Skip to content

ci: bump the github-actions group across 1 directory with 7 updates#176

Closed
dependabot[bot] wants to merge 1 commit into
integrationfrom
dependabot/github_actions/integration/github-actions-1a4389fe30
Closed

ci: bump the github-actions group across 1 directory with 7 updates#176
dependabot[bot] wants to merge 1 commit into
integrationfrom
dependabot/github_actions/integration/github-actions-1a4389fe30

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github Feb 23, 2026
edited
Loading

Bumps the github-actions group with 7 updates in the / directory:

Package From To
actions/checkout 4 6
actions/github-script 7 8
actions/create-github-app-token 1 2
actions/attest-build-provenance 2 3
helm/chart-testing-action 2.7.0 2.8.0
helm/kind-action 1.13.0 1.14.0
peter-evans/create-or-update-comment 4 5

Updates actions/checkout from 4 to 6

Release notes

Sourced from actions/checkout's releases.

v6.0.0

What's Changed

Full Changelog: actions/checkout@v5.0.0...v6.0.0

v6-beta

What's Changed

Updated persist-credentials to store the credentials under $RUNNER_TEMP instead of directly in the local git config.

This requires a minimum Actions Runner version of v2.329.0 to access the persisted credentials for Docker container action scenarios.

v5.0.1

What's Changed

Full Changelog: actions/checkout@v5...v5.0.1

v5.0.0

What's Changed

⚠️ Minimum Compatible Runner Version

v2.327.1
Release Notes

Make sure your runner is updated to this version or newer to use this release.

Full Changelog: actions/checkout@v4...v5.0.0

v4.3.1

What's Changed

Full Changelog: actions/checkout@v4...v4.3.1

v4.3.0

What's Changed

... (truncated)

Changelog

Sourced from actions/checkout's changelog.

Changelog

v6.0.2

v6.0.1

v6.0.0

v5.0.1

v5.0.0

v4.3.1

v4.3.0

v4.2.2

v4.2.1

v4.2.0

v4.1.7

v4.1.6

... (truncated)

Commits

Updates actions/github-script from 7 to 8

Release notes

Sourced from actions/github-script's releases.

v8.0.0

What's Changed

⚠️ Minimum Compatible Runner Version

v2.327.1
Release Notes

Make sure your runner is updated to this version or newer to use this release.

New Contributors

Full Changelog: actions/github-script@v7.1.0...v8.0.0

v7.1.0

What's Changed

New Contributors

Full Changelog: actions/github-script@v7...v7.1.0

... (truncated)

Commits

Updates actions/create-github-app-token from 1 to 2

Release notes

Sourced from actions/create-github-app-token's releases.

v2.0.0

2.0.0 (2025-04-03)

BREAKING CHANGES

  • Removed deprecated inputs (app_id, private_key, skip_token_revoke) and made app-id and private-key required in the action configuration.

v1.12.0

1.12.0 (2025-03-27)

Features

v1.11.7

1.11.7 (2025-03-20)

Bug Fixes

  • deps: bump undici from 5.28.4 to 7.5.0 (#214) (a24b46a)

v1.11.6

1.11.6 (2025-03-03)

Bug Fixes

  • deps: bump the production-dependencies group with 2 updates (#210) (1ff1dea)

v1.11.5

1.11.5 (2025-02-15)

Bug Fixes

... (truncated)

Commits
  • 29824e6 build(release): 2.2.1 [skip ci]
  • b212e6a fix(deps): bump the production-dependencies group with 2 updates (#311)
  • 8efbf9b ci: create stale workflow (#309)
  • 7e473ef build(release): 2.2.0 [skip ci]
  • dce3be8 fix(deps): bump p-retry from 6.2.1 to 7.1.0 (#294)
  • 5480f43 fix(deps): bump glob from 10.4.5 to 10.5.0 (#305)
  • d90aa53 feat: update permission inputs (#296)
  • 55e2a4b fix(deps): bump the production-dependencies group with 2 updates (#292)
  • cc6f999 ci(test): trigger on merge_group (#308)
  • 40fa6b5 build(deps-dev): bump @​sinonjs/fake-timers from 14.0.0 to 15.0.0 (#295)
  • Additional commits viewable in compare view

Updates actions/attest-build-provenance from 2 to 3

Release notes

Sourced from actions/attest-build-provenance's releases.

v3.0.0

What's Changed

⚠️ Minimum Compatible Runner Version

v2.327.1 Release Notes

Make sure your runner is updated to this version or newer to use this release.

Full Changelog: actions/attest-build-provenance@v2.4.0...v3.0.0

v2.4.0

What's Changed

Full Changelog: actions/attest-build-provenance@v2.3.0...v2.4.0

v2.3.0

What's Changed

Full Changelog: actions/attest-build-provenance@v2.2.3...v2.3.0

v2.2.3

What's Changed

Full Changelog: actions/attest-build-provenance@v2.2.2...v2.2.3

v2.2.2

What's Changed

Full Changelog: actions/attest-build-provenance@v2.2.1...v2.2.2

v2.2.1

... (truncated)

Commits

Updates helm/chart-testing-action from 2.7.0 to 2.8.0

Release notes

Sourced from helm/chart-testing-action's releases.

v2.8.0

What's Changed

New Contributors

Full Changelog: helm/chart-testing-action@v2...v2.8.0

Commits
  • 6ec842c Bump sigstore/cosign-installer from 3.8.1 to 4.0.0 (#184)
  • 4ea74f6 Use uv instead of python venv (#172)
  • b0c0606 Bump the actions group across 1 directory with 2 updates (#183)
  • 0bfa5c0 Bump actions/setup-python from 5.4.0 to 6.0.0 (#179)
  • e27de75 Bump actions/checkout from 4.2.2 to 5.0.0 (#181)
  • 2fe8321 bump ct and yamale version (#178)
  • 0941a6b Fix the broken link for GitHub Help Documentation (#174)
  • c71c0c7 Bump the actions group across 1 directory with 4 updates (#171)
  • See full diff in compare view

Updates helm/kind-action from 1.13.0 to 1.14.0

Release notes

Sourced from helm/kind-action's releases.

v1.14.0

What's Changed

New Contributors

Full Changelog: helm/kind-action@v1...v1.14.0

Commits

Updates peter-evans/create-or-update-comment from 4 to 5

Release notes

Sourced from peter-evans/create-or-update-comment's releases.

Create or Update Comment v5.0.0

⚙️ Requires Actions Runner v2.327.1 or later if you are using a self-hosted runner for Node 24 support.

What's Changed

... (truncated)

Commits
  • e8674b0 feat: v5 (#439)
  • fffe59e build(deps-dev): bump @​types/node from 18.19.127 to 18.19.129 (#438)
  • 076d572 build(deps-dev): bump @​types/node from 18.19.126 to 18.19.127 (#437)
  • 86a2645 build(deps-dev): bump @​vercel/ncc from 0.38.3 to 0.38.4 (#436)
  • be17e0c build(deps-dev): bump @​types/node from 18.19.124 to 18.19.126 (#435)
  • ef75eae build(deps-dev): bump @​types/node from 18.19.123 to 18.19.124 (#433)
  • 82a7ad0 build(deps): bump actions/setup-node from 4 to 5 (#432)
  • f7c845d build(deps-dev): bump @​types/node from 18.19.122 to 18.19.123 (#430)
  • 5da8e07 build(deps-dev): bump eslint-plugin-prettier from 5.5.3 to 5.5.4 (#428)
  • 2de7f66 build(deps-dev): bump @​types/node from 18.19.121 to 18.19.122 (#427)
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
ci: bump the github-actions group across 1 directory with 7 updates
c392644 
Bumps the github-actions group with 7 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [actions/checkout](https://github.com/actions/checkout) | `4` | `6` |
| [actions/github-script](https://github.com/actions/github-script) | `7` | `8` |
| [actions/create-github-app-token](https://github.com/actions/create-github-app-token) | `1` | `2` |
| [actions/attest-build-provenance](https://github.com/actions/attest-build-provenance) | `2` | `3` |
| [helm/chart-testing-action](https://github.com/helm/chart-testing-action) | `2.7.0` | `2.8.0` |
| [helm/kind-action](https://github.com/helm/kind-action) | `1.13.0` | `1.14.0` |
| [peter-evans/create-or-update-comment](https://github.com/peter-evans/create-or-update-comment) | `4` | `5` |



Updates `actions/checkout` from 4 to 6
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](actions/checkout@v4...v6)

Updates `actions/github-script` from 7 to 8
- [Release notes](https://github.com/actions/github-script/releases)
- [Commits](actions/github-script@v7...v8)

Updates `actions/create-github-app-token` from 1 to 2
- [Release notes](https://github.com/actions/create-github-app-token/releases)
- [Commits](actions/create-github-app-token@v1...v2)

Updates `actions/attest-build-provenance` from 2 to 3
- [Release notes](https://github.com/actions/attest-build-provenance/releases)
- [Changelog](https://github.com/actions/attest-build-provenance/blob/main/RELEASE.md)
- [Commits](actions/attest-build-provenance@v2...v3)

Updates `helm/chart-testing-action` from 2.7.0 to 2.8.0
- [Release notes](https://github.com/helm/chart-testing-action/releases)
- [Commits](helm/chart-testing-action@v2.7.0...v2.8.0)

Updates `helm/kind-action` from 1.13.0 to 1.14.0
- [Release notes](https://github.com/helm/kind-action/releases)
- [Commits](helm/kind-action@v1.13.0...v1.14.0)

Updates `peter-evans/create-or-update-comment` from 4 to 5
- [Release notes](https://github.com/peter-evans/create-or-update-comment/releases)
- [Commits](peter-evans/create-or-update-comment@v4...v5)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-version: '6'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions
- dependency-name: actions/github-script
  dependency-version: '8'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions
- dependency-name: actions/create-github-app-token
  dependency-version: '2'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions
- dependency-name: actions/attest-build-provenance
  dependency-version: '3'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions
- dependency-name: helm/chart-testing-action
  dependency-version: 2.8.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions
- dependency-name: helm/kind-action
  dependency-version: 1.14.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions
- dependency-name: peter-evans/create-or-update-comment
  dependency-version: '5'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added automation Automated process or bot-managed work cicd CI/CD pipelines and automation infrastructure dependencies Dependency updates and management labels Feb 23, 2026
@dependabot dependabot Bot requested a review from aRustyDev as a code owner February 23, 2026 02:18
@dependabot dependabot Bot added dependencies Dependency updates and management cicd CI/CD pipelines and automation infrastructure automation Automated process or bot-managed work labels Feb 23, 2026
@github-actions github-actions Bot mentioned this pull request Feb 23, 2026
Open
@github-actions
Copy link
Copy Markdown
Contributor

github-actions Bot commented Feb 23, 2026

Atomic Branching Preview

All extractions verified successfully

Branches to be created

Branch Files
ci/atomic-branching-preview 1 files
ci/atomize-integration-pr 1 files
ci/auto-merge-integration 1 files
ci/create-atomic-chart-pr 1 files
ci/create-hotfix-branch 1 files
ci/release-atomic-chart 1 files
ci/sync-main-to-branches 1 files
ci/tag-atomic-chart 1 files
ci/test-atomization 1 files
ci/validate-atomic-chart-pr 1 files
ci/validate-contribution-pr 1 files
File Details

ci/atomic-branching-preview

  • .github/workflows/atomic-branching-preview.yaml

ci/atomize-integration-pr

  • .github/workflows/atomize-integration-pr.yaml

ci/auto-merge-integration

  • .github/workflows/auto-merge-integration.yaml

ci/create-atomic-chart-pr

  • .github/workflows/create-atomic-chart-pr.yaml

ci/create-hotfix-branch

  • .github/workflows/create-hotfix-branch.yaml

ci/release-atomic-chart

  • .github/workflows/release-atomic-chart.yaml

ci/sync-main-to-branches

  • .github/workflows/sync-main-to-branches.yaml

ci/tag-atomic-chart

  • .github/workflows/tag-atomic-chart.yaml

ci/test-atomization

  • .github/workflows/test-atomization.yaml

ci/validate-atomic-chart-pr

  • .github/workflows/validate-atomic-chart-pr.yaml

ci/validate-contribution-pr

  • .github/workflows/validate-contribution-pr.yaml

@dependabot @github
Copy link
Copy Markdown
Contributor Author

dependabot Bot commented on behalf of github Mar 2, 2026

Looks like these dependencies are updatable in another way, so this is no longer needed.

@dependabot dependabot Bot closed this Mar 2, 2026
@dependabot dependabot Bot deleted the dependabot/github_actions/integration/github-actions-1a4389fe30 branch March 2, 2026 02:17
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@aRustyDev aRustyDev Awaiting requested review from aRustyDev aRustyDev is a code owner

Assignees

No one assigned

Labels

automation Automated process or bot-managed work cicd CI/CD pipelines and automation infrastructure dependencies Dependency updates and management

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants