build(deps): bump the github-actions-dependencies group across 1 directory with 10 updates

.github/linters/.jscpd.json

@@ -1,3 +1,3 @@
 {
-  "ignore": ["**/dist/**"]
+  "ignore": ["**/dist/**", "**/node_modules/**", "**/coverage/**"]
 }

.github/workflows/__check-action.yml

@@ -3,9 +3,7 @@ name: Internal - Tests for action
 on:
   workflow_call:
 
-permissions:
-  contents: read
-  issues: write
+permissions: {}
 
 env:
   TEST_VALID_ISSUE_NUMBER: "6" # This issue number should be valid
@@ -15,8 +13,13 @@ jobs:
   test-action-with-valid-issue:
     runs-on: ubuntu-latest
     name: Test with valid issue
+    permissions:
+      contents: read
+      issues: write
     steps:
-      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
+      - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
+        with:
+          persist-credentials: false
 
       - id: get-issue-body
         uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0
@@ -58,8 +61,13 @@ jobs:
   test-action-with-invalid-issue:
     runs-on: ubuntu-latest
     name: Test with invalid issue
+    permissions:
+      contents: read
+      issues: write
     steps:
-      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
+      - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
+        with:
+          persist-credentials: false
 
       - id: get-issue-body
         uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0

.github/workflows/__check-dist.yml

@@ -12,8 +12,11 @@ jobs:
     permissions:
       contents: read
     steps:
-      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
-      - uses: hoverkraft-tech/ci-github-nodejs/actions/setup-node@32a69b7b8fd5f7ab7bf656e7e88aa90ad235cf8d # 0.18.0
+      - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
+        with:
+          persist-credentials: false
+
+      - uses: hoverkraft-tech/ci-github-nodejs/actions/setup-node@80acfc9bc4dd87030d73006dee4c788ed9af1fb0 # 0.20.1
 
       - name: Build dist/ Directory
         id: package
@@ -28,13 +31,3 @@ jobs:
             git diff --ignore-space-at-eol --text dist/
             exit 1
           fi
-
-      # If `dist/` was different than expected, and this was not a Dependabot
-      # PR, upload the expected version as a workflow artifact.
-      - if: ${{ failure() && steps.diff.outcome == 'failure' }}
-        name: Upload Artifact
-        id: upload
-        uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0
-        with:
-          name: dist
-          path: dist/

.github/workflows/__check-nodejs.yml

@@ -3,17 +3,15 @@ name: Internal - Checks for nodejs
 on:
   workflow_call:
 
-permissions:
-  contents: read
-  security-events: write
-  id-token: write
+permissions: {}
 
 jobs:
   test-nodejs:
-    uses: hoverkraft-tech/ci-github-nodejs/.github/workflows/continuous-integration.yml@32a69b7b8fd5f7ab7bf656e7e88aa90ad235cf8d # 0.18.0
+    uses: hoverkraft-tech/ci-github-nodejs/.github/workflows/continuous-integration.yml@80acfc9bc4dd87030d73006dee4c788ed9af1fb0 # 0.20.1
     permissions:
       contents: read
       id-token: write
+      packages: read
       pull-requests: write
       security-events: write
     with:

.github/workflows/__shared-ci.yml

@@ -7,7 +7,7 @@ permissions: {}
 
 jobs:
   linter:
-    uses: hoverkraft-tech/ci-github-common/.github/workflows/linter.yml@753288393de1f3d92f687a6761d236ca800f5306 # 0.28.1
+    uses: hoverkraft-tech/ci-github-common/.github/workflows/linter.yml@c314229c3ca6914f7023ffca7afc26753ab99b41 # 0.30.1
     permissions:
       actions: read
       contents: read
@@ -32,6 +32,7 @@ jobs:
     permissions:
       contents: read
       id-token: write
+      packages: read
       pull-requests: write
       security-events: write
     secrets: inherit

.github/workflows/greetings.yml

@@ -6,11 +6,12 @@ on:
   pull_request_target:
     branches: [main]
 
-permissions:
-  contents: read
-  issues: write
-  pull-requests: write
+permissions: {}
 
 jobs:
   greetings:
-    uses: hoverkraft-tech/ci-github-common/.github/workflows/greetings.yml@753288393de1f3d92f687a6761d236ca800f5306 # 0.28.1
+    uses: hoverkraft-tech/ci-github-common/.github/workflows/greetings.yml@c314229c3ca6914f7023ffca7afc26753ab99b41 # 0.30.1
+    permissions:
+      contents: read
+      issues: write
+      pull-requests: write

.github/workflows/main-ci.yml

@@ -19,6 +19,7 @@ jobs:
       contents: read
       id-token: write
       issues: write
+      packages: read
       pull-requests: write
       security-events: write
       statuses: write
@@ -30,18 +31,21 @@ jobs:
     permissions:
       contents: read
     steps:
-      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
+      - uses: actions/checkout@1af3b93b6815bc44a9784bd300feb67ff0d1eeb3 # v6.0.0
+        with:
+          persist-credentials: false
+
       - uses: hoverkraft-tech/ci-dokumentor@c46a1a108957237cf485103a80b060c35c7dba33 # 0.2.2
         with:
           source: action.yml
 
-      - uses: actions/create-github-app-token@67018539274d69449ef7c02e8e71183d1719ab42 # v2.1.4
+      - uses: actions/create-github-app-token@7e473efe3cb98aa54f8d4bac15400b15fad77d94 # v2.2.0
         id: generate-token
         with:
           app-id: ${{ vars.CI_BOT_APP_ID }}
           private-key: ${{ secrets.CI_BOT_APP_PRIVATE_KEY }}
 
-      - uses: hoverkraft-tech/ci-github-common/actions/create-and-merge-pull-request@753288393de1f3d92f687a6761d236ca800f5306 # 0.28.1
+      - uses: hoverkraft-tech/ci-github-common/actions/create-and-merge-pull-request@c314229c3ca6914f7023ffca7afc26753ab99b41 # 0.30.1
         with:
           github-token: ${{ steps.generate-token.outputs.token }}
           branch: docs/actions-workflows-documentation-update

.github/workflows/need-fix-to-issue.yml

@@ -16,17 +16,14 @@ on:
           To go back further, enter an earlier SHA here.
         required: false
 
-permissions:
-  contents: read
-  issues: write
-
-concurrency:
-  group: ${{ github.workflow }}-${{ github.ref }}
-  cancel-in-progress: true
+permissions: {}
 
 jobs:
   main:
-    uses: hoverkraft-tech/ci-github-common/.github/workflows/need-fix-to-issue.yml@753288393de1f3d92f687a6761d236ca800f5306 # 0.28.1
+    uses: hoverkraft-tech/ci-github-common/.github/workflows/need-fix-to-issue.yml@c314229c3ca6914f7023ffca7afc26753ab99b41 # 0.30.1
+    permissions:
+      contents: read
+      issues: write
     with:
       manual-commit-ref: ${{ inputs.manual-commit-ref }}
       manual-base-ref: ${{ inputs.manual-base-ref }}

.github/workflows/pull-request-ci.yml

@@ -19,6 +19,7 @@ jobs:
       contents: read
       id-token: write
       issues: write
+      packages: read
       pull-requests: write
       security-events: write
       statuses: write

.github/workflows/semantic-pull-request.yml

@@ -7,10 +7,11 @@ on:
       - edited
       - synchronize
 
-permissions:
-  contents: write
-  pull-requests: write
+permissions: {}
 
 jobs:
   main:
-    uses: hoverkraft-tech/ci-github-common/.github/workflows/semantic-pull-request.yml@753288393de1f3d92f687a6761d236ca800f5306 # 0.28.1
+    uses: hoverkraft-tech/ci-github-common/.github/workflows/semantic-pull-request.yml@c314229c3ca6914f7023ffca7afc26753ab99b41 # 0.30.1
+    permissions:
+      contents: write
+      pull-requests: write

.github/workflows/stale.yml

@@ -4,10 +4,11 @@ on:
   schedule:
     - cron: "30 1 * * *"
 
-permissions:
-  issues: write
-  pull-requests: write
+permissions: {}
 
 jobs:
   main:
-    uses: hoverkraft-tech/ci-github-common/.github/workflows/stale.yml@753288393de1f3d92f687a6761d236ca800f5306 # 0.28.1
+    uses: hoverkraft-tech/ci-github-common/.github/workflows/stale.yml@c314229c3ca6914f7023ffca7afc26753ab99b41 # 0.30.1
+    permissions:
+      issues: write
+      pull-requests: write

package.json

@@ -29,6 +29,8 @@
     "package:index": "ncc build src/index.ts -o dist --license licenses.txt",
     "package:watch": "npm run package -- --watch",
     "lint": "eslint \"src/**/*.{ts,tsx}\"",
+    "lint:fix": "npm run lint -- --fix",
+    "lint:ci": "npm run lint -- --output-file=eslint-report.json --format=json",
     "all": "npm run format && npm run lint && npm run test && npm run package",
     "build": "tsc --noEmit",
     "format": "prettier --cache --write '**/*.ts'",