chore(deps): bump the actions-group group across 1 directory with 4 updates#11
Merged
GianRomani merged 1 commit intoJul 14, 2026
Merged
Conversation
✅ Deploy Preview for gianfree-notes ready!
To edit notification comments on pull requests, go to your Netlify project configuration. |
| steps: | ||
| - name: Checkout Code | ||
| uses: actions/checkout@v4 | ||
| uses: actions/checkout@v7 |
|
|
||
| - name: Lint GitHub Workflows (Prevents runner vulnerabilities) | ||
| uses: devops-actions/actionlint@v0.1.3 | ||
| uses: devops-actions/actionlint@v0.1.12 |
|
|
||
| - name: Set up Python (Using uv for ultra-fast package caching) | ||
| uses: astral-sh/setup-uv@v5 | ||
| uses: astral-sh/setup-uv@v7 |
| steps: | ||
| - name: Checkout Code | ||
| uses: actions/checkout@v4 | ||
| uses: actions/checkout@v7 |
|
|
||
| - name: Upload Semgrep results to GitHub Security | ||
| uses: github/codeql-action/upload-sarif@v3 | ||
| uses: github/codeql-action/upload-sarif@v4 |
| steps: | ||
| - name: Checkout Code | ||
| uses: actions/checkout@v4 | ||
| uses: actions/checkout@v7 |
|
|
||
| - name: Upload Trivy results to GitHub Security | ||
| uses: github/codeql-action/upload-sarif@v3 | ||
| uses: github/codeql-action/upload-sarif@v4 |
Owner
|
@dependabot recreate |
…pdates Bumps the actions-group group with 4 updates in the / directory: [actions/checkout](https://github.com/actions/checkout), [devops-actions/actionlint](https://github.com/devops-actions/actionlint), [astral-sh/setup-uv](https://github.com/astral-sh/setup-uv) and [github/codeql-action](https://github.com/github/codeql-action). Updates `actions/checkout` from 4 to 7 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@v4...v7) Updates `devops-actions/actionlint` from 0.1.3 to 0.1.12 - [Release notes](https://github.com/devops-actions/actionlint/releases) - [Commits](devops-actions/actionlint@v0.1.3...v0.1.12) Updates `astral-sh/setup-uv` from 5 to 7 - [Release notes](https://github.com/astral-sh/setup-uv/releases) - [Commits](astral-sh/setup-uv@v5...v7) Updates `github/codeql-action` from 3 to 4 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@v3...v4) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: '7' dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions-group - dependency-name: astral-sh/setup-uv dependency-version: '7' dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions-group - dependency-name: devops-actions/actionlint dependency-version: 0.1.12 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: actions-group - dependency-name: github/codeql-action dependency-version: '4' dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions-group ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot
Bot
force-pushed
the
dependabot/github_actions/actions-group-4577e629a5
branch
from
July 14, 2026 12:34
1fc8dd0 to
950da30
Compare
dependabot
Bot
deleted the
dependabot/github_actions/actions-group-4577e629a5
branch
July 14, 2026 12:37
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Bumps the actions-group group with 4 updates in the / directory: actions/checkout, devops-actions/actionlint, astral-sh/setup-uv and github/codeql-action.
Updates
actions/checkoutfrom 4 to 7Release notes
Sourced from actions/checkout's releases.
... (truncated)
Changelog
Sourced from actions/checkout's changelog.
... (truncated)
Commits
9c091bbupdate error wording (#2467)1044a6dgetting ready for checkout v7 release (#2464)f028218Bump the minor-npm-dependencies group across 1 directory with 3 updates (#2462)d914b26upgrade module to esm and update dependencies (#2463)537c7efBump@actions/coreand@actions/tool-cacheand Remove uuid (#2459)130a169Bump js-yaml from 4.1.0 to 4.2.0 (#2461)7d09575Bump flatted from 3.3.1 to 3.4.2 (#2460)0f9f3aaBump actions/publish-immutable-action (#2458)f9e715ablock checking out fork pr for pull_request_target and workflow_run (#2454)df4cb1cUpdate changelog for v6.0.3 (#2446)Updates
devops-actions/actionlintfrom 0.1.3 to 0.1.12Release notes
Sourced from devops-actions/actionlint's releases.
... (truncated)
Commits
9fb9c19Bump step-security/harden-runner from 2.17.0 to 2.19.0 (#188)91ec07fchore: suppress noisy/intentional superlinter failures (#189)49e9c6efix: sync workflows with devops-actions/.github standards (#184)adeaf98Bump step-security/harden-runner from 2.16.1 to 2.17.0 (#185)8197fc6Bump actions/upload-artifact from 7.0.0 to 7.0.1 (#186)15f4517Update actionlint version to 1.7.12 (#182)428bd55chore: add actions-example-checker workflow (#183)cbddaffMerge pull request #181 from devops-actions/dependabot/github_actions/step-se...b186092Bump step-security/harden-runner from 2.16.0 to 2.16.156ca104Prevent spurious PRs from key-order-only changes in settings.json (#179)Updates
astral-sh/setup-uvfrom 5 to 7Release notes
Sourced from astral-sh/setup-uv's releases.
... (truncated)
Commits
37802adFetch uv from Astral's mirror by default (#809)9f00d18chore(deps): bump zizmorcore/zizmor-action from 0.5.0 to 0.5.2 (#808)fd8f376Switch to ESM for source and test, use CommonJS for dist (#806)f9070deBump deps (#805)cadb67bchore: update known checksums for 0.10.10 (#804)e06108dUse astral-sh/versions as primary version provider (#802)0f6ec07docs: replace copilot instructions with AGENTS.md (#794)821e5c9docs: add cross-client dependabot rollup skill (#793)6ee6290chore(deps): bump versions (#792)9f332a1Add riscv64 architecture support to platform detection (#791)Updates
github/codeql-actionfrom 3 to 4Release notes
Sourced from github/codeql-action's releases.
... (truncated)
Changelog
Sourced from github/codeql-action's changelog.
... (truncated)
Commits
b987514Rebuilda04a87cUpdate changelog and version after v4.36.354f647bMerge pull request #3984 from github/update-v4.36.3-1f34ec164e78819eTrigger checksc1e7c7aMerge pull request #3981 from github/mario-campos/runCliJson50bd53bMerge pull request #3989 from github/dependabot/npm_and_yarn/js-yaml-5.1.0289efcaRe-addforceQuotes: true