build(deps): bump the actions group across 1 directory with 9 updates #220

dependabot · 2025-11-10T07:32:21Z

Bumps the actions group with 9 updates in the / directory:

Package	From	To
actions/checkout	`3.6.0`	`5.0.0`
actions/setup-go	`3.5.0`	`6.0.0`
golangci/golangci-lint-action	`8.0.0`	`9.0.0`
actions/setup-node	`3.8.2`	`6.0.0`
docker/setup-qemu-action	`2.2.0`	`3.7.0`
docker/setup-buildx-action	`2.10.0`	`3.11.1`
docker/login-action	`2.2.0`	`3.6.0`
goreleaser/goreleaser-action	`4.6.0`	`6.4.0`
guyarb/golang-test-annotations	`0.6.0`	`0.8.0`

Updates actions/checkout from 3.6.0 to 5.0.0

Release notes

Sourced from actions/checkout's releases.

v5.0.0

What's Changed

Update actions checkout to use node 24 by @salmanmkc in actions/checkout#2226

Prepare v5.0.0 release by @salmanmkc in actions/checkout#2238

⚠️ Minimum Compatible Runner Version

v2.327.1
Release Notes

Make sure your runner is updated to this version or newer to use this release.

Full Changelog: actions/checkout@v4...v5.0.0

v4.3.0

What's Changed

docs: update README.md by @motss in actions/checkout#1971

Add internal repos for checking out multiple repositories by @mouismail in actions/checkout#1977

Documentation update - add recommended permissions to Readme by @benwells in actions/checkout#2043

Adjust positioning of user email note and permissions heading by @joshmgross in actions/checkout#2044

Update README.md by @nebuk89 in actions/checkout#2194

Update CODEOWNERS for actions by @TingluoHuang in actions/checkout#2224

Update package dependencies by @salmanmkc in actions/checkout#2236

Prepare release v4.3.0 by @salmanmkc in actions/checkout#2237

New Contributors

@motss made their first contribution in actions/checkout#1971

@mouismail made their first contribution in actions/checkout#1977

@benwells made their first contribution in actions/checkout#2043

@nebuk89 made their first contribution in actions/checkout#2194

@salmanmkc made their first contribution in actions/checkout#2236

Full Changelog: actions/checkout@v4...v4.3.0

v4.2.2

What's Changed

url-helper.ts now leverages well-known environment variables by @jww3 in actions/checkout#1941

Expand unit test coverage for isGhes by @jww3 in actions/checkout#1946

Full Changelog: actions/checkout@v4.2.1...v4.2.2

v4.2.1

What's Changed

Check out other refs/* by commit if provided, fall back to ref by @orhantoy in actions/checkout#1924

New Contributors

@Jcambass made their first contribution in actions/checkout#1919

Full Changelog: actions/checkout@v4.2.0...v4.2.1

... (truncated)

Changelog

Sourced from actions/checkout's changelog.

Changelog

V5.0.0

Update actions checkout to use node 24 by @salmanmkc in actions/checkout#2226

V4.3.0

docs: update README.md by @motss in actions/checkout#1971

Add internal repos for checking out multiple repositories by @mouismail in actions/checkout#1977

Documentation update - add recommended permissions to Readme by @benwells in actions/checkout#2043

Adjust positioning of user email note and permissions heading by @joshmgross in actions/checkout#2044

Update README.md by @nebuk89 in actions/checkout#2194

Update CODEOWNERS for actions by @TingluoHuang in actions/checkout#2224

Update package dependencies by @salmanmkc in actions/checkout#2236

v4.2.2

url-helper.ts now leverages well-known environment variables by @jww3 in actions/checkout#1941

Expand unit test coverage for isGhes by @jww3 in actions/checkout#1946

v4.2.1

Check out other refs/* by commit if provided, fall back to ref by @orhantoy in actions/checkout#1924

v4.2.0

Add Ref and Commit outputs by @lucacome in actions/checkout#1180

Dependency updates by @dependabot- actions/checkout#1777, actions/checkout#1872

v4.1.7

Bump the minor-npm-dependencies group across 1 directory with 4 updates by @dependabot in actions/checkout#1739

Bump actions/checkout from 3 to 4 by @dependabot in actions/checkout#1697

Check out other refs/* by commit by @orhantoy in actions/checkout#1774

Pin actions/checkout's own workflows to a known, good, stable version. by @jww3 in actions/checkout#1776

v4.1.6

Check platform to set archive extension appropriately by @cory-miller in actions/checkout#1732

v4.1.5

Update NPM dependencies by @cory-miller in actions/checkout#1703

Bump github/codeql-action from 2 to 3 by @dependabot in actions/checkout#1694

Bump actions/setup-node from 1 to 4 by @dependabot in actions/checkout#1696

Bump actions/upload-artifact from 2 to 4 by @dependabot in actions/checkout#1695

README: Suggest user.email to be 41898282+github-actions[bot]@users.noreply.github.com by @cory-miller in actions/checkout#1707

v4.1.4

Disable extensions.worktreeConfig when disabling sparse-checkout by @jww3 in actions/checkout#1692

Add dependabot config by @cory-miller in actions/checkout#1688

Bump the minor-actions-dependencies group with 2 updates by @dependabot in actions/checkout#1693

Bump word-wrap from 1.2.3 to 1.2.5 by @dependabot in actions/checkout#1643

v4.1.3

... (truncated)

Commits

08c6903 Prepare v5.0.0 release (#2238)
9f26565 Update actions checkout to use node 24 (#2226)
08eba0b Prepare release v4.3.0 (#2237)
631c7dc Update package dependencies (#2236)
8edcb1b Update CODEOWNERS for actions (#2224)
09d2aca Update README.md (#2194)
85e6279 Adjust positioning of user email note and permissions heading (#2044)
009b9ae Documentation update - add recommended permissions to Readme (#2043)
cbb7224 Update README.md (#1977)
3b9b8c8 docs: update README.md (#1971)
Additional commits viewable in compare view

Updates actions/setup-go from 3.5.0 to 6.0.0

Release notes

Sourced from actions/setup-go's releases.

v6.0.0

What's Changed

Breaking Changes

Improve toolchain handling to ensure more reliable and consistent toolchain selection and management by @matthewhughes934 in actions/setup-go#460

Upgrade Nodejs runtime from node20 to node 24 by @salmanmkc in actions/setup-go#624

Make sure your runner is on version v2.327.1 or later to ensure compatibility with this release. See Release Notes

Dependency Upgrades

Upgrade @types/jest from 29.5.12 to 29.5.14 by @dependabot[bot] in actions/setup-go#589

Upgrade @actions/tool-cache from 2.0.1 to 2.0.2 by @dependabot[bot] in actions/setup-go#591

Upgrade @typescript-eslint/parser from 8.31.1 to 8.35.1 by @dependabot[bot] in actions/setup-go#590

Upgrade undici from 5.28.5 to 5.29.0 by @dependabot[bot] in actions/setup-go#594

Upgrade typescript from 5.4.2 to 5.8.3 by @dependabot[bot] in actions/setup-go#538

Upgrade eslint-plugin-jest from 28.11.0 to 29.0.1 by @dependabot[bot] in actions/setup-go#603

Upgrade form-data to bring in fix for critical vulnerability by @matthewhughes934 in actions/setup-go#618

Upgrade actions/checkout from 4 to 5 by @dependabot[bot] in actions/setup-go#631

New Contributors

@matthewhughes934 made their first contribution in actions/setup-go#618

@salmanmkc made their first contribution in actions/setup-go#624

Full Changelog: actions/setup-go@v5...v6.0.0

v5.5.0

What's Changed

Bug fixes:

Update self-hosted environment validation by @priyagupta108 in actions/setup-go#556

Add manifest validation and improve error handling by @priyagupta108 in actions/setup-go#586

Update template link by @jsoref in actions/setup-go#527

Dependency updates:

Upgrade @action/cache from 4.0.2 to 4.0.3 by @aparnajyothi-y in actions/setup-go#574

Upgrade @actions/glob from 0.4.0 to 0.5.0 by @dependabot in actions/setup-go#573

Upgrade ts-jest from 29.1.2 to 29.3.2 by @dependabot in actions/setup-go#582

Upgrade eslint-plugin-jest from 27.9.0 to 28.11.0 by @dependabot in actions/setup-go#537

New Contributors

@jsoref made their first contribution in actions/setup-go#527

Full Changelog: actions/setup-go@v5...v5.5.0

v5.4.0

What's Changed

Dependency updates :

Upgrade semver from 7.6.0 to 7.6.3 by @dependabot in actions/setup-go#535

Upgrade eslint-config-prettier from 8.10.0 to 10.0.1 by @dependabot in actions/setup-go#536

Upgrade @action/cache from 4.0.0 to 4.0.2 by @aparnajyothi-y in actions/setup-go#568

Upgrade undici from 5.28.4 to 5.28.5 by @dependabot in actions/setup-go#541

... (truncated)

Commits

4469467 Bump actions/checkout from 4 to 5 (#631)
e093d1e Node 24 upgrade (#624)
1d76b95 Improve toolchain handling (#460)
e75c3e8 Bump form-data to bring in fix for critical vulnerability (#618)
8e57b58 Bump eslint-plugin-jest from 28.11.0 to 29.0.1 (#603)
7c0b336 Bump typescript from 5.4.2 to 5.8.3 (#538)
6f26dcc Bump undici from 5.28.5 to 5.29.0 (#594)
8d4083a Bump @typescript-eslint/parser from 5.62.0 to 8.32.0 (#590)
fa96338 Bump @actions/tool-cache from 2.0.1 to 2.0.2 (#591)
4de67c0 Bump @types/jest from 29.5.12 to 29.5.14 (#589)
Additional commits viewable in compare view

Updates golangci/golangci-lint-action from 8.0.0 to 9.0.0

Release notes

Sourced from golangci/golangci-lint-action's releases.

v9.0.0

In the scope of this release, we change Nodejs runtime from node20 to node24 (https://github.blog/changelog/2025-09-19-deprecation-of-node-20-on-github-actions-runners/).

What's Changed

Changes

feat: add install-only option by @ldez in golangci/golangci-lint-action#1305

feat: support Module Plugin System by @ldez in golangci/golangci-lint-action#1306

Full Changelog: golangci/golangci-lint-action@v8.0.0...v9.0.0

Commits

0a35821 docs: update readme
043b1b8 feat: support Module Plugin System (#1306)
a66d26a feat: add install-only option (#1305)
7fe1b22 build(deps): bump the dependencies group with 2 updates (#1303)
14973f1 build(deps-dev): bump the dev-dependencies group with 2 updates (#1299)
8c2d575 build(deps): bump @types/node from 24.8.1 to 24.9.1 in the dependencies group...
b002b6e build(deps): bump actions/setup-node from 5 to 6 (#1296)
c13f4ed build(deps): bump @types/node from 24.7.2 to 24.8.1 in the dependencies group...
b68d21b docs: improve readme
06188a2 build(deps): bump github/codeql-action from 3 to 4 (#1293)
Additional commits viewable in compare view

Updates actions/setup-node from 3.8.2 to 6.0.0

Release notes

Sourced from actions/setup-node's releases.

v6.0.0

What's Changed

Breaking Changes

Limit automatic caching to npm, update workflows and documentation by @priyagupta108 in actions/setup-node#1374

Dependency Upgrades

Upgrade ts-jest from 29.1.2 to 29.4.1 and document breaking changes in v5 by @dependabot[bot] in #1336

Upgrade prettier from 2.8.8 to 3.6.2 by @dependabot[bot] in #1334

Upgrade actions/publish-action from 0.3.0 to 0.4.0 by @dependabot[bot] in #1362

Full Changelog: actions/setup-node@v5...v6.0.0

v5.0.0

What's Changed

Breaking Changes

Enhance caching in setup-node with automatic package manager detection by @priya-kinthali in actions/setup-node#1348

This update, introduces automatic caching when a valid packageManager field is present in your package.json. This aims to improve workflow performance and make dependency management more seamless. To disable this automatic caching, set package-manager-cache: false
steps:
- uses: actions/checkout@v5
- uses: actions/setup-node@v5
  with:
    package-manager-cache: false
Upgrade action to use node24 by @salmanmkc in actions/setup-node#1325

Make sure your runner is on version v2.327.1 or later to ensure compatibility with this release. See Release Notes

Dependency Upgrades

Upgrade @octokit/request-error and @actions/github by @dependabot[bot] in actions/setup-node#1227

Upgrade uuid from 9.0.1 to 11.1.0 by @dependabot[bot] in actions/setup-node#1273

Upgrade undici from 5.28.5 to 5.29.0 by @dependabot[bot] in actions/setup-node#1295

Upgrade form-data to bring in fix for critical vulnerability by @gowridurgad in actions/setup-node#1332

Upgrade actions/checkout from 4 to 5 by @dependabot[bot] in actions/setup-node#1345

New Contributors

@priya-kinthali made their first contribution in actions/setup-node#1348

@salmanmkc made their first contribution in actions/setup-node#1325

Full Changelog: actions/setup-node@v4...v5.0.0

v4.4.0

... (truncated)

Commits

2028fbc Limit automatic caching to npm, update workflows and documentation (#1374)
1342781 Bump actions/publish-action from 0.3.0 to 0.4.0 (#1362)
89d709d Bump prettier from 2.8.8 to 3.6.2 (#1334)
cd2651c Bump ts-jest from 29.1.2 to 29.4.1 (#1336)
a0853c2 Bump actions/checkout from 4 to 5 (#1345)
b7234cc Upgrade action to use node24 (#1325)
d7a1131 Enhance caching in setup-node with automatic package manager detection (#1348)
5e2628c Bumps form-data (#1332)
65becef Bump undici from 5.28.5 to 5.29.0 (#1295)
7e24a65 Bump uuid from 9.0.1 to 11.1.0 (#1273)
Additional commits viewable in compare view

Updates docker/setup-qemu-action from 2.2.0 to 3.7.0

Release notes

Sourced from docker/setup-qemu-action's releases.

v3.7.0

Bump @docker/actions-toolkit from 0.56.0 to 0.67.0 in docker/setup-qemu-action#217 docker/setup-qemu-action#230

Bump brace-expansion from 1.1.11 to 1.1.12 in docker/setup-qemu-action#220

Bump form-data from 2.5.1 to 2.5.5 in docker/setup-qemu-action#218

Bump tmp from 0.2.3 to 0.2.4 in docker/setup-qemu-action#221

Bump undici from 5.28.4 to 5.29.0 in docker/setup-qemu-action#219

Full Changelog: docker/setup-qemu-action@v3.6.0...v3.7.0

v3.6.0

Display binfmt version by @crazy-max in docker/setup-qemu-action#202

Full Changelog: docker/setup-qemu-action@v3.5.0...v3.6.0

v3.5.0

Bump @docker/actions-toolkit from 0.54.0 to 0.56.0 in docker/setup-qemu-action#205

Full Changelog: docker/setup-qemu-action@v3.4.0...v3.5.0

v3.4.0

Bump @docker/actions-toolkit from 0.49.0 to 0.54.0 in docker/setup-qemu-action#193 docker/setup-qemu-action#197

Full Changelog: docker/setup-qemu-action@v3.3.0...v3.4.0

v3.3.0

Add cache-image input to enable/disable caching of binfmt image by @crazy-max in docker/setup-qemu-action#130

Bump @actions/core from 1.10.1 to 1.11.1 in docker/setup-qemu-action#172

Bump @docker/actions-toolkit from 0.35.0 to 0.49.0 in docker/setup-qemu-action#187

Bump cross-spawn from 7.0.3 to 7.0.6 in docker/setup-qemu-action#182

Bump path-to-regexp from 6.2.2 to 6.3.0 in docker/setup-qemu-action#162

Full Changelog: docker/setup-qemu-action@v3.2.0...v3.3.0

v3.2.0

Bump @docker/actions-toolkit from 0.31.0 to 0.35.0 in docker/setup-qemu-action#154 docker/setup-qemu-action#155

Full Changelog: docker/setup-qemu-action@v3.1.0...v3.2.0

v3.1.0

Set docker.io domain for default binfmt image by @crazy-max in docker/setup-qemu-action#151

Throw error message instead of exit code by @crazy-max in docker/setup-qemu-action#129

Bump @docker/actions-toolkit from 0.12.0 to 0.31.0 in docker/setup-qemu-action#115 docker/setup-qemu-action#128 docker/setup-qemu-action#131 docker/setup-qemu-action#134 docker/setup-qemu-action#149

Bump @babel/traverse from 7.20.13 to 7.23.2 in docker/setup-qemu-action#109

Bump braces from 3.0.2 to 3.0.3 in docker/setup-qemu-action#142

Bump undici from 5.28.2 to 5.28.4 in docker/setup-qemu-action#118 docker/setup-qemu-action#127

Full Changelog: docker/setup-qemu-action@v3.0.0...v3.1.0

v3.0.0

Node 20 as default runtime (requires Actions Runner v2.308.0 or later) by @crazy-max in docker/setup-qemu-action#102

... (truncated)

Commits

c7c5346 Merge pull request #230 from docker/dependabot/npm_and_yarn/docker/actions-to...
3a517a1 chore: update generated content
a5b45ed build(deps): bump @docker/actions-toolkit from 0.62.1 to 0.67.0
3a64278 Merge pull request #220 from docker/dependabot/npm_and_yarn/brace-expansion-1...
94906ba chore: update generated content
4027abf build(deps): bump brace-expansion from 1.1.11 to 1.1.12
bee0aaa Merge pull request #221 from docker/dependabot/npm_and_yarn/tmp-0.2.4
0d7e257 chore: update generated content
b869601 build(deps): bump tmp from 0.2.3 to 0.2.4
3a043ed Merge pull request #219 from docker/dependabot/npm_and_yarn/undici-5.29.0
Additional commits viewable in compare view

Updates docker/setup-buildx-action from 2.10.0 to 3.11.1

Release notes

Sourced from docker/setup-buildx-action's releases.

v3.11.1

Fix keep-state not being respected by @crazy-max in docker/setup-buildx-action#429

Full Changelog: docker/setup-buildx-action@v3.11.0...v3.11.1

v3.11.0

Keep BuildKit state support by @crazy-max in docker/setup-buildx-action#427

Remove aliases created when installing by default by @hashhar in docker/setup-buildx-action#139

Bump @docker/actions-toolkit from 0.56.0 to 0.62.1 in docker/setup-buildx-action#422 docker/setup-buildx-action#425

Full Changelog: docker/setup-buildx-action@v3.10.0...v3.11.0

v3.10.0

Bump @docker/actions-toolkit from 0.54.0 to 0.56.0 in docker/setup-buildx-action#408

Full Changelog: docker/setup-buildx-action@v3.9.0...v3.10.0

v3.9.0

Bump @docker/actions-toolkit from 0.48.0 to 0.54.0 in docker/setup-buildx-action#402 docker/setup-buildx-action#404

Full Changelog: docker/setup-buildx-action@v3.8.0...v3.9.0

v3.8.0

Make cloud prefix optional to download buildx if driver is cloud by @crazy-max in docker/setup-buildx-action#390

Bump @actions/core from 1.10.1 to 1.11.1 in docker/setup-buildx-action#370

Bump @docker/actions-toolkit from 0.39.0 to 0.48.0 in docker/setup-buildx-action#389

Bump cross-spawn from 7.0.3 to 7.0.6 in docker/setup-buildx-action#382

Full Changelog: docker/setup-buildx-action@v3.7.1...v3.8.0

v3.7.1

Switch back to uuid package by @crazy-max in docker/setup-buildx-action#369

Full Changelog: docker/setup-buildx-action@v3.7.0...v3.7.1

v3.7.0

Always set buildkitd-flags if opt-in by @crazy-max in docker/setup-buildx-action#363

Remove uuid package and switch to crypto by @crazy-max in docker/setup-buildx-action#366

Bump @docker/actions-toolkit from 0.35.0 to 0.39.0 in docker/setup-buildx-action#362

Bump path-to-regexp from 6.2.2 to 6.3.0 in docker/setup-buildx-action#354

Full Changelog: docker/setup-buildx-action@v3.6.1...v3.7.0

v3.6.1

Check for malformed docker context by @crazy-max in docker/setup-buildx-action#347

Full Changelog: docker/setup-buildx-action@v3.6.0...v3.6.1

v3.6.0

Create temp docker context if default one has TLS data loaded before creating a container builder by @crazy-max in docker/setup-buildx-action#341

... (truncated)

Commits

e468171 Merge pull request #429 from crazy-max/fix-keep-state
a3e7502 chore: update generated content
b145473 fix keep-state not being respected
18ce135 Merge pull request #425 from docker/dependabot/npm_and_yarn/docker/actions-to...
0e198e9 chore: update generated content
05f3f3a build(deps): bump @docker/actions-toolkit from 0.61.0 to 0.62.1
6229134 Merge pull request #427 from crazy-max/keep-state
c6f6a07 chore: update generated content
6c5e29d skip builder creation if one already exists with the same name
548b297 ci: keep-state check
Additional commits viewable in compare view

Updates docker/login-action from 2.2.0 to 3.6.0

Release notes

Sourced from docker/login-action's releases.

v3.6.0

Add registry-auth input for raw authentication to registries by @crazy-max in docker/login-action#887

Bump @aws-sdk/client-ecr to 3.890.0 in docker/login-action#882 docker/login-action#890

Bump @aws-sdk/client-ecr-public to 3.890.0 in docker/login-action#882 docker/login-action#890

Bump @docker/actions-toolkit from 0.62.1 to 0.63.0 in docker/login-action#883

Bump brace-expansion from 1.1.11 to 1.1.12 in docker/login-action#880

Bump undici from 5.28.4 to 5.29.0 in docker/login-action#879

Bump tmp from 0.2.3 to 0.2.4 in docker/login-action#881

Full Changelog: docker/login-action@v3.5.0...v3.6.0

v3.5.0

Support dual-stack endpoints for AWS ECR by @Spacefish @crazy-max in docker/login-action#874 docker/login-action#876

Bump @aws-sdk/client-ecr to 3.859.0 in docker/login-action#860 docker/login-action#878

Bump @aws-sdk/client-ecr-public to 3.859.0 in docker/login-action#860 docker/login-action#878

Bump @docker/actions-toolkit from 0.57.0 to 0.62.1 in docker/login-action#870

Bump form-data from 2.5.1 to 2.5.5 in docker/login-action#875

Full Changelog: docker/login-action@v3.4.0...v3.5.0

v3.4.0

Bump @actions/core from 1.10.1 to 1.11.1 in docker/login-action#791

Bump @aws-sdk/client-ecr to 3.766.0 in docker/login-action#789 docker/login-action#856

Bump @aws-sdk/client-ecr-public to 3.758.0 in docker/login-action#789 docker/login-action#856

Bump @docker/actions-toolkit from 0.35.0 to 0.57.0 in docker/login-action#801 docker/login-action#806 docker/login-action#858

Bump cross-spawn from 7.0.3 to 7.0.6 in docker/login-action#814

Bump https-proxy-agent from 7.0.5 to 7.0.6 in docker/login-action#823

Bump path-to-regexp from 6.2.2 to 6.3.0 in docker/login-action#777

Full Changelog: docker/login-action@v3.3.0...v3.4.0

v3.3.0

Bump @docker/actions-toolkit from 0.24.0 to 0.35.0 in docker/login-action#754

Bump https-proxy-agent from 7.0.4 to 7.0.5 in docker/login-action#741

Bump braces from 3.0.2 to 3.0.3 in docker/login-action#730

Full Changelog: docker/login-action@v3.2.0...v3.3.0

v3.2.0

Improve missing username/password by @Frankkkkk in docker/login-action#706

Bump @docker/actions-toolkit from 0.18.0 to 0.24.0 in docker/login-action#715 docker/login-action#721

Bump aws-sdk-dependencies to 3.583.0 in docker/login-action#720

Bump undici from 5.28.3 to 5.28.4 in docker/login-action#694

Full Changelog: docker/login-action@v3.1.0...v3.2.0

v3.1.0

Bump @babel/traverse from 7.17.3 to 7.23.2 in docker/login-action#618

Bump @docker/actions-toolkit from 0.12.0 to 0.18.0 in docker/login-action#616 docker/login-action#636 docker/login-action#682

Bump aws-sdk dependencies to 3.529.1 in docker/login-action#624 docker/login-action#685

... (truncated)

Commits

5e57cd1 Merge pull request #890 from docker/dependabot/npm_and_yarn/aws-sdk-dependenc...
97e3143 chore: update generated content
3a0796b build(deps): bump the aws-sdk-dependencies group with 2 updates
5b7b28b Merge pull request #882 from docker/dependabot/npm_and_yarn/aws-sdk-dependenc...
abc9fb3 chore: update generated content
d468688 build(deps): bump the aws-sdk-dependencies group with 2 updates
a99b2f8 Merge pull request #883 from docker/dependabot/npm_and_yarn/docker/actions-to...
0d7fae8 chore: update generated content
9832253 build(deps): bump @docker/actions-toolkit from 0.62.1 to 0.63.0
09e05bb Merge pull request #881 from docker/dependabot/npm_and_yarn/tmp-0.2.4
Additional commits viewable in compare view

Updates goreleaser/goreleaser-action from 4.6.0 to 6.4.0

Release notes

Sourced from goreleaser/goreleaser-action's releases.

v6.4.0

What's Changed

ci: set contents read as default workflow permissions by @crazy-max in goreleaser/goreleaser-action#494

fix: support .config directory for goreleaser config files by @haya14busa in goreleaser/goreleaser-action#500

chore(deps): bump semver from 7.7.1 to 7.7.2 by @dependabot[bot] in goreleaser/goreleaser-action#495

chore(deps): bump brace-expansion from 1.1.11 to 1.1.12 by @dependabot[bot] in goreleaser/goreleaser-action#498

fix: do not get releases.json if version is specific by @caarlos0 in goreleaser/goreleaser-action#502

chore(deps): bump undici from 5.28.5 to 5.29.0 by @dependabotDescription has been truncated

Bumps the actions group with 9 updates in the / directory: | Package | From | To | | --- | --- | --- | | [actions/checkout](https://github.com/actions/checkout) | `3.6.0` | `5.0.0` | | [actions/setup-go](https://github.com/actions/setup-go) | `3.5.0` | `6.0.0` | | [golangci/golangci-lint-action](https://github.com/golangci/golangci-lint-action) | `8.0.0` | `9.0.0` | | [actions/setup-node](https://github.com/actions/setup-node) | `3.8.2` | `6.0.0` | | [docker/setup-qemu-action](https://github.com/docker/setup-qemu-action) | `2.2.0` | `3.7.0` | | [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) | `2.10.0` | `3.11.1` | | [docker/login-action](https://github.com/docker/login-action) | `2.2.0` | `3.6.0` | | [goreleaser/goreleaser-action](https://github.com/goreleaser/goreleaser-action) | `4.6.0` | `6.4.0` | | [guyarb/golang-test-annotations](https://github.com/guyarb/golang-test-annotations) | `0.6.0` | `0.8.0` | Updates `actions/checkout` from 3.6.0 to 5.0.0 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@f43a0e5...08c6903) Updates `actions/setup-go` from 3.5.0 to 6.0.0 - [Release notes](https://github.com/actions/setup-go/releases) - [Commits](actions/setup-go@6edd440...4469467) Updates `golangci/golangci-lint-action` from 8.0.0 to 9.0.0 - [Release notes](https://github.com/golangci/golangci-lint-action/releases) - [Commits](golangci/golangci-lint-action@4afd733...0a35821) Updates `actions/setup-node` from 3.8.2 to 6.0.0 - [Release notes](https://github.com/actions/setup-node/releases) - [Commits](actions/setup-node@1a4442c...2028fbc) Updates `docker/setup-qemu-action` from 2.2.0 to 3.7.0 - [Release notes](https://github.com/docker/setup-qemu-action/releases) - [Commits](docker/setup-qemu-action@2b82ce8...c7c5346) Updates `docker/setup-buildx-action` from 2.10.0 to 3.11.1 - [Release notes](https://github.com/docker/setup-buildx-action/releases) - [Commits](docker/setup-buildx-action@885d146...e468171) Updates `docker/login-action` from 2.2.0 to 3.6.0 - [Release notes](https://github.com/docker/login-action/releases) - [Commits](docker/login-action@465a078...5e57cd1) Updates `goreleaser/goreleaser-action` from 4.6.0 to 6.4.0 - [Release notes](https://github.com/goreleaser/goreleaser-action/releases) - [Commits](goreleaser/goreleaser-action@5fdedb9...e435ccd) Updates `guyarb/golang-test-annotations` from 0.6.0 to 0.8.0 - [Release notes](https://github.com/guyarb/golang-test-annotations/releases) - [Commits](guyarb/golang-test-annotations@9ab2ea8...2941118) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: 5.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions - dependency-name: actions/setup-go dependency-version: 6.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions - dependency-name: golangci/golangci-lint-action dependency-version: 9.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions - dependency-name: actions/setup-node dependency-version: 6.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions - dependency-name: docker/setup-qemu-action dependency-version: 3.7.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions - dependency-name: docker/setup-buildx-action dependency-version: 3.11.1 dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions - dependency-name: docker/login-action dependency-version: 3.6.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions - dependency-name: goreleaser/goreleaser-action dependency-version: 6.4.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions - dependency-name: guyarb/golang-test-annotations dependency-version: 0.8.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Nov 10, 2025

dependabot bot requested a review from samcm as a code owner November 10, 2025 07:32

dependabot bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Nov 10, 2025

dependabot bot force-pushed the dependabot/github_actions/actions-4d1bc1ed7d branch 2 times, most recently from b47e101 to 36e7a42 Compare December 1, 2025 09:31

dependabot bot force-pushed the dependabot/github_actions/actions-4d1bc1ed7d branch from 36e7a42 to f2a1e61 Compare December 5, 2025 07:55

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

build(deps): bump the actions group across 1 directory with 9 updates #220

build(deps): bump the actions group across 1 directory with 9 updates #220

Uh oh!

dependabot bot commented on behalf of github Nov 10, 2025 •

edited

Loading

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

build(deps): bump the actions group across 1 directory with 9 updates #220

Are you sure you want to change the base?

build(deps): bump the actions group across 1 directory with 9 updates #220

Uh oh!

Conversation

dependabot bot commented on behalf of github Nov 10, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

v5.0.0

What's Changed

⚠️ Minimum Compatible Runner Version

v4.3.0

What's Changed

New Contributors

v4.2.2

What's Changed

v4.2.1

What's Changed

New Contributors

Changelog

V5.0.0

V4.3.0

v4.2.2

v4.2.1

v4.2.0

v4.1.7

v4.1.6

v4.1.5

v4.1.4

v4.1.3

v6.0.0

What's Changed

Breaking Changes

Dependency Upgrades

New Contributors

v5.5.0

What's Changed

Bug fixes:

Dependency updates:

New Contributors

v5.4.0

What's Changed

Dependency updates :

v9.0.0

What's Changed

Changes

v6.0.0

What's Changed

v5.0.0

What's Changed

Breaking Changes

Dependency Upgrades

New Contributors

v4.4.0

v3.7.0

v3.6.0

v3.5.0

v3.4.0

v3.3.0

v3.2.0

v3.1.0

v3.0.0

v3.11.1

v3.11.0

v3.10.0

v3.9.0

v3.8.0

v3.7.1

v3.7.0

v3.6.1

v3.6.0

v3.6.0

v3.5.0

v3.4.0

v3.3.0

v3.2.0

v3.1.0

v6.4.0

What's Changed

Uh oh!

Reviewers

dependabot bot commented on behalf of github Nov 10, 2025 •

edited

Loading