deps(deps): bump XAOSTECH/dev-control from b067f72ca7f849b734a45634f23581a739d5146f to 890484d6f30f98be7fa3b61ea2b8d3adc877a2d4

[dependabot]

Bumps XAOSTECH/dev-control from b067f72ca7f849b734a45634f23581a739d5146f to 890484d6f30f98be7fa3b61ea2b8d3adc877a2d4.

Changelog

Sourced from XAOSTECH/dev-control's changelog.

Changelog

All notable changes to Dev-Control will be documented in this file.

The format is based on Keep a Changelog, and this project adheres to Semantic Versioning.

[0.5.8] - 2026-03-16

Fixed

• exclude license/licence code patterns + template-loading license loop
• exclude license/licence, e.a. + fix in CHANGELOG
• anglicise checkout with App token for workflow file pushes

Changed

• perf: remove redundant identity setup in anglicise workflow
• Merge pull request #98 from XAOSTECH:anglicise/20260316-032939
• chore: convert American spellings to British English

[0.5.7] - 2026-03-15 (re-release)

Added

• tree-viz overhaul - topo sort, variable spacing, wind slider, clickable nodes, SVG fix, mini SVG - Topological sort (Kahn's algorithm) replaces timestamp sort; merges never appear before their parent commits - Variable row heights: 40px trunk, 80px branches for tighter layout - Dynamic canvas/SVG dimensions derived from actual position data - Wind intensity doubled + range slider (0-500%) for user control - Ctrl+click / middle-click commit nodes opens commit page (repo_url extracted from git remote, SSH auto-converted to HTTPS) - SVG: XML-escaped title attributes (fixes unescaped quote error), branch connection lines (Bézier curves), correct gradient per type - Mini SVG renderer with CSS sway animation for README inline embed - README embed updated: shows mini SVG with links to full SVG/HTML/data - Max-commits default changed to 0 (unlimited); fixed local-outside-fn and duplicate --date flag issues
• add --skip flag to exclude directories from batch update
• add MEMBERS owner guard and interrupted-run recovery
• add --update mode for batch template refresh
• batch mode stash/pull/commit/push lifecycle
• integrate tree-viz generation with 30-commit threshold
• add workflow and template for automated tree generation
• overhaul interactive visualisation with waving leaves and scrollable viewport
• optimise containerise.sh flow for pre-built images
• enhance update workflow with comprehensive maintenance
• add repository update workflow
• add SHA256 checksums for GitHub-generated source archives
• add CodeQL workflow template with auto-detection
• install docs templates to docs/ subdirectory
• add global repoVars.env config for bot credentials

Fixed

• include (re-release) in same-day CHANGELOG heading
• skip dev-control repo in batch update
• fix staging, licence priority, and pull-fail handling in batch update
• avoid hard fail on missing usb capture device
• ensure/apply automerge label for bot PRs
• drop hardcoded automated PR label
• non-fatal submodule update; fallback branch names
• submodule threshold=0 on manual run, fix subshell bug, stale default 60→10
• limit workflow edits to display text
• preserve analyse IDs; keep UK display text
• github.copilot-chat --> GitHub.copilot-chat

... (truncated)

Commits

• 890484d feat(dc-init): add --push flag with reusable commit/push function
• e3a0984 feat(release): add consolidate option to absorb newer releases into an older ...
• 2e5da6b feat(containerise): very strict cache buster; BUILD_DATE now includes %m
• 3a8cce9 fix(security): resolve CodeQL envvar-injection and code-injection alerts
• 9b36605 feat(release): add optional Authenticode code signing via SignPath.io
• dbc457d feat(dc-init): amend existing dc-init commits instead of stacking duplicates
• 111ed91 fix(release): sanitize early-exit tarball_count GITHUB_ENV write
• 79e4f0c fix(release): sanitize GITHUB_ENV writes against newline injection
• e36c378 fix: remove erroneous backslash escaping in MCP config heredoc
• 461b4a4 fix(ci): resolve CodeQL envvar-injection and missing-permissions alerts
• Additional commits viewable in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[dependabot]

Labels

The following labels could not be found: automerge, dependencies, github-actions. Please create them before Dependabot can add them to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.