Skip to content

ci: bump the github-actions group across 1 directory with 8 updates #17377

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 3 commits into from
Apr 14, 2025
Merged

ci: bump the github-actions group across 1 directory with 8 updates #17377

merged 3 commits into from
Apr 14, 2025

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Apr 14, 2025

Bumps the github-actions group with 8 updates in the / directory:

Package From To
step-security/harden-runner 2.11.0 2.11.1
crate-ci/typos 1.29.10 1.31.1
actions/setup-java 4.7.0 4.7.1
tj-actions/changed-files 27ae6b33eaed7bf87272fdeb9f1c54f9facc9d99 9934ab3fdf63239da75d9e0fbd339c48620c72c4
tj-actions/branch-names 8.1.0 8.2.1
github/codeql-action 3.28.12 3.28.15
coder/start-workspace-action 26d3600161d67901f24d8612793d3b82771cde2d 35a4608cefc7e8cc56573cae7c3b85304575cb72
umbrelladocs/action-linkspector 1.3.2 1.3.4

Updates step-security/harden-runner from 2.11.0 to 2.11.1

Release notes

Sourced from step-security/harden-runner's releases.

v2.11.1

What's Changed

Full Changelog: step-security/harden-runner@v2...v2.11.1

Commits

Updates crate-ci/typos from 1.29.10 to 1.31.1

Release notes

Sourced from crate-ci/typos's releases.

v1.31.1

[1.31.1] - 2025-03-31

Fixes

  • (dict) Also correct typ to type

v1.31.0

[1.31.0] - 2025-03-28

Features

  • Updated the dictionary with the March 2025 changes

v1.30.3

[1.30.3] - 2025-03-24

Features

  • Support detecting go.work and go.work.sum files

v1.30.2

[1.30.2] - 2025-03-10

Features

  • Add --highlight-words and --highlight-identifiers for easier debugging of config

v1.30.1

[1.30.1] - 2025-03-04

Features

  • (action) Create v1 tag

v1.30.0

[1.30.0] - 2025-03-01

Features

Changelog

Sourced from crate-ci/typos's changelog.

Change Log

All notable changes to this project will be documented in this file.

The format is based on Keep a Changelog and this project adheres to Semantic Versioning.

[Unreleased] - ReleaseDate

[1.31.1] - 2025-03-31

Fixes

  • (dict) Also correct typ to type

[1.31.0] - 2025-03-28

Features

  • Updated the dictionary with the March 2025 changes

[1.30.3] - 2025-03-24

Features

  • Support detecting go.work and go.work.sum files

[1.30.2] - 2025-03-10

Features

  • Add --highlight-words and --highlight-identifiers for easier debugging of config

[1.30.1] - 2025-03-04

Features

  • (action) Create v1 tag

[1.30.0] - 2025-03-01

Features

[1.29.10] - 2025-02-25

Fixes

  • Also correct contaminent as contaminant

... (truncated)

Commits

Updates actions/setup-java from 4.7.0 to 4.7.1

Release notes

Sourced from actions/setup-java's releases.

v4.7.1

What's Changed

Documentation changes

Dependency updates:

Full Changelog: actions/setup-java@v4...v4.7.1

Commits
  • c5195ef actions/cache upgrade to 4.0.3 (#773)
  • dd38875 Bump ts-jest from 29.1.2 to 29.2.5 (#743)
  • 148017a Bump @​actions/glob from 0.4.0 to 0.5.0 (#744)
  • 3b6c050 Remove duplicated GraalVM section in documentation (#716)
  • b8ebb8b upgrade @​action/cache from 4.0.0 to 4.0.2 (#766)
  • 799ee7c Add Documentation to Recommend Using GraalVM JDK 17 Version to 17.0.12 to Ali...
  • See full diff in compare view

Updates tj-actions/changed-files from 27ae6b33eaed7bf87272fdeb9f1c54f9facc9d99 to 9934ab3fdf63239da75d9e0fbd339c48620c72c4

Changelog

Sourced from tj-actions/changed-files's changelog.

Changelog

46.0.5 - (2025-04-09)

⚙️ Miscellaneous Tasks

  • deps: Bump yaml from 2.7.0 to 2.7.1 (#2520) (ed68ef8) - (dependabot[bot])
  • deps-dev: Bump typescript from 5.8.2 to 5.8.3 (#2516) (a7bc14b) - (dependabot[bot])
  • deps-dev: Bump @​types/node from 22.13.11 to 22.14.0 (#2517) (3d751f6) - (dependabot[bot])
  • deps-dev: Bump eslint-plugin-prettier from 5.2.3 to 5.2.6 (#2519) (e2fda4e) - (dependabot[bot])
  • deps-dev: Bump ts-jest from 29.2.6 to 29.3.1 (#2518) (0bed1b1) - (dependabot[bot])
  • deps: Bump github/codeql-action from 3.28.12 to 3.28.15 (#2530) (6802458) - (dependabot[bot])
  • deps: Bump tj-actions/branch-names from 8.0.1 to 8.1.0 (#2521) (cf2e39e) - (dependabot[bot])
  • deps: Bump tj-actions/verify-changed-files from 20.0.1 to 20.0.4 (#2523) (6abeaa5) - (dependabot[bot])

⬆️ Upgrades

  • Upgraded to v46.0.4 (#2511)

Co-authored-by: github-actions[bot] (6f67ee9) - (github-actions[bot])

46.0.4 - (2025-04-03)

🐛 Bug Fixes

  • Bug modified_keys and changed_key outputs not set when no changes detected (#2509) (6cb76d0) - (Tonye Jack)

📚 Documentation

⬆️ Upgrades

  • Upgraded to v46.0.3 (#2506)

Co-authored-by: github-actions[bot] Co-authored-by: Tonye Jack jtonye@ymail.com (27ae6b3) - (github-actions[bot])

46.0.3 - (2025-03-23)

🔄 Update

  • Updated README.md (#2501)

Co-authored-by: github-actions[bot] (41e0de5) - (github-actions[bot])

  • Updated README.md (#2499)

Co-authored-by: github-actions[bot] (9457878) - (github-actions[bot])

📚 Documentation

... (truncated)

Commits
  • 9934ab3 chore(deps-dev): bump eslint-config-prettier from 10.1.1 to 10.1.2 (#2532)
  • db731a1 Upgraded to v46.0.5 (#2531)
  • ed68ef8 chore(deps): bump yaml from 2.7.0 to 2.7.1 (#2520)
  • a7bc14b chore(deps-dev): bump typescript from 5.8.2 to 5.8.3 (#2516)
  • 3d751f6 chore(deps-dev): bump @​types/node from 22.13.11 to 22.14.0 (#2517)
  • e2fda4e chore(deps-dev): bump eslint-plugin-prettier from 5.2.3 to 5.2.6 (#2519)
  • 0bed1b1 chore(deps-dev): bump ts-jest from 29.2.6 to 29.3.1 (#2518)
  • 6802458 chore(deps): bump github/codeql-action from 3.28.12 to 3.28.15 (#2530)
  • cf2e39e chore(deps): bump tj-actions/branch-names from 8.0.1 to 8.1.0 (#2521)
  • 6abeaa5 chore(deps): bump tj-actions/verify-changed-files from 20.0.1 to 20.0.4 (#2523)
  • Additional commits viewable in compare view

Updates tj-actions/branch-names from 8.1.0 to 8.2.1

Release notes

Sourced from tj-actions/branch-names's releases.

v8.2.1

What's Changed

Full Changelog: tj-actions/branch-names@v8.2.0...v8.2.1

v8.2.0

What's Changed

New Contributors

Full Changelog: tj-actions/branch-names@v8...v8.2.0

Changelog

Sourced from tj-actions/branch-names's changelog.

Changelog

8.2.1 - (2025-04-11)

🐛 Bug Fixes

  • Update sync-release-version.yml to sign commits (#416) (dde14ac) - (Tonye Jack)

8.2.0 - (2025-04-11)

🚀 Features

  • Add support for replace forward slashes with hyphens (#412) (af40635) - (Tonye Jack)

➖ Remove

  • Deleted .github/workflows/rebase.yml (c209967) - (Tonye Jack)

🔄 Update

  • Updated README.md (#415)

Co-authored-by: github-actions[bot] (47dfeca) - (github-actions[bot])

  • Update update-readme.yml (c9cf6f9) - (Tonye Jack)

⚙️ Miscellaneous Tasks

  • Update update-readme.yml (#414) (b1f61bc) - (Tonye Jack)

⬆️ Upgrades

  • Upgraded from v8.0.2 -> v8.1.0 (#410)

(9601220) - (Tonye Jack)

8.1.0 - (2025-03-23)

🚀 Features

  • Add support for strip_branch_prefix (#406) (c83c87a) - (Tonye Jack)

🔄 Update

  • Updated README.md (#408)

(d18e657) - (Tonye Jack)

⚙️ Miscellaneous Tasks

... (truncated)

Commits

Updates github/codeql-action from 3.28.12 to 3.28.15

Release notes

Sourced from github/codeql-action's releases.

v3.28.15

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.28.15 - 07 Apr 2025

  • Fix bug where the action would fail if it tried to produce a debug artifact with more than 65535 files. #2842

See the full CHANGELOG.md for more information.

v3.28.14

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.28.14 - 07 Apr 2025

  • Update default CodeQL bundle version to 2.21.0. #2838

See the full CHANGELOG.md for more information.

v3.28.13

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.28.13 - 24 Mar 2025

No user facing changes.

See the full CHANGELOG.md for more information.

Changelog

Sourced from github/codeql-action's changelog.

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

[UNRELEASED]

No user facing changes.

3.28.15 - 07 Apr 2025

  • Fix bug where the action would fail if it tried to produce a debug artifact with more than 65535 files. #2842

3.28.14 - 07 Apr 2025

  • Update default CodeQL bundle version to 2.21.0. #2838

3.28.13 - 24 Mar 2025

No user facing changes.

3.28.12 - 19 Mar 2025

  • Dependency caching should now cache more dependencies for Java build-mode: none extractions. This should speed up workflows and avoid inconsistent alerts in some cases.
  • Update default CodeQL bundle version to 2.20.7. #2810

3.28.11 - 07 Mar 2025

  • Update default CodeQL bundle version to 2.20.6. #2793

3.28.10 - 21 Feb 2025

  • Update default CodeQL bundle version to 2.20.5. #2772
  • Address an issue where the CodeQL Bundle would occasionally fail to decompress on macOS. #2768

3.28.9 - 07 Feb 2025

  • Update default CodeQL bundle version to 2.20.4. #2753

3.28.8 - 29 Jan 2025

  • Enable support for Kotlin 2.1.10 when running with CodeQL CLI v2.20.3. #2744

3.28.7 - 29 Jan 2025

No user facing changes.

3.28.6 - 27 Jan 2025

  • Re-enable debug artifact upload for CLI versions 2.20.3 or greater. #2726

... (truncated)

Commits
  • 45775bd Merge pull request #2854 from github/update-v3.28.15-a35ae8c38
  • dd78aab Update CHANGELOG.md with bug fix details
  • e40af59 Update changelog for v3.28.15
  • a35ae8c Merge pull request #2843 from github/cklin/diff-informed-compat
  • bb59df6 Merge pull request #2842 from github/henrymercer/zip64
  • 4b508f5 Merge pull request #2845 from github/mergeback/v3.28.14-to-main-fc7e4a0f
  • ca00afb Update checked-in dependencies
  • 2969c78 Update changelog and version after v3.28.14
  • fc7e4a0 Merge pull request #2844 from github/update-v3.28.14-362ef4ce2
  • be0175c Update changelog for v3.28.14
  • Additional commits viewable in compare view

Updates coder/start-workspace-action from 26d3600161d67901f24d8612793d3b82771cde2d to 35a4608cefc7e8cc56573cae7c3b85304575cb72

Commits
  • 35a4608 update github-username description to specify requirement for Coder 2.21 or...
  • 0054568 clarify requirements for the github-username input
  • f3cda2e fix variable names
  • a6a41dc update readme
  • a09e31d more defaults for inputs
  • 1330420 Add a screenshot to the README
  • 8d0b0d4 clarify status comment
  • 747b408 update input descriptions
  • e526e6f update example action tag
  • 212ab2f update readme and add a license
  • Additional commits viewable in compare view

Updates umbrelladocs/action-linkspector from 1.3.2 to 1.3.4

Release notes

Sourced from umbrelladocs/action-linkspector's releases.

Release v1.3.4

v1.3.4: PR #42 - Update linkspector version to 0.4.4

Release v1.3.3

v1.3.3: PR #41 - Update linkspector version to 0.4.3

Commits
  • a0567ce Merge pull request #42 from UmbrellaDocs/update-linkspector-version
  • f5418fd Update linkspector version to 0.4.4
  • 3e12ade Merge pull request #41 from UmbrellaDocs/update-linkspector-version
  • 8dfab65 Update linkspector version to 0.4.3
  • See full diff in compare view

Most Recent Ignore Conditions Applied to This Pull Request
Dependency Name Ignore Conditions
crate-ci/typos [>= 1.30.a, < 1.31]

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
ci: bump the github-actions group across 1 directory with 8 updates
97f8d9a 
Bumps the github-actions group with 8 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [step-security/harden-runner](https://github.com/step-security/harden-runner) | `2.11.0` | `2.11.1` |
| [crate-ci/typos](https://github.com/crate-ci/typos) | `1.29.10` | `1.31.1` |
| [actions/setup-java](https://github.com/actions/setup-java) | `4.7.0` | `4.7.1` |
| [tj-actions/changed-files](https://github.com/tj-actions/changed-files) | `27ae6b33eaed7bf87272fdeb9f1c54f9facc9d99` | `9934ab3fdf63239da75d9e0fbd339c48620c72c4` |
| [tj-actions/branch-names](https://github.com/tj-actions/branch-names) | `8.1.0` | `8.2.1` |
| [github/codeql-action](https://github.com/github/codeql-action) | `3.28.12` | `3.28.15` |
| [coder/start-workspace-action](https://github.com/coder/start-workspace-action) | `26d3600161d67901f24d8612793d3b82771cde2d` | `35a4608cefc7e8cc56573cae7c3b85304575cb72` |
| [umbrelladocs/action-linkspector](https://github.com/umbrelladocs/action-linkspector) | `1.3.2` | `1.3.4` |



Updates `step-security/harden-runner` from 2.11.0 to 2.11.1
- [Release notes](https://github.com/step-security/harden-runner/releases)
- [Commits](step-security/harden-runner@4d991eb...c6295a6)

Updates `crate-ci/typos` from 1.29.10 to 1.31.1
- [Release notes](https://github.com/crate-ci/typos/releases)
- [Changelog](https://github.com/crate-ci/typos/blob/master/CHANGELOG.md)
- [Commits](crate-ci/typos@db35ee9...b1a1ef3)

Updates `actions/setup-java` from 4.7.0 to 4.7.1
- [Release notes](https://github.com/actions/setup-java/releases)
- [Commits](actions/setup-java@3a4f6e1...c5195ef)

Updates `tj-actions/changed-files` from 27ae6b33eaed7bf87272fdeb9f1c54f9facc9d99 to 9934ab3fdf63239da75d9e0fbd339c48620c72c4
- [Release notes](https://github.com/tj-actions/changed-files/releases)
- [Changelog](https://github.com/tj-actions/changed-files/blob/main/HISTORY.md)
- [Commits](tj-actions/changed-files@27ae6b3...9934ab3)

Updates `tj-actions/branch-names` from 8.1.0 to 8.2.1
- [Release notes](https://github.com/tj-actions/branch-names/releases)
- [Changelog](https://github.com/tj-actions/branch-names/blob/main/HISTORY.md)
- [Commits](tj-actions/branch-names@f44339b...dde14ac)

Updates `github/codeql-action` from 3.28.12 to 3.28.15
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](github/codeql-action@5f8171a...45775bd)

Updates `coder/start-workspace-action` from 26d3600161d67901f24d8612793d3b82771cde2d to 35a4608cefc7e8cc56573cae7c3b85304575cb72
- [Release notes](https://github.com/coder/start-workspace-action/releases)
- [Commits](coder/start-workspace-action@26d3600...35a4608)

Updates `umbrelladocs/action-linkspector` from 1.3.2 to 1.3.4
- [Release notes](https://github.com/umbrelladocs/action-linkspector/releases)
- [Commits](UmbrellaDocs/action-linkspector@49cf4f8...a0567ce)

---
updated-dependencies:
- dependency-name: step-security/harden-runner
  dependency-version: 2.11.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions
- dependency-name: crate-ci/typos
  dependency-version: 1.31.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions
- dependency-name: actions/setup-java
  dependency-version: 4.7.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions
- dependency-name: tj-actions/changed-files
  dependency-version: 9934ab3fdf63239da75d9e0fbd339c48620c72c4
  dependency-type: direct:production
  dependency-group: github-actions
- dependency-name: tj-actions/branch-names
  dependency-version: 8.2.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions
- dependency-name: github/codeql-action
  dependency-version: 3.28.15
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions
- dependency-name: coder/start-workspace-action
  dependency-version: 35a4608cefc7e8cc56573cae7c3b85304575cb72
  dependency-type: direct:production
  dependency-group: github-actions
- dependency-name: umbrelladocs/action-linkspector
  dependency-version: 1.3.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Apr 14, 2025
@github-actions github-actions bot enabled auto-merge (squash) April 14, 2025 11:28
@github-actions github-actions bot merged commit fa594f4 into main Apr 14, 2025
40 checks passed
@github-actions github-actions bot deleted the dependabot/github_actions/github-actions-0081f482af branch April 14, 2025 19:55
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@github-actions github-actions[bot] github-actions[bot] approved these changes

Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@matifali