Skip to content

chore(deps): bump the ci group with 3 updates#1852

Merged
frewilhelm merged 1 commit intomainfrom
dependabot/github_actions/ci-8ca93a5684
Mar 6, 2026
Merged

chore(deps): bump the ci group with 3 updates#1852
frewilhelm merged 1 commit intomainfrom
dependabot/github_actions/ci-8ca93a5684

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Mar 6, 2026

Bumps the ci group with 3 updates: github/codeql-action, docker/metadata-action and docker/build-push-action.

Updates github/codeql-action from 4.32.5 to 4.32.6

Release notes

Sourced from github/codeql-action's releases.

v4.32.6

  • Update default CodeQL bundle version to 2.24.3. #3548
Commits
  • 0d579ff Merge pull request #3551 from github/update-v4.32.6-72d2d850d
  • d4c6be7 Update changelog for v4.32.6
  • 72d2d85 Merge pull request #3548 from github/update-bundle/codeql-bundle-v2.24.3
  • 23f983c Merge pull request #3544 from github/dependabot/github_actions/dot-github/wor...
  • 832e97c Merge pull request #3545 from github/dependabot/github_actions/dot-github/wor...
  • 5ef38c0 Merge pull request #3546 from github/dependabot/npm_and_yarn/tar-7.5.10
  • 80c9cda Add changelog note
  • f2669dd Update default bundle to codeql-bundle-v2.24.3
  • bd03c44 Merge branch 'main' into dependabot/github_actions/dot-github/workflows/actio...
  • 102d762 Bump tar from 7.5.7 to 7.5.10
  • Additional commits viewable in compare view

Updates docker/metadata-action from 5.10.0 to 6.0.0

Release notes

Sourced from docker/metadata-action's releases.

v6.0.0

Full Changelog: docker/metadata-action@v5.10.0...v6.0.0

Commits
  • 030e881 Merge pull request #607 from crazy-max/allow-comments
  • 4b529ac chore: update generated content
  • b0082b3 preserve comments in list input values with commentNoInfix
  • 7b19fec Merge pull request #604 from docker/dependabot/npm_and_yarn/docker/actions-to...
  • 281c9b0 chore: update generated content
  • 5f43b3b test: stabilize github mock setup since ESM
  • 9d53276 github class moved since actions-toolkit v0.77.0
  • eaa3d39 chore(deps): Bump @​docker/actions-toolkit from 0.68.0 to 0.77.0
  • 6b695f7 Merge pull request #605 from crazy-max/node24
  • a1afadc node 24 as default runtime
  • Additional commits viewable in compare view

Updates docker/build-push-action from 6.19.2 to 7.0.0

Release notes

Sourced from docker/build-push-action's releases.

v7.0.0

Full Changelog: docker/build-push-action@v6.19.2...v7.0.0

Commits
  • d08e5c3 Merge pull request #1479 from docker/dependabot/npm_and_yarn/docker/actions-t...
  • cbd2dff chore: update generated content
  • f76f51f chore(deps): Bump @​docker/actions-toolkit from 0.78.0 to 0.79.0
  • 7d03e66 Merge pull request #1473 from crazy-max/rm-deprecated-envs
  • 98f853d chore: update generated content
  • cadccf6 remove deprecated envs
  • 03fe877 Merge pull request #1478 from docker/dependabot/github_actions/docker/setup-b...
  • 827e366 chore(deps): Bump docker/setup-buildx-action from 3 to 4
  • e25db87 Merge pull request #1474 from crazy-max/rm-export-build-tool
  • 1ac2573 Merge pull request #1470 from crazy-max/node24
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
chore(deps): bump the ci group with 3 updates
8a137b9 
Bumps the ci group with 3 updates: [github/codeql-action](https://github.com/github/codeql-action), [docker/metadata-action](https://github.com/docker/metadata-action) and [docker/build-push-action](https://github.com/docker/build-push-action).


Updates `github/codeql-action` from 4.32.5 to 4.32.6
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](github/codeql-action@c793b71...0d579ff)

Updates `docker/metadata-action` from 5.10.0 to 6.0.0
- [Release notes](https://github.com/docker/metadata-action/releases)
- [Commits](docker/metadata-action@c299e40...030e881)

Updates `docker/build-push-action` from 6.19.2 to 7.0.0
- [Release notes](https://github.com/docker/build-push-action/releases)
- [Commits](docker/build-push-action@10e90e3...d08e5c3)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-version: 4.32.6
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: ci
- dependency-name: docker/metadata-action
  dependency-version: 6.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: ci
- dependency-name: docker/build-push-action
  dependency-version: 7.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: ci
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added component/github-actions Changes on GitHub Actions or within `.github/` directory kind/chore chore, maintenance, etc. kind/dependency dependency update, etc. kind/skip-release-notes Pull request will not appear in release notes labels Mar 6, 2026
@dependabot dependabot bot requested a review from a team as a code owner March 6, 2026 08:28
@dependabot dependabot bot added component/github-actions Changes on GitHub Actions or within `.github/` directory kind/skip-release-notes Pull request will not appear in release notes kind/dependency dependency update, etc. kind/chore chore, maintenance, etc. labels Mar 6, 2026
@github-actions github-actions bot added the size/xs Extra small label Mar 6, 2026
@frewilhelm frewilhelm merged commit 7a23813 into main Mar 6, 2026
20 checks passed
@dependabot dependabot bot deleted the dependabot/github_actions/ci-8ca93a5684 branch March 6, 2026 08:50
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@frewilhelm frewilhelm frewilhelm approved these changes

Assignees

No one assigned

Labels

component/github-actions Changes on GitHub Actions or within `.github/` directory kind/chore chore, maintenance, etc. kind/dependency dependency update, etc. kind/skip-release-notes Pull request will not appear in release notes size/xs Extra small

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@frewilhelm