From f4a225916855414c853e02201ef0e1824576e3b4 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 7 May 2026 19:22:44 +0000 Subject: [PATCH 1/5] chore(deps): Bump actions/checkout from 4.2.2 to 6.0.2 Bumps [actions/checkout](https://github.com/actions/checkout) from 4.2.2 to 6.0.2. - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/11bd71901bbe5b1630ceea73d27597364c9af683...de0fac2e4500dabe0009e67214ff5f5447ce83dd) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: 6.0.2 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] (cherry picked from commit e8d8672285e978ec25f33b957afb33005b7f5764) --- .github/workflows/ci.yml | 4 ++-- .github/workflows/release.yml | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 26ce8f8..ccd3afe 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -44,7 +44,7 @@ jobs: app_changed: ${{ steps.filter.outputs.app }} steps: - name: Checkout - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: Detect app-relevant file changes id: filter @@ -67,7 +67,7 @@ jobs: contents: read steps: - name: Checkout - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 - name: Setup Flutter if: needs.detect-changes.outputs.app_changed == 'true' diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 40bc4df..e426451 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -40,7 +40,7 @@ jobs: - name: Checkout merge commit if: steps.gate.outputs.should_release == 'true' - uses: actions/checkout@11bd71901bbe5b1630ceea73d27597364c9af683 # v4.2.2 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: ref: ${{ github.event.pull_request.merge_commit_sha }} From 836c050bdeacf1c7efeaeb8d745e537abdfab565 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 7 May 2026 19:22:48 +0000 Subject: [PATCH 2/5] chore(deps): Bump dorny/paths-filter Bumps [dorny/paths-filter](https://github.com/dorny/paths-filter) from 6852f92c20ea7fd3b0c25de3b5112db3a98da050 to d1c1ffe0248fe513906c8e24db8ea791d46f8590. - [Release notes](https://github.com/dorny/paths-filter/releases) - [Changelog](https://github.com/dorny/paths-filter/blob/master/CHANGELOG.md) - [Commits](https://github.com/dorny/paths-filter/compare/6852f92c20ea7fd3b0c25de3b5112db3a98da050...d1c1ffe0248fe513906c8e24db8ea791d46f8590) --- updated-dependencies: - dependency-name: dorny/paths-filter dependency-version: d1c1ffe0248fe513906c8e24db8ea791d46f8590 dependency-type: direct:production ... Signed-off-by: dependabot[bot] (cherry picked from commit f6acfd6a1ae5f705cf417a57435e5028c203b38e) --- .github/workflows/ci.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index ccd3afe..3280526 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -48,7 +48,7 @@ jobs: - name: Detect app-relevant file changes id: filter - uses: dorny/paths-filter@6852f92c20ea7fd3b0c25de3b5112db3a98da050 # v3 + uses: dorny/paths-filter@d1c1ffe0248fe513906c8e24db8ea791d46f8590 # v3 with: filters: | app: From 363e255a9e3c6797dbc5cda3b8f6019784c6d0ac Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 7 May 2026 19:22:57 +0000 Subject: [PATCH 3/5] chore(deps): Bump subosito/flutter-action from 2.18.0 to 2.23.0 Bumps [subosito/flutter-action](https://github.com/subosito/flutter-action) from 2.18.0 to 2.23.0. - [Release notes](https://github.com/subosito/flutter-action/releases) - [Commits](https://github.com/subosito/flutter-action/compare/f2c4f6686ca8e8d6e6d0f28410eeef506ed66aff...1a449444c387b1966244ae4d4f8c696479add0b2) --- updated-dependencies: - dependency-name: subosito/flutter-action dependency-version: 2.23.0 dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] (cherry picked from commit 2aedf27f9d94a1b8c4454680b0b494a053fc501f) --- .github/workflows/ci.yml | 2 +- .github/workflows/release.yml | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 3280526..c0503c3 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -71,7 +71,7 @@ jobs: - name: Setup Flutter if: needs.detect-changes.outputs.app_changed == 'true' - uses: subosito/flutter-action@f2c4f6686ca8e8d6e6d0f28410eeef506ed66aff # v2.18.0 + uses: subosito/flutter-action@1a449444c387b1966244ae4d4f8c696479add0b2 # v2.23.0 with: channel: stable diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index e426451..68de45a 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -46,7 +46,7 @@ jobs: - name: Setup Flutter if: steps.gate.outputs.should_release == 'true' - uses: subosito/flutter-action@f2c4f6686ca8e8d6e6d0f28410eeef506ed66aff # v2.18.0 + uses: subosito/flutter-action@1a449444c387b1966244ae4d4f8c696479add0b2 # v2.23.0 with: channel: stable From 5ef408bf5444992c93ec3aa9f19d9bfc75f0307a Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 7 May 2026 19:32:30 +0000 Subject: [PATCH 4/5] chore(deps): Bump googleapis/release-please-action from 4.1.3 to 5.0.0 Bumps [googleapis/release-please-action](https://github.com/googleapis/release-please-action) from 4.1.3 to 5.0.0. - [Release notes](https://github.com/googleapis/release-please-action/releases) - [Changelog](https://github.com/googleapis/release-please-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/googleapis/release-please-action/compare/7987652d64b4581673a76e33ad5e98e3dd56832f...45996ed1f6d02564a971a2fa1b5860e934307cf7) --- updated-dependencies: - dependency-name: googleapis/release-please-action dependency-version: 5.0.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] (cherry picked from commit a5f977375be2c9c1caf0be0b3c1c4a912f2b6c34) --- .github/workflows/release-please.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/.github/workflows/release-please.yml b/.github/workflows/release-please.yml index 5a38e4b..5480b16 100644 --- a/.github/workflows/release-please.yml +++ b/.github/workflows/release-please.yml @@ -16,7 +16,7 @@ jobs: steps: - name: Run release-please for develop branch id: release - uses: googleapis/release-please-action@7987652d64b4581673a76e33ad5e98e3dd56832f # v4.1.3 + uses: googleapis/release-please-action@45996ed1f6d02564a971a2fa1b5860e934307cf7 # v5.0.0 with: token: ${{ secrets.RELEASE_PLEASE_TOKEN }} target-branch: develop From a03c0c3dbc4f522653f5fa2b6ac0aa4657c40b86 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Thu, 7 May 2026 19:32:28 +0000 Subject: [PATCH 5/5] chore(deps): Bump actions/github-script from 7.0.1 to 9.0.0 Bumps [actions/github-script](https://github.com/actions/github-script) from 7.0.1 to 9.0.0. - [Release notes](https://github.com/actions/github-script/releases) - [Commits](https://github.com/actions/github-script/compare/60a0d83039c74a4aee543508d2ffcb1c3799cdea...3a2844b7e9c422d3c10d287c895573f7108da1b3) --- updated-dependencies: - dependency-name: actions/github-script dependency-version: 9.0.0 dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] (cherry picked from commit 4718fb4a643cc41fae29580dc3cd2354b72387b1) --- .github/workflows/promote-release-to-main.yml | 4 ++-- .github/workflows/release.yml | 2 +- 2 files changed, 3 insertions(+), 3 deletions(-) diff --git a/.github/workflows/promote-release-to-main.yml b/.github/workflows/promote-release-to-main.yml index dc6a573..94ba230 100644 --- a/.github/workflows/promote-release-to-main.yml +++ b/.github/workflows/promote-release-to-main.yml @@ -18,7 +18,7 @@ jobs: steps: - name: Validate merged PR is a release PR id: gate - uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1 + uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 with: script: | const pr = context.payload.pull_request; @@ -41,7 +41,7 @@ jobs: - name: Create or update promotion PR (develop -> main) if: steps.gate.outputs.is_release_pr == 'true' - uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1 + uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 with: script: | const owner = context.repo.owner; diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml index 68de45a..20f5b88 100644 --- a/.github/workflows/release.yml +++ b/.github/workflows/release.yml @@ -17,7 +17,7 @@ jobs: steps: - name: Validate release promotion merge id: gate - uses: actions/github-script@60a0d83039c74a4aee543508d2ffcb1c3799cdea # v7.0.1 + uses: actions/github-script@3a2844b7e9c422d3c10d287c895573f7108da1b3 # v9.0.0 with: script: | const pr = context.payload.pull_request;