chore(deps): bump kosli-dev/setup-cli-action from 4 to 5#841
Merged
mbevc1 merged 1 commit intoMay 1, 2026
Conversation
Bumps [kosli-dev/setup-cli-action](https://github.com/kosli-dev/setup-cli-action) from 4 to 5. - [Release notes](https://github.com/kosli-dev/setup-cli-action/releases) - [Commits](kosli-dev/setup-cli-action@v4...v5) --- updated-dependencies: - dependency-name: kosli-dev/setup-cli-action dependency-version: '5' dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com>
dependabot
Bot
added
dependencies
Contributor
|
Claude finished @dependabot[bot]'s task in 3m 25s —— View job Reviewing dependency upgrade:
|
| Change | Detail | Risk |
|---|---|---|
| Node runtime | node16/node20 → node24 | None — GitHub is deprecating older runtimes; this keeps CI green |
| Default CLI version | v2.11.x → v2.12.1 | No impact — all usages explicitly set version: ${{ vars.KOSLI_CLI_VERSION }} |
New latest keyword |
version input now accepts "latest" |
None — opt-in feature, not used here |
| Internal deps | @actions/core 1→3, @actions/tool-cache 2→4, @actions/github 6→9 |
None — internal to the action |
| CommonJS → ES modules | Internal refactor | None — transparent to consumers |
Usage analysis
All 8 invocations across the 5 workflows follow the same pattern:
uses: kosli-dev/setup-cli-action@v5
with:
version: ${{ vars.KOSLI_CLI_VERSION }}- The
versioninput (the only input) is unchanged between v4 and v5 - No inputs were removed or renamed
- The explicit
${{ vars.KOSLI_CLI_VERSION }}override means the default CLI version change is irrelevant
Verdict
Safe to merge. This is a straightforward major-version bump driven by the node24 runtime upgrade (aligning with GitHub's deprecation of older Node runtimes). The action's interface is unchanged, and all usages in this repo pin the CLI version explicitly, so there's no behavioral change.
No follow-up actions needed.
mbevc1
approved these changes
May 1, 2026
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Bumps kosli-dev/setup-cli-action from 4 to 5.
Release notes
Sourced from kosli-dev/setup-cli-action's releases.
Commits
c506906Automatic compilation022c44dfix: revert to a single workflow and trigger on tags44934effix: separate workflows for release and GHA build + tags757e0a0fix: GHA incorrect job depsf6260fbfix: GHA syntax error1cc739eMerge pull request #21 from kosli-dev/20260428_auto_release027d39dchore: clean up tests GHA289edc0feat: auto release on tag2232bc1Merge pull request #11 from kosli-dev/20260421_slack_notificationed2815bfix: use variable for Slack Channel IDDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)