build(deps): bump the github-actions group with 8 updates #2583

dependabot · 2025-10-01T18:08:06Z

Bumps the github-actions group with 8 updates:

Package	From	To
docker/login-action	`3.5.0`	`3.6.0`
codecov/codecov-action	`5.5.0`	`5.5.1`
chainguard-dev/actions	`1.4.13`	`1.5.2`
actions/labeler	`5.0.0`	`6.0.1`
actions/setup-python	`5.6.0`	`6.0.0`
nowsprinting/check-version-format-action	`4.0.6`	`4.0.7`
aquasecurity/trivy-action	`0.33.0`	`0.33.1`
shogo82148/actions-upload-release-asset	`1.9.0`	`1.9.1`

Updates docker/login-action from 3.5.0 to 3.6.0

Release notes

Sourced from docker/login-action's releases.

v3.6.0

Add registry-auth input for raw authentication to registries by @crazy-max in docker/login-action#887

Bump @aws-sdk/client-ecr to 3.890.0 in docker/login-action#882 docker/login-action#890

Bump @aws-sdk/client-ecr-public to 3.890.0 in docker/login-action#882 docker/login-action#890

Bump @docker/actions-toolkit from 0.62.1 to 0.63.0 in docker/login-action#883

Bump brace-expansion from 1.1.11 to 1.1.12 in docker/login-action#880

Bump undici from 5.28.4 to 5.29.0 in docker/login-action#879

Bump tmp from 0.2.3 to 0.2.4 in docker/login-action#881

Full Changelog: docker/login-action@v3.5.0...v3.6.0

Commits

5e57cd1 Merge pull request #890 from docker/dependabot/npm_and_yarn/aws-sdk-dependenc...
97e3143 chore: update generated content
3a0796b build(deps): bump the aws-sdk-dependencies group with 2 updates
5b7b28b Merge pull request #882 from docker/dependabot/npm_and_yarn/aws-sdk-dependenc...
abc9fb3 chore: update generated content
d468688 build(deps): bump the aws-sdk-dependencies group with 2 updates
a99b2f8 Merge pull request #883 from docker/dependabot/npm_and_yarn/docker/actions-to...
0d7fae8 chore: update generated content
9832253 build(deps): bump @docker/actions-toolkit from 0.62.1 to 0.63.0
09e05bb Merge pull request #881 from docker/dependabot/npm_and_yarn/tmp-0.2.4
Additional commits viewable in compare view

Updates codecov/codecov-action from 5.5.0 to 5.5.1

Release notes

Sourced from codecov/codecov-action's releases.

v5.5.1

What's Changed

build(deps): bump ossf/scorecard-action from 2.4.1 to 2.4.2 by @dependabot[bot] in codecov/codecov-action#1833

build(deps): bump github/codeql-action from 3.28.18 to 3.29.9 by @dependabot[bot] in codecov/codecov-action#1861

Document a codecov-cli version reference example by @webknjaz in codecov/codecov-action#1774

docs: fix typo in README by @datalater in codecov/codecov-action#1866

fix: update to use local app/ dir by @thomasrockhu-codecov in codecov/codecov-action#1872

build(deps): bump github/codeql-action from 3.29.9 to 3.29.11 by @dependabot[bot] in codecov/codecov-action#1867

build(deps): bump actions/checkout from 4.2.2 to 5.0.0 by @dependabot[bot] in codecov/codecov-action#1868

fix: overwrite pr number on fork by @thomasrockhu-codecov in codecov/codecov-action#1871

chore(release): 5.5.1 by @thomasrockhu-codecov in codecov/codecov-action#1873

New Contributors

@datalater made their first contribution in codecov/codecov-action#1866

Full Changelog: codecov/codecov-action@v5.5.0...v5.5.1

Changelog

Sourced from codecov/codecov-action's changelog.

v5.5.1

What's Changed

fix: overwrite pr number on fork by @thomasrockhu-codecov in codecov/codecov-action#1871

build(deps): bump actions/checkout from 4.2.2 to 5.0.0 by @app/dependabot in codecov/codecov-action#1868

build(deps): bump github/codeql-action from 3.29.9 to 3.29.11 by @app/dependabot in codecov/codecov-action#1867

fix: update to use local app/ dir by @thomasrockhu-codecov in codecov/codecov-action#1872

docs: fix typo in README by @datalater in codecov/codecov-action#1866

Document a codecov-cli version reference example by @webknjaz in codecov/codecov-action#1774

build(deps): bump github/codeql-action from 3.28.18 to 3.29.9 by @app/dependabot in codecov/codecov-action#1861

build(deps): bump ossf/scorecard-action from 2.4.1 to 2.4.2 by @app/dependabot in codecov/codecov-action#1833

Full Changelog: https://github.com/codecov/codecov-action/compare/v5.5.0..v5.5.1

v5.5.0

What's Changed

feat: upgrade wrapper to 0.2.4 by @jviall in codecov/codecov-action#1864

Pin actions/github-script by Git SHA by @martincostello in codecov/codecov-action#1859

fix: check reqs exist by @joseph-sentry in codecov/codecov-action#1835

fix: Typo in README by @spalmurray in codecov/codecov-action#1838

docs: Refine OIDC docs by @spalmurray in codecov/codecov-action#1837

build(deps): bump github/codeql-action from 3.28.17 to 3.28.18 by @app/dependabot in codecov/codecov-action#1829

Full Changelog: https://github.com/codecov/codecov-action/compare/v5.4.3..v5.5.0

v5.4.3

What's Changed

build(deps): bump github/codeql-action from 3.28.13 to 3.28.17 by @app/dependabot in codecov/codecov-action#1822

fix: OIDC on forks by @joseph-sentry in codecov/codecov-action#1823

Full Changelog: https://github.com/codecov/codecov-action/compare/v5.4.2..v5.4.3

v5.4.2

What's Changed

Full Changelog: https://github.com/codecov/codecov-action/compare/v5.4.1..v5.4.2

v5.4.1

... (truncated)

Commits

5a10915 chore(release): 5.5.1 (#1873)
3e0ce21 fix: overwrite pr number on fork (#1871)
c4741c8 build(deps): bump actions/checkout from 4.2.2 to 5.0.0 (#1868)
17370e8 build(deps): bump github/codeql-action from 3.29.9 to 3.29.11 (#1867)
18fdacf fix: update to use local app/ dir (#1872)
206148c docs: fix typo in README (#1866)
3cb13a1 Document a codecov-cli version reference example (#1774)
a4803c1 build(deps): bump github/codeql-action from 3.28.18 to 3.29.9 (#1861)
3139621 build(deps): bump ossf/scorecard-action from 2.4.1 to 2.4.2 (#1833)
See full diff in compare view

Updates chainguard-dev/actions from 1.4.13 to 1.5.2

Release notes

Sourced from chainguard-dev/actions's releases.

v1.5.2

What's Changed

Bump chainguard-dev/actions from 1.4.15 to 1.5.1 by @dependabot[bot] in chainguard-dev/actions#603

Full Changelog: chainguard-dev/actions@v1.5.1...v1.5.2

v1.5.1

What's Changed

Ignore testdata in goimports by @mattmoor in chainguard-dev/actions#602

Full Changelog: chainguard-dev/actions@v1.5.0...v1.5.1

v1.5.0

What's Changed

Bump chainguard-dev/actions from 1.4.14 to 1.4.15 by @dependabot[bot] in chainguard-dev/actions#600

Ignore testdata in gofmt by @mattmoor in chainguard-dev/actions#601

Full Changelog: chainguard-dev/actions@v1.4.15...v1.5.0

v1.4.15

What's Changed

Bump chainguard-dev/actions from 1.4.13 to 1.4.14 by @dependabot[bot] in chainguard-dev/actions#598

Bump step-security/harden-runner from 2.13.0 to 2.13.1 by @dependabot[bot] in chainguard-dev/actions#599

Full Changelog: chainguard-dev/actions@v1.4.14...v1.4.15

v1.4.14

What's Changed

Bump chainguard-dev/actions from 1.4.11 to 1.4.13 by @dependabot[bot] in chainguard-dev/actions#591

Bump octo-sts/action from 1.0.0 to 1.0.1 by @dependabot[bot] in chainguard-dev/actions#592

Bump reviewdog/action-setup from 1.3.2 to 1.4.0 in /donotsubmit by @dependabot[bot] in chainguard-dev/actions#593

Bump reviewdog/action-setup from 1.3.2 to 1.4.0 in /boilerplate by @dependabot[bot] in chainguard-dev/actions#594

Bump reviewdog/action-actionlint from 1.66.1 to 1.67.0 by @dependabot[bot] in chainguard-dev/actions#597

Bump actions/setup-go from 5.5.0 to 6.0.0 in /boilerplate by @dependabot[bot] in chainguard-dev/actions#595

Bump actions/setup-go from 5.5.0 to 6.0.0 by @dependabot[bot] in chainguard-dev/actions#596

Full Changelog: chainguard-dev/actions@v1.4.13...v1.4.14

Commits

8e97c1f Bump chainguard-dev/actions from 1.4.15 to 1.5.1 (#603)
de56c27 Ignore testdata in goimports (#602)
abca390 Ignore testdata in gofmt (#601)
8fa93a6 Bump chainguard-dev/actions from 1.4.14 to 1.4.15 (#600)
cd899cc Bump step-security/harden-runner from 2.13.0 to 2.13.1 (#599)
95fc84d Bump chainguard-dev/actions from 1.4.13 to 1.4.14 (#598)
f632aec Bump actions/setup-go from 5.5.0 to 6.0.0 (#596)
7acb993 Bump actions/setup-go from 5.5.0 to 6.0.0 in /boilerplate (#595)
07115ee Bump reviewdog/action-actionlint from 1.66.1 to 1.67.0 (#597)
6b2382c Bump reviewdog/action-setup from 1.3.2 to 1.4.0 in /boilerplate (#594)
Additional commits viewable in compare view

Updates actions/labeler from 5.0.0 to 6.0.1

Release notes

Sourced from actions/labeler's releases.

v6.0.1

What's Changed

Upgrade publish-action from 0.2.2 to 0.4.0 by @aparnajyothi-y in actions/labeler#901

New Contributors

@aparnajyothi-y made their first contribution in actions/labeler#901

Full Changelog: actions/labeler@v6.0.0...v6.0.1

v6.0.0

What's Changed

Add workflow file for publishing releases to immutable action package by @jcambass in actions/labeler#802

Breaking Changes

Upgrade Node.js version to 24 in action and dependencies @salmanmkc in actions/labeler#891 Make sure your runner is on version v2.327.1 or later to ensure compatibility with this release. Release Notes

Dependency Upgrades

Upgrade eslint-config-prettier from 9.0.0 to 9.1.0 by @dependabot[bot] in actions/labeler#711

Upgrade eslint from 8.52.0 to 8.55.0 by @dependabot[bot] in actions/labeler#720

Upgrade @types/jest from 29.5.6 to 29.5.11 by @dependabot[bot] in actions/labeler#719

Upgrade @types/js-yaml from 4.0.8 to 4.0.9 by @dependabot[bot] in actions/labeler#718

Upgrade @typescript-eslint/parser from 6.9.0 to 6.14.0 by @dependabot[bot] in actions/labeler#717

Upgrade prettier from 3.0.3 to 3.1.1 by @dependabot[bot] in actions/labeler#726

Upgrade eslint from 8.55.0 to 8.56.0 by @dependabot[bot] in actions/labeler#725

Upgrade @typescript-eslint/parser from 6.14.0 to 6.19.0 by @dependabot[bot] in actions/labeler#745

Upgrade eslint-plugin-jest from 27.4.3 to 27.6.3 by @dependabot[bot] in actions/labeler#744

Upgrade @typescript-eslint/eslint-plugin from 6.9.0 to 6.20.0 by @dependabot[bot] in actions/labeler#750

Upgrade prettier from 3.1.1 to 3.2.5 by @dependabot[bot] in actions/labeler#752

Upgrade undici from 5.26.5 to 5.28.3 by @dependabot[bot] in actions/labeler#757

Upgrade braces from 3.0.2 to 3.0.3 by @dependabot[bot] in actions/labeler#789

Upgrade minimatch from 9.0.3 to 10.0.1 by @dependabot[bot] in actions/labeler#805

Upgrade @actions/core from 1.10.1 to 1.11.1 by @dependabot[bot] in actions/labeler#811

Upgrade typescript from 5.4.3 to 5.7.2 by @dependabot[bot] in actions/labeler#819

Upgrade @typescript-eslint/parser from 7.3.1 to 8.17.0 by @dependabot[bot] in actions/labeler#824

Upgrade prettier from 3.2.5 to 3.4.2 by @dependabot[bot] in actions/labeler#825

Upgrade @types/jest from 29.5.12 to 29.5.14 by @dependabot[bot] in actions/labeler#827

Upgrade eslint-plugin-jest from 27.9.0 to 28.9.0 by @dependabot[bot] in actions/labeler#832

Upgrade ts-jest from 29.1.2 to 29.2.5 by @dependabot[bot] in actions/labeler#831

Upgrade @vercel/ncc from 0.38.1 to 0.38.3 by @dependabot[bot] in actions/labeler#830

Upgrade typescript from 5.7.2 to 5.7.3 by @dependabot[bot] in actions/labeler#835

Upgrade eslint-plugin-jest from 28.9.0 to 28.11.0 by @dependabot[bot] in actions/labeler#839

Upgrade undici from 5.28.4 to 5.28.5 by @dependabot[bot] in actions/labeler#842

Upgrade @octokit/request-error from 5.0.1 to 5.1.1 by @dependabot[bot] in actions/labeler#846

Documentation changes

Add note regarding pull_request_target to README.md by @silverwind in actions/labeler#669

Update readme with additional examples and important note about pull_request_target event by @IvanZosimov in actions/labeler#721

Document update - permission section by @harithavattikuti in actions/labeler#840

... (truncated)

Commits

634933e publish-action upgrade to 0.4.0 from 0.2.2 (#901)
f1a63e8 Update Node.js version to 24 in action and dependencies (#891)
b0a1180 Bump @octokit/request-error from 5.0.1 to 5.1.1 (#846)
110d441 Update README.md (#871)
bee50fe Bump undici from 5.28.4 to 5.28.5 (#842)
6463cdb Bump eslint-plugin-jest from 28.9.0 to 28.11.0 (#839)
c209686 Bump typescript from 5.7.2 to 5.7.3 (#835)
5184940 Bump @vercel/ncc from 0.38.1 to 0.38.3 (#830)
3629d55 Document update - permission section (#840)
d24f7f3 Bump ts-jest from 29.1.2 to 29.2.5 (#831)
Additional commits viewable in compare view

Updates actions/setup-python from 5.6.0 to 6.0.0

Release notes

Sourced from actions/setup-python's releases.

v6.0.0

What's Changed

Breaking Changes

Upgrade to node 24 by @salmanmkc in actions/setup-python#1164

Make sure your runner is on version v2.327.1 or later to ensure compatibility with this release. See Release Notes

Enhancements:

Add support for pip-version by @priyagupta108 in actions/setup-python#1129

Enhance reading from .python-version by @krystof-k in actions/setup-python#787

Add version parsing from Pipfile by @aradkdj in actions/setup-python#1067

Bug fixes:

Clarify pythonLocation behaviour for PyPy and GraalPy in environment variables by @aparnajyothi-y in actions/setup-python#1183

Change missing cache directory error to warning by @aparnajyothi-y in actions/setup-python#1182

Add Architecture-Specific PATH Management for Python with --user Flag on Windows by @aparnajyothi-y in actions/setup-python#1122

Include python version in PyPy python-version output by @cdce8p in actions/setup-python#1110

Update docs: clarification on pip authentication with setup-python by @priya-kinthali in actions/setup-python#1156

Dependency updates:

Upgrade idna from 2.9 to 3.7 in /tests/data by @dependabot[bot] in actions/setup-python#843

Upgrade form-data to fix critical vulnerabilities #182 & #183 by @aparnajyothi-y in actions/setup-python#1163

Upgrade setuptools to 78.1.1 to fix path traversal vulnerability in PackageIndex.download by @aparnajyothi-y in actions/setup-python#1165

Upgrade actions/checkout from 4 to 5 by @dependabot[bot] in actions/setup-python#1181

Upgrade @actions/tool-cache from 2.0.1 to 2.0.2 by @dependabot[bot] in actions/setup-python#1095

New Contributors

@krystof-k made their first contribution in actions/setup-python#787

@cdce8p made their first contribution in actions/setup-python#1110

@aradkdj made their first contribution in actions/setup-python#1067

Full Changelog: actions/setup-python@v5...v6.0.0

Commits

e797f83 Upgrade to node 24 (#1164)
3d1e2d2 Revert "Enhance cache-dependency-path handling to support files outside the w...
65b0712 Clarify pythonLocation behavior for PyPy and GraalPy in environment variables...
5b668cf Bump actions/checkout from 4 to 5 (#1181)
f62a0e2 Change missing cache directory error to warning (#1182)
9322b3c Upgrade setuptools to 78.1.1 to fix path traversal vulnerability in PackageIn...
fbeb884 Bump form-data to fix critical vulnerabilities #182 & #183 (#1163)
03bb615 Bump idna from 2.9 to 3.7 in /tests/data (#843)
36da51d Add version parsing from Pipfile (#1067)
3c6f142 update documentation (#1156)
Additional commits viewable in compare view

Updates nowsprinting/check-version-format-action from 4.0.6 to 4.0.7

Release notes

Sourced from nowsprinting/check-version-format-action's releases.

v4.0.7

What’s Changed

🧰 Maintenance

Enable release immutability

Bump @octokit/plugin-paginate-rest from 9.1.5 to 9.2.2 by @dependabot[bot] in #338

Fix actionlint.yml to use reviewdog/action-actionlint by @nowsprinting in #346

Bump undici from 5.28.5 to 5.29.0 by @dependabot[bot] in #345

Update Dependabot configuration for daily security updates by @nowsprinting in #344

Bump actions/setup-node from 4.3.0 to 4.4.0 by @dependabot[bot] in #343

Bump 8398a7/action-slack from 3.16.2 to 3.18.0 by @dependabot[bot] in #342

Commits

bb1181a Merge pull request #347 from nowsprinting/release/4.0.7
f9727a2 Bump version to v4.0.7
a333a7b Merge pull request #338 from nowsprinting/dependabot/npm_and_yarn/octokit/plu...
c4c5041 Fix dependencies
00bbef5 Bump @octokit/plugin-paginate-rest from 9.1.5 to 9.2.2
aaf5417 Merge pull request #346 from nowsprinting/chore/fix_actionlint
2c40dff Merge pull request #345 from nowsprinting/dependabot/npm_and_yarn/undici-5.29.0
8fbab9a npm install && npm run all
fe3a9c9 Fix actionlint.yml to use reviewdog/action-actionlint
244d1c0 Bump undici from 5.28.5 to 5.29.0
Additional commits viewable in compare view

Updates aquasecurity/trivy-action from 0.33.0 to 0.33.1

Release notes

Sourced from aquasecurity/trivy-action's releases.

v0.33.1

What's Changed

Update setup-trivy action to version v0.2.4 by @martincostello in aquasecurity/trivy-action#486

Full Changelog: aquasecurity/trivy-action@0.33.0...0.33.1

Commits

b6643a2 Update setup-trivy action to version v0.2.4 (#486)
See full diff in compare view

Updates shogo82148/actions-upload-release-asset from 1.9.0 to 1.9.1

Release notes

Sourced from shogo82148/actions-upload-release-asset's releases.

v1.9.1

What's Changed

Bump github/codeql-action from 3.29.10 to 3.29.11 by @dependabot[bot] in shogo82148/actions-upload-release-asset#1041

Bump eslint from 9.33.0 to 9.35.0 by @dependabot[bot] in shogo82148/actions-upload-release-asset#1055

Bump actions/setup-node from 4.4.0 to 5.0.0 by @dependabot[bot] in shogo82148/actions-upload-release-asset#1050

Bump reviewdog/action-eslint from 1.33.2 to 1.34.0 by @dependabot[bot] in shogo82148/actions-upload-release-asset#1051

Bump reviewdog/action-actionlint from 1.66.1 to 1.67.0 by @dependabot[bot] in shogo82148/actions-upload-release-asset#1052

Bump github/codeql-action from 3.29.11 to 3.30.1 by @dependabot[bot] in shogo82148/actions-upload-release-asset#1053

Bump typescript-eslint from 8.40.0 to 8.43.0 by @dependabot[bot] in shogo82148/actions-upload-release-asset#1056

Bump github/codeql-action from 3.30.1 to 3.30.3 by @dependabot[bot] in shogo82148/actions-upload-release-asset#1058

Full Changelog: shogo82148/actions-upload-release-asset@v1.9.0...v1.9.1

Commits

59cbc56 Merge pull request #1058 from shogo82148/dependabot/github_actions/github/cod...
8964eab Bump github/codeql-action from 3.30.1 to 3.30.3
cba8dbf Merge pull request #1056 from shogo82148/dependabot/npm_and_yarn/typescript-e...
1fbb477 Merge pull request #1053 from shogo82148/dependabot/github_actions/github/cod...
8e9a477 Merge pull request #1052 from shogo82148/dependabot/github_actions/reviewdog/...
35e0eaa Merge pull request #1051 from shogo82148/dependabot/github_actions/reviewdog/...
74f1cff Merge pull request #1050 from shogo82148/dependabot/github_actions/actions/se...
73c33f1 Merge pull request #1055 from shogo82148/dependabot/npm_and_yarn/eslint-9.35.0
49bdc1d Bump typescript-eslint from 8.40.0 to 8.43.0
b18216d Bump eslint from 9.33.0 to 9.35.0
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the github-actions group with 8 updates: | Package | From | To | | --- | --- | --- | | [docker/login-action](https://github.com/docker/login-action) | `3.5.0` | `3.6.0` | | [codecov/codecov-action](https://github.com/codecov/codecov-action) | `5.5.0` | `5.5.1` | | [chainguard-dev/actions](https://github.com/chainguard-dev/actions) | `1.4.13` | `1.5.2` | | [actions/labeler](https://github.com/actions/labeler) | `5.0.0` | `6.0.1` | | [actions/setup-python](https://github.com/actions/setup-python) | `5.6.0` | `6.0.0` | | [nowsprinting/check-version-format-action](https://github.com/nowsprinting/check-version-format-action) | `4.0.6` | `4.0.7` | | [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) | `0.33.0` | `0.33.1` | | [shogo82148/actions-upload-release-asset](https://github.com/shogo82148/actions-upload-release-asset) | `1.9.0` | `1.9.1` | Updates `docker/login-action` from 3.5.0 to 3.6.0 - [Release notes](https://github.com/docker/login-action/releases) - [Commits](docker/login-action@184bdaa...5e57cd1) Updates `codecov/codecov-action` from 5.5.0 to 5.5.1 - [Release notes](https://github.com/codecov/codecov-action/releases) - [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md) - [Commits](codecov/codecov-action@fdcc847...5a10915) Updates `chainguard-dev/actions` from 1.4.13 to 1.5.2 - [Release notes](https://github.com/chainguard-dev/actions/releases) - [Changelog](https://github.com/chainguard-dev/actions/blob/main/.goreleaser.yml) - [Commits](chainguard-dev/actions@3caedd3...8e97c1f) Updates `actions/labeler` from 5.0.0 to 6.0.1 - [Release notes](https://github.com/actions/labeler/releases) - [Commits](actions/labeler@8558fd7...634933e) Updates `actions/setup-python` from 5.6.0 to 6.0.0 - [Release notes](https://github.com/actions/setup-python/releases) - [Commits](actions/setup-python@a26af69...e797f83) Updates `nowsprinting/check-version-format-action` from 4.0.6 to 4.0.7 - [Release notes](https://github.com/nowsprinting/check-version-format-action/releases) - [Commits](nowsprinting/check-version-format-action@c7180d5...bb1181a) Updates `aquasecurity/trivy-action` from 0.33.0 to 0.33.1 - [Release notes](https://github.com/aquasecurity/trivy-action/releases) - [Commits](aquasecurity/trivy-action@f9424c1...b6643a2) Updates `shogo82148/actions-upload-release-asset` from 1.9.0 to 1.9.1 - [Release notes](https://github.com/shogo82148/actions-upload-release-asset/releases) - [Commits](shogo82148/actions-upload-release-asset@e6cd457...59cbc56) --- updated-dependencies: - dependency-name: docker/login-action dependency-version: 3.6.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: codecov/codecov-action dependency-version: 5.5.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: chainguard-dev/actions dependency-version: 1.5.2 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: actions/labeler dependency-version: 6.0.1 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: actions/setup-python dependency-version: 6.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: nowsprinting/check-version-format-action dependency-version: 4.0.7 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: aquasecurity/trivy-action dependency-version: 0.33.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: shogo82148/actions-upload-release-asset dependency-version: 1.9.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions ... Signed-off-by: dependabot[bot] <[email protected]>

dependabot · 2025-10-30T21:41:54Z

Looks like these dependencies are updatable in another way, so this is no longer needed.

dependabot bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Oct 1, 2025

dependabot bot requested a review from a team as a code owner October 1, 2025 18:08

dependabot bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Oct 1, 2025

github-actions bot added the area/tooling Affects the dev or user toolchain (e.g. tests, ci, build tools) label Oct 1, 2025

dependabot bot closed this Oct 30, 2025

dependabot bot deleted the dependabot/github_actions/github-actions-4c34a86826 branch October 30, 2025 21:41

github-actions bot locked and limited conversation to collaborators Oct 30, 2025

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

build(deps): bump the github-actions group with 8 updates #2583

build(deps): bump the github-actions group with 8 updates #2583

dependabot bot commented on behalf of github Oct 1, 2025 •

edited

Loading

Uh oh!

dependabot bot commented on behalf of github Oct 30, 2025

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

build(deps): bump the github-actions group with 8 updates #2583

build(deps): bump the github-actions group with 8 updates #2583

Conversation

dependabot bot commented on behalf of github Oct 1, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

v3.6.0

v5.5.1

What's Changed

New Contributors

v5.5.1

What's Changed

v5.5.0

What's Changed

v5.4.3

What's Changed

v5.4.2

What's Changed

v5.4.1

v1.5.2

What's Changed

v1.5.1

What's Changed

v1.5.0

What's Changed

v1.4.15

What's Changed

v1.4.14

What's Changed

v6.0.1

What's Changed

New Contributors

v6.0.0

What's Changed

Breaking Changes

Dependency Upgrades

Documentation changes

v6.0.0

What's Changed

Breaking Changes

Enhancements:

Bug fixes:

Dependency updates:

New Contributors

v4.0.7

What’s Changed

🧰 Maintenance

v0.33.1

What's Changed

v1.9.1

What's Changed

Uh oh!

dependabot bot commented on behalf of github Oct 30, 2025

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

dependabot bot commented on behalf of github Oct 1, 2025 •

edited

Loading