fix: Resolve security vulnerabilities #65

	name: Auto Cherry-Pick from Upstream

	on:
	workflow_dispatch:
	inputs:
	base_branch:
	description: "Base branch to create the PR against"
	required: true
	default: "main"
	mode:
	description: "Run mode: cherry-pick or verify"
	required: false
	default: "cherry-pick"
	node_version:
	description: "Specify Node.js version (e.g., '18', '20', 'lts/*')"
	required: false
	type: string
	default: "24"
	script:
	description: "Specify the build script to run"
	required: false
	type: string
	default: "yarn build"
	package_manager:
	description: "Package manager to use"
	required: false
	default: "yarn"

	pull_request:
	types: [opened, synchronize, labeled]

	permissions:
	contents: write
	pull-requests: write
	packages: read
	issues: write

	jobs:
	cherry-pick:
	if: github.event_name == 'workflow_dispatch' \|\| contains(fromJson(toJson(github.event.pull_request.labels)).*.name, 'review-required')
	uses: step-security/reusable-workflows/.github/workflows/auto_cherry_pick.yaml@v1
	with:
	original-owner: "technote-space"
	repo-name: "release-github-actions"
	base_branch: ${{ inputs.base_branch }}
	mode: ${{ github.event_name == 'pull_request' && 'verify' \|\| inputs.mode }}
	node_version: "${{ inputs.node_version \|\| '24' }}"
	script: "${{ inputs.script \|\| 'yarn build' }}"
	package_manager: ${{ inputs.package_manager \|\| 'yarn' }}

Provide feedback