ci(deps): bump the actions-all group across 1 directory with 13 updates by dependabot[bot] · Pull Request #942 · NC1107/echo-messenger

dependabot · 2026-05-16T14:52:44Z

Bumps the actions-all group with 13 updates in the / directory:

Package	From	To
dorny/paths-filter	`3`	`4`
actions/cache	`4`	`5`
actions/setup-java	`4.8.0`	`5.2.0`
docker/setup-buildx-action	`3.12.0`	`4.0.0`
docker/metadata-action	`5.10.0`	`6.0.0`
docker/build-push-action	`6.19.2`	`7.1.0`
codecov/codecov-action	`4.6.0`	`6.0.1`
peter-evans/create-issue-from-file	`5.0.1`	`6.0.0`
EmbarkStudios/cargo-deny-action	`2.0.16`	`2.0.18`
actions/download-artifact	`4.3.0`	`8.0.1`
softprops/action-gh-release	`2.6.2`	`3.0.0`
trufflesecurity/trufflehog	`3.95.2`	`3.95.3`
SonarSource/sonarqube-scan-action	`6.0.0`	`8.1.0`

Updates dorny/paths-filter from 3 to 4

Release notes

Sourced from dorny/paths-filter's releases.

v4.0.0

What's Changed

feat: update action runtime to node24 by @saschabratton in dorny/paths-filter#294

New Contributors

@saschabratton made their first contribution in dorny/paths-filter#294

Full Changelog: dorny/paths-filter@v3.0.3...v4.0.0

v3.0.3

What's Changed

Add missing predicate-quantifier by @wardpeet in dorny/paths-filter#279

New Contributors

@wardpeet made their first contribution in dorny/paths-filter#279

Full Changelog: dorny/paths-filter@v3...v3.0.3

v3.0.2

What's Changed

feat: add config parameter for predicate quantifier by @petermetz in dorny/paths-filter#224

New Contributors

@petermetz made their first contribution in dorny/paths-filter#224

Full Changelog: dorny/paths-filter@v3...v3.0.2

v3.0.1

What's Changed

Compare base and ref when token is empty by @frouioui in dorny/paths-filter#133

New Contributors

@frouioui made their first contribution in dorny/paths-filter#133

Full Changelog: dorny/paths-filter@v3...v3.0.1

Changelog

Sourced from dorny/paths-filter's changelog.

Changelog

v4.0.0

Update action runtime to node24

v3.0.3

Add missing predicate-quantifier

v3.0.2

Add config parameter for predicate quantifier

v3.0.1

Compare base and ref when token is empty

v3.0.0

Update to Node.js 20

Update all dependencies

v2.11.1

Update @actions/core to v1.10.0 - Fixes warning about deprecated set-output

Document need for pull-requests: read permission

Updating to actions/checkout@v3

v2.11.0

Set list-files input parameter as not required

Update Node.js

Fix incorrect handling of Unicode characters in exec()

Use Octokit pagination

Updates real world links

v2.10.2

Fix getLocalRef() returns wrong ref

v2.10.1

Improve robustness of change detection

v2.10.0

Add ref input parameter

Fix change detection in PR when pullRequest.changed_files is incorrect

v2.9.3

Fix change detection when base is a tag

v2.9.2

Fix fetching git history

v2.9.1

Fix fetching git history + fallback to unshallow repo

v2.9.0

... (truncated)

Commits

fbd0ab8 feat: add merge_group event support
efb1da7 feat: add dist/ freshness check to PR workflow
d8f7b06 Merge pull request #302 from dorny/issue-299
addbc14 Update README for v4
9d7afb8 Update CHANGELOG for v4.0.0
782470c Merge branch 'releases/v3'
ce10459 Merge pull request #294 from saschabratton/master
5f40380 feat: update action runtime to node24
See full diff in compare view

Updates actions/cache from 4 to 5

Release notes

Sourced from actions/cache's releases.

v5.0.0

[!IMPORTANT] actions/cache@v5 runs on the Node.js 24 runtime and requires a minimum Actions Runner version of 2.327.1.

If you are using self-hosted runners, ensure they are updated before upgrading.

What's Changed

Upgrade to use node24 by @salmanmkc in actions/cache#1630

Prepare v5.0.0 release by @salmanmkc in actions/cache#1684

Full Changelog: actions/cache@v4.3.0...v5.0.0

v4.3.0

What's Changed

Add note on runner versions by @GhadimiR in actions/cache#1642

Prepare v4.3.0 release by @Link- in actions/cache#1655

New Contributors

@GhadimiR made their first contribution in actions/cache#1642

Full Changelog: actions/cache@v4...v4.3.0

v4.2.4

What's Changed

Update README.md by @nebuk89 in actions/cache#1620

Upgrade @actions/cache to 4.0.5 and move @protobuf-ts/plugin to dev depdencies by @Link- in actions/cache#1634

Prepare release 4.2.4 by @Link- in actions/cache#1636

New Contributors

@nebuk89 made their first contribution in actions/cache#1620

Full Changelog: actions/cache@v4...v4.2.4

v4.2.3

What's Changed

Update to use @actions/cache 4.0.3 package & prepare for new release by @salmanmkc in actions/cache#1577 (SAS tokens for cache entries are now masked in debug logs)

New Contributors

@salmanmkc made their first contribution in actions/cache#1577

Full Changelog: actions/cache@v4.2.2...v4.2.3

... (truncated)

Changelog

Sourced from actions/cache's changelog.

Releases

How to prepare a release

[!NOTE]
Relevant for maintainers with write access only.

Switch to a new branch from main.

Run npm test to ensure all tests are passing.

Update the version in https://github.com/actions/cache/blob/main/package.json.

Run npm run build to update the compiled files.

Update this https://github.com/actions/cache/blob/main/RELEASES.md with the new version and changes in the ## Changelog section.

Run licensed cache to update the license report.

Run licensed status and resolve any warnings by updating the https://github.com/actions/cache/blob/main/.licensed.yml file with the exceptions.

Commit your changes and push your branch upstream.

Open a pull request against main and get it reviewed and merged.

Draft a new release https://github.com/actions/cache/releases use the same version number used in package.json

Create a new tag with the version number.

Auto generate release notes and update them to match the changes you made in RELEASES.md.

Toggle the set as the latest release option.

Publish the release.

Navigate to https://github.com/actions/cache/actions/workflows/release-new-action-version.yml

There should be a workflow run queued with the same version number.

Approve the run to publish the new version and update the major tags for this action.

Changelog

5.0.4

Bump minimatch to v3.1.5 (fixes ReDoS via globstar patterns)

Bump undici to v6.24.1 (WebSocket decompression bomb protection, header validation fixes)

Bump fast-xml-parser to v5.5.6

5.0.3

Bump @actions/cache to v5.0.5 (Resolves: https://github.com/actions/cache/security/dependabot/33)

Bump @actions/core to v2.0.3

5.0.2

Bump @actions/cache to v5.0.3 #1692

5.0.1

Update @azure/storage-blob to ^12.29.1 via @actions/cache@5.0.1 #1685

5.0.0

[!IMPORTANT] actions/cache@v5 runs on the Node.js 24 runtime and requires a minimum Actions Runner version of 2.327.1.

... (truncated)

Commits

27d5ce7 Merge pull request #1747 from actions/yacaovsnc/update-dependency
f280785 licensed changes
619aeb1 npm run build generated dist files
bcf16c2 Update ts-http-runtime to 0.3.5
6682284 Merge pull request #1738 from actions/prepare-v5.0.4
e340396 Update RELEASES
8a67110 Add licenses
1865903 Update dependencies & patch security vulnerabilities
5656298 Merge pull request #1722 from RyPeck/patch-1
4e380d1 Fix cache key in examples.md for bun.lock
Additional commits viewable in compare view

Updates actions/setup-java from 4.8.0 to 5.2.0

Release notes

Sourced from actions/setup-java's releases.

v5.2.0

What's Changed

Enhancement

Retry on HTTP 522 Connection timed out by @findepi in actions/setup-java#964

Documentation Changes

Update gradle caching by @priya-kinthali in actions/setup-java#972

Update checkout to v6 by @mahabaleshwars in actions/setup-java#973

Dependency Updates

Upgrade @actions/cache to v5 by @salmanmkc in actions/setup-java#968

Upgrade actions/checkout from 5 to 6 by @dependabot in actions/setup-java#961

New Contributors

@findepi made their first contribution in actions/setup-java#964

Full Changelog: actions/setup-java@v5...v5.2.0

v5.1.0

What's Changed

New Features

Add support for .sdkmanrc file in java-version-file parameter by @guicamest in actions/setup-java#736

Add support for Microsoft OpenJDK 25 builds by @the-mod in actions/setup-java#927

Bug Fixes & Improvements

Update Regex to Support All ASDF Versions for the supported distributions in tool-versions File by @aparnajyothi-y in actions/setup-java#767

Enhance error logging for network failures to include endpoint/IP details, add retry mechanism and update workflows to use macos-15-intel by @priya-kinthali in actions/setup-java#946

Update SapMachine URLs by @RealCLanger in actions/setup-java#955

Add GitHub Token Support for GraalVM and Refactor Code by @mahabaleshwars in actions/setup-java#849

Documentation changes

Update documentation to use checkout and Java v5 by @lmvysakh in actions/setup-java#903

Clarify JAVA_HOME and PATH setup in README by @chiranjib-swain in actions/setup-java#841

Dependency updates

Upgrade prettier from 2.8.8 to 3.6.2 and document breaking changes in v5 by @dependabot in actions/setup-java#873

Upgrade actions/publish-action from 0.3.0 to 0.4.0 by @dependabot in actions/setup-java#912

New Contributors

@lmvysakh made their first contribution in actions/setup-java#903

@chiranjib-swain made their first contribution in actions/setup-java#841

@the-mod made their first contribution in actions/setup-java#927

@priya-kinthali made their first contribution in actions/setup-java#946

@guicamest made their first contribution in actions/setup-java#736

Full Changelog: actions/setup-java@v5...v5.1.0

... (truncated)

Commits

be666c2 Chore: Version Update and Checkout Update to v6 (#973)
f7a6fef Bump actions/checkout from 5 to 6 (#961)
d81c4e4 Upgrade @actions/cache to v5 (#968)
1b1bbe1 readme update (#972)
5d7b214 Retry on HTTP 522 Connection timed out (#964)
f2beeb2 Bump actions/publish-action from 0.3.0 to 0.4.0 (#912)
4e7e684 feat: Add support for .sdkmanrc file in java-version-file parameter (#736)
46c56d6 Add GitHub Token Support for GraalVM and Refactor Code (#849)
66b9457 Update SapMachine URLs (#955)
6ba5449 Enhance error logging for network failures to include endpoint/IP details, ad...
Additional commits viewable in compare view

Updates docker/setup-buildx-action from 3.12.0 to 4.0.0

Release notes

Sourced from docker/setup-buildx-action's releases.

v4.0.0

Node 24 as default runtime (requires Actions Runner v2.327.1 or later) by @crazy-max in docker/setup-buildx-action#483

Remove deprecated inputs/outputs by @crazy-max in docker/setup-buildx-action#464

Switch to ESM and update config/test wiring by @crazy-max in docker/setup-buildx-action#481

Bump @actions/core from 1.11.1 to 3.0.0 in docker/setup-buildx-action#475

Bump @docker/actions-toolkit from 0.63.0 to 0.79.0 in docker/setup-buildx-action#482 docker/setup-buildx-action#485

Bump js-yaml from 4.1.0 to 4.1.1 in docker/setup-buildx-action#452

Bump lodash from 4.17.21 to 4.17.23 in docker/setup-buildx-action#472

Bump minimatch from 3.1.2 to 3.1.5 in docker/setup-buildx-action#480

Full Changelog: docker/setup-buildx-action@v3.12.0...v4.0.0

Commits

4d04d5d Merge pull request #485 from docker/dependabot/npm_and_yarn/docker/actions-to...
cd74e05 chore: update generated content
eee38ec build(deps): bump @docker/actions-toolkit from 0.77.0 to 0.79.0
7a83f65 Merge pull request #484 from docker/dependabot/github_actions/docker/setup-qe...
a5aa967 Merge pull request #464 from crazy-max/rm-deprecated
e73d53f build(deps): bump docker/setup-qemu-action from 3 to 4
28a438e Merge pull request #483 from crazy-max/node24
034e9d3 chore: update generated content
b4664d8 remove deprecated inputs/outputs
a8257de node 24 as default runtime
Additional commits viewable in compare view

Updates docker/metadata-action from 5.10.0 to 6.0.0

Release notes

Sourced from docker/metadata-action's releases.

v6.0.0

Node 24 as default runtime (requires Actions Runner v2.327.1 or later) by @crazy-max in docker/metadata-action#605

List inputs now preserve # inside values while still supporting full-line # comments by @crazy-max in docker/metadata-action#607

Switch to ESM and update config/test wiring by @crazy-max in docker/metadata-action#602

Bump lodash from 4.17.21 to 4.17.23 in docker/metadata-action#588

Bump @actions/core from 1.11.1 to 3.0.0 in docker/metadata-action#599

Bump @actions/github from 6.0.1 to 9.0.0 in docker/metadata-action#597

Bump @docker/actions-toolkit from 0.68.0 to 0.79.0 in docker/metadata-action#604

Bump @isaacs/brace-expansion from 5.0.0 to 5.0.1 in docker/metadata-action#600

Bump semver from 7.7.3 to 7.7.4 in docker/metadata-action#603

Full Changelog: docker/metadata-action@v5.10.0...v6.0.0

Commits

030e881 Merge pull request #607 from crazy-max/allow-comments
4b529ac chore: update generated content
b0082b3 preserve comments in list input values with commentNoInfix
7b19fec Merge pull request #604 from docker/dependabot/npm_and_yarn/docker/actions-to...
281c9b0 chore: update generated content
5f43b3b test: stabilize github mock setup since ESM
9d53276 github class moved since actions-toolkit v0.77.0
eaa3d39 chore(deps): Bump @docker/actions-toolkit from 0.68.0 to 0.77.0
6b695f7 Merge pull request #605 from crazy-max/node24
a1afadc node 24 as default runtime
Additional commits viewable in compare view

Updates docker/build-push-action from 6.19.2 to 7.1.0

Release notes

Sourced from docker/build-push-action's releases.

v7.1.0

Git context query format support by @crazy-max in docker/build-push-action#1505

Bump @docker/actions-toolkit from 0.79.0 to 0.87.0 by @crazy-max in docker/build-push-action#1505

Bump brace-expansion from 1.1.12 to 1.1.13 in docker/build-push-action#1500

Bump fast-xml-parser from 5.4.2 to 5.5.7 in docker/build-push-action#1489

Bump flatted from 3.3.3 to 3.4.2 in docker/build-push-action#1491

Bump glob from 10.3.12 to 10.5.0 in docker/build-push-action#1490

Bump handlebars from 4.7.8 to 4.7.9 in docker/build-push-action#1497

Bump lodash from 4.17.23 to 4.18.1 in docker/build-push-action#1510

Bump picomatch from 4.0.3 to 4.0.4 in docker/build-push-action#1496

Bump undici from 6.23.0 to 6.24.1 in docker/build-push-action#1486

Bump vite from 7.3.1 to 7.3.2 in docker/build-push-action#1509

Full Changelog: docker/build-push-action@v7.0.0...v7.1.0

v7.0.0

Node 24 as default runtime (requires Actions Runner v2.327.1 or later) by @crazy-max in docker/build-push-action#1470

Remove deprecated DOCKER_BUILD_NO_SUMMARY and DOCKER_BUILD_EXPORT_RETENTION_DAYS envs by @crazy-max in docker/build-push-action#1473

Remove legacy export-build tool support for build summary by @crazy-max in docker/build-push-action#1474

Switch to ESM and update config/test wiring by @crazy-max in docker/build-push-action#1466

Bump @actions/core from 1.11.1 to 3.0.0 in docker/build-push-action#1454

Bump @docker/actions-toolkit from 0.62.1 to 0.79.0 in docker/build-push-action#1453 docker/build-push-action#1472 docker/build-push-action#1479

Bump minimatch from 3.1.2 to 3.1.5 in docker/build-push-action#1463

Full Changelog: docker/build-push-action@v6.19.2...v7.0.0

Commits

bcafcac Merge pull request #1509 from docker/dependabot/npm_and_yarn/vite-7.3.2
18e62f1 Merge pull request #1510 from docker/dependabot/npm_and_yarn/lodash-4.18.1
46580d2 chore: update generated content
3f80b25 chore(deps): Bump lodash from 4.17.23 to 4.18.1
efeec95 Merge pull request #1505 from crazy-max/refactor-git-context
ddf04b0 Merge pull request #1511 from docker/dependabot/github_actions/crazy-max-dot-...
db08d97 chore(deps): Bump the crazy-max-dot-github group with 2 updates
ef1fb96 Merge pull request #1508 from docker/dependabot/github_actions/docker/login-a...
2d8f2a1 chore: update generated content
919ac7b fix test since secrets are not written to temp path anymore
Additional commits viewable in compare view

Updates codecov/codecov-action from 4.6.0 to 6.0.1

Release notes

Sourced from codecov/codecov-action's releases.

v6.0.1

What's Changed

fix: prevent template injection in run: steps (VULN-1652) by @thomasrockhu-codecov in codecov/codecov-action#1947

chore(release): 6.0.1 by @thomasrockhu-codecov in codecov/codecov-action#1949

Full Changelog: codecov/codecov-action@v6.0.0...v6.0.1

v6.0.0

⚠️ This version introduces support for node24 which make cause breaking changes for systems that do not currently support node24. ⚠️

What's Changed

Revert "Revert "build(deps): bump actions/github-script from 7.0.1 to 8.0.0"" by @thomasrockhu-codecov in codecov/codecov-action#1929

Th/6.0.0 by @thomasrockhu-codecov in codecov/codecov-action#1928

Full Changelog: codecov/codecov-action@v5.5.4...v6.0.0

v5.5.4

This is a mirror of v5.5.2. v6 will be released which requires node24

What's Changed

Revert "build(deps): bump actions/github-script from 7.0.1 to 8.0.0" by @thomasrockhu-codecov in codecov/codecov-action#1926

chore(release): 5.5.4 by @thomasrockhu-codecov in codecov/codecov-action#1927

Full Changelog: codecov/codecov-action@v5.5.3...v5.5.4

v5.5.3

What's Changed

build(deps): bump actions/github-script from 7.0.1 to 8.0.0 by @dependabot[bot] in codecov/codecov-action#1874

chore(release): bump to 5.5.3 by @thomasrockhu-codecov in codecov/codecov-action#1922

Full Changelog: codecov/codecov-action@v5.5.2...v5.5.3

v5.5.2

What's Changed

check gpg only when skip-validation = false by @maxweng-sentry in codecov/codecov-action#1894

chore: disable_search alignment by @freemanzMrojo in codecov/codecov-action#1881

chore(release): 5.5.2 by @thomasrockhu-codecov in codecov/codecov-action#1902

New Contributors

@maxweng-sentry made their first contribution in codecov/codecov-action#1894

@freemanzMrojo made their first contribution in codecov/codecov-action#1881

Full Changelog: codecov/codecov-action@v5.5.1...v5.5.2

v5.5.1

What's Changed

... (truncated)

Changelog

Sourced from codecov/codecov-action's changelog.

v5.5.2

What's Changed

Full Changelog: https://github.com/codecov/codecov-action/compare/v5.5.1..v5.5.2

v5.5.1

What's Changed

fix: overwrite pr number on fork by @thomasrockhu-codecov in codecov/codecov-action#1871

build(deps): bump actions/checkout from 4.2.2 to 5.0.0 by @app/dependabot in codecov/codecov-action#1868

build(deps): bump github/codeql-action from 3.29.9 to 3.29.11 by @app/dependabot in codecov/codecov-action#1867

fix: update to use local app/ dir by @thomasrockhu-codecov in codecov/codecov-action#1872

docs: fix typo in README by @datalater in codecov/codecov-action#1866

Document a codecov-cli version reference example by @webknjaz in codecov/codecov-action#1774

build(deps): bump github/codeql-action from 3.28.18 to 3.29.9 by @app/dependabot in codecov/codecov-action#1861

build(deps): bump ossf/scorecard-action from 2.4.1 to 2.4.2 by @app/dependabot in codecov/codecov-action#1833

Full Changelog: https://github.com/codecov/codecov-action/compare/v5.5.0..v5.5.1

v5.5.0

What's Changed

feat: upgrade wrapper to 0.2.4 by @jviall in codecov/codecov-action#1864

Pin actions/github-script by Git SHA by @martincostello in codecov/codecov-action#1859

fix: check reqs exist by @joseph-sentry in codecov/codecov-action#1835

fix: Typo in README by @spalmurray in codecov/codecov-action#1838

docs: Refine OIDC docs by @spalmurray in codecov/codecov-action#1837

build(deps): bump github/codeql-action from 3.28.17 to 3.28.18 by @app/dependabot in codecov/codecov-action#1829

Full Changelog: https://github.com/codecov/codecov-action/compare/v5.4.3..v5.5.0

v5.4.3

What's Changed

build(deps): bump github/codeql-action from 3.28.13 to 3.28.17 by @app/dependabot in codecov/codecov-action#1822

fix: OIDC on forks by @joseph-sentry in codecov/codecov-action#1823

Full Changelog: https://github.com/codecov/codecov-action/compare/v5.4.2..v5.4.3

v5.4.2

... (truncated)

Commits

e79a696 chore(release): 6.0.1 (#1949)
51e6422 fix: prevent template injection in run: steps (VULN-1652) (#1947)
57e3a13 Th/6.0.0 (#1928)
f67d33d Revert "Revert "build(deps): bump actions/github-script from 7.0.1 to 8.0.0""...
75cd116 chore(release): 5.5.4 (#1927)
87d39f4 Revert "build(deps): bump actions/github-script from 7.0.1 to 8.0.0" (#1926)
1af5884 chore(release): bump to 5.5.3 (#1922)
c143300 build(deps): bump actions/github-script from 7.0.1 to 8.0.0 (#1874)
671740a chore(release): 5.5.2 (#1902)
96b38e9 chore: disable_search alignment (#1881)
Additional commits viewable in compare view

Updates peter-evans/create-issue-from-file from 5.0.1 to 6.0.0

Release notes

Sourced from peter-evans/create-issue-from-file's releases.

Create Issue From File v6.0.0

⚙️ Requires Actions Runner v2.327.1 or later if you are using a self-hosted runner for Node 24 support.

What's Changed

Bump @types/node from 18.19.50 to 18.19.53 by @dependabot[bot] in peter-evans/create-issue-from-file#1717

Bump @vercel/ncc from 0.38.1 to 0.38.2 by @dependabot[bot] in peter-evans/create-issue-from-file#1718

Update distribution by @actions-bot in peter-evans/create-issue-from-file#1727

Bump @actions/core from 1.10.1 to 1.11.0 by @dependabot[bot] in peter-evans/create-issue-from-file#1733

Bump @types/node from 18.19.53 to 18.19.54 by @dependabot[bot] in peter-evans/create-issue-from-file#1732

Update distribution by @actions-bot in peter-evans/create-issue-from-file#1742

Bump @types/node from 18.19.54 to 18.19.55 by @dependabot[bot] in peter-evans/create-issue-from-file#1749

Bump @actions/core from 1.11.0 to 1.11.1 by @dependabot[bot] in peter-evans/create-issue-from-file#1750

Update distribution by @actions-bot in peter-evans/create-issue-from-file#1759

Bump @types/node from 18.19.55 to 18.19.56 by @dependabot[bot] in peter-evans/create-issue-from-file#1764

Bump @types/node from 18.19.56 to 18.19.59 by @dependabot[bot] in peter-evans/create-issue-from-file#1769

Bump @types/node from 18.19.59 to 18.19.63 by @dependabot[bot] in peter-evans/create-issue-from-file#1774

Bump @types/node from 18.19.63 to 18.19.64 by @dependabot[bot] in peter-evans/create-issue-from-file#1779

Bump @vercel/ncc from 0.38.2 to 0.38.3 by @dependabot[bot] in peter-evans/create-issue-from-file#1784

Bump prettier from 3.3.3 to 3.4.1 by @dependabot[bot] in peter-evans/create-issue-from-file#1789

Bump @types/node from 18.19.64 to 18.19.67 by @dependabot[bot] in peter-evans/create-issue-from-file#1790

Bump prettier from 3.4.1 to 3.4.2 by @dependabot[bot] in peter-evans/create-issue-from-file#1799

Bump @types/node from 18.19.67 to 18.19.68 by @dependabot[bot] in peter-evans/create-issue-from-file#1804

Bump @types/node from 18.19.68 to 18.19.69 by @dependabot[bot] in peter-evans/create-issue-from-file#1809

Bump @types/node from 18.19.69 to 18.19.70 by @dependabot[bot] in peter-evans/create-issue-from-file#1814

Bump @types/node from 18.19.70 to 18.19.71 by @dependabot[bot] in peter-evans/create-issue-from-file#1820

Bump eslint-plugin-prettier from 5.2.1 to 5.2.2 by @dependabot[bot] in peter-evans/create-issue-from-file#1821

Bump eslint-plugin-prettier from 5.2.2 to 5.2.3 by @dependabot[bot] in peter-evans/create-issue-from-file#1830

Bump @types/node from 18.19.71 to 18.19.74 by @dependabot[bot] in peter-evans/create-issue-from-file#1831

Bump @types/node from 18.19.74 to 18.19.75 by @dependabot[bot] in peter-evans/create-issue-from-file#1840

Bump prettier from 3.4.2 to 3.5.1 by @dependabot[bot] in peter-evans/create-issue-from-file#1846

Bump @types/node from 18.19.75 to 18.19.76 by @dependabot[bot] in peter-evans/create-issue-from-file#1845

Bump @octokit/request-error and @actions/github by @dependabot[bot] in peter-evans/create-issue-from-file#1855

Update distribution by @actions-bot in peter-evans/create-issue-from-file#1860

Bump @octokit/plugin-paginate-rest from 9.2.1 to 9.2.2 by @dependabot[bot] in peter-evans/create-issue-from-file#1865

Update distribution by @actions-bot in peter-evans/create-issue-from-file#1870

Bump prettier from 3.5.1 to 3.5.2 by @dependabot[bot] in peter-evans/create-issue-from-file#1875

Bump @octokit/request from 8.4.0 to 8.4.1 by @dependabot[bot] in peter-evans/create-issue-from-file#1880

Update distribution by @actions-bot in peter-evans/create-issue-from-file#1885
<...
Description has been truncated

dependabot · 2026-05-16T14:52:45Z

Labels

The following labels could not be found: dependencies. Please create it before Dependabot can add it to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

Bumps the actions-all group with 13 updates in the / directory: | Package | From | To | | --- | --- | --- | | [dorny/paths-filter](https://github.com/dorny/paths-filter) | `3` | `4` | | [actions/cache](https://github.com/actions/cache) | `4` | `5` | | [actions/setup-java](https://github.com/actions/setup-java) | `4.8.0` | `5.2.0` | | [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) | `3.12.0` | `4.0.0` | | [docker/metadata-action](https://github.com/docker/metadata-action) | `5.10.0` | `6.0.0` | | [docker/build-push-action](https://github.com/docker/build-push-action) | `6.19.2` | `7.1.0` | | [codecov/codecov-action](https://github.com/codecov/codecov-action) | `4.6.0` | `6.0.1` | | [peter-evans/create-issue-from-file](https://github.com/peter-evans/create-issue-from-file) | `5.0.1` | `6.0.0` | | [EmbarkStudios/cargo-deny-action](https://github.com/embarkstudios/cargo-deny-action) | `2.0.16` | `2.0.18` | | [actions/download-artifact](https://github.com/actions/download-artifact) | `4.3.0` | `8.0.1` | | [softprops/action-gh-release](https://github.com/softprops/action-gh-release) | `2.6.2` | `3.0.0` | | [trufflesecurity/trufflehog](https://github.com/trufflesecurity/trufflehog) | `3.95.2` | `3.95.3` | | [SonarSource/sonarqube-scan-action](https://github.com/sonarsource/sonarqube-scan-action) | `6.0.0` | `8.1.0` | Updates `dorny/paths-filter` from 3 to 4 - [Release notes](https://github.com/dorny/paths-filter/releases) - [Changelog](https://github.com/dorny/paths-filter/blob/master/CHANGELOG.md) - [Commits](dorny/paths-filter@v3...v4) Updates `actions/cache` from 4 to 5 - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](actions/cache@v4...v5) Updates `actions/setup-java` from 4.8.0 to 5.2.0 - [Release notes](https://github.com/actions/setup-java/releases) - [Commits](actions/setup-java@c1e3236...be666c2) Updates `docker/setup-buildx-action` from 3.12.0 to 4.0.0 - [Release notes](https://github.com/docker/setup-buildx-action/releases) - [Commits](docker/setup-buildx-action@8d2750c...4d04d5d) Updates `docker/metadata-action` from 5.10.0 to 6.0.0 - [Release notes](https://github.com/docker/metadata-action/releases) - [Commits](docker/metadata-action@c299e40...030e881) Updates `docker/build-push-action` from 6.19.2 to 7.1.0 - [Release notes](https://github.com/docker/build-push-action/releases) - [Commits](docker/build-push-action@10e90e3...bcafcac) Updates `codecov/codecov-action` from 4.6.0 to 6.0.1 - [Release notes](https://github.com/codecov/codecov-action/releases) - [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md) - [Commits](codecov/codecov-action@b9fd7d1...e79a696) Updates `peter-evans/create-issue-from-file` from 5.0.1 to 6.0.0 - [Release notes](https://github.com/peter-evans/create-issue-from-file/releases) - [Commits](peter-evans/create-issue-from-file@e8ef132...fca9117) Updates `EmbarkStudios/cargo-deny-action` from 2.0.16 to 2.0.18 - [Release notes](https://github.com/embarkstudios/cargo-deny-action/releases) - [Commits](EmbarkStudios/cargo-deny-action@175dc7f...6c8f9fa) Updates `actions/download-artifact` from 4.3.0 to 8.0.1 - [Release notes](https://github.com/actions/download-artifact/releases) - [Commits](actions/download-artifact@d3f86a1...3e5f45b) Updates `softprops/action-gh-release` from 2.6.2 to 3.0.0 - [Release notes](https://github.com/softprops/action-gh-release/releases) - [Changelog](https://github.com/softprops/action-gh-release/blob/master/CHANGELOG.md) - [Commits](softprops/action-gh-release@3bb1273...b430933) Updates `trufflesecurity/trufflehog` from 3.95.2 to 3.95.3 - [Release notes](https://github.com/trufflesecurity/trufflehog/releases) - [Commits](trufflesecurity/trufflehog@17456f8...37b7700) Updates `SonarSource/sonarqube-scan-action` from 6.0.0 to 8.1.0 - [Release notes](https://github.com/sonarsource/sonarqube-scan-action/releases) - [Commits](SonarSource/sonarqube-scan-action@fd88b7d...7006c44) --- updated-dependencies: - dependency-name: actions/cache dependency-version: '5' dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions-all - dependency-name: actions/download-artifact dependency-version: 8.0.1 dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions-all - dependency-name: actions/setup-java dependency-version: 5.2.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions-all - dependency-name: codecov/codecov-action dependency-version: 6.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions-all - dependency-name: docker/build-push-action dependency-version: 7.1.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions-all - dependency-name: docker/metadata-action dependency-version: 6.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions-all - dependency-name: docker/setup-buildx-action dependency-version: 4.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions-all - dependency-name: dorny/paths-filter dependency-version: '4' dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions-all - dependency-name: EmbarkStudios/cargo-deny-action dependency-version: 2.0.18 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: actions-all - dependency-name: peter-evans/create-issue-from-file dependency-version: 6.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions-all - dependency-name: softprops/action-gh-release dependency-version: 3.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions-all - dependency-name: SonarSource/sonarqube-scan-action dependency-version: 8.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions-all - dependency-name: trufflesecurity/trufflehog dependency-version: 3.95.3 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: actions-all ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot Bot changed the title ~~ci(deps): bump the actions-all group with 13 updates~~ ci(deps): bump the actions-all group across 1 directory with 13 updates May 21, 2026

dependabot Bot force-pushed the dependabot/github_actions/actions-all-0b0cf6e5ff branch from 9a21787 to 26bcca1 Compare May 21, 2026 00:57

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

ci(deps): bump the actions-all group across 1 directory with 13 updates#942

ci(deps): bump the actions-all group across 1 directory with 13 updates#942
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/github_actions/actions-all-0b0cf6e5ff

dependabot Bot commented on behalf of github May 16, 2026 •

edited

Loading

Uh oh!

dependabot Bot commented on behalf of github May 16, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

Conversation

dependabot Bot commented on behalf of github May 16, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

v4.0.0

What's Changed

New Contributors

v3.0.3

What's Changed

New Contributors

v3.0.2

What's Changed

New Contributors

v3.0.1

What's Changed

New Contributors

Changelog

v4.0.0

v3.0.3

v3.0.2

v3.0.1

v3.0.0

v2.11.1

v2.11.0

v2.10.2

v2.10.1

v2.10.0

v2.9.3

v2.9.2

v2.9.1

v2.9.0

v5.0.0

What's Changed

v4.3.0

What's Changed

New Contributors

v4.2.4

What's Changed

New Contributors

v4.2.3

What's Changed

New Contributors

Releases

How to prepare a release

Changelog

5.0.4

5.0.3

5.0.2

5.0.1

5.0.0

v5.2.0

What's Changed

Enhancement

Documentation Changes

Dependency Updates

New Contributors

v5.1.0

What's Changed

New Features

Bug Fixes & Improvements

Documentation changes

Dependency updates

New Contributors

v4.0.0

v6.0.0

v7.1.0

v7.0.0

v6.0.1

What's Changed

v6.0.0

⚠️ This version introduces support for node24 which make cause breaking changes for systems that do not currently support node24. ⚠️

What's Changed

v5.5.4

What's Changed

v5.5.3

What's Changed

v5.5.2

What's Changed

New Contributors

v5.5.1

What's Changed

dependabot Bot commented on behalf of github May 16, 2026 •

edited

Loading