ci(deps): update bfra-me/.github to v4.13.8

[fro-bot]

This PR contains the following updates:

Package	Type	Update	Change	OpenSSF
bfra-me/.github	action	patch	v4.13.6 → v4.13.8

---

Release Notes

bfra-me/.github (bfra-me/.github)

v4.13.8

Compare Source

Patch Changes

• ⚠️ Update GitHub Actions workflow dependency fro-bot/agent from v0.31.2 to v0.32.0 (#​1872)

• ⚙️ Update GitHub Actions workflow dependency bfra-me/renovate-action from 9.10.1 to 9.11.0 (#​1874)

• ⚙️ Update GitHub Actions workflow dependency bfra-me/renovate-action from 9.11.0 to 9.12.0 (#​1875)

v4.13.7

Compare Source

Patch Changes

• Force flatted to 3.4.2 to fix prototype pollution vulnerability (CVE-2026-33228) (#​1859)

  This addresses a HIGH severity security vulnerability in flatted <=3.4.1
  discovered via Dependabot alert #​39. The vulnerability allows prototype
  pollution via the parse() function in NodeJS.

  Since flatted is a transitive dependency of eslint via flat-cache and
  file-entry-cache, we add a pnpm override to ensure the patched version
  is used throughout the dependency tree.

• ⚙️ Update GitHub Actions workflow dependency bfra-me/renovate-action from 9.10.0 to 9.10.1 (#​1868)

• ⚙️ Update GitHub Actions workflow dependency fro-bot/agent from v0.31.1 to v0.31.2 (#​1863)

• 📦 Update npm dependency eslint from 10.0.3 to 10.1.0 (#​1869)

• 📦 Update npm dependency pnpm (#​1867)

---

Configuration

📅 Schedule: Branch creation - "" in timezone America/Phoenix, Automerge - At any time (no schedule defined).

🚦 Automerge: Enabled.

♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Renovate Bot.