Skip to content

Bump actions/dependency-review-action from 4.9.0 to 5.0.0#346

Merged
Ludy87 merged 1 commit into
mainfrom
dependabot/github_actions/actions/dependency-review-action-5.0.0
Jun 9, 2026
Merged

Bump actions/dependency-review-action from 4.9.0 to 5.0.0#346
Ludy87 merged 1 commit into
mainfrom
dependabot/github_actions/actions/dependency-review-action-5.0.0

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 9, 2026

Copy link
Copy Markdown
Contributor

Bumps actions/dependency-review-action from 4.9.0 to 5.0.0.

Release notes

Sourced from actions/dependency-review-action's releases.

5.0.0

This is a new major version of the Dependency Review Action which updates the runtime to node24. This requires a minimum Actions Runner version v2.327.1 to run.

What's Changed

New Contributors

Full Changelog: actions/dependency-review-action@v4.9.0...v5.0.0

Commits
  • a1d282b Merge pull request #1098 from actions/ahpook/v5-release
  • eb6c199 update examples to show @​v5
  • 3943c2c v5.0.0 release branch
  • 454943c Merge pull request #1094 from actions/ashelytc/security-findings
  • 6d92a12 revert @​typescript-eslint/parser update
  • a8e5a7e Merge pull request #1076 from tspascoal/fix-version-matching-for-non-string-s...
  • b6b7079 update @​typescript-eslint/parser to 8.40.0
  • 821a21d update more dependencies
  • 05aaaae run npm audit fix
  • 55d3e75 Merge pull request #1077 from Marukome0743/docs/checkout
  • Additional commits viewable in compare view

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file in progress is being worked on labels Jun 9, 2026
Bumps [actions/dependency-review-action](https://github.com/actions/dependency-review-action) from 4.9.0 to 5.0.0.
- [Release notes](https://github.com/actions/dependency-review-action/releases)
- [Commits](actions/dependency-review-action@2031cfc...a1d282b)

---
updated-dependencies:
- dependency-name: actions/dependency-review-action
  dependency-version: 5.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot changed the title Bump actions/dependency-review-action from 4.8.2 to 5.0.0 Bump actions/dependency-review-action from 4.9.0 to 5.0.0 Jun 9, 2026
@dependabot dependabot Bot force-pushed the dependabot/github_actions/actions/dependency-review-action-5.0.0 branch from 88efdfd to b9e95cc Compare June 9, 2026 07:46
@sonarqubecloud

sonarqubecloud Bot commented Jun 9, 2026

Copy link
Copy Markdown

@Ludy87 Ludy87 merged commit 0d0e4a3 into main Jun 9, 2026
11 checks passed
@dependabot dependabot Bot deleted the dependabot/github_actions/actions/dependency-review-action-5.0.0 branch June 9, 2026 07:49
@github-actions github-actions Bot added PR: released and removed in progress is being worked on labels Jun 9, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file PR: released

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant