build(deps): bump the actions group across 1 directory with 2 updates

[dependabot]

Bumps the actions group with 2 updates in the / directory: openai/codex-action and actions/labeler.

Updates openai/codex-action from 1.7 to 1.8

Changelog

Sourced from openai/codex-action's changelog.

codex-action Changelog

v1.8 (2026-04-29)

• #91 tighten what bots are allowed

v1.7 (2026-04-24)

• #89 restrict bot permission bypass

v1.6 (2026-03-16)

• #77 enable GitHub-hosted Linux bubblewrap support

v1.5 (2026-03-16)

• #74 harden shell interpolation in action workflows

v1.4 (2025-11-19)

• #58 revert #56 and use the latest stable version of Codex CLI again

v1.3 (2025-11-19)

• #56 temporarily set the default version of Codex CLI to 0.58.0

v1.2 (2025-11-07)

• #52 add baseUrl to Octokit constructor, if appropriate, for GHE

v1.1 (2025-11-05)

• #47 added support for Azure via the new responses-api-endpoint parameter
• #36 added effort parameter
• #45 pin the commit hash of the actions/setup-node action used by openai/codex-action

v1.0 (2025-10-06)

• Initial release (OpenAI DevDay 2025!)

Commits

• e0fdf01 docs: update CHANGELOG for v1.8 (#93)
• 0aa6d4a fix: tighten what bots are allowed (#91)
• See full diff in compare view

Updates actions/labeler from 6 to 6.0.1

Release notes

Sourced from actions/labeler's releases.

v6.0.1

What's Changed

• Upgrade publish-action from 0.2.2 to 0.4.0 by @​aparnajyothi-y in actions/labeler#901

New Contributors

• @​aparnajyothi-y made their first contribution in actions/labeler#901

Full Changelog: actions/labeler@v6.0.0...v6.0.1

Commits

• b2b2c20 Bump eslint-plugin-jest from 27.4.3 to 27.6.3 (#744)
• 02180c4 Bump @​typescript-eslint/parser from 6.14.0 to 6.19.0 (#745)
• 17086b7 Merge pull request #725 from actions/dependabot/npm_and_yarn/eslint-8.56.0
• 5e969e0 Bump eslint from 8.55.0 to 8.56.0
• 035de5e Merge pull request #726 from actions/dependabot/npm_and_yarn/prettier-3.1.1
• 73e8e27 Bump prettier from 3.0.3 to 3.1.1
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions