chore(deps): bump the github-actions-dependencies group across 1 directory with 3 updates

[dependabot]

Bumps the github-actions-dependencies group with 3 updates in the / directory: hoverkraft-tech/ci-github-nodejs, hoverkraft-tech/ci-github-common and actions/create-github-app-token.

Updates hoverkraft-tech/ci-github-nodejs from 0.10.0 to 0.11.0

Release notes

Sourced from hoverkraft-tech/ci-github-nodejs's releases.

0.11.0

Release Summary

This release introduces support for pnpm, enhancing compatibility and flexibility in project dependency management. Documentation related to actions and workflows has been refreshed for clarity and accuracy. Several dependency upgrades have been applied across both npm and GitHub Actions ecosystems, ensuring better performance, reliability, and security. These updates include improvements to Storybook, CodeQL, and other core GitHub Actions.

No breaking changes were introduced in this release.

What's Changed

• docs: update actions and workflows documentation by @​hoverkraft-bot in hoverkraft-tech/ci-github-nodejs#184
• chore(deps): bump storybook from 8.6.9 to 8.6.10 in the npm-dependencies group by @​dependabot in hoverkraft-tech/ci-github-nodejs#185
• chore(deps): bump hoverkraft-tech/ci-github-common from 0.20.0 to 0.22.0 in the github-actions-dependencies group across 1 directory by @​dependabot in hoverkraft-tech/ci-github-nodejs#186
• chore(deps): bump the npm-dependencies group with 2 updates by @​dependabot in hoverkraft-tech/ci-github-nodejs#187
• chore(deps): bump actions/dependency-review-action from 4.5.0 to 4.6.0 in the github-actions-dependencies group across 1 directory by @​dependabot in hoverkraft-tech/ci-github-nodejs#188
• chore(deps): bump the npm-dependencies group with 2 updates by @​dependabot in hoverkraft-tech/ci-github-nodejs#190
• chore(deps): bump github/codeql-action from 3.28.13 to 3.28.15 in the github-actions-dependencies group across 1 directory by @​dependabot in hoverkraft-tech/ci-github-nodejs#189
• feat: add support for pnpm by @​neilime in hoverkraft-tech/ci-github-nodejs#191
• docs: update actions and workflows documentation by @​hoverkraft-bot in hoverkraft-tech/ci-github-nodejs#195
• chore(deps): bump the github-actions-dependencies group across 2 directories with 4 updates by @​dependabot in hoverkraft-tech/ci-github-nodejs#192

Full Changelog: hoverkraft-tech/ci-github-nodejs@0.10.0...0.11.0

Commits

• 5c1010a chore(deps): bump the github-actions-dependencies group across 2 directories ...
• 5f0ea21 docs: update actions and workflows documentation
• a180b74 feat: add support for pnpm
• 8181eca chore(deps): bump github/codeql-action
• 4cee370 chore(deps): bump the npm-dependencies group with 2 updates
• 78c6178 chore(deps): bump actions/dependency-review-action
• fced66a chore(deps): bump the npm-dependencies group with 2 updates
• 1a9c073 chore(deps): bump hoverkraft-tech/ci-github-common
• 740d2f8 chore(deps): bump storybook in the npm-dependencies group
• f8554ff docs: update actions and workflows documentation
• See full diff in compare view

Updates hoverkraft-tech/ci-github-common from 0.22.2 to 0.22.3

Release notes

Sourced from hoverkraft-tech/ci-github-common's releases.

0.22.3

Release Summary

This release includes a documentation update for GitHub Actions workflows and improvements to CI job configurations. A bug fix was applied to correct CodeQL job permissions under the linter scope. Additionally, dependency versions were updated for hoverkraft-tech/ci-github-publish and github/codeql-action to ensure better compatibility and security.

No breaking changes were introduced in this release.

What's Changed

• docs: update actions and workflows documentation by @​hoverkraft-bot in hoverkraft-tech/ci-github-common#330
• chore(deps): bump hoverkraft-tech/ci-github-publish from 0.5.0 to 0.5.1 in the github-actions-dependencies group across 1 directory by @​dependabot in hoverkraft-tech/ci-github-common#332
• fix(linter): set proper permissions for CodeQL job by @​neilime in hoverkraft-tech/ci-github-common#331
• chore(deps): bump github/codeql-action from 3.28.15 to 3.28.16 in the github-actions-dependencies group across 1 directory by @​dependabot in hoverkraft-tech/ci-github-common#333

Full Changelog: hoverkraft-tech/ci-github-common@0.22.2...0.22.3

Commits

• 95664be chore(deps): bump github/codeql-action
• 70e1a1b fix(linter): set proper permissions for CodeQL job
• 5748b3d chore(deps): bump hoverkraft-tech/ci-github-publish
• 6dc532c docs: update actions and workflows documentation
• See full diff in compare view

Updates actions/create-github-app-token from 2.0.2 to 2.0.3

Release notes

Sourced from actions/create-github-app-token's releases.

v2.0.3

2.0.3 (2025-05-01)

Bug Fixes

• README: use v2 in examples (#234) (9ba274d), closes #232
• use core.getBooleanInput() to retrieve boolean input values (#223) (c3c17c7)

Commits

• 30bf625 build(release): 2.0.3 [skip ci]
• c3c17c7 fix: use core.getBooleanInput() to retrieve boolean input values (#223)
• 9ba274d fix(README): use v2 in examples (#234)
• a3c826a docs: fix typo in CONTRIBUTING.md (#233)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[codecov]

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 96.12%. Comparing base (2c587ab) to head (01c1c71).
Report is 18 commits behind head on main.

Additional details and impacted files

@@           Coverage Diff           @@
##             main     #145   +/-   ##
=======================================
  Coverage   96.12%   96.12%           
=======================================
  Files           9        9           
  Lines         155      155           
  Branches       19       19           
=======================================
  Hits          149      149           
  Misses          6        6           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.