Bump the compatible group with 4 updates

dependabot[bot] · web-flow · commit 2469a44d0628 · 2026-06-03T16:35:01.000Z
Bumps the compatible group with 4 updates: [actions/create-github-app-token](https://github.com/actions/create-github-app-token), [frequenz-floss/gh-action-dependabot-migrate](https://github.com/frequenz-floss/gh-action-dependabot-migrate), [actions/checkout](https://github.com/actions/checkout) and [actions/labeler](https://github.com/actions/labeler). Updates `actions/create-github-app-token` from 3.1.1 to 3.2.0 - [Release notes](https://github.com/actions/create-github-app-token/releases) - [Changelog](https://github.com/actions/create-github-app-token/blob/main/CHANGELOG.md) - [Commits](actions/create-github-app-token@1b10c78...bcd2ba4) Updates `frequenz-floss/gh-action-dependabot-migrate` from 1.1.1 to 1.2.1 - [Release notes](https://github.com/frequenz-floss/gh-action-dependabot-migrate/releases) - [Commits](frequenz-floss/gh-action-dependabot-migrate@45994e1...eb100d3) Updates `actions/checkout` from 6.0.2 to 6.0.3 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@de0fac2...df4cb1c) Updates `actions/labeler` from 6.0.1 to 6.1.0 - [Release notes](https://github.com/actions/labeler/releases) - [Commits](actions/labeler@634933e...f27b608) --- updated-dependencies: - dependency-name: actions/create-github-app-token dependency-version: 3.2.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: compatible - dependency-name: frequenz-floss/gh-action-dependabot-migrate dependency-version: 1.2.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: compatible - dependency-name: actions/checkout dependency-version: 6.0.3 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: compatible - dependency-name: actions/labeler dependency-version: 6.1.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: compatible ... Signed-off-by: dependabot[bot] <support@github.com>
diff --git a/.github/workflows/auto-dependabot.yaml b/.github/workflows/auto-dependabot.yaml
@@ -28,7 +28,7 @@ jobs:
     steps:
       - name: Generate GitHub App token
         id: app-token
-        uses: actions/create-github-app-token@1b10c78c7865c340bc4f6099eb2f838309f1e8c3 # v3.1.1
+        uses: actions/create-github-app-token@bcd2ba49218906704ab6c1aa796996da409d3eb1 # v3.2.0
         with:
           app-id: ${{ secrets.FREQUENZ_AUTO_DEPENDABOT_APP_ID }}
           private-key: ${{ secrets.FREQUENZ_AUTO_DEPENDABOT_APP_PRIVATE_KEY }}
diff --git a/.github/workflows/black-migration.yaml b/.github/workflows/black-migration.yaml
@@ -55,7 +55,7 @@ jobs:
     steps:
       - name: Generate token
         id: create-app-token
-        uses: actions/create-github-app-token@1b10c78c7865c340bc4f6099eb2f838309f1e8c3 # v3.1.1
+        uses: actions/create-github-app-token@bcd2ba49218906704ab6c1aa796996da409d3eb1 # v3.2.0
         with:
           app-id: ${{ secrets.FREQUENZ_AUTO_DEPENDABOT_APP_ID }}
           private-key: ${{ secrets.FREQUENZ_AUTO_DEPENDABOT_APP_PRIVATE_KEY }}
@@ -66,7 +66,7 @@ jobs:
           # Read/update pull request metadata and labels.
           permission-pull-requests: write
       - name: Migrate
-        uses: frequenz-floss/gh-action-dependabot-migrate@45994e185a9040449304a470e8f02d0e197873b4  # v1.1.1
+        uses: frequenz-floss/gh-action-dependabot-migrate@eb100d3cf732b4808a7776eee8f303521efd494b  # v1.2.1
         with:
           migration-script: |
             import os
diff --git a/.github/workflows/ci-pr.yaml b/.github/workflows/ci-pr.yaml
@@ -34,7 +34,7 @@ jobs:
         uses: frequenz-floss/gh-action-setup-git@f9d86a01228ee1cadaac5224d4d7626f1eb23f90 # v1.0.0
 
       - name: Fetch sources
-        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
+        uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
         with:
           submodules: true
 
diff --git a/.github/workflows/ci.yaml b/.github/workflows/ci.yaml
@@ -83,7 +83,7 @@ jobs:
         uses: frequenz-floss/gh-action-setup-git@f9d86a01228ee1cadaac5224d4d7626f1eb23f90 # v1.0.0
 
       - name: Fetch sources
-        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
+        uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
         with:
           submodules: true
 
@@ -181,7 +181,7 @@ jobs:
         uses: frequenz-floss/gh-action-setup-git@f9d86a01228ee1cadaac5224d4d7626f1eb23f90 # v1.0.0
 
       - name: Fetch sources
-        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
+        uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
         with:
           submodules: true
 
@@ -221,7 +221,7 @@ jobs:
         uses: frequenz-floss/gh-action-setup-git@f9d86a01228ee1cadaac5224d4d7626f1eb23f90 # v1.0.0
 
       - name: Fetch sources
-        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
+        uses: actions/checkout@df4cb1c069e1874edd31b4311f1884172cec0e10 # v6.0.3
         with:
           submodules: true
 
diff --git a/.github/workflows/labeler.yml b/.github/workflows/labeler.yml
@@ -20,7 +20,7 @@ jobs:
         # only use hashes to pick the action to execute (instead of tags or branches).
         # For more details read:
         # https://securitylab.github.com/research/github-actions-preventing-pwn-requests/
-        uses: actions/labeler@634933edcd8ababfe52f92936142cc22ac488b1b  # 6.0.1
+        uses: actions/labeler@f27b608878404679385c85cfa523b85ccb86e213  # 6.1.0
         with:
           repo-token: "${{ secrets.GITHUB_TOKEN }}"
           dot: true
diff --git a/.github/workflows/repo-config-migration.yaml b/.github/workflows/repo-config-migration.yaml
@@ -45,7 +45,7 @@ jobs:
     steps:
       - name: Generate token
         id: create-app-token
-        uses: actions/create-github-app-token@1b10c78c7865c340bc4f6099eb2f838309f1e8c3 # v3.1.1
+        uses: actions/create-github-app-token@bcd2ba49218906704ab6c1aa796996da409d3eb1 # v3.2.0
         with:
           app-id: ${{ secrets.FREQUENZ_AUTO_DEPENDABOT_APP_ID }}
           private-key: ${{ secrets.FREQUENZ_AUTO_DEPENDABOT_APP_PRIVATE_KEY }}
@@ -58,7 +58,7 @@ jobs:
           # Allow pushes when migration changes workflow files.
           permission-workflows: write
       - name: Migrate
-        uses: frequenz-floss/gh-action-dependabot-migrate@45994e185a9040449304a470e8f02d0e197873b4 # v1.1.1
+        uses: frequenz-floss/gh-action-dependabot-migrate@eb100d3cf732b4808a7776eee8f303521efd494b # v1.2.1
         with:
           script-url-template: >-
             https://raw.githubusercontent.com/frequenz-floss/frequenz-repo-config-python/{version}/cookiecutter/migrate.py
