Bump dataaxiom/ghcr-cleanup-action from 1.0.16 to 1.1.0

[dependabot]

Bumps dataaxiom/ghcr-cleanup-action from 1.0.16 to 1.1.0.

Release notes

Sourced from dataaxiom/ghcr-cleanup-action's releases.

v1.1.0

• fix: preserve OCI 1.1 subject-bearing referrers (cosign sigstore-bundles, attestations) during cleanup — were silently deleted as untagged #71
• fix: keep-n-tagged now gates untag operations; a matched tag is not stripped from an image that keep-n-tagged would protect (#99, #101)
• fix: shared multi-arch platform digests no longer cascade-deleted when one of multiple parent indexes is removed (#91)
• fix: delete-partial-images excludes fully ghost images #112
• fix: Octokit error output visible at all log levels (was suppressed when log-level was error or warn)
• fix: expand-packages rejects fine-grained PATs upfront with a clear message
• fix: setFailed message no longer overwritten by an empty Error in early-failure paths
• feat: ReDoS guard on user-supplied regex (delete-tags, exclude-tags, package) when use-regex: true
• feat: code refactor/split, removal of anys where possible using typed classes
• chore(deps): Node.js 24
• docs: README rewrite + Limitations section (5,000-download undeletable policy, nested-manifest non-support)

Commits

• 34a2b6c Merge pull request #115 from rohanmars/pr/post-114-polish
• 7caf315 orchestrator: throw on run() before reload(), don't silently no-op
• 470a04a utils: rename ManifestLayer → ManifestDescriptor
• a7a3201 image-deleter: explain why performUntagging reloads per tag
• c1c13a6 chore: add husky pre-commit hook for prettier + bundle
• bcdcd73 security: validate user-supplied regex patterns to prevent ReDoS
• 8ff0d89 fix: code-review feedback — consistent cache-invariant throw, stray string id
• cfd5a6a refactor: replace cache-invariant continue skips with explicit throws
• 608e836 refactor: introduce GhPackage interface, fix id string→number
• 9efeca2 refactor: introduce Manifest interfaces, drop any types in registry
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud