build(deps): bump the dependencies group across 1 directory with 2 updates

[dependabot]

Bumps the dependencies group with 2 updates in the / directory: mikepenz/action-junit-report and slackapi/slack-github-action.

Updates mikepenz/action-junit-report from 6.3.0 to 6.4.0

Release notes

Sourced from mikepenz/action-junit-report's releases.

v6.4.0

💬 Other

• Security hardening: Renovate, SHA-pinned actions, least-privilege permissions
  • PR: #1524
• fix: use PR author for commit-dist job condition
  • PR: #1528

📦 Dependencies

• Bump mikepenz/action-gh-release from 1 to 2
  • PR: #1519
• build(deps): upgrade dev dependencies
  • PR: #1520
• Bump flatted from 3.4.1 to 3.4.2 in the npm_and_yarn group across 1 directory
  • PR: #1521
• Bump eslint from 10.0.3 to 10.1.0
  • PR: #1522
• build(deps): bump picomatch from 4.0.3 to 4.0.4 in the npm_and_yarn group across 1 directory
  • PR: #1523
• chore(deps): update github actions updates
  • PR: #1526
• chore: upgrade TypeScript to v6
  • PR: #1529
• chore: pin all dependencies to exact versions
  • PR: #1530
• chore(deps): update dependency serialize-javascript to v7.0.5 [security]
  • PR: #1531
• chore(deps): update dependency webpack to v5.105.4
  • PR: #1532

Contributors:

• @​dependabot[bot], @​mikepenz

v6.3.1

📦 Dependencies

• Upgrade NPM dependencies
  • PR: #1512

Contributors:

• @​mikepenz

Commits

• bccf2e3 chore(deps): update dependency webpack to v5.105.4 (#1532)
• 7576af8 Merge pull request #1531 from mikepenz/renovate/npm-serialize-javascript-vuln...
• cc66c5a chore(deps): update dependency serialize-javascript to v7.0.5 [security]
• b056615 Merge pull request #1530 from mikepenz/chore/pin-exact-deps
• be0d882 chore: pin all dependencies to exact versions
• b6b2e78 Merge pull request #1529 from mikepenz/chore/typescript-6
• 66f0dd1 chore: pin TypeScript to exact version 6.0.2
• 24abd8c chore: upgrade TypeScript to v6
• 653be4f Merge pull request #1526 from mikepenz/renovate/github-actions-updates
• 7f7940d chore: rebuild dist for renovate
• Additional commits viewable in compare view

Updates slackapi/slack-github-action from 2.1.1 to 3.0.1

Release notes

Sourced from slackapi/slack-github-action's releases.

Slack GitHub Action v3.0.1

What's Changed

Alongside the breaking changes of @v3.0.0 and a new technique to run Slack CLI commands, we tried the wrong name to publish to the GitHub Marketplace 🐙 This action is now noted as The Slack GitHub Action in listings 🎶 ✨

🎨 Maintenance

• chore: use a unique title for marketplace in slackapi/slack-github-action#576 - Thanks @​zimeg!
• chore(release): tag version 3.0.1 in slackapi/slack-github-action#577 - Thanks @​zimeg!

Full Changelog: slackapi/slack-github-action@v3.0.0...v3.0.1

Slack GitHub Action v3.0.0

The @v3.0.0 release had a hiccup on publish and we recommend using @​v3.0.1 or a more recent version when updating! Oops!

🎽 Running Slack CLI commands and the active Node runtime, both included in this release 👟 ✨

⚠️ Breaking change: Node.js 24 the runtime

This major version updates the GitHub Actions required runtime to Node.js 24. Most GitHub-hosted runners already include this, but self-hosted runners may need to be updated ahead of planned deprecations of Node 20 on GitHub Actions runners.

📺 Enhancement: Run Slack CLI commands

This release introduces a new technique for running Slack CLI commands directly in GitHub Actions workflows. Use this to install the latest version (or a specific one) of the CLI and execute commands like deploy for merges to main, manifest validate with tests, and other commands.

Gather a token using the following CLI command to store with repo secrets, then get started with an example below:

$ slack auth token

🧪 Validate an app manifest on pull requests

Check that your app manifest is valid before merging changes:

🔗 https://docs.slack.dev/tools/slack-github-action/sending-techniques/running-slack-cli-commands/validate-a-manifest

- name: Validate the manifest
  uses: slackapi/slack-github-action/cli@v3.0.0
  with:
    command: "manifest validate --app ${{ vars.SLACK_APP_ID }}"
    token: ${{ secrets.SLACK_SERVICE_TOKEN }}

🚀 Deploy your app on push to main

Automate deployments whenever changes land on your main branch:

🔗 https://docs.slack.dev/tools/slack-github-action/sending-techniques/running-slack-cli-commands/deploy-an-app

... (truncated)

Commits

• af78098 Release
• add1a00 chore(release): tag version 3.0.1 (#577)
• 2bc9e7a chore: use a unique title for marketplace (#576)
• c5d43da chore(release): tag version 3.0.0 (#575)
• 963b979 build(deps): bump @​slack/web-api from 7.14.1 to 7.15.0 (#574)
• 90b7328 build(deps): bump @​slack/logger from 4.0.0 to 4.0.1 (#573)
• e45cb89 feat: support slack cli commands with composite action inputs (#560)
• 0aed2c2 build(deps): bump https-proxy-agent from 7.0.6 to 8.0.0 (#572)
• 4795f96 build(deps-dev): bump sinon from 21.0.1 to 21.0.2 (#571)
• bd9e2ce build(deps): bump actions/setup-node from 6.2.0 to 6.3.0 (#569)
• Additional commits viewable in compare view

[github-actions]

☂️ Python Coverage

current status: ✅

Overall Coverage

Lines	Covered	Coverage	Threshold	Status
1765	1334	76%	65%	🟢

New Files

No new covered files...

Modified Files

No covered modified files...

updated for commit: b1c6795 by action🐍

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

[dependabot]

This pull request was built based on a group rule. Closing it will not ignore any of these versions in future pull requests.

To ignore these dependencies, configure ignore rules in dependabot.yml