build(deps): bump actions/create-github-app-token from 2.1.4 to 2.2.0 (#5137)

Bumps
[actions/create-github-app-token](https://github.com/actions/create-github-app-token)
from 2.1.4 to 2.2.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/actions/create-github-app-token/releases">actions/create-github-app-token's
releases</a>.</em></p>
<blockquote>
<h2>v2.2.0</h2>
<h1><a
href="https://github.com/actions/create-github-app-token/compare/v2.1.4...v2.2.0">2.2.0</a>
(2025-11-21)</h1>
<h3>Bug Fixes</h3>
<ul>
<li><strong>deps:</strong> bump glob from 10.4.5 to 10.5.0 (<a
href="https://redirect.github.com/actions/create-github-app-token/issues/305">#305</a>)
(<a
href="https://github.com/actions/create-github-app-token/commit/5480f4325a18c025ee16d7e081413854624e9edc">5480f43</a>)</li>
<li><strong>deps:</strong> bump p-retry from 6.2.1 to 7.1.0 (<a
href="https://redirect.github.com/actions/create-github-app-token/issues/294">#294</a>)
(<a
href="https://github.com/actions/create-github-app-token/commit/dce3be8b284f45e65caed11a610e2bef738d15b4">dce3be8</a>)</li>
<li><strong>deps:</strong> bump the production-dependencies group with 2
updates (<a
href="https://redirect.github.com/actions/create-github-app-token/issues/292">#292</a>)
(<a
href="https://github.com/actions/create-github-app-token/commit/55e2a4b2ccaaa8364303e6ab9f77e31ad02298e5">55e2a4b</a>)</li>
</ul>
<h3>Features</h3>
<ul>
<li>update permission inputs (<a
href="https://redirect.github.com/actions/create-github-app-token/issues/296">#296</a>)
(<a
href="https://github.com/actions/create-github-app-token/commit/d90aa532332d33f6dc9656fd4491a98441595a37">d90aa53</a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/actions/create-github-app-token/commit/7e473efe3cb98aa54f8d4bac15400b15fad77d94"><code>7e473ef</code></a>
build(release): 2.2.0 [skip ci]</li>
<li><a
href="https://github.com/actions/create-github-app-token/commit/dce3be8b284f45e65caed11a610e2bef738d15b4"><code>dce3be8</code></a>
fix(deps): bump p-retry from 6.2.1 to 7.1.0 (<a
href="https://redirect.github.com/actions/create-github-app-token/issues/294">#294</a>)</li>
<li><a
href="https://github.com/actions/create-github-app-token/commit/5480f4325a18c025ee16d7e081413854624e9edc"><code>5480f43</code></a>
fix(deps): bump glob from 10.4.5 to 10.5.0 (<a
href="https://redirect.github.com/actions/create-github-app-token/issues/305">#305</a>)</li>
<li><a
href="https://github.com/actions/create-github-app-token/commit/d90aa532332d33f6dc9656fd4491a98441595a37"><code>d90aa53</code></a>
feat: update permission inputs (<a
href="https://redirect.github.com/actions/create-github-app-token/issues/296">#296</a>)</li>
<li><a
href="https://github.com/actions/create-github-app-token/commit/55e2a4b2ccaaa8364303e6ab9f77e31ad02298e5"><code>55e2a4b</code></a>
fix(deps): bump the production-dependencies group with 2 updates (<a
href="https://redirect.github.com/actions/create-github-app-token/issues/292">#292</a>)</li>
<li><a
href="https://github.com/actions/create-github-app-token/commit/cc6f999683e9e6150699fa443589ab389e4d3334"><code>cc6f999</code></a>
ci(test): trigger on merge_group (<a
href="https://redirect.github.com/actions/create-github-app-token/issues/308">#308</a>)</li>
<li><a
href="https://github.com/actions/create-github-app-token/commit/40fa6b52b33cc945b40f86ff422cb3991908649f"><code>40fa6b5</code></a>
build(deps-dev): bump <code>@​sinonjs/fake-timers</code> from 14.0.0 to
15.0.0 (<a
href="https://redirect.github.com/actions/create-github-app-token/issues/295">#295</a>)</li>
<li><a
href="https://github.com/actions/create-github-app-token/commit/396e5022f0b3904220aca120478484fe822c5aac"><code>396e502</code></a>
build(deps): bump actions/checkout from 5 to 6 (<a
href="https://redirect.github.com/actions/create-github-app-token/issues/306">#306</a>)</li>
<li><a
href="https://github.com/actions/create-github-app-token/commit/f48f2eb9326f99a06d3f3e8461c45793d5a24ffa"><code>f48f2eb</code></a>
build(deps): bump stefanzweifel/git-auto-commit-action from 6.0.1 to
7.0.0 (#...</li>
<li><a
href="https://github.com/actions/create-github-app-token/commit/b7f83f6278be73b624257deedba056416f53fed2"><code>b7f83f6</code></a>
build(deps): bump actions/setup-node from 4 to 6 (<a
href="https://redirect.github.com/actions/create-github-app-token/issues/299">#299</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/actions/create-github-app-token/compare/67018539274d69449ef7c02e8e71183d1719ab42...7e473efe3cb98aa54f8d4bac15400b15fad77d94">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/create-github-app-token&package-manager=github_actions&previous-version=2.1.4&new-version=2.2.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

Author: dependabot[bot]

.github/workflows/release.yml

@@ -20,7 +20,7 @@ jobs:
     steps:
       - name: Get auth token
         id: token
-        uses: actions/create-github-app-token@67018539274d69449ef7c02e8e71183d1719ab42 # v2.1.4
+        uses: actions/create-github-app-token@7e473efe3cb98aa54f8d4bac15400b15fad77d94 # v2.2.0
         with:
           app-id: ${{ vars.SENTRY_RELEASE_BOT_CLIENT_ID }}
           private-key: ${{ secrets.SENTRY_RELEASE_BOT_PRIVATE_KEY }}