chore(deps): bump actions/configure-pages from 5 to 6

[dependabot]

Bumps actions/configure-pages from 5 to 6.

Release notes

Sourced from actions/configure-pages's releases.

v6.0.0

Changelog

• upgrade to node 24 @​salmanmkc (#186)
• Upgrade IA Publish @​Jcambass (#165)
• Add workflow file for publishing releases to immutable action package @​Jcambass (#163)
• pin draft release version @​YiMysty (#162)
• Bump espree from 9.6.1 to 10.1.0 @​dependabot (#160)
• Bump eslint-config-prettier from 8.8.0 to 9.1.0 @​dependabot (#143)
• Be more friendly to Dependabot @​yoannchaudet (#158)
• Bump eslint-plugin-github from 4.10.2 to 5.0.1 @​dependabot (#154)
• Bump braces from 3.0.2 to 3.0.3 in the npm_and_yarn group @​dependabot (#156)
• Bump undici from 5.28.3 to 5.28.4 @​dependabot (#145)

See details of all code changes since previous release.

Commits

• 45bfe01 Merge pull request #186 from salmanmkc/node24
• d8770c2 Update Node version from 20 to 24 in action.yml
• cb8a1a3 upgrade to node 24
• d560657 Merge pull request #165 from actions/Jcambass-patch-1
• 35e0ac4 Upgrade IA Publish
• 1dfbcbf Merge pull request #163 from actions/Jcambass-patch-1
• 2f4f988 Add workflow file for publishing releases to immutable action package
• 0d7570c Merge pull request #162 from actions/pin-draft-release-verssion
• 3ea1966 pin draft release version
• aabcbc4 Merge pull request #160 from actions/dependabot/npm_and_yarn/espree-10.1.0
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Summary by CodeRabbit

• Chores
  • Updated deployment infrastructure to use the latest version of GitHub Pages configuration.

[coderabbitai]

📝 Walkthrough

Walkthrough

The deploy workflow's GitHub Pages configuration step is updated to use actions/configure-pages@v6 instead of v5. All other workflow jobs, permissions, build steps, and deployment logic remain unchanged.

Changes

Deploy Workflow

Layer / File(s)	Summary
GitHub Pages action version upgrade .github/workflows/deploy.yml	The "Setup Pages" step upgrades from actions/configure-pages@v5 to actions/configure-pages@v6.

Estimated code review effort

🎯 1 (Trivial) | ⏱️ ~2 minutes

Suggested reviewers

• iamvirul
• hiranyasemindi

Poem

🐰 A hop, a skip, a version's flight,
From v5 to v6, shining bright!
Pages configured with grace anew,
One small change, workflows stay true. ✨

🚥 Pre-merge checks | ✅ 5

✅ Passed checks (5 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately and specifically describes the main change: bumping the actions/configure-pages dependency from version 5 to version 6.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.
Linked Issues check	✅ Passed	Check skipped because no linked issues were found for this pull request.
Out of Scope Changes check	✅ Passed	Check skipped because no linked issues were found for this pull request.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Commit unit tests in branch dependabot/github_actions/actions/configure-pages-6

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[coderabbitai]

Actionable comments posted: 1

🤖 Prompt for all review comments with AI agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

Inline comments:
In @.github/workflows/deploy.yml:
- Line 45: Replace the mutable tag "actions/configure-pages@v6" with its exact
resolved commit SHA to pin the action for supply-chain integrity; locate the
step referencing uses: actions/configure-pages@v6 in the deploy workflow and
update the uses value to the specific commit SHA (e.g.,
actions/configure-pages@<commit-sha>) you obtain from the official GitHub
Actions release or by resolving the v6 tag, ensuring the workflow now references
the immutable commit ID.

🪄 Autofix (Beta)

Fix all unresolved CodeRabbit comments on this PR:

• Push a commit to this branch (recommended)
• Create a new PR with the fixes

---

ℹ️ Review info

⚙️ Run configuration

Configuration used: defaults

Review profile: CHILL

Plan: Pro Plus

Run ID: 02ffdaf4-c153-48eb-a2df-ede3ea655c4b

📥 Commits

Reviewing files that changed from the base of the PR and between 1fee58b and 895f118.

📒 Files selected for processing (1)

• .github/workflows/deploy.yml

[coderabbitai]

⚠️ Potential issue | 🟠 Major | ⚡ Quick win

🧩 Analysis chain

🏁 Script executed:

#!/bin/bash
set -euo pipefail

ref_json="$(gh api repos/actions/configure-pages/git/ref/tags/v6)"
type="$(jq -r '.object.type' <<<"$ref_json")"
sha="$(jq -r '.object.sha' <<<"$ref_json")"

if [ "$type" = "tag" ]; then
  # annotated tag -> dereference to commit
  sha="$(gh api repos/actions/configure-pages/git/tags/"$sha" --jq '.object.sha')"
fi

echo "Resolved commit SHA for actions/configure-pages@v6:"
echo "$sha"

Repository: OpenDevFlow/md-latex

Length of output: 157

---

Pin actions/configure-pages to an exact commit SHA (Line 45)

actions/configure-pages@v6 is mutable; pin the step to the resolved v6 commit SHA for supply-chain integrity and reproducible deployments.

Suggested change

-        uses: actions/configure-pages@v6
+        uses: actions/configure-pages@45bfe0192ca1faeb007ade9deae92b16b8254a0d # v6

🧰 Tools

🪛 zizmor (1.25.2)

[error] 45-45: unpinned action reference (unpinned-uses): action is not pinned to a hash (required by blanket policy)

(unpinned-uses)

🤖 Prompt for AI Agents

Verify each finding against current code. Fix only still-valid issues, skip the
rest with a brief reason, keep changes minimal, and validate.

In @.github/workflows/deploy.yml at line 45, Replace the mutable tag
"actions/configure-pages@v6" with its exact resolved commit SHA to pin the
action for supply-chain integrity; locate the step referencing uses:
actions/configure-pages@v6 in the deploy workflow and update the uses value to
the specific commit SHA (e.g., actions/configure-pages@<commit-sha>) you obtain
from the official GitHub Actions release or by resolving the v6 tag, ensuring
the workflow now references the immutable commit ID.