Skip to content

Bump ruby/setup-ruby from 1.299.0 to 1.300.0#802

Merged
pethers merged 1 commit intomainfrom
dependabot/github_actions/ruby/setup-ruby-1.300.0
Apr 7, 2026
Merged

Bump ruby/setup-ruby from 1.299.0 to 1.300.0#802
pethers merged 1 commit intomainfrom
dependabot/github_actions/ruby/setup-ruby-1.300.0

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot bot commented on behalf of github Apr 7, 2026
edited
Loading

Bumps ruby/setup-ruby from 1.299.0 to 1.300.0.

Release notes

Sourced from ruby/setup-ruby's releases.

v1.300.0

What's Changed

Full Changelog: ruby/setup-ruby@v1.299.0...v1.300.0

Commits

@dependabot dependabot bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Apr 7, 2026
@dependabot dependabot bot requested a review from pethers as a code owner April 7, 2026 08:23
@dependabot dependabot bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Apr 7, 2026
@github-actions
Copy link
Copy Markdown

github-actions bot commented Apr 7, 2026
edited
Loading

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

Snapshot Warnings

⚠️: No snapshots were found for the head SHA 7dd397f.
Ensure that dependencies are being submitted on PR branches and consider enabling retry-on-snapshot-warnings. See the documentation for more information and troubleshooting advice.

OpenSSF Scorecard

PackageVersionScoreDetails
actions/ruby/setup-ruby e65c17d16e57e481586a6a5a0282698790062f92 🟢 4.9
Details
CheckScoreReason
Maintained🟢 1030 commit(s) and 7 issue activity found in the last 90 days -- score normalized to 10
Code-Review🟢 6Found 14/22 approved changesets -- score normalized to 6
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Binary-Artifacts🟢 10no binaries found in the repo
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
Packaging⚠️ -1packaging workflow not detected
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Security-Policy⚠️ 0security policy file not detected
License🟢 10license file detected
Signed-Releases⚠️ -1no releases found
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md
Fuzzing⚠️ 0project is not fuzzed
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0

Scanned Files

  • .github/workflows/pullrequest.yml

@dependabot
Bump ruby/setup-ruby from 1.299.0 to 1.300.0
7dd397f 
Bumps [ruby/setup-ruby](https://github.com/ruby/setup-ruby) from 1.299.0 to 1.300.0.
- [Release notes](https://github.com/ruby/setup-ruby/releases)
- [Changelog](https://github.com/ruby/setup-ruby/blob/master/release.rb)
- [Commits](ruby/setup-ruby@3ff19f5...e65c17d)

---
updated-dependencies:
- dependency-name: ruby/setup-ruby
  dependency-version: 1.300.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/github_actions/ruby/setup-ruby-1.300.0 branch from 463e7ed to 7dd397f Compare April 7, 2026 08:28
@pethers pethers merged commit 2e5acd3 into main Apr 7, 2026
3 checks passed
@dependabot dependabot bot deleted the dependabot/github_actions/ruby/setup-ruby-1.300.0 branch April 7, 2026 08:28
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@pethers pethers pethers approved these changes

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@pethers