Skip to content

action-allowlist-review: bump graalvm/setup-graalvm from 1.5.6 to 1.6.0 in /.github/actions/for-dependabot-triggered-reviews#1009

Merged
potiuk merged 1 commit into
mainfrom
dependabot/github_actions/dot-github/actions/for-dependabot-triggered-reviews/graalvm/setup-graalvm-1.6.0
Jul 5, 2026
Merged

action-allowlist-review: bump graalvm/setup-graalvm from 1.5.6 to 1.6.0 in /.github/actions/for-dependabot-triggered-reviews#1009
potiuk merged 1 commit into
mainfrom
dependabot/github_actions/dot-github/actions/for-dependabot-triggered-reviews/graalvm/setup-graalvm-1.6.0

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 4, 2026

Copy link
Copy Markdown
Contributor

Bumps graalvm/setup-graalvm from 1.5.6 to 1.6.0.

Release notes

Sourced from graalvm/setup-graalvm's releases.

v1.6.0

What's Changed

Full Changelog: graalvm/setup-graalvm@v1.5.6...v1.6.0

Commits
  • cabbb10 Improve README.md [ci skip].
  • 8684560 Bump version to 1.6.0.
  • 4eda1f1 fetchArtifactEE() should only fetch EE editions.
  • ccce55e Fetch matching git tags instead of GitHub releases.
  • 2e5ff8c Add support for GraalVM innovation releases
  • 5a1129d Run npm audit fix.
  • 811286c Bump actions/checkout from 6.0.3 to 7.0.0 in the all group
  • See full diff in compare view

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Jul 4, 2026
@dependabot dependabot Bot requested review from dfoulks1 and potiuk as code owners July 4, 2026 13:18
@dependabot dependabot Bot added the dependencies Pull requests that update a dependency file label Jul 4, 2026
@dependabot dependabot Bot requested a review from ppkarwasz as a code owner July 4, 2026 13:18
@dependabot dependabot Bot added the github_actions Pull requests that update GitHub Actions code label Jul 4, 2026
Bumps [graalvm/setup-graalvm](https://github.com/graalvm/setup-graalvm) from 1.5.6 to 1.6.0.
- [Release notes](https://github.com/graalvm/setup-graalvm/releases)
- [Commits](graalvm/setup-graalvm@6f3fa03...cabbb10)

---
updated-dependencies:
- dependency-name: graalvm/setup-graalvm
  dependency-version: 1.6.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/github_actions/dot-github/actions/for-dependabot-triggered-reviews/graalvm/setup-graalvm-1.6.0 branch from 7581f91 to 272e4e2 Compare July 5, 2026 18:18
@potiuk potiuk merged commit dc3e1b7 into main Jul 5, 2026
11 checks passed
@potiuk potiuk deleted the dependabot/github_actions/dot-github/actions/for-dependabot-triggered-reviews/graalvm/setup-graalvm-1.6.0 branch July 5, 2026 18:28
@potiuk

potiuk commented Jul 5, 2026

Copy link
Copy Markdown
Member

Merged as a routine allowlist tooling bump. This is a single pinned-hash update to a uses: entry guarded by if: false in the for-dependabot-triggered-reviews composite, so the action never actually runs - the entry exists only so Dependabot tracks the allowlisted version. The verify check (verify-action-build) validated the new pinned hash for graalvm/setup-graalvm@v1.6.0 as clean, and all other checks were green. Obvious, low-risk approval.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant