chore(deps): update github actions non-major

[renovate]

This PR contains the following updates:

Package	Type	Update	Change
actions/checkout	action	patch	v6.0.2 → 6.0.3
actions/create-github-app-token	action	minor	3.1.1 → 3.2.0

---

Release Notes

actions/checkout (actions/checkout)

v6.0.3

Compare Source

• Fix checkout init for SHA-256 repositories by @​yaananth in #​2439
• fix: expand merge commit SHA regex and add SHA-256 test cases by @​yaananth in #​2414

actions/create-github-app-token (actions/create-github-app-token)

v3.2.0

Compare Source

Features

• add support for enterprise-level GitHub Apps (#​263) (952a2a7)
• support full repository names in repositories input (#​372) (85eb8dd)

Bug Fixes

• deps: bump @​actions/core from 3.0.0 to 3.0.1 in the production-dependencies group (#​364) (43e5c34)
• validate private-key input (#​376) (f24bbd8)

---

Configuration

📅 Schedule: (in timezone UTC)

• Branch creation
  • "on the 15th day of the month before 12pm"
• Automerge
  • At any time (no schedule defined)

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[greptile-apps]

Greptile Summary

Routine Renovate-generated bump of two GitHub Actions dependencies, both pinned to their full commit SHA as a supply-chain security measure.

• actions/checkout is updated from v6.0.2 → 6.0.3 (SHA df4cb1c…); the release fixes SHA-256 repository checkout and broadens merge-commit SHA regex.
• actions/create-github-app-token is updated from 3.1.1 → 3.2.0 (SHA bcd2ba49…); the minor release adds enterprise-level GitHub App support and validates the private-key input.

Confidence Score: 5/5

Both action version bumps are pinned to verified full commit SHAs, keeping the supply-chain trust model intact — safe to merge.

The only change is updating two well-maintained GitHub Actions to newer patch/minor releases. Both continue to be referenced by their full commit SHA, so there is no exposure to tag-mutable supply-chain attacks. The upstream release notes describe purely additive changes (SHA-256 repo fix, enterprise App support, private-key validation) with no breaking changes on the paths used here.

No files require special attention.

Important Files Changed

Filename	Overview
.github/workflows/ci.yml	Bumps actions/checkout from v6.0.2 to 6.0.3 (pinned by full commit SHA); version comment drops the 'v' prefix.
.github/workflows/release-please.yml	Bumps actions/create-github-app-token from 3.1.1 to 3.2.0 (pinned by full commit SHA); straightforward minor version update.

Flowchart

%%{init: {'theme': 'neutral'}}%%
flowchart TD
    A[Renovate Bot] -->|Detects new releases| B{Dependency Updates}
    B --> C[actions/checkout\nv6.0.2 → 6.0.3]
    B --> D[actions/create-github-app-token\n3.1.1 → 3.2.0]
    C --> E[ci.yml\nSHA: df4cb1c…]
    D --> F[release-please.yml\nSHA: bcd2ba49…]
    E --> G[CI Workflow\nphp matrix builds]
    F --> H[Release Workflow\nApp token generation]

Loading

_{Reviews (1): Last reviewed commit: "chore(deps): update github actions non-m..." | Re-trigger Greptile}