Bump the actions-dependencies group across 1 directory with 11 updates #1272

dependabot · 2025-04-15T19:15:49Z

Bumps the actions-dependencies group with 11 updates in the /.github/workflows directory:

Package	From	To
actions/checkout	`4.1.1`	`4.2.2`
actions/deploy-pages	`4.0.3`	`4.0.5`
seanmiddleditch/gha-setup-ninja	`5`	`6`
actions/upload-artifact	`4.3.1`	`4.6.2`
actions/setup-python	`5.0.0`	`5.5.0`
github/codeql-action	`3.23.2`	`3.28.15`
actions/download-artifact	`4.1.8`	`4.2.1`
actions/upload-pages-artifact	`3.0.0`	`3.0.1`
TheMrMilchmann/setup-msvc-dev	`3.0.0`	`3.0.1`
aquasecurity/trivy-action	`0.17.0`	`0.30.0`
ossf/scorecard-action	`2.3.1`	`2.4.1`

Updates actions/checkout from 4.1.1 to 4.2.2

Release notes

Sourced from actions/checkout's releases.

v4.2.2

What's Changed

url-helper.ts now leverages well-known environment variables by @jww3 in actions/checkout#1941

Expand unit test coverage for isGhes by @jww3 in actions/checkout#1946

Full Changelog: actions/checkout@v4.2.1...v4.2.2

v4.2.1

What's Changed

Check out other refs/* by commit if provided, fall back to ref by @orhantoy in actions/checkout#1924

New Contributors

@Jcambass made their first contribution in actions/checkout#1919

Full Changelog: actions/checkout@v4.2.0...v4.2.1

v4.2.0

What's Changed

Add Ref and Commit outputs by @lucacome in actions/checkout#1180

Dependabot updates in actions/checkout#1777 & actions/checkout#1872

New Contributors

@yasonk made their first contribution in actions/checkout#1869

@lucacome made their first contribution in actions/checkout#1180

Full Changelog: actions/checkout@v4.1.7...v4.2.0

v4.1.7

What's Changed

Bump the minor-npm-dependencies group across 1 directory with 4 updates by @dependabot in actions/checkout#1739

Bump actions/checkout from 3 to 4 by @dependabot in actions/checkout#1697

Check out other refs/* by commit by @orhantoy in actions/checkout#1774

Pin actions/checkout's own workflows to a known, good, stable version. by @jww3 in actions/checkout#1776

New Contributors

@orhantoy made their first contribution in actions/checkout#1774

Full Changelog: actions/checkout@v4.1.6...v4.1.7

v4.1.6

What's Changed

Check platform to set archive extension appropriately by @cory-miller in actions/checkout#1732

Update for 4.1.6 release by @cory-miller in actions/checkout#1733

Full Changelog: actions/checkout@v4.1.5...v4.1.6

v4.1.5

What's Changed

... (truncated)

Changelog

Sourced from actions/checkout's changelog.

Changelog

v4.2.2

url-helper.ts now leverages well-known environment variables by @jww3 in actions/checkout#1941

Expand unit test coverage for isGhes by @jww3 in actions/checkout#1946

v4.2.1

Check out other refs/* by commit if provided, fall back to ref by @orhantoy in actions/checkout#1924

v4.2.0

Add Ref and Commit outputs by @lucacome in actions/checkout#1180

Dependency updates by @dependabot- actions/checkout#1777, actions/checkout#1872

v4.1.7

Bump the minor-npm-dependencies group across 1 directory with 4 updates by @dependabot in actions/checkout#1739

Bump actions/checkout from 3 to 4 by @dependabot in actions/checkout#1697

Check out other refs/* by commit by @orhantoy in actions/checkout#1774

Pin actions/checkout's own workflows to a known, good, stable version. by @jww3 in actions/checkout#1776

v4.1.6

Check platform to set archive extension appropriately by @cory-miller in actions/checkout#1732

v4.1.5

Update NPM dependencies by @cory-miller in actions/checkout#1703

Bump github/codeql-action from 2 to 3 by @dependabot in actions/checkout#1694

Bump actions/setup-node from 1 to 4 by @dependabot in actions/checkout#1696

Bump actions/upload-artifact from 2 to 4 by @dependabot in actions/checkout#1695

README: Suggest user.email to be 41898282+github-actions[bot]@users.noreply.github.com by @cory-miller in actions/checkout#1707

v4.1.4

Disable extensions.worktreeConfig when disabling sparse-checkout by @jww3 in actions/checkout#1692

Add dependabot config by @cory-miller in actions/checkout#1688

Bump the minor-actions-dependencies group with 2 updates by @dependabot in actions/checkout#1693

Bump word-wrap from 1.2.3 to 1.2.5 by @dependabot in actions/checkout#1643

v4.1.3

Check git version before attempting to disable sparse-checkout by @jww3 in actions/checkout#1656

Add SSH user parameter by @cory-miller in actions/checkout#1685

Update actions/checkout version in update-main-version.yml by @jww3 in actions/checkout#1650

v4.1.2

Fix: Disable sparse checkout whenever sparse-checkout option is not present @dscho in actions/checkout#1598

v4.1.1

Correct link to GitHub Docs by @peterbe in actions/checkout#1511

Link to release page from what's new section by @cory-miller in actions/checkout#1514

v4.1.0

Add support for partial checkout filters

... (truncated)

Commits

11bd719 Prepare 4.2.2 Release (#1953)
e3d2460 Expand unit test coverage (#1946)
163217d url-helper.ts now leverages well-known environment variables. (#1941)
eef6144 Prepare 4.2.1 release (#1925)
6b42224 Add workflow file for publishing releases to immutable action package (#1919)
de5a000 Check out other refs/* by commit if provided, fall back to ref (#1924)
d632683 Prepare 4.2.0 release (#1878)
6d193bf Bump braces from 3.0.2 to 3.0.3 (#1777)
db0cee9 Bump the minor-npm-dependencies group across 1 directory with 4 updates (#1872)
b684943 Add Ref and Commit outputs (#1180)
Additional commits viewable in compare view

Updates actions/deploy-pages from 4.0.3 to 4.0.5

Release notes

Sourced from actions/deploy-pages's releases.

v4.0.5

Changelog

On API error, the error message will surface the API request ID @TooManyBees (#324)

Bump the non-breaking-changes group with 2 updates @dependabot (#318)

Bump the non-breaking-changes group with 1 update @dependabot (#316)

Bump the non-breaking-changes group with 3 updates @dependabot (#314)

Bump release-drafter/release-drafter from 5.25.0 to 6.0.0 @dependabot (#311)

See details of all code changes since previous release.

⚠️ For use with products other than GitHub.com, such as GitHub Enterprise Server, please consult the compatibility table.

v4.0.4

Changelog

Update api-client.js @lmammino (#295)

fix typo: compatibilty -> compatibility @SimonSiefke (#298)

Bump @actions/artifact from 2.0.1 to 2.1.1 @dependabot (#310)

Update Dependabot config to group non-breaking changes @JamesMGreene (#307)

See details of all code changes since previous release.

⚠️ For use with products other than GitHub.com, such as GitHub Enterprise Server, please consult the compatibility table.

Commits

d6db901 Merge pull request #324 from actions/error-message-request-id
055f425 compile changes
5ab929b Include request id in the error message of an error response
3ff795b Merge pull request #318 from actions/dependabot/npm_and_yarn/non-breaking-cha...
f5a2f0d Update distributables after Dependabot 🤖
1364cde Bump the non-breaking-changes group with 2 updates
2ed07f7 Merge pull request #316 from actions/dependabot/npm_and_yarn/non-breaking-cha...
d5a892b Bump the non-breaking-changes group with 1 update
05977f5 Merge pull request #314 from actions/dependabot/npm_and_yarn/non-breaking-cha...
9414024 Update distributables after Dependabot 🤖
Additional commits viewable in compare view

Updates seanmiddleditch/gha-setup-ninja from 5 to 6

Release notes

Sourced from seanmiddleditch/gha-setup-ninja's releases.

v6

Support and default to ninja 1.12.1

Support Windows and Linux 64-bit ARM builds of ninja

Added winarm64 and linux-aarch64 options to platform input

Update dependencies

Commits

3b1f8f9 Bump undici from 5.28.4 to 5.28.5 (#33)
7fa4bc0 matrix: include: v1.12.1 on ubuntu-24.04-arm (#34)
78f0be8 Add Ninja 1.12.1 support, including improved platform detection (#29)
d3403b5 Add Ninja v1.12.1 to the testing (#32)
See full diff in compare view

Updates actions/upload-artifact from 4.3.1 to 4.6.2

Release notes

Sourced from actions/upload-artifact's releases.

v4.6.2

What's Changed

Update to use artifact 2.3.2 package & prepare for new upload-artifact release by @salmanmkc in actions/upload-artifact#685

New Contributors

@salmanmkc made their first contribution in actions/upload-artifact#685

Full Changelog: actions/upload-artifact@v4...v4.6.2

v4.6.1

What's Changed

Update to use artifact 2.2.2 package by @yacaovsnc in actions/upload-artifact#673

Full Changelog: actions/upload-artifact@v4...v4.6.1

v4.6.0

What's Changed

Expose env vars to control concurrency and timeout by @yacaovsnc in actions/upload-artifact#662

Full Changelog: actions/upload-artifact@v4...v4.6.0

v4.5.0

What's Changed

fix: deprecated Node.js version in action by @hamirmahal in actions/upload-artifact#578

Add new artifact-digest output by @bdehamer in actions/upload-artifact#656

New Contributors

@hamirmahal made their first contribution in actions/upload-artifact#578

@bdehamer made their first contribution in actions/upload-artifact#656

Full Changelog: actions/upload-artifact@v4.4.3...v4.5.0

v4.4.3

What's Changed

Undo indirect dependency updates from #627 by @joshmgross in actions/upload-artifact#632

Full Changelog: actions/upload-artifact@v4.4.2...v4.4.3

v4.4.2

What's Changed

Bump @actions/artifact to 2.1.11 by @robherley in actions/upload-artifact#627

Includes fix for relative symlinks not resolving properly

Full Changelog: actions/upload-artifact@v4.4.1...v4.4.2

v4.4.1

... (truncated)

Commits

ea165f8 Merge pull request #685 from salmanmkc/salmanmkc/3-new-upload-artifacts-release
0839620 Prepare for new release of actions/upload-artifact with new toolkit cache ver...
4cec3d8 Merge pull request #673 from actions/yacaovsnc/artifact_2.2.2
e9fad96 license cache update for artifact
b26fd06 Update to use artifact 2.2.2 package
65c4c4a Merge pull request #662 from actions/yacaovsnc/add_variable_for_concurrency_a...
0207619 move files back to satisfy licensed ci
1ecca81 licensed cache updates
9742269 Expose env vars to controll concurrency and timeout
6f51ac0 Merge pull request #656 from bdehamer/bdehamer/artifact-digest
Additional commits viewable in compare view

Updates actions/setup-python from 5.0.0 to 5.5.0

Release notes

Sourced from actions/setup-python's releases.

v5.5.0

What's Changed

Enhancements:

Support free threaded Python versions like '3.13t' by @colesbury in actions/setup-python#973

Enhance Workflows: Include ubuntu-arm runners, Add e2e Testing for free threaded and Upgrade @action/cache from 4.0.0 to 4.0.3 by @priya-kinthali in actions/setup-python#1056

Add support for .tool-versions file in setup-python by @mahabaleshwars in actions/setup-python#1043

Bug fixes:

Fix architecture for pypy on Linux ARM64 by @mayeut in actions/setup-python#1011 This update maps arm64 to aarch64 for Linux ARM64 PyPy installations.

Dependency updates:

Upgrade @vercel/ncc from 0.38.1 to 0.38.3 by @dependabot in actions/setup-python#1016

Upgrade @actions/glob from 0.4.0 to 0.5.0 by @dependabot in actions/setup-python#1015

New Contributors

@colesbury made their first contribution in actions/setup-python#973

@mahabaleshwars made their first contribution in actions/setup-python#1043

Full Changelog: actions/setup-python@v5...v5.5.0

v5.4.0

What's Changed

Enhancements:

Update cache error message by @aparnajyothi-y in actions/setup-python#968

Enhance Workflows: Add Ubuntu-24, Remove Python 3.8 by @priya-kinthali in actions/setup-python#985

Configure Dependabot settings by @HarithaVattikuti in actions/setup-python#1008

Documentation changes:

Readme update - recommended permissions by @benwells in actions/setup-python#1009

Improve Advanced Usage examples by @lrq3000 in actions/setup-python#645

Dependency updates:

Upgrade undici from 5.28.4 to 5.28.5 by @dependabot in actions/setup-python#1012

Upgrade urllib3 from 1.25.9 to 1.26.19 in /tests/data by @dependabot in actions/setup-python#895

Upgrade actions/publish-immutable-action from 0.0.3 to 0.0.4 by @dependabot in actions/setup-python#1014

Upgrade @actions/http-client from 2.2.1 to 2.2.3 by @dependabot in actions/setup-python#1020

Upgrade requests from 2.24.0 to 2.32.2 in /tests/data by @dependabot in actions/setup-python#1019

Upgrade @actions/cache to ^4.0.0 by @priyagupta108 in actions/setup-python#1007

New Contributors

@benwells made their first contribution in actions/setup-python#1009

@HarithaVattikuti made their first contribution in actions/setup-python#1008

@lrq3000 made their first contribution in actions/setup-python#645

Full Changelog: actions/setup-python@v5...v5.4.0

v5.3.0

What's Changed

Add workflow file for publishing releases to immutable action package by @Jcambass in actions/setup-python#941

Upgrade IA publish by @Jcambass in actions/setup-python#943

Bug Fixes:

Normalise Line Endings to Ensure Cross-Platform Consistency by @priya-kinthali in actions/setup-python#938

Revise isGhes logic by @jww3 in actions/setup-python#963

... (truncated)

Commits

8d9ed9a Add e2e Testing for free threaded and Bump @action/cache from 4.0.0 to 4.0.3 ...
19e4675 Add support for .tool-versions file in setup-python (#1043)
6fd11e1 Bump @actions/glob from 0.4.0 to 0.5.0 (#1015)
9e62be8 Support free threaded Python versions like '3.13t' (#973)
6ca8e85 Bump @vercel/ncc from 0.38.1 to 0.38.3 (#1016)
8039c45 fix: install PyPy on Linux ARM64 (#1011)
4237552 Improve Advanced Usage examples (#645)
709bfa5 Bump requests from 2.24.0 to 2.32.2 in /tests/data (#1019)
ceb20b2 Bump @actions/http-client from 2.2.1 to 2.2.3 (#1020)
0dc2d2c Bump actions/publish-immutable-action from 0.0.3 to 0.0.4 (#1014)
Additional commits viewable in compare view

Updates github/codeql-action from 3.23.2 to 3.28.15

Release notes

Sourced from github/codeql-action's releases.

v3.28.15

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.28.15 - 07 Apr 2025

Fix bug where the action would fail if it tried to produce a debug artifact with more than 65535 files. #2842

See the full CHANGELOG.md for more information.

v3.28.14

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.28.14 - 07 Apr 2025

Update default CodeQL bundle version to 2.21.0. #2838

See the full CHANGELOG.md for more information.

v3.28.13

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.28.13 - 24 Mar 2025

No user facing changes.

See the full CHANGELOG.md for more information.

v3.28.12

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.28.12 - 19 Mar 2025

Dependency caching should now cache more dependencies for Java build-mode: none extractions. This should speed up workflows and avoid inconsistent alerts in some cases.

Update default CodeQL bundle version to 2.20.7. #2810

See the full CHANGELOG.md for more information.

v3.28.11

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

... (truncated)

Changelog

Sourced from github/codeql-action's changelog.

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

[UNRELEASED]

No user facing changes.

3.28.15 - 07 Apr 2025

Fix bug where the action would fail if it tried to produce a debug artifact with more than 65535 files. #2842

3.28.14 - 07 Apr 2025

Update default CodeQL bundle version to 2.21.0. #2838

3.28.13 - 24 Mar 2025

No user facing changes.

3.28.12 - 19 Mar 2025

Dependency caching should now cache more dependencies for Java build-mode: none extractions. This should speed up workflows and avoid inconsistent alerts in some cases.

Update default CodeQL bundle version to 2.20.7. #2810

3.28.11 - 07 Mar 2025

Update default CodeQL bundle version to 2.20.6. #2793

3.28.10 - 21 Feb 2025

Update default CodeQL bundle version to 2.20.5. #2772

Address an issue where the CodeQL Bundle would occasionally fail to decompress on macOS. #2768

3.28.9 - 07 Feb 2025

Update default CodeQL bundle version to 2.20.4. #2753

3.28.8 - 29 Jan 2025

Enable support for Kotlin 2.1.10 when running with CodeQL CLI v2.20.3. #2744

3.28.7 - 29 Jan 2025

No user facing changes.

3.28.6 - 27 Jan 2025

Re-enable debug artifact upload for CLI versions 2.20.3 or greater. #2726

... (truncated)

Commits

45775bd Merge pull request #2854 from github/update-v3.28.15-a35ae8c38
dd78aab Update CHANGELOG.md with bug fix details
e40af59 Update changelog for v3.28.15
a35ae8c Merge pull request #2843 from github/cklin/diff-informed-compat
bb59df6 Merge pull request #2842 from github/henrymercer/zip64
4b508f5 Merge pull request #2845 from github/mergeback/v3.28.14-to-main-fc7e4a0f
ca00afb Update checked-in dependencies
2969c78 Update changelog and version after v3.28.14
fc7e4a0 Merge pull request #2844 from github/update-v3.28.14-362ef4ce2
be0175c Update changelog for v3.28.14
Additional commits viewable in compare view

Updates actions/download-artifact from 4.1.8 to 4.2.1

Release notes

Sourced from actions/download-artifact's releases.

v4.2.1

What's Changed

Add unit tests by @GhadimiR in actions/download-artifact#392

Fix bug introduced in 4.2.0 by @GhadimiR in actions/download-artifact#391

Full Changelog: actions/download-artifact@v4.2.0...v4.2.1

v4.2.0

What's Changed

Update README.md by @lkfortuna in actions/download-artifact#384

Bump artifact version, do digest check by @GhadimiR in actions/download-artifact#383

New Contributors

@lkfortuna made their first contribution in actions/download-artifact#384

@GhadimiR made their first contribution in actions/download-artifact#383

Full Changelog: actions/download-artifact@v4.1.9...v4.2.0

v4.1.9

What's Changed

Add workflow file for publishing releases to immutable action package by @Jcambass in actions/download-artifact#354

docs: small migration fix by @froblesmartin in actions/download-artifact#370

Update MIGRATION.md by @andyfeller in actions/download-artifact#372

Update artifact package to 2.2.2 by @yacaovsnc in actions/download-artifact#380

New Contributors

@Jcambass made their first contribution in actions/download-artifact#354

@froblesmartin made their first contribution in actions/download-artifact#370

@andyfeller made their first contribution in actions/download-artifact#372

@yacaovsnc made their first contribution in actions/download-artifact#380

Full Changelog: actions/download-artifact@v4.1.8...v4.1.9

Commits

95815c3 Merge pull request #391 from GhadimiR/main
278fca4 Move log statements
6890984 Merge branch 'main' into main
f9415c0 Run unit tests in CI
76a6eb5 Merge pull request #392 from GhadimiR/add_unit_tests
a2426d7 Merge branch 'main' into add_unit_tests
3ffa694 lint
53f6aa5 Add extra assertion to download single artifact test
b456700 lint
9eab798 Configure tsconfig
Additional commits viewable in compare view

Updates actions/upload-pages-artifact from 3.0.0 to 3.0.1

Release notes

Sourced from actions/upload-pages-artifact's releases.

v3.0.1

Changelog

Group tar's output to prevent it from messing up action logs @SilverRainZ (#94)

Update README.md @uiolee (#88)

Bump the non-breaking-changes group with 1 update @dependabot (#92)

Update Dependabot config to group non-breaking changes @JamesMGreene (#91)

Bump actions/checkout from 3 to 4 @dependabot (#76)

See details of all code changes since previous release.

Commits

56afc60 Merge pull request #94 from SilverRainZ/main
d12fdfb Merge branch 'main' into main
aef5542 Merge pull request #88 from uiolee/patch-1
29cedd7 Merge branch 'main' into patch-1
a69c22e Merge pull request #92 from actions/dependabot/github_actions/non-breaking-ch...
794e304 Group tar's output to prevent it from messing up logs
14007f6 Bump the non-breaking-changes group with 1 update
0191170 Merge pull request #91 from actions/dependabot-grouping
0e7832d Update Dependabot config to group non-breaking changes
1a6d9fa Update README.md
Additional commits viewable in compare view

Updates TheMrMilchmann/setup-msvc-dev from 3.0.0 to 3.0.1

Release notes

Sourced from TheMrMilchmann/setup-msvc-dev's releases.

3.0.1

Overview

This is a maintenance release only and does not contain any behavioral change.

Commits

fb19abb Release 3.0.1
See full diff in compare view

Updates aquasecurity/trivy-action from 0.17.0 to 0.30.0

Release notes

Sourced from aquasecurity/trivy-action's releases.

v0.30.0

What's Changed

fix: Update default trivy version in README by @derrix060 in aquasecurity/trivy-action#444

fix: typo in description of an input for action.yaml by @yutatokoi in aquasecurity/trivy-action#452

Improve README/SBOM by @AB-xdev in aquasecurity/trivy-action#439

chore: bump trivy to v0.60.0 by @nikpivkin in aquasecurity/trivy-action#453

New Contributors

@derrix060 made their first contribution in aquasecurity/trivy-action#444

@yutatokoi made their first contribution in aquasecurity/trivy-action#452

@AB-xdev made their first contribution in aquasecurity/trivy-action#439

Full Changelog: aquasecurity/trivy-action@0.29.0...0.30.0

v0.29.0

What's Changed

feat: Allow skipping setup by @rvesse in aquasecurity/trivy-action#414

Fix oras command not found in "Update Trivy Cache" action by @Tiryoh in aquasecurity/trivy-action#413

Update README.md by @simar7 in aquasecurity/trivy-action#420

feat: add token for setup-trivy by @DmitriyLewen in aquasecurity/trivy-action#421

fix: bump setup-trivy and add new contrib directory path info by @DmitriyLewen in aquasecurity/trivy-action#424

docs: remove ignore-unfixed from IaC scan example by @nikpivkin in aquasecurity/trivy-action#429

chore(deps): Bump trivy to v0.57.1 by @simar7 in aquasecurity/trivy-action#434

New Contributors

@rvesse made their first contribution in aquasecurity/trivy-action#414

@Tiryoh made their first contribution in aquasecurity/trivy-action#413

Full Changelog: aquasecurity/trivy-action@0.28.0...0.29.0

v0.28.0

What's Changed

chore(deps): bump setup-trivy to v0.2.1 by @DmitriyLewen in aquasecurity/trivy-action#411

Full Changelog: aquasecurity/trivy-action@0.27.0...0.28.0

v0.27.0

What's Changed

ci: use setup-trivy to install Trivy by @DmitriyLewen in aquasecurity/trivy-action#406

chore: update description for scanners and format inputs by @nikpivkin in aquasecurity/trivy-action#407

fix: set envs only when passed by @knqyf263 in aquasecurity/trivy-action#405

Full Changelog: aquasecurity/trivy-action@0.26.0...0.27.0

v0.26.0

What's Changed

docs: add usage info about action/cache for trivy databases by @DmitriyLewen in aquasecurity/trivy-action#397

feat: store artifacts in cache by default by @knqyf263 in aquasecurity/trivy-action#399

... (truncated)

Commits

6c175e9 chore: bump trivy to v0.60.0 (#453)
53e8848 Improve README/SBOM (#439)
ef1b561 fix: typo in description of an input for action.yaml (#452)
a11da62 fix: Update default ...
Description has been truncated

Bumps the actions-dependencies group with 11 updates in the /.github/workflows directory: | Package | From | To | | --- | --- | --- | | [actions/checkout](https://github.com/actions/checkout) | `4.1.1` | `4.2.2` | | [actions/deploy-pages](https://github.com/actions/deploy-pages) | `4.0.3` | `4.0.5` | | [seanmiddleditch/gha-setup-ninja](https://github.com/seanmiddleditch/gha-setup-ninja) | `5` | `6` | | [actions/upload-artifact](https://github.com/actions/upload-artifact) | `4.3.1` | `4.6.2` | | [actions/setup-python](https://github.com/actions/setup-python) | `5.0.0` | `5.5.0` | | [github/codeql-action](https://github.com/github/codeql-action) | `3.23.2` | `3.28.15` | | [actions/download-artifact](https://github.com/actions/download-artifact) | `4.1.8` | `4.2.1` | | [actions/upload-pages-artifact](https://github.com/actions/upload-pages-artifact) | `3.0.0` | `3.0.1` | | [TheMrMilchmann/setup-msvc-dev](https://github.com/themrmilchmann/setup-msvc-dev) | `3.0.0` | `3.0.1` | | [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) | `0.17.0` | `0.30.0` | | [ossf/scorecard-action](https://github.com/ossf/scorecard-action) | `2.3.1` | `2.4.1` | Updates `actions/checkout` from 4.1.1 to 4.2.2 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@v4.1.1...11bd719) Updates `actions/deploy-pages` from 4.0.3 to 4.0.5 - [Release notes](https://github.com/actions/deploy-pages/releases) - [Commits](actions/deploy-pages@87c3283...d6db901) Updates `seanmiddleditch/gha-setup-ninja` from 5 to 6 - [Release notes](https://github.com/seanmiddleditch/gha-setup-ninja/releases) - [Commits](seanmiddleditch/gha-setup-ninja@96bed6e...3b1f8f9) Updates `actions/upload-artifact` from 4.3.1 to 4.6.2 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](actions/upload-artifact@v4.3.1...ea165f8) Updates `actions/setup-python` from 5.0.0 to 5.5.0 - [Release notes](https://github.com/actions/setup-python/releases) - [Commits](actions/setup-python@0a5c615...8d9ed9a) Updates `github/codeql-action` from 3.23.2 to 3.28.15 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@v3.23.2...45775bd) Updates `actions/download-artifact` from 4.1.8 to 4.2.1 - [Release notes](https://github.com/actions/download-artifact/releases) - [Commits](actions/download-artifact@fa0a91b...95815c3) Updates `actions/upload-pages-artifact` from 3.0.0 to 3.0.1 - [Release notes](https://github.com/actions/upload-pages-artifact/releases) - [Commits](actions/upload-pages-artifact@0252fc4...56afc60) Updates `TheMrMilchmann/setup-msvc-dev` from 3.0.0 to 3.0.1 - [Release notes](https://github.com/themrmilchmann/setup-msvc-dev/releases) - [Commits](TheMrMilchmann/setup-msvc-dev@48edcef...fb19abb) Updates `aquasecurity/trivy-action` from 0.17.0 to 0.30.0 - [Release notes](https://github.com/aquasecurity/trivy-action/releases) - [Commits](aquasecurity/trivy-action@84384bd...6c175e9) Updates `ossf/scorecard-action` from 2.3.1 to 2.4.1 - [Release notes](https://github.com/ossf/scorecard-action/releases) - [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md) - [Commits](ossf/scorecard-action@0864cf1...f49aabe) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: 4.2.2 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions-dependencies - dependency-name: actions/deploy-pages dependency-version: 4.0.5 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: actions-dependencies - dependency-name: seanmiddleditch/gha-setup-ninja dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions-dependencies - dependency-name: actions/upload-artifact dependency-version: 4.6.2 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions-dependencies - dependency-name: actions/setup-python dependency-version: 5.5.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions-dependencies - dependency-name: github/codeql-action dependency-version: 3.28.15 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions-dependencies - dependency-name: actions/download-artifact dependency-version: 4.2.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions-dependencies - dependency-name: actions/upload-pages-artifact dependency-version: 3.0.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: actions-dependencies - dependency-name: TheMrMilchmann/setup-msvc-dev dependency-version: 3.0.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: actions-dependencies - dependency-name: aquasecurity/trivy-action dependency-version: 0.30.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions-dependencies - dependency-name: ossf/scorecard-action dependency-version: 2.4.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions-dependencies ... Signed-off-by: dependabot[bot] <[email protected]>

dependabot bot added the dependencies Pull requests that update a dependency file label Apr 15, 2025

dependabot bot requested a review from a team as a code owner April 15, 2025 19:15

dependabot bot added the github_actions Pull requests that update GitHub Actions code label Apr 15, 2025

lukaszstolarczuk approved these changes Apr 16, 2025

View reviewed changes

bratpiorka approved these changes Apr 16, 2025

View reviewed changes

bratpiorka merged commit a0b25bd into main Apr 16, 2025
187 of 195 checks passed

dependabot bot deleted the dependabot/github_actions/dot-github/workflows/actions-dependencies-01ffc0d1d3 branch April 16, 2025 07:48

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Bump the actions-dependencies group across 1 directory with 11 updates #1272

Bump the actions-dependencies group across 1 directory with 11 updates #1272

Uh oh!

dependabot bot commented on behalf of github Apr 15, 2025 •

edited

Loading

Uh oh!

Uh oh!

Uh oh!

Bump the actions-dependencies group across 1 directory with 11 updates #1272

Bump the actions-dependencies group across 1 directory with 11 updates #1272

Uh oh!

Conversation

dependabot bot commented on behalf of github Apr 15, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

v4.2.2

What's Changed

v4.2.1

What's Changed

New Contributors

v4.2.0

What's Changed

New Contributors

v4.1.7

What's Changed

New Contributors

v4.1.6

What's Changed

v4.1.5

What's Changed

Changelog

v4.2.2

v4.2.1

v4.2.0

v4.1.7

v4.1.6

v4.1.5

v4.1.4

v4.1.3

v4.1.2

v4.1.1

v4.1.0

v4.0.5

Changelog

v4.0.4

Changelog

v6

v4.6.2

What's Changed

New Contributors

v4.6.1

What's Changed

v4.6.0

What's Changed

v4.5.0

What's Changed

New Contributors

v4.4.3

What's Changed

v4.4.2

What's Changed

v4.4.1

v5.5.0

What's Changed

Enhancements:

Bug fixes:

Dependency updates:

New Contributors

v5.4.0

What's Changed

Enhancements:

Documentation changes:

Dependency updates:

New Contributors

v5.3.0

What's Changed

Bug Fixes:

v3.28.15

CodeQL Action Changelog

3.28.15 - 07 Apr 2025

v3.28.14

CodeQL Action Changelog

3.28.14 - 07 Apr 2025

v3.28.13

CodeQL Action Changelog

3.28.13 - 24 Mar 2025

v3.28.12

CodeQL Action Changelog

3.28.12 - 19 Mar 2025

dependabot bot commented on behalf of github Apr 15, 2025 •

edited

Loading