Bump the ci group across 1 directory with 7 updates

[dependabot]

Bumps the ci group with 7 updates in the / directory:

Package	From	To
fluxcd/gha-workflows/.github/workflows/backport.yaml	0.4.0	0.5.0
fluxcd/gha-workflows	0.4.0	0.5.0
aws-actions/configure-aws-credentials	5.0.0	5.1.1
docker/login-action	3.5.0	3.6.0
fluxcd/gha-workflows/.github/workflows/controller-release.yaml	0.4.0	0.5.0
fluxcd/gha-workflows/.github/workflows/code-scan.yaml	0.4.0	0.5.0
fluxcd/gha-workflows/.github/workflows/labels-sync.yaml	0.4.0	0.5.0

Updates fluxcd/gha-workflows/.github/workflows/backport.yaml from 0.4.0 to 0.5.0

Release notes

Sourced from fluxcd/gha-workflows/.github/workflows/backport.yaml's releases.

v0.5.0

What's Changed

• Pin cosign to v2.6.1 by @​matheuscscp in fluxcd/gha-workflows#15
• Bump the actions group across 1 directory with 10 updates by @​dependabot[bot] in fluxcd/gha-workflows#19

Full Changelog: fluxcd/gha-workflows@v0.4.0...v0.5.0

Commits

• d76bcc3 Merge pull request #19 from fluxcd/dependabot/github_actions/actions-d2a61c8563
• ddaea4b Bump the actions group across 1 directory with 10 updates
• 0ef1fa4 Merge pull request #15 from fluxcd/pin-cosign-v2.6.1
• bfc7649 Pin cosign to v2.6.1
• See full diff in compare view

Updates fluxcd/gha-workflows from 0.4.0 to 0.5.0

Release notes

Sourced from fluxcd/gha-workflows's releases.

v0.5.0

What's Changed

• Pin cosign to v2.6.1 by @​matheuscscp in fluxcd/gha-workflows#15
• Bump the actions group across 1 directory with 10 updates by @​dependabot[bot] in fluxcd/gha-workflows#19

Full Changelog: fluxcd/gha-workflows@v0.4.0...v0.5.0

Commits

• d76bcc3 Merge pull request #19 from fluxcd/dependabot/github_actions/actions-d2a61c8563
• ddaea4b Bump the actions group across 1 directory with 10 updates
• 0ef1fa4 Merge pull request #15 from fluxcd/pin-cosign-v2.6.1
• bfc7649 Pin cosign to v2.6.1
• See full diff in compare view

Updates aws-actions/configure-aws-credentials from 5.0.0 to 5.1.1

Release notes

Sourced from aws-actions/configure-aws-credentials's releases.

v5.1.1

5.1.1 (2025-11-24)

Miscellaneous Chores

• release 5.1.1 (56d6a58)
• various dependency updates

v5.1.0

5.1.0 (2025-10-06)

Features

• Add global timeout support (#1487) (1584b8b)
• add no-proxy support (#1482) (dde9b22)
• Improve debug logging in retry logic (#1485) (97ef425)

Bug Fixes

• properly expose getProxyForUrl (introduced in #1482) (#1486) (cea4298)

Changelog

Sourced from aws-actions/configure-aws-credentials's changelog.

Changelog

All notable changes to this project will be documented in this file. See standard-version for commit guidelines.

5.1.1 (2025-11-24)

Miscellaneous Chores

• release 5.1.1 (56d6a58)

5.1.0 (2025-10-06)

Features

• Add global timeout support (#1487) (1584b8b)
• add no-proxy support (#1482) (dde9b22)
• Improve debug logging in retry logic (#1485) (97ef425)

Bug Fixes

• properly expose getProxyForUrl (introduced in #1482) (#1486) (cea4298)

5.0.0 (2025-09-03)

⚠ BREAKING CHANGES

• Cleanup input handling. Changes invalid boolean input behavior (see #1445)

Features

• add skip OIDC option (#1458) (8c45f6b)
• Cleanup input handling. Changes invalid boolean input behavior (see #1445) (74b3e27)
• support account id allowlist (#1456) (c4be498)

4.3.1 (2025-08-04)

Bug Fixes

• update readme to 4.3.1 (#1424) (be2e7ad)

4.3.0 (2025-08-04)

Features

... (truncated)

Commits

• 61815dc chore(main): release 5.1.1 (#1564)
• 56d6a58 chore: release 5.1.1
• 4a54c24 chore(deps-dev): bump glob from 10.4.5 to 10.5.0 (#1563)
• b2793c9 chore(deps-dev): bump @​types/node from 24.10.0 to 24.10.1 (#1559)
• 8c230bf chore: Update dist
• f7a5b07 chore(deps): bump @​aws-sdk/client-sts from 3.928.0 to 3.933.0 (#1558)
• 730fc04 chore(deps-dev): bump @​biomejs/biome from 2.3.4 to 2.3.6 (#1555)
• bc0dd36 chore(deps-dev): bump memfs from 4.50.0 to 4.51.0 (#1556)
• f2964c7 chore: Update dist
• cf46495 chore(deps): bump @​aws-sdk/client-sts from 3.922.0 to 3.928.0 (#1548)
• Additional commits viewable in compare view

Updates docker/login-action from 3.5.0 to 3.6.0

Release notes

Sourced from docker/login-action's releases.

v3.6.0

• Add registry-auth input for raw authentication to registries by @​crazy-max in docker/login-action#887
• Bump @​aws-sdk/client-ecr to 3.890.0 in docker/login-action#882 docker/login-action#890
• Bump @​aws-sdk/client-ecr-public to 3.890.0 in docker/login-action#882 docker/login-action#890
• Bump @​docker/actions-toolkit from 0.62.1 to 0.63.0 in docker/login-action#883
• Bump brace-expansion from 1.1.11 to 1.1.12 in docker/login-action#880
• Bump undici from 5.28.4 to 5.29.0 in docker/login-action#879
• Bump tmp from 0.2.3 to 0.2.4 in docker/login-action#881

Full Changelog: docker/login-action@v3.5.0...v3.6.0

Commits

• 5e57cd1 Merge pull request #890 from docker/dependabot/npm_and_yarn/aws-sdk-dependenc...
• 97e3143 chore: update generated content
• 3a0796b build(deps): bump the aws-sdk-dependencies group with 2 updates
• 5b7b28b Merge pull request #882 from docker/dependabot/npm_and_yarn/aws-sdk-dependenc...
• abc9fb3 chore: update generated content
• d468688 build(deps): bump the aws-sdk-dependencies group with 2 updates
• a99b2f8 Merge pull request #883 from docker/dependabot/npm_and_yarn/docker/actions-to...
• 0d7fae8 chore: update generated content
• 9832253 build(deps): bump @​docker/actions-toolkit from 0.62.1 to 0.63.0
• 09e05bb Merge pull request #881 from docker/dependabot/npm_and_yarn/tmp-0.2.4
• Additional commits viewable in compare view

Updates fluxcd/gha-workflows/.github/workflows/controller-release.yaml from 0.4.0 to 0.5.0

Release notes

Sourced from fluxcd/gha-workflows/.github/workflows/controller-release.yaml's releases.

v0.5.0

What's Changed

• Pin cosign to v2.6.1 by @​matheuscscp in fluxcd/gha-workflows#15
• Bump the actions group across 1 directory with 10 updates by @​dependabot[bot] in fluxcd/gha-workflows#19

Full Changelog: fluxcd/gha-workflows@v0.4.0...v0.5.0

Commits

• d76bcc3 Merge pull request #19 from fluxcd/dependabot/github_actions/actions-d2a61c8563
• ddaea4b Bump the actions group across 1 directory with 10 updates
• 0ef1fa4 Merge pull request #15 from fluxcd/pin-cosign-v2.6.1
• bfc7649 Pin cosign to v2.6.1
• See full diff in compare view

Updates fluxcd/gha-workflows/.github/workflows/code-scan.yaml from 0.4.0 to 0.5.0

Release notes

Sourced from fluxcd/gha-workflows/.github/workflows/code-scan.yaml's releases.

v0.5.0

What's Changed

• Pin cosign to v2.6.1 by @​matheuscscp in fluxcd/gha-workflows#15
• Bump the actions group across 1 directory with 10 updates by @​dependabot[bot] in fluxcd/gha-workflows#19

Full Changelog: fluxcd/gha-workflows@v0.4.0...v0.5.0

Commits

• d76bcc3 Merge pull request #19 from fluxcd/dependabot/github_actions/actions-d2a61c8563
• ddaea4b Bump the actions group across 1 directory with 10 updates
• 0ef1fa4 Merge pull request #15 from fluxcd/pin-cosign-v2.6.1
• bfc7649 Pin cosign to v2.6.1
• See full diff in compare view

Updates fluxcd/gha-workflows/.github/workflows/labels-sync.yaml from 0.4.0 to 0.5.0

Release notes

Sourced from fluxcd/gha-workflows/.github/workflows/labels-sync.yaml's releases.

v0.5.0

What's Changed

• Pin cosign to v2.6.1 by @​matheuscscp in fluxcd/gha-workflows#15
• Bump the actions group across 1 directory with 10 updates by @​dependabot[bot] in fluxcd/gha-workflows#19

Full Changelog: fluxcd/gha-workflows@v0.4.0...v0.5.0

Commits

• d76bcc3 Merge pull request #19 from fluxcd/dependabot/github_actions/actions-d2a61c8563
• ddaea4b Bump the actions group across 1 directory with 10 updates
• 0ef1fa4 Merge pull request #15 from fluxcd/pin-cosign-v2.6.1
• bfc7649 Pin cosign to v2.6.1
• See full diff in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.