Skip to content

chore(deps): bump the github-action-dependencies group across 1 directory with 7 updates #305

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
dependabot wants to merge 1 commit into
base: main
Choose a base branch
from
Open

chore(deps): bump the github-action-dependencies group across 1 directory with 7 updates #305

dependabot wants to merge 1 commit into from

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Sep 8, 2025
edited
Loading

Bumps the github-action-dependencies group with 7 updates in the / directory:

Package From To
actions/checkout 4 5
actions/setup-node 4 5
cycjimmy/semantic-release-action 4.2.0 5.0.0
slackapi/slack-github-action 1.26.0 2.1.1
actions/setup-java 4 5
ruby/setup-ruby 1.229.0 1.257.0
kenji-miyake/setup-sd 08c14e27d65a1c215342ef00c81583ae67f4c5ef f4181660873fa5814708e1c0a640d8e9975a4ae5

Updates actions/checkout from 4 to 5

Release notes

Sourced from actions/checkout's releases.

v5.0.0

What's Changed

⚠️ Minimum Compatible Runner Version

v2.327.1
Release Notes

Make sure your runner is updated to this version or newer to use this release.

Full Changelog: actions/checkout@v4...v5.0.0

v4.3.0

What's Changed

New Contributors

Full Changelog: actions/checkout@v4...v4.3.0

v4.2.2

What's Changed

Full Changelog: actions/checkout@v4.2.1...v4.2.2

v4.2.1

What's Changed

New Contributors

Full Changelog: actions/checkout@v4.2.0...v4.2.1

... (truncated)

Changelog

Sourced from actions/checkout's changelog.

Changelog

V5.0.0

V4.3.0

v4.2.2

v4.2.1

v4.2.0

v4.1.7

v4.1.6

v4.1.5

v4.1.4

v4.1.3

... (truncated)

Commits

Updates actions/setup-node from 4 to 5

Release notes

Sourced from actions/setup-node's releases.

v5.0.0

What's Changed

Breaking Changes

This update, introduces automatic caching when a valid packageManager field is present in your package.json. This aims to improve workflow performance and make dependency management more seamless. To disable this automatic caching, set package-manager-cache: false

steps:
- uses: actions/checkout@v5
- uses: actions/setup-node@v5
  with:
    package-manager-cache: false

Make sure your runner is on version v2.327.1 or later to ensure compatibility with this release. See Release Notes

Dependency Upgrades

New Contributors

Full Changelog: actions/setup-node@v4...v5.0.0

v4.4.0

What's Changed

Bug fixes:

Enhancement:

Dependency update:

New Contributors

Full Changelogactions/setup-node@v4...v4.4.0

... (truncated)

Commits

Updates cycjimmy/semantic-release-action from 4.2.0 to 5.0.0

Release notes

Sourced from cycjimmy/semantic-release-action's releases.

v5.0.0

5.0.0 (2025-08-30)

Features

  • update node version on runner to 24 (7869323)

BREAKING CHANGES

  • this action now runs using node 24

v4.2.2

4.2.2 (2025-07-04)

Bug Fixes

  • cleanupNpmrc.task.js: Use @​actions/io to remove .npmrc (b7db0cb)

v4.2.1

4.2.1 (2025-06-07)

Bug Fixes

  • update marked terminal to v7.3.0 (b52fa1b)
Changelog

Sourced from cycjimmy/semantic-release-action's changelog.

5.0.0 (2025-08-30)

Features

  • update node version on runner to 24 (7869323)

BREAKING CHANGES

  • this action now runs using node 24

4.2.2 (2025-07-04)

Bug Fixes

  • cleanupNpmrc.task.js: Use @​actions/io to remove .npmrc (b7db0cb)

4.2.1 (2025-06-07)

Bug Fixes

  • update marked terminal to v7.3.0 (b52fa1b)

4.2.0 (2025-03-14)

Features

  • add ability to unset GITHUB_ACTION env var (266ea7e)

4.1.1 (2024-09-25)

Bug Fixes

  • default use semantic-release@24 (c22487b)

4.1.0 (2024-03-19)

Bug Fixes

  • fix syntax error for importing (4297675)

Features

... (truncated)

Commits
  • 9cc899c chore(release): 5.0.0 [skip ci]
  • 5362fd1 Merge pull request #255 from DarkAtra/feat/update-node-version-on-runner-to-24
  • 92100d1 Merge pull request #253 from cycjimmy/dependabot/github_actions/actions/check...
  • 7869323 feat: update node version on runner to 24
  • db700e4 build(deps): bump actions/checkout from 4 to 5
  • 9a24fc6 Merge pull request #251 from cycjimmy/dependabot/npm_and_yarn/semantic-releas...
  • fc78113 build(deps): bump semantic-release from 24.2.6 to 24.2.7
  • 16ca923 chore(release): 4.2.2 [skip ci]
  • 5d996b8 Merge pull request #250 from densogiaichned/main
  • b7db0cb fix(cleanupNpmrc.task.js): Use @​actions/io to remove .npmrc
  • Additional commits viewable in compare view

Updates slackapi/slack-github-action from 1.26.0 to 2.1.1

Release notes

Sourced from slackapi/slack-github-action's releases.

Slack Send v2.1.1

What's Changed

This release fixes an issue where substituted variables might've broken valid JSON or YAML parsings when using the payload-file-path input option.

🐛 Bug fixes

📚 Documentation

🤖 Dependencies

🧰 Maintenance

Full Changelog: slackapi/slack-github-action@v2.1.0...v2.1.1

Slack Send v2.1.0

What's changed

This release improves error messages from odd payload parsings. An api option is now also available in inputs to change the destination of data with the method technique.

Read more on the new site for documentation: https://tools.slack.dev/slack-github-action/

👾 Enhancements

... (truncated)

Commits
  • 91efab1 Release
  • b6f4640 chore(release): tag version 2.1.1 (#474)
  • d3dc61e build(deps-dev): bump @​biomejs/biome from 1.9.4 to 2.0.6 (#470)
  • f647c89 build(deps-dev): bump @​types/node from 24.0.3 to 24.0.8 (#472)
  • e6fa633 build(deps-dev): bump sinon from 20.0.0 to 21.0.0 (#471)
  • 75b7822 build(deps-dev): bump mocha-suppress-logs from 0.5.1 to 0.6.0 (#469)
  • d7b6150 build(deps-dev): bump mocha from 11.5.0 to 11.7.1 (#468)
  • a7f5b68 build: clone repository "docs" and configuration when syncing project docs (#...
  • c69deab build(deps-dev): bump @​types/node from 22.15.29 to 24.0.3 (#466)
  • 1d0943c build(deps): bump axios from 1.9.0 to 1.10.0 (#465)
  • Additional commits viewable in compare view

Updates actions/setup-java from 4 to 5

Release notes

Sourced from actions/setup-java's releases.

v5.0.0

What's Changed

Breaking Changes

Make sure your runner is updated to this version or newer to use this release. v2.327.1 Release Notes

Dependency Upgrades

Bug Fixes

New Contributors

Full Changelog: actions/setup-java@v4...v5.0.0

v4.7.1

What's Changed

Documentation changes

Dependency updates:

Full Changelog: actions/setup-java@v4...v4.7.1

v4.7.0

What's Changed

... (truncated)

Commits

Updates ruby/setup-ruby from 1.229.0 to 1.257.0

Release notes

Sourced from ruby/setup-ruby's releases.

v1.257.0

What's Changed

Full Changelog: ruby/setup-ruby@v1.256.0...v1.257.0

v1.256.0

What's Changed

Full Changelog: ruby/setup-ruby@v1.255.0...v1.256.0

v1.255.0

What's Changed

New Contributors

Full Changelog: ruby/setup-ruby@v1.254.0...v1.255.0

v1.254.0

What's Changed

New Contributors

Full Changelog: ruby/setup-ruby@v1.253.0...v1.254.0

v1.253.0

What's Changed

Full Changelog: ruby/setup-ruby@v1.252.0...v1.253.0

v1.252.0

What's Changed

Full Changelog: ruby/setup-ruby@v1.251.0...v1.252.0

... (truncated)

Commits
  • 4451173 Remove workaround for old truffleruby version from 2021
  • 805f878 Remove failing test
  • ab85640 Add jruby-9.4.14.0
  • c2e9820 Update README.md
  • efbf473 Add JRuby for Windows on Arm
  • bd28d36 Merge pull request #797 from ruby/dependabot/github_actions/actions/checkout-5
  • 3c08d92 Bump actions/checkout from 4 to 5
  • 829114f Add jruby-10.0.2.0
  • 76da337 Update GitHub-hosted runners link
  • 2973a4b Merge pull request #794 from fkmy/update-readme
  • Additional commits viewable in compare view

Updates kenji-miyake/setup-sd from 08c14e27d65a1c215342ef00c81583ae67f4c5ef to f4181660873fa5814708e1c0a640d8e9975a4ae5

Commits

You can trigger a rebase of this PR by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Note

Bumps core GitHub Actions in CI workflows (checkout v5, setup-node v6, setup-java v5, semantic-release-action v5, Slack action v2.1.1, ruby/setup-ruby pin, setup-sd pin) across multiple workflows.

  • CI/CD workflows
    • Upgrade actions across multiple workflows: actions/checkout@v5, actions/setup-node@v6, actions/setup-java@v5, cycjimmy/semantic-release-action@v5, slackapi/[email protected].
    • Update pinned SHAs: ruby/setup-ruby and kenji-miyake/setup-sd.
    • Affected files: .github/workflows/check-api-changes.yml, deploy-sdk.yml, lint.yml, reusable_build_sample_apps.yml, test.yml, unpublish-npm-version.yml, validate-plugin-compatibility.yml.

Written by Cursor Bugbot for commit 9d7d1be. This will update automatically on new commits. Configure here.

Note
Automatic rebases have been disabled on this pull request as it has been open for over 30 days.

@dependabot dependabot bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Sep 8, 2025
@dependabot dependabot bot requested a review from a team as a code owner September 8, 2025 21:18
@dependabot dependabot bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Sep 8, 2025
@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github Sep 15, 2025

Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting @dependabot rebase.

@dependabot dependabot bot force-pushed the dependabot/github_actions/github-action-dependencies-ed8f82a4a9 branch from 78d6ae5 to ed0a74a Compare September 22, 2025 21:16
@dependabot dependabot bot force-pushed the dependabot/github_actions/github-action-dependencies-ed8f82a4a9 branch from ed0a74a to 5b7bf3b Compare October 6, 2025 21:07
cursor[bot]

This comment was marked as outdated.

Sign in to view

@dependabot dependabot bot force-pushed the dependabot/github_actions/github-action-dependencies-ed8f82a4a9 branch from 5b7bf3b to a5ccab0 Compare October 13, 2025 21:06
@dependabot dependabot bot force-pushed the dependabot/github_actions/github-action-dependencies-ed8f82a4a9 branch from a5ccab0 to 9d7d1be Compare October 20, 2025 21:10
cursor[bot]
cursor bot reviewed Oct 20, 2025
View reviewed changes
.github/workflows/check-api-changes.yml

- name: Setup Node.js
uses: actions/setup-node@v4
uses: actions/setup-node@v6
Copy link

@cursor cursor bot Oct 20, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Bug: Version Mismatch Causes Workflow Failures

Workflow files update actions/setup-node to v6 (instead of v5) and ruby/setup-ruby to v1.265.0 (instead of v1.257.0). This widespread version mismatch from the intended updates could lead to workflow failures or unexpected behavior.

Additional Locations (4)

Fix in Cursor Fix in Web

@dependabot dependabot bot force-pushed the dependabot/github_actions/github-action-dependencies-ed8f82a4a9 branch 2 times, most recently from 0a52e0d to 95771e0 Compare November 3, 2025 21:08
@dependabot dependabot bot force-pushed the dependabot/github_actions/github-action-dependencies-ed8f82a4a9 branch from 95771e0 to 6c0eb03 Compare November 17, 2025 21:08
@dependabot
chore(deps): bump the github-action-dependencies group across 1 direc…
d3e4a01 
…tory with 7 updates

Bumps the github-action-dependencies group with 7 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [actions/checkout](https://github.com/actions/checkout) | `4` | `5` |
| [actions/setup-node](https://github.com/actions/setup-node) | `4` | `5` |
| [cycjimmy/semantic-release-action](https://github.com/cycjimmy/semantic-release-action) | `4.2.0` | `5.0.0` |
| [slackapi/slack-github-action](https://github.com/slackapi/slack-github-action) | `1.26.0` | `2.1.1` |
| [actions/setup-java](https://github.com/actions/setup-java) | `4` | `5` |
| [ruby/setup-ruby](https://github.com/ruby/setup-ruby) | `1.229.0` | `1.257.0` |
| [kenji-miyake/setup-sd](https://github.com/kenji-miyake/setup-sd) | `08c14e27d65a1c215342ef00c81583ae67f4c5ef` | `f4181660873fa5814708e1c0a640d8e9975a4ae5` |



Updates `actions/checkout` from 4 to 5
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](actions/checkout@v4...v5)

Updates `actions/setup-node` from 4 to 5
- [Release notes](https://github.com/actions/setup-node/releases)
- [Commits](actions/setup-node@v4...v5)

Updates `cycjimmy/semantic-release-action` from 4.2.0 to 5.0.0
- [Release notes](https://github.com/cycjimmy/semantic-release-action/releases)
- [Changelog](https://github.com/cycjimmy/semantic-release-action/blob/main/docs/CHANGELOG.md)
- [Commits](cycjimmy/semantic-release-action@0a51e81...9cc899c)

Updates `slackapi/slack-github-action` from 1.26.0 to 2.1.1
- [Release notes](https://github.com/slackapi/slack-github-action/releases)
- [Commits](slackapi/slack-github-action@70cd7be...91efab1)

Updates `actions/setup-java` from 4 to 5
- [Release notes](https://github.com/actions/setup-java/releases)
- [Commits](actions/setup-java@v4...v5)

Updates `ruby/setup-ruby` from 1.229.0 to 1.257.0
- [Release notes](https://github.com/ruby/setup-ruby/releases)
- [Changelog](https://github.com/ruby/setup-ruby/blob/master/release.rb)
- [Commits](ruby/setup-ruby@354a1ad...4451173)

Updates `kenji-miyake/setup-sd` from 08c14e27d65a1c215342ef00c81583ae67f4c5ef to f4181660873fa5814708e1c0a640d8e9975a4ae5
- [Release notes](https://github.com/kenji-miyake/setup-sd/releases)
- [Commits](kenji-miyake/setup-sd@08c14e2...f418166)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-version: '5'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-action-dependencies
- dependency-name: actions/setup-node
  dependency-version: '5'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-action-dependencies
- dependency-name: cycjimmy/semantic-release-action
  dependency-version: 5.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-action-dependencies
- dependency-name: slackapi/slack-github-action
  dependency-version: 2.1.1
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-action-dependencies
- dependency-name: actions/setup-java
  dependency-version: '5'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-action-dependencies
- dependency-name: ruby/setup-ruby
  dependency-version: 1.257.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-action-dependencies
- dependency-name: kenji-miyake/setup-sd
  dependency-version: f4181660873fa5814708e1c0a640d8e9975a4ae5
  dependency-type: direct:production
  dependency-group: github-action-dependencies
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot force-pushed the dependabot/github_actions/github-action-dependencies-ed8f82a4a9 branch from 6c0eb03 to d3e4a01 Compare December 2, 2025 00:14
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@cursor cursor[bot] cursor[bot] left review comments

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant