From bbbd903479f5bb77307007f9adbc654ea99da737 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Thu, 22 Aug 2024 07:12:19 +0000
Subject: [PATCH] Bump thollander/actions-comment-pull-request from 2.4.3 to
 2.5.0

Bumps [thollander/actions-comment-pull-request](https://github.com/thollander/actions-comment-pull-request) from 2.4.3 to 2.5.0.
- [Release notes](https://github.com/thollander/actions-comment-pull-request/releases)
- [Commits](https://github.com/thollander/actions-comment-pull-request/compare/1d3973dc4b8e1399c0620d3f2b1aa5e795465308...fabd468d3a1a0b97feee5f6b9e499eab0dd903f6)

---
updated-dependencies:
- dependency-name: thollander/actions-comment-pull-request
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 .github/workflows/ci-security.yml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/.github/workflows/ci-security.yml b/.github/workflows/ci-security.yml
index 6dd80b8f54..b1c6b3fb0f 100644
--- a/.github/workflows/ci-security.yml
+++ b/.github/workflows/ci-security.yml
@@ -32,14 +32,14 @@ jobs:
 
       - name: Comment on new Fork PR
         if: github.event.action == 'opened' && !contains(github.event.pull_request.labels.*.name, 'CI Cleared') && github.event.pull_request.user.id != 49699333
-        uses: thollander/actions-comment-pull-request@1d3973dc4b8e1399c0620d3f2b1aa5e795465308
+        uses: thollander/actions-comment-pull-request@fabd468d3a1a0b97feee5f6b9e499eab0dd903f6
         with:
           message: Thank you for contributing to ${{ github.event.pull_request.base.repo.name }}! The workflow '${{ github.workflow }}' requires repository secrets and will not run without approval. Maintainers can add the `CI Cleared` label to allow it to run. Note that any changes to ci-security.yml and ci-pipeline.yml will not be reflected.
           GITHUB_TOKEN: ${{ steps.app-token-generation.outputs.token }}
 
       - name: Comment on dependabot PR
         if: github.event.action == 'opened' && !contains(github.event.pull_request.labels.*.name, 'CI Cleared') && github.event.pull_request.user.id == 49699333
-        uses: thollander/actions-comment-pull-request@1d3973dc4b8e1399c0620d3f2b1aa5e795465308
+        uses: thollander/actions-comment-pull-request@fabd468d3a1a0b97feee5f6b9e499eab0dd903f6
         with:
           message: Set the milestone to the next ${{ (github.head_ref == 'master' && 'patch') || 'minor' }} version, check for supply chain attacks, and then add the `CI Cleared` label to allow CI to run.
           GITHUB_TOKEN: ${{ steps.app-token-generation.outputs.token }}