chore(deps): bump the actions group across 1 directory with 7 updates

[dependabot]

Bumps the actions group with 7 updates in the / directory:

Package	From	To
actions/checkout	4	6
actions/setup-python	5	6
codecov/codecov-action	5	6
actions/upload-artifact	4	7
cloudflare/wrangler-action	3	4
actions/upload-pages-artifact	3	5
actions/deploy-pages	4	5

Updates actions/checkout from 4 to 6

Release notes

Sourced from actions/checkout's releases.

v6.0.0

What's Changed

• Update README to include Node.js 24 support details and requirements by @​salmanmkc in actions/checkout#2248
• Persist creds to a separate file by @​ericsciple in actions/checkout#2286
• v6-beta by @​ericsciple in actions/checkout#2298
• update readme/changelog for v6 by @​ericsciple in actions/checkout#2311

Full Changelog: actions/checkout@v5.0.0...v6.0.0

v6-beta

What's Changed

Updated persist-credentials to store the credentials under $RUNNER_TEMP instead of directly in the local git config.

This requires a minimum Actions Runner version of v2.329.0 to access the persisted credentials for Docker container action scenarios.

v5.0.1

What's Changed

• Port v6 cleanup to v5 by @​ericsciple in actions/checkout#2301

Full Changelog: actions/checkout@v5...v5.0.1

v5.0.0

What's Changed

• Update actions checkout to use node 24 by @​salmanmkc in actions/checkout#2226
• Prepare v5.0.0 release by @​salmanmkc in actions/checkout#2238

⚠️ Minimum Compatible Runner Version

v2.327.1
Release Notes

Make sure your runner is updated to this version or newer to use this release.

Full Changelog: actions/checkout@v4...v5.0.0

v4.3.1

What's Changed

• Port v6 cleanup to v4 by @​ericsciple in actions/checkout#2305

Full Changelog: actions/checkout@v4...v4.3.1

v4.3.0

What's Changed

• docs: update README.md by @​motss in actions/checkout#1971
• Add internal repos for checking out multiple repositories by @​mouismail in actions/checkout#1977
• Documentation update - add recommended permissions to Readme by @​benwells in actions/checkout#2043

... (truncated)

Commits

• de0fac2 Fix tag handling: preserve annotations and explicit fetch-tags (#2356)
• 064fe7f Add orchestration_id to git user-agent when ACTIONS_ORCHESTRATION_ID is set (...
• 8e8c483 Clarify v6 README (#2328)
• 033fa0d Add worktree support for persist-credentials includeIf (#2327)
• c2d88d3 Update all references from v5 and v4 to v6 (#2314)
• 1af3b93 update readme/changelog for v6 (#2311)
• 71cf226 v6-beta (#2298)
• 069c695 Persist creds to a separate file (#2286)
• ff7abcd Update README to include Node.js 24 support details and requirements (#2248)
• 08c6903 Prepare v5.0.0 release (#2238)
• Additional commits viewable in compare view

Updates actions/setup-python from 5 to 6

Release notes

Sourced from actions/setup-python's releases.

v6.0.0

What's Changed

Breaking Changes

• Upgrade to node 24 by @​salmanmkc in actions/setup-python#1164

Make sure your runner is on version v2.327.1 or later to ensure compatibility with this release. See Release Notes

Enhancements:

• Add support for pip-version by @​priyagupta108 in actions/setup-python#1129
• Enhance reading from .python-version by @​krystof-k in actions/setup-python#787
• Add version parsing from Pipfile by @​aradkdj in actions/setup-python#1067

Bug fixes:

• Clarify pythonLocation behaviour for PyPy and GraalPy in environment variables by @​aparnajyothi-y in actions/setup-python#1183
• Change missing cache directory error to warning by @​aparnajyothi-y in actions/setup-python#1182
• Add Architecture-Specific PATH Management for Python with --user Flag on Windows by @​aparnajyothi-y in actions/setup-python#1122
• Include python version in PyPy python-version output by @​cdce8p in actions/setup-python#1110
• Update docs: clarification on pip authentication with setup-python by @​priya-kinthali in actions/setup-python#1156

Dependency updates:

• Upgrade idna from 2.9 to 3.7 in /tests/data by @​dependabot[bot] in actions/setup-python#843
• Upgrade form-data to fix critical vulnerabilities #182 & #183 by @​aparnajyothi-y in actions/setup-python#1163
• Upgrade setuptools to 78.1.1 to fix path traversal vulnerability in PackageIndex.download by @​aparnajyothi-y in actions/setup-python#1165
• Upgrade actions/checkout from 4 to 5 by @​dependabot[bot] in actions/setup-python#1181
• Upgrade @​actions/tool-cache from 2.0.1 to 2.0.2 by @​dependabot[bot] in actions/setup-python#1095

New Contributors

• @​krystof-k made their first contribution in actions/setup-python#787
• @​cdce8p made their first contribution in actions/setup-python#1110
• @​aradkdj made their first contribution in actions/setup-python#1067

Full Changelog: actions/setup-python@v5...v6.0.0

v5.6.0

What's Changed

• Workflow updates related to Ubuntu 20.04 by @​aparnajyothi-y in actions/setup-python#1065
• Fix for Candidate Not Iterable Error by @​aparnajyothi-y in actions/setup-python#1082
• Upgrade semver and @​types/semver by @​dependabot in actions/setup-python#1091
• Upgrade prettier from 2.8.8 to 3.5.3 by @​dependabot in actions/setup-python#1046
• Upgrade ts-jest from 29.1.2 to 29.3.2 by @​dependabot in actions/setup-python#1081

Full Changelog: actions/setup-python@v5...v5.6.0

v5.5.0

What's Changed

Enhancements:

• Support free threaded Python versions like '3.13t' by @​colesbury in actions/setup-python#973
• Enhance Workflows: Include ubuntu-arm runners, Add e2e Testing for free threaded and Upgrade @​action/cache from 4.0.0 to 4.0.3 by @​priya-kinthali in actions/setup-python#1056
• Add support for .tool-versions file in setup-python by @​mahabaleshwars in actions/setup-python#1043

Bug fixes:

• Fix architecture for pypy on Linux ARM64 by @​mayeut in actions/setup-python#1011 This update maps arm64 to aarch64 for Linux ARM64 PyPy installations.

... (truncated)

Commits

• a309ff8 Bump urllib3 from 2.6.0 to 2.6.3 in /tests/data (#1264)
• bfe8cc5 Upgrade @​actions dependencies to Node 24 compatible versions (#1259)
• 4f41a90 Bump urllib3 from 2.5.0 to 2.6.0 in /tests/data (#1253)
• 83679a8 Bump @​types/node from 24.1.0 to 24.9.1 and update macos-13 to macos-15-intel ...
• bfc4944 Bump prettier from 3.5.3 to 3.6.2 (#1234)
• 97aeb3e Bump requests from 2.32.2 to 2.32.4 in /tests/data (#1130)
• 443da59 Bump actions/publish-action from 0.3.0 to 0.4.0 & Documentation update for pi...
• cfd55ca graalpy: add graalpy early-access and windows builds (#880)
• bba65e5 Bump typescript from 5.4.2 to 5.9.3 and update docs/advanced-usage.md (#1094)
• 18566f8 Improve wording and "fix example" (remove 3.13) on testing against pre-releas...
• Additional commits viewable in compare view

Updates codecov/codecov-action from 5 to 6

Release notes

Sourced from codecov/codecov-action's releases.

v6.0.0

⚠️ This version introduces support for node24 which make cause breaking changes for systems that do not currently support node24. ⚠️

What's Changed

• Revert "Revert "build(deps): bump actions/github-script from 7.0.1 to 8.0.0"" by @​thomasrockhu-codecov in codecov/codecov-action#1929
• Th/6.0.0 by @​thomasrockhu-codecov in codecov/codecov-action#1928

Full Changelog: codecov/codecov-action@v5.5.4...v6.0.0

v5.5.4

This is a mirror of v5.5.2. v6 will be released which requires node24

What's Changed

• Revert "build(deps): bump actions/github-script from 7.0.1 to 8.0.0" by @​thomasrockhu-codecov in codecov/codecov-action#1926
• chore(release): 5.5.4 by @​thomasrockhu-codecov in codecov/codecov-action#1927

Full Changelog: codecov/codecov-action@v5.5.3...v5.5.4

v5.5.3

What's Changed

• build(deps): bump actions/github-script from 7.0.1 to 8.0.0 by @​dependabot[bot] in codecov/codecov-action#1874
• chore(release): bump to 5.5.3 by @​thomasrockhu-codecov in codecov/codecov-action#1922

Full Changelog: codecov/codecov-action@v5.5.2...v5.5.3

v5.5.2

What's Changed

• check gpg only when skip-validation = false by @​maxweng-sentry in codecov/codecov-action#1894
• chore: disable_search alignment by @​freemanzMrojo in codecov/codecov-action#1881
• chore(release): 5.5.2 by @​thomasrockhu-codecov in codecov/codecov-action#1902

New Contributors

• @​maxweng-sentry made their first contribution in codecov/codecov-action#1894
• @​freemanzMrojo made their first contribution in codecov/codecov-action#1881

Full Changelog: codecov/codecov-action@v5.5.1...v5.5.2

v5.5.1

What's Changed

• build(deps): bump ossf/scorecard-action from 2.4.1 to 2.4.2 by @​dependabot[bot] in codecov/codecov-action#1833
• build(deps): bump github/codeql-action from 3.28.18 to 3.29.9 by @​dependabot[bot] in codecov/codecov-action#1861
• Document a codecov-cli version reference example by @​webknjaz in codecov/codecov-action#1774
• docs: fix typo in README by @​datalater in codecov/codecov-action#1866
• fix: update to use local app/ dir by @​thomasrockhu-codecov in codecov/codecov-action#1872
• build(deps): bump github/codeql-action from 3.29.9 to 3.29.11 by @​dependabot[bot] in codecov/codecov-action#1867
• build(deps): bump actions/checkout from 4.2.2 to 5.0.0 by @​dependabot[bot] in codecov/codecov-action#1868
• fix: overwrite pr number on fork by @​thomasrockhu-codecov in codecov/codecov-action#1871

... (truncated)

Changelog

Sourced from codecov/codecov-action's changelog.

v5.5.2

What's Changed

Full Changelog: https://github.com/codecov/codecov-action/compare/v5.5.1..v5.5.2

v5.5.1

What's Changed

• fix: overwrite pr number on fork by @​thomasrockhu-codecov in codecov/codecov-action#1871
• build(deps): bump actions/checkout from 4.2.2 to 5.0.0 by @​app/dependabot in codecov/codecov-action#1868
• build(deps): bump github/codeql-action from 3.29.9 to 3.29.11 by @​app/dependabot in codecov/codecov-action#1867
• fix: update to use local app/ dir by @​thomasrockhu-codecov in codecov/codecov-action#1872
• docs: fix typo in README by @​datalater in codecov/codecov-action#1866
• Document a codecov-cli version reference example by @​webknjaz in codecov/codecov-action#1774
• build(deps): bump github/codeql-action from 3.28.18 to 3.29.9 by @​app/dependabot in codecov/codecov-action#1861
• build(deps): bump ossf/scorecard-action from 2.4.1 to 2.4.2 by @​app/dependabot in codecov/codecov-action#1833

Full Changelog: https://github.com/codecov/codecov-action/compare/v5.5.0..v5.5.1

v5.5.0

What's Changed

• feat: upgrade wrapper to 0.2.4 by @​jviall in codecov/codecov-action#1864
• Pin actions/github-script by Git SHA by @​martincostello in codecov/codecov-action#1859
• fix: check reqs exist by @​joseph-sentry in codecov/codecov-action#1835
• fix: Typo in README by @​spalmurray in codecov/codecov-action#1838
• docs: Refine OIDC docs by @​spalmurray in codecov/codecov-action#1837
• build(deps): bump github/codeql-action from 3.28.17 to 3.28.18 by @​app/dependabot in codecov/codecov-action#1829

Full Changelog: https://github.com/codecov/codecov-action/compare/v5.4.3..v5.5.0

v5.4.3

What's Changed

• build(deps): bump github/codeql-action from 3.28.13 to 3.28.17 by @​app/dependabot in codecov/codecov-action#1822
• fix: OIDC on forks by @​joseph-sentry in codecov/codecov-action#1823

Full Changelog: https://github.com/codecov/codecov-action/compare/v5.4.2..v5.4.3

v5.4.2

... (truncated)

Commits

• e79a696 chore(release): 6.0.1 (#1949)
• 51e6422 fix: prevent template injection in run: steps (VULN-1652) (#1947)
• 57e3a13 Th/6.0.0 (#1928)
• f67d33d Revert "Revert "build(deps): bump actions/github-script from 7.0.1 to 8.0.0""...
• See full diff in compare view

Updates actions/upload-artifact from 4 to 7

Release notes

Sourced from actions/upload-artifact's releases.

v7.0.0

v7 What's new

Direct Uploads

Adds support for uploading single files directly (unzipped). Callers can set the new archive parameter to false to skip zipping the file during upload. Right now, we only support single files. The action will fail if the glob passed resolves to multiple files. The name parameter is also ignored with this setting. Instead, the name of the artifact will be the name of the uploaded file.

ESM

To support new versions of the @actions/* packages, we've upgraded the package to ESM.

What's Changed

• Add proxy integration test by @​Link- in actions/upload-artifact#754
• Upgrade the module to ESM and bump dependencies by @​danwkennedy in actions/upload-artifact#762
• Support direct file uploads by @​danwkennedy in actions/upload-artifact#764

New Contributors

• @​Link- made their first contribution in actions/upload-artifact#754

Full Changelog: actions/upload-artifact@v6...v7.0.0

v6.0.0

v6 - What's new

[!IMPORTANT] actions/upload-artifact@v6 now runs on Node.js 24 (runs.using: node24) and requires a minimum Actions Runner version of 2.327.1. If you are using self-hosted runners, ensure they are updated before upgrading.

Node.js 24

This release updates the runtime to Node.js 24. v5 had preliminary support for Node.js 24, however this action was by default still running on Node.js 20. Now this action by default will run on Node.js 24.

What's Changed

• Upload Artifact Node 24 support by @​salmanmkc in actions/upload-artifact#719
• fix: update @​actions/artifact for Node.js 24 punycode deprecation by @​salmanmkc in actions/upload-artifact#744
• prepare release v6.0.0 for Node.js 24 support by @​salmanmkc in actions/upload-artifact#745

Full Changelog: actions/upload-artifact@v5.0.0...v6.0.0

v5.0.0

What's Changed

BREAKING CHANGE: this update supports Node v24.x. This is not a breaking change per-se but we're treating it as such.

• Update README.md by @​GhadimiR in actions/upload-artifact#681
• Update README.md by @​nebuk89 in actions/upload-artifact#712
• Readme: spell out the first use of GHES by @​danwkennedy in actions/upload-artifact#727
• Update GHES guidance to include reference to Node 20 version by @​patrikpolyak in actions/upload-artifact#725
• Bump @actions/artifact to v4.0.0
• Prepare v5.0.0 by @​danwkennedy in actions/upload-artifact#734

... (truncated)

Commits

• 043fb46 Merge pull request #797 from actions/yacaovsnc/update-dependency
• 634250c Include changes in typespec/ts-http-runtime 0.3.5
• e454baa Readme: bump all the example versions to v7 (#796)
• 74fad66 Update the readme with direct upload details (#795)
• bbbca2d Support direct file uploads (#764)
• 589182c Upgrade the module to ESM and bump dependencies (#762)
• 47309c9 Merge pull request #754 from actions/Link-/add-proxy-integration-tests
• 02a8460 Add proxy integration test
• b7c566a Merge pull request #745 from actions/upload-artifact-v6-release
• e516bc8 docs: correct description of Node.js 24 support in README
• Additional commits viewable in compare view

Updates cloudflare/wrangler-action from 3 to 4

Release notes

Sourced from cloudflare/wrangler-action's releases.

v4.0.0

Major Changes

• #412 1029e90 Thanks @​ericclemmons! - Update default Wrangler version to v4 (latest). The action now installs Wrangler v4 by default when no wranglerVersion input is specified. Users can still pin to v3 by setting wranglerVersion: "3.90.0" explicitly.

v3.15.0

Minor Changes

• #426 febbda6 Thanks @​WillTaylorDev! - Support version ranges and tags in wranglerVersion input. You can now set wranglerVersion to values like 4, ^4.0.0, 4.x, or latest instead of only exact versions like 4.81.0.

v3.14.1

Patch Changes

• #358 cd6314a Thanks @​penalosa! - Use secret bulk instead of deprecated secret:bulk command

v3.14.0

Minor Changes

• #351 4ff07f4 Thanks @​Maximo-Guk! - Use wrangler outputs for version upload and wrangler deploy

Patch Changes

• #350 e209094 Thanks @​Maximo-Guk! - Handle failures in createGitHubDeployment and createGitHubJobSummary

v3.13.1

Patch Changes

• #345 e819570 Thanks @​Maximo-Guk! - fix: Pages GitHub Deployment not triggering

v3.13.0

Minor Changes

• #325 cada7a6 Thanks @​Maximo-Guk! - Add GitHub deployments and job summaries for parity with pages-action

• #334 9fed19a Thanks @​Maximo-Guk! - Bump default wrangler version to 3.90.0

v3.12.1

Patch Changes

• #319 59c04629408d58978884fadd18755f1a15f96157 Thanks @​Maximo-Guk! - Fixes #317: Generate a new output directory with a randomUUID in the tmpDir, so that when the action is executed multiple times, we use the artifacts from that run, opposed to the artifacts from a previous run.

v3.12.0

Minor Changes

• #312 122ee5cf5b66847e0b6cfa67ecd9e03e38a67a42 Thanks @​Maximo-Guk! - This reapplies 303 add parity with pages-action for pages deploy outputs. Thanks @​courtney-sims! - Support pages-deployment-id, pages-environment, pages-deployment-alias-url and deployment-url outputs for Pages deploys when wrangler version is >=3.81.0. deployment-alias-url was also deprecated in favour of pages-deployment-alias.

v3.11.0

Minor Changes

• #309 10d5b9c1c1826adaec0a9ee49fdf5b91113508ef Thanks @​Maximo-Guk! - Revert "Add parity with pages-action for pages deploy outputs"

... (truncated)

Changelog

Sourced from cloudflare/wrangler-action's changelog.

Changelog

4.0.0

Major Changes

• #412 1029e90 Thanks @​ericclemmons! - Update default Wrangler version to v4 (latest). The action now installs Wrangler v4 by default when no wranglerVersion input is specified. Users can still pin to v3 by setting wranglerVersion: "3.90.0" explicitly.

3.15.0

Minor Changes

• #426 febbda6 Thanks @​WillTaylorDev! - Support version ranges and tags in wranglerVersion input. You can now set wranglerVersion to values like 4, ^4.0.0, 4.x, or latest instead of only exact versions like 4.81.0.

3.14.1

Patch Changes

• #358 cd6314a Thanks @​penalosa! - Use secret bulk instead of deprecated secret:bulk command

3.14.0

Minor Changes

• #351 4ff07f4 Thanks @​Maximo-Guk! - Use wrangler outputs for version upload and wrangler deploy

Patch Changes

• #350 e209094 Thanks @​Maximo-Guk! - Handle failures in createGitHubDeployment and createGitHubJobSummary

3.13.1

Patch Changes

• #345 e819570 Thanks @​Maximo-Guk! - fix: Pages GitHub Deployment not triggering

3.13.0

Minor Changes

• #325 cada7a6 Thanks @​Maximo-Guk! - Add GitHub deployments and job summaries for parity with pages-action

• #334 9fed19a Thanks @​Maximo-Guk! - Bump default wrangler version to 3.90.0

3.12.1

Patch Changes

• #319 59c04629408d58978884fadd18755f1a15f96157 Thanks @​Maximo-Guk! - Fixes #317: Generate a new output directory with a randomUUID in the tmpDir, so that when the action is executed multiple times, we use the artifacts from that run, opposed to the artifacts from a previous run.

... (truncated)

Commits

• ebbaa15 Automatic compilation
• a61fbea Merge pull request #429 from cloudflare/changeset-release/main
• e804ea3 Version Packages
• 8d0324a fix: update release workflow to v5 actions and regenerate lockfile
• 2f18b18 Merge pull request #431 from cloudflare/fix/semgrep-blocking-findings
• 622ff0d fix: upgrade checkout and setup-node to v5 for Node 24 runtime
• f501f05 fix: force GitHub actions to run on Node 24 via env var
• f990691 fix: resolve npm audit vulnerabilities via undici override and vitest v3
• 652762d fix: migrate action runtime from node20 to node24
• bd3f4f0 fix: add retry support to worker health check using better-result
• Additional commits viewable in compare view

Updates actions/upload-pages-artifact from 3 to 5

Release notes

Sourced from actions/upload-pages-artifact's releases.

v5.0.0

Changelog

• Update upload-artifact action to version 7 @​Tom-van-Woudenberg (#139)
• feat: add include-hidden-files input @​jonchurch (#137)

See details of all code changes since previous release.

v4.0.0

What's Changed

• Potentially breaking change: hidden files (specifically dotfiles) will not be included in the artifact by @​tsusdere in actions/upload-pages-artifact#102 If you need to include dotfiles in your artifact: instead of using this action, create your own artifact according to these requirements https://github.com/actions/upload-pages-artifact?tab=readme-ov-file#artifact-validation
• Pin actions/upload-artifact to SHA by @​heavymachinery in actions/upload-pages-artifact#127

Full Changelog: actions/upload-pages-artifact@v3.0.1...v4.0.0

v3.0.1

Changelog

• Group tar's output to prevent it from messing up action logs @​SilverRainZ (#94)
• Update README.md @​uiolee (#88)
• Bump the non-breaking-changes group with 1 update @​dependabot (#92)
• Update Dependabot config to group non-breaking changes @​JamesMGreene (#91)
• Bump actions/checkout from 3 to 4 @​dependabot (#76)

See details of all code changes since previous release.

Commits

• fc324d3 Merge pull request #139 from Tom-van-Woudenberg/patch-1
• fe9d4b7 Merge branch 'main' into patch-1
• 0ca1617 Merge pull request #137 from jonchurch/include-hidden-files
• 57f0e84 Update action.yml
• 4a90348 v7 --> hash
• 56f665a Update upload-artifact action to version 7
• f7615f5 Add include-hidden-files input
• 7b1f4a7 Merge pull request #127 from heavymachinery/pin-sha
• 4cc19c7 Pin actions/upload-artifact to SHA
• 2d163be Merge pull request #107 from KittyChiu/main
• Additional commits viewable in compare view

Updates actions/deploy-pages from 4 to 5

Release notes

Sourced from actions/deploy-pages's releases.

v5.0.0

Changelog

• Update Node.js version to 24.x @​salmanmkc (#404)
• Add workflow file for publishing releases to immutable action package @​Jcambass (#374)
• Bump braces from 3.0.2 to 3.0.3 in the npm_and_yarn group across 1 directory @​dependabot (#360)
• Make the rebuild dist workflow work nicer with Dependabot @​yoannchaudet (#361)
• Bump the non-breaking-changes group across 1 directory with 3 updates @​dependabot (#358)
• Delete repeated sentence @​garethsb (#359)
• Update README.md @​tsusdere (#348)
• Bump the non-breaking-changes group with 4 updates @​dependabot (#341)
• Remove error message for file permissions @​TooManyBees (#340)

---

See details of all code changes since previous release.

⚠️ For use with products other than GitHub.com, such as GitHub Enterprise Server, please consult the compatibility table.

v4.0.5

Changelog

• On API error, the error message will surface the API request ID @​TooManyBees (#324)
• Bump the non-breaking-changes group with 2 updates @​dependabot (#318)
• Bump the non-breaking-changes group with 1 update @​dependabot (#316)
• Bump the non-breaking-changes group with 3 updates @​dependabot (#314)
• Bump release-drafter/release-drafter from 5.25.0 to 6.0.0 @​dependabot (#311)

---

See details of all code changes since previous release.

⚠️ For use with products other than GitHub.com, such as GitHub Enterprise Server, please consult the compatibility table.

v4.0.4

Changelog

• Update api-client.js @​lmammino (#295)
• fix typo: compatibilty -> compatibility @​SimonSiefke (#298)
• Bump @​actions/artifact from 2.0.1 to 2.1.1 @​dependabot (#310)
• Update Dependabot config to group non-breaking changes @​JamesMGreene (#307)

---

See details of all code changes since previous release.

⚠️ For use with products other than GitHub.com, such as GitHub Enterprise Server, please consult the compatibility table.

v4.0.3

Changelog

... (truncated)

Commits

• cd2ce8f Merge pull request #404 from salmanmkc/node24
• bbe2a95 Update Node.js version to 24.x
• 854d7aa Merge pull request #374 from actions/Jcambass-patch-1
• 306bb81 Add workflow file for publishing releases to immutable action package
• b742728 Merge pull request #360 from actions/dependabot/npm_and_yarn/npm_and_yarn-513...
• 7273294 Bump braces in the npm_and_yarn group across 1 directory
• 963791f Merge pull request #361 from actions/dependabot-friendly
• 51bb29d Make the rebuild dist workflow safer for Dependabot
• 89f3d10 Merge pull request #358 from actions/dependabot/npm_and_yarn/non-breaking-cha...
• bce7355 Merge branch 'main' into dependabot/npm_and_yarn/non-breaking-changes-99c12deb21
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove th...

Description has been truncated

[dependabot]

Labels

The following labels could not be found: dependencies, github-actions. Please create them before Dependabot can add them to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.