From 71f6e46ea19794a48e858226c4cc1f41ad4daf33 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Mon, 29 Jun 2026 19:23:15 +0000 Subject: [PATCH] Bump actions/github-script from 7 to 9 Bumps [actions/github-script](https://github.com/actions/github-script) from 7 to 9. - [Release notes](https://github.com/actions/github-script/releases) - [Commits](https://github.com/actions/github-script/compare/v7...v9) --- updated-dependencies: - dependency-name: actions/github-script dependency-version: '9' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- .github/workflows/pr-integration-on-demand.yml | 8 ++++---- .github/workflows/pr-matrix-on-demand.yml | 8 ++++---- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/.github/workflows/pr-integration-on-demand.yml b/.github/workflows/pr-integration-on-demand.yml index 9fc5a51..ad856c7 100644 --- a/.github/workflows/pr-integration-on-demand.yml +++ b/.github/workflows/pr-integration-on-demand.yml @@ -56,7 +56,7 @@ jobs: mode: ${{ steps.matrix.outputs.mode }} steps: - name: Verify commenter has write permission - uses: actions/github-script@v7 + uses: actions/github-script@v9 with: script: | const { data: perm } = await github.rest.repos.getCollaboratorPermissionLevel({ @@ -73,7 +73,7 @@ jobs: } - name: React 👀 to the trigger comment - uses: actions/github-script@v7 + uses: actions/github-script@v9 with: script: | await github.rest.reactions.createForIssueComment({ @@ -85,7 +85,7 @@ jobs: - name: Resolve PR head SHA id: pr - uses: actions/github-script@v7 + uses: actions/github-script@v9 with: script: | const { data: pr } = await github.rest.pulls.get({ @@ -209,7 +209,7 @@ jobs: - name: Comment outcome on the PR if: always() - uses: actions/github-script@v7 + uses: actions/github-script@v9 with: script: | const ok = '${{ needs.integration-tests.result }}' === 'success'; diff --git a/.github/workflows/pr-matrix-on-demand.yml b/.github/workflows/pr-matrix-on-demand.yml index 5dda271..c0bfa75 100644 --- a/.github/workflows/pr-matrix-on-demand.yml +++ b/.github/workflows/pr-matrix-on-demand.yml @@ -46,7 +46,7 @@ jobs: # external user commenting on a fork PR could burn our CI minutes # and potentially exfiltrate secrets via a malicious build. - name: Verify commenter has write permission - uses: actions/github-script@v7 + uses: actions/github-script@v9 with: script: | const { data: perm } = await github.rest.repos.getCollaboratorPermissionLevel({ @@ -64,7 +64,7 @@ jobs: # Visible feedback to the commenter that we picked up the trigger. - name: React 👀 to the trigger comment - uses: actions/github-script@v7 + uses: actions/github-script@v9 with: script: | await github.rest.reactions.createForIssueComment({ @@ -79,7 +79,7 @@ jobs: # firing on closed PRs is almost always a mistake. - name: Resolve PR head SHA id: pr - uses: actions/github-script@v7 + uses: actions/github-script@v9 with: script: | const { data: pr } = await github.rest.pulls.get({ @@ -146,7 +146,7 @@ jobs: runs-on: ubuntu-latest steps: - name: Comment outcome - uses: actions/github-script@v7 + uses: actions/github-script@v9 with: script: | const ok = '${{ needs.verify.result }}' === 'success';