Bump the github-actions group with 5 updates #374

dependabot · 2025-10-01T18:03:03Z

Bumps the github-actions group with 5 updates:

Package	From	To
peter-evans/find-comment	`048de657d50358ed23c7ac2297a319ada251f4f0`	`b30e6a3c0ed37e7c023ccd3f1db5c6c0b0c23aad`
actions/stale	`9.1.0`	`10.0.0`
actions/github-script	`7.0.1`	`8.0.0`
peter-evans/create-or-update-comment	`f7c845d742ddcc26436b9547b75f949bdcd3012a`	`fffe59ea229327e73edca9d31f0b578bf04152a9`
actions/labeler	`5.0.0`	`6.0.1`

Updates peter-evans/find-comment from 048de657d50358ed23c7ac2297a319ada251f4f0 to b30e6a3c0ed37e7c023ccd3f1db5c6c0b0c23aad

Commits

b30e6a3 feat: v4 (#389)
b4929e7 build(deps-dev): bump @types/node from 18.19.124 to 18.19.127 (#388)
1f47d94 build(deps-dev): bump @vercel/ncc from 0.38.3 to 0.38.4 (#387)
a723a15 build(deps): bump actions/setup-node from 4 to 5 (#386)
8bacb1b build(deps-dev): bump @types/node from 18.19.123 to 18.19.124 (#385)
See full diff in compare view

Updates actions/stale from 9.1.0 to 10.0.0

Release notes

Sourced from actions/stale's releases.

v10.0.0

What's Changed

Breaking Changes

Upgrade to node 24 by @salmanmkc in actions/stale#1279 Make sure your runner is on version v2.327.1 or later to ensure compatibility with this release. Release Notes

Enhancement

Introducing sort-by option by @suyashgaonkar in actions/stale#1254

Dependency Upgrades

Upgrade actions/publish-immutable-action from 0.0.3 to 0.0.4 by @dependabot[bot] in actions/stale#1186

Upgrade undici from 5.28.4 to 5.28.5 by @dependabot[bot] in actions/stale#1201

Upgrade @action/cache from 4.0.0 to 4.0.2 by @aparnajyothi-y in actions/stale#1226

Upgrade @action/cache from 4.0.2 to 4.0.3 by @suyashgaonkar in actions/stale#1233

Upgrade undici from 5.28.5 to 5.29.0 by @dependabot[bot] in actions/stale#1251

Upgrade form-data to bring in fix for critical vulnerability by @gowridurgad in actions/stale#1277

Documentation changes

Changelog update for recent releases by @suyashgaonkar in actions/stale#1224

Permissions update in Readme by @ghadimir in actions/stale#1248

New Contributors

@suyashgaonkar made their first contribution in actions/stale#1224

@GhadimiR made their first contribution in actions/stale#1248

@gowridurgad made their first contribution in actions/stale#1277

@salmanmkc made their first contribution in actions/stale#1279

Full Changelog: actions/stale@v9...v10.0.0

Commits

3a9db7e Upgrade to node 24 (#1279)
8f717f0 Bumps form-data (#1277)
a92fd57 build(deps): bump undici from 5.28.5 to 5.29.0 (#1251)
128b2c8 Introducing sort-by option (#1254)
f78de97 Update README.md (#1248)
816d9db Upgrade @action/cache from 4.0.2 to 4.0.3 (#1233)
ba23c1c upgrade actions/cache from 4.0.0 to 4.0.2 (#1226)
a65e88a build(deps): bump undici from 5.28.4 to 5.28.5 (#1201)
d4df79c Updates to CHANGELOG.MD for recent releases (#1224)
ee7ef89 build(deps): bump actions/publish-immutable-action from 0.0.3 to 0.0.4 (#1186)
See full diff in compare view

Updates actions/github-script from 7.0.1 to 8.0.0

Release notes

Sourced from actions/github-script's releases.

v8.0.0

What's Changed

Update Node.js version support to 24.x by @salmanmkc in actions/github-script#637

README for updating actions/github-script from v7 to v8 by @sneha-krip in actions/github-script#653

⚠️ Minimum Compatible Runner Version

v2.327.1
Release Notes

Make sure your runner is updated to this version or newer to use this release.

New Contributors

@salmanmkc made their first contribution in actions/github-script#637

@sneha-krip made their first contribution in actions/github-script#653

Full Changelog: actions/github-script@v7.1.0...v8.0.0

v7.1.0

What's Changed

Upgrade husky to v9 by @benelan in actions/github-script#482

Add workflow file for publishing releases to immutable action package by @Jcambass in actions/github-script#485

Upgrade IA Publish by @Jcambass in actions/github-script#486

Fix workflow status badges by @joshmgross in actions/github-script#497

Update usage of actions/upload-artifact by @joshmgross in actions/github-script#512

Clear up package name confusion by @joshmgross in actions/github-script#514

Update dependencies with npm audit fix by @joshmgross in actions/github-script#515

Specify that the used script is JavaScript by @timotk in actions/github-script#478

chore: Add Dependabot for NPM and Actions by @nschonni in actions/github-script#472

Define permissions in workflows and update actions by @joshmgross in actions/github-script#531

chore: Add Dependabot for .github/actions/install-dependencies by @nschonni in actions/github-script#532

chore: Remove .vscode settings by @nschonni in actions/github-script#533

ci: Use github/setup-licensed by @nschonni in actions/github-script#473

make octokit instance available as octokit on top of github, to make it easier to seamlessly copy examples from GitHub rest api or octokit documentations by @iamstarkov in actions/github-script#508

Remove octokit README updates for v7 by @joshmgross in actions/github-script#557

docs: add "exec" usage examples by @neilime in actions/github-script#546

Bump ruby/setup-ruby from 1.213.0 to 1.222.0 by @dependabot[bot] in actions/github-script#563

Bump ruby/setup-ruby from 1.222.0 to 1.229.0 by @dependabot[bot] in actions/github-script#575

Clearly document passing inputs to the script by @joshmgross in actions/github-script#603

Update README.md by @nebuk89 in actions/github-script#610

New Contributors

@benelan made their first contribution in actions/github-script#482

@Jcambass made their first contribution in actions/github-script#485

@timotk made their first contribution in actions/github-script#478

@iamstarkov made their first contribution in actions/github-script#508

@neilime made their first contribution in actions/github-script#546

@nebuk89 made their first contribution in actions/github-script#610

Full Changelog: actions/github-script@v7...v7.1.0

Commits

ed59741 Merge pull request #653 from actions/sneha-krip/readme-for-v8
2dc352e Bold minimum Actions Runner version in README
01e118c Update README for Node 24 runtime requirements
8b222ac Apply suggestion from @salmanmkc
adc0eea README for updating actions/github-script from v7 to v8
20fe497 Merge pull request #637 from actions/node24
e7b7f22 update licenses
2c81ba0 Update Node.js version support to 24.x
f28e40c Merge pull request #610 from actions/nebuk89-patch-1
1ae9958 Update README.md
Additional commits viewable in compare view

Updates peter-evans/create-or-update-comment from f7c845d742ddcc26436b9547b75f949bdcd3012a to fffe59ea229327e73edca9d31f0b578bf04152a9

Commits

fffe59e build(deps-dev): bump @types/node from 18.19.127 to 18.19.129 (#438)
076d572 build(deps-dev): bump @types/node from 18.19.126 to 18.19.127 (#437)
86a2645 build(deps-dev): bump @vercel/ncc from 0.38.3 to 0.38.4 (#436)
be17e0c build(deps-dev): bump @types/node from 18.19.124 to 18.19.126 (#435)
ef75eae build(deps-dev): bump @types/node from 18.19.123 to 18.19.124 (#433)
82a7ad0 build(deps): bump actions/setup-node from 4 to 5 (#432)
See full diff in compare view

Updates actions/labeler from 5.0.0 to 6.0.1

Release notes

Sourced from actions/labeler's releases.

v6.0.1

What's Changed

Upgrade publish-action from 0.2.2 to 0.4.0 by @aparnajyothi-y in actions/labeler#901

New Contributors

@aparnajyothi-y made their first contribution in actions/labeler#901

Full Changelog: actions/labeler@v6.0.0...v6.0.1

v6.0.0

What's Changed

Add workflow file for publishing releases to immutable action package by @jcambass in actions/labeler#802

Breaking Changes

Upgrade Node.js version to 24 in action and dependencies @salmanmkc in actions/labeler#891 Make sure your runner is on version v2.327.1 or later to ensure compatibility with this release. Release Notes

Dependency Upgrades

Upgrade eslint-config-prettier from 9.0.0 to 9.1.0 by @dependabot[bot] in actions/labeler#711

Upgrade eslint from 8.52.0 to 8.55.0 by @dependabot[bot] in actions/labeler#720

Upgrade @types/jest from 29.5.6 to 29.5.11 by @dependabot[bot] in actions/labeler#719

Upgrade @types/js-yaml from 4.0.8 to 4.0.9 by @dependabot[bot] in actions/labeler#718

Upgrade @typescript-eslint/parser from 6.9.0 to 6.14.0 by @dependabot[bot] in actions/labeler#717

Upgrade prettier from 3.0.3 to 3.1.1 by @dependabot[bot] in actions/labeler#726

Upgrade eslint from 8.55.0 to 8.56.0 by @dependabot[bot] in actions/labeler#725

Upgrade @typescript-eslint/parser from 6.14.0 to 6.19.0 by @dependabot[bot] in actions/labeler#745

Upgrade eslint-plugin-jest from 27.4.3 to 27.6.3 by @dependabot[bot] in actions/labeler#744

Upgrade @typescript-eslint/eslint-plugin from 6.9.0 to 6.20.0 by @dependabot[bot] in actions/labeler#750

Upgrade prettier from 3.1.1 to 3.2.5 by @dependabot[bot] in actions/labeler#752

Upgrade undici from 5.26.5 to 5.28.3 by @dependabot[bot] in actions/labeler#757

Upgrade braces from 3.0.2 to 3.0.3 by @dependabot[bot] in actions/labeler#789

Upgrade minimatch from 9.0.3 to 10.0.1 by @dependabot[bot] in actions/labeler#805

Upgrade @actions/core from 1.10.1 to 1.11.1 by @dependabot[bot] in actions/labeler#811

Upgrade typescript from 5.4.3 to 5.7.2 by @dependabot[bot] in actions/labeler#819

Upgrade @typescript-eslint/parser from 7.3.1 to 8.17.0 by @dependabot[bot] in actions/labeler#824

Upgrade prettier from 3.2.5 to 3.4.2 by @dependabot[bot] in actions/labeler#825

Upgrade @types/jest from 29.5.12 to 29.5.14 by @dependabot[bot] in actions/labeler#827

Upgrade eslint-plugin-jest from 27.9.0 to 28.9.0 by @dependabot[bot] in actions/labeler#832

Upgrade ts-jest from 29.1.2 to 29.2.5 by @dependabot[bot] in actions/labeler#831

Upgrade @vercel/ncc from 0.38.1 to 0.38.3 by @dependabot[bot] in actions/labeler#830

Upgrade typescript from 5.7.2 to 5.7.3 by @dependabot[bot] in actions/labeler#835

Upgrade eslint-plugin-jest from 28.9.0 to 28.11.0 by @dependabot[bot] in actions/labeler#839

Upgrade undici from 5.28.4 to 5.28.5 by @dependabot[bot] in actions/labeler#842

Upgrade @octokit/request-error from 5.0.1 to 5.1.1 by @dependabot[bot] in actions/labeler#846

Documentation changes

Add note regarding pull_request_target to README.md by @silverwind in actions/labeler#669

Update readme with additional examples and important note about pull_request_target event by @IvanZosimov in actions/labeler#721

Document update - permission section by @harithavattikuti in actions/labeler#840

... (truncated)

Commits

634933e publish-action upgrade to 0.4.0 from 0.2.2 (#901)
f1a63e8 Update Node.js version to 24 in action and dependencies (#891)
b0a1180 Bump @octokit/request-error from 5.0.1 to 5.1.1 (#846)
110d441 Update README.md (#871)
bee50fe Bump undici from 5.28.4 to 5.28.5 (#842)
6463cdb Bump eslint-plugin-jest from 28.9.0 to 28.11.0 (#839)
c209686 Bump typescript from 5.7.2 to 5.7.3 (#835)
5184940 Bump @vercel/ncc from 0.38.1 to 0.38.3 (#830)
3629d55 Document update - permission section (#840)
d24f7f3 Bump ts-jest from 29.1.2 to 29.2.5 (#831)
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the github-actions group with 5 updates: | Package | From | To | | --- | --- | --- | | [peter-evans/find-comment](https://github.com/peter-evans/find-comment) | `048de657d50358ed23c7ac2297a319ada251f4f0` | `b30e6a3c0ed37e7c023ccd3f1db5c6c0b0c23aad` | | [actions/stale](https://github.com/actions/stale) | `9.1.0` | `10.0.0` | | [actions/github-script](https://github.com/actions/github-script) | `7.0.1` | `8.0.0` | | [peter-evans/create-or-update-comment](https://github.com/peter-evans/create-or-update-comment) | `f7c845d742ddcc26436b9547b75f949bdcd3012a` | `fffe59ea229327e73edca9d31f0b578bf04152a9` | | [actions/labeler](https://github.com/actions/labeler) | `5.0.0` | `6.0.1` | Updates `peter-evans/find-comment` from 048de657d50358ed23c7ac2297a319ada251f4f0 to b30e6a3c0ed37e7c023ccd3f1db5c6c0b0c23aad - [Release notes](https://github.com/peter-evans/find-comment/releases) - [Commits](peter-evans/find-comment@048de65...b30e6a3) Updates `actions/stale` from 9.1.0 to 10.0.0 - [Release notes](https://github.com/actions/stale/releases) - [Changelog](https://github.com/actions/stale/blob/main/CHANGELOG.md) - [Commits](actions/stale@5bef64f...3a9db7e) Updates `actions/github-script` from 7.0.1 to 8.0.0 - [Release notes](https://github.com/actions/github-script/releases) - [Commits](actions/github-script@60a0d83...ed59741) Updates `peter-evans/create-or-update-comment` from f7c845d742ddcc26436b9547b75f949bdcd3012a to fffe59ea229327e73edca9d31f0b578bf04152a9 - [Release notes](https://github.com/peter-evans/create-or-update-comment/releases) - [Commits](peter-evans/create-or-update-comment@f7c845d...fffe59e) Updates `actions/labeler` from 5.0.0 to 6.0.1 - [Release notes](https://github.com/actions/labeler/releases) - [Commits](actions/labeler@8558fd7...634933e) --- updated-dependencies: - dependency-name: peter-evans/find-comment dependency-version: b30e6a3c0ed37e7c023ccd3f1db5c6c0b0c23aad dependency-type: direct:production dependency-group: github-actions - dependency-name: actions/stale dependency-version: 10.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: actions/github-script dependency-version: 8.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: peter-evans/create-or-update-comment dependency-version: fffe59ea229327e73edca9d31f0b578bf04152a9 dependency-type: direct:production dependency-group: github-actions - dependency-name: actions/labeler dependency-version: 6.0.1 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions ... Signed-off-by: dependabot[bot] <support@github.com>

github-actions · 2025-10-01T18:07:05Z

PR Health

Breaking changes ✔️

Package	Change	Current Version	New Version	Needed Version	Looking good?

This check can be disabled by tagging the PR with skip-breaking-check.

Changelog Entry ✔️

Package	Changed Files

Changes to files need to be accounted for in their respective changelogs.

This check can be disabled by tagging the PR with skip-changelog-check.

Coverage ✔️

File	Coverage

This check for test coverage is informational (issues shown here will not fail the PR).

This check can be disabled by tagging the PR with skip-coverage-check.

API leaks ✔️

The following packages contain symbols visible in the public API, but not exported by the library. Export these symbols or remove them from your publicly visible API.

Package	Leaked API symbol	Leaking sources

This check can be disabled by tagging the PR with skip-leaking-check.

License Headers ✔️

// Copyright (c) 2025, the Dart project authors. Please see the AUTHORS file
// for details. All rights reserved. Use of this source code is governed by a
// BSD-style license that can be found in the LICENSE file.

Files
no missing headers

All source files should start with a license header.

This check can be disabled by tagging the PR with skip-license-check.

Revisions updated by `dart tools/rev_sdk_deps.dart`. dartdoc (https://github.com/dart-lang/dartdoc/compare/669b15f..ec2a4fe): ec2a4fee 2025-10-06 dependabot[bot] Bump test_reflective_loader from 0.2.3 to 0.4.0 (dart-lang/dartdoc#4111) 2ec3e4ef 2025-10-02 Konstantin Scheglov Stop using TypeDefiningElement. (dart-lang/dartdoc#4112) f65c7e21 2025-10-01 dependabot[bot] Bump the github-actions group with 3 updates (dart-lang/dartdoc#4113) ecosystem (https://github.com/dart-lang/ecosystem/compare/36e514d..96ee861): 96ee861 2025-10-02 Devon Carew misc repo metadata updates (dart-lang/ecosystem#372) 0d7ffaa 2025-10-02 Moritz Rename comments (dart-lang/ecosystem#373) a3cf960 2025-10-01 dependabot[bot] Bump the github-actions group with 5 updates (dart-lang/ecosystem#374) test (https://github.com/dart-lang/test/compare/a16f149..8083c8f): 8083c8f2 2025-10-03 Nate Bosch Make all package:coverage imports conditional (dart-lang/test#2544) tools (https://github.com/dart-lang/tools/compare/ce9d2ad..6866f9b): 6866f9b1 2025-10-06 Morgan :) Allow more time for tests on Windows. (dart-lang/tools#2193) 1264445e 2025-10-06 Morgan :) Fix flaky test on Windows. (dart-lang/tools#2192) webdev (https://github.com/dart-lang/webdev/compare/0b2a408..29ba1b1): 29ba1b12 2025-10-01 dependabot[bot] Bump the github-actions group with 3 updates (dart-lang/webdev#2693) Change-Id: I9582b0380b2b974a2d05ab4f77c67c14e92aaa63 Reviewed-on: https://dart-review.googlesource.com/c/sdk/+/453580 Commit-Queue: Konstantin Shcheglov <scheglov@google.com> Reviewed-by: Konstantin Shcheglov <scheglov@google.com> Auto-Submit: Devon Carew <devoncarew@google.com>

dependabot bot added the autosubmit label Oct 1, 2025

github-actions bot added the type-infra A repository infrastructure change or enhancement label Oct 1, 2025

fluttergithubbot approved these changes Oct 1, 2025

View reviewed changes

auto-submit bot merged commit a3cf960 into main Oct 1, 2025
22 checks passed

auto-submit bot deleted the dependabot/github_actions/github-actions-5dd8abe4f4 branch October 1, 2025 18:09

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Bump the github-actions group with 5 updates #374

Bump the github-actions group with 5 updates #374

Uh oh!

dependabot bot commented on behalf of github Oct 1, 2025

Uh oh!

github-actions bot commented Oct 1, 2025

Uh oh!

Uh oh!

Uh oh!

Bump the github-actions group with 5 updates #374

Bump the github-actions group with 5 updates #374

Uh oh!

Conversation

dependabot bot commented on behalf of github Oct 1, 2025

v10.0.0

What's Changed

Breaking Changes

Enhancement

Dependency Upgrades

Documentation changes

New Contributors

v8.0.0

What's Changed

⚠️ Minimum Compatible Runner Version

New Contributors

v7.1.0

What's Changed

New Contributors

v6.0.1

What's Changed

New Contributors

v6.0.0

What's Changed

Breaking Changes

Dependency Upgrades

Documentation changes

Uh oh!

github-actions bot commented Oct 1, 2025

PR Health

Uh oh!

Uh oh!

Uh oh!