Skip to content

build(deps): Bump the github-actions group with 6 updates#2

Closed
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/github_actions/github-actions-babf53ddcf
Closed

build(deps): Bump the github-actions group with 6 updates#2
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/github_actions/github-actions-babf53ddcf

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 7, 2026

Copy link
Copy Markdown

Bumps the github-actions group with 6 updates:

Package From To
actions/checkout 4 7
actions/setup-node 4 6
codecov/codecov-action 5 7
withastro/action 3 6
actions/deploy-pages 4 5
peter-evans/create-pull-request 6 8

Updates actions/checkout from 4 to 7

Release notes

Sourced from actions/checkout's releases.

v7.0.0

What's Changed

New Contributors

Full Changelog: actions/checkout@v6.0.3...v7.0.0

v6.0.3

What's Changed

New Contributors

Full Changelog: actions/checkout@v6...v6.0.3

v6.0.2

What's Changed

Full Changelog: actions/checkout@v6.0.1...v6.0.2

v6.0.1

What's Changed

Full Changelog: actions/checkout@v6...v6.0.1

v6.0.0

What's Changed

... (truncated)

Changelog

Sourced from actions/checkout's changelog.

Changelog

v7.0.0

v6.0.3

v6.0.2

v6.0.1

v6.0.0

v5.0.1

v5.0.0

v4.3.1

v4.3.0

v4.2.2

v4.2.1

... (truncated)

Commits

Updates actions/setup-node from 4 to 6

Release notes

Sourced from actions/setup-node's releases.

v6.0.0

What's Changed

Breaking Changes

Dependency Upgrades

Full Changelog: actions/setup-node@v5...v6.0.0

v5.0.0

What's Changed

Breaking Changes

This update, introduces automatic caching when a valid packageManager field is present in your package.json. This aims to improve workflow performance and make dependency management more seamless. To disable this automatic caching, set package-manager-cache: false

steps:
- uses: actions/checkout@v5
- uses: actions/setup-node@v5
  with:
    package-manager-cache: false

Make sure your runner is on version v2.327.1 or later to ensure compatibility with this release. See Release Notes

Dependency Upgrades

New Contributors

Full Changelog: actions/setup-node@v4...v5.0.0

v4.4.0

... (truncated)

Commits

Updates codecov/codecov-action from 5 to 7

Release notes

Sourced from codecov/codecov-action's releases.

v7.0.0

⚠️ Due to migration issues with keybase, we are unable to update our keys under the codecovsecurity account. We have deleted the account and are using codecovsecops with the original gpg key

What's Changed

Full Changelog: codecov/codecov-action@v6.0.1...v7.0.0

v6.0.2

This is a copy of the v7.0.0 release to make updates easier

What's Changed

Full Changelog: codecov/codecov-action@v6.0.1...v6.0.2

v6.0.1

What's Changed

Full Changelog: codecov/codecov-action@v6.0.0...v6.0.1

v6.0.0

⚠️ This version introduces support for node24 which make cause breaking changes for systems that do not currently support node24. ⚠️

What's Changed

Full Changelog: codecov/codecov-action@v5.5.4...v6.0.0

v5.5.5

This release only contains the keybase.io change as described here.

Full Changelog: codecov/codecov-action@v5.5.4...v5.5.5

v5.5.4

This is a mirror of v5.5.2. v6 will be released which requires node24

What's Changed

... (truncated)

Changelog

Sourced from codecov/codecov-action's changelog.

v5.5.2

What's Changed

Full Changelog: https://github.com/codecov/codecov-action/compare/v5.5.1..v5.5.2

v5.5.1

What's Changed

Full Changelog: https://github.com/codecov/codecov-action/compare/v5.5.0..v5.5.1

v5.5.0

What's Changed

Full Changelog: https://github.com/codecov/codecov-action/compare/v5.4.3..v5.5.0

v5.4.3

What's Changed

Full Changelog: https://github.com/codecov/codecov-action/compare/v5.4.2..v5.4.3

v5.4.2

... (truncated)

Commits

Updates withastro/action from 3 to 6

Release notes

Sourced from withastro/action's releases.

v6.0.0

Changelog

  • chore(action): update dependencies for Node, PNPM, Bun, and cache actions @​ollecoffee (#96)

See details of all code changes since previous release.

v5.2.0

Changelog

See details of all code changes since previous release.

v5.1.0

Changelog

See details of all code changes since previous release.

v5.0.2

Changelog

See details of all code changes since previous release.

v5.0.1

Changelog

See details of all code changes since previous release.

v5.0.0

Changelog

  • Update GitHub action versions @​delucis (#85)
  • This release ensures all dependencies are now using pinned versions for improved security and compatibility with GitHub’s “Require actions to be pinned to a full-length commit SHA” setting
  • This release updates the version of upload-pages-artifact used to v4.0.0. See https://github.com/actions/upload-pages-artifact/releases/tag/v4.0.0 for breaking changes.

See details of all code changes since previous release.

v4.2.1

Changelog

... (truncated)

Commits
  • b7d5362 Pin upload-pages-artifact to v5 SHA (#102)
  • 4470635 Use upload-pages-artifact action again (#101)
  • 1e076ba Update action version in README (#97)
  • 74d664f chore(action): update dependencies for Node, PNPM, Bun, and cache actions (#96)
  • 15aa0a5 feat(action): add astro build output directory (#94)
  • fc88a70 feat(action): add astro build cache support (#92)
  • fd83e9d Bump versions of GitHub workflow actions (#90)
  • 9811f92 Fix support for .well-known and other routes with a leading . (#88)
  • 3457608 Bring README.md up to date (#86)
  • 2226b56 Update GitHub action versions (#85)
  • Additional commits viewable in compare view

Updates actions/deploy-pages from 4 to 5

Release notes

Sourced from actions/deploy-pages's releases.

v5.0.0

Changelog


See details of all code changes since previous release.

⚠️ For use with products other than GitHub.com, such as GitHub Enterprise Server, please consult the compatibility table.

v4.0.5

Changelog


See details of all code changes since previous release.

⚠️ For use with products other than GitHub.com, such as GitHub Enterprise Server, please consult the compatibility table.

v4.0.4

Changelog


See details of all code changes since previous release.

⚠️ For use with products other than GitHub.com, such as GitHub Enterprise Server, please consult the compatibility table.

v4.0.3

Changelog

... (truncated)

Commits
  • cd2ce8f Merge pull request #404 from salmanmkc/node24
  • bbe2a95 Update Node.js version to 24.x
  • 854d7aa Merge pull request #374 from actions/Jcambass-patch-1
  • 306bb81 Add workflow file for publishing releases to immutable action package
  • b742728 Merge pull request #360 from actions/dependabot/npm_and_yarn/npm_and_yarn-513...
  • 7273294 Bump braces in the npm_and_yarn group across 1 directory
  • 963791f Merge pull request #361 from actions/dependabot-friendly
  • 51bb29d Make the rebuild dist workflow safer for Dependabot
  • 89f3d10 Merge pull request #358 from actions/dependabot/npm_and_yarn/non-breaking-cha...
  • bce7355 Merge branch 'main' into dependabot/npm_and_yarn/non-breaking-changes-99c12deb21
  • Additional commits viewable in compare view

Updates peter-evans/create-pull-request from 6 to 8

Release notes

Sourced from peter-evans/create-pull-request's releases.

Create Pull Request v8.0.0

What's new in v8

What's Changed

New Contributors

Full Changelog: peter-evans/create-pull-request@v7.0.11...v8.0.0

Create Pull Request v7.0.11

What's Changed

Full Changelog: peter-evans/create-pull-request@v7.0.10...v7.0.11

Create Pull Request v7.0.10

⚙️ Fixes an issue where updating a pull request failed when targeting a forked repository with the same owner as its parent.

What's Changed

New Contributors

Full Changelog: peter-evans/create-pull-request@v7.0.9...v7.0.10

Create Pull Request v7.0.9

⚙️ Fixes an incompatibility with the recently released actions/checkout@v6.

What's Changed

New Contributors

... (truncated)

Commits
  • 5f6978f fix: retry post-creation API calls on 422 eventual consistency errors (#4356)
  • d32e88d build(deps-dev): bump the npm group with 3 updates (#4349)
  • 8170bcc build(deps-dev): bump handlebars from 4.7.8 to 4.7.9 (#4344)
  • 0041819 build(deps): bump picomatch (#4339)
  • b993918 build(deps-dev): bump flatted from 3.3.1 to 3.4.2 (#4334)
  • 36d7c84 build(deps-dev): bump undici from 6.23.0 to 6.24.0 (#4328)
  • a45d1fb build(deps): bump @​tootallnate/once and jest-environment-jsdom (#4323)
  • 3499eb6 build(deps): bump the github-actions group with 2 updates (#4316)
  • 3f3b473 build(deps): bump minimatch (#4311)
  • 6699836 build(deps-dev): bump the npm group with 2 updates (#4305)
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the github-actions group with 6 updates:

| Package | From | To |
| --- | --- | --- |
| [actions/checkout](https://github.com/actions/checkout) | `4` | `7` |
| [actions/setup-node](https://github.com/actions/setup-node) | `4` | `6` |
| [codecov/codecov-action](https://github.com/codecov/codecov-action) | `5` | `7` |
| [withastro/action](https://github.com/withastro/action) | `3` | `6` |
| [actions/deploy-pages](https://github.com/actions/deploy-pages) | `4` | `5` |
| [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) | `6` | `8` |


Updates `actions/checkout` from 4 to 7
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](actions/checkout@v4...v7)

Updates `actions/setup-node` from 4 to 6
- [Release notes](https://github.com/actions/setup-node/releases)
- [Commits](actions/setup-node@v4...v6)

Updates `codecov/codecov-action` from 5 to 7
- [Release notes](https://github.com/codecov/codecov-action/releases)
- [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md)
- [Commits](codecov/codecov-action@v5...v7)

Updates `withastro/action` from 3 to 6
- [Release notes](https://github.com/withastro/action/releases)
- [Commits](withastro/action@v3...v6)

Updates `actions/deploy-pages` from 4 to 5
- [Release notes](https://github.com/actions/deploy-pages/releases)
- [Commits](actions/deploy-pages@v4...v5)

Updates `peter-evans/create-pull-request` from 6 to 8
- [Release notes](https://github.com/peter-evans/create-pull-request/releases)
- [Commits](peter-evans/create-pull-request@v6...v8)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-version: '7'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions
- dependency-name: actions/setup-node
  dependency-version: '6'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions
- dependency-name: codecov/codecov-action
  dependency-version: '7'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions
- dependency-name: withastro/action
  dependency-version: '6'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions
- dependency-name: actions/deploy-pages
  dependency-version: '5'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions
- dependency-name: peter-evans/create-pull-request
  dependency-version: '8'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Jul 7, 2026
@dependabot @github

dependabot Bot commented on behalf of github Jul 8, 2026

Copy link
Copy Markdown
Author

Looks like these dependencies are no longer updatable, so this is no longer needed.

@dependabot dependabot Bot closed this Jul 8, 2026
@dependabot dependabot Bot deleted the dependabot/github_actions/github-actions-babf53ddcf branch July 8, 2026 00:39
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants