Skip to content

ci(deps): bump the all-actions group with 4 updates#1353

Merged
dyoshikawa merged 1 commit intomainfrom
dependabot/github_actions/all-actions-6e5e89ff7c
Mar 22, 2026
Merged

ci(deps): bump the all-actions group with 4 updates#1353
dyoshikawa merged 1 commit intomainfrom
dependabot/github_actions/all-actions-6e5e89ff7c

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot bot commented on behalf of github Mar 20, 2026

Bumps the all-actions group with 4 updates: jdx/mise-action, anomalyco/opencode, actions/cache and softprops/action-gh-release.

Updates jdx/mise-action from 3.6.3 to 4.0.0

Release notes

Sourced from jdx/mise-action's releases.

v4.0.0

What's Changed

New Contributors

Full Changelog: jdx/mise-action@v3...v4.0.0

Changelog

Sourced from jdx/mise-action's changelog.

Changelog

4.0.0 - 2026-03-13

🚀 Features

New Contributors

3.6.3 - 2026-03-06

🐛 Bug Fixes

New Contributors

3.6.2 - 2026-03-02

🐛 Bug Fixes

  • move file_hash to end of cache key template to prevent prefix matching (#384) by @​altendky in #384

New Contributors

3.6.1 - 2026-01-20

🔍 Other Changes

  • Revert "fix(cache): isolate cache keys per working_directory in monorepos" (#364) by @​jdx in #364

3.6.0 - 2026-01-18

🚀 Features

🐛 Bug Fixes

... (truncated)

Commits

Updates anomalyco/opencode from 1.2.13 to 1.2.27

Release notes

Sourced from anomalyco/opencode's releases.

v1.2.27

Core

  • Fixed VCS watcher if statement logic
  • Delete legacy permission module
  • Clean up pending entry when question is aborted
  • Remove SIGHUP exit handler
  • Effectify PermissionNext and fix InstanceState ALS bug
  • Inline branded ID schemas
  • Refactor QuestionService to use effects
  • Ensure that compaction message is tracked as agent initiated
  • Increase default chunk timeout from 2 minutes to 5 minutes
  • Fix lost sessions across worktrees and orphan branches (@​michaeldwan)

Desktop

  • Remove open label from UI
  • Handle multiline web paste in prompt composer

Thank you to 4 community contributors:

v1.2.26

Core

  • Scaffold effect-to-zod bridge for schema conversion
  • Serialize configuration for Bun installations
  • Support text attachments in app
  • Paginate session history for improved server performance
  • Sessions lost after git init in existing project (@​michaeldwan)
  • Fail fast on config dependency installs in end-to-end tests
  • Filter empty content blocks for Bedrock provider (@​Tom-Ryder)
  • Refactor ProviderAuthService to use Effect pattern
  • Add console account subcommands to CLI
  • Refactor AuthService to use Effect pattern

TUI

  • Hide console command from help output
  • Remove OpenRouter warning
  • Reorder provider list in providers login

Desktop

  • Model selection now persists by session
  • Polish prompt composer controls
  • Synchronize sidebar state across the application
  • Use new-session icon in sidebar buttons
  • Avoid clipping new session during sidebar animation
  • Animate titlebar controls on sidebar open
  • Restore sidebar dash and sync session spinner colors

... (truncated)

Commits

Updates actions/cache from 5.0.3 to 5.0.4

Release notes

Sourced from actions/cache's releases.

v5.0.4

What's Changed

New Contributors

Full Changelog: actions/cache@v5...v5.0.4

Changelog

Sourced from actions/cache's changelog.

Releases

How to prepare a release

[!NOTE]
Relevant for maintainers with write access only.

  1. Switch to a new branch from main.
  2. Run npm test to ensure all tests are passing.
  3. Update the version in https://github.com/actions/cache/blob/main/package.json.
  4. Run npm run build to update the compiled files.
  5. Update this https://github.com/actions/cache/blob/main/RELEASES.md with the new version and changes in the ## Changelog section.
  6. Run licensed cache to update the license report.
  7. Run licensed status and resolve any warnings by updating the https://github.com/actions/cache/blob/main/.licensed.yml file with the exceptions.
  8. Commit your changes and push your branch upstream.
  9. Open a pull request against main and get it reviewed and merged.
  10. Draft a new release https://github.com/actions/cache/releases use the same version number used in package.json
    1. Create a new tag with the version number.
    2. Auto generate release notes and update them to match the changes you made in RELEASES.md.
    3. Toggle the set as the latest release option.
    4. Publish the release.
  11. Navigate to https://github.com/actions/cache/actions/workflows/release-new-action-version.yml
    1. There should be a workflow run queued with the same version number.
    2. Approve the run to publish the new version and update the major tags for this action.

Changelog

5.0.4

  • Bump minimatch to v3.1.5 (fixes ReDoS via globstar patterns)
  • Bump undici to v6.24.1 (WebSocket decompression bomb protection, header validation fixes)
  • Bump fast-xml-parser to v5.5.6

5.0.3

5.0.2

  • Bump @actions/cache to v5.0.3 #1692

5.0.1

  • Update @azure/storage-blob to ^12.29.1 via @actions/cache@5.0.1 #1685

5.0.0

[!IMPORTANT] actions/cache@v5 runs on the Node.js 24 runtime and requires a minimum Actions Runner version of 2.327.1.

... (truncated)

Commits

Updates softprops/action-gh-release from 2.5.0 to 2.6.1

Release notes

Sourced from softprops/action-gh-release's releases.

v2.6.1

2.6.1 is a patch release focused on restoring linked discussion thread creation when discussion_category_name is set. It fixes [#764](https://github.com/softprops/action-gh-release/issues/764), where the draft-first publish flow stopped carrying the discussion category through the final publish step.

If you still hit an issue after upgrading, please open a report with the bug template and include a minimal repro or sanitized workflow snippet where possible.

What's Changed

Bug fixes 🐛

v2.6.0

2.6.0 is a minor release centered on previous_tag support for generate_release_notes, which lets workflows pin GitHub's comparison base explicitly instead of relying on the default range. It also includes the recent concurrent asset upload recovery fix, a working_directory docs sync, a checked-bundle freshness guard for maintainers, and clearer immutable-prerelease guidance where GitHub platform behavior imposes constraints on how prerelease asset uploads can be published.

If you still hit an issue after upgrading, please open a report with the bug template and include a minimal repro or sanitized workflow snippet where possible.

What's Changed

Exciting New Features 🎉

Bug fixes 🐛

Other Changes 🔄

v2.5.3

2.5.3 is a patch release focused on the remaining path-handling and release-selection bugs uncovered after 2.5.2. It fixes [#639](https://github.com/softprops/action-gh-release/issues/639), [#571](https://github.com/softprops/action-gh-release/issues/571), [#280](https://github.com/softprops/action-gh-release/issues/280), [#614](https://github.com/softprops/action-gh-release/issues/614), [#311](https://github.com/softprops/action-gh-release/issues/311), [#403](https://github.com/softprops/action-gh-release/issues/403), and [#368](https://github.com/softprops/action-gh-release/issues/368). It also adds documentation clarifications for [#541](https://github.com/softprops/action-gh-release/issues/541), [#645](https://github.com/softprops/action-gh-release/issues/645), [#542](https://github.com/softprops/action-gh-release/issues/542), [#393](https://github.com/softprops/action-gh-release/issues/393), and [#411](https://github.com/softprops/action-gh-release/issues/411), where the current behavior is either usage-sensitive or constrained by GitHub platform limits rather than an action-side runtime bug.

If you still hit an issue after upgrading, please open a report with the bug template and include a minimal repro or sanitized workflow snippet where possible.

What's Changed

... (truncated)

Changelog

Sourced from softprops/action-gh-release's changelog.

2.6.1

2.6.1 is a patch release focused on restoring linked discussion thread creation when discussion_category_name is set. It fixes [#764](https://github.com/softprops/action-gh-release/issues/764), where the draft-first publish flow stopped carrying the discussion category through the final publish step.

If you still hit an issue after upgrading, please open a report with the bug template and include a minimal repro or sanitized workflow snippet where possible.

What's Changed

Bug fixes 🐛

2.6.0

2.6.0 is a minor release centered on previous_tag support for generate_release_notes, which lets workflows pin GitHub's comparison base explicitly instead of relying on the default range. It also includes the recent concurrent asset upload recovery fix, a working_directory docs sync, a checked-bundle freshness guard for maintainers, and clearer immutable-prerelease guidance where GitHub platform behavior imposes constraints on how prerelease asset uploads can be published.

If you still hit an issue after upgrading, please open a report with the bug template and include a minimal repro or sanitized workflow snippet where possible.

What's Changed

Exciting New Features 🎉

Bug fixes 🐛

Other Changes 🔄

2.5.3

2.5.3 is a patch release focused on the remaining path-handling and release-selection bugs uncovered after 2.5.2. It fixes [#639](https://github.com/softprops/action-gh-release/issues/639), [#571](https://github.com/softprops/action-gh-release/issues/571), [#280](https://github.com/softprops/action-gh-release/issues/280), [#614](https://github.com/softprops/action-gh-release/issues/614), [#311](https://github.com/softprops/action-gh-release/issues/311), [#403](https://github.com/softprops/action-gh-release/issues/403), and [#368](https://github.com/softprops/action-gh-release/issues/368). It also adds documentation clarifications for [#541](https://github.com/softprops/action-gh-release/issues/541), [#645](https://github.com/softprops/action-gh-release/issues/645), [#542](https://github.com/softprops/action-gh-release/issues/542), [#393](https://github.com/softprops/action-gh-release/issues/393), and [#411](https://github.com/softprops/action-gh-release/issues/411), where the current behavior is either usage-sensitive or constrained by GitHub platform limits rather than an action-side runtime bug.

If you still hit an issue after upgrading, please open a report with the bug template and include a minimal repro or sanitized workflow snippet where possible.

... (truncated)

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
ci(deps): bump the all-actions group with 4 updates
2631e4c 
Bumps the all-actions group with 4 updates: [jdx/mise-action](https://github.com/jdx/mise-action), [anomalyco/opencode](https://github.com/anomalyco/opencode), [actions/cache](https://github.com/actions/cache) and [softprops/action-gh-release](https://github.com/softprops/action-gh-release).


Updates `jdx/mise-action` from 3.6.3 to 4.0.0
- [Release notes](https://github.com/jdx/mise-action/releases)
- [Changelog](https://github.com/jdx/mise-action/blob/main/CHANGELOG.md)
- [Commits](jdx/mise-action@5228313...c1ecc8f)

Updates `anomalyco/opencode` from 1.2.13 to 1.2.27
- [Release notes](https://github.com/anomalyco/opencode/releases)
- [Commits](anomalyco/opencode@d848c9b...4ee426b)

Updates `actions/cache` from 5.0.3 to 5.0.4
- [Release notes](https://github.com/actions/cache/releases)
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md)
- [Commits](actions/cache@cdf6c1f...6682284)

Updates `softprops/action-gh-release` from 2.5.0 to 2.6.1
- [Release notes](https://github.com/softprops/action-gh-release/releases)
- [Changelog](https://github.com/softprops/action-gh-release/blob/master/CHANGELOG.md)
- [Commits](softprops/action-gh-release@a06a81a...153bb8e)

---
updated-dependencies:
- dependency-name: jdx/mise-action
  dependency-version: 4.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: all-actions
- dependency-name: anomalyco/opencode
  dependency-version: 1.2.27
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all-actions
- dependency-name: actions/cache
  dependency-version: 5.0.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all-actions
- dependency-name: softprops/action-gh-release
  dependency-version: 2.6.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all-actions
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot @github
Copy link
Copy Markdown
Contributor Author

dependabot bot commented on behalf of github Mar 20, 2026

Labels

The following labels could not be found: automated, ci. Please create them before Dependabot can add them to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

@dyoshikawa dyoshikawa merged commit 1e57e12 into main Mar 22, 2026
10 checks passed
@dyoshikawa dyoshikawa deleted the dependabot/github_actions/all-actions-6e5e89ff7c branch March 22, 2026 01:26
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@dyoshikawa