Bump the all-actions group across 1 directory with 13 updates #85

dependabot · 2025-02-02T16:42:48Z

Bumps the all-actions group with 13 updates in the / directory:

Package	From	To
actions/add-to-project	`1.0.1`	`1.0.2`
actions/checkout	`4.1.3`	`4.2.2`
ruby/setup-ruby	`1.176.0`	`1.215.0`
actions/setup-go	`5.0.1`	`5.3.0`
github/codeql-action	`3.24.11`	`3.28.8`
codespell-project/actions-codespell	`2.0`	`2.1`
actions/dependency-review-action	`4.3.2`	`4.5.0`
actions/create-github-app-token	`1.10.0`	`1.11.2`
sigstore/cosign-installer	`3.5.0`	`3.7.0`
ossf/scorecard-action	`2.3.3`	`2.4.0`
actions/cache	`4.0.2`	`4.2.0`
actions/upload-artifact	`4.3.3`	`4.6.0`
actions/stale	`9.0.0`	`9.1.0`

Updates actions/add-to-project from 1.0.1 to 1.0.2

Release notes

Sourced from actions/add-to-project's releases.

v1.0.2

What's Changed

build(deps-dev): bump braces from 3.0.2 to 3.0.3 by @dependabot in actions/add-to-project#583

build(deps-dev): bump @types/node from 16.18.96 to 16.18.101 by @dependabot in actions/add-to-project#588

build(deps-dev): bump ts-jest from 29.1.2 to 29.1.5 by @dependabot in actions/add-to-project#582

build(deps-dev): bump @typescript-eslint/parser from 7.6.0 to 7.14.1 by @dependabot in actions/add-to-project#589

build(deps-dev): bump @typescript-eslint/eslint-plugin from 7.6.0 to 7.14.1 by @dependabot in actions/add-to-project#590

build(deps-dev): bump eslint-plugin-jest from 27.9.0 to 28.6.0 by @dependabot in actions/add-to-project#578

Dependabot/npm and yarn/eslint plugin jest 28.6.0 fixes by @talune in actions/add-to-project#591

Full Changelog: actions/add-to-project@v1.0.1...v1.0.2

Commits

244f685 Merge pull request #591 from actions/dependabot/npm_and_yarn/eslint-plugin-je...
2a5ef71 Build and package
8c11461 Update license for json-schema.dep.yml
66f6cff Merge pull request #578 from actions/dependabot/npm_and_yarn/eslint-plugin-je...
ddf5099 Merge pull request #590 from actions/dependabot/npm_and_yarn/typescript-eslin...
da1ae5b build(deps-dev): bump @typescript-eslint/eslint-plugin
ced87c7 Merge pull request #589 from actions/dependabot/npm_and_yarn/typescript-eslin...
c78e6a1 Merge pull request #582 from actions/dependabot/npm_and_yarn/ts-jest-29.1.5
267a19f build(deps-dev): bump @typescript-eslint/parser from 7.6.0 to 7.14.1
e005a86 Merge pull request #588 from actions/dependabot/npm_and_yarn/types/node-16.18...
Additional commits viewable in compare view

Updates actions/checkout from 4.1.3 to 4.2.2

Release notes

Sourced from actions/checkout's releases.

v4.2.2

What's Changed

url-helper.ts now leverages well-known environment variables by @jww3 in actions/checkout#1941

Expand unit test coverage for isGhes by @jww3 in actions/checkout#1946

Full Changelog: actions/checkout@v4.2.1...v4.2.2

v4.2.1

What's Changed

Check out other refs/* by commit if provided, fall back to ref by @orhantoy in actions/checkout#1924

New Contributors

@Jcambass made their first contribution in actions/checkout#1919

Full Changelog: actions/checkout@v4.2.0...v4.2.1

v4.2.0

What's Changed

Add Ref and Commit outputs by @lucacome in actions/checkout#1180

Dependabot updates in actions/checkout#1777 & actions/checkout#1872

New Contributors

@yasonk made their first contribution in actions/checkout#1869

@lucacome made their first contribution in actions/checkout#1180

Full Changelog: actions/checkout@v4.1.7...v4.2.0

v4.1.7

What's Changed

Bump the minor-npm-dependencies group across 1 directory with 4 updates by @dependabot in actions/checkout#1739

Bump actions/checkout from 3 to 4 by @dependabot in actions/checkout#1697

Check out other refs/* by commit by @orhantoy in actions/checkout#1774

Pin actions/checkout's own workflows to a known, good, stable version. by @jww3 in actions/checkout#1776

New Contributors

@orhantoy made their first contribution in actions/checkout#1774

Full Changelog: actions/checkout@v4.1.6...v4.1.7

v4.1.6

What's Changed

Check platform to set archive extension appropriately by @cory-miller in actions/checkout#1732

Update for 4.1.6 release by @cory-miller in actions/checkout#1733

Full Changelog: actions/checkout@v4.1.5...v4.1.6

v4.1.5

What's Changed

... (truncated)

Changelog

Sourced from actions/checkout's changelog.

Changelog

v4.2.2

url-helper.ts now leverages well-known environment variables by @jww3 in actions/checkout#1941

Expand unit test coverage for isGhes by @jww3 in actions/checkout#1946

v4.2.1

Check out other refs/* by commit if provided, fall back to ref by @orhantoy in actions/checkout#1924

v4.2.0

Add Ref and Commit outputs by @lucacome in actions/checkout#1180

Dependency updates by @dependabot- actions/checkout#1777, actions/checkout#1872

v4.1.7

Bump the minor-npm-dependencies group across 1 directory with 4 updates by @dependabot in actions/checkout#1739

Bump actions/checkout from 3 to 4 by @dependabot in actions/checkout#1697

Check out other refs/* by commit by @orhantoy in actions/checkout#1774

Pin actions/checkout's own workflows to a known, good, stable version. by @jww3 in actions/checkout#1776

v4.1.6

Check platform to set archive extension appropriately by @cory-miller in actions/checkout#1732

v4.1.5

Update NPM dependencies by @cory-miller in actions/checkout#1703

Bump github/codeql-action from 2 to 3 by @dependabot in actions/checkout#1694

Bump actions/setup-node from 1 to 4 by @dependabot in actions/checkout#1696

Bump actions/upload-artifact from 2 to 4 by @dependabot in actions/checkout#1695

README: Suggest user.email to be 41898282+github-actions[bot]@users.noreply.github.com by @cory-miller in actions/checkout#1707

v4.1.4

Disable extensions.worktreeConfig when disabling sparse-checkout by @jww3 in actions/checkout#1692

Add dependabot config by @cory-miller in actions/checkout#1688

Bump the minor-actions-dependencies group with 2 updates by @dependabot in actions/checkout#1693

Bump word-wrap from 1.2.3 to 1.2.5 by @dependabot in actions/checkout#1643

v4.1.3

Check git version before attempting to disable sparse-checkout by @jww3 in actions/checkout#1656

Add SSH user parameter by @cory-miller in actions/checkout#1685

Update actions/checkout version in update-main-version.yml by @jww3 in actions/checkout#1650

v4.1.2

Fix: Disable sparse checkout whenever sparse-checkout option is not present @dscho in actions/checkout#1598

v4.1.1

Correct link to GitHub Docs by @peterbe in actions/checkout#1511

Link to release page from what's new section by @cory-miller in actions/checkout#1514

v4.1.0

Add support for partial checkout filters

... (truncated)

Commits

11bd719 Prepare 4.2.2 Release (#1953)
e3d2460 Expand unit test coverage (#1946)
163217d url-helper.ts now leverages well-known environment variables. (#1941)
eef6144 Prepare 4.2.1 release (#1925)
6b42224 Add workflow file for publishing releases to immutable action package (#1919)
de5a000 Check out other refs/* by commit if provided, fall back to ref (#1924)
d632683 Prepare 4.2.0 release (#1878)
6d193bf Bump braces from 3.0.2 to 3.0.3 (#1777)
db0cee9 Bump the minor-npm-dependencies group across 1 directory with 4 updates (#1872)
b684943 Add Ref and Commit outputs (#1180)
Additional commits viewable in compare view

Updates ruby/setup-ruby from 1.176.0 to 1.215.0

Release notes

Sourced from ruby/setup-ruby's releases.

v1.215.0

What's Changed

Add jruby-9.4.11.0 by @ruby-builder-bot in ruby/setup-ruby#699

Full Changelog: ruby/setup-ruby@v1.214.0...v1.215.0

v1.214.0

What's Changed

Add jruby-9.4.10.0 by @ruby-builder-bot in ruby/setup-ruby#697

Add truffleruby-24.1.2,truffleruby+graalvm-24.1.2 by @ruby-builder-bot in ruby/setup-ruby#698

Full Changelog: ruby/setup-ruby@v1.213.0...v1.214.0

v1.213.0

Add ubuntu-22.04-arm64 and ubuntu-24.04-arm64 support.

Full Changelog: ruby/setup-ruby@v1.212.0...v1.213.0

v1.212.0

What's Changed

Update CRuby releases on Windows by @ruby-builder-bot in ruby/setup-ruby#694

Full Changelog: ruby/setup-ruby@v1.211.0...v1.212.0

v1.211.0

What's Changed

Support new windows-2025 GHA image by @MSP-Greg in ruby/setup-ruby#693

Full Changelog: ruby/setup-ruby@v1.210.0...v1.211.0

v1.210.0

What's Changed

yarn.lock - Remove @actions/core 1.10.1, use @actions/core 1.11.1 by @MSP-Greg in ruby/setup-ruby#691

Full Changelog: ruby/setup-ruby@v1.209.0...v1.210.0

v1.209.0

What's Changed

Time sensitive: upgrade @actions/cache to ^4.0.0 by @Link- in ruby/setup-ruby#688

New Contributors

@Link- made their first contribution in ruby/setup-ruby#688

Full Changelog: ruby/setup-ruby@v1.208.0...v1.209.0

... (truncated)

Commits

2654679 Add jruby-9.4.11.0
1287d2b Add truffleruby-24.1.2,truffleruby+graalvm-24.1.2
84b14e9 Add jruby-9.4.10.0
28c4ded ubuntu-22.04-arm64 and ubuntu-24.04-arm64 support is complete
fbaef13 Add support for ubuntu-22.04-arm64 and ubuntu-24.04-arm64
f72249c Update CRuby releases on Windows
87b4893 test.yml -add windows-2025
fd2daea common.js - add windows-2025
1d54274 yarn.lock - Remove @actions/core 1.10.1, use @actions/core 1.11.1
7a63021 Workaround missing require 'logger' in Rails
Additional commits viewable in compare view

Updates actions/setup-go from 5.0.1 to 5.3.0

Release notes

Sourced from actions/setup-go's releases.

v5.3.0

What's Changed

Use the new cache service: upgrade @actions/cache to ^4.0.0 by @Link- in actions/setup-go#531

Configure Dependabot settings by @HarithaVattikuti in actions/setup-go#530

Document update - permission section by @HarithaVattikuti in actions/setup-go#533

Bump actions/publish-immutable-action from 0.0.3 to 0.0.4 by @dependabot in actions/setup-go#534

New Contributors

@Link- made their first contribution in actions/setup-go#531

Full Changelog: actions/setup-go@v5...v5.3.0

v5.2.0

What's Changed

Leveraging the raw API to retrieve the version-manifest, as it does not impose a rate limit and hence facilitates unrestricted consumption without the need for a token for Github Enterprise Servers by @Shegox in actions/setup-go#496

New Contributors

@Shegox made their first contribution in actions/setup-go#496

Full Changelog: actions/setup-go@v5...v5.2.0

v5.1.0

What's Changed

Add workflow file for publishing releases to immutable action package by @Jcambass in actions/setup-go#500

Upgrade IA Publish by @Jcambass in actions/setup-go#502

Add architecture to cache key by @Zxilly in actions/setup-go#493 This addresses issues with caching by adding the architecture (arch) to the cache key, ensuring that cache keys are accurate to prevent conflicts. Note: This change may break previous cache keys as they will no longer be compatible with the new format.

Enhance workflows and Upgrade micromatch Dependency by @priyagupta108 in actions/setup-go#510

Bug Fixes

Revise isGhes logic by @jww3 in actions/setup-go#511

New Contributors

@Zxilly made their first contribution in actions/setup-go#493

@Jcambass made their first contribution in actions/setup-go#500

@jww3 made their first contribution in actions/setup-go#511

@priyagupta108 made their first contribution in actions/setup-go#510

Full Changelog: actions/setup-go@v5...v5.1.0

v5.0.2

What's Changed

Bug fixes:

Fix versions check failure by @HarithaVattikuti in actions/setup-go#479

Dependency updates:

Bump braces from 3.0.2 to 3.0.3 and undici from 5.28.3 to 5.28.4 by @dependabot in actions/setup-go#487

... (truncated)

Commits

f111f33 Bump actions/publish-immutable-action from 0.0.3 to 0.0.4 (#534)
3d10edb Add new permission section (#533)
43e1389 Configure Dependabot settings (#530)
f81f022 Use the new cache service: upgrade @actions/cache to ^4.0.0 (#531)
3041bf5 feat: fallback to "raw" endpoint for manifest when rate limit is reached (#496)
41dfa10 Enhance workflows and Upgrade micromatch Dependency (#510)
9419772 Revise isGhes logic (#511)
d60b41a Merge pull request #502 from actions/Jcambass-patch-1
e09f57f Upgrade IA Publish
df1a117 Merge pull request #500 from actions/Jcambass-patch-1
Additional commits viewable in compare view

Updates github/codeql-action from 3.24.11 to 3.28.8

Release notes

Sourced from github/codeql-action's releases.

v3.28.8

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.28.8 - 29 Jan 2025

Enable support for Kotlin 2.1.10 when running with CodeQL CLI v2.20.3. #2744

See the full CHANGELOG.md for more information.

v3.28.7

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.28.7 - 29 Jan 2025

No user facing changes.

See the full CHANGELOG.md for more information.

v3.28.6

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.28.6 - 27 Jan 2025

Re-enable debug artifact upload for CLI versions 2.20.3 or greater. #2726

See the full CHANGELOG.md for more information.

v3.28.5

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.28.5 - 24 Jan 2025

Update default CodeQL bundle version to 2.20.3. #2717

See the full CHANGELOG.md for more information.

v3.28.4

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.28.4 - 23 Jan 2025

... (truncated)

Changelog

Sourced from github/codeql-action's changelog.

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

[UNRELEASED]

No user facing changes.

3.28.8 - 29 Jan 2025

Enable support for Kotlin 2.1.10 when running with CodeQL CLI v2.20.3. #2744

3.28.7 - 29 Jan 2025

No user facing changes.

3.28.6 - 27 Jan 2025

Re-enable debug artifact upload for CLI versions 2.20.3 or greater. #2726

3.28.5 - 24 Jan 2025

Update default CodeQL bundle version to 2.20.3. #2717

3.28.4 - 23 Jan 2025

No user facing changes.

3.28.3 - 22 Jan 2025

Update default CodeQL bundle version to 2.20.2. #2707

Fix an issue downloading the CodeQL Bundle from a GitHub Enterprise Server instance which occurred when the CodeQL Bundle had been synced to the instance using the CodeQL Action sync tool and the Actions runner did not have Zstandard installed. #2710

Uploading debug artifacts for CodeQL analysis is temporarily disabled. #2712

3.28.2 - 21 Jan 2025

No user facing changes.

3.28.1 - 10 Jan 2025

CodeQL Action v2 is now deprecated, and is no longer updated or supported. For better performance, improved security, and new features, upgrade to v3. For more information, see this changelog post. #2677

Update default CodeQL bundle version to 2.20.1. #2678

3.28.0 - 20 Dec 2024

Bump the minimum CodeQL bundle version to 2.15.5. #2655

Don't fail in the unusual case that a file is on the search path. #2660.

3.27.9 - 12 Dec 2024

... (truncated)

Commits

dd74661 Merge pull request #2746 from github/update-v3.28.8-a91a3f767
3210a3c Fix Kotlin version in changelog
72f9d02 Update changelog for v3.28.8
a91a3f7 Merge pull request #2744 from github/igfoo/kot2.1.10
c520fb5 Merge pull request #2745 from github/mergeback/v3.28.7-to-main-6e545590
3879c57 Add changelog entry
0c21937 Run "npm run build"
5a61bf0 Kotlin: The 2.20.3 release supports Kotlin 2.1.10.
163d119 Update checked-in dependencies
bcf5cec Update changelog and version after v3.28.7
Additional commits viewable in compare view

Updates codespell-project/actions-codespell from 2.0 to 2.1

Release notes

Sourced from codespell-project/actions-codespell's releases.

v2.1

What's Changed

Use v2 in README by @okuramasafumi in codespell-project/actions-codespell#69

Bump actions/checkout from 3 to 4 by @dependabot in codespell-project/actions-codespell#72

Bump actions/setup-python from 4 to 5 by @dependabot in codespell-project/actions-codespell#74

feat: bump to use node20 runtime by @kbdharun in codespell-project/actions-codespell#71

[pre-commit.ci] pre-commit autoupdate by @pre-commit-ci in codespell-project/actions-codespell#76

New Contributors

@okuramasafumi made their first contribution in codespell-project/actions-codespell#69

@dependabot made their first contribution in codespell-project/actions-codespell#72

@kbdharun made their first contribution in codespell-project/actions-codespell#71

@pre-commit-ci made their first contribution in codespell-project/actions-codespell#76

Full Changelog: codespell-project/actions-codespell@v2...v2.1

Commits

406322e [pre-commit.ci] pre-commit autoupdate (#76)
3174815 feat: bump to use node20 runtime (#71)
8edd9f2 Bump actions/setup-python from 4 to 5 (#74)
8dc8168 Bump actions/checkout from 3 to 4 (#72)
41170f1 Use v2 in README (#69)
See full diff in compare view

Updates actions/dependency-review-action from 4.3.2 to 4.5.0

Release notes

Sourced from actions/dependency-review-action's releases.

v4.5.0

What's Changed

Bump got from 14.4.2 to 14.4.3 by @dependabot in actions/dependency-review-action#844

Bump nodemon from 3.1.0 to 3.1.7 by @dependabot in actions/dependency-review-action#847

Bump @vercel/ncc from 0.38.1 to 0.38.3 by @dependabot in actions/dependency-review-action#849

Overriding the cross-spawn dependency to use a safe version by @Ahmed3lmallah in actions/dependency-review-action#850

fix: add summary comment on failure when warn-only: true by @ebickle in actions/dependency-review-action#827

Prepare for 4.5.0 release by @Ahmed3lmallah in actions/dependency-review-action#851

New Contributors

@ebickle made their first contribution in actions/dependency-review-action#827

Full Changelog: actions/dependency-review-action@v4...v4.5.0

v4.4.0

What's Changed

Fix for merge_group event bug by @Ahmed3lmallah in actions/dependency-review-action#846

Full Changelog: actions/dependency-review-action@v4.3.5...v4.4.0

v4.3.5

What's Changed

fix: getRefs function to handle merge_group events by @louis-bompart in actions/dependency-review-action#766

Create pull_request_template.md by @jonjanego in actions/dependency-review-action#794

Update CONTRIBUTING.md by @jonjanego in actions/dependency-review-action#793

Bump @types/node from 20.11.28 to 20.16.0 by @dependabot in actions/dependency-review-action#815

Upgrade transitive micromatch library by @elireisman in actions/dependency-review-action#829

Do not list changed dependencies in summary by @hmaurer in actions/dependency-review-action#828

Update stale.yaml by @jonjanego in actions/dependency-review-action#832

Bump got from 14.4.1 to 14.4.2 by @dependabot in actions/dependency-review-action#822

Bump eslint-plugin-jest and ts-jest by @Ahmed3lmallah in actions/dependency-review-action#840

New Contributors

@louis-bompart made their first contribution in actions/dependency-review-action#766

@Ahmed3lmallah made their first contribution in actions/dependency-review-action#840

Full Changelog: actions/dependency-review-action@v4.3.4...v4.3.5

v4.3.4

What's Changed

Include all added dependencies in scorecard entries by @elireisman in actions/dependency-review-action#783

Update SPDX Expression Parsing by @febuiles in actions/dependency-review-action#719

This PR is a significant refactor of SPDX expression parsing that may fix some bugs, but unfortunately there are several related known issues that remain unresolved as of this version.

Full Changelog: actions/dependency-review-action@v4.3.3...v4.3.4

Notes for v4.3.3

What's Changed

Allow slashes in purl package names by @juxtin in actions/dependency-review-action#765

... (truncated)

Commits

3b139cf Merge pull request #851 from actions/ahmed3lmallah/prepare-for-4.5.0-release
d6807b6 updating generated code
c89b41f addressing lint issues
eee97d8 incrementing project version
9d10182 Merge pull request #827 from ebickle/fix/comment-warn-only
9192be9 Merge pull request #850 from actions/ahmed3lmallah/adressing-CVE-2024-21538
2fc8e23 Using cross-spawn safe version
fb86db2 fix: resolve race conditions in async core.group calls
0a198ab fix: replace integer failureCount with boolean
fc499fc Merge branch 'main' into fix/comment-warn-only
Additional commits viewable in compare view

Updates actions/create-github-app-token from 1.10.0 to 1.11.2

Release notes

Sourced from actions/create-github-app-token's releases.

v1.11.2

1.11.2 (2025-01-30)

Bug Fixes

deps: bump @octokit/request from 9.1.3 to 9.1.4 in the production-dependencies group (#196) (b4192a5), closes #730 #730 #729 #727 #726 #723 #724 #722 #721 #720 #719

deps: bump undici from 6.19.8 to 7.2.0 (#198) (29aa051), closes nodejs/undici#3958 nodejs/undici#3955 nodejs/undici#3962 nodejs/undici#3921 nodejs/undici#3923 nodejs/undici#3925 nodejs/undici#3926 nodejs/undici#3924 nodejs/undici#3933 nodejs/undici#3916 nodejs/undici#3930 nodejs/undici#3938 #3937 nodejs/undici#3940 nodejs/undici#3931 nodejs/undici#3941 nodejs/undici#3911 nodejs/undici#3888 nodejs/undici#3939 nodejs/undici#3947 nodejs/undici#3945 nodejs/undici#3916 nodejs/undici#3893 nodejs/undici#3902 #3901 nodejs/undici#3903 nodejs/undici#3905 nodejs/undici#3900 nodejs/undici#3913 nodejs/undici#3910 nodejs/undici#3909 nodejs/undici#3906 nodejs/undici#3922 #3962 #3955 #3958 #3945 #3947 #3939 #3888 #3911 #3941

v1.11.1

What's Changed

Bug Fixes

deps: bump the production-dependencies group across 1 directory with 3 updates by @dependabot in actions/create-github-app-token#193

Full Changelog: actions/create-github-app-token@v1.11.0...v1.11.1

v1.11.0

What's Changed

Features

Allow repositories input to be comma or newline-separated by @peter-evans in actions/create-github-app-token#169

New Contributors

@peter-evans made their first contribution in actions/create-github-app-token#169

Full Changelog: actions/create-github-app-token@v1.10.4...v1.11.0

v1.10.4

What's Changed

build(deps-dev): bump the development-dependencies group with 4 updates by @dependabot in actions/create-github-app-token#150

docs(README): fix the git committer string and Configure git CLI examples by @maboloshi in actions/create-github-app-token#151

docs(readme): document how a Base64 private key could be decoded by @vleon1a in actions/create-github-app-token#155

test: fix test file extensions and inputs for repositories by @parkerbxyz in actions/create-github-app-token#161

build(deps-dev): bump the development-dependencies group across 1 directory with 4 updates by @dependabot in actions/create-github-app-token#167

Bug Fixes

bump the production-dependencies group across 1 directory with 3 updates by @dependabot in actions/create-github-app-token#166

New Contributors

@vleon1a made their first contribution in actions/create-github-app-token#155

Full Changelog: actions/create-github-app-token@v1.10.3...v1.10.4

... (truncated)

Commits

136412a build(release): 1.11.2 [skip ci]
b4192a5 fix(deps)...
Description has been truncated

Bumps the all-actions group with 13 updates in the / directory: | Package | From | To | | --- | --- | --- | | [actions/add-to-project](https://github.com/actions/add-to-project) | `1.0.1` | `1.0.2` | | [actions/checkout](https://github.com/actions/checkout) | `4.1.3` | `4.2.2` | | [ruby/setup-ruby](https://github.com/ruby/setup-ruby) | `1.176.0` | `1.215.0` | | [actions/setup-go](https://github.com/actions/setup-go) | `5.0.1` | `5.3.0` | | [github/codeql-action](https://github.com/github/codeql-action) | `3.24.11` | `3.28.8` | | [codespell-project/actions-codespell](https://github.com/codespell-project/actions-codespell) | `2.0` | `2.1` | | [actions/dependency-review-action](https://github.com/actions/dependency-review-action) | `4.3.2` | `4.5.0` | | [actions/create-github-app-token](https://github.com/actions/create-github-app-token) | `1.10.0` | `1.11.2` | | [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) | `3.5.0` | `3.7.0` | | [ossf/scorecard-action](https://github.com/ossf/scorecard-action) | `2.3.3` | `2.4.0` | | [actions/cache](https://github.com/actions/cache) | `4.0.2` | `4.2.0` | | [actions/upload-artifact](https://github.com/actions/upload-artifact) | `4.3.3` | `4.6.0` | | [actions/stale](https://github.com/actions/stale) | `9.0.0` | `9.1.0` | Updates `actions/add-to-project` from 1.0.1 to 1.0.2 - [Release notes](https://github.com/actions/add-to-project/releases) - [Commits](actions/add-to-project@9bfe908...244f685) Updates `actions/checkout` from 4.1.3 to 4.2.2 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@v4.1.3...11bd719) Updates `ruby/setup-ruby` from 1.176.0 to 1.215.0 - [Release notes](https://github.com/ruby/setup-ruby/releases) - [Changelog](https://github.com/ruby/setup-ruby/blob/master/release.rb) - [Commits](ruby/setup-ruby@cacc9f1...2654679) Updates `actions/setup-go` from 5.0.1 to 5.3.0 - [Release notes](https://github.com/actions/setup-go/releases) - [Commits](actions/setup-go@cdcb360...f111f33) Updates `github/codeql-action` from 3.24.11 to 3.28.8 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@v3.24.11...dd74661) Updates `codespell-project/actions-codespell` from 2.0 to 2.1 - [Release notes](https://github.com/codespell-project/actions-codespell/releases) - [Commits](codespell-project/actions-codespell@94259cd...406322e) Updates `actions/dependency-review-action` from 4.3.2 to 4.5.0 - [Release notes](https://github.com/actions/dependency-review-action/releases) - [Commits](actions/dependency-review-action@0c155c5...3b139cf) Updates `actions/create-github-app-token` from 1.10.0 to 1.11.2 - [Release notes](https://github.com/actions/create-github-app-token/releases) - [Commits](actions/create-github-app-token@a0de6af...136412a) Updates `sigstore/cosign-installer` from 3.5.0 to 3.7.0 - [Release notes](https://github.com/sigstore/cosign-installer/releases) - [Commits](sigstore/cosign-installer@59acb62...dc72c7d) Updates `ossf/scorecard-action` from 2.3.3 to 2.4.0 - [Release notes](https://github.com/ossf/scorecard-action/releases) - [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md) - [Commits](ossf/scorecard-action@dc50aa9...62b2cac) Updates `actions/cache` from 4.0.2 to 4.2.0 - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](actions/cache@0c45773...1bd1e32) Updates `actions/upload-artifact` from 4.3.3 to 4.6.0 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](actions/upload-artifact@6546280...65c4c4a) Updates `actions/stale` from 9.0.0 to 9.1.0 - [Release notes](https://github.com/actions/stale/releases) - [Changelog](https://github.com/actions/stale/blob/main/CHANGELOG.md) - [Commits](actions/stale@28ca103...5bef64f) --- updated-dependencies: - dependency-name: actions/add-to-project dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all-actions - dependency-name: actions/checkout dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all-actions - dependency-name: ruby/setup-ruby dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all-actions - dependency-name: actions/setup-go dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all-actions - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all-actions - dependency-name: codespell-project/actions-codespell dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all-actions - dependency-name: actions/dependency-review-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all-actions - dependency-name: actions/create-github-app-token dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all-actions - dependency-name: sigstore/cosign-installer dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all-actions - dependency-name: ossf/scorecard-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all-actions - dependency-name: actions/cache dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all-actions - dependency-name: actions/upload-artifact dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all-actions - dependency-name: actions/stale dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all-actions ... Signed-off-by: dependabot[bot] <[email protected]>

dependabot bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Feb 2, 2025

dependabot bot mentioned this pull request Feb 2, 2025

Bump the all-actions group across 1 directory with 13 updates #78

Closed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump the all-actions group across 1 directory with 13 updates #85

Bump the all-actions group across 1 directory with 13 updates #85

dependabot bot commented on behalf of github Feb 2, 2025

Bump the all-actions group across 1 directory with 13 updates #85

Are you sure you want to change the base?

Bump the all-actions group across 1 directory with 13 updates #85

Conversation

dependabot bot commented on behalf of github Feb 2, 2025

v1.0.2

What's Changed

v4.2.2

What's Changed

v4.2.1

What's Changed

New Contributors

v4.2.0

What's Changed

New Contributors

v4.1.7

What's Changed

New Contributors

v4.1.6

What's Changed

v4.1.5

What's Changed

Changelog

v4.2.2

v4.2.1

v4.2.0

v4.1.7

v4.1.6

v4.1.5

v4.1.4

v4.1.3

v4.1.2

v4.1.1

v4.1.0

v1.215.0

What's Changed

v1.214.0

What's Changed

v1.213.0

v1.212.0

What's Changed

v1.211.0

What's Changed

v1.210.0

What's Changed

v1.209.0

What's Changed

New Contributors

v5.3.0

What's Changed

New Contributors

v5.2.0

What's Changed

New Contributors

v5.1.0

What's Changed

New Contributors

v5.0.2

What's Changed

Bug fixes:

Dependency updates:

v3.28.8

CodeQL Action Changelog

3.28.8 - 29 Jan 2025

v3.28.7

CodeQL Action Changelog

3.28.7 - 29 Jan 2025

v3.28.6

CodeQL Action Changelog

3.28.6 - 27 Jan 2025

v3.28.5

CodeQL Action Changelog

3.28.5 - 24 Jan 2025

v3.28.4

CodeQL Action Changelog

3.28.4 - 23 Jan 2025

CodeQL Action Changelog

[UNRELEASED]

3.28.8 - 29 Jan 2025

3.28.7 - 29 Jan 2025