Bump the compatible group with 3 updates

[dependabot]

Bumps the compatible group with 3 updates: actions/create-github-app-token, actions/labeler and frequenz-floss/gh-action-dependabot-migrate.

Updates actions/create-github-app-token from 3.1.1 to 3.2.0

Release notes

Sourced from actions/create-github-app-token's releases.

v3.2.0

3.2.0 (2026-05-12)

Features

• add support for enterprise-level GitHub Apps (#263) (952a2a7)
• support full repository names in repositories input (#372) (85eb8dd)

Bug Fixes

• deps: bump @​actions/core from 3.0.0 to 3.0.1 in the production-dependencies group (#364) (43e5c34)
• validate private-key input (#376) (f24bbd8)

Changelog

Sourced from actions/create-github-app-token's changelog.

Changelog

3.2.0 (2026-05-12)

Features

• add support for enterprise-level GitHub Apps (#263) (952a2a7)
• support full repository names in repositories input (#372) (85eb8dd)

Bug Fixes

• deps: bump @​actions/core from 3.0.0 to 3.0.1 in the production-dependencies group (#364) (43e5c34)
• validate private-key input (#376) (f24bbd8)

Commits

• bcd2ba4 chore(main): release 3.2.0 (#370)
• f24bbd8 fix: validate private-key input (#376)
• 363531b docs: capitalize Git as a proper noun in README (#374)
• fd28011 docs: update procedure to configure Git (#287)
• 85eb8dd feat: support full repository names in repositories input (#372)
• c9aabb8 build(deps-dev): bump yaml from 2.8.3 to 2.8.4 in the development-dependencie...
• e02e816 build(deps-dev): bump undici from 7.24.6 to 8.2.0 (#366)
• 8d835bf build(deps-dev): bump esbuild from 0.27.4 to 0.28.0 in the development-depend...
• 952a2a7 feat: add support for enterprise-level GitHub Apps (#263)
• 43e5c34 fix(deps): bump @​actions/core from 3.0.0 to 3.0.1 in the production-dependenc...
• Additional commits viewable in compare view

Updates actions/labeler from 6.0.1 to 6.1.0

Release notes

Sourced from actions/labeler's releases.

v6.1.0

Enhancements

• Add changed-files-labels-limit and max-files-changed configuration options to cap the number of labels added by @​bluca in actions/labeler#923

Bug Fixes

• Improve Labeler Action documentation and permission error handling by @​chiranjib-swain in actions/labeler#897
• Preserve manually added labels during workflow runs and refine label synchronization logic by @​chiranjib-swain in actions/labeler#917

Dependency Updates

• Upgrade brace-expansion from 1.1.11 to 1.1.12 and document breaking changes in v6 by @​dependabot in actions/labeler#877
• Upgrade minimatch from 10.0.1 to 10.2.3 by @​dependabot in actions/labeler#926
• Upgrade dependencies (@​actions/core, @​actions/github, js-yaml, minimatch, @​typescript-eslint) by @​Copilot in actions/labeler#934

New Contributors

• @​chiranjib-swain made their first contribution in actions/labeler#897
• @​bluca made their first contribution in actions/labeler#923
• @​Copilot made their first contribution in actions/labeler#934

Full Changelog: actions/labeler@v6...v6.1.0

Commits

• f27b608 chore: upgrade dependencies (@​actions/core, @​actions/github, js-yaml, minimat...
• c5dadc2 Add 'changed-files-labels-limit' and 'max-files-changed' configs to allow cap...
• e52e4fb Bump minimatch from 10.0.1 to 10.2.3 (#926)
• 77a4082 Fix: Preserve manually added labels during workflow run and refine label sync...
• 25abb3c Improve Labeler Action Documentation and Error Handling for Permissions (#897)
• 395c8cf Bump brace-expansion from 1.1.11 to 1.1.12 and document breaking changes in v...
• See full diff in compare view

Updates frequenz-floss/gh-action-dependabot-migrate from 1.1.1 to 1.2.1

Release notes

Sourced from frequenz-floss/gh-action-dependabot-migrate's releases.

v1.2.1

What's Changed

• Avoid setting migration labels if committing fails by @​llucax in frequenz-floss/gh-action-dependabot-migrate#22

Full Changelog: frequenz-floss/gh-action-dependabot-migrate@v1.2.0...v1.2.1

v1.2.0

Release Notes

New features

• version-iteration input — controls which intermediate versions are generated during multi-version jumps. Values: "false" (only the target version), "major", "minor", "patch" (iterate semver boundaries). When empty (default), the action preserves the historical v0.x minor iteration behaviour.

• if-no-iterations input — controls what happens when the selected iteration mode produces no versions: "error" fails the action, "pass" treats it as a clean no-op migration. Defaults to "error" under explicit version-iteration modes.

• UPDATED_DEPENDENCIES_JSON env var — The migration script now received the dependabot update details as JSON as provided by dependabot/fetch-metadata.

Bug fixes

• migration_ran output is now "true". When if-no-iterations is "pass" and no versions are generated, enabling downstream labeling and auto-merge to proceed correctly.

Deprecations

• iterate-v0-minors is deprecated. A deprecation warning is emitted when it is explicitly set. Replace iterate-v0-minors: "true" with version-iteration: "minor" (and optionally if-no-iterations: "pass" if same-minor v0.x patch bumps should pass as a no-op). Replace iterate-v0-minors: "false" with version-iteration: "false".

• The implicit v0.x minor iteration default is deprecated. When neither version-iteration nor iterate-v0-minors is set, the action still iterates intermediate v0.x minors (preserving existing behaviour), but now emits a warning. This implicit default will be removed in a future release. Set version-iteration explicitly to silence the warning.

Commits

• eb100d3 Merge pull request #22 from llucax/fix-failure
• 39c2697 Avoid setting migration labels if committing fails
• 27763fb Merge pull request #17 from llucax/version-jumps
• e29b5be Merge pull request #19 from frequenz-floss/dependabot/github_actions/dependab...
• b52f209 Merge pull request #18 from frequenz-floss/dependabot/github_actions/actions/...
• 3f5be00 Bump dependabot/fetch-metadata from 3.0.0 to 3.1.0
• e1b0aea Bump actions/create-github-app-token from 3.0.0 to 3.1.1
• 49eeffd Generalise migration version iteration modes
• f314744 Merge pull request #16 from llucax/export-updated-deps
• 190e5cd Pass updated-dependencies-json to migration scripts
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

Looks like these dependencies are updatable in another way, so this is no longer needed.