From 88be7fe5513c3ae1d4ed353a1e83c65a22f2da99 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Tue, 4 Nov 2025 16:14:26 +0000
Subject: [PATCH] deps: bump the production-dependencies group across 1
 directory with 6 updates

Bumps the production-dependencies group with 6 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [actions/checkout](https://github.com/actions/checkout) | `4` | `5` |
| [actions/upload-artifact](https://github.com/actions/upload-artifact) | `4` | `5` |
| [actions/labeler](https://github.com/actions/labeler) | `5` | `6` |
| [actions/download-artifact](https://github.com/actions/download-artifact) | `4` | `6` |
| [42ByteLabs/patch-release-me](https://github.com/42bytelabs/patch-release-me) | `0.6.2` | `0.6.3` |
| [actions/create-github-app-token](https://github.com/actions/create-github-app-token) | `2.1.1` | `2.1.4` |



Updates `actions/checkout` from 4 to 5
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v4...v5)

Updates `actions/upload-artifact` from 4 to 5
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](https://github.com/actions/upload-artifact/compare/v4...v5)

Updates `actions/labeler` from 5 to 6
- [Release notes](https://github.com/actions/labeler/releases)
- [Commits](https://github.com/actions/labeler/compare/v5...v6)

Updates `actions/download-artifact` from 4 to 6
- [Release notes](https://github.com/actions/download-artifact/releases)
- [Commits](https://github.com/actions/download-artifact/compare/v4...v6)

Updates `42ByteLabs/patch-release-me` from 0.6.2 to 0.6.3
- [Release notes](https://github.com/42bytelabs/patch-release-me/releases)
- [Changelog](https://github.com/42ByteLabs/patch-release-me/blob/main/.release.yml)
- [Commits](https://github.com/42bytelabs/patch-release-me/compare/1a840ec5f538188590b75b19e1c300c7d036bcc8...840ec9cfe2170a5704f77ba721bddeb4eb52317a)

Updates `actions/create-github-app-token` from 2.1.1 to 2.1.4
- [Release notes](https://github.com/actions/create-github-app-token/releases)
- [Commits](https://github.com/actions/create-github-app-token/compare/a8d616148505b5069dccd32f177bb87d7f39123b...67018539274d69449ef7c02e8e71183d1719ab42)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-version: '5'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: production-dependencies
- dependency-name: actions/upload-artifact
  dependency-version: '5'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: production-dependencies
- dependency-name: actions/labeler
  dependency-version: '6'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: production-dependencies
- dependency-name: actions/download-artifact
  dependency-version: '6'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: production-dependencies
- dependency-name: 42ByteLabs/patch-release-me
  dependency-version: 0.6.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: production-dependencies
- dependency-name: actions/create-github-app-token
  dependency-version: 2.1.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: production-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 .github/workflows/copilot-setup-steps.yml | 2 +-
 .github/workflows/coverage.yml            | 2 +-
 .github/workflows/labeler.yml             | 2 +-
 .github/workflows/publish.yml             | 4 ++--
 .github/workflows/release.yml             | 2 +-
 .github/workflows/version.yml             | 2 +-
 6 files changed, 7 insertions(+), 7 deletions(-)

diff --git a/.github/workflows/copilot-setup-steps.yml b/.github/workflows/copilot-setup-steps.yml
index f69a458..0f72541 100644
--- a/.github/workflows/copilot-setup-steps.yml
+++ b/.github/workflows/copilot-setup-steps.yml
@@ -31,7 +31,7 @@ jobs:
     # starts. If you do not check out your code, Copilot will do this for you.
     steps:
       - name: Checkout code
-        uses: actions/checkout@v4
+        uses: actions/checkout@v5
         with:
           submodules: true
 
diff --git a/.github/workflows/coverage.yml b/.github/workflows/coverage.yml
index 752458a..1493250 100644
--- a/.github/workflows/coverage.yml
+++ b/.github/workflows/coverage.yml
@@ -22,7 +22,7 @@ jobs:
           ./scripts/create-coverage.py report --markdown > $GITHUB_STEP_SUMMARY
 
       - name: "Upload Coverage Report"
-        uses: actions/upload-artifact@v4
+        uses: actions/upload-artifact@v5
         with:
           name: coverage-report
           path: coverage.csv
diff --git a/.github/workflows/labeler.yml b/.github/workflows/labeler.yml
index 37c829a..8c80efb 100644
--- a/.github/workflows/labeler.yml
+++ b/.github/workflows/labeler.yml
@@ -18,7 +18,7 @@ jobs:
 
     steps:
     - uses: actions/checkout@v5
-    - uses: actions/labeler@v5
+    - uses: actions/labeler@v6
       with:
         repo-token: "${{ secrets.GITHUB_TOKEN }}"
 
diff --git a/.github/workflows/publish.yml b/.github/workflows/publish.yml
index 2012c2f..3b4a2c2 100644
--- a/.github/workflows/publish.yml
+++ b/.github/workflows/publish.yml
@@ -68,7 +68,7 @@ jobs:
         run: ./scripts/create-extractor-pack.sh
 
       - name: "Upload bundle artifact"
-        uses: actions/upload-artifact@v4
+        uses: actions/upload-artifact@v5
         with:
           name: "extractor-bundle-${{ matrix.os }}"
           path: "./extractor-pack"
@@ -86,7 +86,7 @@ jobs:
           submodules: true
 
       - name: "Downloadd all artifacts"
-        uses: actions/download-artifact@v4
+        uses: actions/download-artifact@v6
         with:
           path: "./extractor-pack"
           merge-multiple: true
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index c1d3e3d..a4d9cdf 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -23,7 +23,7 @@ jobs:
         uses: actions/checkout@v5
 
       - name: "Patch Release Me"
-        uses: 42ByteLabs/patch-release-me@1a840ec5f538188590b75b19e1c300c7d036bcc8    # 0.6.2
+        uses: 42ByteLabs/patch-release-me@840ec9cfe2170a5704f77ba721bddeb4eb52317a    # 0.6.3
         with:
           mode: ${{ github.event.inputs.bump }}
 
diff --git a/.github/workflows/version.yml b/.github/workflows/version.yml
index 2cadb26..7865344 100644
--- a/.github/workflows/version.yml
+++ b/.github/workflows/version.yml
@@ -20,7 +20,7 @@ jobs:
 
       - name: Get Token
         id: get_workflow_token
-        uses: actions/create-github-app-token@a8d616148505b5069dccd32f177bb87d7f39123b # v2.1.1
+        uses: actions/create-github-app-token@67018539274d69449ef7c02e8e71183d1719ab42 # v2.1.4
         with:
           app-id: ${{ secrets.CODEQL_FIELD_BOT_ID }}
           private-key: ${{ secrets.CODEQL_FIELD_BOT_KEY }}