Skip to content

chore(deps): bump actions/create-github-app-token from 2 to 3#1008

Open
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/github_actions/actions/create-github-app-token-3
Open

chore(deps): bump actions/create-github-app-token from 2 to 3#1008
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/github_actions/actions/create-github-app-token-3

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot bot commented on behalf of github Mar 16, 2026

Bumps actions/create-github-app-token from 2 to 3.

Release notes

Sourced from actions/create-github-app-token's releases.

v3.0.0

3.0.0 (2026-03-14)

Bug Fixes

BREAKING CHANGES

  • Custom proxy handling has been removed. If you use HTTP_PROXY or HTTPS_PROXY, you must now also set NODE_USE_ENV_PROXY=1 on the action step.
  • Requires Actions Runner v2.327.1 or later if you are using a self-hosted runner.

v3.0.0-beta.6

3.0.0-beta.6 (2026-03-13)

Bug Fixes

  • deps: bump @​actions/core from 1.11.1 to 3.0.0 (#337) (b044133)
  • deps: bump minimatch from 9.0.5 to 9.0.9 (#335) (5cbc656)
  • deps: bump the production-dependencies group with 4 updates (#336) (6bda5bc)
  • deps: bump undici from 7.16.0 to 7.18.2 (#323) (b4f638f)

v3.0.0-beta.5

3.0.0-beta.5 (2026-03-13)

  • fix!: require NODE_USE_ENV_PROXY for proxy support (#342) (d53a1cd)

BREAKING CHANGES

  • Custom proxy handling has been removed. If you use HTTP_PROXY or HTTPS_PROXY, you must now also set NODE_USE_ENV_PROXY=1 on the action step.

v3.0.0-beta.4

3.0.0-beta.4 (2026-03-13)

Bug Fixes

  • deps: bump @​octokit/auth-app from 7.2.1 to 8.0.1 (#257) (bef1eaf)
  • deps: bump @​octokit/request from 9.2.3 to 10.0.2 (#256) (5d7307b)
  • deps: bump glob from 10.4.5 to 10.5.0 (#305) (5480f43)
  • deps: bump p-retry from 6.2.1 to 7.1.0 (#294) (dce3be8)

... (truncated)

Commits
  • f8d387b build(release): 3.0.0 [skip ci]
  • d2129bd style: remove extra blank line in release workflow
  • 77b94ef build: refresh generated artifacts
  • 3ab4c66 chore: move undici to devDependencies
  • 739cf66 docs: update README action versions
  • db40289 build(deps): bump actions versions in test.yml
  • 496a7ac test: migrate from AVA to Node.js native test runner (#346)
  • 3870dc3 Rename end-to-end proxy job in test workflow
  • 4451bcb fix!: require NODE_USE_ENV_PROXY for proxy support (#342)
  • dce0ab0 fix: remove custom proxy handling (#143)
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
chore(deps): bump actions/create-github-app-token from 2 to 3
44bf9e2 
Bumps [actions/create-github-app-token](https://github.com/actions/create-github-app-token) from 2 to 3.
- [Release notes](https://github.com/actions/create-github-app-token/releases)
- [Commits](actions/create-github-app-token@v2...v3)

---
updated-dependencies:
- dependency-name: actions/create-github-app-token
  dependency-version: '3'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Mar 16, 2026
ramsessanchez added a commit that referenced this pull request Apr 8, 2026
@ramsessanchez
chore: consolidate all open dependabot dependency updates
70da045 
Consolidates 18 open Dependabot PRs into a single update:

Python dependency updates (requirements-dev.txt):
- aiohttp: 3.12.15 → 3.13.4 (#1014)
- anyio: 4.10.0 → 4.12.0 (#979)
- attrs: 25.3.0 → 25.4.0 (#982)
- azure-core: 1.36.0 → 1.38.0 (#1000)
- cryptography: 46.0.5 → 46.0.7 (#1016, supersedes #968)
- Deprecated: 1.2.18 → 1.3.1 (#976)
- frozenlist: 1.7.0 → 1.8.0 (#981)
- isort: 6.0.1 → 6.1.0 (#977)
- msal: 1.33.0 → 1.34.0 (#978)
- PyJWT: 2.9.0 → 2.12.0 (#1007)
- pylint: 3.3.8 → 3.3.9 (#998)
- tomli: 2.2.1 → 2.3.0 (#980)
- urllib3: 2.6.0 → 2.6.3 (#999)
- wrapt: 1.17.3 → 2.0.1 (#983)

GitHub Actions updates:
- actions/checkout: v4/v5 → v6 (#986)
- actions/create-github-app-token: v2 → v3 (#1008)
- dependabot/fetch-metadata: v2.4.0 → v3.0.0 (#1012)

Co-authored-by: Copilot <223556219+Copilot@users.noreply.github.com>
@ramsessanchez ramsessanchez mentioned this pull request Apr 8, 2026
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants