From b6bb2689a1434ea8e3d85a8d33a9d443b51abde0 Mon Sep 17 00:00:00 2001
From: Arjun Raja Yogidas <arjunry@amazon.com>
Date: Wed, 15 Oct 2025 01:08:25 +0000
Subject: [PATCH 1/2] ci: group dependabot alerts

Signed-off-by: Arjun Raja Yogidas <arjunry@amazon.com>
---
 .github/dependabot.yaml | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/.github/dependabot.yaml b/.github/dependabot.yaml
index 63ecaf79f..13915545a 100644
--- a/.github/dependabot.yaml
+++ b/.github/dependabot.yaml
@@ -13,6 +13,11 @@ updates:
     prefix: "build"
     include: "scope"
   groups:
+    non-breaking:
+      exclude-patterns: 
+        - "github.com/containerd/nerdctl/v2"
+        - "github.com/docker/docker"
+        - "github.com/docker/cli"
     docker:
       patterns:
         - "github.com/docker/docker"

From 0dcd96e05bae841c33a7d9de811f39ad3c90ab87 Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Wed, 15 Oct 2025 01:31:55 +0000
Subject: [PATCH 2/2] ci(deps): bump softprops/action-gh-release from 2.3.3 to
 2.4.1

Bumps [softprops/action-gh-release](https://github.com/softprops/action-gh-release) from 2.3.3 to 2.4.1.
- [Release notes](https://github.com/softprops/action-gh-release/releases)
- [Changelog](https://github.com/softprops/action-gh-release/blob/master/CHANGELOG.md)
- [Commits](https://github.com/softprops/action-gh-release/compare/6cbd405e2c4e67a21c47fa9e383d020e4e28b836...6da8fa9354ddfdc4aeace5fc48d7f679b5214090)

---
updated-dependencies:
- dependency-name: softprops/action-gh-release
  dependency-version: 2.4.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 .github/workflows/upload-deb-to-release.yaml       | 2 +-
 .github/workflows/upload-installer-to-release.yaml | 2 +-
 .github/workflows/upload-msi-to-release.yaml       | 2 +-
 3 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/.github/workflows/upload-deb-to-release.yaml b/.github/workflows/upload-deb-to-release.yaml
index 112107794..1c62dc85b 100644
--- a/.github/workflows/upload-deb-to-release.yaml
+++ b/.github/workflows/upload-deb-to-release.yaml
@@ -193,7 +193,7 @@ jobs:
           aws cloudfront create-invalidation --distribution-id ${{ secrets.ARTIFACTS_DISTRO_ID_PROD }} --paths "/deb/dists/noble/Release" "/deb/dists/noble/Release.gpg" "/deb/dists/noble/main/binary-amd64/Packages*" "/deb/dists/noble/main/binary-arm64/Packages*"
 
       - name: Upload deb archives and signatures to release
-        uses: softprops/action-gh-release@6cbd405e2c4e67a21c47fa9e383d020e4e28b836 # v0.1.15
+        uses: softprops/action-gh-release@6da8fa9354ddfdc4aeace5fc48d7f679b5214090 # v0.1.15
         with:
           tag_name: ${{ needs.get-tag-name.outputs.version }}
           files: |
diff --git a/.github/workflows/upload-installer-to-release.yaml b/.github/workflows/upload-installer-to-release.yaml
index a32e9d364..8e526307b 100644
--- a/.github/workflows/upload-installer-to-release.yaml
+++ b/.github/workflows/upload-installer-to-release.yaml
@@ -45,7 +45,7 @@ jobs:
           aws s3 cp s3://${{ secrets.INSTALLER_PRIVATE_BUCKET_NAME }}/Finch-${{ needs.get-tag-name.outputs.tag }}-x86_64.pkg Finch-${{ needs.get-tag-name.outputs.tag }}-x86_64.pkg
           aws s3 cp s3://${{ secrets.DEPENDENCY_BUCKET_NAME }}/dependency-sources.tar.gz DependenciesSourceCode.tar.gz
       - name: Upload installers and dependency source code to release
-        uses: softprops/action-gh-release@6cbd405e2c4e67a21c47fa9e383d020e4e28b836 # v0.1.15
+        uses: softprops/action-gh-release@6da8fa9354ddfdc4aeace5fc48d7f679b5214090 # v0.1.15
         with:
           tag_name: ${{ needs.get-tag-name.outputs.tag }}
           files: |
diff --git a/.github/workflows/upload-msi-to-release.yaml b/.github/workflows/upload-msi-to-release.yaml
index d74900c0c..e6d9b3197 100644
--- a/.github/workflows/upload-msi-to-release.yaml
+++ b/.github/workflows/upload-msi-to-release.yaml
@@ -53,7 +53,7 @@ jobs:
         run: |
           aws s3 cp s3://${{ secrets.INSTALLER_PRIVATE_BUCKET_NAME }}/Finch-${{ needs.get-version-tag.outputs.tag }}.msi Finch-${{ needs.get-version-tag.outputs.tag }}.msi
       - name: Upload installers and dependency source code to release
-        uses: softprops/action-gh-release@6cbd405e2c4e67a21c47fa9e383d020e4e28b836 # v0.1.15
+        uses: softprops/action-gh-release@6da8fa9354ddfdc4aeace5fc48d7f679b5214090 # v0.1.15
         with:
           tag_name: ${{ needs.get-version-tag.outputs.tag }}
           files: |