Adds a 3-day minimum release age for packages from PyPI, npm, and
RubyGems as a supply chain security best practice. This provides a
quarantine window for newly published packages before they are
proposed for upgrade, reducing exposure to compromised releases.

This follows the same pattern already used for Terraform upgrades
in this config. Individual projects can override this default for
specific packages where faster adoption is needed.

See https://docs.renovatebot.com/key-concepts/minimum-release-age/

Extends the minimum release age quarantine to dependencies sourced
from GitHub releases and tags, not just package registries.

Co-authored-by: Greg Myers <3645992-greg@users.noreply.gitlab.com>

chore(deps): update pre-commit hook gitlab-com/gl-infra/common-ci-tasks to v3.14

See merge request !1392

Add default minimum release age for third-party dependencies

See merge request !1389

## [3.14.2](https://gitlab.com/gitlab-com/gl-infra/common-ci-tasks/-/compare/...) (2026-03-26)

### Fixes

* add timestamp-optional from MR feedback ([b35c73d6](b35c73d6))

### Others

* add default minimum release age for third-party dependencies ([392d4215](392d4215))
* add github-releases and github-tags to minimum release age rule ([496441c2](496441c2))

### Dependencies

* **deps:** update pre-commit hook gitlab-com/gl-infra/common-ci-tasks to v3.14 ([64e3e2e4](64e3e2e4))