ci(deps): bump the all group with 2 updates

[dependabot]

Bumps the all group with 2 updates: actions/create-github-app-token and release-drafter/release-drafter.

Updates actions/create-github-app-token from 3.1.1 to 3.2.0

Release notes

Sourced from actions/create-github-app-token's releases.

v3.2.0

3.2.0 (2026-05-12)

Features

• add support for enterprise-level GitHub Apps (#263) (952a2a7)
• support full repository names in repositories input (#372) (85eb8dd)

Bug Fixes

• deps: bump @​actions/core from 3.0.0 to 3.0.1 in the production-dependencies group (#364) (43e5c34)
• validate private-key input (#376) (f24bbd8)

Changelog

Sourced from actions/create-github-app-token's changelog.

Changelog

3.2.0 (2026-05-12)

Features

• add support for enterprise-level GitHub Apps (#263) (952a2a7)
• support full repository names in repositories input (#372) (85eb8dd)

Bug Fixes

• deps: bump @​actions/core from 3.0.0 to 3.0.1 in the production-dependencies group (#364) (43e5c34)
• validate private-key input (#376) (f24bbd8)

Commits

• bcd2ba4 chore(main): release 3.2.0 (#370)
• f24bbd8 fix: validate private-key input (#376)
• 363531b docs: capitalize Git as a proper noun in README (#374)
• fd28011 docs: update procedure to configure Git (#287)
• 85eb8dd feat: support full repository names in repositories input (#372)
• c9aabb8 build(deps-dev): bump yaml from 2.8.3 to 2.8.4 in the development-dependencie...
• e02e816 build(deps-dev): bump undici from 7.24.6 to 8.2.0 (#366)
• 8d835bf build(deps-dev): bump esbuild from 0.27.4 to 0.28.0 in the development-depend...
• 952a2a7 feat: add support for enterprise-level GitHub Apps (#263)
• 43e5c34 fix(deps): bump @​actions/core from 3.0.0 to 3.0.1 in the production-dependenc...
• Additional commits viewable in compare view

Updates release-drafter/release-drafter from 7.2.1 to 7.3.0

Release notes

Sourced from release-drafter/release-drafter's releases.

v7.3.0

What's Changed

New

• feat: recover recently merged PRs missed by associated PRs lag (#1604) @​jetersen
• feat: switch release discovery to ref comparison and explicit missing-baseline warnings (#1570) @​jetersen

Bug Fixes

• fix: restore prerelease-identifier on first run when no prior releases exist (#1602) @​jrbeilke
• fix: prevent using commitish like refs/pull (#1598) @​cchanche

Maintenance

• ci: rebuild dist after codegen so generated PRs include bundle updates (#1605) @​jetersen
• chore: update generated GraphQL types (#1600) @github-actions[bot]
• chore: clarify base repository pr filtering (#1599) @​cchanche

Dependency Updates

• build(deps-dev): bump postcss from 8.5.8 to 8.5.12 (#1597) @dependabot[bot]

Full Changelog: release-drafter/release-drafter@v7.2.1...v7.3.0

Commits

• c2e2804 chore: release v7.3.0
• 0c28acd feat: recover recently merged PRs missed by associated PRs lag (#1604)
• 3052ee0 fix: restore prerelease-identifier on first run when no prior releases exist ...
• 0503d11 ci: rebuild dist after codegen so generated PRs include bundle updates (#1605)
• a553731 chore: update generated GraphQL types (#1600)
• c5dd361 ci: add warning on automatic codegen PRs
• 705c5af ci: add maintenance label to automated codegen updates
• acfaf4f chore: clarify base repository pr filtering (#1599)
• d181a5a fix: prevent using commitish like refs/pull (#1598)
• f188d08 feat: switch release discovery to ref comparison and explicit missing-baselin...
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[dependabot]

Labels

The following labels could not be found: deps/github-actions. Please create it before Dependabot can add it to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

[github-actions]

❌MegaLinter analysis: Error

Descriptor	Linter	Files	Fixed	Errors	Warnings	Elapsed time
❌ ACTION	actionlint	2		1	0	0.31s
✅ EDITORCONFIG	editorconfig-checker	2		0	0	0.25s
✅ REPOSITORY	gitleaks	yes		no	no	0.51s
✅ SPELL	lychee	2		0	0	0.34s
✅ YAML	yamllint	2		0	0	0.31s

Detailed Issues

❌ ACTION / actionlint - 1 error

.github/workflows/release-draft.yml:37:9: shellcheck reported issue in this script: SC2086:info:2:26: Double quote to prevent globbing and word splitting [shellcheck]
   |
37 |         run: |
   |         ^~~~

See detailed reports in MegaLinter artifacts
Set VALIDATE_ALL_CODEBASE: true in mega-linter.yml to validate all sources, not only the diff

MegaLinter is graciously provided by OX Security
Show us your support by starring ⭐ the repository