chore(deps): bump Coalfire-CF/Actions/.github/workflows/org-dependabot.yml from 0.4.1 to 0.5.1

[dependabot]

Bumps Coalfire-CF/Actions/.github/workflows/org-dependabot.yml from 0.4.1 to 0.5.1.

Release notes

Sourced from Coalfire-CF/Actions/.github/workflows/org-dependabot.yml's releases.

v0.5.1

0.5.1 (2026-04-01)

Bug Fixes

• add github app for release (56412b8)
• release app from token (baef6f8)

v0.5.0

0.5.0 (2026-04-01)

Features

• all dependabot refresh (5aaa40e)
• init terraform plan and apply actions (2179f01)
• init terraform plan and apply actions (d83c586)

Bug Fixes

• add claude files to be purged (a430b2c)
• add claude files to be purged (11906d5)
• create inline markdownlint config and enable pipefail (66db752)
• disable MD024 and MD060 for terraform-docs compatibility (3006491)
• fixing some markdown read errors (5097e8e)
• harden workflow security and pin third-party actions to SHAs (b9e22b8)
• keeping input but is deprecated, will be removed in future versions (0bb85cf)
• remove checkov (f4ac0b9)
• remove checkov (76fd82e)
• truncate release highlights to stay within Slack block text limit (a1f54bf)
• use fetch-depth 0 in markdown lint to enable diff against origin/main (471f332)
• use npx with pinned version for markdown lint in reusable workflow (0fccd87)

Miscellaneous

• bump terraform version to 1.14.8 (1f2431f)
• bump terraform version to 1.14.8 (8d154d4)
• deps: bump actions/create-github-app-token from 2 to 3 (c7ce8ba)
• deps: bump actions/create-github-app-token from 2 to 3 (0c8fe7b)

Documentation

• update README and docs for security hardening changes (e9f63d1)

Changelog

Sourced from Coalfire-CF/Actions/.github/workflows/org-dependabot.yml's changelog.

0.5.1 (2026-04-01)

Bug Fixes

• add github app for release (56412b8)
• release app from token (baef6f8)

0.5.0 (2026-04-01)

Features

• all dependabot refresh (5aaa40e)
• init terraform plan and apply actions (2179f01)
• init terraform plan and apply actions (d83c586)

Bug Fixes

• add claude files to be purged (a430b2c)
• add claude files to be purged (11906d5)
• create inline markdownlint config and enable pipefail (66db752)
• disable MD024 and MD060 for terraform-docs compatibility (3006491)
• fixing some markdown read errors (5097e8e)
• harden workflow security and pin third-party actions to SHAs (b9e22b8)
• keeping input but is deprecated, will be removed in future versions (0bb85cf)
• remove checkov (f4ac0b9)
• remove checkov (76fd82e)
• truncate release highlights to stay within Slack block text limit (a1f54bf)
• use fetch-depth 0 in markdown lint to enable diff against origin/main (471f332)
• use npx with pinned version for markdown lint in reusable workflow (0fccd87)

Miscellaneous

• bump terraform version to 1.14.8 (1f2431f)
• bump terraform version to 1.14.8 (8d154d4)
• deps: bump actions/create-github-app-token from 2 to 3 (c7ce8ba)
• deps: bump actions/create-github-app-token from 2 to 3 (0c8fe7b)

Documentation

• update README and docs for security hardening changes (e9f63d1)

Commits

• 62e881b Merge pull request #95 from Coalfire-CF/release-please--branches--main
• 57c1fa4 chore(main): release 0.5.1
• 8586ee4 Merge pull request #94 from Coalfire-CF/feat/release-app-auth
• baef6f8 fix: release app from token
• 56412b8 fix: add github app for release
• e3cee55 Merge pull request #86 from Coalfire-CF/release-please--branches--main
• 1aa4926 chore(main): release 0.5.0
• f4ac0b9 Merge pull request #93 from Coalfire-CF/fix/remove-checkov
• 5097e8e fix: fixing some markdown read errors
• 76fd82e fix: remove checkov
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)