chore(deps): bump softprops/action-gh-release from 2.5.0 to 2.6.1

[dependabot]

Bumps softprops/action-gh-release from 2.5.0 to 2.6.1.

Release notes

Sourced from softprops/action-gh-release's releases.

v2.6.1

2.6.1 is a patch release focused on restoring linked discussion thread creation when discussion_category_name is set. It fixes [#764](https://github.com/softprops/action-gh-release/issues/764), where the draft-first publish flow stopped carrying the discussion category through the final publish step.

If you still hit an issue after upgrading, please open a report with the bug template and include a minimal repro or sanitized workflow snippet where possible.

What's Changed

Bug fixes 🐛

• fix: preserve discussion category on publish by @​chenrui333 in softprops/action-gh-release#765

v2.6.0

2.6.0 is a minor release centered on previous_tag support for generate_release_notes, which lets workflows pin GitHub's comparison base explicitly instead of relying on the default range. It also includes the recent concurrent asset upload recovery fix, a working_directory docs sync, a checked-bundle freshness guard for maintainers, and clearer immutable-prerelease guidance where GitHub platform behavior imposes constraints on how prerelease asset uploads can be published.

If you still hit an issue after upgrading, please open a report with the bug template and include a minimal repro or sanitized workflow snippet where possible.

What's Changed

Exciting New Features 🎉

• feat: support previous_tag for generate_release_notes by @​pocesar in softprops/action-gh-release#372

Bug fixes 🐛

• fix: recover concurrent asset metadata 404s by @​chenrui333 in softprops/action-gh-release#760

Other Changes 🔄

• docs: clarify reused draft release behavior by @​chenrui333 in softprops/action-gh-release#759
• docs: clarify working_directory input by @​chenrui333 in softprops/action-gh-release#761
• ci: verify dist bundle freshness by @​chenrui333 in softprops/action-gh-release#762
• fix: clarify immutable prerelease uploads by @​chenrui333 in softprops/action-gh-release#763

v2.5.3

2.5.3 is a patch release focused on the remaining path-handling and release-selection bugs uncovered after 2.5.2. It fixes [#639](https://github.com/softprops/action-gh-release/issues/639), [#571](https://github.com/softprops/action-gh-release/issues/571), [#280](https://github.com/softprops/action-gh-release/issues/280), [#614](https://github.com/softprops/action-gh-release/issues/614), [#311](https://github.com/softprops/action-gh-release/issues/311), [#403](https://github.com/softprops/action-gh-release/issues/403), and [#368](https://github.com/softprops/action-gh-release/issues/368). It also adds documentation clarifications for [#541](https://github.com/softprops/action-gh-release/issues/541), [#645](https://github.com/softprops/action-gh-release/issues/645), [#542](https://github.com/softprops/action-gh-release/issues/542), [#393](https://github.com/softprops/action-gh-release/issues/393), and [#411](https://github.com/softprops/action-gh-release/issues/411), where the current behavior is either usage-sensitive or constrained by GitHub platform limits rather than an action-side runtime bug.

If you still hit an issue after upgrading, please open a report with the bug template and include a minimal repro or sanitized workflow snippet where possible.

What's Changed

... (truncated)

Changelog

Sourced from softprops/action-gh-release's changelog.

2.6.1

2.6.1 is a patch release focused on restoring linked discussion thread creation when discussion_category_name is set. It fixes [#764](https://github.com/softprops/action-gh-release/issues/764), where the draft-first publish flow stopped carrying the discussion category through the final publish step.

If you still hit an issue after upgrading, please open a report with the bug template and include a minimal repro or sanitized workflow snippet where possible.

What's Changed

Bug fixes 🐛

• fix: preserve discussion category on publish by @​chenrui333 in softprops/action-gh-release#765

2.6.0

2.6.0 is a minor release centered on previous_tag support for generate_release_notes, which lets workflows pin GitHub's comparison base explicitly instead of relying on the default range. It also includes the recent concurrent asset upload recovery fix, a working_directory docs sync, a checked-bundle freshness guard for maintainers, and clearer immutable-prerelease guidance where GitHub platform behavior imposes constraints on how prerelease asset uploads can be published.

If you still hit an issue after upgrading, please open a report with the bug template and include a minimal repro or sanitized workflow snippet where possible.

What's Changed

Exciting New Features 🎉

• feat: support previous_tag for generate_release_notes by @​pocesar in softprops/action-gh-release#372

Bug fixes 🐛

• fix: recover concurrent asset metadata 404s by @​chenrui333 in softprops/action-gh-release#760

Other Changes 🔄

• docs: clarify reused draft release behavior by @​chenrui333 in softprops/action-gh-release#759
• docs: clarify working_directory input by @​chenrui333 in softprops/action-gh-release#761
• ci: verify dist bundle freshness by @​chenrui333 in softprops/action-gh-release#762
• fix: clarify immutable prerelease uploads by @​chenrui333 in softprops/action-gh-release#763

2.5.3

2.5.3 is a patch release focused on the remaining path-handling and release-selection bugs uncovered after 2.5.2. It fixes [#639](https://github.com/softprops/action-gh-release/issues/639), [#571](https://github.com/softprops/action-gh-release/issues/571), [#280](https://github.com/softprops/action-gh-release/issues/280), [#614](https://github.com/softprops/action-gh-release/issues/614), [#311](https://github.com/softprops/action-gh-release/issues/311), [#403](https://github.com/softprops/action-gh-release/issues/403), and [#368](https://github.com/softprops/action-gh-release/issues/368). It also adds documentation clarifications for [#541](https://github.com/softprops/action-gh-release/issues/541), [#645](https://github.com/softprops/action-gh-release/issues/645), [#542](https://github.com/softprops/action-gh-release/issues/542), [#393](https://github.com/softprops/action-gh-release/issues/393), and [#411](https://github.com/softprops/action-gh-release/issues/411), where the current behavior is either usage-sensitive or constrained by GitHub platform limits rather than an action-side runtime bug.

If you still hit an issue after upgrading, please open a report with the bug template and include a minimal repro or sanitized workflow snippet where possible.

... (truncated)

Commits

• 153bb8e release 2.6.1
• 569deb8 fix: preserve discussion category when publishing releases (#765)
• 26e8ad2 release 2.6.0
• b959f31 fix: clarify immutable prerelease uploads (#763)
• 8a8510e ci: verify dist bundle freshness (#762)
• 438c15d docs: clarify working_directory input (#761)
• 6ca3b5d fix: recover concurrent asset metadata 404s (#760)
• 11f9176 chore: add RELEASE.md
• 1f3f350 feat: add AGENTS.md
• 37819cb docs: clarify reused draft release behavior (#759)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot]

Labels

The following labels could not be found: github-actions. Please create it before Dependabot can add it to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

[chatgpt-codex-connector]

Codex usage limits have been reached for code reviews. Please check with the admins of this repo to increase the limits by adding credits.
Credits must be used to enable repository wide code reviews.

[greptile-apps]

Greptile Summary

Dependabot bumps softprops/action-gh-release from v2.5.0 (a06a81a0) to v2.6.1 (153bb8e0) in both release workflows. This is a pin-by-SHA update with no configuration changes.

• release-on-tag.yml: Updated action SHA on line 74
• release.yml: Updated action SHA on line 117
• The new version includes bug fixes for discussion category preservation and concurrent asset upload recovery, plus a new previous_tag feature for generate_release_notes
• Both workflows continue to use commit SHA pinning with a # v2 comment, which is good security practice

Confidence Score: 5/5

• This PR is safe to merge — it is a routine Dependabot dependency bump with no configuration changes.
• The change is a minimal, one-line SHA update in two files. The new commit hash matches the published v2.6.1 release. No workflow logic, inputs, or permissions are altered. The upstream changes are bug fixes and non-breaking features.
• No files require special attention.

Important Files Changed

Filename	Overview
.github/workflows/release-on-tag.yml	Single-line change bumping softprops/action-gh-release commit SHA from v2.5.0 to v2.6.1. No functional or configuration changes.
.github/workflows/release.yml	Single-line change bumping softprops/action-gh-release commit SHA from v2.5.0 to v2.6.1. No functional or configuration changes.

Flowchart

%%{init: {'theme': 'neutral'}}%%
flowchart TD
    A[Tag Push / PR Merge] --> B{Which workflow?}
    B -->|Tag push by non-bot| C[release-on-tag.yml]
    B -->|Release PR merged| D[release.yml]
    C --> E[Build & Test]
    D --> F[Build & Test]
    E --> G["softprops/action-gh-release@v2.6.1\n(was v2.5.0)"]
    F --> H[Create & Push Tag]
    H --> I["softprops/action-gh-release@v2.6.1\n(was v2.5.0)"]
    G --> J[Publish to npm]
    I --> K[Publish to npm]

Loading

_{Last reviewed commit: 756e8eb}

[claude]

LGTM — straightforward Dependabot SHA pin bump for softprops/action-gh-release v2.5.0 → v2.6.1.

Extended reasoning...

Overview

This is a Dependabot-generated PR that updates the softprops/action-gh-release GitHub Action from v2.5.0 (SHA a06a81a) to v2.6.1 (SHA 153bb8e) in two workflow files: .github/workflows/release-on-tag.yml and .github/workflows/release.yml. Each file has exactly one line changed — the commit SHA pin. The # v2 version comment is preserved.

Security risks

None. The action references use full commit SHA pinning, which is the recommended practice for GitHub Actions supply chain security. The upstream release notes show only bug fixes and minor features (discussion category preservation, concurrent asset 404 recovery, previous_tag support). No new permissions or inputs are consumed by the workflows.

Level of scrutiny

Minimal scrutiny required. This is a mechanical, auto-generated dependency version bump with no logic changes, no new inputs, and no changes to workflow structure or permissions. The same pattern has been applied consistently to both files.

Other factors

No prior reviews or outstanding comments exist on this PR. No bugs were found by the automated bug hunting system. The upstream action is a well-known, widely-used GitHub Action with a clear changelog. The bump stays within the same major version (v2), so no breaking changes are expected.