chore(deps): bump the github-actions group across 1 directory with 9 updates#16
chore(deps): bump the github-actions group across 1 directory with 9 updates#16dependabot[bot] wants to merge 1 commit into
Conversation
…updates Bumps the github-actions group with 9 updates in the / directory: | Package | From | To | | --- | --- | --- | | [actions/checkout](https://github.com/actions/checkout) | `4.3.1` | `6.0.2` | | [actions/cache](https://github.com/actions/cache) | `4.3.0` | `5.0.5` | | [taiki-e/install-action](https://github.com/taiki-e/install-action) | `2.70.1` | `2.75.17` | | [actions/upload-artifact](https://github.com/actions/upload-artifact) | `4.6.2` | `7.0.1` | | [actions/setup-node](https://github.com/actions/setup-node) | `4.4.0` | `6.3.0` | | [actions/download-artifact](https://github.com/actions/download-artifact) | `4.3.0` | `8.0.1` | | [codecov/codecov-action](https://github.com/codecov/codecov-action) | `5.5.4` | `6.0.0` | | [actions/create-github-app-token](https://github.com/actions/create-github-app-token) | `2.2.2` | `3.1.1` | | [googleapis/release-please-action](https://github.com/googleapis/release-please-action) | `4.4.0` | `4.4.1` | Updates `actions/checkout` from 4.3.1 to 6.0.2 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@34e1148...de0fac2) Updates `actions/cache` from 4.3.0 to 5.0.5 - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](actions/cache@0057852...27d5ce7) Updates `taiki-e/install-action` from 2.70.1 to 2.75.17 - [Release notes](https://github.com/taiki-e/install-action/releases) - [Changelog](https://github.com/taiki-e/install-action/blob/main/CHANGELOG.md) - [Commits](taiki-e/install-action@fd0f63e...58e8625) Updates `actions/upload-artifact` from 4.6.2 to 7.0.1 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](actions/upload-artifact@ea165f8...043fb46) Updates `actions/setup-node` from 4.4.0 to 6.3.0 - [Release notes](https://github.com/actions/setup-node/releases) - [Commits](actions/setup-node@49933ea...53b8394) Updates `actions/download-artifact` from 4.3.0 to 8.0.1 - [Release notes](https://github.com/actions/download-artifact/releases) - [Commits](actions/download-artifact@d3f86a1...3e5f45b) Updates `codecov/codecov-action` from 5.5.4 to 6.0.0 - [Release notes](https://github.com/codecov/codecov-action/releases) - [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md) - [Commits](codecov/codecov-action@75cd116...57e3a13) Updates `actions/create-github-app-token` from 2.2.2 to 3.1.1 - [Release notes](https://github.com/actions/create-github-app-token/releases) - [Commits](actions/create-github-app-token@fee1f7d...1b10c78) Updates `googleapis/release-please-action` from 4.4.0 to 4.4.1 - [Release notes](https://github.com/googleapis/release-please-action/releases) - [Changelog](https://github.com/googleapis/release-please-action/blob/main/CHANGELOG.md) - [Commits](googleapis/release-please-action@16a9c90...5c625bf) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: 6.0.2 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: actions/cache dependency-version: 5.0.5 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: taiki-e/install-action dependency-version: 2.75.17 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: actions/upload-artifact dependency-version: 7.0.1 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: actions/setup-node dependency-version: 6.3.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: actions/download-artifact dependency-version: 8.0.1 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: codecov/codecov-action dependency-version: 6.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: actions/create-github-app-token dependency-version: 3.1.1 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: googleapis/release-please-action dependency-version: 4.4.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions ... Signed-off-by: dependabot[bot] <support@github.com>
|
Codecov Report✅ All modified and coverable lines are covered by tests. 📢 Thoughts on this report? Let us know! |
There was a problem hiding this comment.
Pull Request Overview
This Pull Request is currently empty and cannot be merged in its current state. While the title and description list updates for nine GitHub Actions—including several major version bumps that transition to Node.js 24 and ESM—no files were actually modified in the diff. These updates represent significant breaking changes (e.g., actions/checkout v6, actions/upload-artifact v7) that require verification of runner compatibility and configuration changes.
About this PR
- The Pull Request contains no file modifications. Despite the description claiming nine updates to the github-actions group, the actual diff is empty. This needs to be corrected before a review can proceed.
- Several major updates mentioned (like actions/checkout v6 and actions/upload-artifact v7) introduce breaking changes and new runtime requirements (Node.js 24). These changes require the GitHub Actions runner to be at least version 2.327.1.
Test suggestions
- Verify all workflow YAML files are updated to use the new major and minor version tags
- Ensure GitHub Actions runner versions meet the minimum requirement of 2.327.1 for Node 24 support
- Check actions/create-github-app-token for proxy configuration (NODE_USE_ENV_PROXY) and client-id deprecation
Prompt proposal for missing tests
Consider implementing these tests if applicable:
1. Verify all workflow YAML files are updated to use the new major and minor version tags
2. Ensure GitHub Actions runner versions meet the minimum requirement of 2.327.1 for Node 24 support
3. Check actions/create-github-app-token for proxy configuration (NODE_USE_ENV_PROXY) and client-id deprecation
TIP Improve review quality by adding custom instructions
TIP How was this review? Give us feedback
Up to standards ✅🟢 Issues
|



Bumps the github-actions group with 9 updates in the / directory:
4.3.16.0.24.3.05.0.52.70.12.75.174.6.27.0.14.4.06.3.04.3.08.0.15.5.46.0.02.2.23.1.14.4.04.4.1Updates
actions/checkoutfrom 4.3.1 to 6.0.2Release notes
Sourced from actions/checkout's releases.
... (truncated)
Changelog
Sourced from actions/checkout's changelog.
... (truncated)
Commits
de0fac2Fix tag handling: preserve annotations and explicit fetch-tags (#2356)064fe7fAdd orchestration_id to git user-agent when ACTIONS_ORCHESTRATION_ID is set (...8e8c483Clarify v6 README (#2328)033fa0dAdd worktree support for persist-credentials includeIf (#2327)c2d88d3Update all references from v5 and v4 to v6 (#2314)1af3b93update readme/changelog for v6 (#2311)71cf226v6-beta (#2298)069c695Persist creds to a separate file (#2286)ff7abcdUpdate README to include Node.js 24 support details and requirements (#2248)08c6903Prepare v5.0.0 release (#2238)Updates
actions/cachefrom 4.3.0 to 5.0.5Release notes
Sourced from actions/cache's releases.
... (truncated)
Changelog
Sourced from actions/cache's changelog.
... (truncated)
Commits
27d5ce7Merge pull request #1747 from actions/yacaovsnc/update-dependencyf280785licensed changes619aeb1npm run build generated dist filesbcf16c2Update ts-http-runtime to 0.3.56682284Merge pull request #1738 from actions/prepare-v5.0.4e340396Update RELEASES8a67110Add licenses1865903Update dependencies & patch security vulnerabilities5656298Merge pull request #1722 from RyPeck/patch-14e380d1Fix cache key in examples.md for bun.lockUpdates
taiki-e/install-actionfrom 2.70.1 to 2.75.17Release notes
Sourced from taiki-e/install-action's releases.
... (truncated)
Changelog
Sourced from taiki-e/install-action's changelog.
... (truncated)
Commits
58e8625Release 2.75.17b9e89d5Update vacuum manifest97204a3ci: Update config2bfe665Update changelog3f52e56Update wasm-tools manifest2fd0ba8Updatetombi@latestto 0.9.18711af1aUpdatemise@latestto 2026.4.15c127aaaUpdate mise manifest9479ae3Update espup manifest6ac39c5Update trivy manifestUpdates
actions/upload-artifactfrom 4.6.2 to 7.0.1Release notes
Sourced from actions/upload-artifact's releases.
... (truncated)
Commits
043fb46Merge pull request #797 from actions/yacaovsnc/update-dependency634250cInclude changes in typespec/ts-http-runtime 0.3.5e454baaReadme: bump all the example versions to v7 (#796)74fad66Update the readme with direct upload details (#795)bbbca2dSupport direct file uploads (#764)589182cUpgrade the module to ESM and bump dependencies (#762)47309c9Merge pull request #754 from actions/Link-/add-proxy-integration-tests02a8460Add proxy integration testb7c566aMerge pull request #745 from actions/upload-artifact-v6-releasee516bc8docs: correct description of Node.js 24 support in READMEUpdates
actions/setup-nodefrom 4.4.0 to 6.3.0Release notes
Sourced from actions/setup-node's releases.
... (truncated)
Commits
53b8394Bump minimatch from 3.1.2 to 3.1.5 (#1498)54045abScope test lockfiles by package manager and update cache tests (#1495)c882bffReplace uuid with crypto.randomUUID() (#1378)774c1d6feat(node-version-file): support parsingdevEnginesfield (#1283)efcb663fix: remove hardcoded bearer (#1467)d02c89dFix npm audit issues (#1491)6044e13Docs: bump actions/checkout from v5 to v6 (#1468)8e49463Fix README typo (#1226)621ac41README.md: bump to latest released checkout version v6 (#1446)2951748Bump@actions/cacheto v5.0.1 (#1449)Updates
actions/download-artifactfrom 4.3.0 to 8.0.1Release notes
Sourced from actions/download-artifact's releases.
... (truncated)
Commits
3e5f45bAdd regression tests for CJK characters (#471)e6d03f6Add a regression test for artifact name + content-type mismatches (#472)70fc10cMerge pull request #461 from actions/danwkennedy/digest-mismatch-behaviorf258da9Add change docsccc058eFix linting issuesbd7976bAdd a setting to specify what to do on hash mismatch and default it toerrorac21fcfMerge pull request #460 from actions/danwkennedy/download-no-unzip15999bfAdd note about package bumps974686eBump the version tov8and add release notesfbe48b1Update test names to make it clearer what they doUpdates
codecov/codecov-actionfrom 5.5.4 to 6.0.0Release notes
Sourced from codecov/codecov-action's releases.
Changelog
Sourced from codecov/codecov-action's changelog.
... (truncated)
Commits
57e3a13Th/6.0.0 (#1928)f67d33dRevert "Revert "build(deps): bump actions/github-script from 7.0.1 to 8.0.0""...Updates
actions/create-github-app-tokenfrom 2.2.2 to 3.1.1Release notes
Sourced from actions/create-github-app-token's releases.
... (truncated)
Commits
1b10c78build(release): 3.1.1 [skip ci]07e2b76fix: improve error message when app identifier is empty (#362)ea01216ci: remove publish-immutable-action workflow (#361)7bd0371build(release): 3.1.0 [skip ci]e6bd4e6feat: addclient-idinput and deprecateapp-id(#353)076e948feat: update permission inputs (#358)3bbe07dfix(deps): bump p-retry from 7.1.1 to 8.0.0 (#357)28a99e3build(deps-dev): bump c8 from 10.1.3 to 11.0.04df5060build(deps-dev): bump open-cli from 8.0.0 to 9.0.0