Skip to content

build(deps): bump the gha-dependencies group with 5 updates#1839

Merged
anthony-gomez-fastly merged 1 commit into
mainfrom
dependabot/github_actions/gha-dependencies-ddbf382b02
Jul 1, 2026
Merged

build(deps): bump the gha-dependencies group with 5 updates#1839
anthony-gomez-fastly merged 1 commit into
mainfrom
dependabot/github_actions/gha-dependencies-ddbf382b02

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 1, 2026

Copy link
Copy Markdown
Contributor

Bumps the gha-dependencies group with 5 updates:

Package From To
stefanzweifel/git-auto-commit-action 7.1.0 7.2.0
actions-rust-lang/setup-rust-toolchain 1.16.1 1.17.0
golangci/golangci-lint-action 9.2.1 9.3.0
dawidd6/action-download-artifact 6 21
goreleaser/goreleaser-action 7.2.2 7.2.3

Updates stefanzweifel/git-auto-commit-action from 7.1.0 to 7.2.0

Release notes

Sourced from stefanzweifel/git-auto-commit-action's releases.

v7.2.0

Added

Fixed

Dependency Updates

Changelog

Sourced from stefanzweifel/git-auto-commit-action's changelog.

Changelog

All notable changes to this project will be documented in this file.

The format is based on Keep a Changelog and this project adheres to Semantic Versioning.

Unreleased

TBD

v7.2.0 - 2026-06-28

Added

Fixed

Dependency Updates

v7.1.0 - 2025-12-17

Added

Changes

Dependency Updates

v7.0.0 - 2025-10-12

Added

... (truncated)

Commits
  • 4a55954 Update README.md
  • 9f6c933 Add hooks to run shell snippets around git operations (#411)
  • c365a74 Emit warning for pull_request_target trigger usage (#410)
  • d28176c Bump actions/checkout from 6 to 7 (#409)
  • 25df622 Add EXAMPLES.md
  • 32e9844 docs(action): fix input and output descriptions in action.yml (#406)
  • a3ed46f docs: fix typos, grammar, and formatting across markdown files (#408)
  • b4d688c docs: fix broken and redirecting URLs in README.md (#407)
  • f53a62c README: clearify meaning of the repository field (#404)
  • 4fc4bbf Bump release-drafter/release-drafter from 6 to 7 (#403)
  • Additional commits viewable in compare view

Updates actions-rust-lang/setup-rust-toolchain from 1.16.1 to 1.17.0

Changelog

Sourced from actions-rust-lang/setup-rust-toolchain's changelog.

Changelog

All notable changes to this project will be documented in this file.

The format is based on Keep a Changelog, and this project adheres to Semantic Versioning.

[Unreleased]

[1.17.0] - 2026-06-25

  • Add new parameter cache-targets that is propagated to Swatinem/rust-cache as cache-targets (#84). This allows disabling caching of the workspace target directory, e.g. when using sccache, while keeping the rest of the cache enabled.

[1.16.1] - 2026-05-08

  • Renamed internally used variable to avoid clashes with globally existing variables. This fixes the interference of the TOOLCHAIN variable as reported in #91.

[1.16.0] - 2026-04-13

  • Add new parameter cache-save-if that is propagated to Swatinem/rust-cache as save-if (#90 by @​ChanTsune)

[1.15.4] - 2026-03-15

  • Bump Swatinem/rust-cache from 2.8.2 to 2.9.1 (#87 by @​hyperfinitism) This gets rid of the warnings about Node.js 20.

[1.15.3] - 2026-03-01

  • Bump Swatinem/rust-cache from 2.8.1 to 2.8.2

[1.15.2] - 2025-10-04

  • Fix: Run the version detection steps in the selected rust-src-dir directory. This should enable the version selection even without a default toolchain installed. Fixes #74.

[1.15.1] - 2025-09-23

  • Update Swatinem/rust-cache to v2.8.1

[1.15.0] - 2025-09-14

  • Add support for non-root source directory. Accept source code and rust-toolchain.toml file in subdirectories of the repository. Adds a new parameter rust-src-dir that controls the lookup for toolchain files and sets a default value for the cache-workspace input. (#69 by @​Kubaryt)

[1.14.1] - 2025-08-28

... (truncated)

Commits
  • 166cdcf Update changelog to v1.17.0
  • 446e959 Merge pull request #97 from actions-rust-lang/dependabot/github_actions/actio...
  • 29eefe9 Merge pull request #96 from somaz94/feat/cache-targets
  • ed33c05 Bump actions/checkout from 6.0.3 to 7.0.0
  • 32bae04 feat: add cache-targets input propagated to Swatinem/rust-cache
  • 46a9d26 Merge pull request #95 from actions-rust-lang/dependabot/github_actions/actio...
  • 54531a0 Bump actions/checkout from 6.0.2 to 6.0.3
  • dc354b3 Merge pull request #94 from actions-rust-lang/dependabot/github_actions/actio...
  • cbb9413 Bump actions/checkout from 6 to 6.0.2
  • See full diff in compare view

Updates golangci/golangci-lint-action from 9.2.1 to 9.3.0

Release notes

Sourced from golangci/golangci-lint-action's releases.

v9.3.0

What's Changed

Changes

Dependencies

Full Changelog: golangci/golangci-lint-action@v9.2.1...v9.3.0

Commits
  • ba0d7d2 chore: prepare release v9.3.0
  • efd0857 feat: add no-run-logs-group as experimental option (#1403)
  • ed485de build(deps): bump undici from 6.24.0 to 6.27.0
  • 8872e8d build(deps-dev): bump js-yaml from 4.1.1 to 4.2.0 (#1400)
  • b163415 build(deps): bump tmp from 0.2.6 to 0.2.7 (#1399)
  • e52a9f8 build(deps): bump github/codeql-action from 4.35.5 to 4.36.0 in the github-ac...
  • 8182aa3 build(deps): bump tmp from 0.2.5 to 0.2.6 (#1397)
  • 5403a41 build(deps): bump github/codeql-action from 4.35.4 to 4.35.5 in the github-ac...
  • See full diff in compare view

Updates dawidd6/action-download-artifact from 6 to 21

Release notes

Sourced from dawidd6/action-download-artifact's releases.

v21

What's Changed

New Contributors

Full Changelog: dawidd6/action-download-artifact@v20...v21

v20

What's Changed

Full Changelog: dawidd6/action-download-artifact@v19...v20

v19

What's Changed

Full Changelog: dawidd6/action-download-artifact@v18...v19

v18

What's Changed

Full Changelog: dawidd6/action-download-artifact@v17...v18

v17

What's Changed

... (truncated)

Commits
  • b6e2e70 node_modules: update (#405)
  • 1708cb3 Download artifacts in creation order (#398)
  • 00b585a build(deps): bump filesize from 11.0.16 to 11.0.17 (#404)
  • 0414c42 build(deps): bump @​actions/core from 3.0.0 to 3.0.1 (#401)
  • c802aad build(deps): bump @​actions/github from 9.1.0 to 9.1.1 (#400)
  • ef06691 build(deps): bump fast-xml-parser from 5.5.7 to 5.7.1 (#402)
  • 026702e build(deps): bump filesize from 11.0.15 to 11.0.16 (#399)
  • 09d0677 build(deps): bump @​actions/github from 9.0.0 to 9.1.0 (#396)
  • 8305c0f node_modules: update (#395)
  • 542af03 build(deps): bump lodash from 4.17.23 to 4.18.1 (#394)
  • Additional commits viewable in compare view

Updates goreleaser/goreleaser-action from 7.2.2 to 7.2.3

Release notes

Sourced from goreleaser/goreleaser-action's releases.

v7.2.3

What's Changed

Full Changelog: goreleaser/goreleaser-action@v7.2.2...v7.2.3

Commits
  • f06c13b chore: update dist
  • d393459 ci: fix job
  • ee731b1 chore: workflow dispatch
  • 55de448 chore(deps): bump js-yaml from 4.1.1 to 4.2.0
  • a4f614e ci: use a GitHub App token to rebuild dist on dependabot PRs (#569)
  • d2d17a6 ci: auto-rebuild dist on dependabot PRs (#568)
  • d13def3 build: regenerate dist after undici 6.27.0 bump (#567)
  • 21549b6 chore(deps): bump undici from 6.24.1 to 6.27.0 (#565)
  • 47c416d ci(deps): bump the actions group with 3 updates (#563)
  • See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the gha-dependencies group with 5 updates:

| Package | From | To |
| --- | --- | --- |
| [stefanzweifel/git-auto-commit-action](https://github.com/stefanzweifel/git-auto-commit-action) | `7.1.0` | `7.2.0` |
| [actions-rust-lang/setup-rust-toolchain](https://github.com/actions-rust-lang/setup-rust-toolchain) | `1.16.1` | `1.17.0` |
| [golangci/golangci-lint-action](https://github.com/golangci/golangci-lint-action) | `9.2.1` | `9.3.0` |
| [dawidd6/action-download-artifact](https://github.com/dawidd6/action-download-artifact) | `6` | `21` |
| [goreleaser/goreleaser-action](https://github.com/goreleaser/goreleaser-action) | `7.2.2` | `7.2.3` |


Updates `stefanzweifel/git-auto-commit-action` from 7.1.0 to 7.2.0
- [Release notes](https://github.com/stefanzweifel/git-auto-commit-action/releases)
- [Changelog](https://github.com/stefanzweifel/git-auto-commit-action/blob/master/CHANGELOG.md)
- [Commits](stefanzweifel/git-auto-commit-action@04702ed...4a55954)

Updates `actions-rust-lang/setup-rust-toolchain` from 1.16.1 to 1.17.0
- [Release notes](https://github.com/actions-rust-lang/setup-rust-toolchain/releases)
- [Changelog](https://github.com/actions-rust-lang/setup-rust-toolchain/blob/main/CHANGELOG.md)
- [Commits](actions-rust-lang/setup-rust-toolchain@46268bd...166cdcf)

Updates `golangci/golangci-lint-action` from 9.2.1 to 9.3.0
- [Release notes](https://github.com/golangci/golangci-lint-action/releases)
- [Commits](golangci/golangci-lint-action@82606bf...ba0d7d2)

Updates `dawidd6/action-download-artifact` from 6 to 21
- [Release notes](https://github.com/dawidd6/action-download-artifact/releases)
- [Commits](dawidd6/action-download-artifact@bf251b5...b6e2e70)

Updates `goreleaser/goreleaser-action` from 7.2.2 to 7.2.3
- [Release notes](https://github.com/goreleaser/goreleaser-action/releases)
- [Commits](goreleaser/goreleaser-action@5daf1e9...f06c13b)

---
updated-dependencies:
- dependency-name: stefanzweifel/git-auto-commit-action
  dependency-version: 7.2.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: gha-dependencies
- dependency-name: actions-rust-lang/setup-rust-toolchain
  dependency-version: 1.17.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: gha-dependencies
- dependency-name: golangci/golangci-lint-action
  dependency-version: 9.3.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: gha-dependencies
- dependency-name: dawidd6/action-download-artifact
  dependency-version: '21'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: gha-dependencies
- dependency-name: goreleaser/goreleaser-action
  dependency-version: 7.2.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: gha-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added the github_actions Pull requests that update GitHub Actions code label Jul 1, 2026
@dependabot dependabot Bot requested a review from a team as a code owner July 1, 2026 16:43
@dependabot dependabot Bot requested a review from anthony-gomez-fastly July 1, 2026 16:43
@dependabot dependabot Bot added the github_actions Pull requests that update GitHub Actions code label Jul 1, 2026
@github-actions github-actions Bot added the Skip-Changelog do not add a changelog entry for this change label Jul 1, 2026
@anthony-gomez-fastly anthony-gomez-fastly enabled auto-merge (squash) July 1, 2026 16:50
@anthony-gomez-fastly anthony-gomez-fastly merged commit c2a36d9 into main Jul 1, 2026
14 of 21 checks passed
@anthony-gomez-fastly anthony-gomez-fastly deleted the dependabot/github_actions/gha-dependencies-ddbf382b02 branch July 1, 2026 16:52
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

github_actions Pull requests that update GitHub Actions code Skip-Changelog do not add a changelog entry for this change

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant