build(deps): bump actions/github-script from 8 to 9

[dependabot]

Bumps actions/github-script from 8 to 9.

Release notes

Sourced from actions/github-script's releases.

v9.0.0

New features:

• getOctokit factory function — Available directly in the script context. Create additional authenticated Octokit clients with different tokens for multi-token workflows, GitHub App tokens, and cross-org access. See Creating additional clients with getOctokit for details and examples.
• Orchestration ID in user-agent — The ACTIONS_ORCHESTRATION_ID environment variable is automatically appended to the user-agent string for request tracing.

Breaking changes:

• require('@actions/github') no longer works in scripts. The upgrade to @actions/github v9 (ESM-only) means require('@actions/github') will fail at runtime. If you previously used patterns like const { getOctokit } = require('@actions/github') to create secondary clients, use the new injected getOctokit function instead — it's available directly in the script context with no imports needed.
• getOctokit is now an injected function parameter. Scripts that declare const getOctokit = ... or let getOctokit = ... will get a SyntaxError because JavaScript does not allow const/let redeclaration of function parameters. Use the injected getOctokit directly, or use var getOctokit = ... if you need to redeclare it.
• If your script accesses other @actions/github internals beyond the standard github/octokit client, you may need to update those references for v9 compatibility.

What's Changed

• Add ACTIONS_ORCHESTRATION_ID to user-agent string by @​Copilot in actions/github-script#695
• ci: use deployment: false for integration test environments by @​salmanmkc in actions/github-script#712
• feat!: add getOctokit to script context, upgrade @​actions/github v9, @​octokit/core v7, and related packages by @​salmanmkc in actions/github-script#700

New Contributors

• @​Copilot made their first contribution in actions/github-script#695

Full Changelog: actions/github-script@v8.0.0...v9.0.0

Commits

• 3a2844b Merge pull request #700 from actions/salmanmkc/expose-getoctokit + prepare re...
• ca10bbd fix: use @​octokit/core/types import for v7 compatibility
• 86e48e2 merge: incorporate main branch changes
• c108472 chore: rebuild dist for v9 upgrade and getOctokit factory
• afff112 Merge pull request #712 from actions/salmanmkc/deployment-false + fix user-ag...
• ff8117e ci: fix user-agent test to handle orchestration ID
• 81c6b78 ci: use deployment: false to suppress deployment noise from integration tests
• 3953caf docs: update README examples from @​v8 to @​v9, add getOctokit docs and v9 brea...
• c17d55b ci: add getOctokit integration test job
• a047196 test: add getOctokit integration tests via callAsyncFunction
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[github-actions]

📋 API Contract Changes Summary

✅ No breaking changes detected - only additions and non-breaking modifications

Changed Components:

Core Framework

Contract diff saved to artifacts/diffs/core.json

Module: auth

Contract diff saved to artifacts/diffs/auth.json

Module: cache

Contract diff saved to artifacts/diffs/cache.json

Module: database

Contract diff saved to artifacts/diffs/database.json

Module: eventbus

Contract diff saved to artifacts/diffs/eventbus.json

Module: jsonschema

Contract diff saved to artifacts/diffs/jsonschema.json

Module: letsencrypt

Contract diff saved to artifacts/diffs/letsencrypt.json

Module: reverseproxy

Contract diff saved to artifacts/diffs/reverseproxy.json

Artifacts

📁 Full contract diffs and JSON artifacts are available in the workflow artifacts.

[codecov]

Codecov Report

❌ Patch coverage is 88.88889% with 2 lines in your changes missing coverage. Please review.

Files with missing lines	Patch %	Lines
contract_verifier.go	88.88%	1 Missing and 1 partial ⚠️

📢 Thoughts on this report? Let us know!

[intel352]

@copilot resolve the merge conflicts in this pull request, also fix the linter errors https://github.com/GoCodeAlone/modular/actions/runs/25458086857/job/74692809449?pr=102

And code coverage is missing for this PR, add tests for the lines of Go that were touched: https://github.com/GoCodeAlone/modular/pull/102/checks?check_run_id=74693006572

[Copilot]

@copilot resolve the merge conflicts in this pull request, also fix the linter errors https://github.com/GoCodeAlone/modular/actions/runs/25458086857/job/74692809449?pr=102

And code coverage is mis...

Resolved in commit 2f964b8. Here's what was done:

Linter errors (0 issues now):

• contract_verifier.go: Replaced dynamic fmt.Errorf(...) with static ErrReloadPanic and ErrHealthCheckPanic wrapped via %w (fixes err113). Added Err error field to ContractViolation and dedicated panic violation rules ("reload-must-not-panic", "health-check-must-not-panic")
• feeders/: Fixed gofmt struct field alignment in affixed_env.go, base_config.go, dot_env.go, env.go, and others
• All feeder files + chimux/module.go + service.go: Replaced deprecated reflect.Ptr with reflect.Pointer (fixes govet inline warnings)

Test coverage for touched lines:

• TestWithParallelInit_PanicWrapsErrModuleInitializationPanic — verifies parallel init panic recovery wraps ErrModuleInitializationPanic
• TestContractVerifier_ReloadPanicWrapsErrReloadPanic — verifies Reload panics wrap ErrReloadPanic
• TestContractVerifier_HealthPanicWrapsErrHealthCheckPanic — verifies HealthCheck panics wrap ErrHealthCheckPanic

Merge conflicts: the branch was already up-to-date with no conflicts.