Bump the all group across 1 directory with 9 updates #2298

dependabot · 2025-02-03T15:51:04Z

Bumps the all group with 9 updates in the / directory:

Package	From	To
step-security/harden-runner	`2.10.2`	`2.10.4`
actions/setup-go	`5.2.0`	`5.3.0`
codecov/codecov-action	`5.1.2`	`5.3.1`
github/codeql-action	`3.28.0`	`3.28.8`
actions/setup-node	`4.1.0`	`4.2.0`
docker/setup-qemu-action	`3.2.0`	`3.3.0`
softprops/action-gh-release	`2.0.9`	`2.2.1`
actions/upload-artifact	`4.5.0`	`4.6.0`
actions/create-github-app-token	`1.11.1`	`1.11.2`

Updates step-security/harden-runner from 2.10.2 to 2.10.4

Release notes

Sourced from step-security/harden-runner's releases.

v2.10.4

What's Changed

Fixed a potential Harden-Runner post step failure that could occur when printing agent service logs. The fix gracefully handles failures without failing the post step.

Full Changelog: step-security/harden-runner@v2...v2.10.4

v2.10.3

What's Changed

Fixed an issue where DNS requests using uppercase characters (e.g., EXAMPLE.com) were blocked even when the domain was present in the allowed list. This update standardizes domain names to lowercase for consistent comparison.

Full Changelog: step-security/harden-runner@v2...v2.10.3

Commits

cb605e5 Merge pull request #496 from step-security/fix-enobufs
61144dd Update log statement
b8be370 Add try catch block
6f6fa07 Fix ENOBUFS issue
18f6947 Merge pull request #495 from AkhigbeEromo/Update-README
81f844e Edit docs
4c766de Merge branch 'Update-README' of https://github.com/AkhigbeEromo/harden-runner...
c9c5f32 Handle Ashish reviews
2877824 Merge branch 'main' into Update-README
be87de0 Clean up
Additional commits viewable in compare view

Updates actions/setup-go from 5.2.0 to 5.3.0

Release notes

Sourced from actions/setup-go's releases.

v5.3.0

What's Changed

Use the new cache service: upgrade @actions/cache to ^4.0.0 by @Link- in actions/setup-go#531

Configure Dependabot settings by @HarithaVattikuti in actions/setup-go#530

Document update - permission section by @HarithaVattikuti in actions/setup-go#533

Bump actions/publish-immutable-action from 0.0.3 to 0.0.4 by @dependabot in actions/setup-go#534

New Contributors

@Link- made their first contribution in actions/setup-go#531

Full Changelog: actions/setup-go@v5...v5.3.0

Commits

f111f33 Bump actions/publish-immutable-action from 0.0.3 to 0.0.4 (#534)
3d10edb Add new permission section (#533)
43e1389 Configure Dependabot settings (#530)
f81f022 Use the new cache service: upgrade @actions/cache to ^4.0.0 (#531)
See full diff in compare view

Updates codecov/codecov-action from 5.1.2 to 5.3.1

Release notes

Sourced from codecov/codecov-action's releases.

v5.3.1

What's Changed

fix: add docs and copy over dist by @thomasrockhu-codecov in codecov/codecov-action#1752

Full Changelog: codecov/codecov-action@v5.3.0...v5.3.1

v5.3.0

What's Changed

Update README with reqs by @thomasrockhu-codecov in codecov/codecov-action#1749

chore(release): wrapper -0.1.0 by @codecov-releaser-app in codecov/codecov-action#1750

chore(release): 5.3.0 by @thomasrockhu-codecov in codecov/codecov-action#1751

Full Changelog: codecov/codecov-action@v5.2.0...v5.3.0

v5.2.0

What's Changed

fix: remove erroneous linebreak in readme by @Vampire in codecov/codecov-action#1734

feat: add disable-telem feature by @thomasrockhu-codecov in codecov/codecov-action#1739

chore(deps): bump wrapper to 0.0.32 by @thomasrockhu-codecov in codecov/codecov-action#1740

build(deps): bump actions/upload-artifact from 4.4.3 to 4.6.0 by @dependabot in codecov/codecov-action#1743

build(deps): bump github/codeql-action from 3.27.9 to 3.28.1 by @dependabot in codecov/codecov-action#1742

use correct audience when requesting oidc token by @juho9000 in codecov/codecov-action#1744

Th/add commands by @thomasrockhu-codecov in codecov/codecov-action#1745

Fix typo in README by @tserg in codecov/codecov-action#1747

chore(release): bump to 5.2.0 by @thomasrockhu-codecov in codecov/codecov-action#1748

New Contributors

@Vampire made their first contribution in codecov/codecov-action#1734

@juho9000 made their first contribution in codecov/codecov-action#1744

@tserg made their first contribution in codecov/codecov-action#1747

Full Changelog: codecov/codecov-action@v5.1.2...v5.2.0

Changelog

Sourced from codecov/codecov-action's changelog.

v5.3.1

What's Changed

Full Changelog: https://github.com/codecov/codecov-action/compare/v5.3.0..v5.3.1

v5.3.0

What's Changed

Full Changelog: https://github.com/codecov/codecov-action/compare/v5.2.0..v5.3.0

v5.2.0

What's Changed

Fix typo in README by @tserg in codecov/codecov-action#1747

Th/add commands by @thomasrockhu-codecov in codecov/codecov-action#1745

use correct audience when requesting oidc token by @juho9000 in codecov/codecov-action#1744

build(deps): bump github/codeql-action from 3.27.9 to 3.28.1 by @app/dependabot in codecov/codecov-action#1742

build(deps): bump actions/upload-artifact from 4.4.3 to 4.6.0 by @app/dependabot in codecov/codecov-action#1743

chore(deps): bump wrapper to 0.0.32 by @thomasrockhu-codecov in codecov/codecov-action#1740

feat: add disable-telem feature by @thomasrockhu-codecov in codecov/codecov-action#1739

fix: remove erroneous linebreak in readme by @Vampire in codecov/codecov-action#1734

Full Changelog: https://github.com/codecov/codecov-action/compare/v5.1.2..v5.2.0

v5.1.2

What's Changed

fix: update statment by @thomasrockhu-codecov in codecov/codecov-action#1726

fix: update action script by @thomasrockhu-codecov in codecov/codecov-action#1725

fix: prevent oidc on tokenless due to permissioning by @thomasrockhu-codecov in codecov/codecov-action#1724

chore(release): wrapper-0.0.31 by @app/codecov-releaser-app in codecov/codecov-action#1723

Put quotes around ${{ inputs.token }} in action.yml by @jwodder in codecov/codecov-action#1721

build(deps): bump github/codeql-action from 3.27.6 to 3.27.9 by @app/dependabot in codecov/codecov-action#1722

Remove mistake from options table by @Acconut in codecov/codecov-action#1718

build(deps): bump github/codeql-action from 3.27.5 to 3.27.6 by @app/dependabot in codecov/codecov-action#1717

Full Changelog: https://github.com/codecov/codecov-action/compare/v5.1.1..v5.1.2

v5.1.1

What's Changed

... (truncated)

Commits

13ce06b chore(release): bump to 5.3.1
3e26040 fix: add docs and copy over dist (#1752)
0da7aa6 chore(release): 5.3.0 (#1751)
1ca7ce6 chore(release): wrapper -0.1.0 (#1750)
65baa5f Update README with reqs (#1749)
5a605bd chore(release): bump to 5.2.0 (#1748)
5825942 Fix typo in README (#1747)
b1a6383 Th/add commands (#1745)
6c5b693 use correct audience when requesting oidc token (#1744)
ad45165 build(deps): bump github/codeql-action from 3.27.9 to 3.28.1 (#1742)
Additional commits viewable in compare view

Updates github/codeql-action from 3.28.0 to 3.28.8

Release notes

Sourced from github/codeql-action's releases.

v3.28.8

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.28.8 - 29 Jan 2025

Enable support for Kotlin 2.1.10 when running with CodeQL CLI v2.20.3. #2744

See the full CHANGELOG.md for more information.

v3.28.7

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.28.7 - 29 Jan 2025

No user facing changes.

See the full CHANGELOG.md for more information.

v3.28.6

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.28.6 - 27 Jan 2025

Re-enable debug artifact upload for CLI versions 2.20.3 or greater. #2726

See the full CHANGELOG.md for more information.

v3.28.5

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.28.5 - 24 Jan 2025

Update default CodeQL bundle version to 2.20.3. #2717

See the full CHANGELOG.md for more information.

v3.28.4

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.28.4 - 23 Jan 2025

... (truncated)

Changelog

Sourced from github/codeql-action's changelog.

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

[UNRELEASED]

No user facing changes.

3.28.8 - 29 Jan 2025

Enable support for Kotlin 2.1.10 when running with CodeQL CLI v2.20.3. #2744

3.28.7 - 29 Jan 2025

No user facing changes.

3.28.6 - 27 Jan 2025

Re-enable debug artifact upload for CLI versions 2.20.3 or greater. #2726

3.28.5 - 24 Jan 2025

Update default CodeQL bundle version to 2.20.3. #2717

3.28.4 - 23 Jan 2025

No user facing changes.

3.28.3 - 22 Jan 2025

Update default CodeQL bundle version to 2.20.2. #2707

Fix an issue downloading the CodeQL Bundle from a GitHub Enterprise Server instance which occurred when the CodeQL Bundle had been synced to the instance using the CodeQL Action sync tool and the Actions runner did not have Zstandard installed. #2710

Uploading debug artifacts for CodeQL analysis is temporarily disabled. #2712

3.28.2 - 21 Jan 2025

No user facing changes.

3.28.1 - 10 Jan 2025

CodeQL Action v2 is now deprecated, and is no longer updated or supported. For better performance, improved security, and new features, upgrade to v3. For more information, see this changelog post. #2677

Update default CodeQL bundle version to 2.20.1. #2678

3.28.0 - 20 Dec 2024

Bump the minimum CodeQL bundle version to 2.15.5. #2655

Don't fail in the unusual case that a file is on the search path. #2660.

3.27.9 - 12 Dec 2024

... (truncated)

Commits

dd74661 Merge pull request #2746 from github/update-v3.28.8-a91a3f767
3210a3c Fix Kotlin version in changelog
72f9d02 Update changelog for v3.28.8
a91a3f7 Merge pull request #2744 from github/igfoo/kot2.1.10
c520fb5 Merge pull request #2745 from github/mergeback/v3.28.7-to-main-6e545590
3879c57 Add changelog entry
0c21937 Run "npm run build"
5a61bf0 Kotlin: The 2.20.3 release supports Kotlin 2.1.10.
163d119 Update checked-in dependencies
bcf5cec Update changelog and version after v3.28.7
Additional commits viewable in compare view

Updates actions/setup-node from 4.1.0 to 4.2.0

Release notes

Sourced from actions/setup-node's releases.

v4.2.0

What's Changed

Enhance workflows and upgrade publish-actions from 0.2.2 to 0.3.0 by @aparnajyothi-y in actions/setup-node#1174

Add recommended permissions section to readme by @benwells in actions/setup-node#1193

Configure Dependabot settings by @HarithaVattikuti in actions/setup-node#1192

Upgrade @actions/cache to ^4.0.0 by @priyagupta108 in actions/setup-node#1191

Upgrade pnpm/action-setup from 2 to 4 by @dependabot in actions/setup-node#1194

Upgrade actions/publish-immutable-action from 0.0.3 to 0.0.4 by @dependabot in actions/setup-node#1195

Upgrade semver from 7.6.0 to 7.6.3 by @dependabot in actions/setup-node#1196

Upgrade @types/jest from 29.5.12 to 29.5.14 by @dependabot in actions/setup-node#1201

Upgrade undici from 5.28.4 to 5.28.5 by @dependabot in actions/setup-node#1205

New Contributors

@benwells made their first contribution in actions/setup-node#1193

Full Changelog: actions/setup-node@v4...v4.2.0

Commits

1d0ff46 Bump undici from 5.28.4 to 5.28.5 (#1205)
574f09a Bump @types/jest from 29.5.12 to 29.5.14 (#1201)
260f870 Bump semver from 7.6.0 to 7.6.3 (#1196)
111c4be Bump actions/publish-immutable-action from 0.0.3 to 0.0.4 (#1195)
0bc26de Bump pnpm/action-setup from 2 to 4 (#1194)
8f9cc17 Use the new cache service: upgrade @actions/cache to ^4.0.0 (#1191)
5eef37b Create dependabot.yml (#1192)
fbeca22 Update README.md (#1193)
48b9067 Add macos-13 to the workflows and upgrade publish-actions from 0.2.2 to 0.3.0...
See full diff in compare view

Updates docker/setup-qemu-action from 3.2.0 to 3.3.0

Release notes

Sourced from docker/setup-qemu-action's releases.

v3.3.0

Add cache-image input to enable/disable caching of binfmt image by @crazy-max in docker/setup-qemu-action#130

Bump @actions/core from 1.10.1 to 1.11.1 in docker/setup-qemu-action#172

Bump @docker/actions-toolkit from 0.35.0 to 0.49.0 in docker/setup-qemu-action#187

Bump cross-spawn from 7.0.3 to 7.0.6 in docker/setup-qemu-action#182

Bump path-to-regexp from 6.2.2 to 6.3.0 in docker/setup-qemu-action#162

Full Changelog: docker/setup-qemu-action@v3.2.0...v3.3.0

Commits

53851d1 Merge pull request #187 from docker/dependabot/npm_and_yarn/docker/actions-to...
7066b90 chore: update generated content
7559081 build(deps): bump @docker/actions-toolkit from 0.35.0 to 0.49.0
08d11eb Merge pull request #172 from docker/dependabot/npm_and_yarn/actions/core-1.11.1
e53506f chore: update generated content
610b442 build(deps): bump @actions/core from 1.10.1 to 1.11.1
58a19f8 Merge pull request #182 from docker/dependabot/npm_and_yarn/cross-spawn-7.0.6
49a12c4 Merge pull request #180 from docker/dependabot/github_actions/codecov/codecov...
2b8ac83 ci: fix deprecated input for codecov-action
fdbeaac Merge pull request #130 from crazy-max/cache-image
Additional commits viewable in compare view

Updates softprops/action-gh-release from 2.0.9 to 2.2.1

Release notes

Sourced from softprops/action-gh-release's releases.

v2.2.1

What's Changed

Bug fixes 🐛

fix: big file uploads by @xen0n in softprops/action-gh-release#562

Other Changes 🔄

chore(deps): bump @types/node from 22.10.1 to 22.10.2 by @dependabot in softprops/action-gh-release#559

chore(deps): bump @types/node from 22.10.2 to 22.10.5 by @dependabot in softprops/action-gh-release#569

chore: update error and warning messages for not matching files in files field by @ytimocin in softprops/action-gh-release#568

New Contributors

@ytimocin made their first contribution in softprops/action-gh-release#568

Full Changelog: softprops/action-gh-release@v2.2.0...v2.2.1

v2.2.0

What's Changed

Exciting New Features 🎉

feat: read the release assets asynchronously by @xen0n in softprops/action-gh-release#552

Bug fixes 🐛

fix(docs): clarify the default for tag_name by @alexeagle in softprops/action-gh-release#544

Other Changes 🔄

chore(deps): bump typescript from 5.6.3 to 5.7.2 by @dependabot in softprops/action-gh-release#548

chore(deps): bump @types/node from 22.9.0 to 22.9.4 by @dependabot in softprops/action-gh-release#547

chore(deps): bump cross-spawn from 7.0.3 to 7.0.6 by @dependabot in softprops/action-gh-release#545

chore(deps): bump @vercel/ncc from 0.38.2 to 0.38.3 by @dependabot in softprops/action-gh-release#543

chore(deps): bump prettier from 3.3.3 to 3.4.1 by @dependabot in softprops/action-gh-release#550

chore(deps): bump @types/node from 22.9.4 to 22.10.1 by @dependabot in softprops/action-gh-release#551

chore(deps): bump prettier from 3.4.1 to 3.4.2 by @dependabot in softprops/action-gh-release#554

New Contributors

@alexeagle made their first contribution in softprops/action-gh-release#544

@xen0n made their first contribution in softprops/action-gh-release#552

Full Changelog: softprops/action-gh-release@v2.1.0...v2.2.0

v2.1.0

What's Changed

Exciting New Features 🎉

feat: add support for release assets with multiple spaces within the name by @dukhine in softprops/action-gh-release#518

feat: preserve upload order by @richarddd in softprops/action-gh-release#500

Other Changes 🔄

... (truncated)

Changelog

Sourced from softprops/action-gh-release's changelog.

2.2.1

What's Changed

Bug fixes 🐛

fix: big file uploads by @xen0n in softprops/action-gh-release#562

Other Changes 🔄

chore(deps): bump @types/node from 22.10.1 to 22.10.2 by @dependabot in softprops/action-gh-release#559

chore(deps): bump @types/node from 22.10.2 to 22.10.5 by @dependabot in softprops/action-gh-release#569

chore: update error and warning messages for not matching files in files field by @ytimocin in softprops/action-gh-release#568

2.2.0

What's Changed

Exciting New Features 🎉

feat: read the release assets asynchronously by @xen0n in softprops/action-gh-release#552

Bug fixes 🐛

fix(docs): clarify the default for tag_name by @alexeagle in softprops/action-gh-release#544

Other Changes 🔄

chore(deps): bump typescript from 5.6.3 to 5.7.2 by @dependabot in softprops/action-gh-release#548

chore(deps): bump @types/node from 22.9.0 to 22.9.4 by @dependabot in softprops/action-gh-release#547

chore(deps): bump cross-spawn from 7.0.3 to 7.0.6 by @dependabot in softprops/action-gh-release#545

chore(deps): bump @vercel/ncc from 0.38.2 to 0.38.3 by @dependabot in softprops/action-gh-release#543

chore(deps): bump prettier from 3.3.3 to 3.4.1 by @dependabot in softprops/action-gh-release#550

chore(deps): bump @types/node from 22.9.4 to 22.10.1 by @dependabot in softprops/action-gh-release#551

chore(deps): bump prettier from 3.4.1 to 3.4.2 by @dependabot in softprops/action-gh-release#554

2.1.0

What's Changed

Exciting New Features 🎉

feat: add support for release assets with multiple spaces within the name by @dukhine in softprops/action-gh-release#518

feat: preserve upload order by @richarddd in softprops/action-gh-release#500

Other Changes 🔄

chore(deps): bump @types/node from 22.8.2 to 22.8.7 by @dependabot in softprops/action-gh-release#539

2.0.9

maintenance release with updated dependencies

... (truncated)

Commits

c95fe14 release 2.2.1
deddb09 fix: big file uploads (#562)
33fcd69 chore: update error and warning messages for not matching files in files fiel...
01050bd chore(deps): bump @types/node from 22.10.2 to 22.10.5 (#569)
92dffe6 chore(deps): bump @types/node from 22.10.1 to 22.10.2 (#559)
7b4da11 release 2.2.0
64f1fa1 feat: read the release assets asynchronously (#552)
9e35a64 chore(deps): bump prettier from 3.4.1 to 3.4.2 (#554)
92bc83c chore(deps): bump @types/node from 22.9.4 to 22.10.1 (#551)
09f0e37 chore(deps): bump prettier from 3.3.3 to 3.4.1 (#550)
Additional commits viewable in compare view

Updates actions/upload-artifact from 4.5.0 to 4.6.0

Release notes

Sourced from actions/upload-artifact's releases.

v4.6.0

What's Changed

Expose env vars to control concurrency and timeout by @yacaovsnc in actions/upload-artifact#662

Full Changelog: actions/upload-artifact@v4...v4.6.0

Commits

65c4c4a Merge pull request #662 from actions/yacaovsnc/add_variable_for_concurrency_a...
0207619 move files back to satisfy licensed ci
1ecca81 licensed cache updates
9742269 Expose env vars to controll concurrency and timeout
See full diff in compare view

Updates actions/create-github-app-token from 1.11.1 to 1.11.2

Release notes

Sourced from actions/create-github-app-token's releases.

v1.11.2

1.11.2 (2025-01-30)

Bug Fixes

deps: bump @octokit/request from 9.1.3 to 9.1.4 in the production-dependencies group (#196) (b4192a5), closes #730 #730 #729 #727 #726 #723 #724 #722 #721 #720 #719

deps: bump undici from 6.19.8 to 7.2.0 (#198) (29aa051), closes nodejs/undici#3958 nodejs/undici#3955 nodejs/undici#3962 nodejs/undici#3921 nodejs/undici#3923 nodejs/undici#3925 nodejs/undici#3926 nodejs/undici#3924 nodejs/undici#3933 nodejs/undici#3916 nodejs/undici#3930 nodejs/undici#3938 #3937 nodejs/undici#3940 nodejs/undici#3931 nodejs/undici#3941 nodejs/undici#3911 nodejs/undici#3888 nodejs/undici#3939 nodejs/undici#3947 nodejs/undici#3945 nodejs/undici#3916 nodejs/undici#3893 nodejs/undici#3902 #3901 nodejs/undici#3903 nodejs/undici#3905 nodejs/undici#3900 nodejs/undici#3913 nodejs/undici#3910 nodejs/undici#3909 nodejs/undici#3906 nodejs/undici#3922 #3962 #3955 #3958 #3945 #3947 #3939 #3888 #3911 #3941

Commits

136412a build(release): 1.11.2 [skip ci]
b4192a5 fix(deps): bump @octokit/request from 9.1.3 to 9.1.4 in the production-depend...
29aa051 fix(deps): bump undici from 6.19.8 to 7.2.0 (#198)
a5f8600 build(deps-dev): bump @sinonjs/fake-timers from 13.0.2 to 14.0.0 (#199)
0edddd7 build(deps-dev): bump the development-dependencies group with 2 updates (#197)
bb3ca76 docs(README): remove extra space in variable syntax in README example (#201)
See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the all group with 9 updates in the / directory: | Package | From | To | | --- | --- | --- | | [step-security/harden-runner](https://github.com/step-security/harden-runner) | `2.10.2` | `2.10.4` | | [actions/setup-go](https://github.com/actions/setup-go) | `5.2.0` | `5.3.0` | | [codecov/codecov-action](https://github.com/codecov/codecov-action) | `5.1.2` | `5.3.1` | | [github/codeql-action](https://github.com/github/codeql-action) | `3.28.0` | `3.28.8` | | [actions/setup-node](https://github.com/actions/setup-node) | `4.1.0` | `4.2.0` | | [docker/setup-qemu-action](https://github.com/docker/setup-qemu-action) | `3.2.0` | `3.3.0` | | [softprops/action-gh-release](https://github.com/softprops/action-gh-release) | `2.0.9` | `2.2.1` | | [actions/upload-artifact](https://github.com/actions/upload-artifact) | `4.5.0` | `4.6.0` | | [actions/create-github-app-token](https://github.com/actions/create-github-app-token) | `1.11.1` | `1.11.2` | Updates `step-security/harden-runner` from 2.10.2 to 2.10.4 - [Release notes](https://github.com/step-security/harden-runner/releases) - [Commits](step-security/harden-runner@0080882...cb605e5) Updates `actions/setup-go` from 5.2.0 to 5.3.0 - [Release notes](https://github.com/actions/setup-go/releases) - [Commits](actions/setup-go@3041bf5...f111f33) Updates `codecov/codecov-action` from 5.1.2 to 5.3.1 - [Release notes](https://github.com/codecov/codecov-action/releases) - [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md) - [Commits](codecov/codecov-action@1e68e06...13ce06b) Updates `github/codeql-action` from 3.28.0 to 3.28.8 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@48ab28a...dd74661) Updates `actions/setup-node` from 4.1.0 to 4.2.0 - [Release notes](https://github.com/actions/setup-node/releases) - [Commits](actions/setup-node@39370e3...1d0ff46) Updates `docker/setup-qemu-action` from 3.2.0 to 3.3.0 - [Release notes](https://github.com/docker/setup-qemu-action/releases) - [Commits](docker/setup-qemu-action@49b3bc8...53851d1) Updates `softprops/action-gh-release` from 2.0.9 to 2.2.1 - [Release notes](https://github.com/softprops/action-gh-release/releases) - [Changelog](https://github.com/softprops/action-gh-release/blob/master/CHANGELOG.md) - [Commits](softprops/action-gh-release@e7a8f85...c95fe14) Updates `actions/upload-artifact` from 4.5.0 to 4.6.0 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](actions/upload-artifact@6f51ac0...65c4c4a) Updates `actions/create-github-app-token` from 1.11.1 to 1.11.2 - [Release notes](https://github.com/actions/create-github-app-token/releases) - [Commits](actions/create-github-app-token@c1a2851...136412a) --- updated-dependencies: - dependency-name: step-security/harden-runner dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all - dependency-name: actions/setup-go dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all - dependency-name: codecov/codecov-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all - dependency-name: github/codeql-action dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all - dependency-name: actions/setup-node dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all - dependency-name: docker/setup-qemu-action dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all - dependency-name: softprops/action-gh-release dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all - dependency-name: actions/upload-artifact dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all - dependency-name: actions/create-github-app-token dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all ... Signed-off-by: dependabot[bot] <[email protected]>

dependabot bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Feb 3, 2025

robnester-rh merged commit e701bd2 into main Feb 5, 2025
8 checks passed

dependabot bot deleted the dependabot/github_actions/all-f22616b053 branch February 5, 2025 17:40

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump the all group across 1 directory with 9 updates #2298

Bump the all group across 1 directory with 9 updates #2298

dependabot bot commented on behalf of github Feb 3, 2025

Bump the all group across 1 directory with 9 updates #2298

Bump the all group across 1 directory with 9 updates #2298

Conversation

dependabot bot commented on behalf of github Feb 3, 2025

v2.10.4

What's Changed

v2.10.3

What's Changed

v5.3.0

What's Changed

New Contributors

v5.3.1

What's Changed

v5.3.0

What's Changed

v5.2.0

What's Changed

New Contributors

v5.3.1

What's Changed

v5.3.0

What's Changed

v5.2.0

What's Changed

v5.1.2

What's Changed

v5.1.1

What's Changed

v3.28.8

CodeQL Action Changelog

3.28.8 - 29 Jan 2025

v3.28.7

CodeQL Action Changelog

3.28.7 - 29 Jan 2025

v3.28.6

CodeQL Action Changelog

3.28.6 - 27 Jan 2025

v3.28.5

CodeQL Action Changelog

3.28.5 - 24 Jan 2025

v3.28.4

CodeQL Action Changelog

3.28.4 - 23 Jan 2025

CodeQL Action Changelog

[UNRELEASED]

3.28.8 - 29 Jan 2025

3.28.7 - 29 Jan 2025

3.28.6 - 27 Jan 2025

3.28.5 - 24 Jan 2025

3.28.4 - 23 Jan 2025

3.28.3 - 22 Jan 2025

3.28.2 - 21 Jan 2025

3.28.1 - 10 Jan 2025

3.28.0 - 20 Dec 2024

3.27.9 - 12 Dec 2024

v4.2.0

What's Changed

New Contributors

v3.3.0

v2.2.1

What's Changed

Bug fixes 🐛

Other Changes 🔄

New Contributors

v2.2.0

What's Changed

Exciting New Features 🎉

Bug fixes 🐛

Other Changes 🔄

New Contributors

v2.1.0

What's Changed

Exciting New Features 🎉

Other Changes 🔄

2.2.1

What's Changed

Bug fixes 🐛

Other Changes 🔄

2.2.0

What's Changed