build(deps): Bump hpehl/depup from 1 to 2

[dependabot]

Bumps hpehl/depup from 1 to 2.

Release notes

Sourced from hpehl/depup's releases.

1.2.1

Added

• Add short options for common CLI flags: -d (dependencies), -p (plugins), -D (dev dependencies), -t (tools), -m (maven), -n (npm), -s (stable), -M (managed), -U (unmanaged), -o (outdated), -v (vulnerable)

Changed

• Rename --dev-deps to --dev-dependencies for consistent naming with --dependencies

1.2.0

Added

• Add npm dependency and dev dependency categories to the GitHub Action — creates separate PRs for outdated npm packages, requires the package manager to be installed on the runner via actions/setup-node or similar

Changed

• Bump GitHub Action major version to v2 (hpehl/depup@v2)

1.1.6

Fixed

• Force-push depup branches in GitHub Action to prevent push failures when a previous run left a stale remote branch

1.1.5

Changed

• Include source file path in GitHub Action PR body table

1.1.4

Fixed

• Check npm packageManager tool versions even when the package manager binary is not installed (e.g. in CI)
• Include Maven property name in tool version results so the updater can rewrite <properties> entries for tools like Node.js and package managers

1.1.3

Fixed

• Configure git identity in the GitHub Action before commit/push to prevent authentication failures

1.1.2

Fixed

• Set GH_TOKEN in the install step of the GitHub Action so gh release view can resolve the latest version
• Fix Maven updater writing to the wrong POM when a version property is defined in the root POM but referenced in a child POM

1.1.1

No release notes provided.

1.1.0

Added

... (truncated)

Changelog

Sourced from hpehl/depup's changelog.

[1.2.1] - 2026-06-22

Added

• Add short options for common CLI flags: -d (dependencies), -p (plugins), -D (dev dependencies), -t (tools), -m (maven), -n (npm), -s (stable), -M (managed), -U (unmanaged), -o (outdated), -v (vulnerable)

Changed

• Rename --dev-deps to --dev-dependencies for consistent naming with --dependencies

[1.2.0] - 2026-06-22

Added

• Add npm dependency and dev dependency categories to the GitHub Action — creates separate PRs for outdated npm packages, requires the package manager to be installed on the runner via actions/setup-node or similar

Changed

• Bump GitHub Action major version to v2 (hpehl/depup@v2)

Commits

• b1e3069 fix: assert property.source instead of referenced_in in child POM test
• 0079020 feat: discover version properties defined in child POMs
• e93d1f1 Release 1.0.0
• 883639e ci: update major version tag on release for GitHub Action consumers
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)