build(deps): bump the github-actions group across 1 directory with 3 updates

[dependabot]

Bumps the github-actions group with 3 updates in the / directory: actions/create-github-app-token, google/osv-scanner-action and EnricoMi/publish-unit-test-result-action.

Updates actions/create-github-app-token from 1.12.0 to 2.0.2

Release notes

Sourced from actions/create-github-app-token's releases.

v2.0.2

2.0.2 (2025-04-03)

Bug Fixes

• improve log messages for token creation (#226) (eaef294)

v2.0.1

2.0.1 (2025-04-03)

Bug Fixes

• deps: bump the production-dependencies group across 1 directory with 2 updates (#228) (2411bfc)

v2.0.0

2.0.0 (2025-04-03)

• feat!: remove deprecated inputs (#213) (5cc811b)

BREAKING CHANGES

• Removed deprecated inputs (app_id, private_key, skip_token_revoke) and made app-id and private-key required in the action configuration.

Commits

• 3ff1caa build(release): 2.0.2 [skip ci]
• eaef294 fix: improve log messages for token creation (#226)
• 86e2496 build(release): 2.0.1 [skip ci]
• 2411bfc fix(deps): bump the production-dependencies group across 1 directory with 2 u...
• f17d09a build(deps-dev): bump the development-dependencies group with 3 updates (#225)
• e250d17 ci(update-permission-inputs): add permissions (#230)
• ed258b4 Rename workflow
• 5c652ca Update update-inputs.yml
• 60ee75d ci(update-inputs): create initial version (#229)
• 064492a build(release): 2.0.0 [skip ci]
• Additional commits viewable in compare view

Updates google/osv-scanner-action from 2.0.0 to 2.0.1

Release notes

Sourced from google/osv-scanner-action's releases.

v2.0.1

What's Changed

• Update to v2.0.1 by @​michaelkedar in google/osv-scanner-action#69

Full Changelog: google/osv-scanner-action@v2.0.0...v2.0.1

Commits

• 6fc7144 Merge pull request #69 from google/update-to-v2.0.1
• ce2f529 Update unified workflow example to point to v2.0.1 reusable workflows
• afa2aef Update reusable workflows to point to v2.0.1 actions
• 19734b4 Update actions to use v2.0.1 osv-scanner image
• See full diff in compare view

Updates EnricoMi/publish-unit-test-result-action from 2.18.0 to 2.19.0

Release notes

Sourced from EnricoMi/publish-unit-test-result-action's releases.

v2.19.0

Adds the following improvements:

• Add option to verify SSL/TLS connection (#638)
• Mention composite replacement in README.md (#647)
• Quote $PYTHON_BIN in deprecated composite action (#646)

Commits

• afb2984 Releasing v2.19.0
• a197a47 Add option to verify SSL/TLS connection (#638)
• e2824a5 Add composite replacement to README.md (#647)
• 6cc8c3c Quote $PYTHON_BIN in deprecated composite action (#646)
• 11089df Fix YAML syntax in README.md
• 94749bd Add Windows 2025 to CI (#642)
• ab75628 Remove macos-12 from CI
• 0bce8a1 Ignore failure offlaky vulnerability scan
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[CLAassistant]

Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you sign our Contributor License Agreement before we can accept your contribution.
_{You have signed the CLA already but the status is still pending? Let us recheck it.}

[github-actions]

CT Test Results

  1 files   11 suites   2m 21s ⏱️
 91 tests  87 ✅ 4 💤 0 ❌
106 runs  102 ✅ 4 💤 0 ❌

Results for commit 1ed7f6e.

♻️ This comment has been updated with latest results.

To speed up review, make sure that you have read Contributing to Erlang/OTP and that all checks pass.

See the TESTING and DEVELOPMENT HowTo guides for details about how to run test locally.

Artifacts

• Complete CT logs (Download Logs)
• HTML Documentation (Download HTML Docs)
• Windows Installer

// Erlang/OTP Github Action Bot