements and security enhancements.

Key Changes:

• Updated CodeQL action versions from v4.31.3 to v4.31.4 for improved code scanning
• Added support for indirect dependency auto-merge with separate configuration controls
• Enhanced security detection with GitHub Security Advisories API integration and improved PR body scanning
• Added label-based auto-merge gating for explicit merge control
• Significantly improved logging with structured decision tree output and visual separators
• Updated tool versions (MAGE_X v1.7.16, Gitleaks 8.29.1)

Reviewed Changes

Copilot reviewed 5 out of 5 changed files in this pull request and generated no comments.

Show a summary per file

File	Description
.github/workflows/scorecard.yml	Updated CodeQL upload-sarif action from v4.31.3 to v4.31.4
.github/workflows/codeql-analysis.yml	Updated CodeQL init, autobuild, and analyze actions from v4.31.3 to v4.31.4
.github/workflows/auto-merge-on-approval.yml	Added AUTO_MERGE_REQUIRE_LABEL and AUTO_MERGE_LABEL configuration with label checking logic and new skip action
.github/workflows/dependabot-auto-merge.yml	Added indirect dependency auto-merge support, enhanced security detection with GraphQL API, improved logging with decision tree visualization, and new action types/labels for indirect dependencies
.github/.env.base	Updated MAGE_X to v1.7.16 and Gitleaks to 8.29.1, added configuration for indirect dependency auto-merge and label-based gating

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.