Upgrade: [dependabot] - bump NHSDigital/eps-common-workflows/.github/workflows/tag-release.yml from 5.2.1 to 5.2.9 (#2229)

Bumps
[NHSDigital/eps-common-workflows/.github/workflows/tag-release.yml](https://github.com/nhsdigital/eps-common-workflows)
from 5.2.1 to 5.2.9.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/nhsdigital/eps-common-workflows/releases">NHSDigital/eps-common-workflows/.github/workflows/tag-release.yml's
releases</a>.</em></p>
<blockquote>
<h2>v5.2.9</h2>
<h2><a
href="https://github.com/NHSDigital/eps-common-workflows/compare/v5.2.8...v5.2.9">5.2.9</a>
(2025-12-19)</h2>
<h3>Upgrade</h3>
<ul>
<li>[dependabot] - bump tar and npm (<a
href="https://redirect.github.com/nhsdigital/eps-common-workflows/issues/36">#36</a>)
(<a
href="https://github.com/NHSDigital/eps-common-workflows/commit/2b3ddfd1e59daf9905522d0140c6cd08e2547432">2b3ddfd</a>)</li>
</ul>
<h2>Info</h2>
<p><a
href="https://github.com/NHSDigital/eps-common-workflows/compare/38094010d757...2b3ddfd1e59d">See
code diff</a>
<a
href="https://github.com/NHSDigital/eps-common-workflows/actions/runs/20365247078">Release
workflow run</a> - Workflow ID: 20365247078</p>
<p>It was initialized by <a
href="https://github.com/apps/eps-autoapprove-dependabot">eps-autoapprove-dependabot[bot]</a></p>
<h2>v5.2.8</h2>
<h2><a
href="https://github.com/NHSDigital/eps-common-workflows/compare/v5.2.7...v5.2.8">5.2.8</a>
(2025-12-19)</h2>
<h3>Upgrade</h3>
<ul>
<li>[dependabot] - bump actions/download-artifact from 6.0.0 to 7.0.0
(<a
href="https://redirect.github.com/nhsdigital/eps-common-workflows/issues/37">#37</a>)
(<a
href="https://github.com/NHSDigital/eps-common-workflows/commit/38094010d757227fad10b237b308323fe236ccdd">3809401</a>)</li>
</ul>
<h2>Info</h2>
<p><a
href="https://github.com/NHSDigital/eps-common-workflows/compare/d48b296ad3d2...38094010d757">See
code diff</a>
<a
href="https://github.com/NHSDigital/eps-common-workflows/actions/runs/20365165404">Release
workflow run</a> - Workflow ID: 20365165404</p>
<p>It was initialized by <a
href="https://github.com/apps/eps-autoapprove-dependabot">eps-autoapprove-dependabot[bot]</a></p>
<h2>v5.2.7</h2>
<h2><a
href="https://github.com/NHSDigital/eps-common-workflows/compare/v5.2.6...v5.2.7">5.2.7</a>
(2025-12-19)</h2>
<h3>Upgrade</h3>
<ul>
<li>[dependabot] - bump actions/upload-artifact from 5.0.0 to 6.0.0 (<a
href="https://redirect.github.com/nhsdigital/eps-common-workflows/issues/38">#38</a>)
(<a
href="https://github.com/NHSDigital/eps-common-workflows/commit/d48b296ad3d229ada656e43ea7182d040ec6c8ec">d48b296</a>)</li>
</ul>
<h2>Info</h2>
<p><a
href="https://github.com/NHSDigital/eps-common-workflows/compare/7c73373061fe...d48b296ad3d2">See
code diff</a>
<a
href="https://github.com/NHSDigital/eps-common-workflows/actions/runs/20365070306">Release
workflow run</a> - Workflow ID: 20365070306</p>
<p>It was initialized by <a
href="https://github.com/apps/eps-autoapprove-dependabot">eps-autoapprove-dependabot[bot]</a></p>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/NHSDigital/eps-common-workflows/commit/2b3ddfd1e59daf9905522d0140c6cd08e2547432"><code>2b3ddfd</code></a>
Upgrade: [dependabot] - bump tar and npm (<a
href="https://redirect.github.com/nhsdigital/eps-common-workflows/issues/36">#36</a>)</li>
<li><a
href="https://github.com/NHSDigital/eps-common-workflows/commit/38094010d757227fad10b237b308323fe236ccdd"><code>3809401</code></a>
Upgrade: [dependabot] - bump actions/download-artifact from 6.0.0 to
7.0.0 (<a
href="https://redirect.github.com/nhsdigital/eps-common-workflows/issues/37">#37</a>)</li>
<li><a
href="https://github.com/NHSDigital/eps-common-workflows/commit/d48b296ad3d229ada656e43ea7182d040ec6c8ec"><code>d48b296</code></a>
Upgrade: [dependabot] - bump actions/upload-artifact from 5.0.0 to 6.0.0
(<a
href="https://redirect.github.com/nhsdigital/eps-common-workflows/issues/38">#38</a>)</li>
<li><a
href="https://github.com/NHSDigital/eps-common-workflows/commit/7c73373061fe4d9fe10b7cd16d62066fd369896f"><code>7c73373</code></a>
Upgrade: [dependabot] - bump actions/cache from 4 to 5 (<a
href="https://redirect.github.com/nhsdigital/eps-common-workflows/issues/39">#39</a>)</li>
<li><a
href="https://github.com/NHSDigital/eps-common-workflows/commit/0bffe7daa48a5f12a0f8aae8fecfac7c6f75fbb4"><code>0bffe7d</code></a>
Upgrade: [dependabot] - bump pre-commit from 4.5.0 to 4.5.1 (<a
href="https://redirect.github.com/nhsdigital/eps-common-workflows/issues/40">#40</a>)</li>
<li><a
href="https://github.com/NHSDigital/eps-common-workflows/commit/41dfe9fa65fbfcdc170b72b32b6f54c14c5d8fbe"><code>41dfe9f</code></a>
Upgrade: [dependabot] - bump filelock from 3.20.0 to 3.20.1 (<a
href="https://redirect.github.com/nhsdigital/eps-common-workflows/issues/35">#35</a>)</li>
<li><a
href="https://github.com/NHSDigital/eps-common-workflows/commit/7c71894c190ebfce3285eac8d53938ad50f570a1"><code>7c71894</code></a>
Upgrade: [dependabot] - bump SonarSource/sonarqube-scan-action from
6.0.0 to ...</li>
<li><a
href="https://github.com/NHSDigital/eps-common-workflows/commit/4192cd02653bf4a85165e3ece5219ee1ca75a5c3"><code>4192cd0</code></a>
Upgrade: [dependabot] - bump actions/create-github-app-token from 2.2.0
to 2....</li>
<li><a
href="https://github.com/NHSDigital/eps-common-workflows/commit/04defd0f2f47f468a987a4d83a898dbbd19c0c0d"><code>04defd0</code></a>
Upgrade: [dependabot] - bump raven-actions/actionlint from 2.0.1 to
2.1.0 (<a
href="https://redirect.github.com/nhsdigital/eps-common-workflows/issues/34">#34</a>)</li>
<li>See full diff in <a
href="https://github.com/nhsdigital/eps-common-workflows/compare/86a580e5eb38584c877ccfba5fc6f3f071faeffe...2b3ddfd1e59daf9905522d0140c6cd08e2547432">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=NHSDigital/eps-common-workflows/.github/workflows/tag-release.yml&package-manager=github_actions&previous-version=5.2.1&new-version=5.2.9)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Author: dependabot[bot]

.github/workflows/ci.yml

@@ -45,7 +45,7 @@ jobs:
 
   tag_release:
     needs: [quality_checks, get_commit_id, get_asdf_version]
-    uses: NHSDigital/eps-common-workflows/.github/workflows/tag-release.yml@86a580e5eb38584c877ccfba5fc6f3f071faeffe
+    uses: NHSDigital/eps-common-workflows/.github/workflows/tag-release.yml@2b3ddfd1e59daf9905522d0140c6cd08e2547432
     with:
       dry_run: true
       asdfVersion: ${{ needs.get_asdf_version.outputs.asdf_version }}

.github/workflows/pull_request.yml

@@ -73,7 +73,7 @@ jobs:
 
   tag_release:
     needs: [get_asdf_version]
-    uses: NHSDigital/eps-common-workflows/.github/workflows/tag-release.yml@86a580e5eb38584c877ccfba5fc6f3f071faeffe
+    uses: NHSDigital/eps-common-workflows/.github/workflows/tag-release.yml@2b3ddfd1e59daf9905522d0140c6cd08e2547432
     with:
       dry_run: true
       asdfVersion: ${{ needs.get_asdf_version.outputs.asdf_version }}

.github/workflows/release.yml

@@ -42,7 +42,7 @@ jobs:
 
   tag_release:
     needs: [quality_checks, get_commit_id, get_asdf_version]
-    uses: NHSDigital/eps-common-workflows/.github/workflows/tag-release.yml@86a580e5eb38584c877ccfba5fc6f3f071faeffe
+    uses: NHSDigital/eps-common-workflows/.github/workflows/tag-release.yml@2b3ddfd1e59daf9905522d0140c6cd08e2547432
     with:
       dry_run: false
       asdfVersion: ${{ needs.get_asdf_version.outputs.asdf_version }}