Bump peter-evans/create-pull-request from 5 to 6

[dependabot[bot]]

Bumps peter-evans/create-pull-request from 5 to 6.

Release notes

Sourced from peter-evans/create-pull-request's releases.

Create Pull Request v6.0.0

Behaviour changes

• The default values for author and committer have changed. See "What's new" below for details. If you are overriding the default values you will not be affected by this change.
• On completion, the action now removes the temporary git remote configuration it adds when using push-to-fork. This should not affect you unless you were using the temporary configuration for some other purpose after the action completes.

What's new

• Updated runtime to Node.js 20
  • The action now requires a minimum version of v2.308.0 for the Actions runner. Update self-hosted runners to v2.308.0 or later to ensure compatibility.
• The default value for author has been changed to ${{ github.actor }} <${{ github.actor_id }}+${{ github.actor }}@users.noreply.github.com>. The change adds the ${{ github.actor_id }}+ prefix to the email address to align with GitHub's standard format for the author email address.
• The default value for committer has been changed to github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com>. This is to align with the default GitHub Actions bot user account.
• Adds input git-token, the Personal Access Token (PAT) that the action will use for git operations. This input defaults to the value of token. Use this input if you would like the action to use a different token for git operations than the one used for the GitHub API.
• push-to-fork now supports pushing to sibling repositories in the same network.
• Previously, when using push-to-fork, the action did not remove temporary git remote configuration it adds during execution. This has been fixed and the configuration is now removed when the action completes.
• If the pull request body is truncated due to exceeding the maximum length, the action will now suffix the body with the message "...[Pull request body truncated]" to indicate that the body has been truncated.
• The action now uses --unshallow only when necessary, rather than as a default argument of git fetch. This should improve performance, particularly for large git repositories with extensive commit history.
• The action can now be executed on one GitHub server and create pull requests on a different GitHub server. Server products include GitHub hosted (github.com), GitHub Enterprise Server (GHES), and GitHub Enterprise Cloud (GHEC). For example, the action can be executed on GitHub hosted and create pull requests on a GHES or GHEC instance.

What's Changed

• Update distribution by @​actions-bot in peter-evans/create-pull-request#2086
• fix crazy-max/ghaction-import-gp parameters by @​fharper in peter-evans/create-pull-request#2177
• Update distribution by @​actions-bot in peter-evans/create-pull-request#2364
• Use checkout v4 by @​okuramasafumi in peter-evans/create-pull-request#2521
• Note about delete-branch by @​dezren39 in peter-evans/create-pull-request#2631
• 98 dependency updates by @​dependabot

New Contributors

• @​fharper made their first contribution in peter-evans/create-pull-request#2177
• @​okuramasafumi made their first contribution in peter-evans/create-pull-request#2521
• @​dezren39 made their first contribution in peter-evans/create-pull-request#2631

Full Changelog: https://github.com/peter-evans/create-pull-request/compare/v5.0.2...v6.0.0

Create Pull Request v5.0.2

⚙️ Fixes an issue that occurs when using push-to-fork and both base and head repositories are in the same org/user account.

What's Changed

• fix: specify head repo by @​peter-evans in peter-evans/create-pull-request#2044
• 20 dependency updates by @​dependabot

Full Changelog: https://github.com/peter-evans/create-pull-request/compare/v5.0.1...v5.0.2

Create Pull Request v5.0.1

What's Changed

• fix: truncate body if exceeds max length by @​peter-evans in peter-evans/create-pull-request#1915
• 12 dependency updates by @​dependabot

Full Changelog: https://github.com/peter-evans/create-pull-request/compare/v5.0.0...v5.0.1

Commits

• a4f52f8 fix: list pulls using the correct head format (#2792)
• 853c071 build(deps-dev): bump eslint from 8.56.0 to 8.57.0 (#2781)
• d2c126e build(deps-dev): bump @​types/node from 18.19.17 to 18.19.18 (#2780)
• 43d39c6 build(deps-dev): bump @​types/node from 18.19.15 to 18.19.17 (#2768)
• 5a9d206 build(deps-dev): bump eslint-plugin-jest from 27.6.3 to 27.9.0 (#2769)
• e0743ed build(deps-dev): bump @​types/node from 18.19.14 to 18.19.15 (#2759)
• e1529cb build(deps): bump peter-evans/create-pull-request from 5 to 6 (#2747)
• aad52e8 build(deps): bump peter-evans/slash-command-dispatch from 3 to 4 (#2748)
• a64ebdd build(deps-dev): bump @​types/node from 18.19.10 to 18.19.14 (#2732)
• 51b40af build(deps-dev): bump prettier from 3.2.4 to 3.2.5 (#2731)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[github-actions[bot]]

🦙 MegaLinter status: ❌ ERROR

Descriptor	Linter	Files	Fixed	Errors	Elapsed time
⚠️ ACTION	actionlint	1		1	0.01s
✅ COPYPASTE	jscpd	yes		no	0.9s
⚠️ REPOSITORY	checkov	yes		3	15.49s
✅ REPOSITORY	devskim	yes		no	1.81s
✅ REPOSITORY	dustilock	yes		no	0.0s
✅ REPOSITORY	gitleaks	yes		no	0.8s
❌ REPOSITORY	git_diff	yes		1	0.01s
✅ REPOSITORY	grype	yes		no	11.62s
⚠️ REPOSITORY	kics	yes		39	4.96s
✅ REPOSITORY	secretlint	yes		no	1.03s
✅ REPOSITORY	syft	yes		no	0.85s
⚠️ REPOSITORY	trivy	yes		1	6.68s
✅ REPOSITORY	trivy-sbom	yes		no	1.82s
✅ REPOSITORY	trufflehog	yes		no	4.24s
⚠️ SPELL	cspell	2		1	2.67s
❌ SPELL	lychee	1		2	0.94s
✅ YAML	prettier	1	1	0	0.6s
✅ YAML	v8r	1		0	2.29s
✅ YAML	yamllint	1		0	0.66s

See detailed report in MegaLinter reports _Set VALIDATE_ALL_CODEBASE: true in mega-linter.yml to validate all sources, not only the diff_

_MegaLinter is graciously provided by _