update: bump the gh-actions-packages group across 1 directory with 6 updates #1917
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
![dependabot[bot]](https://avatars.githubusercontent.com/in/29110?s=60&v=4){kind=small}
dependabot
bot
added
dependencies
|
@dependabot rebase |
…updates Bumps the gh-actions-packages group with 6 updates in the / directory: | Package | From | To | | --- | --- | --- | | [docker/login-action](https://github.com/docker/login-action) | `3.3.0` | `3.4.0` | | [actions/setup-go](https://github.com/actions/setup-go) | `5.3.0` | `5.4.0` | | [github/codeql-action](https://github.com/github/codeql-action) | `3.28.10` | `3.28.11` | | [golangci/golangci-lint-action](https://github.com/golangci/golangci-lint-action) | `6.5.0` | `6.5.2` | | [securego/gosec](https://github.com/securego/gosec) | `2.22.1` | `2.22.2` | | [aquasecurity/trivy-action](https://github.com/aquasecurity/trivy-action) | `0.29.0` | `0.30.0` | Updates `docker/login-action` from 3.3.0 to 3.4.0 - [Release notes](https://github.com/docker/login-action/releases) - [Commits](docker/login-action@9780b0c...74a5d14) Updates `actions/setup-go` from 5.3.0 to 5.4.0 - [Release notes](https://github.com/actions/setup-go/releases) - [Commits](actions/setup-go@f111f33...0aaccfd) Updates `github/codeql-action` from 3.28.10 to 3.28.11 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@b56ba49...6bb031a) Updates `golangci/golangci-lint-action` from 6.5.0 to 6.5.2 - [Release notes](https://github.com/golangci/golangci-lint-action/releases) - [Commits](golangci/golangci-lint-action@2226d7c...55c2c14) Updates `securego/gosec` from 2.22.1 to 2.22.2 - [Release notes](https://github.com/securego/gosec/releases) - [Changelog](https://github.com/securego/gosec/blob/master/.goreleaser.yml) - [Commits](securego/gosec@43fee88...136f6c0) Updates `aquasecurity/trivy-action` from 0.29.0 to 0.30.0 - [Release notes](https://github.com/aquasecurity/trivy-action/releases) - [Commits](aquasecurity/trivy-action@18f2510...6c175e9) --- updated-dependencies: - dependency-name: docker/login-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: gh-actions-packages - dependency-name: actions/setup-go dependency-type: direct:production update-type: version-update:semver-minor dependency-group: gh-actions-packages - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-patch dependency-group: gh-actions-packages - dependency-name: golangci/golangci-lint-action dependency-type: direct:production update-type: version-update:semver-patch dependency-group: gh-actions-packages - dependency-name: securego/gosec dependency-type: direct:production update-type: version-update:semver-patch dependency-group: gh-actions-packages - dependency-name: aquasecurity/trivy-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: gh-actions-packages ... Signed-off-by: dependabot[bot] <[email protected]>
dependabot
bot
force-pushed
the
dependabot/github_actions/develop/gh-actions-packages-e9a0e39c5b
branch
from
672769f to
5c02028
Compare
phbelitz
approved these changes
Mar 28, 2025
phbelitz
deleted the
dependabot/github_actions/develop/gh-actions-packages-e9a0e39c5b
branch
Merged
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Bumps the gh-actions-packages group with 6 updates in the / directory:
3.3.03.4.05.3.05.4.03.28.103.28.116.5.06.5.22.22.12.22.20.29.00.30.0Updates
docker/login-actionfrom 3.3.0 to 3.4.0Release notes
Sourced from docker/login-action's releases.
Commits
74a5d14Merge pull request #856 from docker/dependabot/npm_and_yarn/aws-sdk-dependenc...2f4f00echore: update generated content67c1845build(deps): bump the aws-sdk-dependencies group across 1 directory with 2 up...3d4cc89Merge pull request #844 from graysonpike/master6cc823aMerge pull request #823 from docker/dependabot/npm_and_yarn/proxy-agent-depen...d94e792chore: update generated content033db0dMerge pull request #812 from docker/dependabot/github_actions/codecov/codecov...09c2ae9build(deps): bump https-proxy-agentba56f00ci: update deprecated input for codecov-action75bf9a7Merge pull request #858 from docker/dependabot/npm_and_yarn/docker/actions-to...Updates
actions/setup-gofrom 5.3.0 to 5.4.0Release notes
Sourced from actions/setup-go's releases.
Commits
0aaccfdBump undici from 5.28.4 to 5.28.5 (#541)c4c1141upgrade actions/cache to 4.0.2 (#568)5a083d0Bump eslint-config-prettier from 8.10.0 to 10.0.1 (#536)1d82324Bump semver from 7.6.0 to 7.6.3 (#535)Updates
github/codeql-actionfrom 3.28.10 to 3.28.11Release notes
Sourced from github/codeql-action's releases.
Changelog
Sourced from github/codeql-action's changelog.
... (truncated)
Commits
6bb031aMerge pull request #2798 from github/update-v3.28.11-56b25d5d56bca7ddUpdate changelog for v3.28.1156b25d5Merge pull request #2793 from github/update-bundle/codeql-bundle-v2.20.6256aa16Merge branch 'main' into update-bundle/codeql-bundle-v2.20.6911d845Merge pull request #2796 from github/nickfyson/adjust-rate-error-string7b7ed63adjust string for handling rate limit error608ccd6Merge pull request #2794 from github/update-supported-enterprise-server-versions35d04d3Update supported GitHub Enterprise Server versionsec3b221Update supported GitHub Enterprise Server versions8dc01f6Add changelog noteUpdates
golangci/golangci-lint-actionfrom 6.5.0 to 6.5.2Release notes
Sourced from golangci/golangci-lint-action's releases.
Commits
55c2c146.5.2911ec56fix: update max version (#1201)eb5c0ccbuild(deps-dev): bump the dev-dependencies group with 2 updates (#1199)4696ba86.5.12ee514ffeat: restrict action v6 on golangci-lint v1 (#1194)7e7b516fix: octokit retry (#1193)b871b4fbuild(deps): bump@types/nodefrom 22.13.8 to 22.13.10 in the dependencies gr...08ba820build(deps-dev): bump eslint-config-prettier from 10.0.2 to 10.1.1 in the dev...d8648acbuild(deps-dev): bump the dev-dependencies group across 1 directory with 5 up...37d62aebuild(deps): bump the dependencies group with 2 updates (#1189)Updates
securego/gosecfrom 2.22.1 to 2.22.2Release notes
Sourced from securego/gosec's releases.
Commits
136f6c0Update to go version 1.24.1 and 1.23.7 (#1313)047453achore(deps): update all dependencies (#1310)76ccee5chore(deps): update all dependencies (#1308)a9eb1c9Update gosec version in the GitHub action to v2.22.1 (#1307)89c5da3chore(deps): update module google.golang.org/api to v0.221.0 (#1305)Updates
aquasecurity/trivy-actionfrom 0.29.0 to 0.30.0Release notes
Sourced from aquasecurity/trivy-action's releases.
Commits
6c175e9chore: bump trivy to v0.60.0 (#453)53e8848Improve README/SBOM (#439)ef1b561fix: typo in description of an input for action.yaml (#452)a11da62fix: Update default trivy version in README (#444)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore <dependency name> major versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)@dependabot ignore <dependency name> minor versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)@dependabot ignore <dependency name>will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)@dependabot unignore <dependency name>will remove all of the ignore conditions of the specified dependency@dependabot unignore <dependency name> <ignore condition>will remove the ignore condition of the specified dependency and ignore conditions