ci(deps): bump the github-actions group across 1 directory with 11 updates#33
Closed
dependabot[bot] wants to merge 1 commit into
Closed
Conversation
…dates Bumps the github-actions group with 11 updates in the /.github/workflows directory: | Package | From | To | | --- | --- | --- | | [step-security/harden-runner](https://github.com/step-security/harden-runner) | `2.16.1` | `2.19.1` | | [step-security/action-semantic-pull-request](https://github.com/step-security/action-semantic-pull-request) | `6.1.1` | `6.1.2` | | [step-security/rust-cache](https://github.com/step-security/rust-cache) | `2.8.3` | `2.9.1` | | [taiki-e/install-action](https://github.com/taiki-e/install-action) | `2.73.0` | `2.77.5` | | [step-security/paths-filter](https://github.com/step-security/paths-filter) | `3.0.5` | `4.0.1` | | [github/codeql-action](https://github.com/github/codeql-action) | `4.35.1` | `4.35.4` | | [actions/labeler](https://github.com/actions/labeler) | `6.0.1` | `6.1.0` | | [actions/github-script](https://github.com/actions/github-script) | `8.0.0` | `9.0.0` | | [googleapis/release-please-action](https://github.com/googleapis/release-please-action) | `4.4.0` | `5.0.0` | | [actions/upload-artifact](https://github.com/actions/upload-artifact) | `7.0.0` | `7.0.1` | | [actions/dependency-review-action](https://github.com/actions/dependency-review-action) | `4.9.0` | `5.0.0` | Updates `step-security/harden-runner` from 2.16.1 to 2.19.1 - [Release notes](https://github.com/step-security/harden-runner/releases) - [Commits](step-security/harden-runner@fe10465...a5ad31d) Updates `step-security/action-semantic-pull-request` from 6.1.1 to 6.1.2 - [Release notes](https://github.com/step-security/action-semantic-pull-request/releases) - [Commits](step-security/action-semantic-pull-request@bc0cf74...75d2dd5) Updates `step-security/rust-cache` from 2.8.3 to 2.9.1 - [Release notes](https://github.com/step-security/rust-cache/releases) - [Commits](step-security/rust-cache@9be15b8...851174d) Updates `taiki-e/install-action` from 2.73.0 to 2.77.5 - [Release notes](https://github.com/taiki-e/install-action/releases) - [Changelog](https://github.com/taiki-e/install-action/blob/main/CHANGELOG.md) - [Commits](taiki-e/install-action@7a562df...fa0dd4c) Updates `step-security/paths-filter` from 3.0.5 to 4.0.1 - [Release notes](https://github.com/step-security/paths-filter/releases) - [Commits](step-security/paths-filter@6eee183...5c5241b) Updates `github/codeql-action` from 4.35.1 to 4.35.4 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@c10b806...68bde55) Updates `actions/labeler` from 6.0.1 to 6.1.0 - [Release notes](https://github.com/actions/labeler/releases) - [Commits](actions/labeler@634933e...f27b608) Updates `actions/github-script` from 8.0.0 to 9.0.0 - [Release notes](https://github.com/actions/github-script/releases) - [Commits](actions/github-script@ed59741...3a2844b) Updates `googleapis/release-please-action` from 4.4.0 to 5.0.0 - [Release notes](https://github.com/googleapis/release-please-action/releases) - [Changelog](https://github.com/googleapis/release-please-action/blob/main/CHANGELOG.md) - [Commits](googleapis/release-please-action@16a9c90...45996ed) Updates `actions/upload-artifact` from 7.0.0 to 7.0.1 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](actions/upload-artifact@bbbca2d...043fb46) Updates `actions/dependency-review-action` from 4.9.0 to 5.0.0 - [Release notes](https://github.com/actions/dependency-review-action/releases) - [Commits](actions/dependency-review-action@2031cfc...a1d282b) --- updated-dependencies: - dependency-name: step-security/harden-runner dependency-version: 2.19.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: step-security/action-semantic-pull-request dependency-version: 6.1.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: step-security/rust-cache dependency-version: 2.9.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: taiki-e/install-action dependency-version: 2.77.5 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: step-security/paths-filter dependency-version: 4.0.1 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: github/codeql-action dependency-version: 4.35.4 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: actions/labeler dependency-version: 6.1.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: actions/github-script dependency-version: 9.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: googleapis/release-please-action dependency-version: 5.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: actions/upload-artifact dependency-version: 7.0.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: actions/dependency-review-action dependency-version: 5.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions ... Signed-off-by: dependabot[bot] <support@github.com>
Contributor
Author
|
Looks like these dependencies are updatable in another way, so this is no longer needed. |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Bumps the github-actions group with 11 updates in the /.github/workflows directory:
2.16.12.19.16.1.16.1.22.8.32.9.12.73.02.77.53.0.54.0.14.35.14.35.46.0.16.1.08.0.09.0.04.4.05.0.07.0.07.0.14.9.05.0.0Updates
step-security/harden-runnerfrom 2.16.1 to 2.19.1Release notes
Sourced from step-security/harden-runner's releases.
Commits
a5ad31dMerge pull request #657 from devantler/fix/ubuntu-slim-user-env6e92856build dist and trim ubuntu-slim message4e0504eMerge branch 'main' into fix/ubuntu-slim-user-env8d3c67dRelease v2.19.0 (#661)6c3c2f2Feature/deploy on self hosted vm (#658)376d25afix: detect ubuntu-slim runners early and bail outf808768Feature/policy store (#656)Updates
step-security/action-semantic-pull-requestfrom 6.1.1 to 6.1.2Release notes
Sourced from step-security/action-semantic-pull-request's releases.
Commits
75d2dd5Merge pull request #162 from step-security/Raj-StepSecurity-patch-11dce66eeUpdate actions_release.yml80eb62bMerge pull request #161 from step-security/yarn-audit-fixac0700ffix: apply audit fixes92d4228fix: apply audit fixes91fa82ffix: apply audit fixesfed9df2Merge pull request #160 from step-security/feat/update-subscription-check9d0ba60code linted21be1b8feat: added banner and update subscription check to make maintained actions f...57d5042Merge pull request #159 from step-security/yarn-audit-fixUpdates
step-security/rust-cachefrom 2.8.3 to 2.9.1Release notes
Sourced from step-security/rust-cache's releases.
Commits
851174dfix: test vulns fixed (#279)f0d17cdMerge branch 'main' into fix/test-vulnerabilities-fixed90bb4a5chore: Cherry-picked changes from upstream (#281)595123aMerge pull request #280 from step-security/auto-cherry-pickb1072ebconflicted commits cherry-picked374bbf5fix: apply code build scriptdd5ecfffix: apply code build script7791ac0Compare case-insenitively for full cache key match (#303)49df1bdConsider all installed toolchains in cache key (#293)84286e5Consider all installed toolchains in cache key (#293)Updates
taiki-e/install-actionfrom 2.73.0 to 2.77.5Release notes
Sourced from taiki-e/install-action's releases.
... (truncated)
Changelog
Sourced from taiki-e/install-action's changelog.
... (truncated)
Commits
fa0dd4cRelease 2.77.5d36d444Updatebiome@latestto 2.4.15d218cf5Update release-plz manifestd0260a1Updatemise@latestto 2026.5.4831c88bUpdatecargo-deny@latestto 0.19.5ec28e28Release 2.77.484fb204Updatetombi@latestto 0.11.1c0382aeUpdatecargo-llvm-cov@latestto 0.8.6e32a755Update just manifestea4c42cUpdateuv@latestto 0.11.12Updates
step-security/paths-filterfrom 3.0.5 to 4.0.1Release notes
Sourced from step-security/paths-filter's releases.
Commits
5c5241bMerge pull request #243 from step-security/feat/update-subscription-check4a740b4claude comments addressedc3c4a64feat: added banner and update subscription check to make maintained actions f...e7a5f27Merge pull request #241 from step-security/auto-cherry-pick81a12d9chore: Cherry-picked changes from upstream for conflicting changes8f54c5afeat: add merge_group event support6a7c5d6Merge pull request #240 from step-security/auto-cherry-pickc79c47bchore: Cherry-picked changes from upstream in package.json000dc59feat: update action runtime to node2460b52a2Merge pull request #236 from step-security/auto-cherry-pickUpdates
github/codeql-actionfrom 4.35.1 to 4.35.4Release notes
Sourced from github/codeql-action's releases.
Changelog
Sourced from github/codeql-action's changelog.
... (truncated)
Commits
68bde55Merge pull request #3885 from github/update-v4.35.4-803d9e8c39739ad2Update changelog for v4.35.4803d9e8Merge pull request #3883 from github/mbg/test/macro-wrapper0fd9c7dMerge pull request #3882 from github/dependabot/github_actions/dot-github/wor...922d6fbUsemakeMacroinstead oftest.macrodf77e87Update test macro snippet6e3f985Add wrapper fortest.macroe7a347dMerge pull request #3881 from github/update-bundle/codeql-bundle-v2.25.417eabb2Rebuildaaef09cBump ruby/setup-rubyUpdates
actions/labelerfrom 6.0.1 to 6.1.0Release notes
Sourced from actions/labeler's releases.
Commits
f27b608chore: upgrade dependencies (@actions/core,@actions/github, js-yaml, minimat...c5dadc2Add 'changed-files-labels-limit' and 'max-files-changed' configs to allow cap...e52e4fbBump minimatch from 10.0.1 to 10.2.3 (#926)77a4082Fix: Preserve manually added labels during workflow run and refine label sync...25abb3cImprove Labeler Action Documentation and Error Handling for Permissions (#897)395c8cfBump brace-expansion from 1.1.11 to 1.1.12 and document breaking changes in v...Updates
actions/github-scriptfrom 8.0.0 to 9.0.0Release notes
Sourced from actions/github-script's releases.
Commits
3a2844bMerge pull request #700 from actions/salmanmkc/expose-getoctokit + prepare re...ca10bbdfix: use@octokit/core/types import for v7 compatibility86e48e2merge: incorporate main branch changesc108472chore: rebuild dist for v9 upgrade and getOctokit factoryafff112Merge pull request #712 from actions/salmanmkc/deployment-false + fix user-ag...ff8117eci: fix user-agent test to handle orchestration ID81c6b78ci: use deployment: false to suppress deployment noise from integration tests3953cafdocs: update README examples from@v8to@v9, add getOctokit docs and v9 brea...c17d55bci: add getOctokit integration test joba047196test: add getOctokit integration tests via callAsyncFunctionUpdates
googleapis/release-please-actionfrom 4.4.0 to 5.0.0Release notes
Sourced from googleapis/release-please-action's releases.
Changelog
Sourced from googleapis/release-please-action's changelog.
... (truncated)
Commits
45996edchore(main): release 5.0.0 (#1200)a8121b9chore: build dist (#1201)f533c26fix: bump release-please from 17.3.0 to 17.6.0 (#1199)46dfc01feat!: upgrade to node24 (#1188)5c625bfchore(main): release 4.4.1 (#1187)8bb7a2echore: build dist (#1186)ef9c274fix: bump release-please from 17.1.3 to 17.3.0 (#1183)64d83e9docs(README): add missing action inputs + package options (#1176)Updates
actions/upload-artifactfrom 7.0.0 to 7.0.1Release notes
Sourced from actions/upload-artifact's releases.