ci(deps): Bump softprops/action-gh-release from 2 to 3

[dependabot]

Bumps softprops/action-gh-release from 2 to 3.

Release notes

Sourced from softprops/action-gh-release's releases.

v3.0.0

3.0.0 is a major release that moves the action runtime from Node 20 to Node 24. Use v3 on GitHub-hosted runners and self-hosted fleets that already support the Node 24 Actions runtime. If you still need the last Node 20-compatible line, stay on v2.6.2.

What's Changed

Other Changes 🔄

• Move the action runtime and bundle target to Node 24
• Update @types/node to the Node 24 line and allow future Dependabot updates
• Keep the floating major tag on v3; v2 remains pinned to the latest 2.x release

v2.6.2

What's Changed

Other Changes 🔄

• chore(deps): bump picomatch from 4.0.3 to 4.0.4 by @​dependabot[bot] in softprops/action-gh-release#775
• chore(deps): bump brace-expansion from 5.0.4 to 5.0.5 by @​dependabot[bot] in softprops/action-gh-release#777
• chore(deps): bump vite from 8.0.0 to 8.0.5 by @​dependabot[bot] in softprops/action-gh-release#781

Full Changelog: softprops/action-gh-release@v2...v2.6.2

v2.6.1

2.6.1 is a patch release focused on restoring linked discussion thread creation when discussion_category_name is set. It fixes [#764](https://github.com/softprops/action-gh-release/issues/764), where the draft-first publish flow stopped carrying the discussion category through the final publish step.

If you still hit an issue after upgrading, please open a report with the bug template and include a minimal repro or sanitized workflow snippet where possible.

What's Changed

Bug fixes 🐛

• fix: preserve discussion category on publish by @​chenrui333 in softprops/action-gh-release#765

v2.6.0

2.6.0 is a minor release centered on previous_tag support for generate_release_notes, which lets workflows pin GitHub's comparison base explicitly instead of relying on the default range. It also includes the recent concurrent asset upload recovery fix, a working_directory docs sync, a checked-bundle freshness guard for maintainers, and clearer immutable-prerelease guidance where GitHub platform behavior imposes constraints on how prerelease asset uploads can be published.

If you still hit an issue after upgrading, please open a report with the bug template and include a minimal repro or sanitized workflow snippet where possible.

What's Changed

... (truncated)

Changelog

Sourced from softprops/action-gh-release's changelog.

0.1.13

• fix issue with multiple runs concatenating release bodies #145

Commits

• b430933 release: cut v3.0.0 for Node 24 upgrade (#670)
• c2e35e0 chore(deps): bump the npm group across 1 directory with 7 updates (#783)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot]

Labels

The following labels could not be found: github-actions. Please create it before Dependabot can add it to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

[github-actions]

⚠️ Deprecation Warning: The deny-licenses option is deprecated for possible removal in the next major release. For more information, see issue 997.

Dependency Review

The following issues were found:

• ✅ 0 vulnerable package(s)
• ✅ 0 package(s) with incompatible licenses
• ✅ 0 package(s) with invalid SPDX license definitions
• ⚠️ 1 package(s) with unknown licenses.

See the Details below.

Snapshot Warnings

⚠️: No snapshots were found for the head SHA bcc4d09.

Ensure that dependencies are being submitted on PR branches and consider enabling retry-on-snapshot-warnings. See the documentation for more information and troubleshooting advice.

License Issues

.github/workflows/ci.yml

Package	Version	License	Issue Type
softprops/action-gh-release	3.*.*	Null	Unknown License

Denied Licenses:

GPL-2.0, GPL-3.0, AGPL-3.0

OpenSSF Scorecard

Package	Version	Score	Details
actions/softprops/action-gh-release	3.*.*	🟢 4.5	Details Check Score Reason Binary-Artifacts 🟢 10 no binaries found in the repo Packaging ⚠️ -1 packaging workflow not detected Code-Review ⚠️ 0 Found 2/30 approved changesets -- score normalized to 0 Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Maintained 🟢 10 30 commit(s) and 14 issue activity found in the last 90 days -- score normalized to 10 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Pinned-Dependencies 🟢 10 all dependencies are pinned CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Fuzzing ⚠️ 0 project is not fuzzed License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Branch-Protection ⚠️ 0 branch protection not enabled on development/release branches Security-Policy ⚠️ 0 security policy file not detected SAST ⚠️ 0 SAST tool is not run on all commits -- score normalized to 0

Scanned Files

• .github/workflows/ci.yml

[github-actions]

Code Coverage

Summary
  Generated on: 04/13/2026 - 09:58:10
  Coverage date: 04/13/2026 - 09:58:05 - 04/13/2026 - 09:58:08
  Parser: MultiReport (5x Cobertura)
  Assemblies: 2
  Classes: 14
  Files: 13
  Line coverage: 87.2%
  Covered lines: 225
  Uncovered lines: 33
  Coverable lines: 258
  Total lines: 880
  Branch coverage: 78.5% (77 of 98)
  Covered branches: 77
  Total branches: 98
  Method coverage: 98% (51 of 52)
  Full method coverage: 88.4% (46 of 52)
  Covered methods: 51
  Fully covered methods: 46
  Total methods: 52

JD.SemanticKernel.Connectors.Abstractions                                   100%
  JD.SemanticKernel.Connectors.Abstractions.ModelInfo                       100%
  JD.SemanticKernel.Connectors.Abstractions.SessionCredentials              100%
  JD.SemanticKernel.Connectors.Abstractions.SessionOptionsBase              100%

JD.SemanticKernel.Connectors.GitHubCopilot                                 86.9%
  JD.SemanticKernel.Connectors.GitHubCopilot.CopilotHttpClientFactory       100%
  JD.SemanticKernel.Connectors.GitHubCopilot.CopilotModelDiscovery          100%
  JD.SemanticKernel.Connectors.GitHubCopilot.CopilotSessionException        100%
  JD.SemanticKernel.Connectors.GitHubCopilot.CopilotSessionHttpHandler      100%
  JD.SemanticKernel.Connectors.GitHubCopilot.CopilotSessionOptions          100%
  JD.SemanticKernel.Connectors.GitHubCopilot.CopilotSessionProvider        75.9%
  JD.SemanticKernel.Connectors.GitHubCopilot.KernelBuilderExtensions        100%
  JD.SemanticKernel.Connectors.GitHubCopilot.Models.CopilotAppsEntry       66.6%
  JD.SemanticKernel.Connectors.GitHubCopilot.Models.CopilotEndpoints        100%
  JD.SemanticKernel.Connectors.GitHubCopilot.Models.CopilotTokenResponse    100%
  JD.SemanticKernel.Connectors.GitHubCopilot.ServiceCollectionExtensions    100%

[github-actions]

Test Results

101 tests   92 ✅  0s ⏱️
  3 suites   9 💤
  3 files     0 ❌

Results for commit bcc4d09.

[codecov-commenter]

Codecov Report

✅ All modified and coverable lines are covered by tests.
⚠️ Please upload report for BASE (main@c1b39c2). Learn more about missing BASE report.

Additional details and impacted files

@@           Coverage Diff           @@
##             main      #21   +/-   ##
=======================================
  Coverage        ?   82.94%           
=======================================
  Files           ?       13           
  Lines           ?      258           
  Branches        ?       40           
=======================================
  Hits            ?      214           
  Misses          ?       33           
  Partials        ?       11           

Flag	Coverage Δ
unittests	82.94% <ø> (?)

Flags with carried forward coverage won't be shown. Click here to find out more.

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:

• ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.