build(deps): bump getsentry/github-workflows from b6d9e26d1c5bb01362670e13288b2284bab8cbf9 to c802283cd9075b7a2b7a32655019c21c21676e34 (#6393)

dependabot[bot] · web-flow · commit 9ecdf1b13baa · 2026-05-27T08:28:40.000+02:00
Bumps [getsentry/github-workflows](https://github.com/getsentry/github-workflows) from b6d9e26d1c5bb01362670e13288b2284bab8cbf9 to c802283cd9075b7a2b7a32655019c21c21676e34. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/getsentry/github-workflows/blob/main/CHANGELOG.md">getsentry/github-workflows's changelog</a>.</em></p> <blockquote> <h1>Changelog</h1> <h2>Unreleased</h2> <h3>Fixes</h3> <ul> <li>Danger - Harden <code>extra-install-packages</code> handling: pass the package list into the container via env var instead of host-shell string interpolation (defense in depth) (<a href="https://redirect.github.com/getsentry/github-workflows/pull/169">#169</a>)</li> </ul> <h2>3.4.0</h2> <h3>Features</h3> <ul> <li>Validate PR - Action is advisory: it posts a single friendly comment on community PRs that don't reference an issue with maintainer discussion. PRs are not closed and no labels are applied. Recommended trigger is <code>types: [opened]</code>.</li> <li>Validate PR - Skip validation for PRs with fewer than 100 lines changed, excluding common lock files (<code>Cargo.lock</code>, <code>yarn.lock</code>, <code>package-lock.json</code>, <code>Pipfile.lock</code>, etc.). Tiny PRs no longer go through the issue-discussion loop.</li> <li>Add validate-pr composite action for validating non-maintainer PRs against contribution guidelines (<a href="https://redirect.github.com/getsentry/github-workflows/pull/153">#153</a>)</li> </ul> <h3>Fixes</h3> <ul> <li>Complete script injection hardening across all actions: move remaining step outputs to env vars, validate Danger version against semver (<a href="https://redirect.github.com/getsentry/github-workflows/pull/152">#152</a>)</li> <li>Updater - Trigger CI for new PRs without changelog updates (<a href="https://redirect.github.com/getsentry/github-workflows/pull/166">#166</a>)</li> <li>Updater - Select the first branch when multiple branches point at <code>HEAD</code> (<a href="https://redirect.github.com/getsentry/github-workflows/pull/165">#165</a>)</li> </ul> <h3>Dependencies</h3> <ul> <li>Bump Danger JS from v13.0.4 to v13.0.5 (<a href="https://redirect.github.com/getsentry/github-workflows/pull/160">#160</a>) <ul> <li><a href="https://github.com/danger/danger-js/blob/main/CHANGELOG.md#1305">changelog</a></li> <li><a href="https://github.com/danger/danger-js/compare/13.0.4...13.0.5">diff</a></li> </ul> </li> </ul> <h2>3.3.0</h2> <h3>Features</h3> <ul> <li>Updater - Support CMake <code>GIT_TAG</code> with variable references like <code>${FOO_REF}</code>, resolving and updating the corresponding <code>set()</code> definition (<a href="https://redirect.github.com/getsentry/github-workflows/pull/149">#149</a>)</li> </ul> <h2>3.2.1</h2> <h3>Fixes</h3> <ul> <li>Sentry-CLI integration test action - Accept chunked ProGuard uploads for compatibility with Sentry CLI 3.x (<a href="https://redirect.github.com/getsentry/github-workflows/pull/140">#140</a>)</li> </ul> <h2>3.2.0</h2> <h3>Features</h3> <ul> <li>Danger - Add support for repository-specific dangerfiles (<a href="https://redirect.github.com/getsentry/github-workflows/pull/129">#129</a>) <ul> <li>Add <code>extra-dangerfile</code> input parameter to run custom Danger checks alongside shared workflow checks</li> <li>Add <code>extra-install-packages</code> input to install additional apt packages required by custom dangerfiles</li> <li>Custom dangerfiles receive full Danger API access (<code>fail</code>, <code>warn</code>, <code>message</code>, <code>markdown</code>, <code>danger</code>)</li> <li>Enables repositories to extend Danger checks without overwriting shared workflow comments</li> </ul> </li> <li>Sentry-CLI integration test action - Add <code>InvokeSentryResult::Events()</code> method to extract events from envelopes (<a href="https://redirect.github.com/getsentry/github-workflows/pull/137">#137</a>)</li> </ul>  </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/getsentry/github-workflows/commit/c802283cd9075b7a2b7a32655019c21c21676e34"><code>c802283</code></a> fix(danger): harden extra-install-packages against host-shell interpolation (...</li> <li>See full diff in <a href="https://github.com/getsentry/github-workflows/compare/b6d9e26d1c5bb01362670e13288b2284bab8cbf9...c802283cd9075b7a2b7a32655019c21c21676e34">compare view</a></li> </ul> </details> <br /> Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
diff --git a/.github/workflows/validate-pr.yml b/.github/workflows/validate-pr.yml
@@ -10,7 +10,7 @@ jobs:
     permissions:
       pull-requests: write
     steps:
-      - uses: getsentry/github-workflows/validate-pr@b6d9e26d1c5bb01362670e13288b2284bab8cbf9
+      - uses: getsentry/github-workflows/validate-pr@c802283cd9075b7a2b7a32655019c21c21676e34
         with:
           app-id: ${{ vars.SDK_MAINTAINER_BOT_APP_ID }}
           private-key: ${{ secrets.SDK_MAINTAINER_BOT_PRIVATE_KEY }}
