Skip to content

Bump the actions group across 1 directory with 5 updates#38

Open
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/github_actions/actions-ddec5da223
Open

Bump the actions group across 1 directory with 5 updates#38
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/github_actions/actions-ddec5da223

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github May 29, 2026
edited
Loading

Bumps the actions group with 5 updates in the / directory:

Package From To
actions/checkout 4 6
generoi/github-actions 1 2
dawidd6/action-download-artifact 20 21
actions/upload-artifact 7.0.0 7.0.1
actions/setup-node 6.3.0 6.4.0

Updates actions/checkout from 4 to 6

Release notes

Sourced from actions/checkout's releases.

v6.0.0

What's Changed

Full Changelog: actions/checkout@v5.0.0...v6.0.0

v6-beta

What's Changed

Updated persist-credentials to store the credentials under $RUNNER_TEMP instead of directly in the local git config.

This requires a minimum Actions Runner version of v2.329.0 to access the persisted credentials for Docker container action scenarios.

v5.0.1

What's Changed

Full Changelog: actions/checkout@v5...v5.0.1

v5.0.0

What's Changed

⚠️ Minimum Compatible Runner Version

v2.327.1
Release Notes

Make sure your runner is updated to this version or newer to use this release.

Full Changelog: actions/checkout@v4...v5.0.0

v4.3.1

What's Changed

Full Changelog: actions/checkout@v4...v4.3.1

v4.3.0

What's Changed

... (truncated)

Commits

Updates generoi/github-actions from 1 to 2

Commits
  • 703512c feat(composer-update): refresh the open vuln PR in place instead of just comm...
  • 4af5a06 fix(vuln-scan): bump create-github-app-token v2->v3.2.0 (Node 24) (#36)
  • f1ae5f5 fix(composer-update): reach 4-segment hotfixes for <= advisory bounds (+ test...
  • 1d34fef fix(vuln-scan): escape pipe-delimited affected ranges in PR table (#34)
  • 2e72ae9 fix(composer-update): extract update logic to a script; fix no-widen abort (#31)
  • 7705c4c fix(composer-update): don't abort PR when all unhandled packages are no-widen...
  • d5d37bc composer-update: widen with ^min_safe, not the patch-pinned ~min_safe (#29)
  • faddb35 composer-update: loose-constraint fallback when tight ~X.Y.Z matches no versi...
  • 496bbe8 composer-update: emit trailing newline from build_pkg_arg (#27)
  • c765a89 composer-update: include direct-dep ancestors of transitives in update args (...
  • Additional commits viewable in compare view

Updates dawidd6/action-download-artifact from 20 to 21

Release notes

Sourced from dawidd6/action-download-artifact's releases.

v21

What's Changed

New Contributors

Full Changelog: dawidd6/action-download-artifact@v20...v21

Commits
  • b6e2e70 node_modules: update (#405)
  • 1708cb3 Download artifacts in creation order (#398)
  • 00b585a build(deps): bump filesize from 11.0.16 to 11.0.17 (#404)
  • 0414c42 build(deps): bump @​actions/core from 3.0.0 to 3.0.1 (#401)
  • c802aad build(deps): bump @​actions/github from 9.1.0 to 9.1.1 (#400)
  • ef06691 build(deps): bump fast-xml-parser from 5.5.7 to 5.7.1 (#402)
  • 026702e build(deps): bump filesize from 11.0.15 to 11.0.16 (#399)
  • 09d0677 build(deps): bump @​actions/github from 9.0.0 to 9.1.0 (#396)
  • See full diff in compare view

Updates actions/upload-artifact from 7.0.0 to 7.0.1

Release notes

Sourced from actions/upload-artifact's releases.

v7.0.1

What's Changed

Full Changelog: actions/upload-artifact@v7...v7.0.1

Commits
  • 043fb46 Merge pull request #797 from actions/yacaovsnc/update-dependency
  • 634250c Include changes in typespec/ts-http-runtime 0.3.5
  • e454baa Readme: bump all the example versions to v7 (#796)
  • 74fad66 Update the readme with direct upload details (#795)
  • See full diff in compare view

Updates actions/setup-node from 6.3.0 to 6.4.0

Release notes

Sourced from actions/setup-node's releases.

v6.4.0

What's Changed

Dependency updates:

New Contributors

Full Changelog: actions/setup-node@v6...v6.4.0

Commits

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels May 29, 2026
@dependabot
Bump the actions group across 1 directory with 5 updates
9af1084 
Bumps the actions group with 5 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [actions/checkout](https://github.com/actions/checkout) | `4` | `6` |
| [generoi/github-actions](https://github.com/generoi/github-actions) | `1` | `2` |
| [dawidd6/action-download-artifact](https://github.com/dawidd6/action-download-artifact) | `20` | `21` |
| [actions/upload-artifact](https://github.com/actions/upload-artifact) | `7.0.0` | `7.0.1` |
| [actions/setup-node](https://github.com/actions/setup-node) | `6.3.0` | `6.4.0` |



Updates `actions/checkout` from 4 to 6
- [Release notes](https://github.com/actions/checkout/releases)
- [Commits](actions/checkout@v4...v6)

Updates `generoi/github-actions` from 1 to 2
- [Commits](v1...v2)

Updates `dawidd6/action-download-artifact` from 20 to 21
- [Release notes](https://github.com/dawidd6/action-download-artifact/releases)
- [Commits](dawidd6/action-download-artifact@8305c0f...b6e2e70)

Updates `actions/upload-artifact` from 7.0.0 to 7.0.1
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](actions/upload-artifact@bbbca2d...043fb46)

Updates `actions/setup-node` from 6.3.0 to 6.4.0
- [Release notes](https://github.com/actions/setup-node/releases)
- [Commits](actions/setup-node@53b8394...48b55a0)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-version: '6'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: actions
- dependency-name: actions/setup-node
  dependency-version: 6.4.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: actions
- dependency-name: actions/upload-artifact
  dependency-version: 7.0.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: actions
- dependency-name: dawidd6/action-download-artifact
  dependency-version: '21'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: actions
- dependency-name: generoi/github-actions
  dependency-version: '2'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: actions
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/github_actions/actions-ddec5da223 branch from f86f0fa to 9af1084 Compare May 29, 2026 14:48
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants