chore(deps)(deps): bump the github-actions-all group across 1 directory with 15 updates #77

dependabot · 2026-01-01T17:57:20Z

Bumps the github-actions-all group with 15 updates in the / directory:

Package	From	To
actions/checkout	`2`	`6`
actions/setup-python	`2`	`6`
actions/setup-go	`2`	`6`
docker/setup-buildx-action	`2.5.0`	`3.12.0`
docker/login-action	`1`	`3`
docker/metadata-action	`5.9.0`	`5.10.0`
docker/build-push-action	`5.4.0`	`6.18.0`
falti/dotenv-action	`0.2.7`	`1.1.5`
Azure/setup-kubectl	`3`	`4`
aws-actions/configure-aws-credentials	`1`	`5`
aws-actions/amazon-ecr-login	`1`	`2`
actions/upload-artifact	`4.4.0`	`6.0.0`
peter-evans/create-pull-request	`3.10.1`	`8.0.0`
anchore/sbom-action	`0.15.10`	`0.21.0`
ossf/scorecard-action	`2.4.0`	`2.4.3`

Updates actions/checkout from 2 to 6

Release notes

Sourced from actions/checkout's releases.

v6.0.0

What's Changed

Update README to include Node.js 24 support details and requirements by @salmanmkc in actions/checkout#2248

Persist creds to a separate file by @ericsciple in actions/checkout#2286

v6-beta by @ericsciple in actions/checkout#2298

update readme/changelog for v6 by @ericsciple in actions/checkout#2311

Full Changelog: actions/checkout@v5.0.0...v6.0.0

v6-beta

What's Changed

Updated persist-credentials to store the credentials under $RUNNER_TEMP instead of directly in the local git config.

This requires a minimum Actions Runner version of v2.329.0 to access the persisted credentials for Docker container action scenarios.

v5.0.1

What's Changed

Port v6 cleanup to v5 by @ericsciple in actions/checkout#2301

Full Changelog: actions/checkout@v5...v5.0.1

v5.0.0

What's Changed

Update actions checkout to use node 24 by @salmanmkc in actions/checkout#2226

Prepare v5.0.0 release by @salmanmkc in actions/checkout#2238

⚠️ Minimum Compatible Runner Version

v2.327.1
Release Notes

Make sure your runner is updated to this version or newer to use this release.

Full Changelog: actions/checkout@v4...v5.0.0

v4.3.1

What's Changed

Port v6 cleanup to v4 by @ericsciple in actions/checkout#2305

Full Changelog: actions/checkout@v4...v4.3.1

v4.3.0

What's Changed

docs: update README.md by @motss in actions/checkout#1971

Add internal repos for checking out multiple repositories by @mouismail in actions/checkout#1977

Documentation update - add recommended permissions to Readme by @benwells in actions/checkout#2043

... (truncated)

Commits

8e8c483 Clarify v6 README (#2328)
033fa0d Add worktree support for persist-credentials includeIf (#2327)
c2d88d3 Update all references from v5 and v4 to v6 (#2314)
1af3b93 update readme/changelog for v6 (#2311)
71cf226 v6-beta (#2298)
069c695 Persist creds to a separate file (#2286)
ff7abcd Update README to include Node.js 24 support details and requirements (#2248)
08c6903 Prepare v5.0.0 release (#2238)
9f26565 Update actions checkout to use node 24 (#2226)
08eba0b Prepare release v4.3.0 (#2237)
Additional commits viewable in compare view

Updates actions/setup-python from 2 to 6

Release notes

Sourced from actions/setup-python's releases.

v6.0.0

What's Changed

Breaking Changes

Upgrade to node 24 by @salmanmkc in actions/setup-python#1164

Make sure your runner is on version v2.327.1 or later to ensure compatibility with this release. See Release Notes

Enhancements:

Add support for pip-version by @priyagupta108 in actions/setup-python#1129

Enhance reading from .python-version by @krystof-k in actions/setup-python#787

Add version parsing from Pipfile by @aradkdj in actions/setup-python#1067

Bug fixes:

Clarify pythonLocation behaviour for PyPy and GraalPy in environment variables by @aparnajyothi-y in actions/setup-python#1183

Change missing cache directory error to warning by @aparnajyothi-y in actions/setup-python#1182

Add Architecture-Specific PATH Management for Python with --user Flag on Windows by @aparnajyothi-y in actions/setup-python#1122

Include python version in PyPy python-version output by @cdce8p in actions/setup-python#1110

Update docs: clarification on pip authentication with setup-python by @priya-kinthali in actions/setup-python#1156

Dependency updates:

Upgrade idna from 2.9 to 3.7 in /tests/data by @dependabot[bot] in actions/setup-python#843

Upgrade form-data to fix critical vulnerabilities #182 & #183 by @aparnajyothi-y in actions/setup-python#1163

Upgrade setuptools to 78.1.1 to fix path traversal vulnerability in PackageIndex.download by @aparnajyothi-y in actions/setup-python#1165

Upgrade actions/checkout from 4 to 5 by @dependabot[bot] in actions/setup-python#1181

Upgrade @actions/tool-cache from 2.0.1 to 2.0.2 by @dependabot[bot] in actions/setup-python#1095

New Contributors

@krystof-k made their first contribution in actions/setup-python#787

@cdce8p made their first contribution in actions/setup-python#1110

@aradkdj made their first contribution in actions/setup-python#1067

Full Changelog: actions/setup-python@v5...v6.0.0

v5.6.0

What's Changed

Workflow updates related to Ubuntu 20.04 by @aparnajyothi-y in actions/setup-python#1065

Fix for Candidate Not Iterable Error by @aparnajyothi-y in actions/setup-python#1082

Upgrade semver and @types/semver by @dependabot in actions/setup-python#1091

Upgrade prettier from 2.8.8 to 3.5.3 by @dependabot in actions/setup-python#1046

Upgrade ts-jest from 29.1.2 to 29.3.2 by @dependabot in actions/setup-python#1081

Full Changelog: actions/setup-python@v5...v5.6.0

v5.5.0

What's Changed

Enhancements:

Support free threaded Python versions like '3.13t' by @colesbury in actions/setup-python#973

Enhance Workflows: Include ubuntu-arm runners, Add e2e Testing for free threaded and Upgrade @action/cache from 4.0.0 to 4.0.3 by @priya-kinthali in actions/setup-python#1056

Add support for .tool-versions file in setup-python by @mahabaleshwars in actions/setup-python#1043

Bug fixes:

Fix architecture for pypy on Linux ARM64 by @mayeut in actions/setup-python#1011 This update maps arm64 to aarch64 for Linux ARM64 PyPy installations.

... (truncated)

Commits

83679a8 Bump @types/node from 24.1.0 to 24.9.1 and update macos-13 to macos-15-intel ...
bfc4944 Bump prettier from 3.5.3 to 3.6.2 (#1234)
97aeb3e Bump requests from 2.32.2 to 2.32.4 in /tests/data (#1130)
443da59 Bump actions/publish-action from 0.3.0 to 0.4.0 & Documentation update for pi...
cfd55ca graalpy: add graalpy early-access and windows builds (#880)
bba65e5 Bump typescript from 5.4.2 to 5.9.3 and update docs/advanced-usage.md (#1094)
18566f8 Improve wording and "fix example" (remove 3.13) on testing against pre-releas...
2e3e4b1 Add support for pip-install input (#1201)
4267e28 Bump urllib3 from 1.26.19 to 2.5.0 in /tests/data and document breaking c...
e797f83 Upgrade to node 24 (#1164)
Additional commits viewable in compare view

Updates actions/setup-go from 2 to 6

Release notes

Sourced from actions/setup-go's releases.

v6.0.0

What's Changed

Breaking Changes

Improve toolchain handling to ensure more reliable and consistent toolchain selection and management by @matthewhughes934 in actions/setup-go#460

Upgrade Nodejs runtime from node20 to node 24 by @salmanmkc in actions/setup-go#624

Make sure your runner is on version v2.327.1 or later to ensure compatibility with this release. See Release Notes

Dependency Upgrades

Upgrade @types/jest from 29.5.12 to 29.5.14 by @dependabot[bot] in actions/setup-go#589

Upgrade @actions/tool-cache from 2.0.1 to 2.0.2 by @dependabot[bot] in actions/setup-go#591

Upgrade @typescript-eslint/parser from 8.31.1 to 8.35.1 by @dependabot[bot] in actions/setup-go#590

Upgrade undici from 5.28.5 to 5.29.0 by @dependabot[bot] in actions/setup-go#594

Upgrade typescript from 5.4.2 to 5.8.3 by @dependabot[bot] in actions/setup-go#538

Upgrade eslint-plugin-jest from 28.11.0 to 29.0.1 by @dependabot[bot] in actions/setup-go#603

Upgrade form-data to bring in fix for critical vulnerability by @matthewhughes934 in actions/setup-go#618

Upgrade actions/checkout from 4 to 5 by @dependabot[bot] in actions/setup-go#631

New Contributors

@matthewhughes934 made their first contribution in actions/setup-go#618

@salmanmkc made their first contribution in actions/setup-go#624

Full Changelog: actions/setup-go@v5...v6.0.0

v5.6.0

What's Changed

Fall back to downloading from go.dev/dl instead of storage.googleapis.com/golang by @aparnajyothi-y in actions/setup-go#689

Full Changelog: actions/setup-go@v5...v5.6.0

v5.5.0

What's Changed

Bug fixes:

Update self-hosted environment validation by @priyagupta108 in actions/setup-go#556

Add manifest validation and improve error handling by @priyagupta108 in actions/setup-go#586

Update template link by @jsoref in actions/setup-go#527

Dependency updates:

Upgrade @action/cache from 4.0.2 to 4.0.3 by @aparnajyothi-y in actions/setup-go#574

Upgrade @actions/glob from 0.4.0 to 0.5.0 by @dependabot in actions/setup-go#573

Upgrade ts-jest from 29.1.2 to 29.3.2 by @dependabot in actions/setup-go#582

Upgrade eslint-plugin-jest from 27.9.0 to 28.11.0 by @dependabot in actions/setup-go#537

New Contributors

@jsoref made their first contribution in actions/setup-go#527

Full Changelog: actions/setup-go@v5...v5.5.0

... (truncated)

Commits

4dc6199 Bump semver and @types/semver (#652)
f3787be Add comprehensive breaking changes documentation for v6 (#674)
3a0c2c8 Bump actions/publish-action from 0.3.0 to 0.4.0 (#641)
faf5242 Add support for .tool-versions file in setup-go, update workflow (#673)
7bc60db Fall back to downloading from go.dev/dl instead of storage.googleapis.com/gol...
c0137ca Bump eslint-config-prettier from 10.0.1 to 10.1.8 and document breaking chang...
4469467 Bump actions/checkout from 4 to 5 (#631)
e093d1e Node 24 upgrade (#624)
1d76b95 Improve toolchain handling (#460)
e75c3e8 Bump form-data to bring in fix for critical vulnerability (#618)
Additional commits viewable in compare view

Updates docker/setup-buildx-action from 2.5.0 to 3.12.0

Release notes

Sourced from docker/setup-buildx-action's releases.

v3.12.0

Deprecate install input by @crazy-max in docker/setup-buildx-action#455

Bump @docker/actions-toolkit from 0.62.1 to 0.63.0 in docker/setup-buildx-action#434

Bump brace-expansion from 1.1.11 to 1.1.12 in docker/setup-buildx-action#436

Bump form-data from 2.5.1 to 2.5.5 in docker/setup-buildx-action#432

Bump undici from 5.28.4 to 5.29.0 in docker/setup-buildx-action#435

Full Changelog: docker/setup-buildx-action@v3.11.1...v3.12.0

v3.11.1

Fix keep-state not being respected by @crazy-max in docker/setup-buildx-action#429

Full Changelog: docker/setup-buildx-action@v3.11.0...v3.11.1

v3.11.0

Keep BuildKit state support by @crazy-max in docker/setup-buildx-action#427

Remove aliases created when installing by default by @hashhar in docker/setup-buildx-action#139

Bump @docker/actions-toolkit from 0.56.0 to 0.62.1 in docker/setup-buildx-action#422 docker/setup-buildx-action#425

Full Changelog: docker/setup-buildx-action@v3.10.0...v3.11.0

v3.10.0

Bump @docker/actions-toolkit from 0.54.0 to 0.56.0 in docker/setup-buildx-action#408

Full Changelog: docker/setup-buildx-action@v3.9.0...v3.10.0

v3.9.0

Bump @docker/actions-toolkit from 0.48.0 to 0.54.0 in docker/setup-buildx-action#402 docker/setup-buildx-action#404

Full Changelog: docker/setup-buildx-action@v3.8.0...v3.9.0

v3.8.0

Make cloud prefix optional to download buildx if driver is cloud by @crazy-max in docker/setup-buildx-action#390

Bump @actions/core from 1.10.1 to 1.11.1 in docker/setup-buildx-action#370

Bump @docker/actions-toolkit from 0.39.0 to 0.48.0 in docker/setup-buildx-action#389

Bump cross-spawn from 7.0.3 to 7.0.6 in docker/setup-buildx-action#382

Full Changelog: docker/setup-buildx-action@v3.7.1...v3.8.0

v3.7.1

Switch back to uuid package by @crazy-max in docker/setup-buildx-action#369

Full Changelog: docker/setup-buildx-action@v3.7.0...v3.7.1

v3.7.0

Always set buildkitd-flags if opt-in by @crazy-max in docker/setup-buildx-action#363

Remove uuid package and switch to crypto by @crazy-max in docker/setup-buildx-action#366

Bump @docker/actions-toolkit from 0.35.0 to 0.39.0 in docker/setup-buildx-action#362

Bump path-to-regexp from 6.2.2 to 6.3.0 in docker/setup-buildx-action#354

... (truncated)

Commits

8d2750c Merge pull request #455 from crazy-max/install-deprecated
e81846b deprecate install input
65d18f8 Merge pull request #454 from docker/dependabot/github_actions/actions/checkout-6
000d75d build(deps): bump actions/checkout from 5 to 6
1583c0f Merge pull request #443 from nicolasleger/patch-1
ed158e7 doc: bump actions/checkout from 4 to 5
4cc794f Merge pull request #441 from docker/dependabot/github_actions/actions/checkout-5
4dfc3d6 build(deps): bump actions/checkout from 4 to 5
af1b253 Merge pull request #440 from crazy-max/k3s-build
3c6ab92 ci: k3s test with latest buildx
Additional commits viewable in compare view

Updates docker/login-action from 1 to 3

Release notes

Sourced from docker/login-action's releases.

v3.0.0

Node 20 as default runtime (requires Actions Runner v2.308.0 or later) by @crazy-max in docker/login-action#593

Bump @actions/core from 1.10.0 to 1.10.1 in docker/login-action#598

Bump @aws-sdk/client-ecr and @aws-sdk/client-ecr-public to 3.410.0 in docker/login-action#555 docker/login-action#560 docker/login-action#582 docker/login-action#599

Bump semver from 6.3.0 to 6.3.1 in docker/login-action#556

Bump https-proxy-agent to 7.0.2 docker/login-action#561 docker/login-action#588

Full Changelog: docker/login-action@v2.2.0...v3.0.0

v2.2.0

Switch to actions-toolkit implementation by @crazy-max in docker/login-action#409 docker/login-action#470 docker/login-action#476

Bump @aws-sdk/client-ecr and @aws-sdk/client-ecr-public to 3.347.1 in docker/login-action#524 docker/login-action#364 docker/login-action#363

Bump minimatch from 3.0.4 to 3.1.2 in docker/login-action#354

Bump json5 from 2.2.0 to 2.2.3 in docker/login-action#378

Bump http-proxy-agent from 5.0.0 to 7.0.0 in docker/login-action#509

Bump https-proxy-agent from 5.0.1 to 7.0.0 in docker/login-action#508

Full Changelog: docker/login-action@v2.1.0...v2.2.0

v2.1.0

Ensure AWS temp credentials are redacted in workflow logs by @crazy-max (#275)

Bump @actions/core from 1.6.0 to 1.10.0 (#252 #292)

Bump @aws-sdk/client-ecr from 3.53.0 to 3.186.0 (#298)

Bump @aws-sdk/client-ecr-public from 3.53.0 to 3.186.0 (#299)

Full Changelog: docker/login-action@v2.0.0...v2.1.0

v2.0.0

Node 16 as default runtime by @crazy-max (#161)

This requires a minimum Actions Runner version of v2.285.0, which is by default available in GHES 3.4 or later.

chore: update dev dependencies and workflow by @crazy-max (#170)

Bump @actions/exec from 1.1.0 to 1.1.1 (#167)

Bump @actions/io from 1.1.1 to 1.1.2 (#168)

Bump minimist from 1.2.5 to 1.2.6 (#176)

Bump https-proxy-agent from 5.0.0 to 5.0.1 (#182)

Full Changelog: docker/login-action@v1.14.1...v2.0.0

v1.14.1

Revert to Node 12 as default runtime to fix issue for GHE users (#160)

v1.14.0

Update to node 16 (#158)

Bump @aws-sdk/client-ecr from 3.45.0 to 3.53.0 (#157)

Bump @aws-sdk/client-ecr-public from 3.45.0 to 3.53.0 (#156)

v1.13.0

Handle proxy settings for aws-sdk (#152)

Workload identity based authentication docs for GCR and GAR (#112)

Test login against ACR (#49)

... (truncated)

Commits

5e57cd1 Merge pull request #890 from docker/dependabot/npm_and_yarn/aws-sdk-dependenc...
97e3143 chore: update generated content
3a0796b build(deps): bump the aws-sdk-dependencies group with 2 updates
5b7b28b Merge pull request #882 from docker/dependabot/npm_and_yarn/aws-sdk-dependenc...
abc9fb3 chore: update generated content
d468688 build(deps): bump the aws-sdk-dependencies group with 2 updates
a99b2f8 Merge pull request #883 from docker/dependabot/npm_and_yarn/docker/actions-to...
0d7fae8 chore: update generated content
9832253 build(deps): bump @docker/actions-toolkit from 0.62.1 to 0.63.0
09e05bb Merge pull request #881 from docker/dependabot/npm_and_yarn/tmp-0.2.4
Additional commits viewable in compare view

Updates docker/metadata-action from 5.9.0 to 5.10.0

Release notes

Sourced from docker/metadata-action's releases.

v5.10.0

Bump @docker/actions-toolkit from 0.66.0 to 0.68.0 in docker/metadata-action#559 docker/metadata-action#569

Bump js-yaml from 3.14.1 to 3.14.2 in docker/metadata-action#564

Full Changelog: docker/metadata-action@v5.9.0...v5.10.0

Commits

c299e40 Merge pull request #569 from docker/dependabot/npm_and_yarn/docker/actions-to...
f015d79 chore: update generated content
121bcc2 chore(deps): Bump @docker/actions-toolkit from 0.67.0 to 0.68.0
f7b6bf4 Merge pull request #564 from docker/dependabot/npm_and_yarn/js-yaml-3.14.2
0b95c6b Merge pull request #565 from docker/dependabot/github_actions/actions/checkout-6
17f70d7 Merge pull request #568 from motoki317/docs/fix-to-24h-schedule-pattern
afd7e6d docs(README): Fix date format from 12h to 24h in schedule pattern
602aff8 chore(deps): Bump actions/checkout from 5 to 6
aecb1a4 chore(deps): Bump js-yaml from 3.14.1 to 3.14.2
8d8c7c1 Merge pull request #559 from docker/dependabot/npm_and_yarn/docker/actions-to...
Additional commits viewable in compare view

Updates docker/build-push-action from 5.4.0 to 6.18.0

Release notes

Sourced from docker/build-push-action's releases.

v6.18.0

Bump @docker/actions-toolkit from 0.61.0 to 0.62.1 in docker/build-push-action#1381

[!NOTE] Build summary is now supported with Docker Build Cloud.

Full Changelog: docker/build-push-action@v6.17.0...v6.18.0

v6.17.0

Bump @docker/actions-toolkit from 0.59.0 to 0.61.0 by @crazy-max in docker/build-push-action#1364

[!NOTE] Build record is now exported using the buildx history export command instead of the legacy export-build tool.

Full Changelog: docker/build-push-action@v6.16.0...v6.17.0

v6.16.0

Handle no default attestations env var by @crazy-max in docker/build-push-action#1343

Only print secret keys in build summary output by @crazy-max in docker/build-push-action#1353

Bump @docker/actions-toolkit from 0.56.0 to 0.59.0 in docker/build-push-action#1352

Full Changelog: docker/build-push-action@v6.15.0...v6.16.0

v6.15.0

Bump @docker/actions-toolkit from 0.55.0 to 0.56.0 in docker/build-push-action#1330

Full Changelog: docker/build-push-action@v6.14.0...v6.15.0

v6.14.0

Bump @docker/actions-toolkit from 0.53.0 to 0.55.0 in docker/build-push-action#1324

Full Changelog: docker/build-push-action@v6.13.0...v6.14.0

v6.13.0

Bump @docker/actions-toolkit from 0.51.0 to 0.53.0 in docker/build-push-action#1308

Full Changelog: docker/build-push-action@v6.12.0...v6.13.0

v6.12.0

Bump @docker/actions-toolkit from 0.49.0 to 0.51.0 in docker/build-push-action#1300

Full Changelog: docker/build-push-action@v6.11.0...v6.12.0

v6.11.0

Handlebar defaultContext support for build-contexts input by @crazy-max in docker/build-push-action#1283

Bump @docker/actions-toolkit from 0.46.0 to 0.49.0 in docker/build-push-action#1281

Full Changelog: docker/build-push-action@v6.10.0...v6.11.0

v6.10.0

... (truncated)

Commits

2634353 Merge pull request #1381 from docker/dependabot/npm_and_yarn/docker/actions-t...
c0432d2 chore: update generated content
0bb1f27 set builder driver and endpoint attributes for dbc summary support
5f9dbf9 chore(deps): Bump @docker/actions-toolkit from 0.61.0 to 0.62.1
0788c44 Merge pull request #1375 from crazy-max/remove-gcr
aa179ca e2e: remove GCR
1dc7386 Merge pull request #1364 from crazy-max/history-export-cmd
9c9803f chore: update generated content
db1f6c4 DOCKER_BUILD_EXPORT_LEGACY env var to opt-in for legacy export
721e8c7 Bump @docker/actions-toolkit from 0.59.0 to 0.61.0
Additional commits viewable in compare view

Updates falti/dotenv-action from 0.2.7 to 1.1.5

Release notes

Sourced from falti/dotenv-action's releases.

Minor security path (js-yaml)

What's Changed

Change build history badge to test workflow badge by @falti in falti/dotenv-action#66

Bump js-yaml from 3.14.1 to 3.14.2 by @dependabot[bot] in falti/dotenv-action#67

Full Changelog: falti/dotenv-action@v1...v1.1.5

v1.1.4

Adds missing documentation of parameter ensure-exists

Allow to activate default .env behavior

You can now turn on the default .env behavior to succeed if no .env file is present by using setting ensure-exists to false. The action's default is still to fail in case of missing .env file for backwards-compatibility reasons.

Thank you @FranciscoKloganB for the contribution!

Minor update on Github actions

No release notes provided.

Prefix variables

This is a minor update which includes an option to prefix variables (useful for Terraforms).

v1.1

Used Node 20

flexible case options for keys

What's Changed

Cases for Keys by @DariuszPorowski in falti/dotenv-action#45

New Contributors

@DariuszPorowski made their first contribution in falti/dotenv-action#45

Full Changelog: falti/dotenv-action@v1...v1.0.4

Export environment variables

What's Changed

Bump json5 from 2.2.1 to 2.2.3 by @dependabot in falti/dotenv-action#41

Support exporting as environment variables by @F21 in falti/dotenv-action#43

New Contributors

@F21 made their first contribution in falti/dotenv-action#43

Full Changelog: falti/dotenv-action@v1...v1.0.3

Various improvements

What's Changed

fix: bump packages, fix core-output, fix eslint by @sammcj in falti/dotenv-action#39

New Contributors

... (truncated)

Commits

f4656c4 Merge pull request #67 from falti/dependabot/npm_and_yarn/js-yaml-3.14.2
c92728d Bump js-yaml from 3.14.1 to 3.14.2
c9510a9 Merge pull request #66 from falti/fix-badge
f23f28d Change build history badge to test workflow badge
a33be0b Merge pull request #61 from falti/fix-action-yml
e64539a Add ensure-exists to action.yml #60
7a3a44a Merge pull request #59 from falti/dependabot/npm_and_yarn/braces-3.0.3
2795aae Bump braces from 3.0.2 to 3.0.3
e22ec9a Merge pull request #58 from FranciscoKloganB/master
e7c0291 feat(ensureExists): allow action to succeed when file not found
Additional commits viewable in compare view

Updates Azure/setup-kubectl from 3 to 4

Release notes

Sourced from Azure/setup-kubectl's releases.

v4.0.0

Changed

#90 Migrate to node 20 as node 16 is deprecated

vv4.0.0

Changed

#90 Migrate to node 20 as node 16 is deprecated

v3.2 release

Uses the new kubectl download uri

v3.1 release

Bump @actions/core to prevent warning output.

Changelog

Sourced from Azure/setup-kubectl's changelog.

Changelog

[4.0.1] - 2025-06-17

Remove erronious 'v' prefix on previous changelog for v4.0.0 that led to "vv4.0.0" tag issue

Dependabot fixes

Commits

776406b build
d2d46d8 4.0.1 fix v prefix (#167)
2ec0509 Bump github/codeql-action in /.github/workflows in the actions group (#164)
8ee3331 Fix the major update packages including Jest. (#166)
857b11c Bump github/codeql-action in /.github/workflows in the actions group (#163)
fa3df0f Bump @types/node from 22.15.21 to 22.15.29 in the actions group (#161)
4d5f3ed Bump @types/node from 22.15.19 to 22.15.21 in the actions group (#160)
393d232 Bump github/codeql-action in /.github/workflows in the actions group (#158)
a0d6642 Bump the actions...
Description has been truncated

…ry with 15 updates Bumps the github-actions-all group with 15 updates in the / directory: | Package | From | To | | --- | --- | --- | | [actions/checkout](https://github.com/actions/checkout) | `2` | `6` | | [actions/setup-python](https://github.com/actions/setup-python) | `2` | `6` | | [actions/setup-go](https://github.com/actions/setup-go) | `2` | `6` | | [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) | `2.5.0` | `3.12.0` | | [docker/login-action](https://github.com/docker/login-action) | `1` | `3` | | [docker/metadata-action](https://github.com/docker/metadata-action) | `5.9.0` | `5.10.0` | | [docker/build-push-action](https://github.com/docker/build-push-action) | `5.4.0` | `6.18.0` | | [falti/dotenv-action](https://github.com/falti/dotenv-action) | `0.2.7` | `1.1.5` | | [Azure/setup-kubectl](https://github.com/azure/setup-kubectl) | `3` | `4` | | [aws-actions/configure-aws-credentials](https://github.com/aws-actions/configure-aws-credentials) | `1` | `5` | | [aws-actions/amazon-ecr-login](https://github.com/aws-actions/amazon-ecr-login) | `1` | `2` | | [actions/upload-artifact](https://github.com/actions/upload-artifact) | `4.4.0` | `6.0.0` | | [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) | `3.10.1` | `8.0.0` | | [anchore/sbom-action](https://github.com/anchore/sbom-action) | `0.15.10` | `0.21.0` | | [ossf/scorecard-action](https://github.com/ossf/scorecard-action) | `2.4.0` | `2.4.3` | Updates `actions/checkout` from 2 to 6 - [Release notes](https://github.com/actions/checkout/releases) - [Commits](actions/checkout@v2...v6) Updates `actions/setup-python` from 2 to 6 - [Release notes](https://github.com/actions/setup-python/releases) - [Commits](actions/setup-python@v2...v6) Updates `actions/setup-go` from 2 to 6 - [Release notes](https://github.com/actions/setup-go/releases) - [Commits](actions/setup-go@v2...v6) Updates `docker/setup-buildx-action` from 2.5.0 to 3.12.0 - [Release notes](https://github.com/docker/setup-buildx-action/releases) - [Commits](docker/setup-buildx-action@v2.5.0...v3.12.0) Updates `docker/login-action` from 1 to 3 - [Release notes](https://github.com/docker/login-action/releases) - [Commits](docker/login-action@v1...v3) Updates `docker/metadata-action` from 5.9.0 to 5.10.0 - [Release notes](https://github.com/docker/metadata-action/releases) - [Commits](docker/metadata-action@318604b...c299e40) Updates `docker/build-push-action` from 5.4.0 to 6.18.0 - [Release notes](https://github.com/docker/build-push-action/releases) - [Commits](docker/build-push-action@ca052bb...2634353) Updates `falti/dotenv-action` from 0.2.7 to 1.1.5 - [Release notes](https://github.com/falti/dotenv-action/releases) - [Commits](falti/dotenv-action@d4d12ea...f4656c4) Updates `Azure/setup-kubectl` from 3 to 4 - [Release notes](https://github.com/azure/setup-kubectl/releases) - [Changelog](https://github.com/Azure/setup-kubectl/blob/main/CHANGELOG.md) - [Commits](Azure/setup-kubectl@v3...v4) Updates `aws-actions/configure-aws-credentials` from 1 to 5 - [Release notes](https://github.com/aws-actions/configure-aws-credentials/releases) - [Changelog](https://github.com/aws-actions/configure-aws-credentials/blob/main/CHANGELOG.md) - [Commits](aws-actions/configure-aws-credentials@v1...v5) Updates `aws-actions/amazon-ecr-login` from 1 to 2 - [Release notes](https://github.com/aws-actions/amazon-ecr-login/releases) - [Changelog](https://github.com/aws-actions/amazon-ecr-login/blob/main/CHANGELOG.md) - [Commits](aws-actions/amazon-ecr-login@v1...v2) Updates `actions/upload-artifact` from 4.4.0 to 6.0.0 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](actions/upload-artifact@v4.4.0...v6) Updates `peter-evans/create-pull-request` from 3.10.1 to 8.0.0 - [Release notes](https://github.com/peter-evans/create-pull-request/releases) - [Commits](peter-evans/create-pull-request@7380612...98357b1) Updates `anchore/sbom-action` from 0.15.10 to 0.21.0 - [Release notes](https://github.com/anchore/sbom-action/releases) - [Changelog](https://github.com/anchore/sbom-action/blob/main/RELEASE.md) - [Commits](anchore/sbom-action@ab5d7b5...a930d0a) Updates `ossf/scorecard-action` from 2.4.0 to 2.4.3 - [Release notes](https://github.com/ossf/scorecard-action/releases) - [Changelog](https://github.com/ossf/scorecard-action/blob/main/RELEASE.md) - [Commits](ossf/scorecard-action@62b2cac...4eaacf0) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions-all - dependency-name: actions/setup-python dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions-all - dependency-name: actions/setup-go dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions-all - dependency-name: docker/setup-buildx-action dependency-version: 3.12.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions-all - dependency-name: docker/login-action dependency-version: '3' dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions-all - dependency-name: docker/metadata-action dependency-version: 5.10.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions-all - dependency-name: docker/build-push-action dependency-version: 6.18.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions-all - dependency-name: falti/dotenv-action dependency-version: 1.1.5 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions-all - dependency-name: Azure/setup-kubectl dependency-version: '4' dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions-all - dependency-name: aws-actions/configure-aws-credentials dependency-version: '5' dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions-all - dependency-name: aws-actions/amazon-ecr-login dependency-version: '2' dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions-all - dependency-name: actions/upload-artifact dependency-version: 6.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions-all - dependency-name: peter-evans/create-pull-request dependency-version: 8.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions-all - dependency-name: anchore/sbom-action dependency-version: 0.21.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions-all - dependency-name: ossf/scorecard-action dependency-version: 2.4.3 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions-all ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot · 2026-01-01T17:57:20Z

Labels

The following labels could not be found: automated, dependencies, github-actions. Please create them before Dependabot can add them to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

coveralls · 2026-01-01T18:02:10Z

Pull Request Test Coverage Report for Build 20642983635

Details

0 of 0 changed or added relevant lines in 0 files are covered.
No unchanged relevant lines lost coverage.
Overall coverage remained the same at 36.876%

Totals
Change from base Build 20390744785:	0.0%
Covered Lines:	2342
Relevant Lines:	6351

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

chore(deps)(deps): bump the github-actions-all group across 1 directory with 15 updates #77

chore(deps)(deps): bump the github-actions-all group across 1 directory with 15 updates #77

Uh oh!

dependabot bot commented on behalf of github Jan 1, 2026

Uh oh!

dependabot bot commented on behalf of github Jan 1, 2026

Uh oh!

coveralls commented Jan 1, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

chore(deps)(deps): bump the github-actions-all group across 1 directory with 15 updates #77

Are you sure you want to change the base?

chore(deps)(deps): bump the github-actions-all group across 1 directory with 15 updates #77

Uh oh!

Conversation

dependabot bot commented on behalf of github Jan 1, 2026

v6.0.0

What's Changed

v6-beta

What's Changed

v5.0.1

What's Changed

v5.0.0

What's Changed

⚠️ Minimum Compatible Runner Version

v4.3.1

What's Changed

v4.3.0

What's Changed

v6.0.0

What's Changed

Breaking Changes

Enhancements:

Bug fixes:

Dependency updates:

New Contributors

v5.6.0

What's Changed

v5.5.0

What's Changed

Enhancements:

Bug fixes:

v6.0.0

What's Changed

Breaking Changes

Dependency Upgrades

New Contributors

v5.6.0

What's Changed

v5.5.0

What's Changed

Bug fixes:

Dependency updates:

New Contributors

v3.12.0

v3.11.1

v3.11.0

v3.10.0

v3.9.0

v3.8.0

v3.7.1

v3.7.0

v3.0.0

v2.2.0

v2.1.0

v2.0.0

v1.14.1

v1.14.0

v1.13.0

v5.10.0

v6.18.0

v6.17.0

v6.16.0

v6.15.0

v6.14.0

v6.13.0

v6.12.0

v6.11.0

v6.10.0

Minor security path (js-yaml)

What's Changed

v1.1.4

Allow to activate default .env behavior

Minor update on Github actions

Prefix variables

v1.1

flexible case options for keys

What's Changed

New Contributors

Export environment variables