build(deps): bump github.com/cli/cli/v2 from 2.64.0 to 2.66.1

[dependabot]

Bumps github.com/cli/cli/v2 from 2.64.0 to 2.66.1.

Release notes

Sourced from github.com/cli/cli/v2's releases.

GitHub CLI 2.66.1

Hotfix: gh pr view fails with provided URL

This addresses a regression in gh pr view was reported in #10352. This regression was due to a change in v2.66.0 that no longer allowed gh pr subcommands to execute properly outside of a git repo.

What's Changed

• Hotfix: gh pr view fails with provided URL by @​jtmcg in cli/cli#10354

Full Changelog: cli/cli@v2.66.0...v2.66.1

GitHub CLI 2.66.0

gh pr view and gh pr status now respect common triangular workflow configurations

Previously, gh pr view and gh pr status would fail for pull request's (PR) open in triangular workflows. This was due to gh being unable to identify the PR's corresponding remote and branch refs on GitHub.

Now, gh pr view and gh pr status should successfully identify the PR's refs when the following common git configurations are used:

• branch.<branchName>.pushremote is set
• remote.pushDefault is set

Branch specific configuration, the former, supersedes repo specific configuration, the latter.

Additionally, if the @{push} revision syntax for git resolves for a branch, gh pr view and gh pr status should work regardless of additional config settings.

For more information, see

• cli/cli#9363
• cli/cli#9364
• cli/cli#9365
• cli/cli#9374

gh secret list, gh secret set, and gh secret delete now require repository selection when multiple git remotes are present

Previously, gh secret list, gh secret set, and gh secret delete would determine which remote to target for interacting with GitHub Actions secrets. Remotes marked as default using gh repo set-default or through other gh commands had higher priority when figuring out which repository to interact with. This could have unexpected outcomes when using gh secret commands with forked repositories as the upstream repository would generally be selected.

Now, gh secret commands require users to disambiguate which repository should be the target if multiple remotes are present and the -R, --repo flag is not provided.

For more information, see cli/cli#4688

Extension update notices now notify once every 24 hours per extension and can be disabled

Previously, the GitHub CLI would notify users about newer versions every time an extension was executed. This did not match GitHub CLI notices, which only notified users once every 24 hours and could be disabled through an environment variable.

Now, extension update notices will behave similar to GitHub CLI notices. To disable extension update notices, set the GH_NO_EXTENSION_UPDATE_NOTIFIER environment variable.

For more information, see cli/cli#9925

What's Changed

... (truncated)

Commits

• d10fbbf Merge pull request #10354 from cli/jtmcg/fix-10352-not-in-repo-error
• 877871f Address PR comments
• e428b9c Remove unused ErrNoGitRepository error
• 601cf88 Handle error from ParsePRRefs when the selector is provided
• fa5325a Add comment to status recognizing when we require a repo
• 058cb2c Refactor finder to work with URL selectors
• 29e57ee Add tests for using the pr Finder outside of repo
• 42c0cb0 Merge pull request #10340 from cli/andyfeller-patch-1
• df250a2 Update deployment.yml
• 9ef8406 Merge pull request #10339 from malancas/attestation-verify-bundle-logic
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)