Bump the actions group across 1 directory with 8 updates

[dependabot]

Bumps the actions group with 8 updates in the / directory:

Package	From	To
pypa/cibuildwheel	3.4.1	4.0.0
github/codeql-action	4.35.2	4.36.2
eps1lon/actions-label-merge-conflict	3.0.3	3.1.0
actions/labeler	6.0.1	6.1.0
j178/prek-action	2.0.2	2.0.4
plbstl/first-contribution	4.3.0	4.3.2
actions/stale	10.2.0	10.3.0
codecov/codecov-action	6.0.0	7.0.0

Updates pypa/cibuildwheel from 3.4.1 to 4.0.0

Release notes

Sourced from pypa/cibuildwheel's releases.

v4.0.0

See @​henryiii's release post for more info on new features!

• 🌟 Adds wheel auditing with abi3audit as a default after the repair step, with new audit-requires and audit-command options (#2805)

• 🌟 Adds pyemscripten platform tag support (PEP 783), updates Pyodide to 314.0.0a2, and adds a pyodide-eol enable flag for building end-of-life Pyodide versions (#2812, #2848)

• 🌟 Sets up delvewheel as the default repair-wheel-command for Windows, so extension module DLLs are now bundled automatically. Skip by setting it to empty if not needed. (#2831)

• ✨ Adds CPython 3.15 support, under the enable option cpython-prerelease. This version of cibuildwheel uses 3.15.0b2. (#2833, #2850)

  While CPython is in beta, the ABI can change, so your wheels might not be compatible with the final release. For this reason, we don't recommend distributing wheels until RC1, at which point 3.15 will be available in cibuildwheel without the flag.

• ✨ Adds CPython 3.15 support for iOS and Android (#2857, #2858)

• ✨ Adds Android improvements for building NumPy and related packages, including auditwheel support, pkg-config and Fortran configuration, and the xbuild-files option (#2695)

• ✨ Adds CIBUILDWHEEL_BUILD_IDENTIFIER environment variable set to the current build identifier (e.g. cp311-manylinux_x86_64) during per-build steps (#2872)

• ✨ Adds {project} and {package} placeholders to config-settings (#2827)

• ⚠️ Drops support for Python 3.8 (#2686)

• ⚠️ Removes the experimental CPython 3.13 free-threading builds and the cpython-freethreading enable option. CPython 3.14+ free-threading support remains available without the enable flag. (#2684)

• ⚠️ Drops support for Cirrus CI, which is shutting down June 1, 2026 (#2817)

• ⚠️ Drops GraalPy 3.11 (gp311) support, as agreed in #2741, and removes GraalPy 24-only workarounds (#2895)

• 🔐 Adds SHA256 verification for direct downloads of Python interpreters, virtualenv, and python-build-standalone assets (#2873)

• 🔐 Adds tarfile extraction filter for safe archive extraction (#2856)

• 🐛 Fixes UV_PYTHON not being set for before-build on Linux when using uv as the build-frontend (#2830)

• 🐛 Fixes detection of musl libc when downloading python-build-standalone, which previously always selected the gnu asset on musl hosts like Alpine (#2889)

• 🐛 Fixes config-settings expansion when {project} or {package} contains spaces or backslashes (#2886)

• 🐛 Prevents deadlock when linux32 fails and forwards platform args to the sanity check (#2880, #2888)

• 🐛 Fixes container resource leaks on start failure and during teardown (#2879, #2887)

• 🐛 Removes potential partial cache-population in case of error (#2892)

• 🐛 Raises a clear error when ANDROID_API_LEVEL is not an integer (#2891)

• 🐛 Replaces assert with proper exception in python-build-standalone (#2859)

• 🐛 Uses ConfigurationError when package_dir is outside cwd instead of a generic Exception (#2898)

• 🛠 Updates dependencies and container pins (#2893, #2882, #2874, #2868, #2862, #2884, #2845, #2837, #2818, #2810, #2838, #2813)

• 🛠 Updates Android to Python 3.13.13 and 3.14.4 (#2821)

• 🛠 Applies Pyodide-specific patches to the Emscripten toolchain installation (#2800)

• 🛠 Uses python -V -V for Windows build diagnostics (#2832)

• 🛠 Simplifies pinned container image lookup (#2897)

• 🛠 Minor fixups across error messages, OCI container, and options (#2860)

• 💼 Adds PEP 723 metadata for bin/ scripts and drops the bin dependency group (#2819)

• 💼 Improves Azure test reliability with retries and caching (#2890)

• 💼 Fixes Windows GitLab CI test running (#2870)

• 💼 Updates CI action pins and dev dependencies (#2902, #2867, #2851, #2843, #2826, #2823, #2820, #2807)

• 💼 Adds agent and copilot setup files (#2861)

• 💼 Uses if TYPE_CHECKING: blocks (#2866, #2864)

• 🧪 Fixes Android tests using the uv frontend (#2809)

• 🧪 Fixes the update-dependencies workflow to use uv to run nox (#2808)

• 🧪 Adds unit tests for OCIContainer._get_platform_args (#2878)

• 📚 Updates documentation for delvewheel as the default Windows repair-wheel-command, including the build diagram, schema defaults, and legal note (#2877, #2853, #2891)

• 📚 Documents platform-specific before-build configuration (#2834)

• 📚 Updates the "How it works" diagram with details of Android, iOS, and Pyodide builds (#2816)

• 📚 Adds Pyodide icon and regenerates working examples data for Android, iOS, and Pyodide (#2815, #2811)

• 📚 Adds intersphinx support for external documentation linking (#2871)

• 📚 Adds instructions for building CUDA wheels and fixes manylinux container references in FAQ (#2896, #2900)

... (truncated)

Changelog

Sourced from pypa/cibuildwheel's changelog.

---

title: Changelog ref: changelog

Changelog

v4.0.0

7 June 2026

See @​henryiii's release post for more info on new features!

• 🌟 Adds wheel auditing with abi3audit as a default after the repair step, with new audit-requires and audit-command options (#2805)

• 🌟 Adds pyemscripten platform tag support (PEP 783), updates Pyodide to 314.0.0a2, and adds a pyodide-eol enable flag for building end-of-life Pyodide versions (#2812, #2848)

• 🌟 Sets up delvewheel as the default repair-wheel-command for Windows, so extension module DLLs are now bundled automatically. Skip by setting it to empty if not needed. (#2831)

• ✨ Adds CPython 3.15 support, under the enable option cpython-prerelease. This version of cibuildwheel uses 3.15.0b2. (#2833, #2850)

  While CPython is in beta, the ABI can change, so your wheels might not be compatible with the final release. For this reason, we don't recommend distributing wheels until RC1, at which point 3.15 will be available in cibuildwheel without the flag.

• ✨ Adds CPython 3.15 support for iOS and Android (#2857, #2858)

• ✨ Adds Android improvements for building NumPy and related packages, including auditwheel support, pkg-config and Fortran configuration, and the xbuild-files option (#2695)

• ✨ Adds CIBUILDWHEEL_BUILD_IDENTIFIER environment variable set to the current build identifier (e.g. cp311-manylinux_x86_64) during per-build steps (#2872)

• ✨ Adds {project} and {package} placeholders to config-settings (#2827)

• ⚠️ Drops support for Python 3.8 (#2686)

• ⚠️ Removes the experimental CPython 3.13 free-threading builds and the cpython-freethreading enable option. CPython 3.14+ free-threading support remains available without the enable flag. (#2684)

• ⚠️ Drops support for Cirrus CI, which is shutting down June 1, 2026 (#2817)

• ⚠️ Drops GraalPy 3.11 (gp311) support, as agreed in #2741, and removes GraalPy 24-only workarounds (#2895)

• 🔐 Adds SHA256 verification for direct downloads of Python interpreters, virtualenv, and python-build-standalone assets (#2873)

• 🔐 Adds tarfile extraction filter for safe archive extraction (#2856)

• 🐛 Fixes UV_PYTHON not being set for before-build on Linux when using uv as the build-frontend (#2830)

• 🐛 Fixes detection of musl libc when downloading python-build-standalone, which previously always selected the gnu asset on musl hosts like Alpine (#2889)

• 🐛 Fixes config-settings expansion when {project} or {package} contains spaces or backslashes (#2886)

• 🐛 Prevents deadlock when linux32 fails and forwards platform args to the sanity check (#2880, #2888)

• 🐛 Fixes container resource leaks on start failure and during teardown (#2879, #2887)

• 🐛 Removes potential partial cache-population in case of error (#2892)

• 🐛 Raises a clear error when ANDROID_API_LEVEL is not an integer (#2891)

• 🐛 Replaces assert with proper exception in python-build-standalone (#2859)

• 🐛 Uses ConfigurationError when package_dir is outside cwd instead of a generic Exception (#2898)

• 🛠 Updates dependencies and container pins (#2893, #2882, #2874, #2868, #2862, #2884, #2845, #2837, #2818, #2810, #2838, #2813)

• 🛠 Updates Android to Python 3.13.13 and 3.14.4 (#2821)

• 🛠 Applies Pyodide-specific patches to the Emscripten toolchain installation (#2800)

• 🛠 Uses python -V -V for Windows build diagnostics (#2832)

• 🛠 Simplifies pinned container image lookup (#2897)

• 🛠 Minor fixups across error messages, OCI container, and options (#2860)

• 💼 Adds PEP 723 metadata for bin/ scripts and drops the bin dependency group (#2819)

• 💼 Improves Azure test reliability with retries and caching (#2890)

• 💼 Fixes Windows GitLab CI test running (#2870)

• 💼 Updates CI action pins and dev dependencies (#2902, #2867, #2851, #2843, #2826, #2823, #2820, #2807)

• 💼 Adds agent and copilot setup files (#2861)

... (truncated)

Commits

• f03ac76 Bump version: v4.0.0
• 557c5f6 feat: remove GraalPy 3.11 (gp311) support (#2895)
• 70975c2 chore: use ConfigurationError when package_dir is outside cwd (#2898)
• e2f143c chore(deps): bump docker/setup-qemu-action from 4.0.0 to 4.1.0 in the actions...
• 866ae74 docs: fix CUDA manylinux container references in FAQ (#2900)
• 84b518a chore: simplify pinned image lookup (#2897)
• 785d812 docs: add instructions for building CUDA wheels (#2896)
• f6bd047 Bump version: v4.0.0rc2
• 6cd2d19 fix: remove potential partial cache-population in case of error (#2892)
• cdb170b [Bot] Update dependencies (#2893)
• Additional commits viewable in compare view

Updates github/codeql-action from 4.35.2 to 4.36.2

Release notes

Sourced from github/codeql-action's releases.

v4.36.2

• Cache CodeQL CLI version information across Actions steps. #3943
• Reduce requests while waiting for analysis processing by using exponential backoff when polling SARIF processing status. #3937
• Update default CodeQL bundle version to 2.25.6. #3948

v4.36.1

No user facing changes.

v4.36.0

• Breaking change: Bump the minimum required CodeQL bundle version to 2.19.4. #3894
• Add support for SHA-256 Git object IDs. #3893
• Update default CodeQL bundle version to 2.25.5. #3926

v4.35.5

• We have improved how the JavaScript bundles for the CodeQL Action are generated to avoid duplication across bundles and reduce the size of the repository by around 70%. This should have no effect on the runtime behaviour of the CodeQL Action. #3899
• For performance and accuracy reasons, improved incremental analysis will now only be enabled on a pull request when diff-informed analysis is also enabled for that run. If diff-informed analysis is unavailable (for example, because the PR diff ranges could not be computed), the action will fall back to a full analysis. #3791
• If multiple inputs are provided for the GitHub-internal analysis-kinds input, only code-scanning will be enabled. The analysis-kinds input is experimental, for GitHub-internal use only, and may change without notice at any time. #3892
• Added an experimental change which, when running a Code Scanning analysis for a PR with improved incremental analysis enabled, prefers CodeQL CLI versions that have a cached overlay-base database for the configured languages. This speeds up analysis for a repository when there is not yet a cached overlay-base database for the latest CLI version. We expect to roll this change out to everyone in May. #3880

v4.35.4

• Update default CodeQL bundle version to 2.25.4. #3881

v4.35.3

• Upcoming breaking change: Add a deprecation warning for customers using CodeQL version 2.19.3 and earlier. These versions of CodeQL were discontinued on 9 April 2026 alongside GitHub Enterprise Server 3.15, and will be unsupported by the next minor release of the CodeQL Action. #3837
• Configurations for private registries that use Cloudsmith or GCP OIDC are now accepted. #3850
• Best-effort connection tests for private registries now use GET requests instead of HEAD for better compatibility with various registry implementations. For NuGet feeds, the test is now always performed against the service index. #3853
• Fixed a bug where two diagnostics produced within the same millisecond could overwrite each other on disk, causing one of them to be lost. #3852
• Update default CodeQL bundle version to 2.25.3. #3865

Changelog

Sourced from github/codeql-action's changelog.

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

[UNRELEASED]

No user facing changes.

4.36.2 - 04 Jun 2026

• Cache CodeQL CLI version information across Actions steps. #3943
• Reduce requests while waiting for analysis processing by using exponential backoff when polling SARIF processing status. #3937
• Update default CodeQL bundle version to 2.25.6. #3948

4.36.1 - 02 Jun 2026

No user facing changes.

4.36.0 - 22 May 2026

• Breaking change: Bump the minimum required CodeQL bundle version to 2.19.4. #3894
• Add support for SHA-256 Git object IDs. #3893
• Update default CodeQL bundle version to 2.25.5. #3926

4.35.5 - 15 May 2026

• We have improved how the JavaScript bundles for the CodeQL Action are generated to avoid duplication across bundles and reduce the size of the repository by around 70%. This should have no effect on the runtime behaviour of the CodeQL Action. #3899
• For performance and accuracy reasons, improved incremental analysis will now only be enabled on a pull request when diff-informed analysis is also enabled for that run. If diff-informed analysis is unavailable (for example, because the PR diff ranges could not be computed), the action will fall back to a full analysis. #3791
• If multiple inputs are provided for the GitHub-internal analysis-kinds input, only code-scanning will be enabled. The analysis-kinds input is experimental, for GitHub-internal use only, and may change without notice at any time. #3892
• Added an experimental change which, when running a Code Scanning analysis for a PR with improved incremental analysis enabled, prefers CodeQL CLI versions that have a cached overlay-base database for the configured languages. This speeds up analysis for a repository when there is not yet a cached overlay-base database for the latest CLI version. We expect to roll this change out to everyone in May. #3880

4.35.4 - 07 May 2026

• Update default CodeQL bundle version to 2.25.4. #3881

4.35.3 - 01 May 2026

• Upcoming breaking change: Add a deprecation warning for customers using CodeQL version 2.19.3 and earlier. These versions of CodeQL were discontinued on 9 April 2026 alongside GitHub Enterprise Server 3.15, and will be unsupported by the next minor release of the CodeQL Action. #3837
• Configurations for private registries that use Cloudsmith or GCP OIDC are now accepted. #3850
• Best-effort connection tests for private registries now use GET requests instead of HEAD for better compatibility with various registry implementations. For NuGet feeds, the test is now always performed against the service index. #3853
• Fixed a bug where two diagnostics produced within the same millisecond could overwrite each other on disk, causing one of them to be lost. #3852
• Update default CodeQL bundle version to 2.25.3. #3865

4.35.2 - 15 Apr 2026

• The undocumented TRAP cache cleanup feature that could be enabled using the CODEQL_ACTION_CLEANUP_TRAP_CACHES environment variable is deprecated and will be removed in May 2026. If you are affected by this, we recommend disabling TRAP caching by passing the trap-caching: false input to the init Action. #3795
• The Git version 2.36.0 requirement for improved incremental analysis now only applies to repositories that contain submodules. #3789
• Python analysis on GHES no longer extracts the standard library, relying instead on models of the standard library. This should result in significantly faster extraction and analysis times, while the effect on alerts should be minimal. #3794
• Fixed a bug in the validation of OIDC configurations for private registries that was added in CodeQL Action 4.33.0 / 3.33.0. #3807
• Update default CodeQL bundle version to 2.25.2. #3823

... (truncated)

Commits

• 8aad20d Merge pull request #3949 from github/update-v4.36.2-dcb947ce1
• f521b08 Add additional changelog notes
• 8aeff0f Update changelog for v4.36.2
• dcb947c Merge pull request #3948 from github/update-bundle/codeql-bundle-v2.25.6
• c251bce Add changelog note
• 62953c1 Update default bundle to codeql-bundle-v2.25.6
• 423b570 Merge pull request #3946 from github/dependabot/npm_and_yarn/npm-minor-5d507a...
• c35d1b1 Merge pull request #3947 from github/dependabot/github_actions/dot-github/wor...
• cb1a588 Merge pull request #3937 from github/robertbrignull/waitForProcessing_backoff
• ba47406 Merge pull request #3943 from github/henrymercer/cache-cli-version-info
• Additional commits viewable in compare view

Updates eps1lon/actions-label-merge-conflict from 3.0.3 to 3.1.0

Release notes

Sourced from eps1lon/actions-label-merge-conflict's releases.

v3.1.0

What's Changed

• Add better permissions defaults for the example by @​oliviertassinari in eps1lon/actions-label-merge-conflict#151
• Update Node.js to 24 by @​oliviertassinari in eps1lon/actions-label-merge-conflict#152
• release: 3.1.0 by @​eps1lon in eps1lon/actions-label-merge-conflict#153

New Contributors

• @​oliviertassinari made their first contribution in eps1lon/actions-label-merge-conflict#151

Full Changelog: eps1lon/actions-label-merge-conflict@v3.0.3...v3.1.0

Changelog

Sourced from eps1lon/actions-label-merge-conflict's changelog.

Changelog

3.1.0

• Update Node.js to 24 (#152)

3.0.3

• Ensure outputs is populated (#136)

3.0.2

• Handle error when label is not available (part 2) (#126)

3.0.1

• Handle error when label is not available (#123)

3.0.0

• Update to node20 (#115)

2.1.0

• Address set-output deprecation (#92 by @​NotMyFault)
• Fix CVE-2022-35954 (#92 by @​NotMyFault)

2.0.1

• Improve retry logic (#31 by @​eps1lon)

2.0.0

• Only update PRs based off of the branch in the push event Previously we checked every open PR. Since a push to a branch can only create merge conflicts with that branch we can limit the set of checked PRs. This should help repositories with lots of PRs targetting different branches with rate limiting.
• Only leave comments if the dirtyLabel was added or removed

1.4.0

• Allow warning only if secrets aren't available (#22 by @​baywet)
• Remove requirement for removeOnDirtyLabel (#21 by @​baywet)

1.3.0

• set PRs and their dirty state as output (#17 by @​baywet)

Commits

• 0273be7 release: 3.1.0 (#153)
• 9d4606b Update Node.js to 24 (#152)
• 62d0db0 docs: Add better permissions defaults for the example (#151)
• See full diff in compare view

Updates actions/labeler from 6.0.1 to 6.1.0

Release notes

Sourced from actions/labeler's releases.

v6.1.0

Enhancements

• Add changed-files-labels-limit and max-files-changed configuration options to cap the number of labels added by @​bluca in actions/labeler#923

Bug Fixes

• Improve Labeler Action documentation and permission error handling by @​chiranjib-swain in actions/labeler#897
• Preserve manually added labels during workflow runs and refine label synchronization logic by @​chiranjib-swain in actions/labeler#917

Dependency Updates

• Upgrade brace-expansion from 1.1.11 to 1.1.12 and document breaking changes in v6 by @​dependabot in actions/labeler#877
• Upgrade minimatch from 10.0.1 to 10.2.3 by @​dependabot in actions/labeler#926
• Upgrade dependencies (@​actions/core, @​actions/github, js-yaml, minimatch, @​typescript-eslint) by @​Copilot in actions/labeler#934

New Contributors

• @​chiranjib-swain made their first contribution in actions/labeler#897
• @​bluca made their first contribution in actions/labeler#923
• @​Copilot made their first contribution in actions/labeler#934

Full Changelog: actions/labeler@v6...v6.1.0

Commits

• f27b608 chore: upgrade dependencies (@​actions/core, @​actions/github, js-yaml, minimat...
• c5dadc2 Add 'changed-files-labels-limit' and 'max-files-changed' configs to allow cap...
• e52e4fb Bump minimatch from 10.0.1 to 10.2.3 (#926)
• 77a4082 Fix: Preserve manually added labels during workflow run and refine label sync...
• 25abb3c Improve Labeler Action Documentation and Error Handling for Permissions (#897)
• 395c8cf Bump brace-expansion from 1.1.11 to 1.1.12 and document breaking changes in v...
• See full diff in compare view

Updates j178/prek-action from 2.0.2 to 2.0.4

Release notes

Sourced from j178/prek-action's releases.

v2.0.4

What's Changed

• Update known versions for prek 0.3.12 by @​j178 in j178/prek-action#131
• Update known versions for prek 0.3.13 by @​j178 in j178/prek-action#132
• Update known versions for prek 0.4.0 by @​j178 in j178/prek-action#133

Full Changelog: j178/prek-action@v2...v2.0.4

v2.0.3

What's Changed

• Use single action entrypoint by @​j178 in j178/prek-action#128
• Update known versions for prek 0.3.10 by @​j178 in j178/prek-action#123
• Update known versions for prek 0.3.11 by @​j178 in j178/prek-action#124

Full Changelog: j178/prek-action@v2...v2.0.3

Commits

• bdca6f1 Update actions/setup-node action to v6.4.0 (#137)
• 3230ac7 Update dependency vitest to v4.1.5 (#134)
• 9a332a1 Update pre-commit hook biomejs/pre-commit to v2.4.13 (#136)
• 8b56901 Update known versions for prek 0.4.0 (#133)
• 4a83041 Update known versions for prek 0.3.13 (#132)
• fe60983 Update known versions for prek 0.3.12 (#131)
• 6f2f302 Update pre-commit hook biomejs/pre-commit to v2.4.12 (#130)
• 6ad8027 Use single action entrypoint (#128)
• f8c977a Update dependency typescript to v6 (#122)
• 7c137cf Update npm dev dependencies (#125)
• Additional commits viewable in compare view

Updates plbstl/first-contribution from 4.3.0 to 4.3.2

Release notes

Sourced from plbstl/first-contribution's releases.

v4.3.2

What's Changed

• Fix internal contributor detection for private org members by @​plbstl in plbstl/first-contribution#109
• chore(deps): bump the actions-minor group across 1 directory with 3 updates by @​dependabot[bot] in plbstl/first-contribution#102
• chore(deps): bump pnpm/action-setup from 5.0.0 to 6.0.8 by @​dependabot[bot] in plbstl/first-contribution#108

Full Changelog: plbstl/first-contribution@v4.3.1...v4.3.2

v4.3.1

What's Changed

• fix: actually use the skip-internal-contributors action input by @​plbstl in plbstl/first-contribution#107
• chore(deps): bump pnpm/action-setup from 4.2.0 to 5.0.0 by @​dependabot[bot] in plbstl/first-contribution#95
• migrate to pnpm v11 in 88fec1a73f171bc229198fd070eca4541a680e10
• update deps in 8ca3e8a4d8d858222066e59521e0387d86faa100

Full Changelog: plbstl/first-contribution@v4.3.0...v4.3.1

Commits

• fa732d1 update package.json version from 4.3.1 to 4.3.2
• 3b1f0f5 regenerate dist
• 9f2ad03 update deps
• 8a9ac5d fix: use PAT client for collaborator checks & add more logs
• ef3eac1 change debug logs to info logs
• ea2d645 update pnpm 11.2.2 → 11.3.0
• 4c2ffc4 update dev-deps
• ddf857d chore(deps): bump pnpm/action-setup from 5.0.0 to 6.0.8
• b83a858 chore(deps): bump the actions-minor group across 1 directory with 3 updates
• aa7de04 update version in README examples to 4.3.1
• Additional commits viewable in compare view

Updates actions/stale from 10.2.0 to 10.3.0

Release notes

Sourced from actions/stale's releases.

v10.3.0

What's Changed

Bug Fix

• Enhancement: ignore stale labeling events by @​shamoon in actions/stale#1311

Dependency Updates

• Upgrade dependencies (@​actions/core, @​octokit/plugin-retry, @​typescript-eslint) by @​Copilot in actions/stale#1335

New Contributors

• @​shamoon made their first contribution in actions/stale#1311

Full Changelog: actions/stale@v10...v10.3.0

Commits

• eb5cf3a chore: upgrade dependencies and bump version to 10.3.0 (#1335)
• db5d06a Enhancement: ignore stale labeling events (#1311)
• See full diff in compare view

Updates codecov/codecov-action from 6.0.0 to 7.0.0

Release notes

Sourced from codecov/codecov-action's releases.

v7.0.0

⚠️ Due to migration issues with keybase, we are unable to update our keys under the codecovsecurity account. We have deleted the account and are using codecovsecops with the original gpg key

What's Changed

• ci: remove Enforce License Compliance workflow by @​thomasrockhu-codecov in codecov/codecov-action#1950
• chore(release): 7.0.0 by @​thomasrockhu-codecov in codecov/codecov-action#1957

Full Changelog: codecov/codecov-action@v6.0.1...v7.0.0

v6.0.2

This is a copy of the v7.0.0 release to make updates easier

What's Changed

• ci: remove Enforce License Compliance workflow by @​thomasrockhu-codecov in codecov/codecov-action#1950
• chore(release): 7.0.0 by @​thomasrockhu-codecov in codecov/codecov-action#1957

Full Changelog: codecov/codecov-action@v6.0.1...v6.0.2

v6.0.1

What's Changed

• fix: prevent template injection in run: steps (VULN-1652) by @​thomasrockhu-codecov in codecov/codecov-action#1947
• chore(release): 6.0.1 by @​thomasrockhu-codecov in codecov/codecov-action#1949

Full Changelog: codecov/codecov-action@v6.0.0...v6.0.1

Changelog

Sourced from codecov/codecov-action's changelog.

v5.5.2

What's Changed

Full Changelog: https://github.com/codecov/codecov-action/compare/v5.5.1..v5.5.2

v5.5.1

What's Changed

• fix: overwrite pr number on fork by @​thomasrockhu-codecov in codecov/codecov-action#1871
• build(deps): bump actions/checkout from 4.2.2 to 5.0.0 by @​app/dependabot in codecov/codecov-action#1868
• build(deps): bump github/codeql-action from 3.29.9 to 3.29.11 by @​app/dependabot in codecov/codecov-action#1867
• fix: update to use local app/ dir by @​thomasrockhu-codecov in codecov/codecov-action#1872
• docs: fix typo in README by @​datalater in codecov/codecov-action#1866
• Document a codecov-cli version reference example by @​webknjaz in codec...

  Description has been truncated