chore(deps): bump the github-actions group with 3 updates

[dependabot]

Bumps the github-actions group with 3 updates: astro, @actions/core and vercel.

Updates astro from 5.16.15 to 5.16.16

Release notes

Sourced from astro's releases.

[email protected]

Patch Changes

• #15281 a1b80c6 Thanks @​matthewp! - Ensures server island requests carry an encrypted component export identifier so they do not accidentally resolve to the wrong component.

• #15304 02ee3c7 Thanks @​cameronapak! - Fix: Remove await from getActionResult example

• #15324 ab41c3e Thanks @​Princesseuh! - Fixes an issue where certain unauthorized links could be rendered as clickable in the error overlay

Changelog

Sourced from astro's changelog.

5.16.16

Patch Changes

• #15281 a1b80c6 Thanks @​matthewp! - Ensures server island requests carry an encrypted component export identifier so they do not accidentally resolve to the wrong component.

• #15304 02ee3c7 Thanks @​cameronapak! - Fix: Remove await from getActionResult example

• #15324 ab41c3e Thanks @​Princesseuh! - Fixes an issue where certain unauthorized links could be rendered as clickable in the error overlay

Commits

• 54034d8 [ci] release (#15306)
• d1f819c [ci] format
• ab41c3e fix(errors): Only style valid URLs in the error overlay (#15324)
• 02ee3c7 Fix: Remove await from getActionResult JSDoc example (#15304)
• a1b80c6 Prevent accidentally calling the wrong server island component (#15281)
• See full diff in compare view

Updates @actions/core from 2.0.3 to 3.0.0

Changelog

Sourced from @​actions/core's changelog.

3.0.0

• Breaking change: Package is now ESM-only
  • CommonJS consumers must use dynamic import() instead of require()

Commits

• See full diff in compare view

Updates vercel from 50.8.1 to 50.9.1

Release notes

Sourced from vercel's releases.

[email protected]

Patch Changes

• Updated dependencies [cce5b52a24a5ca0471334d13482d2a6b3bfc7910]:
  • @​vercel/next@​4.15.18

[email protected]

Minor Changes

• Add confirmation prompt for DELETE API operations and agent mode warning (#14769)

  • DELETE operations now require user confirmation before proceeding
  • When running under an AI agent with --dangerously-skip-permissions, a warning is displayed to stderr
  • In non-TTY mode, DELETE operations fail unless --dangerously-skip-permissions is used

Patch Changes

• Add auto-provision flow for integration resources (behind feature flag) (#14734)

• Revert "[cli] Use promote flow when targeting production alias" (#14771)

• Improved curl generation with auth header placeholder (#14752)

Changelog

Sourced from vercel's changelog.

50.9.1

Patch Changes

• Updated dependencies [cce5b52a24a5ca0471334d13482d2a6b3bfc7910]:
  • @​vercel/next@​4.15.18

50.9.0

Minor Changes

• Add confirmation prompt for DELETE API operations and agent mode warning (#14769)

  • DELETE operations now require user confirmation before proceeding
  • When running under an AI agent with --dangerously-skip-permissions, a warning is displayed to stderr
  • In non-TTY mode, DELETE operations fail unless --dangerously-skip-permissions is used

Patch Changes

• Add auto-provision flow for integration resources (behind feature flag) (#14734)

• Revert "[cli] Use promote flow when targeting production alias" (#14771)

• Improved curl generation with auth header placeholder (#14752)

Commits

• 0c235f5 Version Packages (#14774)
• 19ce1f4 Version Packages (#14768)
• 7f33d30 Revert "[cli] Use promote flow when targeting production alias" (#14771)
• 615a57c feat(cli): Add confirmation prompt for DELETE API operations (#14769)
• 4387e4d feat(cli): Initial auto-provision support for integration install (#14734)
• 9e388af [cli] Add Authorization header placeholder to vercel api --generate=curl (#...
• 7c9b924 [docs] add notes on how to test locally (#14761)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Actions	Updated (UTC)
openresource-dev	Ready	Preview, Comment	Jan 29, 2026 9:29pm