Skip to content

Bump the actions group with 6 updates #86

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
PDowney merged 1 commit into from
Sep 22, 2025
Merged

Bump the actions group with 6 updates #86

PDowney merged 1 commit into from
Sep 22, 2025

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Sep 16, 2025
edited
Loading

⚠️ Dependabot is rebasing this PR ⚠️

Rebasing might not happen immediately, so don't worry if this takes some time.

Note: if you make any changes to this PR yourself, they will take precedence over the rebase.

⚠️ Dependabot is rebasing this PR ⚠️

Rebasing might not happen immediately, so don't worry if this takes some time.

Note: if you make any changes to this PR yourself, they will take precedence over the rebase.

Bumps the actions group with 6 updates:

Package From To
actions/checkout 4 5
actions/setup-node 4 5
tj-actions/changed-files 46 47
actions/github-script 7 8
actions/labeler 5 6
actions/stale 9 10

Updates actions/checkout from 4 to 5

Release notes

Sourced from actions/checkout's releases.

v5.0.0

What's Changed

⚠️ Minimum Compatible Runner Version

v2.327.1
Release Notes

Make sure your runner is updated to this version or newer to use this release.

Full Changelog: actions/checkout@v4...v5.0.0

v4.3.0

What's Changed

New Contributors

Full Changelog: actions/checkout@v4...v4.3.0

v4.2.2

What's Changed

Full Changelog: actions/checkout@v4.2.1...v4.2.2

v4.2.1

What's Changed

New Contributors

Full Changelog: actions/checkout@v4.2.0...v4.2.1

... (truncated)

Changelog

Sourced from actions/checkout's changelog.

Changelog

V5.0.0

V4.3.0

v4.2.2

v4.2.1

v4.2.0

v4.1.7

v4.1.6

v4.1.5

v4.1.4

v4.1.3

... (truncated)

Commits

Updates actions/setup-node from 4 to 5

Release notes

Sourced from actions/setup-node's releases.

v5.0.0

What's Changed

Breaking Changes

This update, introduces automatic caching when a valid packageManager field is present in your package.json. This aims to improve workflow performance and make dependency management more seamless. To disable this automatic caching, set package-manager-cache: false

steps:
- uses: actions/checkout@v5
- uses: actions/setup-node@v5
  with:
    package-manager-cache: false

Make sure your runner is on version v2.327.1 or later to ensure compatibility with this release. See Release Notes

Dependency Upgrades

New Contributors

Full Changelog: actions/setup-node@v4...v5.0.0

v4.4.0

What's Changed

Bug fixes:

Enhancement:

Dependency update:

New Contributors

Full Changelogactions/setup-node@v4...v4.4.0

... (truncated)

Commits

Updates tj-actions/changed-files from 46 to 47

Release notes

Sourced from tj-actions/changed-files's releases.

v47

Changes in v47.0.0

What's Changed

... (truncated)

Changelog

Sourced from tj-actions/changed-files's changelog.

Changelog

47.0.0 - (2025-09-13)

🚀 Features

➖ Remove

  • Commit and push step from build job (#2538) (be393a9) - (Tonye Jack)

🔄 Update

  • Updated README.md (#2592)

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@​users.noreply.github.com> (3dbc1e1) - (github-actions[bot])

  • Updated README.md (#2591)

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@​users.noreply.github.com> (b1ccff8) - (github-actions[bot])

  • Updated README.md (#2574)

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@​users.noreply.github.com> (050a3d3) - (github-actions[bot])

📚 Documentation

  • Update link to glob patterns (#2590) (a892f50) - (Tonye Jack)
  • Add Jellyfrog as a contributor for code, and doc (#2573) (f000a9b) - (allcontributors[bot])

🧪 Testing

  • Manual triggered workflows (#2637) (c2ca249) - (Tonye Jack)

⚙️ Miscellaneous Tasks

  • deps-dev: Bump jest from 30.0.5 to 30.1.3 (#2655) (9a67555) - (dependabot[bot])
  • deps: Bump tj-actions/git-cliff from 2.1.0 to 2.2.0 (#2660) (b67e30d) - (dependabot[bot])
  • deps: Bump github/codeql-action from 3.30.2 to 3.30.3 (#2661) (62aef42) - (dependabot[bot])
  • deps: Bump github/codeql-action from 3.29.11 to 3.30.2 (#2659) (e874f3c) - (dependabot[bot])
  • deps: Bump actions/setup-node from 4.4.0 to 5.0.0 (#2656) (8c14441) - (dependabot[bot])
  • deps-dev: Bump @​types/node from 24.3.0 to 24.3.1 (#2657) (e995ac4) - (dependabot[bot])
  • deps-dev: Bump @​types/node from 24.2.1 to 24.3.0 (#2649) (3b04099) - (dependabot[bot])
  • deps: Bump github/codeql-action from 3.29.9 to 3.29.11 (#2651) (e7b6c97) - (dependabot[bot])
  • deps: Bump tj-actions/git-cliff from 2.0.2 to 2.1.0 (#2648) (765d62b) - (dependabot[bot])
  • deps: Bump github/codeql-action from 3.29.8 to 3.29.9 (#2647) (2036da1) - (dependabot[bot])
  • deps: Bump github/codeql-action from 3.29.7 to 3.29.8 (#2644) (239aef8) - (dependabot[bot])
  • deps-dev: Bump @​types/node from 24.2.0 to 24.2.1 (#2645) (a7d5f5f) - (dependabot[bot])
  • deps: Bump actions/checkout from 4.2.2 to 5.0.0 (#2646) (5107f3a) - (dependabot[bot])
  • deps-dev: Bump @​types/node from 24.1.0 to 24.2.0 (#2640) (f963b3f) - (dependabot[bot])
  • deps: Bump actions/download-artifact from 4.3.0 to 5.0.0 (#2641) (f956744) - (dependabot[bot])

... (truncated)

Commits
  • 24d32ff upgrade: to node24 (#2662)
  • 9a67555 chore(deps-dev): bump jest from 30.0.5 to 30.1.3 (#2655)
  • b67e30d chore(deps): bump tj-actions/git-cliff from 2.1.0 to 2.2.0 (#2660)
  • 62aef42 chore(deps): bump github/codeql-action from 3.30.2 to 3.30.3 (#2661)
  • e874f3c chore(deps): bump github/codeql-action from 3.29.11 to 3.30.2 (#2659)
  • 8c14441 chore(deps): bump actions/setup-node from 4.4.0 to 5.0.0 (#2656)
  • e995ac4 chore(deps-dev): bump @​types/node from 24.3.0 to 24.3.1 (#2657)
  • 3b04099 chore(deps-dev): bump @​types/node from 24.2.1 to 24.3.0 (#2649)
  • e7b6c97 chore(deps): bump github/codeql-action from 3.29.9 to 3.29.11 (#2651)
  • 765d62b chore(deps): bump tj-actions/git-cliff from 2.0.2 to 2.1.0 (#2648)
  • Additional commits viewable in compare view

Updates actions/github-script from 7 to 8

Release notes

Sourced from actions/github-script's releases.

v8.0.0

What's Changed

⚠️ Minimum Compatible Runner Version

v2.327.1
Release Notes

Make sure your runner is updated to this version or newer to use this release.

New Contributors

Full Changelog: actions/github-script@v7.1.0...v8.0.0

v7.1.0

What's Changed

New Contributors

Full Changelog: actions/github-script@v7...v7.1.0

... (truncated)

Commits

Updates actions/labeler from 5 to 6

Release notes

Sourced from actions/labeler's releases.

v6.0.0

What's Changed

Breaking Changes

Dependency Upgrades

Documentation changes

New Contributors

... (truncated)

Commits

Updates actions/stale from 9 to 10

Release notes

Sourced from actions/stale's releases.

v10.0.0

What's Changed

Breaking Changes

@dependabot
Bump the actions group with 6 updates
f1a1fb6 
Bumps the actions group with 6 updates:

| Package | From | To |
| --- | --- | --- |
| [actions/checkout](https://github.com/actions/checkout) | `4` | `5` |
| [actions/setup-node](https://github.com/actions/setup-node) | `4` | `5` |
| [tj-actions/changed-files](https://github.com/tj-actions/changed-files) | `46` | `47` |
| [actions/github-script](https://github.com/actions/github-script) | `7` | `8` |
| [actions/labeler](https://github.com/actions/labeler) | `5` | `6` |
| [actions/stale](https://github.com/actions/stale) | `9` | `10` |


Updates `actions/checkout` from 4 to 5
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](actions/checkout@v4...v5)

Updates `actions/setup-node` from 4 to 5
- [Release notes](https://github.com/actions/setup-node/releases)
- [Commits](actions/setup-node@v4...v5)

Updates `tj-actions/changed-files` from 46 to 47
- [Release notes](https://github.com/tj-actions/changed-files/releases)
- [Changelog](https://github.com/tj-actions/changed-files/blob/main/HISTORY.md)
- [Commits](tj-actions/changed-files@v46...v47)

Updates `actions/github-script` from 7 to 8
- [Release notes](https://github.com/actions/github-script/releases)
- [Commits](actions/github-script@v7...v8)

Updates `actions/labeler` from 5 to 6
- [Release notes](https://github.com/actions/labeler/releases)
- [Commits](actions/labeler@v5...v6)

Updates `actions/stale` from 9 to 10
- [Release notes](https://github.com/actions/stale/releases)
- [Changelog](https://github.com/actions/stale/blob/main/CHANGELOG.md)
- [Commits](actions/stale@v9...v10)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-version: '5'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: actions
- dependency-name: actions/setup-node
  dependency-version: '5'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: actions
- dependency-name: tj-actions/changed-files
  dependency-version: '47'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: actions
- dependency-name: actions/github-script
  dependency-version: '8'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: actions
- dependency-name: actions/labeler
  dependency-version: '6'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: actions
- dependency-name: actions/stale
  dependency-version: '10'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: actions
...

Signed-off-by: dependabot[bot] <support@github.com>
@github-actions
Copy link

github-actions bot commented Sep 16, 2025

Thanks for contributing to Simple WP Optimizer! 🎉

Before we review:

  • Have you tested your changes with WordPress 6.5+?
  • Are your changes compatible with PHP 7.4+?
  • Have you followed WordPress coding standards?
  • Did you update the CHANGELOG.md if needed?

Security Reminder:
This plugin can handle sensitive site configuration information, so please ensure:

  • All user inputs are properly sanitized
  • All outputs are properly escaped
  • No security vulnerabilities are introduced

We'll review your PR soon! 🚀

@github-actions
Copy link

github-actions bot commented Sep 16, 2025

🤖 AI-Powered Security & Code Review

Hi @dependabot[bot]! I've completed an analysis of this pull request.

📊 Review Summary

  • Project: WordPress Plugin
  • Commit: f1a1fb6
  • WordPress Compatibility: 6.5+
  • PHP Compatibility: 7.4+
  • Analysis Status: ✅ Completed

🤖 AI Analysis Status

The automated AI analysis encountered an issue during execution. This may be due to:

  • Temporary API limitations
  • Large diff size
  • Network connectivity issues

Manual Review Recommended

Please conduct a manual code review focusing on:

  • WordPress security best practices
  • Coding standards compliance
  • Performance considerations
  • Plugin-specific requirements

The PR can still be reviewed and merged based on manual inspection.

📋 Review Checklist for Maintainers

  • Security vulnerabilities addressed
  • WordPress coding standards followed
  • Performance impact considered
  • Documentation updated if needed
  • Tests pass (if applicable)

🔄 Note: This analysis was performed securely without executing untrusted code.

🎯 Focus Areas: Security, WordPress Standards, Performance, Code Quality

@PDowney PDowney merged commit 18a8bd5 into main Sep 22, 2025
48 checks passed
@dependabot dependabot bot deleted the dependabot/github_actions/actions-4024c31581 branch September 22, 2025 22:28
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

automated automation dependencies maintenance security

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@PDowney