Skip to content

build(deps): bump the ci group across 1 directory with 12 updates#1255

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/github_actions/ci-071c363293
Open

build(deps): bump the ci group across 1 directory with 12 updates#1255
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/github_actions/ci-071c363293

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 29, 2026

Copy link
Copy Markdown
Contributor

Bumps the ci group with 12 updates in the / directory:

Package From To
actions/checkout 6.0.2 7.0.0
fluxcd/gha-workflows/.github/workflows/backport.yaml 0.9.0 0.12.0
actions/setup-go 6.4.0 6.5.0
hashicorp/setup-terraform 4.0.0 4.0.1
aws-actions/configure-aws-credentials 6.1.0 6.2.1
docker/setup-qemu-action 4.0.0 4.2.0
docker/setup-buildx-action 4.0.0 4.2.0
docker/login-action 4.1.0 4.4.0
github/codeql-action/upload-sarif 4.35.3 4.36.3
github/codeql-action/init 4.35.3 4.36.3
github/codeql-action/autobuild 4.35.3 4.36.3
github/codeql-action/analyze 4.35.3 4.36.3

Updates actions/checkout from 6.0.2 to 7.0.0

Release notes

Sourced from actions/checkout's releases.

v7.0.0

What's Changed

New Contributors

Full Changelog: actions/checkout@v6.0.3...v7.0.0

v6.0.3

What's Changed

New Contributors

Full Changelog: actions/checkout@v6...v6.0.3

Changelog

Sourced from actions/checkout's changelog.

Changelog

v7.0.0

v6.0.3

v6.0.2

v6.0.1

v6.0.0

v5.0.1

v5.0.0

v4.3.1

v4.3.0

v4.2.2

v4.2.1

... (truncated)

Commits

Updates fluxcd/gha-workflows/.github/workflows/backport.yaml from 0.9.0 to 0.12.0

Release notes

Sourced from fluxcd/gha-workflows/.github/workflows/backport.yaml's releases.

v0.12.0

What's Changed

New Contributors

Full Changelog: fluxcd/gha-workflows@v0.11.0...v0.12.0

v0.11.0

What's Changed

Full Changelog: fluxcd/gha-workflows@v0.10.0...v0.11.0

v0.10.0

What's Changed

Full Changelog: fluxcd/gha-workflows@v0.9.0...v0.10.0

Commits
  • 5865e5d Merge pull request #56 from fluxcd/dependabot/github_actions/actions-978047b7ac
  • b10eba0 Bump the actions group across 2 directories with 3 updates
  • 53908fb Merge pull request #57 from fluxcd/kind-config-passthrough
  • 9f7696b setup-kubernetes: add skip-checkout and skip-tools inputs
  • 07bdd72 setup-kubernetes: add cluster-name and kind-config inputs
  • 526a0ab Merge pull request #53 from fluxcd/kind-v0.32.0
  • 53d83eb Update kind to v0.32.0 in setup-kubernetes
  • da11e8e Merge pull request #52 from fluxcd/dependabot/github_actions/actions-a9b12d6d21
  • aa253a8 Bump the actions group across 2 directories with 8 updates
  • 5fd6a0c Merge pull request #49 from fluxcd/cli-plugin
  • Additional commits viewable in compare view

Updates actions/setup-go from 6.4.0 to 6.5.0

Release notes

Sourced from actions/setup-go's releases.

v6.5.0

What's Changed

Dependency update

New Contributors

Full Changelog: actions/setup-go@v6...v6.5.0

Commits

Updates hashicorp/setup-terraform from 4.0.0 to 4.0.1

Release notes

Sourced from hashicorp/setup-terraform's releases.

v4.0.1

BUG FIXES:

  • Fix Node 24 DEP0169 url.parse() deprecation warning by updating @​hashicorp/js-releases to v1.7.7 (#549)
Changelog

Sourced from hashicorp/setup-terraform's changelog.

4.0.1 (2026-05-12)

BUG FIXES:

  • Fix Node 24 DEP0169 url.parse() deprecation warning by updating @​hashicorp/js-releases to v1.7.7 (#549)

4.0.0 (2026-02-24)

BREAKING CHANGES:

  • Upgrade to Node.js 24 - setup-terraform now requires Node.js 24 (#503)

3.1.2 (2024-08-19)

NOTES:

  • This release introduces no functional changes. It does however include dependency updates which address upstream CVEs. (#430)

3.1.1 (2024-05-07)

BUG FIXES:

  • wrapper: Fix wrapper to output to stdout and stderr immediately when data is received (#395)

3.1.0 (2024-04-23)

ENHANCEMENTS:

  • Automatically fallback to darwin/amd64 for Terraform versions before 1.0.2 as releases for darwin/arm64 are not available (#409)

3.0.0 (2023-10-30)

NOTES:

  • Updated default runtime to node20 (#346)
  • The wrapper around the installed Terraform binary has been fixed to return the exact STDOUT and STDERR from Terraform when executing commands. Previous versions of setup-terraform may have required workarounds to process the STDOUT in bash, such as filtering out the first line or selectively parsing STDOUT with jq. These workarounds may need to be adjusted with v3.0.0, which will now return just the STDOUT/STDERR from Terraform with no errant characters/statements. (#367)

BUG FIXES:

  • Fixed malformed stdout when wrapper is enabled (#367)

[2.0.3] (2022-11-01)

NOTES

  • Reduced occurrences of GitHub Actions warnings for setting output #247

[2.0.2] (2022-10-12)

BUG FIXES

... (truncated)

Commits
  • dfe3c3f Update package version
  • 61e02cf Update changelog
  • 36079f9 fix: update @​hashicorp/js-releases to v1.7.7 to resolve Node 24 DEP0169 warni...
  • af2ccf2 update axios brace expansion flatted picomatch (#551)
  • 5b1ab0e Bump follow-redirects from 1.15.11 to 1.16.0 (#542)
  • ca190bf Bump miniscruff/changie-action in the github-actions group (#541)
  • 30128a2 chore: update CI node version from 20 to 24 (#544)
  • b0cc02d Bump undici from 6.23.0 to 6.24.1 (#539)
  • 3d7cd03 Update README.md with latest versions (#536)
  • fa68287 Bump actions/setup-node from 6.2.0 to 6.3.0 in the github-actions group (#537)
  • Additional commits viewable in compare view

Updates aws-actions/configure-aws-credentials from 6.1.0 to 6.2.1

Release notes

Sourced from aws-actions/configure-aws-credentials's releases.

v6.2.1

6.2.1 (2026-06-26)

Bug Fixes

  • enforce allowed-account-ids on all auth paths (#1847) (4d281fb)

v6.2.0

6.2.0 (2026-06-01)

Features

Bug Fixes

  • skip credential check on output-env-credentials: false (#1778) (58e7c47)
  • assumeRole failing from session tag size too large (#1808) (d6f5dc3)

v6.1.3

6.1.3 (2026-05-27)

Bug Fixes

v6.1.2

6.1.2 (2026-05-26)

Bug Fixes

v6.1.1

What's Changed

... (truncated)

Changelog

Sourced from aws-actions/configure-aws-credentials's changelog.

Changelog

All notable changes to this project will be documented in this file. See standard-version for commit guidelines.

6.2.1 (2026-06-26)

Bug Fixes

  • enforce allowed-account-ids on all auth paths (#1847) (4d281fb)

6.2.0 (2026-06-01)

Features

Bug Fixes

  • skip credential check on output-env-credentials: false (#1778) (58e7c47)
  • assumeRole failing from session tag size too large (#1808) (d6f5dc3)

6.1.3 (2026-05-28)

Bug Fixes

  • fix: allow kubelet token symlink in #1805

6.1.2 (2026-05-26)

Bug Fixes

6.1.1 (2026-05-05)

Miscellaneous Chores

  • various dependency updates

6.1.0 (2026-04-06)

Features

... (truncated)

Commits
  • 254c19b chore(main): release 6.2.1 (#1849)
  • a20cf82 chore: Update dist
  • 4d281fb fix: enforce allowed-account-ids on all auth paths (#1847)
  • e004cdc chore(deps-dev): bump @​smithy/property-provider from 4.4.0 to 4.4.2 (#1845)
  • 88aa369 chore: Update dist
  • 687331b chore(deps): bump @​aws-sdk/client-sts from 3.1069.0 to 3.1075.0 (#1841)
  • ea607be chore: Update dist
  • 6d13606 chore(deps): bump @​smithy/node-http-handler from 4.8.0 to 4.8.2 (#1842)
  • 71a32ae chore: Update dist
  • b290f2c chore(deps-dev): bump @​aws-sdk/credential-provider-env (#1844)
  • Additional commits viewable in compare view

Updates docker/setup-qemu-action from 4.0.0 to 4.2.0

Release notes

Sourced from docker/setup-qemu-action's releases.

v4.2.0

Full Changelog: docker/setup-qemu-action@v4.1.0...v4.2.0

v4.1.0

Full Changelog: docker/setup-qemu-action@v4.0.0...v4.1.0

Commits
  • 96fe6ef Merge pull request #315 from docker/dependabot/npm_and_yarn/docker/actions-to...
  • 31f08d3 [dependabot skip] chore: update generated content
  • 4e7017a build(deps): bump @​docker/actions-toolkit from 0.91.0 to 0.92.0
  • 0eca235 Merge pull request #314 from crazy-max/fix-yarn-preapprove-actions-toolkit
  • ea66a41 chore: allow actions-toolkit to bypass yarn age gate
  • 451542b Merge pull request #308 from docker/dependabot/npm_and_yarn/undici-6.27.0
  • 532ae00 [dependabot skip] chore: update generated content
  • b6f5af6 build(deps): bump undici from 6.26.0 to 6.27.0
  • cf96b86 Merge pull request #304 from docker/dependabot/npm_and_yarn/tmp-0.2.7
  • f0ba643 [dependabot skip] chore: update generated content
  • Additional commits viewable in compare view

Updates docker/setup-buildx-action from 4.0.0 to 4.2.0

Release notes

Sourced from docker/setup-buildx-action's releases.

v4.2.0

Full Changelog: docker/setup-buildx-action@v4.1.0...v4.2.0

v4.1.0

Full Changelog: docker/setup-buildx-action@v4.0.0...v4.1.0

Commits
  • bb05f3f Merge pull request #580 from docker/dependabot/npm_and_yarn/docker/actions-to...
  • 321c814 [dependabot skip] chore: update generated content
  • b9a36ef build(deps): bump @​docker/actions-toolkit from 0.91.0 to 0.92.0
  • ebeab24 Merge pull request #570 from docker/dependabot/npm_and_yarn/undici-6.27.0
  • 5c7b8ae [dependabot skip] chore: update generated content
  • 037e618 build(deps): bump undici from 6.25.0 to 6.27.0
  • 66080e5 Merge pull request #577 from docker/dependabot/npm_and_yarn/sigstore-4.1.1
  • 409aef0 Merge pull request #562 from docker/dependabot/npm_and_yarn/js-yaml-4.2.0
  • 49c6e42 build(deps): bump sigstore from 4.1.0 to 4.1.1
  • 2211273 [dependabot skip] chore: update generated content
  • Additional commits viewable in compare view

Updates docker/login-action from 4.1.0 to 4.4.0

Release notes

Sourced from docker/login-action's releases.

v4.4.0

Full Changelog: docker/login-action@v4.3.0...v4.4.0

v4.3.0

Full Changelog: docker/login-action@v4.2.0...v4.3.0

v4.2.0

Full Changelog: docker/login-action@v4.1.0...v4.2.0

Commits
  • af1e73f Merge pull request #1034 from docker/dependabot/npm_and_yarn/aws-sdk-dependen...
  • da722bd [dependabot skip] chore: update generated content
  • 2916ad6 build(deps): bump the aws-sdk-dependencies group across 1 directory with 2 up...
  • ca0a662 Merge pull request #1035 from crazy-max/fix-registry-auth-empty-mask
  • c455755 chore: update generated content
  • 4835190 skip empty registry-auth secret mask
  • 992421c Merge pull request #1033 from docker/dependabot/github_actions/docker/bake-ac...
  • b249b43 Merge pull request #1032 from docker/dependabot/github_actions/docker/bake-ac...
  • 1b67977 build(deps): bump docker/bake-action from 7.2.0 to 7.3.0
  • 9d49d6a build(deps): bump docker/bake-action/subaction/matrix
  • Additional commits viewable in compare view

Updates github/codeql-action/upload-sarif from 4.35.3 to 4.36.3

Release notes

Sourced from github/codeql-action/upload-sarif's releases.

<...

Description has been truncated

@dependabot dependabot Bot added area/ci CI related issues and pull requests dependencies Pull requests that update a dependency labels Jun 29, 2026
@dependabot dependabot Bot requested a review from a team as a code owner June 29, 2026 20:45
@dependabot dependabot Bot added dependencies Pull requests that update a dependency area/ci CI related issues and pull requests labels Jun 29, 2026
Bumps the ci group with 12 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [actions/checkout](https://github.com/actions/checkout) | `6.0.2` | `7.0.0` |
| [fluxcd/gha-workflows/.github/workflows/backport.yaml](https://github.com/fluxcd/gha-workflows) | `0.9.0` | `0.12.0` |
| [actions/setup-go](https://github.com/actions/setup-go) | `6.4.0` | `6.5.0` |
| [hashicorp/setup-terraform](https://github.com/hashicorp/setup-terraform) | `4.0.0` | `4.0.1` |
| [aws-actions/configure-aws-credentials](https://github.com/aws-actions/configure-aws-credentials) | `6.1.0` | `6.2.1` |
| [docker/setup-qemu-action](https://github.com/docker/setup-qemu-action) | `4.0.0` | `4.2.0` |
| [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) | `4.0.0` | `4.2.0` |
| [docker/login-action](https://github.com/docker/login-action) | `4.1.0` | `4.4.0` |
| [github/codeql-action/upload-sarif](https://github.com/github/codeql-action) | `4.35.3` | `4.36.3` |
| [github/codeql-action/init](https://github.com/github/codeql-action) | `4.35.3` | `4.36.3` |
| [github/codeql-action/autobuild](https://github.com/github/codeql-action) | `4.35.3` | `4.36.3` |
| [github/codeql-action/analyze](https://github.com/github/codeql-action) | `4.35.3` | `4.36.3` |



Updates `actions/checkout` from 6.0.2 to 7.0.0
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](actions/checkout@de0fac2...9c091bb)

Updates `fluxcd/gha-workflows/.github/workflows/backport.yaml` from 0.9.0 to 0.12.0
- [Release notes](https://github.com/fluxcd/gha-workflows/releases)
- [Commits](fluxcd/gha-workflows@v0.9.0...v0.12.0)

Updates `actions/setup-go` from 6.4.0 to 6.5.0
- [Release notes](https://github.com/actions/setup-go/releases)
- [Commits](actions/setup-go@4a36011...924ae3a)

Updates `hashicorp/setup-terraform` from 4.0.0 to 4.0.1
- [Release notes](https://github.com/hashicorp/setup-terraform/releases)
- [Changelog](https://github.com/hashicorp/setup-terraform/blob/main/CHANGELOG.md)
- [Commits](hashicorp/setup-terraform@5e8dbf3...dfe3c3f)

Updates `aws-actions/configure-aws-credentials` from 6.1.0 to 6.2.1
- [Release notes](https://github.com/aws-actions/configure-aws-credentials/releases)
- [Changelog](https://github.com/aws-actions/configure-aws-credentials/blob/main/CHANGELOG.md)
- [Commits](aws-actions/configure-aws-credentials@ec61189...254c19b)

Updates `docker/setup-qemu-action` from 4.0.0 to 4.2.0
- [Release notes](https://github.com/docker/setup-qemu-action/releases)
- [Commits](docker/setup-qemu-action@ce36039...96fe6ef)

Updates `docker/setup-buildx-action` from 4.0.0 to 4.2.0
- [Release notes](https://github.com/docker/setup-buildx-action/releases)
- [Commits](docker/setup-buildx-action@4d04d5d...bb05f3f)

Updates `docker/login-action` from 4.1.0 to 4.4.0
- [Release notes](https://github.com/docker/login-action/releases)
- [Commits](docker/login-action@4907a6d...af1e73f)

Updates `github/codeql-action/upload-sarif` from 4.35.3 to 4.36.3
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](github/codeql-action@e46ed2c...54f647b)

Updates `github/codeql-action/init` from 4.35.3 to 4.36.3
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](github/codeql-action@e46ed2c...54f647b)

Updates `github/codeql-action/autobuild` from 4.35.3 to 4.36.3
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](github/codeql-action@e46ed2c...54f647b)

Updates `github/codeql-action/analyze` from 4.35.3 to 4.36.3
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](github/codeql-action@e46ed2c...54f647b)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-version: 7.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: ci
- dependency-name: actions/setup-go
  dependency-version: 6.5.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: ci
- dependency-name: aws-actions/configure-aws-credentials
  dependency-version: 6.2.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: ci
- dependency-name: docker/login-action
  dependency-version: 4.2.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: ci
- dependency-name: docker/setup-buildx-action
  dependency-version: 4.1.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: ci
- dependency-name: docker/setup-qemu-action
  dependency-version: 4.1.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: ci
- dependency-name: fluxcd/gha-workflows/.github/workflows/backport.yaml
  dependency-version: 0.12.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: ci
- dependency-name: github/codeql-action/analyze
  dependency-version: 4.36.2
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: ci
- dependency-name: github/codeql-action/autobuild
  dependency-version: 4.36.2
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: ci
- dependency-name: github/codeql-action/init
  dependency-version: 4.36.2
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: ci
- dependency-name: github/codeql-action/upload-sarif
  dependency-version: 4.36.2
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: ci
- dependency-name: hashicorp/setup-terraform
  dependency-version: 4.0.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: ci
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/github_actions/ci-071c363293 branch from 3e2edd1 to 3b2598c Compare July 6, 2026 20:45
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

area/ci CI related issues and pull requests dependencies Pull requests that update a dependency

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants