Skip to content

chore(deps): bump the all group with 3 updates#1762

Open
dependabot[bot] wants to merge 1 commit into
release-v0.20.xfrom
dependabot/github_actions/release-v0.20.x/all-8e374835bc
Open

chore(deps): bump the all group with 3 updates#1762
dependabot[bot] wants to merge 1 commit into
release-v0.20.xfrom
dependabot/github_actions/release-v0.20.x/all-8e374835bc

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 6, 2026

Copy link
Copy Markdown
Contributor

Bumps the all group with 3 updates: golangci/golangci-lint-action, sigstore/scaffolding/actions/setup and chainguard-dev/actions/kind-diag.

Updates golangci/golangci-lint-action from 9.2.0 to 9.2.1

Release notes

Sourced from golangci/golangci-lint-action's releases.

v9.2.1

What's Changed

IMPORTANT: this is the first immutable release.

Changes

Dependencies

Full Changelog: golangci/golangci-lint-action@v9.2.0...v9.2.1

Commits
  • 82606bf chore: prepare release v9.2.1
  • 97c8387 chore: improve workflows (#1394)
  • 28d0a19 build(deps): bump the dependencies group across 1 directory with 2 updates
  • 633fbc7 build(deps): bump github/codeql-action from 4.35.3 to 4.35.4 (#1391)
  • 59f43e2 build(deps): bump github/codeql-action from 4.35.2 to 4.35.3 (#1389)
  • 9eb174e build(deps): bump fast-xml-builder from 1.1.5 to 1.2.0 (#1386)
  • 4f52504 build(deps): bump github/codeql-action from 4 to 4.35.2 (#1384)
  • 6f87dfd docs: update examples
  • c9500d7 chore: improve workflows
  • 03b1faa chore: improve issue templates
  • Additional commits viewable in compare view

Updates sigstore/scaffolding/actions/setup from 039e0ece31c5fc9fe0466d2f7b289ed643b88fdb to fb8d1817d2571303daf88f49d3a23daeb7474e84

Changelog

Sourced from sigstore/scaffolding/actions/setup's changelog.

Scaffolding Release Process

Prerequisites

You should be part of the scaffolding-codeowners or sigstore-oncall groups, which are defined within the community repo.

Steps

Sync tags

Ensure that sure your local branch is up-to-date from the upstream:

git pull upstream main --tags

Pick a new version number

The scaffolding repo uses semver. Your first step is to determine the latest tag used.

List the latest tags in date order:

git tag | tail

Example output:

...
v0.0.0
v0.1.0

Show a list of changes since the latest version (v0.1.0):

git log v0.1.0..

If the commits include a new feature or breaking change, bump the minor version. If it only includes bug fixes, bump the patch version.

Tagging

Once you have a version number in mind, tag it locally:

git tag -a v0.2.0 -m v0.2.0

... (truncated)

Commits

Updates chainguard-dev/actions/kind-diag from 17095df6250b18f9cc2c2e45b179d9a641668d8c to f0be69916b439d0fcced2451b23d0f27cd46d545

Commits
  • f0be699 group updates for actions when we have patch updates (#983)
  • 9d74f5e build(deps): bump zizmorcore/zizmor-action from 0.5.6 to 0.5.7 (#974)
  • fc8da5b build(deps): bump chainguard-dev/actions from 1.6.24 to 1.6.25 (#975)
  • 6f62df3 build(deps): bump chainguard-dev/actions in /git-tag (#976)
  • 9b816d3 build(deps): bump chainguard-dev/actions from 1.6.24 to 1.6.25 in /gofmt (#977)
  • c8cb263 build(deps): bump chainguard-dev/actions in /goimports (#978)
  • 5bac86c build(deps): bump chainguard-dev/actions in /melange-build (#980)
  • 4580d94 build(deps): bump chainguard-dev/actions in /inky-build-pkg (#979)
  • 71b359f build(deps): bump chainguard-dev/actions in /release-notes (#981)
  • fc09e6d build(deps): bump chainguard-dev/actions in /wolfi-build-pkg (#982)
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the all group with 3 updates: [golangci/golangci-lint-action](https://github.com/golangci/golangci-lint-action), [sigstore/scaffolding/actions/setup](https://github.com/sigstore/scaffolding) and [chainguard-dev/actions/kind-diag](https://github.com/chainguard-dev/actions).


Updates `golangci/golangci-lint-action` from 9.2.0 to 9.2.1
- [Release notes](https://github.com/golangci/golangci-lint-action/releases)
- [Commits](golangci/golangci-lint-action@1e7e51e...82606bf)

Updates `sigstore/scaffolding/actions/setup` from 039e0ece31c5fc9fe0466d2f7b289ed643b88fdb to fb8d1817d2571303daf88f49d3a23daeb7474e84
- [Release notes](https://github.com/sigstore/scaffolding/releases)
- [Changelog](https://github.com/sigstore/scaffolding/blob/main/release.md)
- [Commits](sigstore/scaffolding@039e0ec...fb8d181)

Updates `chainguard-dev/actions/kind-diag` from 17095df6250b18f9cc2c2e45b179d9a641668d8c to f0be69916b439d0fcced2451b23d0f27cd46d545
- [Release notes](https://github.com/chainguard-dev/actions/releases)
- [Commits](chainguard-dev/actions@17095df...f0be699)

---
updated-dependencies:
- dependency-name: golangci/golangci-lint-action
  dependency-version: 9.2.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: sigstore/scaffolding/actions/setup
  dependency-version: fb8d1817d2571303daf88f49d3a23daeb7474e84
  dependency-type: direct:production
  dependency-group: all
- dependency-name: chainguard-dev/actions/kind-diag
  dependency-version: f0be69916b439d0fcced2451b23d0f27cd46d545
  dependency-type: direct:production
  dependency-group: all
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Used by dependabot - identifies all PRs created by dependabot kind/misc Categorizes issue or PR as a miscellaneuous one. ok-to-test Indicates a non-member PR verified by an org member that is safe to test. release-note-none Denotes a PR that doesnt merit a release note. labels Jul 6, 2026
@tekton-robot

Copy link
Copy Markdown

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by:
To complete the pull request process, please assign chitrangpatel after the PR has been reviewed.
You can assign the PR to them by writing /assign @chitrangpatel in a comment when ready.

The full list of commands accepted by this bot can be found here.

Details Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@tekton-robot tekton-robot requested review from lcarva and wlynch July 6, 2026 08:25
@tekton-robot tekton-robot added the size/XS Denotes a PR that changes 0-9 lines, ignoring generated files. label Jul 6, 2026
@anithapriyanatarajan

Copy link
Copy Markdown
Contributor

@dependabot rebase

@dependabot @github

dependabot Bot commented on behalf of github Jul 8, 2026

Copy link
Copy Markdown
Contributor Author

Looks like this PR is already up-to-date with release-v0.20.x! If you'd still like to recreate it from scratch, overwriting any edits, you can request @dependabot recreate.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Used by dependabot - identifies all PRs created by dependabot kind/misc Categorizes issue or PR as a miscellaneuous one. ok-to-test Indicates a non-member PR verified by an org member that is safe to test. release-note-none Denotes a PR that doesnt merit a release note. size/XS Denotes a PR that changes 0-9 lines, ignoring generated files.

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants