chore(deps): update actions/github-script action to v9

[renovate]

This PR contains the following updates:

Package	Type	Update	Change
actions/github-script	action	major	v8 → v9

---

Release Notes

actions/github-script (actions/github-script)

v9

Compare Source

v9.0.0

Compare Source

New features:

• getOctokit factory function — Available directly in the script context. Create additional authenticated Octokit clients with different tokens for multi-token workflows, GitHub App tokens, and cross-org access. See Creating additional clients with getOctokit for details and examples.
• Orchestration ID in user-agent — The ACTIONS_ORCHESTRATION_ID environment variable is automatically appended to the user-agent string for request tracing.

Breaking changes:

• require('@​actions/github') no longer works in scripts. The upgrade to @actions/github v9 (ESM-only) means require('@​actions/github') will fail at runtime. If you previously used patterns like const { getOctokit } = require('@​actions/github') to create secondary clients, use the new injected getOctokit function instead — it's available directly in the script context with no imports needed.
• getOctokit is now an injected function parameter. Scripts that declare const getOctokit = ... or let getOctokit = ... will get a SyntaxError because JavaScript does not allow const/let redeclaration of function parameters. Use the injected getOctokit directly, or use var getOctokit = ... if you need to redeclare it.
• If your script accesses other @actions/github internals beyond the standard github/octokit client, you may need to update those references for v9 compatibility.

What's Changed

• Add ACTIONS_ORCHESTRATION_ID to user-agent string by @​Copilot in #​695
• ci: use deployment: false for integration test environments by @​salmanmkc in #​712
• feat!: add getOctokit to script context, upgrade @​actions/github v9, @​octokit/core v7, and related packages by @​salmanmkc in #​700

New Contributors

• @​Copilot made their first contribution in #​695

Full Changelog: actions/github-script@v8.0.0...v9.0.0

---

Configuration

📅 Schedule: (UTC)

• Branch creation
  • At any time (no schedule defined)
• Automerge
  • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[kilo-code-bot]

Code Review Summary

Status: No Issues Found | Recommendation: Merge

Files Reviewed (2 files)

• .github/workflows/agentics-maintenance.yml - 6 updates
• .github/workflows/code-simplifier.lock.yml - 22 updates

This is a straightforward dependency update upgrading actions/github-script from v8 to v9. The changes are consistent across all workflow files using the new commit hash # v9.

Observations:

• All 28 instances of actions/github-script have been updated from ed597411d8f924073f98dfc5c65a23a2325f34cd (v8) to 3a2844b7e9c422d3c10d287c895573f7108da1b3 (v9)
• No breaking changes detected in the diff
• No security vulnerabilities introduced
• This appears to be a valid renovate-generated dependency update

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

[deepsource-io]

DeepSource Code Review

We reviewed changes in a4ccdc8...8015610 on this pull request. Below is the summary for the review, and you can see the individual issues we found as inline review comments.

See full review on DeepSource ↗

PR Report Card

Overall Grade

Security   Reliability   Complexity   Hygiene

Code Review Summary

Analyzer	Status	Updated (UTC)	Details
Python		Apr 10, 2026 12:53a.m.	Review ↗
Secrets		Apr 10, 2026 12:53a.m.	Review ↗

---

Important

AI Review is run only on demand for your team. We're only showing results of static analysis review right now. To trigger AI Review, comment @deepsourcebot review on this thread.

[mergify]

Merge Queue Status

• ✅ Entered queue — 2026-04-10 00:54 UTC · Rule: Github Actions Updates
• ✅ Checks started · on draft merge queue: embarking main (a4ccdc8), #348, #337, #344 and [#370 + #371 + #372 + #373] together #380
• ✅ All checks passed · ready to merge 🚀
• 🔜 Merge