chore(deps): update gittools/actions action to v4.4.2

[renovate]

This PR contains the following updates:

Package	Type	Update	Change
gittools/actions	action	minor	v4.3.3 → v4.4.2

---

Release Notes

gittools/actions (gittools/actions)

v4.4.2

Compare Source

As part of this release we had 3 commits which resulted in 1 issue being closed.

Bug

• #​2006 [ISSUE]: Upgrade GitVersionTask from 4.3.3 to 4.4.1 breaks /overrideconfig

SHA256 Hashes of the release artifacts

• 203023fae8db443599353c7a3d5fc2cf84efc7c6e5aa0b6a466bb6ac20b205c0 - gittools.gittools-4.4.2.260316134.vsix

v4.4.1

Compare Source

As part of this release we had 4 commits which resulted in 1 issue being closed.

Bug

• #​2001 [Bug]: Updating the versions in docs and workflows on new release

SHA256 Hashes of the release artifacts

• c8c9754a01a5c4de9def15f1012776d9a42cd904d5c1119ebe169bc88eb9e69b - gittools.gittools-4.4.1.260316032.vsix

v4.4.0

Compare Source

As part of this release we had 49 commits which resulted in 2 issues being closed.

Bug

• #​1912 [ISSUE]: gitversion-execute@​4.2.0 fails on Windows (with self hosted agent?)

Improvements

• #​1992 [ISSUE]: NodeJS20 will be deprecated in Github ACtions

SHA256 Hashes of the release artifacts

• a9c2459127afc0451fb36b38a68d9755b212d707218bd5181bdcff531f84975f - gittools.gittools-4.4.0.260316014.vsix

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR was generated by Mend Renovate. View the repository job log.

[sophie-syntax]

PR Reviewer Guide 🔍

Here are some key observations to aid the review process:

⏱️ Estimated effort to review: 1 🔵⚪⚪⚪⚪

🧪 No relevant tests

🔒 Security concerns Third-party action update: this PR upgrades externally maintained GitHub Actions, so the new release should be checked for provenance and release-note changes before rollout. The workflow also references actions by version tag rather than full commit SHA, which leaves some supply-chain risk if a tag is ever moved or compromised.

⚡ Recommended focus areas for review Behavior change Validate that gittools/actions v4.4.1 preserves the same GitVersion outputs and tagging behavior expected by downstream steps, especially since the later tag-push step depends on the computed version metadata. uses: gittools/actions/gitversion/setup@v4.4.1 with: versionSpec: "6.x" - name: Version with GitVersion # https://github.com/marketplace/actions/use-actions id: gitversion uses: gittools/actions/gitversion/execute@v4.4.1

[sophie-syntax]

Suggestion: The updated gittools/actions references are still pinned only to a movable tag, which leaves the release workflow exposed to upstream tag retargeting or supply-chain compromise. Pin both gittools/actions/gitversion/setup and gittools/actions/gitversion/execute to the full commit SHA for v4.4.1 so the deployed workflow always runs the exact reviewed code. [security, importance: 8]

Suggested change

	uses: gittools/actions/gitversion/setup@v4.4.1
	with:
	versionSpec: "6.x"
	- name: Version with GitVersion # https://github.com/marketplace/actions/use-actions
	id: gitversion
	uses: gittools/actions/gitversion/execute@v4.3.3
	uses: gittools/actions/gitversion/execute@v4.4.1
	uses: gittools/actions/gitversion/setup@<full-commit-sha-for-v4.4.1>
	...
	uses: gittools/actions/gitversion/execute@<full-commit-sha-for-v4.4.1>