| datasource  | package            | from   | to     || ----------- | ------------------ | ------ | ------ || github-tags | actions/setup-node | v4.0.3 | v6.1.0 |## [vv6.1.0](https://github.com/actions/setup-node/releases/tag/v6.1.0)#### What's Changed##### Enhancement:- Remove always-auth configuration handling by [@priyagupta108](https://github.com/priyagupta108) in [#1436](actions/setup-node#1436)##### Dependency updates:- Upgrade [@actions/cache](https://github.com/actions/cache) from 4.0.3 to 4.1.0 by [@dependabot](https://github.com/dependabot)\[bot] in [#1384](actions/setup-node#1384)- Upgrade actions/checkout from 5 to 6 by [@dependabot](https://github.com/dependabot)\[bot] in [#1439](actions/setup-node#1439)- Upgrade js-yaml from 3.14.1 to 3.14.2 by [@dependabot](https://github.com/dependabot)\[bot] in [#1435](actions/setup-node#1435)##### Documentation update:- Add example for restore-only cache in documentation by [@aparnajyothi-y](https://github.com/aparnajyothi-y) in [#1419](actions/setup-node#1419)**Full Changelog**: <actions/setup-node@v6...v6.1.0>## [vv6.0.0](https://github.com/actions/setup-node/releases/tag/v6.0.0)##### What's Changed**Breaking Changes**- Limit automatic caching to npm, update workflows and documentation by [@priyagupta108](https://github.com/priyagupta108) in [#1374](actions/setup-node#1374)**Dependency Upgrades**- Upgrade ts-jest from 29.1.2 to 29.4.1 and document breaking changes in v5 by [@dependabot](https://github.com/dependabot)\[bot] in [#1336](actions/setup-node#1336)- Upgrade prettier from 2.8.8 to 3.6.2 by [@dependabot](https://github.com/dependabot)\[bot] in [#1334](actions/setup-node#1334)- Upgrade actions/publish-action from 0.3.0 to 0.4.0 by [@dependabot](https://github.com/dependabot)\[bot] in [#1362](actions/setup-node#1362)**Full Changelog**: <actions/setup-node@v5...v6.0.0>## [vv5.0.0](https://github.com/actions/setup-node/releases/tag/v5.0.0)##### What's Changed##### Breaking Changes- Enhance caching in setup-node with automatic package manager detection by [@priya-kinthali](https://github.com/priya-kinthali) in [#1348](actions/setup-node#1348)This update, introduces automatic caching when a valid `packageManager` field is present in your `package.json`. This aims to improve workflow performance and make dependency management more seamless.To disable this automatic caching, set `package-manager-cache: false````yamlsteps:- uses: actions/checkout@v5- uses: actions/setup-node@v5  with:    package-manager-cache: false```- Upgrade action to use node24 by [@salmanmkc](https://github.com/salmanmkc) in [#1325](actions/setup-node#1325)Make sure your runner is on version v2.327.1 or later to ensure compatibility with this release. [See Release Notes](https://github.com/actions/runner/releases/tag/v2.327.1)##### Dependency Upgrades- Upgrade [@octokit/request-error](https://github.com/octokit/request-error) and [@actions/github](https://github.com/actions/github) by [@dependabot](https://github.com/dependabot)\[bot] in [#1227](actions/setup-node#1227)- Upgrade uuid from 9.0.1 to 11.1.0 by [@dependabot](https://github.com/dependabot)\[bot] in [#1273](actions/setup-node#1273)- Upgrade undici from 5.28.5 to 5.29.0 by [@dependabot](https://github.com/dependabot)\[bot] in [#1295](actions/setup-node#1295)- Upgrade form-data to bring in fix for critical vulnerability by [@gowridurgad](https://github.com/gowridurgad) in [#1332](actions/setup-node#1332)- Upgrade actions/checkout from 4 to 5 by [@dependabot](https://github.com/dependabot)\[bot] in [#1345](actions/setup-node#1345)##### New Contributors- [@priya-kinthali](https://github.com/priya-kinthali) made their first contribution in [#1348](actions/setup-node#1348)- [@salmanmkc](https://github.com/salmanmkc) made their first contribution in [#1325](actions/setup-node#1325)**Full Changelog**: <actions/setup-node@v4...v5.0.0>## [vv4.4.0](https://github.com/actions/setup-node/releases/tag/v4.4.0)##### What's Changed##### Bug fixes:- Make eslint-compact matcher compatible with Stylelint by [@FloEdelmann](https://github.com/FloEdelmann) in [#98](actions/setup-node#98)- Add support for indented eslint output by [@fregante](https://github.com/fregante) in [#1245](actions/setup-node#1245)##### Enhancement:- Support private mirrors by [@marco-ippolito](https://github.com/marco-ippolito) in [#1240](actions/setup-node#1240)##### Dependency update:- Upgrade [@action/cache](https://github.com/action/cache) from 4.0.2 to 4.0.3 by [@aparnajyothi-y](https://github.com/aparnajyothi-y) in [#1262](actions/setup-node#1262)##### New Contributors- [@FloEdelmann](https://github.com/FloEdelmann) made their first contribution in [#98](actions/setup-node#98)- [@fregante](https://github.com/fregante) made their first contribution in [#1245](actions/setup-node#1245)- [@marco-ippolito](https://github.com/marco-ippolito) made their first contribution in [#1240](actions/setup-node#1240)**Full Changelog**: <actions/setup-node@v4...v4.4.0>## [vv4.3.0](https://github.com/actions/setup-node/releases/tag/v4.3.0)##### What's Changed##### Dependency updates- Upgrade [@actions/glob](https://github.com/actions/glob) from 0.4.0 to 0.5.0 by [@dependabot](https://github.com/dependabot) in [#1200](actions/setup-node#1200)- Upgrade [@action/cache](https://github.com/action/cache) from 4.0.0 to 4.0.2 by [@gowridurgad](https://github.com/gowridurgad) in [#1251](actions/setup-node#1251)- Upgrade [@vercel/ncc](https://github.com/vercel/ncc) from 0.38.1 to 0.38.3 by [@dependabot](https://github.com/dependabot) in [#1203](actions/setup-node#1203)- Upgrade [@actions/tool-cache](https://github.com/actions/tool-cache) from 2.0.1 to 2.0.2 by [@dependabot](https://github.com/dependabot) in [#1220](actions/setup-node#1220)##### New Contributors- [@gowridurgad](https://github.com/gowridurgad) made their first contribution in [#1251](actions/setup-node#1251)**Full Changelog**: <actions/setup-node@v4...v4.3.0>## [vv4.2.0](https://github.com/actions/setup-node/releases/tag/v4.2.0)##### What's Changed- Enhance workflows and upgrade publish-actions from 0.2.2 to 0.3.0 by [@aparnajyothi-y](https://github.com/aparnajyothi-y) in [#1174](actions/setup-node#1174)- Add recommended permissions section to readme by [@benwells](https://github.com/benwells) in [#1193](actions/setup-node#1193)- Configure Dependabot settings by [@HarithaVattikuti](https://github.com/HarithaVattikuti) in [#1192](actions/setup-node#1192)- Upgrade `@actions/cache` to `^4.0.0` by [@priyagupta108](https://github.com/priyagupta108) in [#1191](actions/setup-node#1191)- Upgrade pnpm/action-setup from 2 to 4 by [@dependabot](https://github.com/dependabot) in [#1194](actions/setup-node#1194)- Upgrade actions/publish-immutable-action from 0.0.3 to 0.0.4 by [@dependabot](https://github.com/dependabot) in [#1195](actions/setup-node#1195)- Upgrade semver from 7.6.0 to 7.6.3 by [@dependabot](https://github.com/dependabot) in [#1196](actions/setup-node#1196)- Upgrade [@types/jest](https://github.com/types/jest) from 29.5.12 to 29.5.14 by [@dependabot](https://github.com/dependabot) in [#1201](actions/setup-node#1201)- Upgrade undici from 5.28.4 to 5.28.5 by [@dependabot](https://github.com/dependabot) in [#1205](actions/setup-node#1205)##### New Contributors- [@benwells](https://github.com/benwells) made their first contribution in [#1193](actions/setup-node#1193)**Full Changelog**: <actions/setup-node@v4...v4.2.0>## [vv4.1.0](https://github.com/actions/setup-node/releases/tag/v4.1.0)##### What's Changed- Resolve High Security Alerts by upgrading Dependencies by [@aparnajyothi-y](https://github.com/aparnajyothi-y) in [#1132](actions/setup-node#1132)- Upgrade IA Publish by [@Jcambass](https://github.com/Jcambass) in [#1134](actions/setup-node#1134)- Revise `isGhes` logic by [@jww3](https://github.com/jww3) in [#1148](actions/setup-node#1148)- Add architecture to cache key by [@pengx17](https://github.com/pengx17) in [#843](actions/setup-node#843)  This addresses issues with caching by adding the architecture (arch) to the cache key, ensuring that cache keys are accurate to prevent conflicts.  Note: This change may break previous cache keys as they will no longer be compatible with the new format.##### New Contributors- [@jww3](https://github.com/jww3) made their first contribution in [#1148](actions/setup-node#1148)- [@pengx17](https://github.com/pengx17) made their first contribution in [#843](actions/setup-node#843)**Full Changelog**: <actions/setup-node@v4...v4.1.0>## [vv4.0.4](https://github.com/actions/setup-node/releases/tag/v4.0.4)##### What's Changed- Add workflow file for publishing releases to immutable action package by [@Jcambass](https://github.com/Jcambass) in [#1125](actions/setup-node#1125)- Enhance Windows ARM64 Setup and Update micromatch Dependency by [@priyagupta108](https://github.com/priyagupta108) in [#1126](actions/setup-node#1126)##### Documentation changes:- Documentation update in the README file by [@suyashgaonkar](https://github.com/suyashgaonkar) in [#1106](actions/setup-node#1106)- Correct invalid 'lts' version string reference by [@fulldecent](https://github.com/fulldecent) in [#1124](actions/setup-node#1124)##### New Contributors- [@suyashgaonkar](https://github.com/suyashgaonkar) made their first contribution in [#1106](actions/setup-node#1106)- [@priyagupta108](https://github.com/priyagupta108) made their first contribution in [#1126](actions/setup-node#1126)- [@Jcambass](https://github.com/Jcambass) made their first contribution in [#1125](actions/setup-node#1125)- [@fulldecent](https://github.com/fulldecent) made their first contribution in [#1124](actions/setup-node#1124)**Full Changelog**: <actions/setup-node@v4...v4.0.4>

## Release notesSourced from actions/setup-node's releases.v6.1.0What's ChangedEnhancement:Remove always-auth configuration handling by @​priyagupta108 inactions/setup-node#1436Dependency updates:Upgrade @​actions/cache from 4.0.3 to 4.1.0 by @​dependabot[bot] inactions/setup-node#1384Upgrade actions/checkout from 5 to 6 by @​dependabot[bot] inactions/setup-node#1439Upgrade js-yaml from 3.14.1 to 3.14.2 by @​dependabot[bot] inactions/setup-node#1435Documentation update:Add example for restore-only cache in documentation by @​aparnajyothi-y inactions/setup-node#1419Full Changelog:actions/setup-node@v6...v6.1.0## Commits395ad32 Bump js-yaml from 3.14.1 to 3.14.2 (#1435)a4d2e2b Bump actions/checkout from 5 to 6 (#1439)b9b25d4 Remove always-auth configuration handling from action (#1436)633bb92 Bump @​actions/cache from 4.0.3 to 4.1.0 (#1384)dda4788 Add example for restore-only cache in documentation (#1419)See full diff in compare view![Dependabot compatibility score](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)Issue-ID: CIMAN-33Signed-off-by: dependabot[bot] <support@github.com>Signed-off-by: onap.gh2gerrit <releng+onap-gh2gerrit@linuxfoundation.org>Change-Id: I463988e51413333aa9cba61dff3ddd488312adb1GitHub-PR:#145GitHub-Hash: ef74739b14d5c224

[//]: # (dependabot-start)⚠️ \*\*Dependabot is rebasing this PR\*\*⚠️Rebasing might not happen immediately, so don't worry if this takes some time.Note: if you make any changes to this PR yourself, they will take precedence over the rebase.---[//]: # (dependabot-end)Bumps [actions/setup-node](https://github.com/actions/setup-node) from 6.0.0 to 6.1.0.Release notes*Sourced from [actions/setup-node's releases](https://github.com/actions/setup-node/releases).*> v6.1.0> ------>> What's Changed> -------------->> ### Enhancement:>> * Remove always-auth configuration handling by [`@​priyagupta108`](https://github.com/priyagupta108) in [actions/setup-node#1436](https://redirect.github.com/actions/setup-node/pull/1436)>> ### Dependency updates:>> * Upgrade `@​actions/cache` from 4.0.3 to 4.1.0 by [`@​dependabot`](https://github.com/dependabot)[bot] in [actions/setup-node#1384](https://redirect.github.com/actions/setup-node/pull/1384)> * Upgrade actions/checkout from 5 to 6 by [`@​dependabot`](https://github.com/dependabot)[bot] in [actions/setup-node#1439](https://redirect.github.com/actions/setup-node/pull/1439)> * Upgrade js-yaml from 3.14.1 to 3.14.2 by [`@​dependabot`](https://github.com/dependabot)[bot] in [actions/setup-node#1435](https://redirect.github.com/actions/setup-node/pull/1435)>> ### Documentation update:>> * Add example for restore-only cache in documentation by [`@​aparnajyothi-y`](https://github.com/aparnajyothi-y) in [actions/setup-node#1419](https://redirect.github.com/actions/setup-node/pull/1419)>> **Full Changelog**: <actions/setup-node@v6...v6.1.0>Commits* [`395ad32`](actions/setup-node@395ad32) Bump js-yaml from 3.14.1 to 3.14.2 ([#1435](https://redirect.github.com/actions/setup-node/issues/1435))* [`a4d2e2b`](actions/setup-node@a4d2e2b) Bump actions/checkout from 5 to 6 ([#1439](https://redirect.github.com/actions/setup-node/issues/1439))* [`b9b25d4`](actions/setup-node@b9b25d4) Remove always-auth configuration handling from action ([#1436](https://redirect.github.com/actions/setup-node/issues/1436))* [`633bb92`](actions/setup-node@633bb92) Bump `@​actions/cache` from 4.0.3 to 4.1.0 ([#1384](https://redirect.github.com/actions/setup-node/issues/1384))* [`dda4788`](actions/setup-node@dda4788) Add example for restore-only cache in documentation ([#1419](https://redirect.github.com/actions/setup-node/issues/1419))* See full diff in [compare view](actions/setup-node@2028fbc...395ad32)  [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility\_score?dependency-name=actions/setup-node&package-manager=github\_actions&previous-version=6.0.0&new-version=6.1.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.[//]: # (dependabot-automerge-start)[//]: # (dependabot-automerge-end)---Dependabot commands and options  You can trigger Dependabot actions by commenting on this PR:- `@dependabot rebase` will rebase this PR- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it- `@dependabot merge` will merge this PR after your CI passes on it- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it- `@dependabot cancel merge` will cancel a previously requested merge and block automerging- `@dependabot reopen` will reopen this PR if it is closed- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually- `@dependabot show  ignore conditions` will show all of the ignore conditions of the specified dependency- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps the github-actions group with 9 updates:| Package | From | To || --- | --- | --- || [actions/checkout](https://github.com/actions/checkout) | `6.0.0` | `6.0.1` || [actions/setup-java](https://github.com/actions/setup-java) | `5.0.0` | `5.1.0` || [graalvm/setup-graalvm](https://github.com/graalvm/setup-graalvm) | `1.4.3` | `1.4.4` || [softprops/action-gh-release](https://github.com/softprops/action-gh-release) | `2.4.2` | `2.5.0` || [github/codeql-action](https://github.com/github/codeql-action) | `4.31.5` | `4.31.7` || [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) | `7.0.9` | `7.0.11` || [ruby/setup-ruby](https://github.com/ruby/setup-ruby) | `1.268.0` | `1.269.0` || [updatecli/updatecli-action](https://github.com/updatecli/updatecli-action) | `2.96.0` | `2.97.0` || [actions/setup-node](https://github.com/actions/setup-node) | `6.0.0` | `6.1.0` |Updates `actions/checkout` from 6.0.0 to 6.0.1Release notes*Sourced from [actions/checkout's releases](https://github.com/actions/checkout/releases).*> v6.0.1> ------>> What's Changed> -------------->> * Update all references from v5 and v4 to v6 by [`@​ericsciple`](https://github.com/ericsciple) in [actions/checkout#2314](https://redirect.github.com/actions/checkout/pull/2314)> * Add worktree support for persist-credentials includeIf by [`@​ericsciple`](https://github.com/ericsciple) in [actions/checkout#2327](https://redirect.github.com/actions/checkout/pull/2327)> * Clarify v6 README by [`@​ericsciple`](https://github.com/ericsciple) in [actions/checkout#2328](https://redirect.github.com/actions/checkout/pull/2328)>> **Full Changelog**: <actions/checkout@v6...v6.0.1>Commits* [`8e8c483`](actions/checkout@8e8c483) Clarify v6 README ([#2328](https://redirect.github.com/actions/checkout/issues/2328))* [`033fa0d`](actions/checkout@033fa0d) Add worktree support for persist-credentials includeIf ([#2327](https://redirect.github.com/actions/checkout/issues/2327))* [`c2d88d3`](actions/checkout@c2d88d3) Update all references from v5 and v4 to v6 ([#2314](https://redirect.github.com/actions/checkout/issues/2314))* See full diff in [compare view](actions/checkout@1af3b93...8e8c483)  Updates `actions/setup-java` from 5.0.0 to 5.1.0Release notes*Sourced from [actions/setup-java's releases](https://github.com/actions/setup-java/releases).*> v5.1.0> ------>> What's Changed> -------------->> ### New Features>> * Add support for `.sdkmanrc` file in `java-version-file` parameter by [`@​guicamest`](https://github.com/guicamest) in [actions/setup-java#736](https://redirect.github.com/actions/setup-java/pull/736)> * Add support for Microsoft OpenJDK 25 builds by [`@​the-mod`](https://github.com/the-mod) in [actions/setup-java#927](https://redirect.github.com/actions/setup-java/pull/927)>> ### Bug Fixes & Improvements>> * Update Regex to Support All ASDF Versions for the supported distributions in tool-versions File by [`@​aparnajyothi-y`](https://github.com/aparnajyothi-y) in [actions/setup-java#767](https://redirect.github.com/actions/setup-java/pull/767)> * Enhance error logging for network failures to include endpoint/IP details, add retry mechanism and update workflows to use macos-15-intel by [`@​priya-kinthali`](https://github.com/priya-kinthali) in [actions/setup-java#946](https://redirect.github.com/actions/setup-java/pull/946)> * Update SapMachine URLs by [`@​RealCLanger`](https://github.com/RealCLanger) in [actions/setup-java#955](https://redirect.github.com/actions/setup-java/pull/955)> * Add GitHub Token Support for GraalVM and Refactor Code by [`@​mahabaleshwars`](https://github.com/mahabaleshwars) in [actions/setup-java#849](https://redirect.github.com/actions/setup-java/pull/849)>> ### Documentation changes>> * Update documentation to use checkout and Java v5 by [`@​lmvysakh`](https://github.com/lmvysakh) in [actions/setup-java#903](https://redirect.github.com/actions/setup-java/pull/903)> * Clarify JAVA\_HOME and PATH setup in README by [`@​chiranjib-swain`](https://github.com/chiranjib-swain) in [actions/setup-java#841](https://redirect.github.com/actions/setup-java/pull/841)>> ### Dependency updates>> * Upgrade prettier from 2.8.8 to 3.6.2 and document breaking changes in v5 by [`@​dependabot`](https://github.com/dependabot) in [actions/setup-java#873](https://redirect.github.com/actions/setup-java/pull/873)> * Upgrade actions/publish-action from 0.3.0 to 0.4.0 by [`@​dependabot`](https://github.com/dependabot) in [actions/setup-java#912](https://redirect.github.com/actions/setup-java/pull/912)>> New Contributors> ---------------->> * [`@​lmvysakh`](https://github.com/lmvysakh) made their first contribution in [actions/setup-java#903](https://redirect.github.com/actions/setup-java/pull/903)> * [`@​chiranjib-swain`](https://github.com/chiranjib-swain) made their first contribution in [actions/setup-java#841](https://redirect.github.com/actions/setup-java/pull/841)> * [`@​the-mod`](https://github.com/the-mod) made their first contribution in [actions/setup-java#927](https://redirect.github.com/actions/setup-java/pull/927)> * [`@​priya-kinthali`](https://github.com/priya-kinthali) made their first contribution in [actions/setup-java#946](https://redirect.github.com/actions/setup-java/pull/946)> * [`@​guicamest`](https://github.com/guicamest) made their first contribution in [actions/setup-java#736](https://redirect.github.com/actions/setup-java/pull/736)>> **Full Changelog**: <actions/setup-java@v5...v5.1.0>Commits* [`f2beeb2`](actions/setup-java@f2beeb2) Bump actions/publish-action from 0.3.0 to 0.4.0 ([#912](https://redirect.github.com/actions/setup-java/issues/912))* [`4e7e684`](actions/setup-java@4e7e684) feat: Add support for `.sdkmanrc` file in `java-version-file` parameter ([#736](https://redirect.github.com/actions/setup-java/issues/736))* [`46c56d6`](actions/setup-java@46c56d6) Add GitHub Token Support for GraalVM and Refactor Code ([#849](https://redirect.github.com/actions/setup-java/issues/849))* [`66b9457`](actions/setup-java@66b9457) Update SapMachine URLs ([#955](https://redirect.github.com/actions/setup-java/issues/955))* [`6ba5449`](actions/setup-java@6ba5449) Enhance error logging for network failures to include endpoint/IP details, ad...* [`de5a937`](actions/setup-java@de5a937) adds microsoft openjdk25 builds ([#927](https://redirect.github.com/actions/setup-java/issues/927))* [`ead9eaa`](actions/setup-java@ead9eaa) Update Regex to Support All ASDF Versions for the supported distributions in ...* [`8c57fa3`](actions/setup-java@8c57fa3) Clarify JAVA\_HOME and PATH setup in README ([#841](https://redirect.github.com/actions/setup-java/issues/841))* [`a7ab372`](actions/setup-java@a7ab372) Bump prettier from 2.8.8 to 3.6.2 ([#873](https://redirect.github.com/actions/setup-java/issues/873))* [`d0351b4`](actions/setup-java@d0351b4) Update documentation to use checkout and Java v5 ([#903](https://redirect.github.com/actions/setup-java/issues/903))* See full diff in [compare view](actions/setup-java@dded088...f2beeb2)  Updates `graalvm/setup-graalvm` from 1.4.3 to 1.4.4Release notes*Sourced from [graalvm/setup-graalvm's releases](https://github.com/graalvm/setup-graalvm/releases).*> v1.4.4> ------>> What's Changed> -------------->> * Bump actions/checkout from 5.0.0 to 6.0.0 in the github-actions-updates group by [`@​dependabot`](https://github.com/dependabot)[bot] in [graalvm/setup-graalvm#198](https://redirect.github.com/graalvm/setup-graalvm/pull/198)> * Bump the npm-updates group with 10 updates by [`@​dependabot`](https://github.com/dependabot)[bot] in [graalvm/setup-graalvm#197](https://redirect.github.com/graalvm/setup-graalvm/pull/197)>> **Full Changelog**: <graalvm/setup-graalvm@v1.4.3...v1.4.4>Commits* [`790e289`](graalvm/setup-graalvm@790e289) Bump version to `1.4.4`.* [`434a92b`](graalvm/setup-graalvm@434a92b) Update dist files.* [`fe4a6b3`](graalvm/setup-graalvm@fe4a6b3) Update dependencies* [`d8578a7`](graalvm/setup-graalvm@d8578a7) Bump the npm-updates group with 10 updates* [`98e485c`](graalvm/setup-graalvm@98e485c) Bump actions/checkout in the github-actions-updates group* See full diff in [compare view](graalvm/setup-graalvm@dec5790...790e289)  Updates `softprops/action-gh-release` from 2.4.2 to 2.5.0Release notes*Sourced from [softprops/action-gh-release's releases](https://github.com/softprops/action-gh-release/releases).*> v2.5.0> ------>> What's Changed> -------------->> ### Exciting New Features 🎉>> * feat: mark release as draft until all artifacts are uploaded by [`@​dumbmoron`](https://github.com/dumbmoron) in [softprops/action-gh-release#692](https://redirect.github.com/softprops/action-gh-release/pull/692)>> ### Other Changes 🔄>> * chore(deps): bump the npm group across 1 directory with 5 updates by [`@​dependabot`](https://github.com/dependabot)[bot] in [softprops/action-gh-release#697](https://redirect.github.com/softprops/action-gh-release/pull/697)> * chore(deps): bump actions/checkout from 5.0.0 to 5.0.1 in the github-actions group by [`@​dependabot`](https://github.com/dependabot)[bot] in [softprops/action-gh-release#689](https://redirect.github.com/softprops/action-gh-release/pull/689)>> New Contributors> ---------------->> * [`@​dumbmoron`](https://github.com/dumbmoron) made their first contribution in [softprops/action-gh-release#692](https://redirect.github.com/softprops/action-gh-release/pull/692)>> **Full Changelog**: <softprops/action-gh-release@v2.4.2...v2.5.0>Changelog*Sourced from [softprops/action-gh-release's changelog](https://github.com/softprops/action-gh-release/blob/master/CHANGELOG.md).*> 2.5.0> ----->> What's Changed> -------------->> ### Exciting New Features 🎉>> * feat: mark release as draft until all artifacts are uploaded by [`@​dumbmoron`](https://github.com/dumbmoron) in [softprops/action-gh-release#692](https://redirect.github.com/softprops/action-gh-release/pull/692)>> ### Other Changes 🔄>> * dependency updates>> 2.4.2> ----->> What's Changed> -------------->> ### Exciting New Features 🎉>> * feat: Ensure generated release notes cannot be over 125000 characters by [`@​BeryJu`](https://github.com/BeryJu) in [softprops/action-gh-release#684](https://redirect.github.com/softprops/action-gh-release/pull/684)>> ### Other Changes 🔄>> * dependency updates>> 2.4.1> ----->> What's Changed> -------------->> ### Other Changes 🔄>> * fix(util): support brace expansion globs containing commas in parseInputFiles by [`@​Copilot`](https://github.com/Copilot) in [softprops/action-gh-release#672](https://redirect.github.com/softprops/action-gh-release/pull/672)> * fix: gracefully fallback to body when body\_path cannot be read by [`@​Copilot`](https://github.com/Copilot) in [softprops/action-gh-release#671](https://redirect.github.com/softprops/action-gh-release/pull/671)>> 2.4.0> ----->> What's Changed> -------------->> ### Exciting New Features 🎉>> * feat(action): respect working\_directory for files globs by [`@​stephenway`](https://github.com/stephenway) in [softprops/action-gh-release#667](https://redirect.github.com/softprops/action-gh-release/pull/667)>> 2.3.4> ----->> What's Changed> -------------->> ### Bug fixes 🐛>> * fix(action): handle 422 already\_exists race condition by [`@​stephenway`](https://github.com/stephenway) in [softprops/action-gh-release#665](https://redirect.github.com/softprops/action-gh-release/pull/665)>> ### Other Changes 🔄... (truncated)Commits* [`a06a81a`](softprops/action-gh-release@a06a81a) release 2.5.0* [`7da8983`](softprops/action-gh-release@7da8983) feat: mark release as draft until all artifacts are uploaded ([#692](https://redirect.github.com/softprops/action-gh-release/issues/692))* [`8797328`](softprops/action-gh-release@8797328) chore(deps): bump actions/checkout in the github-actions group ([#689](https://redirect.github.com/softprops/action-gh-release/issues/689))* [`1bfc62a`](softprops/action-gh-release@1bfc62a) chore(deps): bump the npm group across 1 directory with 5 updates ([#697](https://redirect.github.com/softprops/action-gh-release/issues/697))* See full diff in [compare view](softprops/action-gh-release@5be0e66...a06a81a)  Updates `github/codeql-action` from 4.31.5 to 4.31.7Release notes*Sourced from [github/codeql-action's releases](https://github.com/github/codeql-action/releases).*> v4.31.7> ------->> CodeQL Action Changelog> =======================>> See the [releases page](https://github.com/github/codeql-action/releases) for the relevant changes to the CodeQL CLI and language packs.>> 4.31.7 - 05 Dec 2025> -------------------->> * Update default CodeQL bundle version to 2.23.7. [#3343](https://redirect.github.com/github/codeql-action/pull/3343)>> See the full [CHANGELOG.md](https://github.com/github/codeql-action/blob/v4.31.7/CHANGELOG.md) for more information.>> v4.31.6> ------->> CodeQL Action Changelog> =======================>> See the [releases page](https://github.com/github/codeql-action/releases) for the relevant changes to the CodeQL CLI and language packs.>> 4.31.6 - 01 Dec 2025> -------------------->> No user facing changes.>> See the full [CHANGELOG.md](https://github.com/github/codeql-action/blob/v4.31.6/CHANGELOG.md) for more information.Changelog*Sourced from [github/codeql-action's changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md).*> CodeQL Action Changelog> =======================>> See the [releases page](https://github.com/github/codeql-action/releases) for the relevant changes to the CodeQL CLI and language packs.>> [UNRELEASED]> ------------>> No user facing changes.>> 4.31.7 - 05 Dec 2025> -------------------->> * Update default CodeQL bundle version to 2.23.7. [#3343](https://redirect.github.com/github/codeql-action/pull/3343)>> 4.31.6 - 01 Dec 2025> -------------------->> No user facing changes.>> 4.31.5 - 24 Nov 2025> -------------------->> * Update default CodeQL bundle version to 2.23.6. [#3321](https://redirect.github.com/github/codeql-action/pull/3321)>> 4.31.4 - 18 Nov 2025> -------------------->> No user facing changes.>> 4.31.3 - 13 Nov 2025> -------------------->> * CodeQL Action v3 will be deprecated in December 2026. The Action now logs a warning for customers who are running v3 but could be running v4. For more information, see [Upcoming deprecation of CodeQL Action v3](https://github.blog/changelog/2025-10-28-upcoming-deprecation-of-codeql-action-v3/).> * Update default CodeQL bundle version to 2.23.5. [#3288](https://redirect.github.com/github/codeql-action/pull/3288)>> 4.31.2 - 30 Oct 2025> -------------------->> No user facing changes.>> 4.31.1 - 30 Oct 2025> -------------------->> * The `add-snippets` input has been removed from the `analyze` action. This input has been deprecated since CodeQL Action 3.26.4 in August 2024 when this removal was announced.>> 4.31.0 - 24 Oct 2025> -------------------->> * Bump minimum CodeQL bundle version to 2.17.6. [#3223](https://redirect.github.com/github/codeql-action/pull/3223)> * When SARIF files are uploaded by the `analyze` or `upload-sarif` actions, the CodeQL Action automatically performs post-processing steps to prepare the data for the upload. Previously, these post-processing steps were only performed before an upload took place. We are now changing this so that the post-processing steps will always be performed, even when the SARIF files are not uploaded. This does not change anything for the `upload-sarif` action. For `analyze`, this may affect Advanced Setup for CodeQL users who specify a value other than `always` for the `upload` input. [#3222](https://redirect.github.com/github/codeql-action/pull/3222)>> 4.30.9 - 17 Oct 2025> -------------------->> * Update default CodeQL bundle version to 2.23.3. [#3205](https://redirect.github.com/github/codeql-action/pull/3205)> * Experimental: A new `setup-codeql` action has been added which is similar to `init`, except it only installs the CodeQL CLI and does not initialize a database. Do not use this in production as it is part of an internal experiment and subject to change at any time. [#3204](https://redirect.github.com/github/codeql-action/pull/3204)>> 4.30.8 - 10 Oct 2025> -------------------->> No user facing changes.... (truncated)Commits* [`cf1bb45`](github/codeql-action@cf1bb45) Merge pull request [#3344](https://redirect.github.com/github/codeql-action/issues/3344) from github/update-v4.31.7-f5c63fadd* [`f4ebe95`](github/codeql-action@f4ebe95) Update changelog for v4.31.7* [`f5c63fa`](github/codeql-action@f5c63fa) Merge pull request [#3343](https://redirect.github.com/github/codeql-action/issues/3343) from github/update-bundle/codeql-bundle-v2.23.7* [`a2c01e7`](github/codeql-action@a2c01e7) Add changelog note* [`ac34c13`](github/codeql-action@ac34c13) Update default bundle to codeql-bundle-v2.23.7* [`267c467`](github/codeql-action@267c467) Merge pull request [#3339](https://redirect.github.com/github/codeql-action/issues/3339) from github/dependabot/npm\_and\_yarn/npm-minor-77d264...* [`aeabef7`](github/codeql-action@aeabef7) Merge branch 'main' into dependabot/npm\_and\_yarn/npm-minor-77d26487b0* [`78357d3`](github/codeql-action@78357d3) Merge pull request [#3341](https://redirect.github.com/github/codeql-action/issues/3341) from github/mbg/ci/update-cs-config-cli-tests* [`d61a6fa`](github/codeql-action@d61a6fa) Update CLI config test to account for overlay db changes on PRs* [`ce27e95`](github/codeql-action@ce27e95) Rebuild* Additional commits viewable in [compare view](github/codeql-action@fdbfb4d...cf1bb45)  Updates `peter-evans/create-pull-request` from 7.0.9 to 7.0.11Release notes*Sourced from [peter-evans/create-pull-request's releases](https://github.com/peter-evans/create-pull-request/releases).*> Create Pull Request v7.0.11> --------------------------->> What's Changed> -------------->> * fix: restrict remote prune to self-hosted runners by [`@​peter-evans`](https://github.com/peter-evans) in [peter-evans/create-pull-request#4250](https://redirect.github.com/peter-evans/create-pull-request/pull/4250)>> **Full Changelog**: <peter-evans/create-pull-request@v7.0.10...v7.0.11>>> Create Pull Request v7.0.10> --------------------------->> ⚙️ Fixes an issue where updating a pull request failed when targeting a forked repository with the same owner as its parent.>> What's Changed> -------------->> * build(deps): bump the github-actions group with 2 updates by [`@​dependabot`](https://github.com/dependabot)[bot] in [peter-evans/create-pull-request#4235](https://redirect.github.com/peter-evans/create-pull-request/pull/4235)> * build(deps-dev): bump prettier from 3.6.2 to 3.7.3 in the npm group by [`@​dependabot`](https://github.com/dependabot)[bot] in [peter-evans/create-pull-request#4240](https://redirect.github.com/peter-evans/create-pull-request/pull/4240)> * fix: provider list pulls fallback for multi fork same owner by [`@​peter-evans`](https://github.com/peter-evans) in [peter-evans/create-pull-request#4245](https://redirect.github.com/peter-evans/create-pull-request/pull/4245)>> New Contributors> ---------------->> * [`@​obnyis`](https://github.com/obnyis) made their first contribution in [peter-evans/create-pull-request#4064](https://redirect.github.com/peter-evans/create-pull-request/pull/4064)>> **Full Changelog**: <peter-evans/create-pull-request@v7.0.9...v7.0.10>Commits* [`22a9089`](peter-evans/create-pull-request@22a9089) fix: restrict remote prune to self-hosted runners ([#4250](https://redirect.github.com/peter-evans/create-pull-request/issues/4250))* [`d4f3be6`](peter-evans/create-pull-request@d4f3be6) fix: provider list pulls fallback for multi fork same owner ([#4245](https://redirect.github.com/peter-evans/create-pull-request/issues/4245))* [`bc8a47f`](peter-evans/create-pull-request@bc8a47f) build(deps-dev): bump prettier from 3.6.2 to 3.7.3 in the npm group ([#4240](https://redirect.github.com/peter-evans/create-pull-request/issues/4240))* [`a67ef28`](peter-evans/create-pull-request@a67ef28) build(deps): bump the github-actions group with 2 updates ([#4235](https://redirect.github.com/peter-evans/create-pull-request/issues/4235))* See full diff in [compare view](peter-evans/create-pull-request@84ae59a...22a9089)  Updates `ruby/setup-ruby` from 1.268.0 to 1.269.0Release notes*Sourced from [ruby/setup-ruby's releases](https://github.com/ruby/setup-ruby/releases).*> v1.269.0> -------->> What's Changed> -------------->> * Account for Bundler 4 by [`@​eregon`](https://github.com/eregon) in [ruby/setup-ruby#832](https://redirect.github.com/ruby/setup-ruby/pull/832)>> **Full Changelog**: <ruby/setup-ruby@v1.268.0...v1.269.0>Commits* [`d697be2`](ruby/setup-ruby@d697be2) Account for Bundler 4* See full diff in [compare view](ruby/setup-ruby@8aeb6ff...d697be2)  Updates `updatecli/updatecli-action` from 2.96.0 to 2.97.0Release notes*Sourced from [updatecli/updatecli-action's releases](https://github.com/updatecli/updatecli-action/releases).*> v2.97.0 🌈> --------->> Changes> ------->> * deps: update updatecli version to v0.111.0 @[updateclibot[bot]](https://github.com/apps/updateclibot) ([#986](https://redirect.github.com/updatecli/updatecli-action/issues/986))> * deps(updatecli/policies): bump all policies @[updateclibot[bot]](https://github.com/apps/updateclibot) ([#985](https://redirect.github.com/updatecli/updatecli-action/issues/985))>> 🧰 Maintenance> ------------->> * deps: bump Updatecli GH action to v2.96.0 @[updateclibot[bot]](https://github.com/apps/updateclibot) ([#982](https://redirect.github.com/updatecli/updatecli-action/issues/982))>> Contributors> ------------>> [`@​updateclibot`](https://github.com/updateclibot)[bot] and [updateclibot[bot]](https://github.com/apps/updateclibot)Commits* [`9a21b69`](updatecli/updatecli-action@9a21b69) deps: update updatecli version to v0.111.0 ([#986](https://redirect.github.com/updatecli/updatecli-action/issues/986))* [`afc5668`](updatecli/updatecli-action@afc5668) deps(updatecli/policies): bump all policies ([#985](https://redirect.github.com/updatecli/updatecli-action/issues/985))* [`613ad53`](updatecli/updatecli-action@613ad53) deps: bump Updatecli GH action to v2.96.0 ([#982](https://redirect.github.com/updatecli/updatecli-action/issues/982))* See full diff in [compare view](updatecli/updatecli-action@5ca3636...9a21b69)  Updates `actions/setup-node` from 6.0.0 to 6.1.0Release notes*Sourced from [actions/setup-node's releases](https://github.com/actions/setup-node/releases).*> v6.1.0> ------>> What's Changed> -------------->> ### Enhancement:>> * Remove always-auth configuration handling by [`@​priyagupta108`](https://github.com/priyagupta108) in [actions/setup-node#1436](https://redirect.github.com/actions/setup-node/pull/1436)>> ### Dependency updates:>> * Upgrade `@​actions/cache` from 4.0.3 to 4.1.0 by [`@​dependabot`](https://github.com/dependabot)[bot] in [actions/setup-node#1384](https://redirect.github.com/actions/setup-node/pull/1384)> * Upgrade actions/checkout from 5 to 6 by [`@​dependabot`](https://github.com/dependabot)[bot] in [actions/setup-node#1439](https://redirect.github.com/actions/setup-node/pull/1439)> * Upgrade js-yaml from 3.14.1 to 3.14.2 by [`@​dependabot`](https://github.com/dependabot)[bot] in [actions/setup-node#1435](https://redirect.github.com/actions/setup-node/pull/1435)>> ### Documentation update:>> * Add example for restore-only cache in documentation by [`@​aparnajyothi-y`](https://github.com/aparnajyothi-y) in [actions/setup-node#1419](https://redirect.github.com/actions/setup-node/pull/1419)>> **Full Changelog**: <actions/setup-node@v6...v6.1.0>Commits* [`395ad32`](actions/setup-node@395ad32) Bump js-yaml from 3.14.1 to 3.14.2 ([#1435](https://redirect.github.com/actions/setup-node/issues/1435))* [`a4d2e2b`](actions/setup-node@a4d2e2b) Bump actions/checkout from 5 to 6 ([#1439](https://redirect.github.com/actions/setup-node/issues/1439))* [`b9b25d4`](actions/setup-node@b9b25d4) Remove always-auth configuration handling from action ([#1436](https://redirect.github.com/actions/setup-node/issues/1436))* [`633bb92`](actions/setup-node@633bb92) Bump `@​actions/cache` from 4.0.3 to 4.1.0 ([#1384](https://redirect.github.com/actions/setup-node/issues/1384))* [`dda4788`](actions/setup-node@dda4788) Add example for restore-only cache in documentation ([#1419](https://redirect.github.com/actions/setup-node/issues/1419))* See full diff in [compare view](actions/setup-node@2028fbc...395ad32)  Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.[//]: # (dependabot-automerge-start)[//]: # (dependabot-automerge-end)---Dependabot commands and options  You can trigger Dependabot actions by commenting on this PR:- `@dependabot rebase` will rebase this PR- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it- `@dependabot merge` will merge this PR after your CI passes on it- `@dependabot squash and merge` will squash and merge this PR after your CI passes on it- `@dependabot cancel merge` will cancel a previously requested merge and block automerging- `@dependabot reopen` will reopen this PR if it is closed- `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually- `@dependabot show  ignore conditions` will show all of the ignore conditions of the specified dependency- `@dependabot ignore  major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)- `@dependabot ignore  minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)- `@dependabot ignore ` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)- `@dependabot unignore ` will remove all of the ignore conditions of the specified dependency- `@dependabot unignore  ` will remove the ignore condition of the specified dependency and ignore conditions