Bump the actions group across 1 directory with 3 updates

[dependabot]

Bumps the actions group with 3 updates in the / directory: crate-ci/typos, mikefarah/yq and taiki-e/create-gh-release-action.

Updates crate-ci/typos from 1.44.0 to 1.46.0

Release notes

Sourced from crate-ci/typos's releases.

v1.46.0

[1.46.0] - 2026-04-30

Features

• Updated the dictionary with the April 2026 changes

v1.45.2

[1.45.2] - 2026-04-27

Fixes

• Ignore ssh ed25519 public keys

v1.45.1

[1.45.1] - 2026-04-13

Fixes

• (action) Use a temp dir for caching

v1.45.0

[1.45.0] - 2026-04-01

Features

• Updated the dictionary with the March 2026 changes

Changelog

Sourced from crate-ci/typos's changelog.

Change Log

All notable changes to this project will be documented in this file.

The format is based on Keep a Changelog and this project adheres to Semantic Versioning.

[Unreleased] - ReleaseDate

[1.46.0] - 2026-04-30

Features

• Updated the dictionary with the April 2026 changes

[1.45.2] - 2026-04-27

Fixes

• Ignore ssh ed25519 public keys

[1.45.1] - 2026-04-13

Fixes

• (action) Use a temp dir for caching

[1.45.0] - 2026-04-01

Features

• Updated the dictionary with the March 2026 changes

[1.44.0] - 2026-02-27

Features

• Updated the dictionary with the February 2026 changes

[1.43.5] - 2026-02-16

Fixes

• (pypi) Hopefully fix the sdist build

[1.43.4] - 2026-02-09

Fixes

• Don't correct pincher

... (truncated)

Commits

• bbaefad chore: Release
• c19f54c chore: Release
• d65608b docs: Update changelog
• c6f8f5e Merge pull request #1546 from epage/april
• da5e97e feat(dict): April updates
• 7c57295 chore: Release
• b5056d6 docs: Update changelog
• a063c3f Merge pull request #1544 from epage/pub
• 5d5e80b fix(tokens): Ignore ssh ed25519 pub keys
• 4da614b test(tokens): Show parsing of a public key
• Additional commits viewable in compare view

Updates mikefarah/yq from 4.52.4 to 4.53.2

Release notes

Sourced from mikefarah/yq's releases.

v4.53.2

• Releases and tags now signed and immutable!
• Add system(command; args) operator (disabled by default) (#2640)
• TOML encoder: prefer readable table sections over inline tables (#2649)
• Fix TOML encoder to quote keys containing special characters (#2648)
• Add string slicing support (#2639)
• Fix findInArray misuse on MappingNodes in equality and contains (#2645) Thanks @​jandubois!
• Fix panic on negative slice indices that underflow after adjustment (#2646) Thanks @​jandubois!
• Fix stack overflow from circular alias in traverse (#2647) Thanks @​jandubois!
• Fix panic and OOM in repeatString for large repeat counts (#2644) Thanks @​jandubois!
• Bumped dependencies

v4.52.5

• Fix: reset TOML decoder state between files (#2634) thanks @​terminalchai
• Fix: preserve original filename when using --front-matter (#2613) thanks @​cobyfrombrooklyn-bot
• Fix typo in filename (#2611) thanks @​alexandear
• Bumped dependencies

Changelog

Sourced from mikefarah/yq's changelog.

4.53.2:

• Fixing release process

4.53.1:

• Releases and tags now signed and immutable!
• Add system(command; args) operator (disabled by default) (#2640)
• TOML encoder: prefer readable table sections over inline tables (#2649)
• Fix TOML encoder to quote keys containing special characters (#2648)
• Add string slicing support (#2639)
• Fix findInArray misuse on MappingNodes in equality and contains (#2645) Thanks @​jandubois!
• Fix panic on negative slice indices that underflow after adjustment (#2646) Thanks @​jandubois!
• Fix stack overflow from circular alias in traverse (#2647) Thanks @​jandubois!
• Fix panic and OOM in repeatString for large repeat counts (#2644) Thanks @​jandubois!
• Bumped dependencies

4.52.5:

• Fix: reset TOML decoder state between files (#2634) thanks @​terminalchai
• Fix: preserve original filename when using --front-matter (#2613) thanks @​cobyfrombrooklyn-bot
• Fix typo in filename (#2611) thanks @​alexandear
• Bumped dependencies

4.52.4:

• Dropping windows/arm - no longer supported in cross-compile

4.52.3:

• Fixing comments in TOML arrays (#2592)
• Bumped dependencies

4.52.2:

• Fixed bad instructions file breaking go-install (#2587) Thanks @​theyoprst
• Fixed TOML table scope after comments (#2588) Thanks @​tomers
• Multiply uses a readonly context (#2558)
• Fixed merge globbing wildcards in keys (#2564)
• Fixing TOML subarray parsing issue (#2581)

4.52.1:

• TOML encoder support - you can now roundtrip! #1364

• Parent now supports negative indices, and added a 'root' command for referencing the top level document

• Fixed scalar encoding for HCL

• Add --yaml-compact-seq-indent / -c flag for compact sequence indentation (#2583) Thanks @​jfenal

• Add symlink check to file rename util (#2576) Thanks @​Elias-elastisys

• Powershell fixed default command used for __completeNoDesc alias (#2568) Thanks @​teejaded

• Unwrap scalars in shell output mode. (#2548) Thanks @​flintwinters

• Added K8S KYAML output format support (#2560) Thanks @​robbat2

• Bumped dependencies

• Special shout out to @​ccoVeille for reviewing my PRs!

... (truncated)

Commits

• 751d8ad Bumping version
• 6dd681a Fixing release signing
• fc7c337 Updating bump version script
• e969dd7 Bumping version
• dc4b4ea Preparing release notes
• 602586d Create scorecard.yml
• 9a0335a fix: restrict GitHub Actions workflow token permissions (OSSF least-privilege...
• 838c516 Trying to test release
• c8f6c1a Updating release to sign checksums
• 0e80383 chore: pin GitHub Actions and Docker base images to full-length hashes (OSSF ...
• Additional commits viewable in compare view

Updates taiki-e/create-gh-release-action from 1.9.2 to 1.11.0

Release notes

Sourced from taiki-e/create-gh-release-action's releases.

1.11.0

• Support powerpc64le/riscv64/s390x Linux host.

• Improve support for AArch64 macOS/Windows host.

• Update parse-changelog to 0.6.16.

• Improve robustness for network failure.

1.10.0

• create-gh-release-action no longer requires token input. This action now uses ${{ github.token }} as the default token, like actions/checkout does.

• Documentation improvements.

1.9.3

• Avoid triggering zizmor ref-confusion when using this action in form of uses: taiki-e/create-gh-release-action@v1.

Changelog

Sourced from taiki-e/create-gh-release-action's changelog.

Changelog

All notable changes to this project will be documented in this file.

This project adheres to Semantic Versioning.

[Unreleased]

[1.11.0] - 2026-04-17

• Support powerpc64le/riscv64/s390x Linux host.

• Improve support for AArch64 macOS/Windows host.

• Update parse-changelog to 0.6.16.

• Improve robustness for network failure.

[1.10.0] - 2026-04-04

• create-gh-release-action no longer requires token input. This action now uses ${{ github.token }} as the default token, like actions/checkout does.

• Documentation improvements.

[1.9.3] - 2026-03-08

• Avoid triggering zizmor ref-confusion when using this action in form of uses: taiki-e/create-gh-release-action@v1.

[1.9.2] - 2026-01-06

• Enable release immutability.

• Update parse-changelog to 0.6.15.

[1.9.1] - 2025-03-29

• Increase version for workaround Dependabot issue.

[1.8.4] - 2025-01-20

• Update parse-changelog to 0.6.11.

[1.8.3] - 2025-01-10

• Update parse-changelog to 0.6.10. This includes performance improvements.

... (truncated)

Commits

• eba8ea9 Release 1.11.0
• 2364fe2 Update parse-changelog to 0.6.16
• 3e9ca3e ci: Update config
• 9eee21b Early unset tokens from env
• 71358cd Revert "Remove duplicated retry"
• ae47206 Update scripts and CI config
• 5ba4ec4 Update readme
• f67cf7b Release 1.10.0
• 0c01e91 Use ${{ github.token }} as default token
• 63c0b8e docs: Reduce scope of write permission
• Additional commits viewable in compare view