Skip to content

Bump the compatible group with 3 updates#20

Merged
llucax merged 1 commit into
v0.x.xfrom
dependabot/github_actions/compatible-74c77b5b54
May 5, 2026
Merged

Bump the compatible group with 3 updates#20
llucax merged 1 commit into
v0.x.xfrom
dependabot/github_actions/compatible-74c77b5b54

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github May 1, 2026

Bumps the compatible group with 3 updates: frequenz-floss/gh-action-dependabot-migrate, frequenz-floss/gh-action-nox and frequenz-floss/gh-action-setup-python-with-deps.

Updates frequenz-floss/gh-action-dependabot-migrate from 1.1.0 to 1.1.1

Commits
  • 45994e1 Merge pull request #14 from llucax/fetch-metadata-release
  • 0feb09c Bump fetch-metadata to a released version
  • 8feaede Merge pull request #15 from frequenz-floss/dependabot/github_actions/reviewdo...
  • 3423be9 Bump reviewdog/action-actionlint from 1.71.0 to 1.72.0
  • See full diff in compare view

Updates frequenz-floss/gh-action-nox from 1.0.1 to 1.1.1

Release notes

Sourced from frequenz-floss/gh-action-nox's releases.

v1.1.1

What's Changed

Full Changelog: frequenz-floss/gh-action-nox@v1.1.0...v1.1.1

v1.1.0

What's Changed

New Contributors

Full Changelog: frequenz-floss/gh-action-nox@v1.0.1...v1.1.0

Commits
  • 80a9845 Merge pull request #18 from llucax/more-perms
  • 7d17364 Recommend using ubuntu-slim in the example workflows
  • 7b7a607 Recommend limiting permissions in the example workflow
  • a6109f1 Use a pinned hash in the workflow example
  • 03d0013 Document necessary permissions
  • 238d487 Merge pull request #17 from frequenz-floss/dependabot/github_actions/frequenz...
  • 3b678fc Bump frequenz-floss/gh-action-setup-python-with-deps from 1.0.2 to 1.0.3
  • ac4f4dc Merge pull request #16 from llucax/security
  • d829408 Remove the mention to nox-cross-arch
  • 55d5272 ci: Set permissions: {} for dco-merge-queue.yml
  • Additional commits viewable in compare view

Updates frequenz-floss/gh-action-setup-python-with-deps from 1.0.1 to 1.0.4

Release notes

Sourced from frequenz-floss/gh-action-setup-python-with-deps's releases.

v1.0.4

What's Changed

Full Changelog: frequenz-floss/gh-action-setup-python-with-deps@v1.0.3...v1.0.4

v1.0.3

What's Changed

Full Changelog: frequenz-floss/gh-action-setup-python-with-deps@v1.0.2...v1.0.3

v1.0.2

What's Changed

Full Changelog: frequenz-floss/gh-action-setup-python-with-deps@v1.0.1...v1.0.2

Commits
  • b5707ff Fix glob expansion for local dependencies (#20)
  • 77a4e81 Use pinned dependencies in the README
  • ef7146b Fix glob expansion for local dependencies
  • bc560ff Fix potential remote code execution issues (#19)
  • 7a386c1 Remove unnecessary token permissions to DCO
  • 899b890 Use Python in isolated mode
  • e0d9e72 Export inputs via environment variables
  • e4d0b2e Bump actions/setup-python from 6.0.0 to 6.2.0 (#18)
  • c6816cf Bump actions/setup-python from 6.0.0 to 6.2.0
  • 42a37f7 Bump actions/labeler from 5.0.0 to 6.0.1 (#16)
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
Bump the compatible group with 3 updates
2528bf2 
Bumps the compatible group with 3 updates: [frequenz-floss/gh-action-dependabot-migrate](https://github.com/frequenz-floss/gh-action-dependabot-migrate), [frequenz-floss/gh-action-nox](https://github.com/frequenz-floss/gh-action-nox) and [frequenz-floss/gh-action-setup-python-with-deps](https://github.com/frequenz-floss/gh-action-setup-python-with-deps).


Updates `frequenz-floss/gh-action-dependabot-migrate` from 1.1.0 to 1.1.1
- [Release notes](https://github.com/frequenz-floss/gh-action-dependabot-migrate/releases)
- [Commits](frequenz-floss/gh-action-dependabot-migrate@b389f72...45994e1)

Updates `frequenz-floss/gh-action-nox` from 1.0.1 to 1.1.1
- [Release notes](https://github.com/frequenz-floss/gh-action-nox/releases)
- [Commits](frequenz-floss/gh-action-nox@v1.0.1...v1.1.1)

Updates `frequenz-floss/gh-action-setup-python-with-deps` from 1.0.1 to 1.0.4
- [Release notes](https://github.com/frequenz-floss/gh-action-setup-python-with-deps/releases)
- [Commits](frequenz-floss/gh-action-setup-python-with-deps@v1.0.1...v1.0.4)

---
updated-dependencies:
- dependency-name: frequenz-floss/gh-action-dependabot-migrate
  dependency-version: 1.1.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: compatible
- dependency-name: frequenz-floss/gh-action-nox
  dependency-version: 1.1.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: compatible
- dependency-name: frequenz-floss/gh-action-setup-python-with-deps
  dependency-version: 1.0.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: compatible
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added part:tooling Affects the development tooling (CI, deployment, dependency management, etc.) type:tech-debt Improves the project without visible changes for users labels May 1, 2026
@dependabot dependabot Bot requested a review from a team as a code owner May 1, 2026 13:17
@dependabot dependabot Bot requested review from llucax and removed request for a team May 1, 2026 13:17
@dependabot dependabot Bot added part:tooling Affects the development tooling (CI, deployment, dependency management, etc.) type:tech-debt Improves the project without visible changes for users labels May 1, 2026
@frequenz-auto-dependabot frequenz-auto-dependabot Bot added the tool:auto-merged Auto-approved Dependabot PRs label May 1, 2026
@llucax llucax merged commit f19d6f3 into v0.x.x May 5, 2026
24 checks passed
@llucax llucax deleted the dependabot/github_actions/compatible-74c77b5b54 branch May 5, 2026 08:03
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@frequenz-auto-dependabot frequenz-auto-dependabot[bot] frequenz-auto-dependabot[bot] approved these changes

@llucax llucax Awaiting requested review from llucax llucax is a code owner automatically assigned from frequenz-floss/python-sdk-team

Assignees

No one assigned

Labels

part:tooling Affects the development tooling (CI, deployment, dependency management, etc.) tool:auto-merged Auto-approved Dependabot PRs type:tech-debt Improves the project without visible changes for users

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@llucax