ci(deps): bump the github-actions group across 1 directory with 15 updates#41
Open
dependabot[bot] wants to merge 1 commit into
Conversation
…dates Bumps the github-actions group with 15 updates in the /.github/workflows directory: | Package | From | To | | --- | --- | --- | | [step-security/harden-runner](https://github.com/step-security/harden-runner) | `2.16.1` | `2.19.4` | | [actions/checkout](https://github.com/actions/checkout) | `6.0.2` | `7.0.0` | | [rust-lang/crates-io-auth-action](https://github.com/rust-lang/crates-io-auth-action) | `1.0.4` | `1.0.5` | | [step-security/action-gh-release](https://github.com/step-security/action-gh-release) | `2.6.1` | `3.0.0` | | [step-security/action-semantic-pull-request](https://github.com/step-security/action-semantic-pull-request) | `6.1.1` | `6.1.2` | | [step-security/rust-cache](https://github.com/step-security/rust-cache) | `2.8.3` | `2.9.1` | | [taiki-e/install-action](https://github.com/taiki-e/install-action) | `2.73.0` | `2.82.6` | | [step-security/paths-filter](https://github.com/step-security/paths-filter) | `3.0.5` | `4.0.1` | | [github/codeql-action/init](https://github.com/github/codeql-action) | `4.35.1` | `4.36.2` | | [github/codeql-action/analyze](https://github.com/github/codeql-action) | `4.35.1` | `4.36.2` | | [actions/labeler](https://github.com/actions/labeler) | `6.0.1` | `6.1.0` | | [actions/github-script](https://github.com/actions/github-script) | `8.0.0` | `9.0.0` | | [googleapis/release-please-action](https://github.com/googleapis/release-please-action) | `4.4.0` | `5.0.0` | | [actions/upload-artifact](https://github.com/actions/upload-artifact) | `7.0.0` | `7.0.1` | | [actions/dependency-review-action](https://github.com/actions/dependency-review-action) | `4.9.0` | `5.0.0` | Updates `step-security/harden-runner` from 2.16.1 to 2.19.4 - [Release notes](https://github.com/step-security/harden-runner/releases) - [Commits](step-security/harden-runner@fe10465...9af89fc) Updates `actions/checkout` from 6.0.2 to 7.0.0 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@de0fac2...9c091bb) Updates `rust-lang/crates-io-auth-action` from 1.0.4 to 1.0.5 - [Release notes](https://github.com/rust-lang/crates-io-auth-action/releases) - [Commits](rust-lang/crates-io-auth-action@bbd8162...c6f97d4) Updates `step-security/action-gh-release` from 2.6.1 to 3.0.0 - [Release notes](https://github.com/step-security/action-gh-release/releases) - [Commits](step-security/action-gh-release@dc29ef0...277bfa8) Updates `step-security/action-semantic-pull-request` from 6.1.1 to 6.1.2 - [Release notes](https://github.com/step-security/action-semantic-pull-request/releases) - [Commits](step-security/action-semantic-pull-request@bc0cf74...75d2dd5) Updates `step-security/rust-cache` from 2.8.3 to 2.9.1 - [Release notes](https://github.com/step-security/rust-cache/releases) - [Commits](step-security/rust-cache@9be15b8...851174d) Updates `taiki-e/install-action` from 2.73.0 to 2.82.6 - [Release notes](https://github.com/taiki-e/install-action/releases) - [Changelog](https://github.com/taiki-e/install-action/blob/main/CHANGELOG.md) - [Commits](taiki-e/install-action@7a562df...9bcaee1) Updates `step-security/paths-filter` from 3.0.5 to 4.0.1 - [Release notes](https://github.com/step-security/paths-filter/releases) - [Commits](step-security/paths-filter@6eee183...5c5241b) Updates `github/codeql-action/init` from 4.35.1 to 4.36.2 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@c10b806...8aad20d) Updates `github/codeql-action/analyze` from 4.35.1 to 4.36.2 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@c10b806...8aad20d) Updates `actions/labeler` from 6.0.1 to 6.1.0 - [Release notes](https://github.com/actions/labeler/releases) - [Commits](actions/labeler@634933e...f27b608) Updates `actions/github-script` from 8.0.0 to 9.0.0 - [Release notes](https://github.com/actions/github-script/releases) - [Commits](actions/github-script@ed59741...3a2844b) Updates `googleapis/release-please-action` from 4.4.0 to 5.0.0 - [Release notes](https://github.com/googleapis/release-please-action/releases) - [Changelog](https://github.com/googleapis/release-please-action/blob/main/CHANGELOG.md) - [Commits](googleapis/release-please-action@16a9c90...45996ed) Updates `actions/upload-artifact` from 7.0.0 to 7.0.1 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](actions/upload-artifact@bbbca2d...043fb46) Updates `actions/dependency-review-action` from 4.9.0 to 5.0.0 - [Release notes](https://github.com/actions/dependency-review-action/releases) - [Commits](actions/dependency-review-action@2031cfc...a1d282b) --- updated-dependencies: - dependency-name: step-security/harden-runner dependency-version: 2.19.4 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: actions/checkout dependency-version: 7.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: rust-lang/crates-io-auth-action dependency-version: 1.0.5 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: step-security/action-gh-release dependency-version: 3.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: step-security/action-semantic-pull-request dependency-version: 6.1.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: step-security/rust-cache dependency-version: 2.9.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: taiki-e/install-action dependency-version: 2.82.6 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: step-security/paths-filter dependency-version: 4.0.1 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: github/codeql-action/init dependency-version: 4.36.2 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: github/codeql-action/analyze dependency-version: 4.36.2 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: actions/labeler dependency-version: 6.1.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: actions/github-script dependency-version: 9.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: googleapis/release-please-action dependency-version: 5.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: actions/upload-artifact dependency-version: 7.0.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: actions/dependency-review-action dependency-version: 5.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions ... Signed-off-by: dependabot[bot] <support@github.com>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Bumps the github-actions group with 15 updates in the /.github/workflows directory:
2.16.12.19.46.0.27.0.01.0.41.0.52.6.13.0.06.1.16.1.22.8.32.9.12.73.02.82.63.0.54.0.14.35.14.36.24.35.14.36.26.0.16.1.08.0.09.0.04.4.05.0.07.0.07.0.14.9.05.0.0Updates
step-security/harden-runnerfrom 2.16.1 to 2.19.4Release notes
Sourced from step-security/harden-runner's releases.
... (truncated)
Commits
9af89fcMerge pull request #667 from step-security/update-agent-v1.8.6485dce8Update agent to v1.8.6ab7a940Merge pull request #665 from step-security/fix/use-policy-store-default-auditec41b78Default to audit mode when api-key missing with use-policy-store9ca718dMerge pull request #664 from step-security/update-agent-v1.8.51dee3dfUpdate agent to v1.8.5a5ad31dMerge pull request #657 from devantler/fix/ubuntu-slim-user-env6e92856build dist and trim ubuntu-slim message4e0504eMerge branch 'main' into fix/ubuntu-slim-user-env8d3c67dRelease v2.19.0 (#661)Updates
actions/checkoutfrom 6.0.2 to 7.0.0Release notes
Sourced from actions/checkout's releases.
Changelog
Sourced from actions/checkout's changelog.
... (truncated)
Commits
9c091bbupdate error wording (#2467)1044a6dgetting ready for checkout v7 release (#2464)f028218Bump the minor-npm-dependencies group across 1 directory with 3 updates (#2462)d914b26upgrade module to esm and update dependencies (#2463)537c7efBump@actions/coreand@actions/tool-cacheand Remove uuid (#2459)130a169Bump js-yaml from 4.1.0 to 4.2.0 (#2461)7d09575Bump flatted from 3.3.1 to 3.4.2 (#2460)0f9f3aaBump actions/publish-immutable-action (#2458)f9e715ablock checking out fork pr for pull_request_target and workflow_run (#2454)df4cb1cUpdate changelog for v6.0.3 (#2446)Updates
rust-lang/crates-io-auth-actionfrom 1.0.4 to 1.0.5Release notes
Sourced from rust-lang/crates-io-auth-action's releases.
Commits
c6f97d4Merge pull request #259 from rust-lang/renovate/lock-file-maintenanceb929a92package dist9d23f3bchore(deps): lock file maintenance2b6b194Merge pull request #263 from rust-lang/ci-links-accept-403-as-failure1a7afc2ci(links): accept 403 as success701b15cMerge pull request #260 from rust-lang/renovate/tsdown-0.x-lockfilecf898e1package dist1a6a621chore(deps): update dependency tsdown to v0.22.29f93ac2Merge pull request #261 from rust-lang/renovate/github-actions5463451chore(deps): update github actions to v6.0.3Updates
step-security/action-gh-releasefrom 2.6.1 to 3.0.0Release notes
Sourced from step-security/action-gh-release's releases.
Commits
277bfa8Merge pull request #86 from step-security/auto-cherry-pickfcbd57achore: Cherry-pick conflicting changes from upstream28e0835fix: apply code build script147407frelease: cut v3.0.0 for Node 24 upgrade (#670)b06017crelease: cut v3.0.0 for Node 24 upgrade (#670)7f52c03Merge pull request #87 from step-security/npm-audit-fixe09057efix: apply audit fixes38e3839fix: apply audit fixes30dad22Merge pull request #85 from step-security/auto-cherry-picke5ef807chore: Bump version to 2.6.2Updates
step-security/action-semantic-pull-requestfrom 6.1.1 to 6.1.2Release notes
Sourced from step-security/action-semantic-pull-request's releases.
Commits
75d2dd5Merge pull request #162 from step-security/Raj-StepSecurity-patch-11dce66eeUpdate actions_release.yml80eb62bMerge pull request #161 from step-security/yarn-audit-fixac0700ffix: apply audit fixes92d4228fix: apply audit fixes91fa82ffix: apply audit fixesfed9df2Merge pull request #160 from step-security/feat/update-subscription-check9d0ba60code linted21be1b8feat: added banner and update subscription check to make maintained actions f...57d5042Merge pull request #159 from step-security/yarn-audit-fixUpdates
step-security/rust-cachefrom 2.8.3 to 2.9.1Release notes
Sourced from step-security/rust-cache's releases.
Commits
851174dfix: test vulns fixed (#279)f0d17cdMerge branch 'main' into fix/test-vulnerabilities-fixed90bb4a5chore: Cherry-picked changes from upstream (#281)595123aMerge pull request #280 from step-security/auto-cherry-pickb1072ebconflicted commits cherry-picked374bbf5fix: apply code build scriptdd5ecfffix: apply code build script7791ac0Compare case-insenitively for full cache key match (#303)49df1bdConsider all installed toolchains in cache key (#293)84286e5Consider all installed toolchains in cache key (#293)Updates
taiki-e/install-actionfrom 2.73.0 to 2.82.6Release notes
Sourced from taiki-e/install-action's releases.
... (truncated)
Changelog
Sourced from taiki-e/install-action's changelog.
... (truncated)
Commits
9bcaee1Release 2.82.6e43cd7cUpdatevacuum@latestto 0.29.73761407Updateuv@latestto 0.11.25cb6ad0dUpdate tombi manifest6022671Updatesyft@latestto 1.46.0ab5aae8Update gungraun-runner manifest867613bUpdate editorconfig-checker manifestc5837efUpdatedprint@latestto 0.55.07d41d74Updatecargo-auditable@latestto 0.7.5bffeee2Release 2.82.5Updates
step-security/paths-filterfrom 3.0.5 to 4.0.1Release notes
Sourced from step-security/paths-filter's releases.
Commits
5c5241bMerge pull request #243 from step-security/feat/update-subscription-check4a740b4claude comments addressedc3c4a64feat: added banner and update subscription check to make maintained actions f...e7a5f27Merge pull request #241 from step-security/auto-cherry-pick81a12d9chore: Cherry-picked changes from upstream for conflicting changes8f54c5afeat: add merge_group event support6a7c5d6Merge pull request #240 from step-security/auto-cherry-pickc79c47bchore: Cherry-picked changes from upstream in package.json000dc59feat: update action runtime to node2460b52a2Merge pull request #236 from step-security/auto-cherry-pickUpdates
github/codeql-action/initfrom 4.35.1 to 4.36.2Release notes
Sourced from github/codeql-action/init's releases.
Changelog
Sourced from