From ef9c8adf3e960f72fdbdca7f6da0f6467b7bc48c Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Mon, 11 May 2026 01:51:19 +0000
Subject: [PATCH 1/3] chore(actions): bump the actions-minor-patch group with 3
 updates

Bumps the actions-minor-patch group with 3 updates: [github/codeql-action](https://github.com/github/codeql-action), [pnpm/action-setup](https://github.com/pnpm/action-setup) and [changesets/action](https://github.com/changesets/action).


Updates `github/codeql-action` from 4.35.2 to 4.35.3
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/v4.35.2...v4.35.3)

Updates `pnpm/action-setup` from 6.0.3 to 6.0.5
- [Release notes](https://github.com/pnpm/action-setup/releases)
- [Commits](https://github.com/pnpm/action-setup/compare/v6.0.3...v6.0.5)

Updates `changesets/action` from 1 to 1.7.0
- [Release notes](https://github.com/changesets/action/releases)
- [Changelog](https://github.com/changesets/action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/changesets/action/compare/v1...v1.7.0)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-version: 4.35.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: actions-minor-patch
- dependency-name: pnpm/action-setup
  dependency-version: 6.0.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: actions-minor-patch
- dependency-name: changesets/action
  dependency-version: 1.7.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: actions-minor-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 .github/workflows/codeql.yml  | 4 ++--
 .github/workflows/release.yml | 4 ++--
 .github/workflows/tests.yml   | 4 ++--
 3 files changed, 6 insertions(+), 6 deletions(-)

diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
index dfaeb7fb..0d7786a2 100644
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@@ -31,11 +31,11 @@ jobs:
         uses: actions/checkout@v6
 
       - name: Initialize CodeQL
-        uses: github/codeql-action/init@v4.35.2
+        uses: github/codeql-action/init@v4.35.3
         with:
           languages: ${{ matrix.language }}
 
       - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@v4.35.2
+        uses: github/codeql-action/analyze@v4.35.3
         with:
           category: "/language:${{ matrix.language }}"
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index d3768c9c..f4c8f397 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -22,7 +22,7 @@ jobs:
       - name: Checkout Repo
         uses: actions/checkout@v6
       
-      - uses: pnpm/action-setup@v6.0.3
+      - uses: pnpm/action-setup@v6.0.5
         name: Install pnpm
         with:
           run_install: false
@@ -44,7 +44,7 @@ jobs:
 
       - name: Publish to npm
         id: changesets
-        uses: changesets/action@v1
+        uses: changesets/action@v1.7.0
         with:
           publish: pnpm run release
           commitMode: 'github-api'
diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml
index bedfa0f0..1a2106b0 100644
--- a/.github/workflows/tests.yml
+++ b/.github/workflows/tests.yml
@@ -17,7 +17,7 @@ jobs:
       - name: Checkout Repo
         uses: actions/checkout@v6
 
-      - uses: pnpm/action-setup@v6.0.3
+      - uses: pnpm/action-setup@v6.0.5
         name: Install pnpm
         with:
           run_install: false
@@ -111,7 +111,7 @@ jobs:
       - name: Checkout Repo
         uses: actions/checkout@v6
 
-      - uses: pnpm/action-setup@v6.0.3
+      - uses: pnpm/action-setup@v6.0.5
         name: Install pnpm
         with:
           run_install: false

From a2186f7e8be2ccd0e07d53cf078339cc8a42653b Mon Sep 17 00:00:00 2001
From: Lindsay Holmwood <lindsay@cipherstash.com>
Date: Tue, 12 May 2026 13:27:44 +1000
Subject: [PATCH 2/3] ci: point `pnpm/action-setup` to latest change within
 major version

Co-authored-by: Lindsay Holmwood <lindsay@holmwood.id.au>
---
 .github/workflows/release.yml | 2 +-
 .github/workflows/tests.yml   | 4 ++--
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index f4c8f397..8406052a 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -22,7 +22,7 @@ jobs:
       - name: Checkout Repo
         uses: actions/checkout@v6
       
-      - uses: pnpm/action-setup@v6.0.5
+      - uses: pnpm/action-setup@v6
         name: Install pnpm
         with:
           run_install: false
diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml
index 1a2106b0..94756406 100644
--- a/.github/workflows/tests.yml
+++ b/.github/workflows/tests.yml
@@ -17,7 +17,7 @@ jobs:
       - name: Checkout Repo
         uses: actions/checkout@v6
 
-      - uses: pnpm/action-setup@v6.0.5
+      - uses: pnpm/action-setup@v6
         name: Install pnpm
         with:
           run_install: false
@@ -111,7 +111,7 @@ jobs:
       - name: Checkout Repo
         uses: actions/checkout@v6
 
-      - uses: pnpm/action-setup@v6.0.5
+      - uses: pnpm/action-setup@v6
         name: Install pnpm
         with:
           run_install: false

From ed08dce882d873c9ff659f3bfc77ef035c864e18 Mon Sep 17 00:00:00 2001
From: Lindsay Holmwood <lindsay@cipherstash.com>
Date: Tue, 12 May 2026 13:28:19 +1000
Subject: [PATCH 3/3] ci: point `github/codeql-action` to latest release within
 major version

Co-authored-by: Lindsay Holmwood <lindsay@holmwood.id.au>
---
 .github/workflows/codeql.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/codeql.yml b/.github/workflows/codeql.yml
index 0d7786a2..7ddbf349 100644
--- a/.github/workflows/codeql.yml
+++ b/.github/workflows/codeql.yml
@@ -31,11 +31,11 @@ jobs:
         uses: actions/checkout@v6
 
       - name: Initialize CodeQL
-        uses: github/codeql-action/init@v4.35.3
+        uses: github/codeql-action/init@v4
         with:
           languages: ${{ matrix.language }}
 
       - name: Perform CodeQL Analysis
-        uses: github/codeql-action/analyze@v4.35.3
+        uses: github/codeql-action/init@v4
         with:
           category: "/language:${{ matrix.language }}"