deps: update GitHub action dependencies (major)

[renovate]

This PR contains the following updates:

Package	Type	Update	Change
cachix/install-nix-action	action	major	v27 -> v30
lycheeverse/lychee-action	action	major	v1.10.0 -> v2.0.0
peter-evans/create-pull-request	action	major	v6.1.0 -> v7.0.5
ubuntu	github-runner	major	22.04 -> 24.04

---

Warning

Some dependencies could not be looked up. Check the Dependency Dashboard for more information.

---

Release Notes

cachix/install-nix-action (cachix/install-nix-action)

v30

Compare Source

• Nix: 2.24.7 -> 2.24.9, fixing GHSA-6fjr-mq49-mm2c

v29

Compare Source

Bumps Nix to 2.24.8 to fix CVE-2024-47174

lycheeverse/lychee-action (lycheeverse/lychee-action)

v2.0.0: Version 2.0.0

Compare Source

Breaking Changes

Note: This release improves the action's robustness by changing default behaviors. Changes are only required if you want to opt out of the new failure conditions. Most users won't need to modify their existing configurations.

Fail pipeline on error by default

We've changed the default behavior: pipelines will now fail on broken links automatically. This addresses user feedback that not failing on broken links was unexpected (see issue #​71).

What you need to do:

• Update to version 2 of this action to apply this change.
• Users of the lychee-action@master branch don't need to make any changes, as fail: true has been the default there for a while.
• If you prefer the old behavior, explicitly set fail to false when updating:

- name: Link Checker
  id: lychee
  uses: lycheeverse/lychee-action@v2
  with:
    fail: false  # Don't fail action on broken links

Fail pipeline if no links were found

Similar to the above change, we now fail the pipeline if no links are found during a run. This helps warn users about potential configuration issues.

What you need to do:

• If you expect links to be found in your pipeline run, you don't need to do anything.
• If you expect no links in your pipeline run, you can opt out like this:

- name: Link Checker
  id: lychee
  uses: lycheeverse/lychee-action@v2
  with:
    failIfEmpty: false  # Don't fail action if no links were found

For a more detailed description of the technical aspects behind these changes, please see the full changelog below.

What's Changed

• feat: change to use the full version tag with v-* prefix by @​kemingy in https://github.com/lycheeverse/lychee-action/pull/204
• Add failIfEmpty argument (fixes #​84) by @​mre in https://github.com/lycheeverse/lychee-action/pull/86
• Fail pipeline on error by default (fixes #​71) by @​mre in https://github.com/lycheeverse/lychee-action/pull/85
• Exit in case output is set in args and action input by @​mre in https://github.com/lycheeverse/lychee-action/pull/227
• v1 will automatically use latest version by @​jacobdalamb in https://github.com/lycheeverse/lychee-action/pull/228
• Remove unneeded text by @​jacobdalamb in https://github.com/lycheeverse/lychee-action/pull/229
• Clarify README.md defaults by @​paddyroddy in https://github.com/lycheeverse/lychee-action/pull/230
• Adjust for new asset naming scheme by @​dscho in https://github.com/lycheeverse/lychee-action/pull/234
• Test various lychee versions by @​mre in https://github.com/lycheeverse/lychee-action/pull/235
• Better cleanup of old lychee assets by @​mre in https://github.com/lycheeverse/lychee-action/pull/237
• Bump peter-evans/create-issue-from-file from v4 to v5 by @​AndreiCherniaev in https://github.com/lycheeverse/lychee-action/pull/241
• Remove dots from table by @​AndreiCherniaev in https://github.com/lycheeverse/lychee-action/pull/242
• README: update actions/cache to v4 by @​sebastiaanspeck in https://github.com/lycheeverse/lychee-action/pull/243
• Set exit_code correctly as output by @​sebastiaanspeck in https://github.com/lycheeverse/lychee-action/pull/245
• action: fix failing CI by @​sebastiaanspeck in https://github.com/lycheeverse/lychee-action/pull/246
• Split up steps in action by @​mre in https://github.com/lycheeverse/lychee-action/pull/248
• Bump version to 0.16.x, respect new tag names by @​mre in https://github.com/lycheeverse/lychee-action/pull/249
• Test latest lychee version tag by @​mre in https://github.com/lycheeverse/lychee-action/pull/236

New Contributors

• @​kemingy made their first contribution in https://github.com/lycheeverse/lychee-action/pull/204
• @​paddyroddy made their first contribution in https://github.com/lycheeverse/lychee-action/pull/230
• @​dscho made their first contribution in https://github.com/lycheeverse/lychee-action/pull/234
• @​AndreiCherniaev made their first contribution in https://github.com/lycheeverse/lychee-action/pull/241
• @​sebastiaanspeck made their first contribution in https://github.com/lycheeverse/lychee-action/pull/243

Full Changelog: lycheeverse/lychee-action@v1...v1.11.0

peter-evans/create-pull-request (peter-evans/create-pull-request)

v7.0.5: Create Pull Request v7.0.5

Compare Source

⚙️ Fixes an issue with commit signing to allow it to support symlinks

What's Changed

• fix: support symlinks when commit signing by @​peter-evans in https://github.com/peter-evans/create-pull-request/pull/3359

Full Changelog: peter-evans/create-pull-request@v7.0.4...v7.0.5

v7.0.4: Create Pull Request v7.0.4

Compare Source

⚙️ Fixes an issue with commit signing to allow it to support submodules

What's Changed

• docs: correct suggestion for bot setup by @​henryiii in https://github.com/peter-evans/create-pull-request/pull/3342
• build(deps-dev): bump @​types/jest from 29.5.12 to 29.5.13 by @​dependabot in https://github.com/peter-evans/create-pull-request/pull/3343
• build(deps-dev): bump eslint from 8.57.0 to 8.57.1 by @​dependabot in https://github.com/peter-evans/create-pull-request/pull/3344
• fix: support submodules when commit signing by @​peter-evans in https://github.com/peter-evans/create-pull-request/pull/3354

New Contributors

• @​henryiii made their first contribution in https://github.com/peter-evans/create-pull-request/pull/3342

Full Changelog: peter-evans/create-pull-request@v7.0.3...v7.0.4

v7.0.3: Create Pull Request v7.0.3

Compare Source

⚙️ Fixes an issue with commit signing where commit SHAs have variable lengths when abbreviated.

What's Changed

• fix: disable abbreviated commit shas in diff by @​peter-evans in https://github.com/peter-evans/create-pull-request/pull/3337

Full Changelog: peter-evans/create-pull-request@v7.0.2...v7.0.3

v7.0.2: Create Pull Request v7.0.2

Compare Source

⚙️ Fixes an issue with commit signing when a change was detected as being a rename or copy.

What's Changed

• build(deps-dev): bump @​types/node from 18.19.48 to 18.19.50 by @​dependabot in https://github.com/peter-evans/create-pull-request/pull/3320
• build(deps-dev): bump typescript from 5.5.4 to 5.6.2 by @​dependabot in https://github.com/peter-evans/create-pull-request/pull/3319
• fix: disable diff detection for renames and copies by @​peter-evans in https://github.com/peter-evans/create-pull-request/pull/3330

Full Changelog: peter-evans/create-pull-request@v7.0.1...v7.0.2

v7.0.1: Create Pull Request v7.0.1

Compare Source

⚙️ Fixes an issue affecting one particular use case where the action fails on diff --stat with fatal: ambiguous argument.

What's Changed

• build(deps): bump peter-evans/create-pull-request from 6 to 7 by @​dependabot in https://github.com/peter-evans/create-pull-request/pull/3283
• build(deps-dev): bump @​types/node from 18.19.46 to 18.19.48 by @​dependabot in https://github.com/peter-evans/create-pull-request/pull/3288
• build(deps-dev): bump @​typescript-eslint/parser from 7.17.0 to 7.18.0 by @​dependabot in https://github.com/peter-evans/create-pull-request/pull/3289
• build(deps-dev): bump eslint-plugin-import from 2.29.1 to 2.30.0 by @​dependabot in https://github.com/peter-evans/create-pull-request/pull/3290
• build(deps-dev): bump @​typescript-eslint/eslint-plugin from 7.17.0 to 7.18.0 by @​dependabot in https://github.com/peter-evans/create-pull-request/pull/3291
• fix: handle ambiguous argument failure on diff stat by @​peter-evans in https://github.com/peter-evans/create-pull-request/pull/3312

Full Changelog: peter-evans/create-pull-request@v7.0.0...v7.0.1

v7.0.0: Create Pull Request v7.0.0

Compare Source

✨ Now supports commit signing with bot-generated tokens! See "What's new" below. ✍️🤖

Behaviour changes

• Action input git-token has been renamed branch-token, to be more clear about its purpose. The branch-token is the token that the action will use to create and update the branch.
• The action now handles requests that have been rate-limited by GitHub. Requests hitting a primary rate limit will retry twice, for a total of three attempts. Requests hitting a secondary rate limit will not be retried.
• The pull-request-operation output now returns none when no operation was executed.
• Removed deprecated output environment variable PULL_REQUEST_NUMBER. Please use the pull-request-number action output instead.

What's new

• The action can now sign commits as github-actions[bot] when using GITHUB_TOKEN, or your own bot when using GitHub App tokens. See commit signing for details.
• Action input draft now accepts a new value always-true. This will set the pull request to draft status when the pull request is updated, as well as on creation.
• A new action input maintainer-can-modify indicates whether maintainers can modify the pull request. The default is true, which retains the existing behaviour of the action.
• A new output pull-request-commits-verified returns true or false, indicating whether GitHub considers the signature of the branch's commits to be verified.

What's Changed

• build(deps-dev): bump @​types/node from 18.19.36 to 18.19.39 by @​dependabot in https://github.com/peter-evans/create-pull-request/pull/3000
• build(deps-dev): bump ts-jest from 29.1.5 to 29.2.0 by @​dependabot in https://github.com/peter-evans/create-pull-request/pull/3008
• build(deps-dev): bump prettier from 3.3.2 to 3.3.3 by @​dependabot in https://github.com/peter-evans/create-pull-request/pull/3018
• build(deps-dev): bump ts-jest from 29.2.0 to 29.2.2 by @​dependabot in https://github.com/peter-evans/create-pull-request/pull/3019
• build(deps-dev): bump eslint-plugin-prettier from 5.1.3 to 5.2.1 by @​dependabot in https://github.com/peter-evans/create-pull-request/pull/3035
• build(deps-dev): bump @​types/node from 18.19.39 to 18.19.41 by @​dependabot in https://github.com/peter-evans/create-pull-request/pull/3037
• build(deps): bump undici from 6.19.2 to 6.19.4 by @​dependabot in https://github.com/peter-evans/create-pull-request/pull/3036
• build(deps-dev): bump ts-jest from 29.2.2 to 29.2.3 by @​dependabot in https://github.com/peter-evans/create-pull-request/pull/3038
• build(deps-dev): bump @​types/node from 18.19.41 to 18.19.42 by @​dependabot in https://github.com/peter-evans/create-pull-request/pull/3070
• build(deps): bump undici from 6.19.4 to 6.19.5 by @​dependabot in https://github.com/peter-evans/create-pull-request/pull/3086
• build(deps-dev): bump @​types/node from 18.19.42 to 18.19.43 by @​dependabot in https://github.com/peter-evans/create-pull-request/pull/3087
• build(deps-dev): bump ts-jest from 29.2.3 to 29.2.4 by @​dependabot in https://github.com/peter-evans/create-pull-request/pull/3088
• build(deps): bump undici from 6.19.5 to 6.19.7 by @​dependabot in https://github.com/peter-evans/create-pull-request/pull/3145
• build(deps-dev): bump @​types/node from 18.19.43 to 18.19.44 by @​dependabot in https://github.com/peter-evans/create-pull-request/pull/3144
• Update distribution by @​actions-bot in https://github.com/peter-evans/create-pull-request/pull/3154
• build(deps): bump undici from 6.19.7 to 6.19.8 by @​dependabot in https://github.com/peter-evans/create-pull-request/pull/3213
• build(deps-dev): bump @​types/node from 18.19.44 to 18.19.45 by @​dependabot in https://github.com/peter-evans/create-pull-request/pull/3214
• Update distribution by @​actions-bot in https://github.com/peter-evans/create-pull-request/pull/3221
• build(deps-dev): bump eslint-import-resolver-typescript from 3.6.1 to 3.6.3 by @​dependabot in https://github.com/peter-evans/create-pull-request/pull/3255
• build(deps-dev): bump @​types/node from 18.19.45 to 18.19.46 by @​dependabot in https://github.com/peter-evans/create-pull-request/pull/3254
• build(deps-dev): bump ts-jest from 29.2.4 to 29.2.5 by @​dependabot in https://github.com/peter-evans/create-pull-request/pull/3256
• v7 - signed commits by @​peter-evans in https://github.com/peter-evans/create-pull-request/pull/3057

New Contributors

• @​rustycl0ck made their first contribution in https://github.com/peter-evans/create-pull-request/pull/3057

Full Changelog: peter-evans/create-pull-request@v6.1.0...v7.0.0

---

Configuration

📅 Schedule: Branch creation - "before 8am on tuesday" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[netlify]

✅ Deploy Preview for constellation-docs ready!

Name	Link
🔨 Latest commit	4cf0153
🔍 Latest deploy log	https://app.netlify.com/sites/constellation-docs/deploys/67064db069b9a70008ac4b6c
😎 Deploy Preview	https://deploy-preview-3399--constellation-docs.netlify.app
📱 Preview on mobile	Toggle QR Code... Use your smartphone camera to open QR code link.

---

To edit notification comments on pull requests, go to your Netlify site configuration.

[burgerdev]

• ✔️ https://github.com/peter-evans/create-pull-request/blob/main/docs/updating.md#updating-from-v6-to-v7
• ✔️ https://github.com/lycheeverse/lychee-action/releases/tag/v2.0.0
• cachix/install-nix-action upgrades nix and is otherwise not remarkable
• Ubuntu upgrade: we'll see :)