chore(deps): update amannn/action-semantic-pull-request action to v6

[renovate]

This PR contains the following updates:

Package	Type	Update	Change
amannn/action-semantic-pull-request	action	major	v5 → v6

---

Release Notes

amannn/action-semantic-pull-request (amannn/action-semantic-pull-request)

v6

Compare Source

---

Configuration

📅 Schedule: Branch creation - Between 12:00 AM and 03:59 AM, on day 1 of the month ( * 0-3 1 * * ) (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[changeset-bot]

⚠️ No Changeset found

Latest commit: 2984724

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

[github-actions]

Size Change: 0 B

Total Size: 533 kB

ℹ️ View Unchanged

Filename	Size
apps/vscode/dist/client.js	111 kB
apps/vscode/dist/server.js	261 kB
packages/box/dist/index.es.js	7.26 kB
packages/box/dist/index.js	7.82 kB
packages/box/dist/style.css	2.67 kB
packages/button/dist/index.es.js	1.89 kB
packages/button/dist/index.js	2.32 kB
packages/button/dist/style.css	3 kB
packages/components/dist/index.es.js	19.1 kB
packages/components/dist/index.js	20 kB
packages/components/dist/style.css	8.45 kB
packages/core/dist/index.es.js	512 B
packages/core/dist/index.js	1.27 kB
packages/drawer/dist/index.es.js	1.76 kB
packages/drawer/dist/index.js	2.22 kB
packages/drawer/dist/style.css	497 B
packages/dropdown/dist/index.es.js	1.15 kB
packages/dropdown/dist/index.js	1.59 kB
packages/filter/dist/index.es.js	2.23 kB
packages/filter/dist/index.js	2.68 kB
packages/filter/dist/style.css	881 B
packages/focus-trap/dist/index.es.js	418 B
packages/focus-trap/dist/index.js	852 B
packages/form/dist/index.es.js	4.25 kB
packages/form/dist/index.js	4.73 kB
packages/form/dist/style.css	2.21 kB
packages/icons/dist/index.es.js	2.81 kB
packages/icons/dist/index.js	3.24 kB
packages/icons/dist/style.css	532 B
packages/menu/dist/index.es.js	3.69 kB
packages/menu/dist/index.js	4.16 kB
packages/menu/dist/style.css	872 B
packages/modal/dist/index.es.js	3.08 kB
packages/modal/dist/index.js	3.55 kB
packages/modal/dist/style.css	903 B
packages/navigation/dist/index.es.js	2.75 kB
packages/navigation/dist/index.js	3.21 kB
packages/navigation/dist/style.css	874 B
packages/overlay/dist/index.es.js	1.02 kB
packages/overlay/dist/index.js	1.42 kB
packages/popover/dist/index.es.js	3.01 kB
packages/popover/dist/index.js	3.43 kB
packages/popover/dist/style.css	529 B
packages/portal/dist/index.es.js	420 B
packages/portal/dist/index.js	835 B
packages/table/dist/index.es.js	1.01 kB
packages/table/dist/index.js	1.44 kB
packages/table/dist/style.css	700 B
packages/tokens/dist/fonts.css	183 B
packages/tokens/dist/index.css	1.47 kB
packages/tokens/dist/index.es.js	3.07 kB
packages/tokens/dist/index.js	3.11 kB
packages/tokens/dist/media-queries.css	113 B
packages/tokens/dist/themes.css	2.27 kB
packages/tooltip/dist/index.es.js	598 B
packages/tooltip/dist/index.js	1.02 kB
packages/tooltip/dist/style.css	337 B
packages/vars/dist/index.es.js	2.66 kB
packages/vars/dist/index.js	2.66 kB

_{compressed-size-action}

[semgrep-code-launchdarkly]

Semgrep identified an issue in your code:
An action sourced from a third-party repository on GitHub is not pinned to a full length commit SHA. Pinning an action to a full length commit SHA is currently the only way to use an action as an immutable release. Pinning to a particular SHA helps mitigate the risk of a bad actor adding a backdoor to the action's repository, as they would need to generate a SHA-1 collision for a valid Git object payload.

To resolve this comment:

✨ Commit Assistant fix suggestion

Suggested change

	- uses: amannn/action-semantic-pull-request@v6
	- uses: amannn/action-semantic-pull-request@7e7756342d687a84eff23acb7b5bd1c0e7b17750
	# Pinned to commit SHA for security: https://github.com/amannn/action-semantic-pull-request/commit/7e7756342d687a84eff23acb7b5bd1c0e7b17750

View step-by-step instructions

1. Replace the version tag @v6 in uses: amannn/action-semantic-pull-request@v6 with the specific full commit SHA for the version you want to use, such as @7e7756342d687a84eff23acb7b5bd1c0e7b17750.
2. Find the correct commit SHA by visiting the action's GitHub repository (for example, https://github.com/amannn/action-semantic-pull-request/tags), selecting your desired release or tag, and copying the full 40-character commit hash.
3. Update the uses line to: uses: amannn/action-semantic-pull-request@<commit-sha> (replace <commit-sha> with the actual SHA you copied).
4. Save the changes.

Pinning GitHub Actions to a specific commit SHA ensures the action code cannot change unexpectedly in the future, which reduces the risk of using compromised third-party code.

💬 Ignore this finding

Reply with Semgrep commands to ignore this finding.

• /fp <comment> for false positive
• /ar <comment> for acceptable risk
• /other <comment> for all other reasons

Alternatively, triage in Semgrep AppSec Platform to ignore the finding created by third-party-action-not-pinned-to-commit-sha.

_{You can view more details about this finding in the Semgrep AppSec Platform.}