Skip to content

ci(deps): bump pnpm/action-setup from 2 to 4#7

Closed
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/github_actions/pnpm/action-setup-4
Closed

ci(deps): bump pnpm/action-setup from 2 to 4#7
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/github_actions/pnpm/action-setup-4

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Feb 9, 2026

Copy link
Copy Markdown
Contributor

Bumps pnpm/action-setup from 2 to 4.

Release notes

Sourced from pnpm/action-setup's releases.

v4.0.0

An error is thrown if one version of pnpm is specified in the packageManager field of package.json and a different version is specified in the action's settings #122

v3.0.0

The action is updated to run on Node.js v20

v2.4.1

Updated the bundled pnpm version to v7 to fix the ERR_INVALID_THIS error.

v2.4.0

Add ability to install standalone binary (pnpm/action-setup#92).

v2.3.0

v2.2.4

No deprecation warnings are printed about set-state and set-output commands (pnpm/action-setup#57)

v2.2.3

Bump Node.js version to 16 pnpm/action-setup#56

v2.2.2

Fixing network issues.

Related issues:

Related PR:

v2.2.1

Fix "packageManager" reader pnpm/action-setup#35

v2.2.0

v2.1.0

Support pnpm v7 pnpm/action-setup#29

v2.0.1

Update versions in code examples in README.md to the latest ones to avoid users using the wrong versions.

Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [pnpm/action-setup](https://github.com/pnpm/action-setup) from 2 to 4.
- [Release notes](https://github.com/pnpm/action-setup/releases)
- [Commits](pnpm/action-setup@v2.0.0...v4)

---
updated-dependencies:
- dependency-name: pnpm/action-setup
  dependency-version: '4'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot requested a review from doublegate as a code owner February 9, 2026 16:07
@codecov

codecov Bot commented Feb 9, 2026

Copy link
Copy Markdown

Codecov Report

✅ All modified and coverable lines are covered by tests.

📢 Thoughts on this report? Let us know!

doublegate added a commit that referenced this pull request Jul 8, 2026
…weep (#33)

Consolidates all 18 open dependabot PRs (#7-#32) into a single CI-verified
update, plus a broader sweep bringing every other Cargo, npm, GitHub Actions,
and submodule dependency to its latest compatible version. Also fixes real
RUSTSEC TLS/DNS vulnerabilities upstream in the prtip and wraith-protocol
submodules. See PR #33 description for full details.

Co-Authored-By: Claude Sonnet 5 <noreply@anthropic.com>
@doublegate

Copy link
Copy Markdown
Owner

Superseded by #33, which consolidates this update along with the other 17 open dependency PRs into a single CI-verified sweep. Merged as f86f4b1.

@doublegate doublegate closed this Jul 8, 2026
@doublegate doublegate deleted the dependabot/github_actions/pnpm/action-setup-4 branch July 8, 2026 07:17
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant