chore(deps): bump the github-actions-dependencies group with 2 updates

[dependabot]

Bumps the github-actions-dependencies group with 2 updates: actions/github-script and hoverkraft-tech/ci-github-publish/.github/workflows/prepare-release.yml.

Updates actions/github-script from 8.0.0 to 9.0.0

Release notes

Sourced from actions/github-script's releases.

v9.0.0

New features:

• getOctokit factory function — Available directly in the script context. Create additional authenticated Octokit clients with different tokens for multi-token workflows, GitHub App tokens, and cross-org access. See Creating additional clients with getOctokit for details and examples.
• Orchestration ID in user-agent — The ACTIONS_ORCHESTRATION_ID environment variable is automatically appended to the user-agent string for request tracing.

Breaking changes:

• require('@actions/github') no longer works in scripts. The upgrade to @actions/github v9 (ESM-only) means require('@actions/github') will fail at runtime. If you previously used patterns like const { getOctokit } = require('@actions/github') to create secondary clients, use the new injected getOctokit function instead — it's available directly in the script context with no imports needed.
• getOctokit is now an injected function parameter. Scripts that declare const getOctokit = ... or let getOctokit = ... will get a SyntaxError because JavaScript does not allow const/let redeclaration of function parameters. Use the injected getOctokit directly, or use var getOctokit = ... if you need to redeclare it.
• If your script accesses other @actions/github internals beyond the standard github/octokit client, you may need to update those references for v9 compatibility.

What's Changed

• Add ACTIONS_ORCHESTRATION_ID to user-agent string by @​Copilot in actions/github-script#695
• ci: use deployment: false for integration test environments by @​salmanmkc in actions/github-script#712
• feat!: add getOctokit to script context, upgrade @​actions/github v9, @​octokit/core v7, and related packages by @​salmanmkc in actions/github-script#700

New Contributors

• @​Copilot made their first contribution in actions/github-script#695

Full Changelog: actions/github-script@v8.0.0...v9.0.0

Commits

• 3a2844b Merge pull request #700 from actions/salmanmkc/expose-getoctokit + prepare re...
• ca10bbd fix: use @​octokit/core/types import for v7 compatibility
• 86e48e2 merge: incorporate main branch changes
• c108472 chore: rebuild dist for v9 upgrade and getOctokit factory
• afff112 Merge pull request #712 from actions/salmanmkc/deployment-false + fix user-ag...
• ff8117e ci: fix user-agent test to handle orchestration ID
• 81c6b78 ci: use deployment: false to suppress deployment noise from integration tests
• 3953caf docs: update README examples from @​v8 to @​v9, add getOctokit docs and v9 brea...
• c17d55b ci: add getOctokit integration test job
• a047196 test: add getOctokit integration tests via callAsyncFunction
• Additional commits viewable in compare view

Updates hoverkraft-tech/ci-github-publish/.github/workflows/prepare-release.yml from 0.21.1 to 0.22.0

Release notes

Sourced from hoverkraft-tech/ci-github-publish/.github/workflows/prepare-release.yml's releases.

0.22.0

Release Summary

This release adds support for the publish input in the release/create scope and makes the release workflow usable without requiring a config file in the repository anymore, simplifying setup for users.

Internally, it refreshes actions and workflows documentation, expands test coverage for deploy/jekyll, and updates GitHub Actions dependencies across multiple directories.

Breaking change(s)

Workflow prepare-release does not anymore need/support github-app-id and github-app-key. Permissions are now:

contents: read
id-token: write
pull-requests: write

What's Changed

• build(deps): Bump the github-actions-dependencies group across 1 directory with 2 updates by @​dependabot[bot] in hoverkraft-tech/ci-github-publish#338
• docs: update actions and workflows documentation by @​hoverkraft-bot[bot] in hoverkraft-tech/ci-github-publish#339
• feat(release/create): add support for "publish" input by @​Copilot in hoverkraft-tech/ci-github-publish#324
• docs: update actions and workflows documentation by @​hoverkraft-bot[bot] in hoverkraft-tech/ci-github-publish#340
• build(deps): Bump the github-actions-dependencies group across 5 directories with 8 updates by @​dependabot[bot] in hoverkraft-tech/ci-github-publish#343
• docs: update actions and workflows documentation by @​hoverkraft-bot[bot] in hoverkraft-tech/ci-github-publish#344
• build(deps): Bump the github-actions-dependencies group across 2 directories with 2 updates by @​dependabot[bot] in hoverkraft-tech/ci-github-publish#345
• docs: update actions and workflows documentation by @​hoverkraft-bot[bot] in hoverkraft-tech/ci-github-publish#346
• build(deps): Bump the github-actions-dependencies group across 2 directories with 2 updates by @​dependabot[bot] in hoverkraft-tech/ci-github-publish#347
• docs: update actions and workflows documentation by @​hoverkraft-bot[bot] in hoverkraft-tech/ci-github-publish#348
• build(deps): Bump the github-actions-dependencies group across 4 directories with 3 updates by @​dependabot[bot] in hoverkraft-tech/ci-github-publish#349
• docs: update actions and workflows documentation by @​hoverkraft-bot[bot] in hoverkraft-tech/ci-github-publish#350
• build(deps): Bump the github-actions-dependencies group across 3 directories with 5 updates by @​dependabot[bot] in hoverkraft-tech/ci-github-publish#351
• docs: update actions and workflows documentation by @​hoverkraft-bot[bot] in hoverkraft-tech/ci-github-publish#352
• docs: update actions and workflows documentation by @​hoverkraft-bot[bot] in hoverkraft-tech/ci-github-publish#354
• docs: update actions and workflows documentation by @​hoverkraft-bot[bot] in hoverkraft-tech/ci-github-publish#355
• test(deploy/jekyll): add unit tests for deploy/jekyll action by @​neilime in hoverkraft-tech/ci-github-publish#353
• docs: update actions and workflows documentation by @​hoverkraft-bot[bot] in hoverkraft-tech/ci-github-publish#356
• build(deps): Bump the github-actions-dependencies group across 7 directories with 9 updates by @​dependabot[bot] in hoverkraft-tech/ci-github-publish#357

Full Changelog: hoverkraft-tech/ci-github-publish@0.21.1...0.22.0

Commits

• b56be56 docs: improve description for working-directory input in release scope
• 3119215 build(deps): Bump the github-actions-dependencies group across 7 directories ...
• eea0579 docs: update actions and workflows documentation
• ac87a6f test(deploy/jekyll): add unit tests for deploy/jekyll action
• 1df14a6 docs: update actions and workflows documentation
• ab69e50 fix(prepare-release): set proper needed permissions
• ce7b314 docs: update actions and workflows documentation
• bb05a6f fix(prepare-release): set proper needed permissions
• 26e47d6 docs: update actions and workflows documentation
• 524e409 build(deps): Bump the github-actions-dependencies group across 3 directories ...
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[github-actions]

Hi, thank you for creating your PR, we will check it out very soon

[codecov]

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 99.40%. Comparing base (3c795f9) to head (7220d23).
⚠️ Report is 2 commits behind head on main.

Additional details and impacted files

@@           Coverage Diff           @@
##             main     #261   +/-   ##
=======================================
  Coverage   99.40%   99.40%           
=======================================
  Files           9        9           
  Lines         169      169           
  Branches       35       35           
=======================================
  Hits          168      168           
  Partials        1        1           

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
• 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.