Skip to content

chore(deps): bump the actions group with 4 updates#25

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/github_actions/actions-3c942663da
Open

chore(deps): bump the actions group with 4 updates#25
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/github_actions/actions-3c942663da

Conversation

@dependabot
Copy link
Copy Markdown

@dependabot dependabot Bot commented on behalf of github May 1, 2026
edited
Loading

Bumps the actions group with 4 updates: actions/checkout, googleapis/release-please-action, actions/create-github-app-token and cycjimmy/semantic-release-action.

Updates actions/checkout from 4 to 6

Release notes

Sourced from actions/checkout's releases.

v6.0.0

What's Changed

Full Changelog: actions/checkout@v5.0.0...v6.0.0

v6-beta

What's Changed

Updated persist-credentials to store the credentials under $RUNNER_TEMP instead of directly in the local git config.

This requires a minimum Actions Runner version of v2.329.0 to access the persisted credentials for Docker container action scenarios.

v5.0.1

What's Changed

Full Changelog: actions/checkout@v5...v5.0.1

v5.0.0

What's Changed

⚠️ Minimum Compatible Runner Version

v2.327.1
Release Notes

Make sure your runner is updated to this version or newer to use this release.

Full Changelog: actions/checkout@v4...v5.0.0

v4.3.1

What's Changed

Full Changelog: actions/checkout@v4...v4.3.1

v4.3.0

What's Changed

... (truncated)

Changelog

Sourced from actions/checkout's changelog.

Changelog

v6.0.2

v6.0.1

v6.0.0

v5.0.1

v5.0.0

v4.3.1

v4.3.0

v4.2.2

v4.2.1

v4.2.0

v4.1.7

v4.1.6

... (truncated)

Commits

Updates googleapis/release-please-action from 4 to 5

Release notes

Sourced from googleapis/release-please-action's releases.

v5.0.0

5.0.0 (2026-04-22)

⚠ BREAKING CHANGES

  • upgrade to node24 (#1188)

Features

Bug Fixes

  • bump release-please from 17.3.0 to 17.6.0 (#1199) (f533c26)

v4.4.1

4.4.1 (2026-02-20)

Bug Fixes

  • bump release-please from 17.1.3 to 17.3.0 (#1183) (ef9c274)

v4.4.0

4.4.0 (2025-10-09)

Features

  • add ability to select versioning-strategy and release-as (#1121) (ee0f5ba)

Bug Fixes

  • changelog-host parameter ignored when using manifest configuration (#1151) (535c413)
  • bump mocha from 11.7.1 to 11.7.2 in the npm_and_yarn group across 1 directory (#1149) (3612a99)
  • bump release-please from 17.1.2 to 17.1.3 (#1158) (66fbfe9)

v4.3.0

4.3.0 (2025-08-20)

Features

  • deps: update release-please to 17.1.2 (f07192c)

v4.2.0

4.2.0 (2025-03-07)

... (truncated)

Changelog

Sourced from googleapis/release-please-action's changelog.

4.1.1 (2024-05-14)

Bug Fixes

  • bump release-please from 16.10.0 to 16.10.2 (#969) (aa764e0)
  • bump the npm_and_yarn group with 1 update (#967) (ce529d4)

4.1.0 (2024-03-11)

Features

  • add changelog-host input to action.yml (#948) (863b06f)

4.0.3 (2024-03-11)

Bug Fixes

  • bump release-please from 16.5.0 to 16.10.0 (#953) (d7e88e0)

4.0.2 (2023-12-18)

Bug Fixes

4.0.1 (2023-12-07)

Bug Fixes

  • bump release-please from 16.3.1 to 16.4.0 (#897) (2463dad)

4.0.0 (2023-12-01)

⚠ BREAKING CHANGES

  • remove most configuration options in favor of manifest configuration to configure the release-please-action
  • rewrite in typescript
  • remove command option in favor of setting release-type and skip-github-release/skip-github-pull-request
  • run on node20
  • deps: upgrade release-please to v16
  • v4 release

Features

... (truncated)

Commits

Updates actions/create-github-app-token from 1 to 3

Release notes

Sourced from actions/create-github-app-token's releases.

v3.0.0

3.0.0 (2026-03-14)

Bug Fixes

BREAKING CHANGES

  • Custom proxy handling has been removed. If you use HTTP_PROXY or HTTPS_PROXY, you must now also set NODE_USE_ENV_PROXY=1 on the action step.
  • Requires Actions Runner v2.327.1 or later if you are using a self-hosted runner.

v3.0.0-beta.6

3.0.0-beta.6 (2026-03-13)

Bug Fixes

  • deps: bump @​actions/core from 1.11.1 to 3.0.0 (#337) (b044133)
  • deps: bump minimatch from 9.0.5 to 9.0.9 (#335) (5cbc656)
  • deps: bump the production-dependencies group with 4 updates (#336) (6bda5bc)
  • deps: bump undici from 7.16.0 to 7.18.2 (#323) (b4f638f)

v3.0.0-beta.5

3.0.0-beta.5 (2026-03-13)

  • fix!: require NODE_USE_ENV_PROXY for proxy support (#342) (d53a1cd)

BREAKING CHANGES

  • Custom proxy handling has been removed. If you use HTTP_PROXY or HTTPS_PROXY, you must now also set NODE_USE_ENV_PROXY=1 on the action step.

v3.0.0-beta.4

3.0.0-beta.4 (2026-03-13)

Bug Fixes

  • deps: bump @​octokit/auth-app from 7.2.1 to 8.0.1 (#257) (bef1eaf)
  • deps: bump @​octokit/request from 9.2.3 to 10.0.2 (#256) (5d7307b)
  • deps: bump glob from 10.4.5 to 10.5.0 (#305) (5480f43)
  • deps: bump p-retry from 6.2.1 to 7.1.0 (#294) (dce3be8)

... (truncated)

Commits
  • 1b10c78 build(release): 3.1.1 [skip ci]
  • 07e2b76 fix: improve error message when app identifier is empty (#362)
  • ea01216 ci: remove publish-immutable-action workflow (#361)
  • 7bd0371 build(release): 3.1.0 [skip ci]
  • e6bd4e6 feat: add client-id input and deprecate app-id (#353)
  • 076e948 feat: update permission inputs (#358)
  • 3bbe07d fix(deps): bump p-retry from 7.1.1 to 8.0.0 (#357)
  • 28a99e3 build(deps-dev): bump c8 from 10.1.3 to 11.0.0
  • 4df5060 build(deps-dev): bump open-cli from 8.0.0 to 9.0.0
  • 4843c53 build(deps-dev): bump the development-dependencies group with 3 updates
  • Additional commits viewable in compare view

Updates cycjimmy/semantic-release-action from 4 to 6

Release notes

Sourced from cycjimmy/semantic-release-action's releases.

v6.0.0

6.0.0 (2025-11-17)

Features

  • deps: update semantic-release to version 25 (9246c0b)

BREAKING CHANGES

  • deps: Update semantic-release to version 25

v5.0.2

5.0.2 (2025-10-10)

Bug Fixes

  • further fix of result handling in windUpJob.task.js (451bf1f), closes #264

v5.0.1

5.0.1 (2025-10-09)

Bug Fixes

  • improves result handling in windUpJob.task.js (4267eee)

v5.0.0

5.0.0 (2025-08-30)

Features

  • update node version on runner to 24 (7869323)

BREAKING CHANGES

  • this action now runs using node 24

... (truncated)

Changelog

Sourced from cycjimmy/semantic-release-action's changelog.

4.2.2 (2025-07-04)

Bug Fixes

  • cleanupNpmrc.task.js: Use @​actions/io to remove .npmrc (b7db0cb)

4.2.1 (2025-06-07)

Bug Fixes

  • update marked terminal to v7.3.0 (b52fa1b)

4.2.0 (2025-03-14)

Features

  • add ability to unset GITHUB_ACTION env var (266ea7e)

4.1.1 (2024-09-25)

Bug Fixes

  • default use semantic-release@24 (c22487b)

4.1.0 (2024-03-19)

Bug Fixes

  • fix syntax error for importing (4297675)

Features

  • add repository_url input (8dffec4)

4.0.0 (2023-08-31)

Features

  • update node version on runner to 20 (0c20554)

BREAKING CHANGES

... (truncated)

Commits
  • b12c8f6 chore(release): 6.0.0 [skip ci]
  • f80bc73 Merge pull request #273 from cycjimmy/feat-update-semantic-release-to-version-25
  • 0891297 docs(readme): update semantic-release-action to v6
  • 9246c0b feat(deps): update semantic-release to version 25
  • e878abf Merge pull request #272 from cycjimmy/dependabot/npm_and_yarn/js-yaml-4.1.1
  • acd6d5d build(deps): bump js-yaml from 4.1.0 to 4.1.1
  • 100d1fb Merge pull request #270 from cycjimmy/dependabot/npm_and_yarn/actions/io-2.0.0
  • ea00aee build(deps): bump @​actions/io from 1.1.3 to 2.0.0
  • e03fa18 Merge pull request #266 from cycjimmy/dependabot/github_actions/actions/setup...
  • 36bdefb build(deps): bump actions/setup-node from 5 to 6
  • Additional commits viewable in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

@dependabot
chore(deps): bump the actions group with 4 updates
dd8e9a9 
Bumps the actions group with 4 updates: [actions/checkout](https://github.com/actions/checkout), [googleapis/release-please-action](https://github.com/googleapis/release-please-action), [actions/create-github-app-token](https://github.com/actions/create-github-app-token) and [cycjimmy/semantic-release-action](https://github.com/cycjimmy/semantic-release-action).


Updates `actions/checkout` from 4 to 6
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](actions/checkout@v4...v6)

Updates `googleapis/release-please-action` from 4 to 5
- [Release notes](https://github.com/googleapis/release-please-action/releases)
- [Changelog](https://github.com/googleapis/release-please-action/blob/main/CHANGELOG.md)
- [Commits](googleapis/release-please-action@v4...v5)

Updates `actions/create-github-app-token` from 1 to 3
- [Release notes](https://github.com/actions/create-github-app-token/releases)
- [Commits](actions/create-github-app-token@v1...v3)

Updates `cycjimmy/semantic-release-action` from 4 to 6
- [Release notes](https://github.com/cycjimmy/semantic-release-action/releases)
- [Changelog](https://github.com/cycjimmy/semantic-release-action/blob/main/docs/CHANGELOG.md)
- [Commits](cycjimmy/semantic-release-action@v4...v6)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-version: '6'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: actions
- dependency-name: googleapis/release-please-action
  dependency-version: '5'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: actions
- dependency-name: actions/create-github-app-token
  dependency-version: '3'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: actions
- dependency-name: cycjimmy/semantic-release-action
  dependency-version: '6'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: actions
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels May 1, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants