ferrarimarco · dependabot · Dec 8, 2025
@@ -26,7 +26,7 @@ jobs:
       cancel-in-progress: true
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
       - name: "Build the ${{ matrix.arduino-project.project-id }} Arduino project"
         run: |
           scripts/build-arduino-project.sh \

@@ -38,7 +38,7 @@ jobs:
     steps:
       - name: Set up QEMU
         uses: docker/setup-qemu-action@v3
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
       - name: Set up Docker Buildx
         uses: docker/setup-buildx-action@v3
       - name: Validate Docker build configuration
@@ -57,7 +57,7 @@ jobs:
           "${DOCKER_BUILD_COMMAND[@]}"
       - name: Extract metadata (tags, labels) for Docker
         id: meta
-        uses: docker/metadata-action@v5.8.0
+        uses: docker/metadata-action@v5.10.0
         with:
           images: |
             ${{ env.CONTAINER_IMAGE_REGISTRY }}/${{ env.CONTAINER_IMAGE_ID }}

@@ -30,7 +30,7 @@ jobs:
         working-directory: config/smart-desk/esphome
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
       - name: "Build the Smart Desk firmware image"
         run: |
           scripts/build.sh
@@ -38,9 +38,9 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout the current repository
-        uses: actions/checkout@v5
+        uses: actions/checkout@v6
       - name: Checkout the site repository
-        uses: actions/checkout@v5
+        uses: actions/checkout@v6
         with:
           path: "${{ inputs.site-name }}"
           repository: "${{ inputs.site-repository }}"
@@ -53,7 +53,7 @@ jobs:
           github.event.pull_request.user.login != 'dependabot[bot]' &&
           github.event_name == 'pull_request' &&
           github.ref_name != github.event.repository.default_branch
-        uses: stefanzweifel/git-auto-commit-action@v5.2.0
+        uses: stefanzweifel/git-auto-commit-action@v7.0.0
         with:
           branch: ${{ inputs.site-repository-branch }}
           commit_message: "chore: update ${{ inputs.site-name }} site"

@@ -11,6 +11,6 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout Repository
-        uses: actions/checkout@v5
+        uses: actions/checkout@v6
       - name: Review dependencies
         uses: actions/dependency-review-action@v4
@@ -33,7 +33,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Checkout the current repository
-        uses: actions/checkout@v5
+        uses: actions/checkout@v6
         with:
           persist-credentials: true
       - name: Build the home-lab-docs site
@@ -44,7 +44,7 @@ jobs:
           github.event.pull_request.user.login != 'dependabot[bot]' &&
           github.event_name == 'pull_request' &&
           github.ref_name != github.event.repository.default_branch
-        uses: stefanzweifel/git-auto-commit-action@v5.2.0
+        uses: stefanzweifel/git-auto-commit-action@v7.0.0
         with:
           branch: "${{ github.event.pull_request.head.ref || github.head_ref || github.ref }}"
           commit_message: "chore: update home-lab-docs site"

@@ -15,7 +15,7 @@ jobs:
     permissions:
       contents: read
     steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
         with:
           fetch-depth: 0
 

@@ -23,13 +23,13 @@ jobs:
       statuses: write
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
         with:
           fetch-depth: 0
       - name: Load super-linter configuration
         run: cat config/lint/super-linter.env >> "$GITHUB_ENV"
       - name: Super-Linter
-        uses: super-linter/super-linter@v8.0.0
+        uses: super-linter/super-linter@v8.3.0
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
 
@@ -42,7 +42,7 @@ jobs:
       cancel-in-progress: true
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
       - name: "Run pre-commit"
         run: |
           set -o errexit
@@ -66,15 +66,15 @@ jobs:
       statuses: write
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
         with:
           fetch-depth: 0
       - name: Load super-linter configuration
         run: cat config/lint/super-linter.env >> "$GITHUB_ENV"
       - name: Load super-linter fix mode configuration
         run: cat config/lint/super-linter-fix-mode.env >> "$GITHUB_ENV"
       - name: Super-Linter
-        uses: super-linter/super-linter@v8.0.0
+        uses: super-linter/super-linter@v8.3.0
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
       - name: Commit and push linting fixes
@@ -85,7 +85,7 @@ jobs:
           github.event_name == 'pull_request' &&
           github.ref_name != github.event.repository.default_branch &&
           !cancelled()
-        uses: stefanzweifel/git-auto-commit-action@v5.2.0
+        uses: stefanzweifel/git-auto-commit-action@v7.0.0
         with:
           branch: ${{ github.event.pull_request.head.ref || github.head_ref || github.ref }}
           commit_message: "chore: fix linting issues"

@@ -13,7 +13,7 @@ jobs:
     permissions:
       contents: read
     steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
         with:
           fetch-depth: 0
 

@@ -21,7 +21,7 @@ jobs:
       contents: write
       pull-requests: write
     steps:
-      - uses: googleapis/release-please-action@v4.2.0
+      - uses: googleapis/release-please-action@v4.4.0
         id: release
         with:
           config-file: .github/release-please/release-please-config.json

@@ -29,7 +29,7 @@ jobs:
       security-events: read
     steps:
       - name: Checkout
-        uses: actions/checkout@v5
+        uses: actions/checkout@v6
       - name: Enable dry run if required
         if: ${{ github.ref_name != github.event.repository.default_branch }}
         run: |
@@ -39,7 +39,7 @@ jobs:
           echo "Enable Renovate dry run"
           echo "RENOVATE_DRY_RUN=full" >>"${GITHUB_ENV}"
       - name: Self-hosted Renovate
-        uses: renovatebot/github-action@v43.0.7
+        uses: renovatebot/github-action@v44.0.5
         env:
           LOG_LEVEL: "debug"
         with:

@@ -27,12 +27,12 @@ jobs:
 
     steps:
       - name: "Checkout code"
-        uses: actions/checkout@v5
+        uses: actions/checkout@v6
         with:
           persist-credentials: false
 
       - name: "Run analysis"
-        uses: ossf/[email protected].2
+        uses: ossf/[email protected].3
         with:
           results_file: results.sarif
           results_format: sarif
@@ -41,14 +41,14 @@ jobs:
       # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF
       # format to the repository Actions tab.
       - name: "Upload artifact"
-        uses: actions/upload-artifact@v4.6.2
+        uses: actions/upload-artifact@v5.0.0
         with:
           name: SARIF file
           path: results.sarif
           retention-days: 5
 
       # Upload the results to GitHub's code scanning dashboard.
       - name: "Upload to code-scanning"
-        uses: github/codeql-action/upload-sarif@v3.29.9
+        uses: github/codeql-action/upload-sarif@v4.31.7
         with:
           sarif_file: results.sarif
@@ -53,7 +53,7 @@ jobs:
           large-packages: true
           docker-images: true
           swap-storage: false
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
       - name: Set up Docker Buildx
         uses: docker/setup-buildx-action@v3
       - name: Run molecule

@@ -24,7 +24,7 @@ jobs:
       group: ${{ github.workflow }}-${{ github.head_ref || github.ref }}-${{ github.event_name }}-${{ matrix.test_script_path }}
       cancel-in-progress: true
     steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6
         with:
           fetch-depth: 0
       - name: Run ${{ matrix.test_script_path }}