Bump actions/github-script from 4 to 5

[dependabot]

Bumps actions/github-script from 4 to 5.

Release notes

Sourced from actions/github-script's releases.

v5.0.0

What's Changed

• Upgrade to the latest version of Octokit by @​joshmgross in actions/github-script#193

Full Changelog: actions/github-script@v4.1.1...v5.0.0

v4.1.1

What's Changed

• Update minor versions of dependencies by @​joshmgross in actions/github-script#192

Full Changelog: actions/github-script@v4.1.0...v4.1.1

v4.1.0

What's Changed

• Adding @​actions/exec to github-script by @​bhavanakonchada in actions/github-script#178
• Run npm audit and update dev dependencies by @​joshmgross in actions/github-script#181

New Contributors

• @​MichaelDeBoey made their first contribution in actions/github-script#145
• @​oscard0m made their first contribution in actions/github-script#174
• @​brcrista made their first contribution in actions/github-script#177
• @​bhavanakonchada made their first contribution in actions/github-script#178

Full Changelog: actions/github-script@v4.0.2...v4.1.0

Update @​actions/core package

This release updates the @actions/core package to 1.2.7 - actions/github-script#137

Fix "require" search path

Previously, the wrapped require searched the existing module.paths and then process.cwd(). We now only search process.cwd(). See actions/github-script#136 for details.

Commits

• 441359b Merge pull request #193 from actions/joshmgross/v5
• 4e1175c Update licenses
• 004e46f Fix breaking change in workflow test
• 5e5d515 Upgrade to the latest version of Octokit
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[silvanocerza]

This upgrade is a breaking change as per actions/github-script#193.

I'll leave this up for the time being until we make a PR upgrading the action version that also fixes the breaking changes.

[dependabot]

Superseded by #1619.

[per1234]

@dependabot reopen

[per1234]

Note: Dependabot has now changed this from the original actions/github-script@v4 to actions/github-script@v5 bump to a actions/[email protected] bump.

This changes the approach from only pinning the major version to a full pin. If we want to stick with the major version ref approach, it can still be useful as a notification of a new version available.

[dependabot]

Superseded by #1662.