Bump the github-actions group across 1 directory with 4 updates

[dependabot]

Bumps the github-actions group with 4 updates in the / directory: actions/checkout, actions/upload-artifact, dawidd6/action-download-artifact and actions/github-script.

Updates actions/checkout from 6 to 7

Release notes

Sourced from actions/checkout's releases.

v7.0.0

What's Changed

• block checking out fork pr for pull_request_target and workflow_run by @​aiqiaoy in actions/checkout#2454
• Bump actions/publish-immutable-action from 0.0.3 to 0.0.4 in the minor-actions-dependencies group across 1 directory by @​dependabot[bot] in actions/checkout#2458
• Bump flatted from 3.3.1 to 3.4.2 by @​dependabot[bot] in actions/checkout#2460
• Bump js-yaml from 4.1.0 to 4.2.0 by @​dependabot[bot] in actions/checkout#2461
• Bump @​actions/core and @​actions/tool-cache and Remove uuid by @​dependabot[bot] in actions/checkout#2459
• upgrade module to esm and update dependencies by @​aiqiaoy in actions/checkout#2463
• Bump the minor-npm-dependencies group across 1 directory with 3 updates by @​dependabot[bot] in actions/checkout#2462
• getting ready for checkout v7 release by @​aiqiaoy in actions/checkout#2464
• update error wording by @​aiqiaoy in actions/checkout#2467

New Contributors

• @​aiqiaoy made their first contribution in actions/checkout#2454

Full Changelog: actions/checkout@v6.0.3...v7.0.0

v6.0.3

What's Changed

• Update changelog by @​ericsciple in actions/checkout#2357
• fix: expand merge commit SHA regex and add SHA-256 test cases by @​yaananth in actions/checkout#2414
• Fix checkout init for SHA-256 repositories by @​yaananth in actions/checkout#2439
• Update changelog for v6.0.3 by @​yaananth in actions/checkout#2446

New Contributors

• @​yaananth made their first contribution in actions/checkout#2414

Full Changelog: actions/checkout@v6...v6.0.3

v6.0.2

What's Changed

• Add orchestration_id to git user-agent when ACTIONS_ORCHESTRATION_ID is set by @​TingluoHuang in actions/checkout#2355
• Fix tag handling: preserve annotations and explicit fetch-tags by @​ericsciple in actions/checkout#2356

Full Changelog: actions/checkout@v6.0.1...v6.0.2

v6.0.1

What's Changed

• Update all references from v5 and v4 to v6 by @​ericsciple in actions/checkout#2314
• Add worktree support for persist-credentials includeIf by @​ericsciple in actions/checkout#2327
• Clarify v6 README by @​ericsciple in actions/checkout#2328

Full Changelog: actions/checkout@v6...v6.0.1

Commits

• 9c091bb update error wording (#2467)
• 1044a6d getting ready for checkout v7 release (#2464)
• f028218 Bump the minor-npm-dependencies group across 1 directory with 3 updates (#2462)
• d914b26 upgrade module to esm and update dependencies (#2463)
• 537c7ef Bump @​actions/core and @​actions/tool-cache and Remove uuid (#2459)
• 130a169 Bump js-yaml from 4.1.0 to 4.2.0 (#2461)
• 7d09575 Bump flatted from 3.3.1 to 3.4.2 (#2460)
• 0f9f3aa Bump actions/publish-immutable-action (#2458)
• f9e715a block checking out fork pr for pull_request_target and workflow_run (#2454)
• See full diff in compare view

Updates actions/upload-artifact from 7.0.0 to 7.0.1

Release notes

Sourced from actions/upload-artifact's releases.

v7.0.1

What's Changed

• Update the readme with direct upload details by @​danwkennedy in actions/upload-artifact#795
• Readme: bump all the example versions to v7 by @​danwkennedy in actions/upload-artifact#796
• Include changes in typespec/ts-http-runtime 0.3.5 by @​yacaovsnc in actions/upload-artifact#797

Full Changelog: actions/upload-artifact@v7...v7.0.1

Commits

• 043fb46 Merge pull request #797 from actions/yacaovsnc/update-dependency
• 634250c Include changes in typespec/ts-http-runtime 0.3.5
• e454baa Readme: bump all the example versions to v7 (#796)
• 74fad66 Update the readme with direct upload details (#795)
• See full diff in compare view

Updates dawidd6/action-download-artifact from 19 to 21

Release notes

Sourced from dawidd6/action-download-artifact's releases.

v21

What's Changed

• build(deps): bump @​actions/github from 9.0.0 to 9.1.0 by @​dependabot[bot] in dawidd6/action-download-artifact#396
• build(deps): bump filesize from 11.0.15 to 11.0.16 by @​dependabot[bot] in dawidd6/action-download-artifact#399
• build(deps): bump fast-xml-parser from 5.5.7 to 5.7.1 by @​dependabot[bot] in dawidd6/action-download-artifact#402
• build(deps): bump @​actions/github from 9.1.0 to 9.1.1 by @​dependabot[bot] in dawidd6/action-download-artifact#400
• build(deps): bump @​actions/core from 3.0.0 to 3.0.1 by @​dependabot[bot] in dawidd6/action-download-artifact#401
• build(deps): bump filesize from 11.0.16 to 11.0.17 by @​dependabot[bot] in dawidd6/action-download-artifact#404
• Download artifacts in creation order by @​matejdro in dawidd6/action-download-artifact#398
• node_modules: update by @​dawidd6 in dawidd6/action-download-artifact#405

New Contributors

• @​matejdro made their first contribution in dawidd6/action-download-artifact#398

Full Changelog: dawidd6/action-download-artifact@v20...v21

v20

What's Changed

• build(deps): bump fast-xml-parser from 5.5.6 to 5.5.7 by @​dependabot[bot] in dawidd6/action-download-artifact#387
• node_modules: update by @​dawidd6 in dawidd6/action-download-artifact#388
• build(deps): bump filesize from 11.0.13 to 11.0.14 by @​dependabot[bot] in dawidd6/action-download-artifact#389
• build(deps): bump brace-expansion by @​dependabot[bot] in dawidd6/action-download-artifact#390
• node_modules: update by @​dawidd6 in dawidd6/action-download-artifact#391
• build(deps): bump filesize from 11.0.14 to 11.0.15 by @​dependabot[bot] in dawidd6/action-download-artifact#392
• build(deps): bump adm-zip from 0.5.16 to 0.5.17 by @​dependabot[bot] in dawidd6/action-download-artifact#393
• build(deps): bump lodash from 4.17.23 to 4.18.1 by @​dependabot[bot] in dawidd6/action-download-artifact#394
• node_modules: update by @​dawidd6 in dawidd6/action-download-artifact#395

Full Changelog: dawidd6/action-download-artifact@v19...v20

Commits

• b6e2e70 node_modules: update (#405)
• 1708cb3 Download artifacts in creation order (#398)
• 00b585a build(deps): bump filesize from 11.0.16 to 11.0.17 (#404)
• 0414c42 build(deps): bump @​actions/core from 3.0.0 to 3.0.1 (#401)
• c802aad build(deps): bump @​actions/github from 9.1.0 to 9.1.1 (#400)
• ef06691 build(deps): bump fast-xml-parser from 5.5.7 to 5.7.1 (#402)
• 026702e build(deps): bump filesize from 11.0.15 to 11.0.16 (#399)
• 09d0677 build(deps): bump @​actions/github from 9.0.0 to 9.1.0 (#396)
• 8305c0f node_modules: update (#395)
• 542af03 build(deps): bump lodash from 4.17.23 to 4.18.1 (#394)
• Additional commits viewable in compare view

Updates actions/github-script from 8.0.0 to 9.0.0

Release notes

Sourced from actions/github-script's releases.

v9.0.0

New features:

• getOctokit factory function — Available directly in the script context. Create additional authenticated Octokit clients with different tokens for multi-token workflows, GitHub App tokens, and cross-org access. See Creating additional clients with getOctokit for details and examples.
• Orchestration ID in user-agent — The ACTIONS_ORCHESTRATION_ID environment variable is automatically appended to the user-agent string for request tracing.

Breaking changes:

• require('@actions/github') no longer works in scripts. The upgrade to @actions/github v9 (ESM-only) means require('@actions/github') will fail at runtime. If you previously used patterns like const { getOctokit } = require('@actions/github') to create secondary clients, use the new injected getOctokit function instead — it's available directly in the script context with no imports needed.
• getOctokit is now an injected function parameter. Scripts that declare const getOctokit = ... or let getOctokit = ... will get a SyntaxError because JavaScript does not allow const/let redeclaration of function parameters. Use the injected getOctokit directly, or use var getOctokit = ... if you need to redeclare it.
• If your script accesses other @actions/github internals beyond the standard github/octokit client, you may need to update those references for v9 compatibility.

What's Changed

• Add ACTIONS_ORCHESTRATION_ID to user-agent string by @​Copilot in actions/github-script#695
• ci: use deployment: false for integration test environments by @​salmanmkc in actions/github-script#712
• feat!: add getOctokit to script context, upgrade @​actions/github v9, @​octokit/core v7, and related packages by @​salmanmkc in actions/github-script#700

New Contributors

• @​Copilot made their first contribution in actions/github-script#695

Full Changelog: actions/github-script@v8.0.0...v9.0.0

Commits

• 3a2844b Merge pull request #700 from actions/salmanmkc/expose-getoctokit + prepare re...
• ca10bbd fix: use @​octokit/core/types import for v7 compatibility
• 86e48e2 merge: incorporate main branch changes
• c108472 chore: rebuild dist for v9 upgrade and getOctokit factory
• afff112 Merge pull request #712 from actions/salmanmkc/deployment-false + fix user-ag...
• ff8117e ci: fix user-agent test to handle orchestration ID
• 81c6b78 ci: use deployment: false to suppress deployment noise from integration tests
• 3953caf docs: update README examples from @​v8 to @​v9, add getOctokit docs and v9 brea...
• c17d55b ci: add getOctokit integration test job
• a047196 test: add getOctokit integration tests via callAsyncFunction
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

Labels

The following labels could not be found: chore-dependabot. Please create it before Dependabot can add it to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

[netlify]

✅ Deploy Preview for openhistoricalmap-ideditor ready!

Name	Link
🔨 Latest commit	b80a432
🔍 Latest deploy log	https://app.netlify.com/projects/openhistoricalmap-ideditor/deploys/6a3ad19f406be00008cf83d6
😎 Deploy Preview	https://deploy-preview-262--openhistoricalmap-ideditor.netlify.app
📱 Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.
🤖 Make changes	Run an agent on this branch

---

To edit notification comments on pull requests, go to your Netlify project configuration.