chore(ci): bump the actions group across 1 directory with 3 updates by dependabot[bot] · Pull Request #26 · kaiiiichen/kaichen.dev

dependabot · 2026-04-17T12:09:56Z

Bumps the actions group with 3 updates in the / directory: dependabot/fetch-metadata, actions/checkout and actions/setup-node.

Updates dependabot/fetch-metadata from 2 to 3

Release notes

Sourced from dependabot/fetch-metadata's releases.

v3.0.0

The breaking change is requiring Node.js version v24 as the Actions runtime.

What's Changed

feat: Parse versions from metadata links by @ppkarwasz in dependabot/fetch-metadata#632

Upgrade actions core and actions github packages by @truggeri in dependabot/fetch-metadata#649

docs: Add notes for using alert-lookup with App Token by @sue445 in dependabot/fetch-metadata#656

feat!: update Node.js version to v24 by @sturman in dependabot/fetch-metadata#671

Switch build tooling from ncc to esbuild by @truggeri in dependabot/fetch-metadata#676

Add --legal-comments=none to esbuild build commands by @jeffwidman in dependabot/fetch-metadata#679

Bump tsconfig target from es2022 to es2024 by @jeffwidman in dependabot/fetch-metadata#680

Remove vestigial outDir from tsconfig.json by @jeffwidman in dependabot/fetch-metadata#681

Switch tsconfig module resolution to bundler by @jeffwidman in dependabot/fetch-metadata#682

Remove skipLibCheck from tsconfig.json by @jeffwidman in dependabot/fetch-metadata#683

Add typecheck step to CI by @jeffwidman in dependabot/fetch-metadata#685

Enable noImplicitAny in tsconfig.json by @jeffwidman in dependabot/fetch-metadata#684

Upgrade @actions/core to ^3.0.0 by @truggeri in dependabot/fetch-metadata#677

Upgrade @actions/github to ^9.0.0 and @octokit/request-error to ^7.1.0 by @truggeri in dependabot/fetch-metadata#678

Bump qs from 6.14.0 to 6.14.1 by @dependabot[bot] in dependabot/fetch-metadata#651

Bump hono from 4.11.1 to 4.11.4 by @dependabot[bot] in dependabot/fetch-metadata#652

Bump hono from 4.11.4 to 4.11.7 by @dependabot[bot] in dependabot/fetch-metadata#653

Bump hono from 4.11.7 to 4.12.0 by @dependabot[bot] in dependabot/fetch-metadata#657

Bump qs from 6.14.1 to 6.14.2 by @dependabot[bot] in dependabot/fetch-metadata#655

Bump @modelcontextprotocol/sdk from 1.25.1 to 1.26.0 by @dependabot[bot] in dependabot/fetch-metadata#654

Bump @hono/node-server from 1.19.9 to 1.19.10 by @dependabot[bot] in dependabot/fetch-metadata#665

Bump hono from 4.12.2 to 4.12.5 by @dependabot[bot] in dependabot/fetch-metadata#664

Bump minimatch from 3.1.2 to 3.1.5 by @dependabot[bot] in dependabot/fetch-metadata#667

Bump hono from 4.12.5 to 4.12.7 by @dependabot[bot] in dependabot/fetch-metadata#668

Bump actions/create-github-app-token from 2.2.1 to 3.0.0 by @dependabot[bot] in dependabot/fetch-metadata#669

Bump flatted from 3.3.3 to 3.4.2 by @dependabot[bot] in dependabot/fetch-metadata#670

build(deps-dev): bump picomatch from 2.3.1 to 2.3.2 by @dependabot[bot] in dependabot/fetch-metadata#674

New Contributors

@ppkarwasz made their first contribution in dependabot/fetch-metadata#632

@truggeri made their first contribution in dependabot/fetch-metadata#649

@sue445 made their first contribution in dependabot/fetch-metadata#656

@sturman made their first contribution in dependabot/fetch-metadata#671

Full Changelog: dependabot/fetch-metadata@v2...v3.0.0

v2.5.0

What's Changed

Bump actions/publish-immutable-action from 0.0.3 to 0.0.4 by @dependabot[bot] in dependabot/fetch-metadata#628

Bump the dev-dependencies group with 11 updates by @dependabot[bot] in dependabot/fetch-metadata#629

Bump actions/create-github-app-token from 2.0.6 to 2.1.1 by @dependabot[bot] in dependabot/fetch-metadata#635

Bump actions/create-github-app-token from 2.1.1 to 2.1.4 by @dependabot[bot] in dependabot/fetch-metadata#638

Bump actions/checkout from 4 to 5 by @dependabot[bot] in dependabot/fetch-metadata#636

Bump actions/setup-node from 4 to 5 by @dependabot[bot] in dependabot/fetch-metadata#637

Bump actions/setup-node from 5 to 6 by @dependabot[bot] in dependabot/fetch-metadata#639

Bump actions/create-github-app-token from 2.1.4 to 2.2.0 by @dependabot[bot] in dependabot/fetch-metadata#643

... (truncated)

Commits

ffa630c v3.0.0 (#686)
ec8fff2 Merge pull request #674 from dependabot/dependabot/npm_and_yarn/picomatch-2.3.2
caf48bd build(deps-dev): bump picomatch from 2.3.1 to 2.3.2
13d8274 Upgrade @actions/github to ^9.0.0 and @octokit/request-error to ^7.1.0 (#678)
b603099 Upgrade @actions/core from ^1.11.1 to ^3.0.0 (#677)
c5dc5b1 Enable noImplicitAny in tsconfig.json (#684)
a183f3c Add typecheck step to CI (#685)
5e17564 Remove skipLibCheck from tsconfig.json (#683)
bb56eeb Switch tsconfig module resolution to bundler (#682)
3632e3d Remove vestigial outDir from tsconfig.json (#681)
Additional commits viewable in compare view

Updates actions/checkout from 4 to 6

Release notes

Sourced from actions/checkout's releases.

v6.0.0

What's Changed

Update README to include Node.js 24 support details and requirements by @salmanmkc in actions/checkout#2248

Persist creds to a separate file by @ericsciple in actions/checkout#2286

v6-beta by @ericsciple in actions/checkout#2298

update readme/changelog for v6 by @ericsciple in actions/checkout#2311

Full Changelog: actions/checkout@v5.0.0...v6.0.0

v6-beta

What's Changed

Updated persist-credentials to store the credentials under $RUNNER_TEMP instead of directly in the local git config.

This requires a minimum Actions Runner version of v2.329.0 to access the persisted credentials for Docker container action scenarios.

v5.0.1

What's Changed

Port v6 cleanup to v5 by @ericsciple in actions/checkout#2301

Full Changelog: actions/checkout@v5...v5.0.1

v5.0.0

What's Changed

Update actions checkout to use node 24 by @salmanmkc in actions/checkout#2226

Prepare v5.0.0 release by @salmanmkc in actions/checkout#2238

⚠️ Minimum Compatible Runner Version

v2.327.1
Release Notes

Make sure your runner is updated to this version or newer to use this release.

Full Changelog: actions/checkout@v4...v5.0.0

v4.3.1

What's Changed

Port v6 cleanup to v4 by @ericsciple in actions/checkout#2305

Full Changelog: actions/checkout@v4...v4.3.1

v4.3.0

What's Changed

docs: update README.md by @motss in actions/checkout#1971

Add internal repos for checking out multiple repositories by @mouismail in actions/checkout#1977

Documentation update - add recommended permissions to Readme by @benwells in actions/checkout#2043

... (truncated)

Changelog

Sourced from actions/checkout's changelog.

Changelog

v6.0.2

Fix tag handling: preserve annotations and explicit fetch-tags by @ericsciple in actions/checkout#2356

v6.0.1

Add worktree support for persist-credentials includeIf by @ericsciple in actions/checkout#2327

v6.0.0

Persist creds to a separate file by @ericsciple in actions/checkout#2286

Update README to include Node.js 24 support details and requirements by @salmanmkc in actions/checkout#2248

v5.0.1

Port v6 cleanup to v5 by @ericsciple in actions/checkout#2301

v5.0.0

Update actions checkout to use node 24 by @salmanmkc in actions/checkout#2226

v4.3.1

Port v6 cleanup to v4 by @ericsciple in actions/checkout#2305

v4.3.0

docs: update README.md by @motss in actions/checkout#1971

Add internal repos for checking out multiple repositories by @mouismail in actions/checkout#1977

Documentation update - add recommended permissions to Readme by @benwells in actions/checkout#2043

Adjust positioning of user email note and permissions heading by @joshmgross in actions/checkout#2044

Update README.md by @nebuk89 in actions/checkout#2194

Update CODEOWNERS for actions by @TingluoHuang in actions/checkout#2224

Update package dependencies by @salmanmkc in actions/checkout#2236

v4.2.2

url-helper.ts now leverages well-known environment variables by @jww3 in actions/checkout#1941

Expand unit test coverage for isGhes by @jww3 in actions/checkout#1946

v4.2.1

Check out other refs/* by commit if provided, fall back to ref by @orhantoy in actions/checkout#1924

v4.2.0

Add Ref and Commit outputs by @lucacome in actions/checkout#1180

Dependency updates by @dependabot- actions/checkout#1777, actions/checkout#1872

v4.1.7

Bump the minor-npm-dependencies group across 1 directory with 4 updates by @dependabot in actions/checkout#1739

Bump actions/checkout from 3 to 4 by @dependabot in actions/checkout#1697

Check out other refs/* by commit by @orhantoy in actions/checkout#1774

Pin actions/checkout's own workflows to a known, good, stable version. by @jww3 in actions/checkout#1776

v4.1.6

Check platform to set archive extension appropriately by @cory-miller in actions/checkout#1732

... (truncated)

Commits

de0fac2 Fix tag handling: preserve annotations and explicit fetch-tags (#2356)
064fe7f Add orchestration_id to git user-agent when ACTIONS_ORCHESTRATION_ID is set (...
8e8c483 Clarify v6 README (#2328)
033fa0d Add worktree support for persist-credentials includeIf (#2327)
c2d88d3 Update all references from v5 and v4 to v6 (#2314)
1af3b93 update readme/changelog for v6 (#2311)
71cf226 v6-beta (#2298)
069c695 Persist creds to a separate file (#2286)
ff7abcd Update README to include Node.js 24 support details and requirements (#2248)
08c6903 Prepare v5.0.0 release (#2238)
Additional commits viewable in compare view

Updates actions/setup-node from 4 to 6

Release notes

Sourced from actions/setup-node's releases.

v6.0.0

What's Changed

Breaking Changes

Limit automatic caching to npm, update workflows and documentation by @priyagupta108 in actions/setup-node#1374

Dependency Upgrades

Upgrade ts-jest from 29.1.2 to 29.4.1 and document breaking changes in v5 by @dependabot[bot] in #1336

Upgrade prettier from 2.8.8 to 3.6.2 by @dependabot[bot] in #1334

Upgrade actions/publish-action from 0.3.0 to 0.4.0 by @dependabot[bot] in #1362

Full Changelog: actions/setup-node@v5...v6.0.0

v5.0.0

What's Changed

Breaking Changes

Enhance caching in setup-node with automatic package manager detection by @priya-kinthali in actions/setup-node#1348

This update, introduces automatic caching when a valid packageManager field is present in your package.json. This aims to improve workflow performance and make dependency management more seamless. To disable this automatic caching, set package-manager-cache: false
steps:
- uses: actions/checkout@v5
- uses: actions/setup-node@v5
  with:
    package-manager-cache: false
Upgrade action to use node24 by @salmanmkc in actions/setup-node#1325

Make sure your runner is on version v2.327.1 or later to ensure compatibility with this release. See Release Notes

Dependency Upgrades

Upgrade @octokit/request-error and @actions/github by @dependabot[bot] in actions/setup-node#1227

Upgrade uuid from 9.0.1 to 11.1.0 by @dependabot[bot] in actions/setup-node#1273

Upgrade undici from 5.28.5 to 5.29.0 by @dependabot[bot] in actions/setup-node#1295

Upgrade form-data to bring in fix for critical vulnerability by @gowridurgad in actions/setup-node#1332

Upgrade actions/checkout from 4 to 5 by @dependabot[bot] in actions/setup-node#1345

New Contributors

@priya-kinthali made their first contribution in actions/setup-node#1348

@salmanmkc made their first contribution in actions/setup-node#1325

Full Changelog: actions/setup-node@v4...v5.0.0

v4.4.0

... (truncated)

Commits

53b8394 Bump minimatch from 3.1.2 to 3.1.5 (#1498)
54045ab Scope test lockfiles by package manager and update cache tests (#1495)
c882bff Replace uuid with crypto.randomUUID() (#1378)
774c1d6 feat(node-version-file): support parsing devEngines field (#1283)
efcb663 fix: remove hardcoded bearer (#1467)
d02c89d Fix npm audit issues (#1491)
6044e13 Docs: bump actions/checkout from v5 to v6 (#1468)
8e49463 Fix README typo (#1226)
621ac41 README.md: bump to latest released checkout version v6 (#1446)
2951748 Bump @actions/cache to v5.0.1 (#1449)
Additional commits viewable in compare view

dependabot · 2026-04-17T12:09:57Z

Labels

The following labels could not be found: ci. Please create it before Dependabot can add it to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

vercel · 2026-04-17T12:09:59Z

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Actions	Updated (UTC)
kaichen.dev	Ready	Preview, Comment	Apr 17, 2026 0:18am

kaiiiichen · 2026-04-17T12:13:44Z

Rebasing onto latest main so CI runs clean.

@dependabot rebase

Bumps the actions group with 3 updates: [dependabot/fetch-metadata](https://github.com/dependabot/fetch-metadata), [actions/checkout](https://github.com/actions/checkout) and [actions/setup-node](https://github.com/actions/setup-node). Updates `dependabot/fetch-metadata` from 2 to 3 - [Release notes](https://github.com/dependabot/fetch-metadata/releases) - [Commits](dependabot/fetch-metadata@v2...v3) Updates `actions/checkout` from 4 to 6 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@v4...v6) Updates `actions/setup-node` from 4 to 6 - [Release notes](https://github.com/actions/setup-node/releases) - [Commits](actions/setup-node@v4...v6) --- updated-dependencies: - dependency-name: dependabot/fetch-metadata dependency-version: '3' dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions - dependency-name: actions/checkout dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions - dependency-name: actions/setup-node dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot Bot added the dependencies Pull requests that update a dependency file label Apr 17, 2026

This was referenced Apr 17, 2026

chore(deps): bump actions/setup-node from 4 to 6 #17

Closed

chore(deps): bump actions/checkout from 4 to 6 #18

Closed

vercel Bot deployed to Preview April 17, 2026 12:11 View deployment

dependabot Bot changed the title ~~chore(ci): bump the actions group with 3 updates~~ chore(ci): bump the actions group across 1 directory with 3 updates Apr 17, 2026

dependabot Bot force-pushed the dependabot/github_actions/actions-3647cf7641 branch from dcda03d to d1639a3 Compare April 17, 2026 12:14

vercel Bot deployed to Preview April 17, 2026 12:18 View deployment

kaiiiichen merged commit 5ade237 into main Apr 17, 2026
4 checks passed

dependabot Bot deleted the dependabot/github_actions/actions-3647cf7641 branch April 17, 2026 12:30

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore(ci): bump the actions group across 1 directory with 3 updates#26

chore(ci): bump the actions group across 1 directory with 3 updates#26
kaiiiichen merged 1 commit intomainfrom
dependabot/github_actions/actions-3647cf7641

dependabot Bot commented on behalf of github Apr 17, 2026 •

edited

Loading

Uh oh!

dependabot Bot commented on behalf of github Apr 17, 2026

Uh oh!

vercel Bot commented Apr 17, 2026 •

edited

Loading

Uh oh!

kaiiiichen commented Apr 17, 2026

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

Conversation

dependabot Bot commented on behalf of github Apr 17, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

v3.0.0

What's Changed

New Contributors

v2.5.0

What's Changed

v6.0.0

What's Changed

v6-beta

What's Changed

v5.0.1

What's Changed

v5.0.0

What's Changed

⚠️ Minimum Compatible Runner Version

v4.3.1

What's Changed

v4.3.0

What's Changed

Changelog

v6.0.2

v6.0.1

v6.0.0

v5.0.1

v5.0.0

v4.3.1

v4.3.0

v4.2.2

v4.2.1

v4.2.0

v4.1.7

v4.1.6

v6.0.0

What's Changed

v5.0.0

What's Changed

Breaking Changes

Dependency Upgrades

New Contributors

v4.4.0

Uh oh!

dependabot Bot commented on behalf of github Apr 17, 2026

Labels

Uh oh!

vercel Bot commented Apr 17, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

Uh oh!

kaiiiichen commented Apr 17, 2026

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

dependabot Bot commented on behalf of github Apr 17, 2026 •

edited

Loading

vercel Bot commented Apr 17, 2026 •

edited

Loading