ci: bump the github-actions group across 1 directory with 16 updates #19736

dependabot · 2025-09-08T11:46:30Z

Bumps the github-actions group with 16 updates in the / directory:

Package	From	To
actions/checkout	`4.3.0`	`5.0.0`
crate-ci/typos	`1.35.3`	`1.36.2`
azure/setup-helm	`4.3.0`	`4.3.1`
chromaui/action	`13.1.3`	`13.1.4`
actions/setup-java	`4.7.1`	`5.0.0`
google-github-actions/auth	`2.1.12`	`3.0.0`
google-github-actions/setup-gcloud	`2.2.0`	`3.0.1`
actions/attest	`2.4.0`	`3.0.0`
google-github-actions/get-gke-credentials	`2.3.4`	`3.0.0`
actions/github-script	`7.0.1`	`8.0.0`
depot/build-push-action	`1.15.0`	`1.16.2`
tj-actions/changed-files	`f963b3f3562b00b6d2dd25efc390eb04e51ef6c6`	`8c14441336bb3d84fd6b7fa83b6d7201c740baf5`
nixbuild/nix-quick-install-action	`32`	`33`
github/codeql-action	`3.29.8`	`3.30.1`
aquasecurity/trivy-action	`0.32.0`	`0.33.1`
actions/stale	`9.1.0`	`10.0.0`

Updates actions/checkout from 4.3.0 to 5.0.0

Release notes

Sourced from actions/checkout's releases.

v5.0.0

What's Changed

Update actions checkout to use node 24 by @salmanmkc in actions/checkout#2226

Prepare v5.0.0 release by @salmanmkc in actions/checkout#2238

⚠️ Minimum Compatible Runner Version

v2.327.1
Release Notes

Make sure your runner is updated to this version or newer to use this release.

Full Changelog: actions/checkout@v4...v5.0.0

Changelog

Sourced from actions/checkout's changelog.

Changelog

V5.0.0

Update actions checkout to use node 24 by @salmanmkc in actions/checkout#2226

V4.3.0

docs: update README.md by @motss in actions/checkout#1971

Add internal repos for checking out multiple repositories by @mouismail in actions/checkout#1977

Documentation update - add recommended permissions to Readme by @benwells in actions/checkout#2043

Adjust positioning of user email note and permissions heading by @joshmgross in actions/checkout#2044

Update README.md by @nebuk89 in actions/checkout#2194

Update CODEOWNERS for actions by @TingluoHuang in actions/checkout#2224

Update package dependencies by @salmanmkc in actions/checkout#2236

v4.2.2

url-helper.ts now leverages well-known environment variables by @jww3 in actions/checkout#1941

Expand unit test coverage for isGhes by @jww3 in actions/checkout#1946

v4.2.1

Check out other refs/* by commit if provided, fall back to ref by @orhantoy in actions/checkout#1924

v4.2.0

Add Ref and Commit outputs by @lucacome in actions/checkout#1180

Dependency updates by @dependabot- actions/checkout#1777, actions/checkout#1872

v4.1.7

Bump the minor-npm-dependencies group across 1 directory with 4 updates by @dependabot in actions/checkout#1739

Bump actions/checkout from 3 to 4 by @dependabot in actions/checkout#1697

Check out other refs/* by commit by @orhantoy in actions/checkout#1774

Pin actions/checkout's own workflows to a known, good, stable version. by @jww3 in actions/checkout#1776

v4.1.6

Check platform to set archive extension appropriately by @cory-miller in actions/checkout#1732

v4.1.5

Update NPM dependencies by @cory-miller in actions/checkout#1703

Bump github/codeql-action from 2 to 3 by @dependabot in actions/checkout#1694

Bump actions/setup-node from 1 to 4 by @dependabot in actions/checkout#1696

Bump actions/upload-artifact from 2 to 4 by @dependabot in actions/checkout#1695

README: Suggest user.email to be 41898282+github-actions[bot]@users.noreply.github.com by @cory-miller in actions/checkout#1707

v4.1.4

Disable extensions.worktreeConfig when disabling sparse-checkout by @jww3 in actions/checkout#1692

Add dependabot config by @cory-miller in actions/checkout#1688

Bump the minor-actions-dependencies group with 2 updates by @dependabot in actions/checkout#1693

Bump word-wrap from 1.2.3 to 1.2.5 by @dependabot in actions/checkout#1643

v4.1.3

... (truncated)

Commits

08c6903 Prepare v5.0.0 release (#2238)
9f26565 Update actions checkout to use node 24 (#2226)
See full diff in compare view

Updates crate-ci/typos from 1.35.3 to 1.36.2

Release notes

Sourced from crate-ci/typos's releases.

v1.36.2

[1.36.2] - 2025-09-04

Fixes

Fix regression from 1.36.1 when rendering an error for a line with invalid UTF-8

v1.36.1

[1.36.1] - 2025-09-03

Fixes

Replaced the error rendering for various quality of life improvements

v1.36.0

[1.36.0] - 2025-09-02

Features

Updated the dictionary with the August 2025 changes

v1.35.8

[1.35.8] - 2025-09-02

v1.35.7

[1.35.7] - 2025-08-29

Documentation

Expand PyPI metadata

v1.35.6

[1.35.6] - 2025-08-28

Fixes

Track go.mod as a golang file (regression from 1.13.21)

v1.35.5

[1.35.5] - 2025-08-18

Fixes

Fix typo in correction to accidently

Fix typo in correction to dynamincally

Fix typo in correction to interruptability

Fix typo in correction to interruptability

Fix typo in correction to messager

Fix typo in correction to preferables

Fix typo in correction to producibles

... (truncated)

Changelog

Sourced from crate-ci/typos's changelog.

Change Log

All notable changes to this project will be documented in this file.

The format is based on Keep a Changelog and this project adheres to Semantic Versioning.

[Unreleased] - ReleaseDate

[1.36.2] - 2025-09-04

Fixes

Fix regression from 1.36.1 when rendering an error for a line with invalid UTF-8

[1.36.1] - 2025-09-03

Fixes

Replaced the error rendering for various quality of life improvements

[1.36.0] - 2025-09-02

Features

Updated the dictionary with the August 2025 changes

[1.35.8] - 2025-09-02

[1.35.7] - 2025-08-29

Documentation

Expand PyPI metadata

[1.35.6] - 2025-08-28

Fixes

Track go.mod as a golang file (regression from 1.13.21)

[1.35.5] - 2025-08-18

Fixes

Fix typo in correction to accidently

Fix typo in correction to dynamincally

Fix typo in correction to interruptability

Fix typo in correction to interruptability

Fix typo in correction to messager

... (truncated)

Commits

85f62a8 chore: Release
6f26306 docs: Update changelog
6bd8b39 Merge pull request #1374 from epage/invalid
f5e19d3 fix(cli): Don't panic with invalid utf-8
5062775 test(cli): Generalize utf16 tests
b6297a6 chore: Release
e6d7189 docs: Update changelog
1bf1ed2 Merge pull request #1372 from epage/render
9e79b8d refactor(cli): Give control over the whole group
a5fa603 refactor(cli): Extract snippet creation
Additional commits viewable in compare view

Updates azure/setup-helm from 4.3.0 to 4.3.1

Release notes

Sourced from azure/setup-helm's releases.

v4.3.1

Changed

#167 Pinning Action Dependencies for Security and Reliability

#181 Fix types, and update node version.

#191 chore(tests): Mock arch to make tests pass on arm host

#192 chore: remove unnecessary prebuild script

#203 Update helm version retrieval to use JSON output for latest version

#207 ci(workflows): update helm version to v3.18.4 and add matrix for tests

Added

#197 Add pre-commit hook

Changelog

Sourced from azure/setup-helm's changelog.

Change Log

[4.3.1] - 2025-08-12

Changed

#167 Pinning Action Dependencies for Security and Reliability

#181 Fix types, and update node version.

#191 chore(tests): Mock arch to make tests pass on arm host

#192 chore: remove unnecessary prebuild script

#203 Update helm version retrieval to use JSON output for latest version

#207 ci(workflows): update helm version to v3.18.4 and add matrix for tests

Added

#197 Add pre-commit hook

[4.3.0] - 2025-02-15

#152 feat: log when restoring from cache

#157 Dependencies Update

#137 Add dependabot

[4.2.0] - 2024-04-15

#124 Fix OS detection and download OS-native archive extension

[4.1.0] - 2024-03-01

#130 switches to use Helm published file to read latest version instead of using GitHub releases

[4.0.0] - 2024-02-12

#121 update to node20 as node16 is deprecated

Commits

1a275c3 build
9e7f762 chore(release): v4.3.1 (#208)
c096176 Bump @types/node from 24.1.0 to 24.2.1 in the actions group (#206)
5e72872 ci(workflows): update helm version to v3.18.4 and add matrix for tests (#207)
fb8fa40 Update default helm version to 3.18.3 (#194)
0d09729 chore: remove unnecessary prebuild script (#192)
32bc120 chore(tests): Mock arch to make tests pass on arm host (#191)
51463d6 Bump the actions group with 2 updates (#205)
aff1094 Bump the actions group across 1 directory with 2 updates (#204)
a10a524 Update helm version retrieval to use JSON output for latest version (#203)
Additional commits viewable in compare view

Updates chromaui/action from 13.1.3 to 13.1.4

Commits

d0795df v13.1.4
See full diff in compare view

Updates actions/setup-java from 4.7.1 to 5.0.0

Release notes

Sourced from actions/setup-java's releases.

v5.0.0

What's Changed

Breaking Changes

Upgrade to node 24 by @salmanmkc in actions/setup-java#888

Make sure your runner is updated to this version or newer to use this release. v2.327.1 Release Notes

Dependency Upgrades

Upgrade Publish Immutable Action by @HarithaVattikuti in actions/setup-java#798

Upgrade eslint-plugin-jest from 27.9.0 to 28.11.0 by @dependabot[bot] in actions/setup-java#730

Upgrade undici from 5.28.5 to 5.29.0 by @dependabot[bot] in actions/setup-java#833

Upgrade form-data to bring in fix for critical vulnerability by @gowridurgad in actions/setup-java#887

Upgrade actions/checkout from 4 to 5 by @dependabot[bot] in actions/setup-java#896

Bug Fixes

Prevent default installation of JetBrains pre-releases by @priyagupta108 in actions/setup-java#859

Improve Error Handling for Setup-Java Action to Help Debug Intermittent Failures by @gowridurgad in actions/setup-java#848

New Contributors

@gowridurgad made their first contribution in actions/setup-java#848

@salmanmkc made their first contribution in actions/setup-java#888

Full Changelog: actions/setup-java@v4...v5.0.0

Commits

dded088 Bump actions/checkout from 4 to 5 (#896)
0913e9a Upgrade to node 24 (#888)
e9343db Bumps form-data (#887)
ae2b61d Bump undici from 5.28.5 to 5.29.0 (#833)
c190c18 Bump eslint-plugin-jest from 27.9.0 to 29.0.1 (#730)
67aec00 Fix: prevent default installation of JetBrains pre-releases (#859)
ebb356c Improve Error Handling for Setup-Java Action to Help Debug Intermittent Failu...
f4f1212 Update publish-immutable-actions.yml (#798)
See full diff in compare view

Updates google-github-actions/auth from 2.1.12 to 3.0.0

Release notes

Sourced from google-github-actions/auth's releases.

v3.0.0

What's Changed

Bump to Node 24 and remove old parameters by @sethvargo in google-github-actions/auth#508

Remove hacky script by @sethvargo in google-github-actions/auth#509

Release: v3.0.0 by @google-github-actions-bot in google-github-actions/auth#510

Full Changelog: google-github-actions/auth@v2...v3.0.0

v2.1.13

What's Changed

Update deps by @sethvargo in google-github-actions/auth#506

Release: v2.1.13 by @google-github-actions-bot in google-github-actions/auth#507

Full Changelog: google-github-actions/auth@v2.1.12...v2.1.13

Commits

7c6bc77 Release: v3.0.0 (#510)
42e4997 Remove hacky script (#509)
5ea4dc1 Bump to Node 24 and remove old parameters (#508)
c200f36 Release: v2.1.13 (#507)
3a53be7 Update deps (#506)
See full diff in compare view

Updates google-github-actions/setup-gcloud from 2.2.0 to 3.0.1

Release notes

Sourced from google-github-actions/setup-gcloud's releases.

v3.0.1

What's Changed

Release: v3.0.1 by @google-github-actions-bot in google-github-actions/setup-gcloud#729

Full Changelog: google-github-actions/setup-gcloud@v3.0.0...v3.0.1

v3.0.0

What's Changed

‼️ This release requires Node 24+!

‼️ The skip_tool_cache option has been removed! Skipping the tool cache is now the default behavior. To restore the previous behavior of using the tool cache (which is unnecessary on GitHub managed runners, but may provide performance increases on self-hosted runners), set cache: true.

Bump to node24 by @sethvargo in google-github-actions/setup-gcloud#723

Do not use the tool-cache by default by @sethvargo in google-github-actions/setup-gcloud#724

Update to use v3 references by @sethvargo in google-github-actions/setup-gcloud#725

Release: v3.0.0 by @google-github-actions-bot in google-github-actions/setup-gcloud#726

Full Changelog: google-github-actions/setup-gcloud@v2.2.1...v3.0.0

v3

Floating v3 tag

v2.2.1

What's Changed

Update deps by @sethvargo in google-github-actions/setup-gcloud#720

Bump to the latest actions-utils to fix the gen-readme bug by @sethvargo in google-github-actions/setup-gcloud#721

Release: v2.2.1 by @google-github-actions-bot in google-github-actions/setup-gcloud#722

Full Changelog: google-github-actions/setup-gcloud@v2...v2.2.1

Commits

aa5489c Release: v3.0.1 (#729)
26f734c Release: v3.0.0 (#726)
d26df95 Update to use v3 references (#725)
f7c2918 Do not use the tool-cache by default (#724)
6387e69 Bump to node24 (#723)
e427ad8 Release: v2.2.1 (#722)
d71efb7 Bump to the latest actions-utils to fix the gen-readme bug (#721)
ed8ba68 Update deps (#720)
See full diff in compare view

Updates actions/attest from 2.4.0 to 3.0.0

Release notes

Sourced from actions/attest's releases.

v3.0.0

What's Changed

Bump form-data from 4.0.0 to 4.0.4 by @dependabot[bot] in actions/attest#266

Bump @sigstore/oci from 0.5.0 to 0.6.0 by @dependabot[bot] in actions/attest#271

Upgrade to Node 24 by @salmanmkc / @bdehamer in actions/attest#276

Improved checksum parsing by @bdehamer in actions/attest#280

⚠️ Minimum Compatible Runner Version

v2.327.1 Release Notes

Make sure your runner is updated to this version or newer to use this release.

Full Changelog: actions/attest@v2.4.0...v3.0.0

Commits

daf44fb improved checksum parsing (#280)
eda10f8 Upgrade to Node 24 (#276)
1e2321d remove super-linter (#283)
aecfe99 Bump the npm-development group across 1 directory with 4 updates (#282)
03f25d8 Bump the npm-development group with 4 updates (#273)
0fca5a6 use absolute path in linter config (#275)
238c03f Bump actions/checkout from 4 to 5 (#272)
9c3e271 Bump @sigstore/oci from 0.5.0 to 0.6.0 (#271)
b40d9fa Bump the npm-development group with 8 updates (#270)
e831e0e Bump form-data from 4.0.0 to 4.0.4 (#266)
Additional commits viewable in compare view

Updates google-github-actions/get-gke-credentials from 2.3.4 to 3.0.0

Release notes

Sourced from google-github-actions/get-gke-credentials's releases.

v3.0.0

What's Changed

Bump to Node 24 by @sethvargo in google-github-actions/get-gke-credentials#339

Release: v3.0.0 by @google-github-actions-bot in google-github-actions/get-gke-credentials#340

Full Changelog: google-github-actions/get-gke-credentials@v2...v3.0.0

v2.3.5

What's Changed

Update deps by @sethvargo in google-github-actions/get-gke-credentials#337

Release: v2.3.5 by @google-github-actions-bot in google-github-actions/get-gke-credentials#338

Full Changelog: google-github-actions/get-gke-credentials@v2.3.4...v2.3.5

Commits

3da1e46 Release: v3.0.0 (#340)
a156580 Bump to Node 24 (#339)
64bc724 Release: v2.3.5 (#338)
9de2e29 Update deps (#337)
See full diff in compare view

Updates actions/github-script from 7.0.1 to 8.0.0

Release notes

Sourced from actions/github-script's releases.

v8.0.0

What's Changed

Update Node.js version support to 24.x by @salmanmkc in actions/github-script#637

README for updating actions/github-script from v7 to v8 by @sneha-krip in actions/github-script#653

⚠️ Minimum Compatible Runner Version

v2.327.1
Release Notes

Make sure your runner is updated to this version or newer to use this release.

New Contributors

@salmanmkc made their first contribution in actions/github-script#637

@sneha-krip made their first contribution in actions/github-script#653

Full Changelog: actions/github-script@v7.1.0...v8.0.0

v7.1.0

What's Changed

Upgrade husky to v9 by @benelan in actions/github-script#482

Add workflow file for publishing releases to immutable action package by @Jcambass in actions/github-script#485

Upgrade IA Publish by @Jcambass in actions/github-script#486

Fix workflow status badges by @joshmgross in actions/github-script#497

Update usage of actions/upload-artifact by @joshmgross in actions/github-script#512

Clear up package name confusion by @joshmgross in actions/github-script#514

Update dependencies with npm audit fix by @joshmgross in actions/github-script#515

Specify that the used script is JavaScript by @timotk in actions/github-script#478

chore: Add Dependabot for NPM and Actions by @nschonni in actions/github-script#472

Define permissions in workflows and update actions by @joshmgross in actions/github-script#531

chore: Add Dependabot for .github/actions/install-dependencies by @nschonni in actions/github-script#532

chore: Remove .vscode settings by @nschonni in actions/github-script#533

ci: Use github/setup-licensed by @nschonni in actions/github-script#473

make octokit instance available as octokit on top of github, to make it easier to seamlessly copy examples from GitHub rest api or octokit documentations by @iamstarkov in actions/github-script#508

Remove octokit README updates for v7 by @joshmgross in actions/github-script#557

docs: add "exec" usage examples by @neilime in actions/github-script#546

Bump ruby/setup-ruby from 1.213.0 to 1.222.0 by @dependabot[bot] in actions/github-script#563

Bump ruby/setup-ruby from 1.222.0 to 1.229.0 by @dependabot[bot] in actions/github-script#575

Clearly document passing inputs to the script by @joshmgross in actions/github-script#603

Update README.md by @nebuk89 in actions/github-script#610

New Contributors

@benelan made their first contribution in actions/github-script#482

@Jcambass made their first contribution in actions/github-script#485

@timotk made their first contribution in actions/github-script#478

@iamstarkov made their first contribution in actions/github-script#508

@neilime made their first contribution in actions/github-script#546

@nebuk89 made their first contribution in actions/github-script#610

Full Changelog: actions/github-script@v7...v7.1.0

Commits

ed59741 Merge pull request #653 from actions/sneha-krip/readme-for-v8
2dc352e Bold minimum Actions Runner version in README
01e118c Update README for Node 24 runtime requirements
8b222ac Apply suggestion from @salmanmkc
adc0eea README for updating actions/github-script from v7 to v8
20fe497 Merge pull request #637 from actions/node24
e7b7f22 update licenses
2c81ba0 Update Node.js version support to 24.x
f28e40c Merge pull request #610 from actions/nebuk89-patch-1
1ae9958 Update README.md
Additional commits viewable in compare view

Updates depot/build-push-action from 1.15.0 to 1.16.2

Release notes

Sourced from depot/build-push-action's releases.

v1.16.2

What's Changed

Use ubuntu-latest for release workflow (#42) @jacobwgillespie

v1.16.1

What's Changed

Update @depot/actions-public-oidc-client to v1.1.0 (#41) @jacobwgillespie

v1.16.0

What's Changed

Add support for annotations (#38) @zanieb

feat: add save-tags for multiple depot registry tags (#40) @goller

Commits

9785b13 Merge pull request #42 from depot/latest
7a65e80 Use ubuntu-latest for release workflow
0781b33 Merge pull request #41 from depot/updates
d5d8e08 Deduplicate dependencies
801feb1 Update @depot/actions-public-oidc-client to v1.1.0
0b7423b Merge pull request #38 from zanieb/zb/annotations
57a5fb2 Merge branch 'main' into zb/annotations
3ebc0d4 Merge pull request #40 from depot/feat/save-tags
d662c5a feat: add save-tags for multiple depot registry tags
06fcbb7 Add support for annotations
See full diff in compare view

Updates tj-actions/changed-files from f963b3f3562b00b6d2dd25efc390eb04e51ef6c6 to 8c14441336bb3d84fd6b7fa83b6d7201c740baf5

Changelog

Sourced from tj-actions/changed-files's changelog.

Changelog

46.0.5 - (2025-04-09)

⚙️ Miscellaneous Tasks

deps: Bump yaml from 2.7.0 to 2.7.1 (#2520) (ed68ef8) - (dependabot[bot])

deps-dev: Bump typescript from 5.8.2 to 5.8.3 (#2516) (a7bc14b) - (dependabot[bot])

deps-dev: Bump @types/node from 22.13.11 to 22.14.0 (#2517) (3d751f6) - (dependabot[bot])

deps-dev: Bump eslint-plugin-prettier from 5.2.3 to 5.2.6 (#2519) (e2fda4e) - (dependabot[bot])

deps-dev: Bump ts-jest from 29.2.6 to 29.3.1 (#2518) (0bed1b1) - (dependabot[bot])

deps: Bump github/codeql-action from 3.28.12 to 3.28.15 (#2530) (6802458) - (dependabot[bot])

deps: Bump tj-actions/branch-names from 8.0.1 to 8.1.0 (#2521) (cf2e39e) - (dependabot[bot])

deps: Bump tj-actions/verify-changed-files from 20.0.1 to 20.0.4 (#2523) (6abeaa5) - (dependabot[bot])

⬆️ Upgrades

Upgraded to v46.0.4 (#2511)

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> (6f67ee9) - (github-actions[bot])

46.0.4 - (2025-04-03)

🐛 Bug Fixes

Bug modified_keys and changed_key outputs not set when no changes detected (#2509) (6cb76d0) - (Tonye Jack)

📚 Documentation

Update readme (#2508) (b74df86) - (Tonye Jack)

⬆️ Upgrades

Upgraded to v46.0.3 (#2506)

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> Co-authored-by: Tonye Jack jtonye@ymail.com (27ae6b3) - (github-actions[bot])

46.0.3 - (2025-03-23)

🔄 Update

Updated README.md (#2501)

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> (41e0de5) - (github-actions[bot])

Updated README.md (#2499)

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@users.noreply.github.com> (9457878) - (github-actions[bot])

📚 Documentation

... (truncated)

Commits

8c14441 chore(deps): bump actions/setup-node from 4.4.0 to 5.0.0 (#2656)
e995ac4 chore(deps-dev): bump @types/node from 24.3.0 to 24.3.1 (#2657)
3b04099 chore(deps-dev): bump @types/node from 24.2.1 to 24.3.0 (#2649)
e7b6c97 chore(deps): bump github/codeql-action from 3.29.9 to 3.29.11 (

Bumps the github-actions group with 16 updates in the / directory: | Package | From | To | | --- | --- | --- | | [actions/checkout](https://github.com/actions/checkout) | `4.3.0` | `5.0.0` | | [crate-ci/typos](https://github.com/crate-ci/typos) | `1.35.3` | `1.36.2` | | [azure/setup-helm](https://github.com/azure/setup-helm) | `4.3.0` | `4.3.1` | | [chromaui/action](https://github.com/chromaui/action) | `13.1.3` | `13.1.4` | | [actions/setup-java](https://github.com/actions/setup-java) | `4.7.1` | `5.0.0` | | [google-github-actions/auth](https://github.com/google-github-actions/auth) | `2.1.12` | `3.0.0` | | [google-github-actions/setup-gcloud](https://github.com/google-github-actions/setup-gcloud) | `2.2.0` | `3.0.1` | | [actions/attest](https://github.com/actions/attest) | `2.4.0` | `3.0.0` | | [google-github-actions/get-gke-credentials](https://github.com/google-github-actions/get-gke-credentials) | `2.3.4` | `3.0.0` | | [actions/github-script](https://github.com/actions/github-script) | `7.0.1` | `8.0.0` | | [depot/build-push-action](https://github.com/depot/build-push-action) | `1.15.0` | `1.16.2` | | [tj-actions/changed-files](https://github.com/tj-actions/changed-files) | `f963b3f3562b00b6d2dd25efc390eb04e51ef6c6` | `8c14441336bb3d84fd6b7fa83b6d7201c740baf5` | | [nixbuild/nix-quick-install-action](https://github.com/nixbuild/nix-quick-install-action) | `32` | `33` | | [github/codeql-action](https://github.com/github/codeql-action) | `3.29.8` | `3.30.1` | | [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) | `0.32.0` | `0.33.1` | | [actions/stale](https://github.com/actions/stale) | `9.1.0` | `10.0.0` | Updates `actions/checkout` from 4.3.0 to 5.0.0 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@08eba0b...08c6903) Updates `crate-ci/typos` from 1.35.3 to 1.36.2 - [Release notes](https://github.com/crate-ci/typos/releases) - [Changelog](https://github.com/crate-ci/typos/blob/master/CHANGELOG.md) - [Commits](crate-ci/typos@52bd719...85f62a8) Updates `azure/setup-helm` from 4.3.0 to 4.3.1 - [Release notes](https://github.com/azure/setup-helm/releases) - [Changelog](https://github.com/Azure/setup-helm/blob/main/CHANGELOG.md) - [Commits](Azure/setup-helm@b9e5190...1a275c3) Updates `chromaui/action` from 13.1.3 to 13.1.4 - [Release notes](https://github.com/chromaui/action/releases) - [Commits](chromaui/action@58d9ffb...d0795df) Updates `actions/setup-java` from 4.7.1 to 5.0.0 - [Release notes](https://github.com/actions/setup-java/releases) - [Commits](actions/setup-java@c5195ef...dded088) Updates `google-github-actions/auth` from 2.1.12 to 3.0.0 - [Release notes](https://github.com/google-github-actions/auth/releases) - [Changelog](https://github.com/google-github-actions/auth/blob/main/CHANGELOG.md) - [Commits](google-github-actions/auth@b7593ed...7c6bc77) Updates `google-github-actions/setup-gcloud` from 2.2.0 to 3.0.1 - [Release notes](https://github.com/google-github-actions/setup-gcloud/releases) - [Changelog](https://github.com/google-github-actions/setup-gcloud/blob/main/CHANGELOG.md) - [Commits](google-github-actions/setup-gcloud@cb1e50a...aa5489c) Updates `actions/attest` from 2.4.0 to 3.0.0 - [Release notes](https://github.com/actions/attest/releases) - [Changelog](https://github.com/actions/attest/blob/main/RELEASE.md) - [Commits](actions/attest@ce27ba3...daf44fb) Updates `google-github-actions/get-gke-credentials` from 2.3.4 to 3.0.0 - [Release notes](https://github.com/google-github-actions/get-gke-credentials/releases) - [Changelog](https://github.com/google-github-actions/get-gke-credentials/blob/main/CHANGELOG.md) - [Commits](google-github-actions/get-gke-credentials@8e574c4...3da1e46) Updates `actions/github-script` from 7.0.1 to 8.0.0 - [Release notes](https://github.com/actions/github-script/releases) - [Commits](actions/github-script@60a0d83...ed59741) Updates `depot/build-push-action` from 1.15.0 to 1.16.2 - [Release notes](https://github.com/depot/build-push-action/releases) - [Commits](depot/build-push-action@2583627...9785b13) Updates `tj-actions/changed-files` from f963b3f3562b00b6d2dd25efc390eb04e51ef6c6 to 8c14441336bb3d84fd6b7fa83b6d7201c740baf5 - [Release notes](https://github.com/tj-actions/changed-files/releases) - [Changelog](https://github.com/tj-actions/changed-files/blob/main/HISTORY.md) - [Commits](tj-actions/changed-files@f963b3f...8c14441) Updates `nixbuild/nix-quick-install-action` from 32 to 33 - [Release notes](https://github.com/nixbuild/nix-quick-install-action/releases) - [Commits](nixbuild/nix-quick-install-action@63ca48f...1f095fe) Updates `github/codeql-action` from 3.29.8 to 3.30.1 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@76621b6...f1f6e5f) Updates `aquasecurity/trivy-action` from 0.32.0 to 0.33.1 - [Release notes](https://github.com/aquasecurity/trivy-action/releases) - [Commits](aquasecurity/trivy-action@dc5a429...b6643a2) Updates `actions/stale` from 9.1.0 to 10.0.0 - [Release notes](https://github.com/actions/stale/releases) - [Changelog](https://github.com/actions/stale/blob/main/CHANGELOG.md) - [Commits](actions/stale@5bef64f...3a9db7e) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: 5.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: crate-ci/typos dependency-version: 1.36.2 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: azure/setup-helm dependency-version: 4.3.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: chromaui/action dependency-version: 13.1.4 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: actions/setup-java dependency-version: 5.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: google-github-actions/auth dependency-version: 3.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: google-github-actions/setup-gcloud dependency-version: 3.0.1 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: actions/attest dependency-version: 3.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: google-github-actions/get-gke-credentials dependency-version: 3.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: actions/github-script dependency-version: 8.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: depot/build-push-action dependency-version: 1.16.2 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: tj-actions/changed-files dependency-version: 8c14441336bb3d84fd6b7fa83b6d7201c740baf5 dependency-type: direct:production dependency-group: github-actions - dependency-name: nixbuild/nix-quick-install-action dependency-version: '33' dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: github/codeql-action dependency-version: 3.30.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: aquasecurity/trivy-action dependency-version: 0.33.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: actions/stale dependency-version: 10.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Sep 8, 2025

github-actions bot approved these changes Sep 8, 2025

View reviewed changes

github-actions bot enabled auto-merge (squash) September 8, 2025 11:46

github-actions bot merged commit 0b460b8 into main Sep 8, 2025
41 checks passed

github-actions bot deleted the dependabot/github_actions/github-actions-4e9ca2514a branch September 8, 2025 11:55

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

ci: bump the github-actions group across 1 directory with 16 updates #19736

ci: bump the github-actions group across 1 directory with 16 updates #19736

Uh oh!

dependabot bot commented on behalf of github Sep 8, 2025

Uh oh!

Uh oh!

Uh oh!

ci: bump the github-actions group across 1 directory with 16 updates #19736

ci: bump the github-actions group across 1 directory with 16 updates #19736

Uh oh!

Conversation

dependabot bot commented on behalf of github Sep 8, 2025

v5.0.0

What's Changed

⚠️ Minimum Compatible Runner Version

Changelog

V5.0.0

V4.3.0

v4.2.2

v4.2.1

v4.2.0

v4.1.7

v4.1.6

v4.1.5

v4.1.4

v4.1.3

v1.36.2

[1.36.2] - 2025-09-04

Fixes

v1.36.1

[1.36.1] - 2025-09-03

Fixes

v1.36.0

[1.36.0] - 2025-09-02

Features

v1.35.8

[1.35.8] - 2025-09-02

v1.35.7

[1.35.7] - 2025-08-29

Documentation

v1.35.6

[1.35.6] - 2025-08-28

Fixes

v1.35.5

[1.35.5] - 2025-08-18

Fixes

Change Log

[Unreleased] - ReleaseDate

[1.36.2] - 2025-09-04

Fixes

[1.36.1] - 2025-09-03

Fixes

[1.36.0] - 2025-09-02

Features

[1.35.8] - 2025-09-02

[1.35.7] - 2025-08-29

Documentation

[1.35.6] - 2025-08-28

Fixes

[1.35.5] - 2025-08-18

Fixes

v4.3.1

Changed

Added

Change Log

[4.3.1] - 2025-08-12

Changed

Added

[4.3.0] - 2025-02-15

[4.2.0] - 2024-04-15

[4.1.0] - 2024-03-01

[4.0.0] - 2024-02-12

v5.0.0

What's Changed

Breaking Changes

Dependency Upgrades

Bug Fixes

New Contributors

v3.0.0

What's Changed

v2.1.13

What's Changed

v3.0.1

What's Changed

v3.0.0

What's Changed

v3