WARNING: THIS SITE IS A MIRROR OF GITHUB.COM / IT CANNOT LOGIN OR REGISTER ACCOUNTS / THE CONTENTS ARE PROVIDED AS-IS / THIS SITE ASSUMES NO RESPONSIBILITY FOR ANY DISPLAYED CONTENT OR LINKS / IF YOU FOUND SOMETHING MAY NOT GOOD FOR EVERYONE, CONTACT ADMIN AT ilovescratch@foxmail.com
Skip to content

deps: bump the dev-ci-tools group across 1 directory with 9 updates #1966

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
dependabot wants to merge 1 commit into
base: master
Choose a base branch
from
Open

deps: bump the dev-ci-tools group across 1 directory with 9 updates #1966

dependabot wants to merge 1 commit into from

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Nov 20, 2025
edited
Loading

Bumps the dev-ci-tools group with 9 updates in the / directory:

Package From To
actions/checkout 5 6
docker/metadata-action 5.8.0 5.9.0
stefanzweifel/git-auto-commit-action 5.2.0 7.0.0
super-linter/super-linter 8.0.0 8.2.1
googleapis/release-please-action 4.2.0 4.4.0
renovatebot/github-action 43.0.7 44.0.3
ossf/scorecard-action 2.4.2 2.4.3
actions/upload-artifact 4.6.2 5.0.0
github/codeql-action 3.29.9 4.31.4

Updates actions/checkout from 5 to 6

Release notes

Sourced from actions/checkout's releases.

v6.0.0

What's Changed

Full Changelog: actions/checkout@v5.0.0...v6.0.0

v6-beta

What's Changed

Updated persist-credentials to store the credentials under $RUNNER_TEMP instead of directly in the local git config.

This requires a minimum Actions Runner version of v2.329.0 to access the persisted credentials for Docker container action scenarios.

v5.0.1

What's Changed

Full Changelog: actions/checkout@v5...v5.0.1

Changelog

Sourced from actions/checkout's changelog.

Changelog

V6.0.0

V5.0.1

V5.0.0

V4.3.1

V4.3.0

v4.2.2

v4.2.1

v4.2.0

v4.1.7

v4.1.6

v4.1.5

... (truncated)

Commits

Updates docker/metadata-action from 5.8.0 to 5.9.0

Release notes

Sourced from docker/metadata-action's releases.

v5.9.0

Full Changelog: docker/metadata-action@v5.8.0...v5.9.0

Commits
  • 318604b Merge pull request #539 from docker/dependabot/npm_and_yarn/babel/runtime-cor...
  • 49c0a55 chore: update generated content
  • 486229e Merge pull request #558 from crazy-max/fix-dist
  • f02aeab chore: fix dist
  • beafb97 chore(deps): Bump @​babel/runtime-corejs3 from 7.14.7 to 7.28.2
  • 3ff819c Merge pull request #557 from crazy-max/yarn-4.9.2
  • 05838e9 update yarn to 4.9.2
  • 43fa4ac Merge pull request #556 from crazy-max/dev-deps
  • b3120f2 chore: update generated content
  • 1f469d2 update dev dependencies
  • Additional commits viewable in compare view

Updates stefanzweifel/git-auto-commit-action from 5.2.0 to 7.0.0

Release notes

Sourced from stefanzweifel/git-auto-commit-action's releases.

v7.0.0

Added

Changed

Dependency Updates

v6.0.1

Fixed

v6.0.0

Added

  • Throw error early if repository is in a detached state (#357)

Fixed

Removed

  • Remove support for create_branch, skip_checkout, skip_Fetch (#314)
Changelog

Sourced from stefanzweifel/git-auto-commit-action's changelog.

v7.0.0 - 2025-10-12

Added

Changed

Dependency Updates

v6.0.1 - 2025-06-11

Fixed

v6.0.0 - 2025-06-10

Added

  • Throw error early if repository is in a detached state (#357)

Fixed

Removed

  • Remove support for create_branch, skip_checkout, skip_Fetch (#314)
Commits
  • 28e16e8 Release preparations for v7 (#394)
  • 698fd76 Merge pull request #391 from EliasBoulharts/custom-tag-message
  • c40819a Update README
  • d7ee275 Change internal variable names
  • e8684eb Fix Tests
  • 1949701 Merge branch 'master' into pr/391
  • a88dc49 Merge pull request #388 from stefanzweifel/v7-next
  • a531dec Merge pull request #386 from stefanzweifel/dependabot/github_actions/actions/...
  • acbe8b1 Merge pull request #393 from stefanzweifel/v7-warn-detached-head
  • d185485 Enable Detached State Check
  • Additional commits viewable in compare view

Updates super-linter/super-linter from 8.0.0 to 8.2.1

Release notes

Sourced from super-linter/super-linter's releases.

v8.2.1

8.2.1 (2025-10-15)

🐛 Bugfixes

⬆️ Dependency updates

  • docker: bump the docker group with 2 updates (#7100) (28c5681)
  • npm: bump eslint from 9.36.0 to 9.37.0 in /dependencies (#7102) (cf6cb1e)
  • npm: bump renovate from 41.132.2 to 41.136.0 in /dependencies (#7107) (495692f)
  • npm: bump the eslint-plugins-configs group across 1 directory with 2 updates (#7101) (b3a735d)
  • npm: bump the npm group across 1 directory with 4 updates (#7108) (ce227b3)
  • npm: bump typescript (#7109) (deba11c)
  • python: bump the pip group across 1 directory with 7 updates (#7106) (7c02a56)

🧰 Maintenance

v8.2.0

8.2.0 (2025-09-30)

🚀 Features

🐛 Bugfixes

... (truncated)

Changelog

Sourced from super-linter/super-linter's changelog.

8.2.1 (2025-10-15)

🐛 Bugfixes

⬆️ Dependency updates

  • docker: bump the docker group with 2 updates (#7100) (28c5681)
  • npm: bump eslint from 9.36.0 to 9.37.0 in /dependencies (#7102) (cf6cb1e)
  • npm: bump renovate from 41.132.2 to 41.136.0 in /dependencies (#7107) (495692f)
  • npm: bump the eslint-plugins-configs group across 1 directory with 2 updates (#7101) (b3a735d)
  • npm: bump the npm group across 1 directory with 4 updates (#7108) (ce227b3)
  • npm: bump typescript (#7109) (deba11c)
  • python: bump the pip group across 1 directory with 7 updates (#7106) (7c02a56)

🧰 Maintenance

8.2.0 (2025-09-30)

🚀 Features

🐛 Bugfixes

  • initialize GITHUB_BEFORE_SHA on merge commits (#7053) (4649231), closes #6873
  • initialize GITHUB_SHA for both worktrees and regular repos (#7010) (8477b13)

... (truncated)

Commits
  • 2bdd90e chore(main): release 8.2.1 (#7094)
  • 51e00dd chore: use powershell from dotnet sdk image (#7141)
  • 2e6ad3d chore: update rack to 3.2.3 (#7136)
  • 7508f4c fix: validate DEFAULT_BRANCH when using find (#7119)
  • cf6cb1e deps(npm): bump eslint from 9.36.0 to 9.37.0 in /dependencies (#7102)
  • 495692f deps(npm): bump renovate from 41.132.2 to 41.136.0 in /dependencies (#7107)
  • deba11c deps(npm): bump typescript (#7109)
  • 28c5681 deps(docker): bump the docker group with 2 updates (#7100)
  • b3a735d deps(npm): bump the eslint-plugins-configs group across 1 directory with 2 up...
  • ec80a77 ci(github-actions): bump peter-evans/create-issue-from-file (#7103)
  • Additional commits viewable in compare view

Updates googleapis/release-please-action from 4.2.0 to 4.4.0

Release notes

Sourced from googleapis/release-please-action's releases.

v4.4.0

4.4.0 (2025-10-09)

Features

  • add ability to select versioning-strategy and release-as (#1121) (ee0f5ba)

Bug Fixes

  • changelog-host parameter ignored when using manifest configuration (#1151) (535c413)
  • bump mocha from 11.7.1 to 11.7.2 in the npm_and_yarn group across 1 directory (#1149) (3612a99)
  • bump release-please from 17.1.2 to 17.1.3 (#1158) (66fbfe9)

v4.3.0

4.3.0 (2025-08-20)

Features

  • deps: update release-please to 17.1.2 (f07192c)
Changelog

Sourced from googleapis/release-please-action's changelog.

4.4.0 (2025-10-09)

Features

  • add ability to select versioning-strategy and release-as (#1121) (ee0f5ba)

Bug Fixes

  • changelog-host parameter ignored when using manifest configuration (#1151) (535c413)
  • bump mocha from 11.7.1 to 11.7.2 in the npm_and_yarn group across 1 directory (#1149) (3612a99)
  • bump release-please from 17.1.2 to 17.1.3 (#1158) (66fbfe9)

4.3.0 (2025-08-20)

Features

  • deps: update release-please to 17.1.2 (f07192c)
Commits
  • 16a9c90 chore(main): release 4.4.0 (#1156)
  • e5c2aa4 chore: build dist (#1159)
  • 66fbfe9 fix: bump release-please from 17.1.2 to 17.1.3 (#1158)
  • 4cd397a chore: build dist (#1152)
  • ee0f5ba feat: add ability to select versioning-strategy and release-as (#1121)
  • 535c413 fix: changelog-host parameter ignored when using manifest configuration (#1...
  • 3612a99 fix: bump mocha from 11.7.1 to 11.7.2 in the npm_and_yarn group across 1 dire...
  • 15209c4 chore: verify body contents when running tests (#1148)
  • bf90349 docs: Add body to Outputs (#1129)
  • 1cfb21c docs: adds missing github action permissions to README (#1108)
  • Additional commits viewable in compare view

Updates renovatebot/github-action from 43.0.7 to 44.0.3

Release notes

Sourced from renovatebot/github-action's releases.

v44.0.3

44.0.3 (2025-11-17)

Documentation

  • update references to ghcr.io/renovatebot/renovate to v42.11.0 (1fee7b4)
  • update references to renovatebot/github-action to v44.0.2 (04d158c)

Miscellaneous Chores

  • deps: update dependency esbuild to v0.26.0 (9165c1c)
  • deps: update dependency esbuild to v0.27.0 (a4ef38d)
  • deps: update dependency typescript-eslint to v8.46.3 (a6d386d)
  • deps: update linters to v9.39.1 (6977a66)
  • deps: update pnpm to v10.21.0 (7abe8bb)

Build System

  • deps: lock file maintenance (5f1880c)

Continuous Integration

  • deps: update renovate docker tag to v42 (#960) (871c190)
  • deps: update renovate docker tag to v42.10.2 (00bfa3e)
  • deps: update renovate docker tag to v42.10.5 (550593c)
  • deps: update renovate docker tag to v42.11.0 (64b16b7)
  • deps: update renovate docker tag to v42.5.1 (ad9b3d5)
  • deps: update renovate docker tag to v42.5.2 (b01dddf)
  • deps: update renovate docker tag to v42.5.3 (160b607)
  • deps: update renovate docker tag to v42.5.4 (879d6fa)
  • deps: update renovate docker tag to v42.6.0 (3300545)
  • deps: update renovate docker tag to v42.6.1 (5b1ce50)
  • deps: update renovate docker tag to v42.6.2 (df2e683)
  • deps: update renovate docker tag to v42.6.3 (730d1a6)
  • deps: update renovate docker tag to v42.7.0 (b2df36e)
  • deps: update renovate docker tag to v42.9.2 (fc9d3f4)

v44.0.2

44.0.2 (2025-11-10)

Documentation

  • update references to ghcr.io/renovatebot/renovate to v42 (9ce6df1)
  • update references to renovatebot/github-action to v44 (03f7f69)

Build System

  • deps: lock file maintenance (80a952a)

v44.0.1

... (truncated)

Commits
  • c91a61c chore(release): 44.0.3 [skip ci]
  • 66be15a skip: merge (5f1880cb17c9677ab76c7a1677cd2eece2cdca19) [skip release]
  • 5f1880c build(deps): lock file maintenance
  • b0ab104 skip: merge (1fee7b4bf38e49b89a5cad621eb91365a93f3257) [skip release]
  • 2c295d6 skip: merge (7abe8bb0c3f3b7727804a0b457c8def8676fd1e1) [skip release]
  • 1fee7b4 docs: update references to ghcr.io/renovatebot/renovate to v42.11.0
  • 6dcdab5 skip: merge (04d158ca889df21a9ea869883e823f9fca11402f) [skip release]
  • 7abe8bb chore(deps): update pnpm to v10.21.0
  • 04d158c docs: update references to renovatebot/github-action to v44.0.2
  • 2d6e6f3 skip: merge (a4ef38db78530618fecb5d91498118c18e3fa91b) [skip release]
  • Additional commits viewable in compare view

Updates ossf/scorecard-action from 2.4.2 to 2.4.3

Release notes

Sourced from ossf/scorecard-action's releases.

v2.4.3

What's Changed

This update bumps the Scorecard version to the v5.3.0 release. For a complete list of changes, please refer to the Scorecard v5.3.0 release notes.

Documentation

Other

New Contributors

Full Changelog: ossf/scorecard-action@v2.4.2...v2.4.3

Commits
  • 4eaacf0 bump docker to ghcr v2.4.3 (#1587)
  • 42e3a01 🌱 Bump the github-actions group with 3 updates (#1585)
  • 88c07ac 🌱 Bump github.com/sigstore/cosign/v2 from 2.5.2 to 2.6.0 (#1579)
  • 6c690f2 Bump github.com/ossf/scorecard/v5 from v5.2.1 to v5.3.0 (#1586)
  • 92083b5 📖 Fix recommended command to test the image in development (#1583)
  • 7975ea6 🌱 Bump the docker-images group across 1 directory with 2 updates (#1...
  • 0d1a743 🌱 Bump github.com/spf13/cobra from 1.9.1 to 1.10.1 (#1575)
  • 46e6e0c 🌱 Bump the github-actions group with 2 updates (#1580)
  • c3f1350 🌱 Improve printing options (#1584)
  • 43e475b 🌱 Bump golang.org/x/net from 0.42.0 to 0.44.0 (#1578)
  • Additional commits viewable in compare view

Updates actions/upload-artifact from 4.6.2 to 5.0.0

Release notes

Sourced from actions/upload-artifact's releases.

v5.0.0

What's Changed

BREAKING CHANGE: this update supports Node v24.x. This is not a breaking change per-se but we're treating it as such.

New Contributors

Full Changelog: actions/upload-artifact@v4...v5.0.0

...

Description has been truncated

@dependabot
deps: bump the dev-ci-tools group across 1 directory with 9 updates
7499140 
Bumps the dev-ci-tools group with 9 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [actions/checkout](https://github.com/actions/checkout) | `5` | `6` |
| [docker/metadata-action](https://github.com/docker/metadata-action) | `5.8.0` | `5.9.0` |
| [stefanzweifel/git-auto-commit-action](https://github.com/stefanzweifel/git-auto-commit-action) | `5.2.0` | `7.0.0` |
| [super-linter/super-linter](https://github.com/super-linter/super-linter) | `8.0.0` | `8.2.1` |
| [googleapis/release-please-action](https://github.com/googleapis/release-please-action) | `4.2.0` | `4.4.0` |
| [renovatebot/github-action](https://github.com/renovatebot/github-action) | `43.0.7` | `44.0.3` |
| [ossf/scorecard-action](https://github.com/ossf/scorecard-action) | `2.4.2` | `2.4.3` |
| [actions/upload-artifact](https://github.com/actions/upload-artifact) | `4.6.2` | `5.0.0` |
| [github/codeql-action](https://github.com/github/codeql-action) | `3.29.9` | `4.31.4` |



Updates `actions/checkout` from 5 to 6
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](actions/checkout@v5...v6)

Updates `docker/metadata-action` from 5.8.0 to 5.9.0
- [Release notes](https://github.com/docker/metadata-action/releases)
- [Commits](docker/metadata-action@v5.8.0...v5.9.0)

Updates `stefanzweifel/git-auto-commit-action` from 5.2.0 to 7.0.0
- [Release notes](https://github.com/stefanzweifel/git-auto-commit-action/releases)
- [Changelog](https://github.com/stefanzweifel/git-auto-commit-action/blob/master/CHANGELOG.md)
- [Commits](stefanzweifel/git-auto-commit-action@v5.2.0...v7.0.0)

Updates `super-linter/super-linter` from 8.0.0 to 8.2.1
- [Release notes](https://github.com/super-linter/super-linter/releases)
- [Changelog](https://github.com/super-linter/super-linter/blob/main/CHANGELOG.md)
- [Commits](super-linter/super-linter@v8.0.0...v8.2.1)

Updates `googleapis/release-please-action` from 4.2.0 to 4.4.0
- [Release notes](https://github.com/googleapis/release-please-action/releases)
- [Changelog](https://github.com/googleapis/release-please-action/blob/main/CHANGELOG.md)
- [Commits](googleapis/release-please-action@v4.2.0...v4.4.0)

Updates `renovatebot/github-action` from 43.0.7 to 44.0.3
- [Release notes](https://github.com/renovatebot/github-action/releases)
- [Changelog](https://github.com/renovatebot/github-action/blob/main/CHANGELOG.md)
- [Commits](renovatebot/github-action@v43.0.7...v44.0.3)

Updates `ossf/scorecard-action` from 2.4.2 to 2.4.3
- [Release notes](https://github.com/ossf/scorecard-action/releases)
- [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md)
- [Commits](ossf/scorecard-action@v2.4.2...v2.4.3)

Updates `actions/upload-artifact` from 4.6.2 to 5.0.0
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](actions/upload-artifact@v4.6.2...v5.0.0)

Updates `github/codeql-action` from 3.29.9 to 4.31.4
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](github/codeql-action@v3.29.9...v4.31.4)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-version: '6'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: dev-ci-tools
- dependency-name: docker/metadata-action
  dependency-version: 5.9.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dev-ci-tools
- dependency-name: stefanzweifel/git-auto-commit-action
  dependency-version: 7.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: dev-ci-tools
- dependency-name: super-linter/super-linter
  dependency-version: 8.2.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dev-ci-tools
- dependency-name: googleapis/release-please-action
  dependency-version: 4.4.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: dev-ci-tools
- dependency-name: renovatebot/github-action
  dependency-version: 44.0.3
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: dev-ci-tools
- dependency-name: ossf/scorecard-action
  dependency-version: 2.4.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: dev-ci-tools
- dependency-name: actions/upload-artifact
  dependency-version: 5.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: dev-ci-tools
- dependency-name: github/codeql-action
  dependency-version: 4.31.4
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: dev-ci-tools
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update Github_actions code labels Nov 20, 2025
@dependabot dependabot bot requested a review from ferrarimarco as a code owner November 20, 2025 23:03
@dependabot dependabot bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update Github_actions code labels Nov 20, 2025
@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github Nov 24, 2025

Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting @dependabot recreate.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@ferrarimarco ferrarimarco Awaiting requested review from ferrarimarco ferrarimarco is a code owner

At least 0 approving reviews are required to merge this pull request.

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file github_actions Pull requests that update Github_actions code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant