Skip to content

chore(deps): bump the actions group across 1 directory with 4 updates#221

Open
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/github_actions/actions-e15d8a8fac
Open

chore(deps): bump the actions group across 1 directory with 4 updates#221
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/github_actions/actions-e15d8a8fac

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github Mar 5, 2026
edited
Loading

Bumps the actions group with 4 updates in the / directory: anchore/sbom-action, docker/login-action, docker/setup-qemu-action and goreleaser/goreleaser-action.

Updates anchore/sbom-action from 0.20.10 to 0.23.0

Release notes

Sourced from anchore/sbom-action's releases.

v0.23.0

v0.22.2

⬆️ Dependencies

v0.22.1

⬆️ Dependencies

v0.22.0

Changes in v0.22.0

⬆️ Dependencies

v0.21.1

Changes in v0.21.1

v0.21.0

  • chore(deps): update Syft to v1.39.0 (#561)
  • chore(deps): bump @​octokit/request-error, @​octokit/core and @​octokit/webhooks (#560)
  • chore(deps): bump peter-evans/create-pull-request from 7.0.11 to 8.0.0 (#558)

v0.20.11

Changes in v0.20.11

Commits
  • 17ae174 chore(deps/test): move to es modules, node:test, single dist file (#595)
  • 6d473d3 chore(deps): update Syft to v1.42.1 (#599)
  • 60619e7 fix tests and bump fast-xml-parser (#598)
  • e2bd58a chore(deps-dev): bump the dev-dependencies group with 3 updates (#592)
  • d032d7d ci(syft auto update): npm ci, not npm install (#597)
  • 2d09430 fix(dev): switch to esbuild (#590)
  • 74c5ce9 chore(deps): update Syft to v1.42.0 (#589)
  • 77fae5a chore(deps-dev): bump the dev-dependencies group with 4 updates (#583)
  • debc3ee chore(deps): bump npm-check-updates in the non-major group (#584)
  • fff8762 chore(deps): bump zizmorcore/zizmor-action from 0.4.1 to 0.5.0 (#588)
  • Additional commits viewable in compare view

Updates docker/login-action from 3 to 4

Release notes

Sourced from docker/login-action's releases.

v4.0.0

Full Changelog: docker/login-action@v3.7.0...v4.0.0

v3.7.0

Full Changelog: docker/login-action@v3.6.0...v3.7.0

v3.6.0

Full Changelog: docker/login-action@v3.5.0...v3.6.0

v3.5.0

Full Changelog: docker/login-action@v3.4.0...v3.5.0

v3.4.0

Full Changelog: docker/login-action@v3.3.0...v3.4.0

... (truncated)

Commits
  • b45d80f Merge pull request #929 from crazy-max/node24
  • 176cb9c node 24 as default runtime
  • cad8984 Merge pull request #920 from docker/dependabot/npm_and_yarn/aws-sdk-dependenc...
  • 92cbcb2 chore: update generated content
  • 5a2d6a7 build(deps): bump the aws-sdk-dependencies group with 2 updates
  • 44512b6 Merge pull request #928 from docker/dependabot/npm_and_yarn/docker/actions-to...
  • 28737a5 chore: update generated content
  • dac0793 build(deps): bump @​docker/actions-toolkit from 0.76.0 to 0.77.0
  • 62029f3 Merge pull request #919 from docker/dependabot/npm_and_yarn/actions/core-3.0.0
  • 08c8f06 chore: update generated content
  • Additional commits viewable in compare view

Updates docker/setup-qemu-action from 3 to 4

Release notes

Sourced from docker/setup-qemu-action's releases.

v4.0.0

Full Changelog: docker/setup-qemu-action@v3.7.0...v4.0.0

v3.7.0

Full Changelog: docker/setup-qemu-action@v3.6.0...v3.7.0

v3.6.0

Full Changelog: docker/setup-qemu-action@v3.5.0...v3.6.0

v3.5.0

Full Changelog: docker/setup-qemu-action@v3.4.0...v3.5.0

v3.4.0

Full Changelog: docker/setup-qemu-action@v3.3.0...v3.4.0

v3.3.0

Full Changelog: docker/setup-qemu-action@v3.2.0...v3.3.0

v3.2.0

Full Changelog: docker/setup-qemu-action@v3.1.0...v3.2.0

v3.1.0

... (truncated)

Commits
  • ce36039 Merge pull request #245 from crazy-max/node24
  • 6386344 node 24 as default runtime
  • 1ea3db7 Merge pull request #243 from docker/dependabot/npm_and_yarn/docker/actions-to...
  • b56a002 chore: update generated content
  • c43f02d build(deps): bump @​docker/actions-toolkit from 0.67.0 to 0.77.0
  • ce10c58 Merge pull request #244 from docker/dependabot/npm_and_yarn/actions/core-3.0.0
  • 429fc9d chore: update generated content
  • 060e5f8 build(deps): bump @​actions/core from 1.11.1 to 3.0.0
  • 44be13e Merge pull request #231 from docker/dependabot/npm_and_yarn/js-yaml-3.14.2
  • 1897438 chore: update generated content
  • Additional commits viewable in compare view

Updates goreleaser/goreleaser-action from 6 to 7

Release notes

Sourced from goreleaser/goreleaser-action's releases.

v7.0.0

What's Changed

Full Changelog: goreleaser/goreleaser-action@v6...v7.0.0

v6.4.0

What's Changed

New Contributors

Full Changelog: goreleaser/goreleaser-action@v6.3.0...v6.4.0

v6.3.0

Full Changelog: goreleaser/goreleaser-action@v6.2.1...v6.3.0

v6.2.1

What's Changed

This version of the actions adds support for GoReleaser Pro v2.7.0 versioning (which dropped the -pro suffix). Older versions should work fine.

[!WARNING] This version is required for GoReleaser Pro v2.7.0+. Read more here.

Full Changelog: goreleaser/goreleaser-action@v6.2.0...v6.2.1

... (truncated)

Commits
  • ec59f47 fix: yargs usage
  • 752dede fix: gitignore
  • 1881ae0 ci: update dependabot settings
  • fdc5e66 chore: gitignore provenance.json
  • 51b5b35 chore(deps): bump semver from 7.7.3 to 7.7.4 in the npm group (#539)
  • 4247c53 ci(deps): bump docker/setup-buildx-action in the actions group (#538)
  • c169bfd chore(deps): bump @​actions/http-client from 3.0.2 to 4.0.0 in the npm group (...
  • 902ab4a chore(deps): bump the npm group across 1 directory with 4 updates (#536)
  • c59a691 chore: gitignore
  • 56cc8b2 ci: add job to automate dependabot pre-checkin/vendor
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
chore(deps): bump the actions group across 1 directory with 4 updates
dba7427 
Bumps the actions group with 4 updates in the / directory: [anchore/sbom-action](https://github.com/anchore/sbom-action), [docker/login-action](https://github.com/docker/login-action), [docker/setup-qemu-action](https://github.com/docker/setup-qemu-action) and [goreleaser/goreleaser-action](https://github.com/goreleaser/goreleaser-action).


Updates `anchore/sbom-action` from 0.20.10 to 0.23.0
- [Release notes](https://github.com/anchore/sbom-action/releases)
- [Changelog](https://github.com/anchore/sbom-action/blob/main/RELEASE.md)
- [Commits](anchore/sbom-action@v0.20.10...v0.23.0)

Updates `docker/login-action` from 3 to 4
- [Release notes](https://github.com/docker/login-action/releases)
- [Commits](docker/login-action@v3...v4)

Updates `docker/setup-qemu-action` from 3 to 4
- [Release notes](https://github.com/docker/setup-qemu-action/releases)
- [Commits](docker/setup-qemu-action@v3...v4)

Updates `goreleaser/goreleaser-action` from 6 to 7
- [Release notes](https://github.com/goreleaser/goreleaser-action/releases)
- [Commits](goreleaser/goreleaser-action@v6...v7)

---
updated-dependencies:
- dependency-name: anchore/sbom-action
  dependency-version: 0.23.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: actions
- dependency-name: docker/login-action
  dependency-version: '4'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: actions
- dependency-name: docker/setup-qemu-action
  dependency-version: '4'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: actions
- dependency-name: goreleaser/goreleaser-action
  dependency-version: '7'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: actions
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot requested a review from ajnavarro as a code owner March 5, 2026 01:33
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@ajnavarro ajnavarro Awaiting requested review from ajnavarro ajnavarro is a code owner

At least 1 approving review is required to merge this pull request.

Assignees

No one assigned

Labels

dependencies

Projects

🧙‍♂️Gno.land development
Status: Triage

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants