Skip to content

Bump the actions-deps group across 1 directory with 6 updates#23

Open
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/github_actions/actions-deps-e39ce80863
Open

Bump the actions-deps group across 1 directory with 6 updates#23
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/github_actions/actions-deps-e39ce80863

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 26, 2026

Copy link
Copy Markdown
Contributor

Bumps the actions-deps group with 6 updates in the / directory:

Package From To
lfreleng-actions/github2gerrit-action 1.2.3 1.3.3
actions/checkout 6.0.3 7.0.0
actions/setup-java 5.2.0 5.4.0
lfit/releng-reusable-workflows/.github/workflows/composed-maven-sonar-cloud.yaml 0.6.0 0.7.0
lfit/gerrit-review-action 1.1.1 1.1.2
im-open/workflow-conclusion 2.2.5 3.0.0

Updates lfreleng-actions/github2gerrit-action from 1.2.3 to 1.3.3

Release notes

Sourced from lfreleng-actions/github2gerrit-action's releases.

v1.3.3

Downloads for this release

🎓 Code Quality 🎓

Links

v1.3.2

Downloads for this release

🔧 Maintenance 🔧

Links

v1.3.1

Downloads for this release

🔧 Maintenance 🔧

Links

v1.3.0

Downloads for this release

✨ New Features ✨

Links

v1.2.4

Downloads for this release

🐛 Bug Fixes 🐛

🔧 Maintenance 🔧

... (truncated)

Commits
  • f44c168 Merge pull request #291 from modeseven-lfreleng-actions/chore/test-quality-ai...
  • 9cb7cbd Test: Address AI code-quality test findings
  • 121b6b0 Merge pull request #287 from modeseven-lfreleng-actions/chore/codeql-code-qua...
  • 5a157de Chore: clear CodeQL maintainability warnings
  • 1dde219 Chore: clear CodeQL reliability warnings
  • d423c3a Merge pull request #286 from modeseven-lfreleng-actions/chore/code-quality-wa...
  • 6d38c92 Chore: clear CodeQL code-quality warnings
  • 192eb96 Merge pull request #285 from modeseven-lfreleng-actions/feat/anon-supersessio...
  • d4ba932 Feat: anonymous fallback for supersession sweep
  • 806c001 Merge pull request #284 from modeseven-lfreleng-actions/fix/cryptography-open...
  • Additional commits viewable in compare view

Updates actions/checkout from 6.0.3 to 7.0.0

Release notes

Sourced from actions/checkout's releases.

v7.0.0

What's Changed

New Contributors

Full Changelog: actions/checkout@v6.0.3...v7.0.0

Changelog

Sourced from actions/checkout's changelog.

Changelog

v7.0.0

v6.0.3

v6.0.2

v6.0.1

v6.0.0

v5.0.1

v5.0.0

v4.3.1

v4.3.0

v4.2.2

v4.2.1

... (truncated)

Commits

Updates actions/setup-java from 5.2.0 to 5.4.0

Release notes

Sourced from actions/setup-java's releases.

v5.4.0

What's Changed

New Contributors

Full Changelog: actions/setup-java@v5...v5.4.0

v5.3.0

What's Changed

... (truncated)

Commits
  • 1bcf9fb dist: Address Copilot review suggestions from PR #1042 (GraalVM Community) (#...
  • fa2c650 docs: note jdkfile approach for Early Access / unreleased JDK builds (#1058)
  • 1d56e31 dist: Add GraalVM Community distribution support (#1042)
  • 1d25252 chore: Harden workflows: least-privilege permissions + zizmor integration (#1...
  • 668c1ea docs: add post-install keytool import for the JDK cacerts trust store (#1051)
  • a9a46fb docs: document self-signed certificate / internal CA handling for GitHub Ente...
  • 5431e71 docs: add JavaFX Maven project configuration instructions (#1044)
  • 4baa9b4 docs: replace non-existent HelloWorldApp references with java --version (#1043)
  • eab4b08 Bump @​types/node from 25.9.3 to 26.0.0 (#1031)
  • bf0c0e6 Bump actions/checkout from 6 to 7 (#1032)
  • Additional commits viewable in compare view

Updates lfit/releng-reusable-workflows/.github/workflows/composed-maven-sonar-cloud.yaml from 0.6.0 to 0.7.0

Release notes

Sourced from lfit/releng-reusable-workflows/.github/workflows/composed-maven-sonar-cloud.yaml's releases.

v0.7.0

Downloads for this release

✨ New Features ✨

Links

v0.6.2

Downloads for this release

🔧 Maintenance 🔧

  • Chore: Bump lfit/releng-reusable-workflows/.github/workflows/reuse-openssf-scorecard.yaml from 0.6.0 to 0.6.1 @dependabot[bot] (#715)
  • Chore: Bump lfit/releng-reusable-workflows/.github/workflows/compose-packer-verify.yaml from 0.6.0 to 0.6.1 @dependabot[bot] (#717)
  • Chore: Bump lfreleng-actions/zizmor-scan-action from 0.1.1 to 0.2.0 @dependabot[bot] (#718)
  • Chore: pre-commit linting updates @pre-commit-ci[bot] (#719)
  • Chore: Bump lfit/releng-reusable-workflows/.github/workflows/compose-jjb-verify.yaml from 0.6.0 to 0.6.1 @dependabot[bot] (#716)
  • Chore: Bump lfit/releng-reusable-workflows/.github/workflows/reuse-sonatype-lifecycle.yaml from 0.6.0 to 0.6.1 @dependabot[bot] (#714)
  • Chore: Bump lfit/releng-reusable-workflows/.github/workflows/compose-repo-linting.yaml from 0.6.0 to 0.6.1 @dependabot[bot] (#713)
  • Chore: Bump lfit/releng-reusable-workflows/.github/workflows/gerrit-compose-required-tox-verify.yaml from 0.6.0 to 0.6.1 @dependabot[bot] (#712)
  • Chore: Bump lfit/releng-reusable-workflows/.github/workflows/reuse-verify-github-actions.yaml from 0.6.0 to 0.6.1 @dependabot[bot] (#711)
  • Chore: Bump lfreleng-actions/sonarqube-cloud-scan-action from 1.1.0 to 1.1.1 @dependabot[bot] (#731)
  • Chore: Bump hashicorp/setup-packer from 3.3.0 to 3.4.0 @dependabot[bot] (#727)
  • Chore: Bump actions/setup-python from 6.2.0 to 6.3.0 @dependabot[bot] (#729)
  • Chore: Bump lfreleng-actions/verify-release-schema-action from 0.4.0 to 0.4.1 @dependabot[bot] (#728)
  • Chore: Bump lfreleng-actions/harden-runner-block-action from 0.2.0 to 0.2.1 @dependabot[bot] (#730)
  • Chore: Bump lfreleng-actions/sonatype-lifecycle-scan-action from 0.1.3 to 0.1.4 @dependabot[bot] (#725)
  • Chore: Bump lfreleng-actions/nexus-docker-login-action from 0.4.0 to 0.4.1 @dependabot[bot] (#724)
  • Chore: Bump lfreleng-actions/pinned-versions-action from 0.2.0 to 0.2.1 @dependabot[bot] (#726)
  • Chore: Bump lfreleng-actions/gerrit-review-action from 1.1.1 to 1.1.2 @dependabot[bot] (#722)
  • Chore: Bump lfreleng-actions/nexus-publish-action from 0.2.1 to 1.1.2 @dependabot[bot] (#721)
  • Chore: Bump actions/cache from 5.0.5 to 6.0.0 @dependabot[bot] (#723)

Links

v0.6.1

Downloads for this release

🐛 Bug Fixes 🐛

🔧 Maintenance 🔧

  • Chore: Bump lfit/releng-reusable-workflows/.github/workflows/compose-jjb-verify.yaml from 0.5.0 to 0.6.0 @dependabot[bot] (#687)
  • Chore: Bump lfit/releng-reusable-workflows/.github/workflows/reuse-openssf-scorecard.yaml from 0.5.0 to 0.6.0 @dependabot[bot] (#690)

... (truncated)

Commits
  • f412e6f Merge pull request #720 from modeseven-lfit/feat/change-isolation-verify-work...
  • 1166fed Merge pull request #723 from lfit/dependabot/github_actions/actions/cache-6.0.0
  • 3fc98ee Merge pull request #721 from lfit/dependabot/github_actions/lfreleng-actions/...
  • aba6169 Merge pull request #722 from lfit/dependabot/github_actions/lfreleng-actions/...
  • 4ae5d81 Merge pull request #726 from lfit/dependabot/github_actions/lfreleng-actions/...
  • 8d1c791 Merge pull request #724 from lfit/dependabot/github_actions/lfreleng-actions/...
  • 5faf233 Merge pull request #725 from lfit/dependabot/github_actions/lfreleng-actions/...
  • 33fa048 Merge pull request #730 from lfit/dependabot/github_actions/lfreleng-actions/...
  • 8be9f51 Merge pull request #728 from lfit/dependabot/github_actions/lfreleng-actions/...
  • 4da3597 Merge pull request #729 from lfit/dependabot/github_actions/actions/setup-pyt...
  • Additional commits viewable in compare view

Updates lfit/gerrit-review-action from 1.1.1 to 1.1.2

Release notes

Sourced from lfit/gerrit-review-action's releases.

v1.1.2

Downloads for this release

🐛 Bug Fixes 🐛

🔧 Maintenance 🔧

🎓 Code Quality 🎓

Links

Commits
  • a1c036a Merge pull request #116 from modeseven-lfreleng-actions/fix/zizmor-findings
  • 8c9161c Fix: resolve Zizmor findings in vote step
  • 48d5d48 Merge pull request #115 from lfreleng-actions/pre-commit-ci-update-config
  • 8cb9127 Chore: pre-commit autoupdate
  • 3b85ad7 Merge pull request #114 from lfreleng-actions/pre-commit-ci-update-config
  • c9bd395 Chore: pre-commit autoupdate
  • ebd4f19 Merge pull request #113 from modeseven-lfreleng-actions/chore/add-security-md
  • 0c941e7 Docs: Add SECURITY.md security policy
  • 46897b3 Merge pull request #112 from modeseven-lfreleng-actions/dependabot-cooldown
  • f95da9e CI(dependabot): Add 7-day update cooldown
  • Additional commits viewable in compare view

Updates im-open/workflow-conclusion from 2.2.5 to 3.0.0

Commits
  • 8eac7f1 Merge pull request #29 from im-open/node24
  • c4d9654 Update to node 24
  • aa85805 Merge pull request #23 from im-open/dependabot/npm_and_yarn/multi-0f30d60bd3
  • 40cf9b3 Merge branch 'main' into dependabot/npm_and_yarn/multi-0f30d60bd3
  • 58125f7 Bump @​octokit/plugin-paginate-rest and @​actions/github
  • See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the actions-deps group with 6 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [lfreleng-actions/github2gerrit-action](https://github.com/lfreleng-actions/github2gerrit-action) | `1.2.3` | `1.3.3` |
| [actions/checkout](https://github.com/actions/checkout) | `6.0.3` | `7.0.0` |
| [actions/setup-java](https://github.com/actions/setup-java) | `5.2.0` | `5.4.0` |
| [lfit/releng-reusable-workflows/.github/workflows/composed-maven-sonar-cloud.yaml](https://github.com/lfit/releng-reusable-workflows) | `0.6.0` | `0.7.0` |
| [lfit/gerrit-review-action](https://github.com/lfit/gerrit-review-action) | `1.1.1` | `1.1.2` |
| [im-open/workflow-conclusion](https://github.com/im-open/workflow-conclusion) | `2.2.5` | `3.0.0` |



Updates `lfreleng-actions/github2gerrit-action` from 1.2.3 to 1.3.3
- [Release notes](https://github.com/lfreleng-actions/github2gerrit-action/releases)
- [Changelog](https://github.com/lfreleng-actions/github2gerrit-action/blob/main/docs/RELEASE-v0.2.0.md)
- [Commits](lfreleng-actions/github2gerrit-action@f5891c5...f44c168)

Updates `actions/checkout` from 6.0.3 to 7.0.0
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](actions/checkout@df4cb1c...9c091bb)

Updates `actions/setup-java` from 5.2.0 to 5.4.0
- [Release notes](https://github.com/actions/setup-java/releases)
- [Commits](actions/setup-java@be666c2...1bcf9fb)

Updates `lfit/releng-reusable-workflows/.github/workflows/composed-maven-sonar-cloud.yaml` from 0.6.0 to 0.7.0
- [Release notes](https://github.com/lfit/releng-reusable-workflows/releases)
- [Commits](lfit/releng-reusable-workflows@f43b219...f412e6f)

Updates `lfit/gerrit-review-action` from 1.1.1 to 1.1.2
- [Release notes](https://github.com/lfit/gerrit-review-action/releases)
- [Commits](lfreleng-actions/gerrit-review-action@a5de1d5...a1c036a)

Updates `im-open/workflow-conclusion` from 2.2.5 to 3.0.0
- [Commits](im-open/workflow-conclusion@7b14694...8eac7f1)

---
updated-dependencies:
- dependency-name: lfreleng-actions/github2gerrit-action
  dependency-version: 1.3.3
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: actions-deps
- dependency-name: actions/checkout
  dependency-version: 7.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: actions-deps
- dependency-name: actions/setup-java
  dependency-version: 5.4.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: actions-deps
- dependency-name: lfit/releng-reusable-workflows/.github/workflows/composed-maven-sonar-cloud.yaml
  dependency-version: 0.7.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: actions-deps
- dependency-name: lfit/gerrit-review-action
  dependency-version: 1.1.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: actions-deps
- dependency-name: im-open/workflow-conclusion
  dependency-version: 3.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: actions-deps
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Jun 26, 2026
@github-actions

github-actions Bot commented Jun 26, 2026

Copy link
Copy Markdown

PR: #23
Mode: squash
Topic: GH-jsonrpc-23
Change-Ids:
Idccfb1f56b5d8c04c08bb3d80e7371b85c08b278
GitHub-Hash: 11264c2eee7a76c8

Note: This metadata is also included in the Gerrit commit message for reconciliation.

@github-actions

Copy link
Copy Markdown

Change raised in Gerrit by GitHub2Gerrit: https://git.opendaylight.org/gerrit/c/jsonrpc/+/123767

@github-actions

github-actions Bot commented Jul 3, 2026

Copy link
Copy Markdown

Change synchronized in Gerrit by GitHub2Gerrit: https://git.opendaylight.org/gerrit/c/jsonrpc/+/123767

1 similar comment
@github-actions

github-actions Bot commented Jul 3, 2026

Copy link
Copy Markdown

Change synchronized in Gerrit by GitHub2Gerrit: https://git.opendaylight.org/gerrit/c/jsonrpc/+/123767

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code

Development

Successfully merging this pull request may close these issues.

0 participants