From 2e9a6bd0821c7f05edc7375d9c6738ff46427262 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Wed, 6 May 2026 13:21:53 +0000
Subject: [PATCH] Build(deps): Bump the compatible group across 1 directory
 with 3 updates

Bumps the compatible group with 3 updates in the / directory: [actions/create-github-app-token](https://github.com/actions/create-github-app-token), [actions/labeler](https://github.com/actions/labeler) and [frequenz-floss/gh-action-dependabot-migrate](https://github.com/frequenz-floss/gh-action-dependabot-migrate).


Updates `actions/create-github-app-token` from 3.0.0 to 3.1.1
- [Release notes](https://github.com/actions/create-github-app-token/releases)
- [Commits](https://github.com/actions/create-github-app-token/compare/f8d387b68d61c58ab83c6c016672934102569859...1b10c78c7865c340bc4f6099eb2f838309f1e8c3)

Updates `actions/labeler` from 6.0.1 to 6.1.0
- [Release notes](https://github.com/actions/labeler/releases)
- [Commits](https://github.com/actions/labeler/compare/634933edcd8ababfe52f92936142cc22ac488b1b...f27b608878404679385c85cfa523b85ccb86e213)

Updates `frequenz-floss/gh-action-dependabot-migrate` from 1.1.0 to 1.1.1
- [Release notes](https://github.com/frequenz-floss/gh-action-dependabot-migrate/releases)
- [Commits](https://github.com/frequenz-floss/gh-action-dependabot-migrate/compare/b389f72f9282346920150a67495efbae450ac07b...45994e185a9040449304a470e8f02d0e197873b4)

---
updated-dependencies:
- dependency-name: actions/create-github-app-token
  dependency-version: 3.1.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: compatible
- dependency-name: actions/labeler
  dependency-version: 6.1.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: compatible
- dependency-name: frequenz-floss/gh-action-dependabot-migrate
  dependency-version: 1.1.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: compatible
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 .github/workflows/auto-dependabot.yaml       | 2 +-
 .github/workflows/labeler.yml                | 2 +-
 .github/workflows/repo-config-migration.yaml | 4 ++--
 3 files changed, 4 insertions(+), 4 deletions(-)

diff --git a/.github/workflows/auto-dependabot.yaml b/.github/workflows/auto-dependabot.yaml
index 6b05b40..65935f7 100644
--- a/.github/workflows/auto-dependabot.yaml
+++ b/.github/workflows/auto-dependabot.yaml
@@ -25,7 +25,7 @@ jobs:
     steps:
       - name: Generate GitHub App token
         id: app-token
-        uses: actions/create-github-app-token@f8d387b68d61c58ab83c6c016672934102569859 # v3.0.0
+        uses: actions/create-github-app-token@1b10c78c7865c340bc4f6099eb2f838309f1e8c3 # v3.1.1
         with:
           app-id: ${{ secrets.FREQUENZ_AUTO_DEPENDABOT_APP_ID }}
           private-key: ${{ secrets.FREQUENZ_AUTO_DEPENDABOT_APP_PRIVATE_KEY }}
diff --git a/.github/workflows/labeler.yml b/.github/workflows/labeler.yml
index c327e7f..61add82 100644
--- a/.github/workflows/labeler.yml
+++ b/.github/workflows/labeler.yml
@@ -18,7 +18,7 @@ jobs:
         # only use hashes to pick the action to execute (instead of tags or branches).
         # For more details read:
         # https://securitylab.github.com/research/github-actions-preventing-pwn-requests/
-        uses: actions/labeler@634933edcd8ababfe52f92936142cc22ac488b1b  # 6.0.1
+        uses: actions/labeler@f27b608878404679385c85cfa523b85ccb86e213  # 6.1.0
         with:
           repo-token: "${{ secrets.GITHUB_TOKEN }}"
           dot: true
diff --git a/.github/workflows/repo-config-migration.yaml b/.github/workflows/repo-config-migration.yaml
index 09602d4..6ffaf60 100644
--- a/.github/workflows/repo-config-migration.yaml
+++ b/.github/workflows/repo-config-migration.yaml
@@ -42,12 +42,12 @@ jobs:
     steps:
       - name: Generate token
         id: create-app-token
-        uses: actions/create-github-app-token@f8d387b68d61c58ab83c6c016672934102569859 # v3.0.0
+        uses: actions/create-github-app-token@1b10c78c7865c340bc4f6099eb2f838309f1e8c3 # v3.1.1
         with:
           app-id: ${{ secrets.FREQUENZ_AUTO_DEPENDABOT_APP_ID }}
           private-key: ${{ secrets.FREQUENZ_AUTO_DEPENDABOT_APP_PRIVATE_KEY }}
       - name: Migrate
-        uses: frequenz-floss/gh-action-dependabot-migrate@b389f72f9282346920150a67495efbae450ac07b # v1.1.0
+        uses: frequenz-floss/gh-action-dependabot-migrate@45994e185a9040449304a470e8f02d0e197873b4 # v1.1.1
         with:
           script-url-template: >-
             https://raw.githubusercontent.com/frequenz-floss/frequenz-repo-config-python/{version}/cookiecutter/migrate.py