Skip to content

Bump @actions/core from 1.11.1 to 3.0.0#8

Merged
slifty merged 1 commit into
mainfrom
dependabot/npm_and_yarn/actions/core-3.0.0
Feb 20, 2026
Merged

Bump @actions/core from 1.11.1 to 3.0.0#8
slifty merged 1 commit into
mainfrom
dependabot/npm_and_yarn/actions/core-3.0.0

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Feb 20, 2026
edited
Loading

Copy link
Copy Markdown
Contributor

Bumps @actions/core from 1.11.1 to 3.0.0.

Changelog

Sourced from @​actions/core's changelog.

3.0.0

  • Breaking change: Package is now ESM-only
    • CommonJS consumers must use dynamic import() instead of require()

2.0.3

  • Bump @actions/http-client to 3.0.2

2.0.1

  • Bump @​actions/exec from 1.1.1 to 2.0.0 #2199

2.0.0

  • Add support for Node 24 #2110
  • Bump @​actions/http-client from 2.0.1 to 3.0.0
Commits
Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for @​actions/core since your current version.


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Feb 20, 2026
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/actions/core-3.0.0 branch 2 times, most recently from 5d95bdf to d33b3a8 Compare February 20, 2026 22:38
@slifty

slifty commented Feb 20, 2026

Copy link
Copy Markdown
Member

@dependabot rebase

@dependabot
Bump @actions/core from 1.11.1 to 3.0.0
7a2db9f 
Bumps [@actions/core](https://github.com/actions/toolkit/tree/HEAD/packages/core) from 1.11.1 to 3.0.0.
- [Changelog](https://github.com/actions/toolkit/blob/main/packages/core/RELEASES.md)
- [Commits](https://github.com/actions/toolkit/commits/HEAD/packages/core)

---
updated-dependencies:
- dependency-name: "@actions/core"
  dependency-version: 3.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/actions/core-3.0.0 branch from d33b3a8 to 7a2db9f Compare February 20, 2026 23:24
@github-actions

github-actions Bot commented Feb 20, 2026

Copy link
Copy Markdown

QA Instructions

Summary

This PR updates the @actions/core package from version 1.11.1 to 3.0.0. The update includes changes related to the package now being ESM-only, prominent dependency upgrades, and other potential breaking changes. Testing is required to ensure the update does not introduce any issues.

Test Environment Setup

  1. Ensure your development environment is running Node.js v18.17.0 or later, as @actions/core@3.0.0 and related dependencies require it.
  2. Run npm install to install the updated dependencies.
  3. Ensure that typescript, eslint, vitest, and the other listed devDependencies are properly installed.

Test Scenarios

1. Verify Action Functionality in ESM Context

  • Steps:
    1. Ensure the src/index.ts file imports the updated @actions/core using the ES6 import syntax. Replace any require() imports with import as needed.
    2. Build the project using the npm run build command.
    3. Run the GitHub Action using a test workflow file (e.g., .github/workflows/qa.yml) on a local runner or GitHub Actions.
    4. Follow the workflow log and check for any errors related to compatibility with @actions/core.
  • Expected result:
    • The action runs successfully.
    • No errors related to module imports or functionality of @actions/core or its dependencies.

2. Unit Test Execution

  • Steps:
    1. Run the test suite using the command npm run test.
    2. Observe whether all unit tests in the src/*.test.ts files pass.
  • Expected result:
    • All tests pass without errors or warnings.

3. Integration Testing of GitHub Workflows

  • Steps:
    1. Trigger each relevant GitHub workflow in .github/workflows:
      • ci.yml
      • qa.yml
      • release.yml
    2. Monitor each workflow and ensure that steps dependent on @actions/core complete successfully.
  • Expected result:
    • All workflows execute successfully, and all dependent steps that use @actions/core do not fail.

Regression Risks

  • Compatibility with Node.js version: Ensure the project is running on Node.js 18+ during all tests, as earlier versions will not be compatible with the updated package.
  • Breakage of CommonJS modules: If @actions/core was used via require() instead of import, it must be updated to avoid runtime errors.
  • Integration-specific issues: Verify implementation in workflows, particularly the interaction of @actions/core with other @actions/* modules (e.g., @actions/github).

Things to Watch For

  1. ESM-only compliance: Double-check all imports and related modules in the project. Ensure no other files still use require() for @actions/core after the update.
  2. build and distribution output: Verify the build process and resulting output in dist/index.js. Ensure that the bundled file is ESM-compliant.
  3. Check for deprecated/unsupported methods: Review the changelog and affected code for deprecated or removed methods that might break functionality.

Feel free to reach out if unexpected behavior occurs or if additional clarification on testing steps is needed.

Generated by QA Instructions Action

@slifty slifty merged commit 841504a into main Feb 20, 2026
4 checks passed
@slifty slifty deleted the dependabot/npm_and_yarn/actions/core-3.0.0 branch February 20, 2026 23:26
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@slifty