chore(deps): bump the github-actions group with 13 updates by dependabot[bot] · Pull Request #3014 · authzed/spicedb

dependabot · 2026-04-01T23:32:51Z

Bumps the github-actions group with 13 updates:

Package	From	To
benchmark-action/github-action-benchmark	`1.21.0`	`1.22.0`
actions/cache	`5.0.3`	`5.0.4`
dorny/paths-filter	`3.0.2`	`4.0.1`
docker/login-action	`3.7.0`	`4.0.0`
codecov/codecov-action	`5.5.2`	`6.0.0`
chainguard-dev/actions	`1.6.5`	`1.6.11`
juliangruber/approve-pull-request-action	`2.0.6`	`2.1.0`
slackapi/slack-github-action	`2.1.1`	`3.0.1`
dangoslen/changelog-enforcer	`ea6a56764870c323a4563f450c0a50c5f2d72cd6`	`eab831d58fab83cf3eaa8af77ef1d702c4f02350`
docker/setup-qemu-action	`3.7.0`	`4.0.0`
docker/setup-buildx-action	`3.12.0`	`4.0.0`
nowsprinting/check-version-format-action	`4.0.7`	`5.0.1`
shogo82148/actions-upload-release-asset	`1.9.2`	`1.10.0`

Updates benchmark-action/github-action-benchmark from 1.21.0 to 1.22.0

Release notes

Sourced from benchmark-action/github-action-benchmark's releases.

v1.22.0

chore bump node to 24 (#339)

Full Changelog: benchmark-action/github-action-benchmark@v1.21.0...v1.22.0

Changelog

Sourced from benchmark-action/github-action-benchmark's changelog.

Unreleased

v1.22.0 - 31 Mar 2026

chore bump node to 24 (#339)

v1.21.0 - 02 Mar 2026

fix include package name for duplicate bench names (#330)

fix avoid duplicate package suffix in Go benchmarks (#337)

v1.20.7 - 06 Sep 2025

fix improve parsing for custom benchmarks (#323)

v1.20.5 - 02 Sep 2025

feat allow to parse generic cargo bench/criterion units (#280)

fix add summary even when failure threshold is surpassed (#285)

fix time units are not normalized (#318)

v1.20.4 - 23 Oct 2024

feat add typings and validation workflow (#257)

v1.20.3 - 19 May 2024

fix Catch2 v.3.5.0 changed output format (#247)

v1.20.2 - 19 May 2024

fix Support sub-nanosecond precision on Cargo benchmarks (#246)

v1.20.1 - 02 Apr 2024

fix release script

v1.20.0 - 02 Apr 2024

fix Rust benchmarks not comparing to baseline (#235)

feat Comment on PR and auto update comment (#223)

v1.19.3 - 02 Feb 2024

fix ratio is NaN when previous value is 0. Now, print 1 when both values are 0 and +-∞ when divisor is 0 (#222)

fix action hangs in some cases for go fiber benchmarks (#225)

v1.19.2 - 26 Jan 2024

fix markdown rendering for summary is broken (#218)

... (truncated)

Commits

a60cea5 release v1.22.0
See full diff in compare view

Updates actions/cache from 5.0.3 to 5.0.4

Release notes

Sourced from actions/cache's releases.

v5.0.4

What's Changed

Add release instructions and update maintainer docs by @Link- in actions/cache#1696

Potential fix for code scanning alert no. 52: Workflow does not contain permissions by @Link- in actions/cache#1697

Fix workflow permissions and cleanup workflow names / formatting by @Link- in actions/cache#1699

docs: Update examples to use the latest version by @XZTDean in actions/cache#1690

Fix proxy integration tests by @Link- in actions/cache#1701

Fix cache key in examples.md for bun.lock by @RyPeck in actions/cache#1722

Update dependencies & patch security vulnerabilities by @Link- in actions/cache#1738

New Contributors

@XZTDean made their first contribution in actions/cache#1690

@RyPeck made their first contribution in actions/cache#1722

Full Changelog: actions/cache@v5...v5.0.4

Changelog

Sourced from actions/cache's changelog.

Releases

How to prepare a release

[!NOTE]
Relevant for maintainers with write access only.

Switch to a new branch from main.

Run npm test to ensure all tests are passing.

Update the version in https://github.com/actions/cache/blob/main/package.json.

Run npm run build to update the compiled files.

Update this https://github.com/actions/cache/blob/main/RELEASES.md with the new version and changes in the ## Changelog section.

Run licensed cache to update the license report.

Run licensed status and resolve any warnings by updating the https://github.com/actions/cache/blob/main/.licensed.yml file with the exceptions.

Commit your changes and push your branch upstream.

Open a pull request against main and get it reviewed and merged.

Draft a new release https://github.com/actions/cache/releases use the same version number used in package.json

Create a new tag with the version number.

Auto generate release notes and update them to match the changes you made in RELEASES.md.

Toggle the set as the latest release option.

Publish the release.

Navigate to https://github.com/actions/cache/actions/workflows/release-new-action-version.yml

There should be a workflow run queued with the same version number.

Approve the run to publish the new version and update the major tags for this action.

Changelog

5.0.4

Bump minimatch to v3.1.5 (fixes ReDoS via globstar patterns)

Bump undici to v6.24.1 (WebSocket decompression bomb protection, header validation fixes)

Bump fast-xml-parser to v5.5.6

5.0.3

Bump @actions/cache to v5.0.5 (Resolves: https://github.com/actions/cache/security/dependabot/33)

Bump @actions/core to v2.0.3

5.0.2

Bump @actions/cache to v5.0.3 #1692

5.0.1

Update @azure/storage-blob to ^12.29.1 via @actions/cache@5.0.1 #1685

5.0.0

[!IMPORTANT] actions/cache@v5 runs on the Node.js 24 runtime and requires a minimum Actions Runner version of 2.327.1.

... (truncated)

Commits

6682284 Merge pull request #1738 from actions/prepare-v5.0.4
e340396 Update RELEASES
8a67110 Add licenses
1865903 Update dependencies & patch security vulnerabilities
5656298 Merge pull request #1722 from RyPeck/patch-1
4e380d1 Fix cache key in examples.md for bun.lock
b7e8d49 Merge pull request #1701 from actions/Link-/fix-proxy-integration-tests
984a21b Add traffic sanity check step
acf2f1f Fix resolution
95a07c5 Add wait for proxy
Additional commits viewable in compare view

Updates dorny/paths-filter from 3.0.2 to 4.0.1

Release notes

Sourced from dorny/paths-filter's releases.

v4.0.1

What's Changed

Support merge queue by @masaru-iritani in dorny/paths-filter#255

New Contributors

@masaru-iritani made their first contribution in dorny/paths-filter#255

Full Changelog: dorny/paths-filter@v4.0.0...v4.0.1

v4.0.0

What's Changed

feat: update action runtime to node24 by @saschabratton in dorny/paths-filter#294

New Contributors

@saschabratton made their first contribution in dorny/paths-filter#294

Full Changelog: dorny/paths-filter@v3.0.3...v4.0.0

v3.0.3

What's Changed

Add missing predicate-quantifier by @wardpeet in dorny/paths-filter#279

New Contributors

@wardpeet made their first contribution in dorny/paths-filter#279

Full Changelog: dorny/paths-filter@v3...v3.0.3

Changelog

Sourced from dorny/paths-filter's changelog.

Changelog

v4.0.0

Update action runtime to node24

v3.0.3

Add missing predicate-quantifier

v3.0.2

Add config parameter for predicate quantifier

v3.0.1

Compare base and ref when token is empty

v3.0.0

Update to Node.js 20

Update all dependencies

v2.11.1

Update @actions/core to v1.10.0 - Fixes warning about deprecated set-output

Document need for pull-requests: read permission

Updating to actions/checkout@v3

v2.11.0

Set list-files input parameter as not required

Update Node.js

Fix incorrect handling of Unicode characters in exec()

Use Octokit pagination

Updates real world links

v2.10.2

Fix getLocalRef() returns wrong ref

v2.10.1

Improve robustness of change detection

v2.10.0

Add ref input parameter

Fix change detection in PR when pullRequest.changed_files is incorrect

v2.9.3

Fix change detection when base is a tag

v2.9.2

Fix fetching git history

v2.9.1

Fix fetching git history + fallback to unshallow repo

v2.9.0

... (truncated)

Commits

fbd0ab8 feat: add merge_group event support
efb1da7 feat: add dist/ freshness check to PR workflow
d8f7b06 Merge pull request #302 from dorny/issue-299
addbc14 Update README for v4
9d7afb8 Update CHANGELOG for v4.0.0
782470c Merge branch 'releases/v3'
d1c1ffe Update CHANGELOG for v3.0.3
ce10459 Merge pull request #294 from saschabratton/master
5f40380 feat: update action runtime to node24
668c092 Merge pull request #279 from wardpeet/patch-1
Additional commits viewable in compare view

Updates docker/login-action from 3.7.0 to 4.0.0

Release notes

Sourced from docker/login-action's releases.

v4.0.0

Node 24 as default runtime (requires Actions Runner v2.327.1 or later) by @crazy-max in docker/login-action#929

Switch to ESM and update config/test wiring by @crazy-max in docker/login-action#927

Bump @actions/core from 1.11.1 to 3.0.0 in docker/login-action#919

Bump @aws-sdk/client-ecr from 3.890.0 to 3.1000.0 in docker/login-action#909 docker/login-action#920

Bump @aws-sdk/client-ecr-public from 3.890.0 to 3.1000.0 in docker/login-action#909 docker/login-action#920

Bump @docker/actions-toolkit from 0.63.0 to 0.77.0 in docker/login-action#910 docker/login-action#928

Bump @isaacs/brace-expansion from 5.0.0 to 5.0.1 in docker/login-action#921

Bump js-yaml from 4.1.0 to 4.1.1 in docker/login-action#901

Full Changelog: docker/login-action@v3.7.0...v4.0.0

Commits

b45d80f Merge pull request #929 from crazy-max/node24
176cb9c node 24 as default runtime
cad8984 Merge pull request #920 from docker/dependabot/npm_and_yarn/aws-sdk-dependenc...
92cbcb2 chore: update generated content
5a2d6a7 build(deps): bump the aws-sdk-dependencies group with 2 updates
44512b6 Merge pull request #928 from docker/dependabot/npm_and_yarn/docker/actions-to...
28737a5 chore: update generated content
dac0793 build(deps): bump @docker/actions-toolkit from 0.76.0 to 0.77.0
62029f3 Merge pull request #919 from docker/dependabot/npm_and_yarn/actions/core-3.0.0
08c8f06 chore: update generated content
Additional commits viewable in compare view

Updates codecov/codecov-action from 5.5.2 to 6.0.0

Release notes

Sourced from codecov/codecov-action's releases.

v6.0.0

⚠️ This version introduces support for node24 which make cause breaking changes for systems that do not currently support node24. ⚠️

What's Changed

Revert "Revert "build(deps): bump actions/github-script from 7.0.1 to 8.0.0"" by @thomasrockhu-codecov in codecov/codecov-action#1929

Th/6.0.0 by @thomasrockhu-codecov in codecov/codecov-action#1928

Full Changelog: codecov/codecov-action@v5.5.4...v6.0.0

v5.5.4

This is a mirror of v5.5.2. v6 will be released which requires node24

What's Changed

Revert "build(deps): bump actions/github-script from 7.0.1 to 8.0.0" by @thomasrockhu-codecov in codecov/codecov-action#1926

chore(release): 5.5.4 by @thomasrockhu-codecov in codecov/codecov-action#1927

Full Changelog: codecov/codecov-action@v5.5.3...v5.5.4

v5.5.3

What's Changed

build(deps): bump actions/github-script from 7.0.1 to 8.0.0 by @dependabot[bot] in codecov/codecov-action#1874

chore(release): bump to 5.5.3 by @thomasrockhu-codecov in codecov/codecov-action#1922

Full Changelog: codecov/codecov-action@v5.5.2...v5.5.3

Changelog

Sourced from codecov/codecov-action's changelog.

v5.5.2

What's Changed

Full Changelog: https://github.com/codecov/codecov-action/compare/v5.5.1..v5.5.2

v5.5.1

What's Changed

fix: overwrite pr number on fork by @thomasrockhu-codecov in codecov/codecov-action#1871

build(deps): bump actions/checkout from 4.2.2 to 5.0.0 by @app/dependabot in codecov/codecov-action#1868

build(deps): bump github/codeql-action from 3.29.9 to 3.29.11 by @app/dependabot in codecov/codecov-action#1867

fix: update to use local app/ dir by @thomasrockhu-codecov in codecov/codecov-action#1872

docs: fix typo in README by @datalater in codecov/codecov-action#1866

Document a codecov-cli version reference example by @webknjaz in codecov/codecov-action#1774

build(deps): bump github/codeql-action from 3.28.18 to 3.29.9 by @app/dependabot in codecov/codecov-action#1861

build(deps): bump ossf/scorecard-action from 2.4.1 to 2.4.2 by @app/dependabot in codecov/codecov-action#1833

Full Changelog: https://github.com/codecov/codecov-action/compare/v5.5.0..v5.5.1

v5.5.0

What's Changed

feat: upgrade wrapper to 0.2.4 by @jviall in codecov/codecov-action#1864

Pin actions/github-script by Git SHA by @martincostello in codecov/codecov-action#1859

fix: check reqs exist by @joseph-sentry in codecov/codecov-action#1835

fix: Typo in README by @spalmurray in codecov/codecov-action#1838

docs: Refine OIDC docs by @spalmurray in codecov/codecov-action#1837

build(deps): bump github/codeql-action from 3.28.17 to 3.28.18 by @app/dependabot in codecov/codecov-action#1829

Full Changelog: https://github.com/codecov/codecov-action/compare/v5.4.3..v5.5.0

v5.4.3

What's Changed

build(deps): bump github/codeql-action from 3.28.13 to 3.28.17 by @app/dependabot in codecov/codecov-action#1822

fix: OIDC on forks by @joseph-sentry in codecov/codecov-action#1823

Full Changelog: https://github.com/codecov/codecov-action/compare/v5.4.2..v5.4.3

v5.4.2

... (truncated)

Commits

57e3a13 Th/6.0.0 (#1928)
f67d33d Revert "Revert "build(deps): bump actions/github-script from 7.0.1 to 8.0.0""...
75cd116 chore(release): 5.5.4 (#1927)
87d39f4 Revert "build(deps): bump actions/github-script from 7.0.1 to 8.0.0" (#1926)
1af5884 chore(release): bump to 5.5.3 (#1922)
c143300 build(deps): bump actions/github-script from 7.0.1 to 8.0.0 (#1874)
See full diff in compare view

Updates chainguard-dev/actions from 1.6.5 to 1.6.11

Release notes

Sourced from chainguard-dev/actions's releases.

v1.6.11

What's Changed

build(deps): bump chainguard-dev/actions from 1.6.9 to 1.6.10 in /wolfi-build-pkg by @dependabot[bot] in chainguard-dev/actions#818

build(deps): bump chainguard-dev/actions from 1.6.9 to 1.6.10 in /melange-build by @dependabot[bot] in chainguard-dev/actions#817

build(deps): bump chainguard-dev/actions from 1.6.9 to 1.6.10 in /inky-build-pkg by @dependabot[bot] in chainguard-dev/actions#816

build(deps): bump chainguard-dev/actions from 1.6.9 to 1.6.10 in /goimports by @dependabot[bot] in chainguard-dev/actions#815

build(deps): bump chainguard-dev/actions from 1.6.9 to 1.6.10 in /gofmt by @dependabot[bot] in chainguard-dev/actions#814

build(deps): bump chainguard-dev/actions from 1.6.9 to 1.6.10 by @dependabot[bot] in chainguard-dev/actions#813

build(deps): bump chainguard-dev/setup-chainctl from 0.5.0 to 0.5.1 in /setup-chainctl by @dependabot[bot] in chainguard-dev/actions#820

build(deps): bump chainguard-dev/setup-chainctl from 0.5.0 to 0.5.1 in /setup-chainguard-terraform by @dependabot[bot] in chainguard-dev/actions#821

fix(security): pin apko-build Docker image to digest by @antitree in chainguard-dev/actions#819

feat(harden-runner): move to inline block policies by @egibs in chainguard-dev/actions#822

add more endpoints for Go Workflows by @egibs in chainguard-dev/actions#824

validate checksums of the installs by @joshrwolf in chainguard-dev/actions#823

build(deps): bump sigstore/cosign-installer from 4.1.0 to 4.1.1 in /setup-argo-workflows by @dependabot[bot] in chainguard-dev/actions#825

New Contributors

@antitree made their first contribution in chainguard-dev/actions#819

Full Changelog: chainguard-dev/actions@v1.6.10...v1.6.11

v1.6.10

What's Changed

build(deps): bump chainguard-dev/actions from 1.6.8 to 1.6.9 in /melange-build by @dependabot[bot] in chainguard-dev/actions#809

build(deps): bump chainguard-dev/actions from 1.6.8 to 1.6.9 in /wolfi-build-pkg by @dependabot[bot] in chainguard-dev/actions#810

build(deps): bump chainguard-dev/actions from 1.6.8 to 1.6.9 in /inky-build-pkg by @dependabot[bot] in chainguard-dev/actions#808

build(deps): bump chainguard-dev/actions from 1.6.8 to 1.6.9 in /gofmt by @dependabot[bot] in chainguard-dev/actions#806

build(deps): bump chainguard-dev/actions from 1.6.8 to 1.6.9 in /goimports by @dependabot[bot] in chainguard-dev/actions#807

build(deps): bump chainguard-dev/actions from 1.6.8 to 1.6.9 by @dependabot[bot] in chainguard-dev/actions#805

build(deps): bump azure/setup-helm from 4.3.1 to 5.0.0 in /setup-monitoring by @dependabot[bot] in chainguard-dev/actions#812

pass through optional job name and create job span id by @joshrwolf in chainguard-dev/actions#811

Full Changelog: chainguard-dev/actions@v1.6.9...v1.6.10

v1.6.9

What's Changed

build(deps): bump chainguard-dev/actions from 1.6.5 to 1.6.6 in /melange-build by @dependabot[bot] in chainguard-dev/actions#795

build(deps): bump chainguard-dev/actions from 1.6.5 to 1.6.6 in /wolfi-build-pkg by @dependabot[bot] in chainguard-dev/actions#796

build(deps): bump chainguard-dev/actions from 1.6.5 to 1.6.6 in /inky-build-pkg by @dependabot[bot] in chainguard-dev/actions#794

build(deps): bump chainguard-dev/actions from 1.6.5 to 1.6.6 in /gofmt by @dependabot[bot] in chainguard-dev/actions#792

build(deps): bump chainguard-dev/actions from 1.6.5 to 1.6.6 by @dependabot[bot] in chainguard-dev/actions#790

build(deps): bump chainguard-dev/actions from 1.6.5 to 1.6.6 in /goimports by @dependabot[bot] in chainguard-dev/actions#793

build(deps): bump step-security/harden-runner from 2.15.0 to 2.15.1 by @dependabot[bot] in chainguard-dev/actions#791

build(deps): bump sigstore/cosign-installer from 4.0.0 to 4.1.0 in /setup-argo-workflows by @dependabot[bot] in chainguard-dev/actions#803

build(deps): bump chainguard-dev/actions from 1.6.7 to 1.6.8 in /wolfi-build-pkg by @dependabot[bot] in chainguard-dev/actions#804

build(deps): bump chainguard-dev/actions from 1.6.7 to 1.6.8 in /melange-build by @dependabot[bot] in chainguard-dev/actions#802

build(deps): bump chainguard-dev/actions from 1.6.7 to 1.6.8 in /goimports by @dependabot[bot] in chainguard-dev/actions#800

build(deps): bump chainguard-dev/actions from 1.6.7 to 1.6.8 in /inky-build-pkg by @dependabot[bot] in chainguard-dev/actions#801

build(deps): bump chainguard-dev/actions from 1.6.7 to 1.6.8 by @dependabot[bot] in chainguard-dev/actions#799

... (truncated)

Commits

8bb24c2 validate checksums of the installs (#823)
ec9ada7 build(deps): bump sigstore/cosign-installer in /setup-argo-workflows (#825)
61918c9 add more endpoints for Go Workflows (#824)
0b50b93 feat(harden-runner): move to inline block policies (#822)
9f56ab6 fix(security): FIND-005 pin apko-build Docker image to digest (#819)
5c361aa build(deps): bump chainguard-dev/setup-chainctl in /setup-chainctl (#820)
cecb667 build(deps): bump chainguard-dev/setup-chainctl (#821)
c455bf8 build(deps): bump chainguard-dev/actions from 1.6.9 to 1.6.10 (#813)
2c8be80 build(deps): bump chainguard-dev/actions from 1.6.9 to 1.6.10 in /gofmt (#814)
6b3b09d build(deps): bump chainguard-dev/actions in /goimports (#815)
Additional commits viewable in compare view

Updates juliangruber/approve-pull-request-action from 2.0.6 to 2.1.0

Release notes

Sourced from juliangruber/approve-pull-request-action's releases.

v2.1.0

Update node version (#83) ef2657f

ci: add workflow_dispatch c97e272

Bump braces from 3.0.2 to 3.0.3 (#74) f88e49d

Bump undici from 5.28.3 to 5.28.4 (#73) 1fe354e

juliangruber/approve-pull-request-action@v2.0.6...v2.1.0

Commits

68fcc9a 2.1.0
ef2657f Update node version (#83)
c97e272 ci: add workflow_dispatch
f88e49d Bump braces from 3.0.2 to 3.0.3 (#74)
1fe354e Bump undici from 5.28.3 to 5.28.4 (#73)
See full diff in compare view

Updates slackapi/slack-github-action from 2.1.1 to 3.0.1

Release notes

Sourced from slackapi/slack-github-action's releases.

Slack GitHub Action v3.0.1

What's Changed

Alongside the breaking changes of @v3.0.0 and a new technique to run Slack CLI commands, we tried the wrong name to publish to the GitHub Marketplace 🐙 This action is now noted as The Slack GitHub Action in listings 🎶 ✨

🎨 Maintenance

chore: use a unique title for marketplace in slackapi/slack-github-action#576 - Thanks @zimeg!

chore(release): tag version 3.0.1 in slackapi/slack-github-action#577 - Thanks @zimeg!

Full Changelog: slackapi/slack-github-action@v3.0.0...v3.0.1

Slack GitHub Action v3.0.0

The @v3.0.0 release had a hiccup on publish and we recommend using @v3.0.1 or a more recent version when updating! Oops!

🎽 Running Slack CLI commands and the active Node runtime, both included in this release 👟 ✨

⚠️ Breaking change: Node.js 24 the runtime

This major version updates the GitHub Actions required runtime to Node.js 24. Most GitHub-hosted runners already include this, but self-hosted runners may need to be updated ahead of planned deprecations of Node 20 on GitHub Actions runners.

📺 Enhancement: Run Slack CLI commands

This release introduces a new technique for running Slack CLI commands directly in GitHub Actions workflows. Use this to install the latest version (or a specific one) of the CLI and execute commands like deploy for merges to main, manifest validate with tests, and other commands.

Gather a token using the following CLI command to store with repo secrets, then get started with an example below:
$ slack auth token
🧪 Validate an app manifest on pull requests

Check that your app manifest is valid before merging changes:

🔗 https://docs.slack.dev/tools/slack-github-action/sending-techniques/running-slack-cli-commands/validate-a-manifest
- name: Validate the manifest
  uses: slackapi/slack-github-action/cli@v3.0.0
  with:
    command: "manifest validate --app ${{ vars.SLACK_APP_ID }}"
    token: ${{ secrets.SLACK_SERVICE_TOKEN }}
🚀 Deploy your app on push to main

Automate deployments whenever changes land on your main branch:

🔗 https://docs.slack.dev/tools/slack-github-action/sending-techniques/running-slack-cli-commands/deploy-an-app

... (truncated)

Commits

af78098 Release
add1a00 chore(release): tag version 3.0.1 (#577)
2bc9e7a chore: use a unique title for marketplace (#576)
c5d43da chore(release): tag version 3.0.0 (#575)
963b979 build(deps): bump @slack/web-api from 7.14.1 to 7.15.0 (#574)
90b7328 build(deps): bump @slack/logger from 4.0.0 to 4.0.1 (#573)
e45cb89 feat: support slack cli commands with composite action inputs (#560)
0aed2c2 build(deps): bump https-proxy-agent from 7.0.6 to 8.0.0 (#572)
4795f96 build(deps-dev): bump sinon from 21.0.1 to 21.0.2 (#571)
bd9e2ce build(deps): bump actions/setup-node from 6.2.0 to 6.3.0 (#569)
Additional commits viewable in compare view

Updates dangoslen/changelog-enforcer from ea6a56764870c323a4563f450c0a50c5f2d72cd6 to eab831d58fab83cf3eaa8af77ef1d702c4f02350

Changelog

Sourced from dangoslen/changelog-enforcer's changelog.

CHANGELOG

Inspired from Keep a Changelog

[UNRELEASED]

Dependencies

Bump stefanzweifel/git-auto-commit-action from 5.0.0 to 5.0.1 (#287)

Bump eslint from 8.57.0 to 9.7.0 (#288)

[v3.6.1]

Changed

Fix Github Actions Annotations (#281)

Fixed

Handle skipLabels that contains emojis by properly looking for : characters in the label extractor regex (fixes #284)

Dependencies

Bump eslint from 8.56.0 to 8.57.0 (#282)

Bump actions/checkout from 4.1.1 to 4.1.2 (#283)

[v3.6.0]

Changed

Now runs on Node 20

Updates .nvmrc to set the version

Updates node version in action.yml

Dependencies

Bump node-fetch from 2.6.12 to 2.7.0 (#264, #270)

Bump actions/checkout from 3.5.3 to 4.1.1 (#266, #267, #271, #275)

Bump @vercel/ncc from 0.36.1 to 0.38.1 (#268, #276)

Bump jest from 29.6.2 to 29.7.0 (#269)

Bump stefanzweifel/git-auto-commit-action from 4.16.0 to 5.0.0 (#272)

Bump @actions/github from 5.1.1 to 6.0.0 (#273)

Bump @actions/core from 1.10.0 to 1.10.1 (#274)

Bump eslint from 8.46.0 to 8.56.0 (#279)

[v3.5.1]

Security

Removes uglify-js and dist packages

Dependencies

Bump jest from 29.5.0 to 29.6.2 (#260)

Bump eslint from 8.42.0 to 8.46.0 (#261)

[v3.5.0]

Dependencies

Bump @vercel/ncc from 0.34.0 to 0.36.1 (#247)

Bump eslint from 8.31.0 to 8.42.0 (#249)

Bump actions/checkout from 3.5.2 to 3.5.3 (#250)

Bump node-fetch from 2.6.9 to 2.6.12 (#251, #253)

... (truncated)

Commits

eab831d Enforce proper verification for even the enforce-changelog step (#300)
See full diff in compare view

Updates docker/setup-qemu-action from 3.7.0 to 4.0.0

Release notes

Sourced from docker/setup-qemu-action's releases.

v4.0.0

Node 24 as default runtime (requires

Bumps the github-actions group with 13 updates: | Package | From | To | | --- | --- | --- | | [benchmark-action/github-action-benchmark](https://github.com/benchmark-action/github-action-benchmark) | `1.21.0` | `1.22.0` | | [actions/cache](https://github.com/actions/cache) | `5.0.3` | `5.0.4` | | [dorny/paths-filter](https://github.com/dorny/paths-filter) | `3.0.2` | `4.0.1` | | [docker/login-action](https://github.com/docker/login-action) | `3.7.0` | `4.0.0` | | [codecov/codecov-action](https://github.com/codecov/codecov-action) | `5.5.2` | `6.0.0` | | [chainguard-dev/actions](https://github.com/chainguard-dev/actions) | `1.6.5` | `1.6.11` | | [juliangruber/approve-pull-request-action](https://github.com/juliangruber/approve-pull-request-action) | `2.0.6` | `2.1.0` | | [slackapi/slack-github-action](https://github.com/slackapi/slack-github-action) | `2.1.1` | `3.0.1` | | [dangoslen/changelog-enforcer](https://github.com/dangoslen/changelog-enforcer) | `ea6a56764870c323a4563f450c0a50c5f2d72cd6` | `eab831d58fab83cf3eaa8af77ef1d702c4f02350` | | [docker/setup-qemu-action](https://github.com/docker/setup-qemu-action) | `3.7.0` | `4.0.0` | | [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) | `3.12.0` | `4.0.0` | | [nowsprinting/check-version-format-action](https://github.com/nowsprinting/check-version-format-action) | `4.0.7` | `5.0.1` | | [shogo82148/actions-upload-release-asset](https://github.com/shogo82148/actions-upload-release-asset) | `1.9.2` | `1.10.0` | Updates `benchmark-action/github-action-benchmark` from 1.21.0 to 1.22.0 - [Release notes](https://github.com/benchmark-action/github-action-benchmark/releases) - [Changelog](https://github.com/benchmark-action/github-action-benchmark/blob/master/CHANGELOG.md) - [Commits](benchmark-action/github-action-benchmark@a7bc236...a60cea5) Updates `actions/cache` from 5.0.3 to 5.0.4 - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](actions/cache@cdf6c1f...6682284) Updates `dorny/paths-filter` from 3.0.2 to 4.0.1 - [Release notes](https://github.com/dorny/paths-filter/releases) - [Changelog](https://github.com/dorny/paths-filter/blob/master/CHANGELOG.md) - [Commits](dorny/paths-filter@de90cc6...fbd0ab8) Updates `docker/login-action` from 3.7.0 to 4.0.0 - [Release notes](https://github.com/docker/login-action/releases) - [Commits](docker/login-action@c94ce9f...b45d80f) Updates `codecov/codecov-action` from 5.5.2 to 6.0.0 - [Release notes](https://github.com/codecov/codecov-action/releases) - [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md) - [Commits](codecov/codecov-action@671740a...57e3a13) Updates `chainguard-dev/actions` from 1.6.5 to 1.6.11 - [Release notes](https://github.com/chainguard-dev/actions/releases) - [Commits](chainguard-dev/actions@71714a7...8bb24c2) Updates `juliangruber/approve-pull-request-action` from 2.0.6 to 2.1.0 - [Release notes](https://github.com/juliangruber/approve-pull-request-action/releases) - [Commits](juliangruber/approve-pull-request-action@b71c44f...68fcc9a) Updates `slackapi/slack-github-action` from 2.1.1 to 3.0.1 - [Release notes](https://github.com/slackapi/slack-github-action/releases) - [Commits](slackapi/slack-github-action@91efab1...af78098) Updates `dangoslen/changelog-enforcer` from ea6a56764870c323a4563f450c0a50c5f2d72cd6 to eab831d58fab83cf3eaa8af77ef1d702c4f02350 - [Release notes](https://github.com/dangoslen/changelog-enforcer/releases) - [Changelog](https://github.com/dangoslen/changelog-enforcer/blob/main/CHANGELOG.md) - [Commits](dangoslen/changelog-enforcer@ea6a567...eab831d) Updates `docker/setup-qemu-action` from 3.7.0 to 4.0.0 - [Release notes](https://github.com/docker/setup-qemu-action/releases) - [Commits](docker/setup-qemu-action@c7c5346...ce36039) Updates `docker/setup-buildx-action` from 3.12.0 to 4.0.0 - [Release notes](https://github.com/docker/setup-buildx-action/releases) - [Commits](docker/setup-buildx-action@8d2750c...4d04d5d) Updates `nowsprinting/check-version-format-action` from 4.0.7 to 5.0.1 - [Release notes](https://github.com/nowsprinting/check-version-format-action/releases) - [Commits](nowsprinting/check-version-format-action@bb1181a...976544c) Updates `shogo82148/actions-upload-release-asset` from 1.9.2 to 1.10.0 - [Release notes](https://github.com/shogo82148/actions-upload-release-asset/releases) - [Commits](shogo82148/actions-upload-release-asset@8f6863c...96bc1f0) --- updated-dependencies: - dependency-name: benchmark-action/github-action-benchmark dependency-version: 1.22.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: actions/cache dependency-version: 5.0.4 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: dorny/paths-filter dependency-version: 4.0.1 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: docker/login-action dependency-version: 4.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: codecov/codecov-action dependency-version: 6.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: chainguard-dev/actions dependency-version: 1.6.11 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: juliangruber/approve-pull-request-action dependency-version: 2.1.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: slackapi/slack-github-action dependency-version: 3.0.1 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: dangoslen/changelog-enforcer dependency-version: eab831d58fab83cf3eaa8af77ef1d702c4f02350 dependency-type: direct:production dependency-group: github-actions - dependency-name: docker/setup-qemu-action dependency-version: 4.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: docker/setup-buildx-action dependency-version: 4.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: nowsprinting/check-version-format-action dependency-version: 5.0.1 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: shogo82148/actions-upload-release-asset dependency-version: 1.10.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Apr 1, 2026

dependabot bot requested a review from a team as a code owner April 1, 2026 23:32

dependabot bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Apr 1, 2026

github-actions bot added the area/tooling Affects the dev or user toolchain (e.g. tests, ci, build tools) label Apr 1, 2026

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore(deps): bump the github-actions group with 13 updates#3014

chore(deps): bump the github-actions group with 13 updates#3014
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/github_actions/github-actions-50e21b1cb7

dependabot bot commented on behalf of github Apr 1, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

Conversation

dependabot bot commented on behalf of github Apr 1, 2026

v1.22.0

Unreleased

v1.22.0 - 31 Mar 2026

v1.21.0 - 02 Mar 2026

v1.20.7 - 06 Sep 2025

v1.20.5 - 02 Sep 2025

v1.20.4 - 23 Oct 2024

v1.20.3 - 19 May 2024

v1.20.2 - 19 May 2024

v1.20.1 - 02 Apr 2024

v1.20.0 - 02 Apr 2024

v1.19.3 - 02 Feb 2024

v1.19.2 - 26 Jan 2024

v5.0.4

What's Changed

New Contributors

Releases

How to prepare a release

Changelog

5.0.4

5.0.3

5.0.2

5.0.1

5.0.0

v4.0.1

What's Changed

New Contributors

v4.0.0

What's Changed

New Contributors

v3.0.3

What's Changed

New Contributors

Changelog

v4.0.0

v3.0.3

v3.0.2

v3.0.1

v3.0.0

v2.11.1

v2.11.0

v2.10.2

v2.10.1

v2.10.0

v2.9.3

v2.9.2

v2.9.1

v2.9.0

v4.0.0

v6.0.0

⚠️ This version introduces support for node24 which make cause breaking changes for systems that do not currently support node24. ⚠️

What's Changed

v5.5.4

What's Changed

v5.5.3

What's Changed

v5.5.2

What's Changed

v5.5.1

What's Changed

v5.5.0

What's Changed

v5.4.3

What's Changed

v5.4.2

v1.6.11

What's Changed

New Contributors

v1.6.10

What's Changed

v1.6.9

What's Changed

v2.1.0

Slack GitHub Action v3.0.1

What's Changed

🎨 Maintenance

Slack GitHub Action v3.0.0

⚠️ Breaking change: Node.js 24 the runtime