build(deps): bump the github-actions group with 2 updates by dependabot[bot] · Pull Request #21280

build(deps): bump the github-actions group with 2 updates by dependabot[bot] · Pull Request #21280 · Homebrew/brew

Bumps the github-actions group with 2 updates: codecov/codecov-action and actions/create-github-app-token.

Updates codecov/codecov-action from 5.5.1 to 5.5.2

Release notes

Sourced from codecov/codecov-action's releases.

v5.5.2

What's Changed

check gpg only when skip-validation = false by @maxweng-sentry in codecov/codecov-action#1894

chore: disable_search alignment by @freemanzMrojo in codecov/codecov-action#1881

chore(release): 5.5.2 by @thomasrockhu-codecov in codecov/codecov-action#1902

New Contributors

@maxweng-sentry made their first contribution in codecov/codecov-action#1894

@freemanzMrojo made their first contribution in codecov/codecov-action#1881

Full Changelog: codecov/codecov-action@v5.5.1...v5.5.2

Changelog

Sourced from codecov/codecov-action's changelog.

v5.5.2

What's Changed

Full Changelog: https://github.com/codecov/codecov-action/compare/v5.5.1..v5.5.2

v5.5.1

What's Changed

fix: overwrite pr number on fork by @thomasrockhu-codecov in codecov/codecov-action#1871

build(deps): bump actions/checkout from 4.2.2 to 5.0.0 by @app/dependabot in codecov/codecov-action#1868

build(deps): bump github/codeql-action from 3.29.9 to 3.29.11 by @app/dependabot in codecov/codecov-action#1867

fix: update to use local app/ dir by @thomasrockhu-codecov in codecov/codecov-action#1872

docs: fix typo in README by @datalater in codecov/codecov-action#1866

Document a codecov-cli version reference example by @webknjaz in codecov/codecov-action#1774

build(deps): bump github/codeql-action from 3.28.18 to 3.29.9 by @app/dependabot in codecov/codecov-action#1861

build(deps): bump ossf/scorecard-action from 2.4.1 to 2.4.2 by @app/dependabot in codecov/codecov-action#1833

Full Changelog: https://github.com/codecov/codecov-action/compare/v5.5.0..v5.5.1

v5.5.0

What's Changed

feat: upgrade wrapper to 0.2.4 by @jviall in codecov/codecov-action#1864

Pin actions/github-script by Git SHA by @martincostello in codecov/codecov-action#1859

fix: check reqs exist by @joseph-sentry in codecov/codecov-action#1835

fix: Typo in README by @spalmurray in codecov/codecov-action#1838

docs: Refine OIDC docs by @spalmurray in codecov/codecov-action#1837

build(deps): bump github/codeql-action from 3.28.17 to 3.28.18 by @app/dependabot in codecov/codecov-action#1829

Full Changelog: https://github.com/codecov/codecov-action/compare/v5.4.3..v5.5.0

v5.4.3

What's Changed

build(deps): bump github/codeql-action from 3.28.13 to 3.28.17 by @app/dependabot in codecov/codecov-action#1822

fix: OIDC on forks by @joseph-sentry in codecov/codecov-action#1823

Full Changelog: https://github.com/codecov/codecov-action/compare/v5.4.2..v5.4.3

v5.4.2

... (truncated)

Commits

671740a chore(release): 5.5.2 (#1902)
96b38e9 chore: disable_search alignment (#1881)
9b6d1f8 check gpg only when skip-validation = false (#1894)
See full diff in compare view

Updates actions/create-github-app-token from 2.2.0 to 2.2.1

Release notes

Sourced from actions/create-github-app-token's releases.

v2.2.1

2.2.1 (2025-12-05)

Bug Fixes

deps: bump the production-dependencies group with 2 updates (#311) (b212e6a)

Commits

29824e6 build(release): 2.2.1 [skip ci]
b212e6a fix(deps): bump the production-dependencies group with 2 updates (#311)
8efbf9b ci: create stale workflow (#309)
See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions