ci(deps): Bump actions/first-interaction from 1 to 3

[dependabot]

Bumps actions/first-interaction from 1 to 3.

Release notes

Sourced from actions/first-interaction's releases.

v3.0.0

What's Changed

• Bump @​github/local-action from 2.6.4 to 5.1.0 by @​dependabot[bot] in actions/first-interaction#324
• Bump eslint-import-resolver-typescript from 3.8.2 to 4.4.4 by @​dependabot[bot] in actions/first-interaction#325
• Bump the npm-development group with 5 updates by @​dependabot[bot] in actions/first-interaction#326
• Bump the npm-development group with 7 updates by @​dependabot[bot] in actions/first-interaction#333
• Bump super-linter/super-linter from 7 to 8 by @​dependabot[bot] in actions/first-interaction#328
• Bump eslint-plugin-jest from 28.11.0 to 29.0.1 by @​dependabot[bot] in actions/first-interaction#331
• Bump @​rollup/rollup-linux-x64-gnu from 4.45.1 to 4.46.2 by @​dependabot[bot] in actions/first-interaction#330
• Bump @​jest/globals from 29.7.0 to 30.0.5 by @​dependabot[bot] in actions/first-interaction#332
• Bump @​octokit/rest from 21.1.1 to 22.0.0 by @​dependabot[bot] in actions/first-interaction#329
• Add actionlint configuration by @​ncalteen in actions/first-interaction#334
• Node 24 support by @​salmanmkc in actions/first-interaction#327
• Prepare release v3.0.0 by @​salmanmkc in actions/first-interaction#335

New Contributors

• @​salmanmkc made their first contribution in actions/first-interaction#327

Full Changelog: actions/first-interaction@v2...v3.0.0

v2.0.0

What's Changed

• Installed @​actions/core by @​TheGuptaEmpire in actions/first-interaction#274
• Update README.md by @​Alirezaaraby in actions/first-interaction#75
• DOC: adjust the example to show a full yaml file by @​tacaswell in actions/first-interaction#36
• Demonstrate |- multiline YAML string in README by @​simonw in actions/first-interaction#16
• Update README.md by @​nebuk89 in actions/first-interaction#317
• Convert from Container to TypeScript Action by @​ncalteen in actions/first-interaction#311
• Bump @​octokit/types from 13.8.0 to 14.1.0 by @​dependabot[bot] in actions/first-interaction#323
• Bump undici from 5.28.5 to 5.29.0 by @​dependabot[bot] in actions/first-interaction#319
• Bump the npm-development group with 16 updates by @​dependabot[bot] in actions/first-interaction#320
• Bump @​actions/github from 6.0.0 to 6.0.1 in the npm-production group by @​dependabot[bot] in actions/first-interaction#321

New Contributors

• @​TheGuptaEmpire made their first contribution in actions/first-interaction#274
• @​Alirezaaraby made their first contribution in actions/first-interaction#75
• @​tacaswell made their first contribution in actions/first-interaction#36
• @​simonw made their first contribution in actions/first-interaction#16
• @​nebuk89 made their first contribution in actions/first-interaction#317
• @​ncalteen made their first contribution in actions/first-interaction#311
• @​dependabot[bot] made their first contribution in actions/first-interaction#323

Full Changelog: actions/first-interaction@v1.3.0...v2.0.0

v1.3.0

Upgrade our base image from node v14 -> v20

Add dependency on @octokit/rest and @actions/http-client.

👉 See the PR for details: actions/first-interaction#287

... (truncated)

Commits

• 1c46889 Merge pull request #363 from actions/dependabot/npm_and_yarn/npm-development-...
• 76a99dd Disable checks for dist
• 2ead13c Bump the npm-development group across 1 directory with 10 updates
• 2e8e200 Merge pull request #361 from actions/dependabot/npm_and_yarn/rollup/rollup-li...
• df55979 Merge pull request #357 from actions/dependabot/npm_and_yarn/octokit/types-15...
• c056c18 Bump @​rollup/rollup-linux-x64-gnu from 4.50.2 to 4.52.3
• dac371d Bump @​octokit/types from 14.1.0 to 15.0.0
• 33689d3 Merge pull request #354 from actions/ncalteen/event
• 8e69b57 Merge branch 'main' into ncalteen/event
• 69c5373 Merge pull request #351 from actions/dependabot/npm_and_yarn/github/local-act...
• Additional commits viewable in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

[github-actions]

Dependency Review

The following issues were found:

• ✅ 0 vulnerable package(s)
• ✅ 0 package(s) with incompatible licenses
• ✅ 0 package(s) with invalid SPDX license definitions
• ⚠️ 1 package(s) with unknown licenses.

See the Details below.

License Issues

.github/workflows/greetings.yml

Package	Version	License	Issue Type
actions/first-interaction	3.*.*	Null	Unknown License

OpenSSF Scorecard

Package	Version	Score	Details
actions/actions/first-interaction	3.*.*	🟢 4.6	Details Check Score Reason Code-Review 🟢 3 Found 1/3 approved changesets -- score normalized to 3 Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Maintained ⚠️ 0 0 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 0 Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions Binary-Artifacts 🟢 10 no binaries found in the repo CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected Pinned-Dependencies 🟢 3 dependency not pinned by hash detected -- score normalized to 3 License 🟢 10 license file detected Fuzzing ⚠️ 0 project is not fuzzed Signed-Releases ⚠️ -1 no releases found Security-Policy 🟢 9 security policy file detected Branch-Protection ⚠️ 1 branch protection is not maximal on development and all release branches SAST 🟢 9 SAST tool detected but not run on all commits

Scanned Files

• .github/workflows/greetings.yml