Skip to content

Bump the actions group across 1 directory with 8 updates#2218

Open
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/github_actions/actions-c477d2e210
Open

Bump the actions group across 1 directory with 8 updates#2218
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/github_actions/actions-c477d2e210

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github Apr 13, 2026
edited
Loading

Bumps the actions group with 8 updates in the / directory:

Package From To
actions/create-github-app-token 3.0.0 3.1.1
actions/cache 5.0.4 5.0.5
chromaui/action 16.0.0 16.6.0
aws-actions/configure-aws-credentials 6.0.0 6.1.0
aws-actions/amazon-ecr-login 2.1.0 2.1.4
docker/build-push-action 7.0.0 7.1.0
flatherskevin/semver-action 1.1.3 1.1.4
softprops/action-gh-release 2.6.1 3.0.0

Updates actions/create-github-app-token from 3.0.0 to 3.1.1

Release notes

Sourced from actions/create-github-app-token's releases.

v3.1.1

3.1.1 (2026-04-11)

Bug Fixes

  • improve error message when app identifier is empty (#362) (07e2b76), closes #249

v3.1.0

3.1.0 (2026-04-11)

Bug Fixes

  • deps: bump p-retry from 7.1.1 to 8.0.0 (#357) (3bbe07d)

Features

Commits
  • 1b10c78 build(release): 3.1.1 [skip ci]
  • 07e2b76 fix: improve error message when app identifier is empty (#362)
  • ea01216 ci: remove publish-immutable-action workflow (#361)
  • 7bd0371 build(release): 3.1.0 [skip ci]
  • e6bd4e6 feat: add client-id input and deprecate app-id (#353)
  • 076e948 feat: update permission inputs (#358)
  • 3bbe07d fix(deps): bump p-retry from 7.1.1 to 8.0.0 (#357)
  • 28a99e3 build(deps-dev): bump c8 from 10.1.3 to 11.0.0
  • 4df5060 build(deps-dev): bump open-cli from 8.0.0 to 9.0.0
  • 4843c53 build(deps-dev): bump the development-dependencies group with 3 updates
  • See full diff in compare view

Updates actions/cache from 5.0.4 to 5.0.5

Release notes

Sourced from actions/cache's releases.

v5.0.5

What's Changed

Full Changelog: actions/cache@v5...v5.0.5

Changelog

Sourced from actions/cache's changelog.

Releases

How to prepare a release

[!NOTE]
Relevant for maintainers with write access only.

  1. Switch to a new branch from main.
  2. Run npm test to ensure all tests are passing.
  3. Update the version in https://github.com/actions/cache/blob/main/package.json.
  4. Run npm run build to update the compiled files.
  5. Update this https://github.com/actions/cache/blob/main/RELEASES.md with the new version and changes in the ## Changelog section.
  6. Run licensed cache to update the license report.
  7. Run licensed status and resolve any warnings by updating the https://github.com/actions/cache/blob/main/.licensed.yml file with the exceptions.
  8. Commit your changes and push your branch upstream.
  9. Open a pull request against main and get it reviewed and merged.
  10. Draft a new release https://github.com/actions/cache/releases use the same version number used in package.json
    1. Create a new tag with the version number.
    2. Auto generate release notes and update them to match the changes you made in RELEASES.md.
    3. Toggle the set as the latest release option.
    4. Publish the release.
  11. Navigate to https://github.com/actions/cache/actions/workflows/release-new-action-version.yml
    1. There should be a workflow run queued with the same version number.
    2. Approve the run to publish the new version and update the major tags for this action.

Changelog

Commits

Updates chromaui/action from 16.0.0 to 16.6.0

Changelog

Sourced from chromaui/action's changelog.

v16.6.0 (Thu Apr 23 2026)

🚀 Enhancement

Authors: 1

v16.5.0 (Tue Apr 21 2026)

🚀 Enhancement

🐛 Bug Fix

Authors: 3

v16.4.0 (Tue Apr 21 2026)

🚀 Enhancement

🐛 Bug Fix

Authors: 1

v16.3.0 (Tue Apr 14 2026)

... (truncated)

Commits

Updates aws-actions/configure-aws-credentials from 6.0.0 to 6.1.0

Release notes

Sourced from aws-actions/configure-aws-credentials's releases.

v6.1.0

6.1.0 (2026-04-06)

Features

Changelog

Sourced from aws-actions/configure-aws-credentials's changelog.

6.1.0 (2026-04-06)

Features

Commits

Updates aws-actions/amazon-ecr-login from 2.1.0 to 2.1.4

Release notes

Sourced from aws-actions/amazon-ecr-login's releases.

v2.1.4

See the changelog for details about the changes included in this release.

v2.1.3

See the changelog for details about the changes included in this release.

v2.1.2

See the changelog for details about the changes included in this release.

v2.1.1

See the changelog for details about the changes included in this release.

Changelog

Sourced from aws-actions/amazon-ecr-login's changelog.

2.1.4 (2026-04-22)

2.1.3 (2026-04-15)

2.1.2 (2026-04-01)

2.1.1 (2026-03-24)

Bug Fixes

  • prefer explicit env var credentials over Pod Identity (#953) (ecbbdc7)
Commits

Updates docker/build-push-action from 7.0.0 to 7.1.0

Release notes

Sourced from docker/build-push-action's releases.

v7.1.0

Full Changelog: docker/build-push-action@v7.0.0...v7.1.0

Commits
  • bcafcac Merge pull request #1509 from docker/dependabot/npm_and_yarn/vite-7.3.2
  • 18e62f1 Merge pull request #1510 from docker/dependabot/npm_and_yarn/lodash-4.18.1
  • 46580d2 chore: update generated content
  • 3f80b25 chore(deps): Bump lodash from 4.17.23 to 4.18.1
  • efeec95 Merge pull request #1505 from crazy-max/refactor-git-context
  • ddf04b0 Merge pull request #1511 from docker/dependabot/github_actions/crazy-max-dot-...
  • db08d97 chore(deps): Bump the crazy-max-dot-github group with 2 updates
  • ef1fb96 Merge pull request #1508 from docker/dependabot/github_actions/docker/login-a...
  • 2d8f2a1 chore: update generated content
  • 919ac7b fix test since secrets are not written to temp path anymore
  • Additional commits viewable in compare view

Updates flatherskevin/semver-action from 1.1.3 to 1.1.4

Commits

Updates softprops/action-gh-release from 2.6.1 to 3.0.0

Changelog

Sourced from softprops/action-gh-release's changelog.

3.0.0

3.0.0 is a major release that moves the action runtime from Node 20 to Node 24. Use v3 on GitHub-hosted runners and self-hosted fleets that already support the Node 24 Actions runtime. If you still need the last Node 20-compatible line, stay on v2.6.2.

What's Changed

Other Changes 🔄

  • Move the action runtime and bundle target to Node 24
  • Update @types/node to the Node 24 line and allow future Dependabot updates
  • Keep the floating major tag on v3; v2 remains pinned to the latest 2.x release

2.6.2

What's Changed

Other Changes 🔄

Commits
  • b430933 release: cut v3.0.0 for Node 24 upgrade (#670)
  • c2e35e0 chore(deps): bump the npm group across 1 directory with 7 updates (#783)
  • 3bb1273 release 2.6.2
  • c34030f chore: bump node to 24.14.1
  • 8975bd0 chore(deps): bump vite from 8.0.0 to 8.0.5 (#781)
  • f71937f chore(deps): bump brace-expansion from 5.0.4 to 5.0.5 (#777)
  • 3f0d239 chore(deps): bump picomatch from 4.0.3 to 4.0.4 (#775)
  • See full diff in compare view

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Apr 13, 2026
@dependabot dependabot Bot requested a review from maor-rozenfeld as a code owner April 13, 2026 17:21
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Apr 13, 2026
@dependabot dependabot Bot force-pushed the dependabot/github_actions/actions-c477d2e210 branch from ecf3b79 to e20415f Compare April 20, 2026 18:34
@dependabot dependabot Bot requested a review from MarceloRGonc as a code owner April 20, 2026 18:34
@dependabot
Bump the actions group across 1 directory with 8 updates
99ec656 
Bumps the actions group with 8 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [actions/create-github-app-token](https://github.com/actions/create-github-app-token) | `3.0.0` | `3.1.1` |
| [actions/cache](https://github.com/actions/cache) | `5.0.4` | `5.0.5` |
| [chromaui/action](https://github.com/chromaui/action) | `16.0.0` | `16.6.0` |
| [aws-actions/configure-aws-credentials](https://github.com/aws-actions/configure-aws-credentials) | `6.0.0` | `6.1.0` |
| [aws-actions/amazon-ecr-login](https://github.com/aws-actions/amazon-ecr-login) | `2.1.0` | `2.1.4` |
| [docker/build-push-action](https://github.com/docker/build-push-action) | `7.0.0` | `7.1.0` |
| [flatherskevin/semver-action](https://github.com/flatherskevin/semver-action) | `1.1.3` | `1.1.4` |
| [softprops/action-gh-release](https://github.com/softprops/action-gh-release) | `2.6.1` | `3.0.0` |



Updates `actions/create-github-app-token` from 3.0.0 to 3.1.1
- [Release notes](https://github.com/actions/create-github-app-token/releases)
- [Commits](actions/create-github-app-token@v3.0.0...v3.1.1)

Updates `actions/cache` from 5.0.4 to 5.0.5
- [Release notes](https://github.com/actions/cache/releases)
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md)
- [Commits](actions/cache@v5.0.4...v5.0.5)

Updates `chromaui/action` from 16.0.0 to 16.6.0
- [Release notes](https://github.com/chromaui/action/releases)
- [Changelog](https://github.com/chromaui/action/blob/main/CHANGELOG.md)
- [Commits](chromaui/action@v16.0.0...v16.6.0)

Updates `aws-actions/configure-aws-credentials` from 6.0.0 to 6.1.0
- [Release notes](https://github.com/aws-actions/configure-aws-credentials/releases)
- [Changelog](https://github.com/aws-actions/configure-aws-credentials/blob/main/CHANGELOG.md)
- [Commits](aws-actions/configure-aws-credentials@v6.0.0...v6.1.0)

Updates `aws-actions/amazon-ecr-login` from 2.1.0 to 2.1.4
- [Release notes](https://github.com/aws-actions/amazon-ecr-login/releases)
- [Changelog](https://github.com/aws-actions/amazon-ecr-login/blob/main/CHANGELOG.md)
- [Commits](aws-actions/amazon-ecr-login@v2.1.0...v2.1.4)

Updates `docker/build-push-action` from 7.0.0 to 7.1.0
- [Release notes](https://github.com/docker/build-push-action/releases)
- [Commits](docker/build-push-action@v7.0.0...v7.1.0)

Updates `flatherskevin/semver-action` from 1.1.3 to 1.1.4
- [Release notes](https://github.com/flatherskevin/semver-action/releases)
- [Commits](flatherskevin/semver-action@7ce18d3...34b3c53)

Updates `softprops/action-gh-release` from 2.6.1 to 3.0.0
- [Changelog](https://github.com/softprops/action-gh-release/blob/master/CHANGELOG.md)
- [Commits](softprops/action-gh-release@v2.6.1...v3.0.0)

---
updated-dependencies:
- dependency-name: actions/cache
  dependency-version: 5.0.5
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: actions
- dependency-name: actions/create-github-app-token
  dependency-version: 3.1.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: actions
- dependency-name: aws-actions/amazon-ecr-login
  dependency-version: 2.1.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: actions
- dependency-name: aws-actions/configure-aws-credentials
  dependency-version: 6.1.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: actions
- dependency-name: chromaui/action
  dependency-version: 16.2.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: actions
- dependency-name: docker/build-push-action
  dependency-version: 7.1.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: actions
- dependency-name: flatherskevin/semver-action
  dependency-version: 1.1.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: actions
- dependency-name: softprops/action-gh-release
  dependency-version: 3.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: actions
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/github_actions/actions-c477d2e210 branch from e20415f to 99ec656 Compare April 27, 2026 19:57
@sonarqubecloud
Copy link
Copy Markdown

sonarqubecloud Bot commented Apr 27, 2026

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@maor-rozenfeld maor-rozenfeld maor-rozenfeld approved these changes

@MarceloRGonc MarceloRGonc Awaiting requested review from MarceloRGonc MarceloRGonc is a code owner

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@maor-rozenfeld