chore(deps): bump the minor-and-patch group across 1 directory with 6 updates#13897
Conversation
… updates Bumps the minor-and-patch group with 6 updates in the / directory: | Package | From | To | | --- | --- | --- | | [pnpm/action-setup](https://github.com/pnpm/action-setup) | `6.0.8` | `6.0.9` | | [actions/setup-node](https://github.com/actions/setup-node) | `6.3.0` | `6.4.0` | | [docker/login-action](https://github.com/docker/login-action) | `4.1.0` | `4.2.0` | | [docker/metadata-action](https://github.com/docker/metadata-action) | `6.0.0` | `6.1.0` | | [docker/build-push-action](https://github.com/docker/build-push-action) | `7.1.0` | `7.2.0` | | [actionhippie/calens](https://github.com/actionhippie/calens) | `1.13.3` | `1.14.0` | Updates `pnpm/action-setup` from 6.0.8 to 6.0.9 - [Release notes](https://github.com/pnpm/action-setup/releases) - [Commits](pnpm/action-setup@0e279bb...0ebf471) Updates `actions/setup-node` from 6.3.0 to 6.4.0 - [Release notes](https://github.com/actions/setup-node/releases) - [Commits](actions/setup-node@53b8394...48b55a0) Updates `docker/login-action` from 4.1.0 to 4.2.0 - [Release notes](https://github.com/docker/login-action/releases) - [Commits](docker/login-action@4907a6d...650006c) Updates `docker/metadata-action` from 6.0.0 to 6.1.0 - [Release notes](https://github.com/docker/metadata-action/releases) - [Commits](docker/metadata-action@030e881...80c7e94) Updates `docker/build-push-action` from 7.1.0 to 7.2.0 - [Release notes](https://github.com/docker/build-push-action/releases) - [Commits](docker/build-push-action@bcafcac...f9f3042) Updates `actionhippie/calens` from 1.13.3 to 1.14.0 - [Release notes](https://github.com/actionhippie/calens/releases) - [Changelog](https://github.com/actionhippie/calens/blob/master/CHANGELOG.md) - [Commits](actionhippie/calens@47874e0...e917050) --- updated-dependencies: - dependency-name: pnpm/action-setup dependency-version: 6.0.9 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: minor-and-patch - dependency-name: actions/setup-node dependency-version: 6.4.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: minor-and-patch - dependency-name: docker/login-action dependency-version: 4.2.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: minor-and-patch - dependency-name: docker/metadata-action dependency-version: 6.1.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: minor-and-patch - dependency-name: docker/build-push-action dependency-version: 7.2.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: minor-and-patch - dependency-name: actionhippie/calens dependency-version: 1.14.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: minor-and-patch ... Signed-off-by: dependabot[bot] <support@github.com>
|
Thanks for opening this pull request! The maintainers of this repository would appreciate it if you would create a changelog item based on your changes. |
✅ Snyk checks have passed. No issues have been found so far.
💻 Catch issues earlier using the plugins for VS Code, JetBrains IDEs, Visual Studio, and Eclipse. |
DeepDiver1975
left a comment
There was a problem hiding this comment.
Reviewed as maintainer.
Scope: grouped Dependabot bump of 6 GitHub Actions (the github_actions group), all SHA-pinned with version comments. Only .github/workflows/*.yml are touched — no application code, no package.json, no lockfile.
All 6 updates are minor or patch, no major bumps:
pnpm/action-setup6.0.8 → 6.0.9 (patch; pnpm 11.7.0)actions/setup-node6.3.0 → 6.4.0 (minor)docker/login-action4.1.0 → 4.2.0 (minor)docker/metadata-action6.0.0 → 6.1.0 (minor)docker/build-push-action7.1.0 → 7.2.0 (minor)actionhippie/calens1.13.3 → 1.14.0 (minor)
No overlap/conflict with the sibling npm group PR #13898 — that one is the npm_and_yarn group touching package.json/pnpm-lock.yaml; this PR touches only workflow files, so the two are independent and both can merge.
Changelog: n/a — this is a CI-only chore (changelog / Generate Changelog check passes anyway).
All checks green (SonarCloud, Snyk code/license/security, CLA, changelog, semantic commits). Mergeable, no conflicts. Low-risk routine maintenance — approving.
|



Bumps the minor-and-patch group with 6 updates in the / directory:
6.0.86.0.96.3.06.4.04.1.04.2.06.0.06.1.07.1.07.2.01.13.31.14.0Updates
pnpm/action-setupfrom 6.0.8 to 6.0.9Release notes
Sourced from pnpm/action-setup's releases.
Commits
0ebf471fix: update pnpm to v11.7.0 (#267)Updates
actions/setup-nodefrom 6.3.0 to 6.4.0Release notes
Sourced from actions/setup-node's releases.
Commits
48b55a0Update Node.js versions in versions.yml and bump package to v6.4.0 (#1533)ab72c7eUpgrade@actionsdependencies (#1525)Updates
docker/login-actionfrom 4.1.0 to 4.2.0Release notes
Sourced from docker/login-action's releases.
Commits
650006cMerge pull request #960 from docker/dependabot/npm_and_yarn/aws-sdk-dependenc...99df1a3chore: update generated content3ab375fbuild(deps): bump the aws-sdk-dependencies group across 1 directory with 2 up...39d8580Merge pull request #970 from docker/dependabot/npm_and_yarn/docker/actions-to...4eefcd3chore: update generated content56d092cbuild(deps): bump@docker/actions-toolkitfrom 0.86.0 to 0.90.0e2e31caMerge pull request #976 from docker/dependabot/npm_and_yarn/actions/core-3.0.10bced94chore: update generated content3e75a0fbuild(deps): bump@actions/corefrom 3.0.0 to 3.0.1365bebdMerge pull request #984 from docker/dependabot/github_actions/aws-actions/con...Updates
docker/metadata-actionfrom 6.0.0 to 6.1.0Release notes
Sourced from docker/metadata-action's releases.
Commits
80c7e94Merge pull request #613 from docker/dependabot/npm_and_yarn/docker/actions-to...8e0ddabchore: update generated contenta8db14bchore(deps): Bump@docker/actions-toolkitfrom 0.79.0 to 0.90.063a7371Merge pull request #617 from docker/dependabot/npm_and_yarn/csv-parse-6.2.0c6916a6chore: update generated contentaca9205chore(deps): Bump csv-parse from 6.1.0 to 6.2.19dcfe60Merge pull request #629 from docker/dependabot/npm_and_yarn/handlebars-4.7.943dea76chore: update generated content7a56f5achore(deps): Bump handlebars from 4.7.8 to 4.7.9e49e0aaMerge pull request #658 from docker/dependabot/npm_and_yarn/brace-expansion-5...Updates
docker/build-push-actionfrom 7.1.0 to 7.2.0Release notes
Sourced from docker/build-push-action's releases.
Commits
f9f3042Merge pull request #1517 from docker/dependabot/npm_and_yarn/docker/actions-t...812d5fdchore: update generated contentb6f6693chore(deps): Bump@docker/actions-toolkitfrom 0.87.0 to 0.90.0c1c626eMerge pull request #1525 from docker/dependabot/npm_and_yarn/actions/core-3.0.151bb284chore: update generated content5f7884dchore(deps): Bump@actions/corefrom 3.0.0 to 3.0.1e01deffMerge pull request #1521 from docker/dependabot/npm_and_yarn/fast-xml-parser-...3804d49chore: update generated content71e8947chore(deps): Bump fast-xml-parser from 5.5.7 to 5.8.04925ad2Merge pull request #1526 from docker/dependabot/npm_and_yarn/postcss-8.5.10Updates
actionhippie/calensfrom 1.13.3 to 1.14.0Release notes
Sourced from actionhippie/calens's releases.
Changelog
Sourced from actionhippie/calens's changelog.
... (truncated)
Commits
e917050chore: release 1.14.0f2f222cchore(flake): updated lockfile [skip ci]22b21b2deps(patch): update docker digests (#92)462dde5deps(patch): update docker digests19e3336deps(patch): update docker digestsd206715deps(minor): update alpine docker tag to v3.24 (#89)6340fdcchore: release 1.13.54c49113chore(flake): updated lockfile [skip ci]40077f1deps(patch): update docker digests45d52a5docs: automated release update [skip ci]Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore <dependency name> major versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)@dependabot ignore <dependency name> minor versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)@dependabot ignore <dependency name>will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)@dependabot unignore <dependency name>will remove all of the ignore conditions of the specified dependency@dependabot unignore <dependency name> <ignore condition>will remove the ignore condition of the specified dependency and ignore conditions