Bump the github-actions-updates group with 2 updates

[dependabot]

Bumps the github-actions-updates group with 2 updates: anthropics/claude-code-action and mattermost/action-mattermost-notify.

Updates anthropics/claude-code-action from 1.0.107 to 1.0.111

Release notes

Sourced from anthropics/claude-code-action's releases.

v1.0.111

Full Changelog: anthropics/claude-code-action@v1...v1.0.111

v1.0.110

Full Changelog: anthropics/claude-code-action@v1...v1.0.110

v1.0.109

What's Changed

• docs: pull_request_target guidance and base-action trust model by @​OctavianGuzu in anthropics/claude-code-action#1250

Full Changelog: anthropics/claude-code-action@v1...v1.0.109

v1.0.108

Full Changelog: anthropics/claude-code-action@v1...v1.0.108

Commits

• fefa07e chore: bump Claude Code to 2.1.126 and Agent SDK to 0.2.126
• ef50f12 chore: bump Claude Code to 2.1.123 and Agent SDK to 0.2.123
• b3c0320 chore: bump Claude Code to 2.1.122 and Agent SDK to 0.2.122
• c93e8fe docs: pull_request_target guidance and base-action trust model (#1250)
• 11a9dad chore: bump Claude Code to 2.1.121 and Agent SDK to 0.2.121
• See full diff in compare view

Updates mattermost/action-mattermost-notify from d317daebed2a792679f68fd0248557a8d21d82b6 to ae31bb6f9e26a54336e79696f108a2c91cf55b4e

Commits

• ae31bb6 chore(deps): Upgrade to Node 24 (#22)
• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Change Impact: 🟢 Low

Regression Risk: The changes are limited to GitHub Actions workflow dependencies only. Updating external actions (anthropics/claude-code-action and mattermost/action-mattermost-notify) poses minimal regression risk as these are point releases and dependency updates that don't affect production code, core business logic, or application behavior. There are no untested code paths in the main application that could be impacted.

QA Recommendation: Manual QA can be safely skipped for this dependency update. The changes are isolated to CI/CD workflows and do not affect application functionality. Automated testing of the workflows themselves (if any exists) is sufficient validation.

Generated by CodeRabbitAI

[mm-cloud-bot]

@dependabot[bot]: Adding the "do-not-merge/release-note-label-needed" label because no release-note block was detected, please follow our release note process to remove it.

Details

I understand the commands that are listed here

[mattermost-build]

Hello @dependabot[bot],

Thanks for your pull request! A Core Committer will review your pull request soon. For code contributions, you can learn more about the review process here.

[mm-cloud-bot]

@dependabot[bot]: Adding the "do-not-merge/release-note-label-needed" label because no release-note block was detected, please follow our release note process to remove it.

Details

I understand the commands that are listed here

[mm-cloud-bot]

@dependabot[bot]: Adding the "do-not-merge/release-note-label-needed" label because no release-note block was detected, please follow our release note process to remove it.

Details

I understand the commands that are listed here

[devinbinnie]

@coderabbitai review

[coderabbitai]

✅ Actions performed

Review triggered.

Note: CodeRabbit is an incremental review system and does not re-review already reviewed commits. This command is applicable only when automatic reviews are paused.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Repository UI

Review profile: CHILL

Plan: Pro

Run ID: fcac75db-b23b-41c1-bad5-2a74863decaf

📥 Commits

Reviewing files that changed from the base of the PR and between 06488e1 and 3710231.

📒 Files selected for processing (2)

• .github/workflows/docs-impact-review.yml
• .github/workflows/release.yaml

---

📝 Walkthrough

Walkthrough

This PR updates GitHub Actions dependencies: bumping the Claude code analysis action from v1.0.107 to v1.0.111 in the docs-impact-review workflow, and updating the Mattermost notification action in the release workflow's notification jobs.

Changes

GitHub Actions Workflow Dependencies

Layer / File(s)	Summary
Documentation Impact Workflow .github/workflows/docs-impact-review.yml	anthropics/claude-code-action pinned commit is updated to v1.0.111 while preserving all existing inputs and configuration.
Release Notification Workflow .github/workflows/release.yaml	mattermost/action-mattermost-notify pinned commit is updated in both begin-notification (line 30) and end-notification (line 250) job steps.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~3 minutes

Possibly related PRs

• Bump anthropics/claude-code-action from 1.0.101 to 1.0.107 in the github-actions-updates group #3793: Updates the same anthropics/claude-code-action reference in docs-impact-review.yml to v1.0.111.
• Bump the github-actions-updates group with 3 updates #3790: Bumps anthropics/claude-code-action in the same workflow to a newer commit SHA.
• Bump anthropics/claude-code-action from 1.0.82 to 1.0.89 in the github-actions-updates group #3762: Updates the anthropics/claude-code-action reference in docs-impact-review.yml with a different version bump.

Suggested reviewers

• devinbinnie

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately describes the main change: bumping GitHub Action dependencies in the github-actions-updates group with 2 updates, which directly matches the changeset content.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch dependabot/github_actions/github-actions-updates-1f0f9bba83

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Review rate limit: 7/8 reviews remaining, refill in 7 minutes and 30 seconds.}

_{Comment @coderabbitai help to get the list of available commands and usage tips.}