build(deps): bump actions/create-github-app-token from 2.2.1 to 3.0.0

[dependabot]

Bumps actions/create-github-app-token from 2.2.1 to 3.0.0.

Release notes

Sourced from actions/create-github-app-token's releases.

v3.0.0

3.0.0 (2026-03-14)

• feat!: node 24 support (#275) (2e564a0)
• fix!: require NODE_USE_ENV_PROXY for proxy support (#342) (4451bcb)

Bug Fixes

• remove custom proxy handling (#143) (dce0ab0)

BREAKING CHANGES

• Custom proxy handling has been removed. If you use HTTP_PROXY or HTTPS_PROXY, you must now also set NODE_USE_ENV_PROXY=1 on the action step.
• Requires Actions Runner v2.327.1 or later if you are using a self-hosted runner.

v3.0.0-beta.6

3.0.0-beta.6 (2026-03-13)

Bug Fixes

• deps: bump @​actions/core from 1.11.1 to 3.0.0 (#337) (b044133)
• deps: bump minimatch from 9.0.5 to 9.0.9 (#335) (5cbc656)
• deps: bump the production-dependencies group with 4 updates (#336) (6bda5bc)
• deps: bump undici from 7.16.0 to 7.18.2 (#323) (b4f638f)

v3.0.0-beta.5

3.0.0-beta.5 (2026-03-13)

• fix!: require NODE_USE_ENV_PROXY for proxy support (#342) (d53a1cd)

BREAKING CHANGES

• Custom proxy handling has been removed. If you use HTTP_PROXY or HTTPS_PROXY, you must now also set NODE_USE_ENV_PROXY=1 on the action step.

v3.0.0-beta.4

3.0.0-beta.4 (2026-03-13)

Bug Fixes

• deps: bump @​octokit/auth-app from 7.2.1 to 8.0.1 (#257) (bef1eaf)
• deps: bump @​octokit/request from 9.2.3 to 10.0.2 (#256) (5d7307b)
• deps: bump glob from 10.4.5 to 10.5.0 (#305) (5480f43)
• deps: bump p-retry from 6.2.1 to 7.1.0 (#294) (dce3be8)

... (truncated)

Commits

• f8d387b build(release): 3.0.0 [skip ci]
• d2129bd style: remove extra blank line in release workflow
• 77b94ef build: refresh generated artifacts
• 3ab4c66 chore: move undici to devDependencies
• 739cf66 docs: update README action versions
• db40289 build(deps): bump actions versions in test.yml
• 496a7ac test: migrate from AVA to Node.js native test runner (#346)
• 3870dc3 Rename end-to-end proxy job in test workflow
• 4451bcb fix!: require NODE_USE_ENV_PROXY for proxy support (#342)
• dce0ab0 fix: remove custom proxy handling (#143)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[github-actions]

Semver Impact of This PR

🟢 Patch (bug fixes)

📋 Changelog Preview

This is how your changes will appear in the changelog.
Entries from this PR are highlighted with a left border (blockquote style).

---

New Features ✨

Anthropic

• Emit gen_ai.chat spans for asynchronous messages.stream() by alexander-alderman-webb in #5572
• Emit AI Client Spans for synchronous messages.stream() by alexander-alderman-webb in #5565
• Set gen_ai.response.id span attribute by ericapisani in #5662
• Add gen_ai.system attribute to spans by ericapisani in #5661

Pydantic Ai

• Support ImageUrl content type in span instrumentation by ericapisani in #5629
• Add tool description to execute_tool spans by ericapisani in #5596

Other

• (crons) Add owner field to MonitorConfig by julwhitney13 in #5610
• (otlp) Add collector_url option to OTLPIntegration by sl0thentr0py in #5603

Bug Fixes 🐛

• (anthropic) Close span on GeneratorExit by alexander-alderman-webb in #5643
• (celery) Propagate user-set headers by sentrivana in #5581
• (utils) Avoid double serialization of strings in safe_serialize by ericapisani in #5587
• Enable unused import ruff check and fix unused imports by sentrivana in #5652

Documentation 📚

• (openai-agents) Remove inapplicable comment by alexander-alderman-webb in #5495
• Add AGENTS.md by sentrivana in #5579
• Add set_attribute example to changelog by sentrivana in #5578

Internal Changes 🔧

Anthropic

• Check system and response ID attributes on spans created by stream() by alexander-alderman-webb in #5665
• Skip accumulation logic for unexpected types in streamed response by alexander-alderman-webb in #5564
• Factor out streamed result handling by alexander-alderman-webb in #5563
• Stream valid JSON by alexander-alderman-webb in #5641
• Stop mocking response iterator by alexander-alderman-webb in #5573

Docs

• Remove agentic codebase documentation workflows by dingsdax in #5655
• Switch agentic workflows from Copilot to Claude engine by dingsdax in #5654
• Add agentic workflows for codebase documentation by dingsdax in #5649

Openai Agents

• Do not fail on new tool fields by alexander-alderman-webb in #5625
• Stop expecting a specific function name by alexander-alderman-webb in #5623
• Set streaming header when library uses with_streaming_response() by alexander-alderman-webb in #5583
• Replace mocks with httpx for streamed responses by alexander-alderman-webb in #5580
• Replace mocks with httpx in non-MCP tool tests by alexander-alderman-webb in #5602
• Replace mocks with httpx in MCP tool tests by alexander-alderman-webb in #5605
• Replace mocks with httpx in handoff tests by alexander-alderman-webb in #5604
• Replace mocks with httpx in API error test by alexander-alderman-webb in #5601
• Replace mocks with httpx in non-error single-response tests by alexander-alderman-webb in #5600
• Remove test for unreachable state by alexander-alderman-webb in #5584
• Expect namespace tool field for new openai versions by alexander-alderman-webb in #5599

Other

• (deps) Bump actions/create-github-app-token from 2.2.1 to 3.0.0 by dependabot[bot] in #5667

• (graphene) Simplify span creation by sentrivana in #5648
• (httpx) Resolve type checking failures by alexander-alderman-webb in #5626
• (pyramid) Support alpha suffixes in version parsing by alexander-alderman-webb in #5618
• (rust) Don't implement separate scope management by sentrivana in #5639
• (strawberry) Simplify span creation by sentrivana in #5647
• Remove custom warden action by sentrivana in #5653
• Add httpx to linting requirements by alexander-alderman-webb in #5644
• Remove CodeQL action by sentrivana in #5616
• Normalize dots in package names in populate_tox.py by alexander-alderman-webb in #5574
• Do not run actions on potel-base by sentrivana in #5614

---

_{🤖 This preview updates automatically when you update the PR.}

[github-actions]

Codecov Results 📊

✅ 13 passed | Total: 13 | Pass Rate: 100% | Execution Time: 7.72s

All tests are passing successfully.

✅ Patch coverage is 100.00%. Project has 14158 uncovered lines.

---

Generated by Codecov Action