[ci][skip-ci](deps): Bump the github-actions group with 8 updates by dependabot[bot] · Pull Request #7 · Nick2bad4u/PS-Color-Scripts-Enhanced

dependabot · 2025-10-28T23:53:19Z

Bumps the github-actions group with 8 updates:

Package	From	To
actions/checkout	`4.3.0`	`5.0.0`
github/codeql-action	`3.29.7`	`4.31.0`
actions/dependency-review-action	`4.8.0`	`4.8.1`
actions/upload-artifact	`4.6.2`	`5.0.0`
actions/setup-node	`5.0.0`	`6.0.0`
ncipollo/release-action	`1.14.0`	`1.20.0`
codecov/codecov-action	`5.1.1`	`5.5.1`
trufflesecurity/trufflehog	`3.90.8`	`3.90.12`

Updates actions/checkout from 4.3.0 to 5.0.0

Release notes

Sourced from actions/checkout's releases.

v5.0.0

What's Changed

Update actions checkout to use node 24 by @salmanmkc in actions/checkout#2226

Prepare v5.0.0 release by @salmanmkc in actions/checkout#2238

⚠️ Minimum Compatible Runner Version

v2.327.1
Release Notes

Make sure your runner is updated to this version or newer to use this release.

Full Changelog: actions/checkout@v4...v5.0.0

Changelog

Sourced from actions/checkout's changelog.

Changelog

V5.0.0

Update actions checkout to use node 24 by @salmanmkc in actions/checkout#2226

V4.3.0

docs: update README.md by @motss in actions/checkout#1971

Add internal repos for checking out multiple repositories by @mouismail in actions/checkout#1977

Documentation update - add recommended permissions to Readme by @benwells in actions/checkout#2043

Adjust positioning of user email note and permissions heading by @joshmgross in actions/checkout#2044

Update README.md by @nebuk89 in actions/checkout#2194

Update CODEOWNERS for actions by @TingluoHuang in actions/checkout#2224

Update package dependencies by @salmanmkc in actions/checkout#2236

v4.2.2

url-helper.ts now leverages well-known environment variables by @jww3 in actions/checkout#1941

Expand unit test coverage for isGhes by @jww3 in actions/checkout#1946

v4.2.1

Check out other refs/* by commit if provided, fall back to ref by @orhantoy in actions/checkout#1924

v4.2.0

Add Ref and Commit outputs by @lucacome in actions/checkout#1180

Dependency updates by @dependabot- actions/checkout#1777, actions/checkout#1872

v4.1.7

Bump the minor-npm-dependencies group across 1 directory with 4 updates by @dependabot in actions/checkout#1739

Bump actions/checkout from 3 to 4 by @dependabot in actions/checkout#1697

Check out other refs/* by commit by @orhantoy in actions/checkout#1774

Pin actions/checkout's own workflows to a known, good, stable version. by @jww3 in actions/checkout#1776

v4.1.6

Check platform to set archive extension appropriately by @cory-miller in actions/checkout#1732

v4.1.5

Update NPM dependencies by @cory-miller in actions/checkout#1703

Bump github/codeql-action from 2 to 3 by @dependabot in actions/checkout#1694

Bump actions/setup-node from 1 to 4 by @dependabot in actions/checkout#1696

Bump actions/upload-artifact from 2 to 4 by @dependabot in actions/checkout#1695

README: Suggest user.email to be 41898282+github-actions[bot]@users.noreply.github.com by @cory-miller in actions/checkout#1707

v4.1.4

Disable extensions.worktreeConfig when disabling sparse-checkout by @jww3 in actions/checkout#1692

Add dependabot config by @cory-miller in actions/checkout#1688

Bump the minor-actions-dependencies group with 2 updates by @dependabot in actions/checkout#1693

Bump word-wrap from 1.2.3 to 1.2.5 by @dependabot in actions/checkout#1643

v4.1.3

... (truncated)

Commits

08c6903 Prepare v5.0.0 release (#2238)
9f26565 Update actions checkout to use node 24 (#2226)
See full diff in compare view

Updates github/codeql-action from 3.29.7 to 4.31.0

Release notes

Sourced from github/codeql-action's releases.

v4.31.0

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

4.31.0 - 24 Oct 2025

Bump minimum CodeQL bundle version to 2.17.6. #3223

When SARIF files are uploaded by the analyze or upload-sarif actions, the CodeQL Action automatically performs post-processing steps to prepare the data for the upload. Previously, these post-processing steps were only performed before an upload took place. We are now changing this so that the post-processing steps will always be performed, even when the SARIF files are not uploaded. This does not change anything for the upload-sarif action. For analyze, this may affect Advanced Setup for CodeQL users who specify a value other than always for the upload input. #3222

See the full CHANGELOG.md for more information.

v4.30.9

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

4.30.9 - 17 Oct 2025

Update default CodeQL bundle version to 2.23.3. #3205

Experimental: A new setup-codeql action has been added which is similar to init, except it only installs the CodeQL CLI and does not initialize a database. Do not use this in production as it is part of an internal experiment and subject to change at any time. #3204

See the full CHANGELOG.md for more information.

v4.30.8

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

4.30.8 - 10 Oct 2025

No user facing changes.

See the full CHANGELOG.md for more information.

v4.30.7

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

4.30.7 - 06 Oct 2025

[v4+ only] The CodeQL Action now runs on Node.js v24. #3169

See the full CHANGELOG.md for more information.

v3.31.0

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

... (truncated)

Changelog

Sourced from github/codeql-action's changelog.

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

[UNRELEASED]

No user facing changes.

4.31.0 - 24 Oct 2025

Bump minimum CodeQL bundle version to 2.17.6. #3223

When SARIF files are uploaded by the analyze or upload-sarif actions, the CodeQL Action automatically performs post-processing steps to prepare the data for the upload. Previously, these post-processing steps were only performed before an upload took place. We are now changing this so that the post-processing steps will always be performed, even when the SARIF files are not uploaded. This does not change anything for the upload-sarif action. For analyze, this may affect Advanced Setup for CodeQL users who specify a value other than always for the upload input. #3222

4.30.9 - 17 Oct 2025

Update default CodeQL bundle version to 2.23.3. #3205

Experimental: A new setup-codeql action has been added which is similar to init, except it only installs the CodeQL CLI and does not initialize a database. Do not use this in production as it is part of an internal experiment and subject to change at any time. #3204

4.30.8 - 10 Oct 2025

No user facing changes.

4.30.7 - 06 Oct 2025

[v4+ only] The CodeQL Action now runs on Node.js v24. #3169

3.30.6 - 02 Oct 2025

Update default CodeQL bundle version to 2.23.2. #3168

3.30.5 - 26 Sep 2025

We fixed a bug that was introduced in 3.30.4 with upload-sarif which resulted in files without a .sarif extension not getting uploaded. #3160

3.30.4 - 25 Sep 2025

We have improved the CodeQL Action's ability to validate that the workflow it is used in does not use different versions of the CodeQL Action for different workflow steps. Mixing different versions of the CodeQL Action in the same workflow is unsupported and can lead to unpredictable results. A warning will now be emitted from the codeql-action/init step if different versions of the CodeQL Action are detected in the workflow file. Additionally, an error will now be thrown by the other CodeQL Action steps if they load a configuration file that was generated by a different version of the codeql-action/init step. #3099 and #3100

We added support for reducing the size of dependency caches for Java analyses, which will reduce cache usage and speed up workflows. This will be enabled automatically at a later time. #3107

You can now run the latest CodeQL nightly bundle by passing tools: nightly to the init action. In general, the nightly bundle is unstable and we only recommend running it when directed by GitHub staff. #3130

Update default CodeQL bundle version to 2.23.1. #3118

3.30.3 - 10 Sep 2025

No user facing changes.

3.30.2 - 09 Sep 2025

Fixed a bug which could cause language autodetection to fail. #3084

Experimental: The quality-queries input that was added in 3.29.2 as part of an internal experiment is now deprecated and will be removed in an upcoming version of the CodeQL Action. It has been superseded by a new analysis-kinds input, which is part of the same internal experiment. Do not use this in production as it is subject to change at any time. #3064

... (truncated)

Commits

4e94bd1 Merge pull request #3235 from github/update-v4.31.0-1d36546c1
8f11182 Update changelog for v4.31.0
1d36546 Merge pull request #3234 from github/mbg/changelog/post-processing
08ada26 Add changelog entry for post-processing change
b843cbe Merge pull request #3233 from github/mbg/getOptionalEnvVar
1ecd563 Use getOptionalEnvVar in writePostProcessedFiles
e576807 Merge pull request #3223 from github/henrymercer/bump-minimum
ad35676 Add getOptionalEnvVar function
d75645b Merge pull request #3222 from github/mbg/upload-lib/post-process
710606c Check that outputPath is non-empty
Additional commits viewable in compare view

Updates actions/dependency-review-action from 4.8.0 to 4.8.1

Release notes

Sourced from actions/dependency-review-action's releases.

Dependency Review Action v4.8.1

What's Changed

(bug) Fix spamming link test in deprecation warning (again) by @ahpook in actions/dependency-review-action#1000

Bump version for 4.8.1 release by @ahpook in actions/dependency-review-action#1001

Full Changelog: actions/dependency-review-action@v4...v4.8.1

Commits

40c09b7 Merge pull request #1001 from actions/ahpook/v4.8.1-release
4552948 Bump version for 4.8.1 release
e63da9a Merge pull request #1000 from actions/ahpook/deprecation-redux
71365c7 (bug) Fix spamming link test in deprecation warning (again)
See full diff in compare view

Updates actions/upload-artifact from 4.6.2 to 5.0.0

Release notes

Sourced from actions/upload-artifact's releases.

v5.0.0

What's Changed

BREAKING CHANGE: this update supports Node v24.x. This is not a breaking change per-se but we're treating it as such.

Update README.md by @GhadimiR in actions/upload-artifact#681

Update README.md by @nebuk89 in actions/upload-artifact#712

Readme: spell out the first use of GHES by @danwkennedy in actions/upload-artifact#727

Update GHES guidance to include reference to Node 20 version by @patrikpolyak in actions/upload-artifact#725

Bump @actions/artifact to v4.0.0

Prepare v5.0.0 by @danwkennedy in actions/upload-artifact#734

New Contributors

@GhadimiR made their first contribution in actions/upload-artifact#681

@nebuk89 made their first contribution in actions/upload-artifact#712

@danwkennedy made their first contribution in actions/upload-artifact#727

@patrikpolyak made their first contribution in actions/upload-artifact#725

Full Changelog: actions/upload-artifact@v4...v5.0.0

Commits

330a01c Merge pull request #734 from actions/danwkennedy/prepare-5.0.0
03f2824 Update github.dep.yml
905a1ec Prepare v5.0.0
2d9f9cd Merge pull request #725 from patrikpolyak/patch-1
9687587 Merge branch 'main' into patch-1
2848b2c Merge pull request #727 from danwkennedy/patch-1
9b51177 Spell out the first use of GHES
cd231ca Update GHES guidance to include reference to Node 20 version
de65e23 Merge pull request #712 from actions/nebuk89-patch-1
8747d8c Update README.md
Additional commits viewable in compare view

Updates actions/setup-node from 5.0.0 to 6.0.0

Release notes

Sourced from actions/setup-node's releases.

v6.0.0

What's Changed

Breaking Changes

Limit automatic caching to npm, update workflows and documentation by @priyagupta108 in actions/setup-node#1374

Dependency Upgrades

Upgrade ts-jest from 29.1.2 to 29.4.1 and document breaking changes in v5 by @dependabot[bot] in #1336

Upgrade prettier from 2.8.8 to 3.6.2 by @dependabot[bot] in #1334

Upgrade actions/publish-action from 0.3.0 to 0.4.0 by @dependabot[bot] in #1362

Full Changelog: actions/setup-node@v5...v6.0.0

Commits

2028fbc Limit automatic caching to npm, update workflows and documentation (#1374)
1342781 Bump actions/publish-action from 0.3.0 to 0.4.0 (#1362)
89d709d Bump prettier from 2.8.8 to 3.6.2 (#1334)
cd2651c Bump ts-jest from 29.1.2 to 29.4.1 (#1336)
See full diff in compare view

Updates ncipollo/release-action from 1.14.0 to 1.20.0

Release notes

Sourced from ncipollo/release-action's releases.

v1.20.0

What's Changed

Fixes #542 Add previous tag option by @ncipollo in ncipollo/release-action#550

Full Changelog: ncipollo/release-action@v1...v1.20.0

v1.19.2

What's Changed

Update immutableCreate's default in the documentation by @bblanchon in ncipollo/release-action#547

Fixes #548 Add support body + generated release notes by @ncipollo in ncipollo/release-action#549

New Contributors

@bblanchon made their first contribution in ncipollo/release-action#547

Full Changelog: ncipollo/release-action@v1...v1.19.2

v1.19.1

Defaults immutableCreate to false if it is omitted.

Full Changelog: ncipollo/release-action@v1.19.0...v1.19.1

v1.19.0

What's Changed

Fixes #540 Add support for immutable releases by @ncipollo in ncipollo/release-action#544

Bump actions/checkout from 4 to 5 by @dependabot[bot] in ncipollo/release-action#541

Bump glob from 11.0.2 to 11.0.3 by @dependabot[bot] in ncipollo/release-action#534

Full Changelog: ncipollo/release-action@v1...v1.19.0

v1.18.0

Fixes #529 Collect asset URLs into output

Full Changelog: ncipollo/release-action@v1...v1.18.0

v1.17.0

What's Changed

Bump ts-jest from 29.2.5 to 29.2.6 by @dependabot in ncipollo/release-action#506

Bump @types/node from 22.13.4 to 22.13.8 by @dependabot in ncipollo/release-action#505

Bump @octokit/plugin-paginate-rest from 9.1.5 to 9.2.2 by @dependabot in ncipollo/release-action#507

Bump @octokit/request from 8.1.6 to 8.4.1 by @dependabot in ncipollo/release-action#508

Fixes #513 Don't generate release notes if omitBody is set by @ncipollo in ncipollo/release-action#517

Bump typescript from 5.7.3 to 5.8.3 by @dependabot in ncipollo/release-action#518

Bump ts-jest from 29.2.6 to 29.3.2 by @dependabot in ncipollo/release-action#521

Bump glob from 11.0.1 to 11.0.2 by @dependabot in ncipollo/release-action#520

Bump @types/node from 22.13.8 to 22.15.3 by @dependabot in ncipollo/release-action#519

Bump ts-jest from 29.3.2 to 29.3.4 by @dependabot in ncipollo/release-action#526

Bump @actions/github from 6.0.0 to 6.0.1 by @dependabot in ncipollo/release-action#525

Bump @types/node from 22.15.18 to 22.15.29 by @dependabot in ncipollo/release-action#524

... (truncated)

Commits

b7eabc9 preparing release 1.20.0
e87de4c Fixes #542 Add previous tag option (#550)
98d25d4 preparing release 1.19.2
d360126 Fixes #548 Add support body + generated release notes (#549)
571fe81 Update immutableCreate's default in the documentation (#547)
1c89adf preparing release 1.19.1
36bf8dd References #545 Default immutable builds to false
b12185d preparing release 1.19.0
defcf13 Fixes #540 Add support for immutable releases (#544)
05013d5 Standardize on separate call to generate release notes
Additional commits viewable in compare view

Updates codecov/codecov-action from 5.1.1 to 5.5.1

Release notes

Sourced from codecov/codecov-action's releases.

v5.5.1

What's Changed

build(deps): bump ossf/scorecard-action from 2.4.1 to 2.4.2 by @dependabot[bot] in codecov/codecov-action#1833

build(deps): bump github/codeql-action from 3.28.18 to 3.29.9 by @dependabot[bot] in codecov/codecov-action#1861

Document a codecov-cli version reference example by @webknjaz in codecov/codecov-action#1774

docs: fix typo in README by @datalater in codecov/codecov-action#1866

fix: update to use local app/ dir by @thomasrockhu-codecov in codecov/codecov-action#1872

build(deps): bump github/codeql-action from 3.29.9 to 3.29.11 by @dependabot[bot] in codecov/codecov-action#1867

build(deps): bump actions/checkout from 4.2.2 to 5.0.0 by @dependabot[bot] in codecov/codecov-action#1868

fix: overwrite pr number on fork by @thomasrockhu-codecov in codecov/codecov-action#1871

chore(release): 5.5.1 by @thomasrockhu-codecov in codecov/codecov-action#1873

New Contributors

@datalater made their first contribution in codecov/codecov-action#1866

Full Changelog: codecov/codecov-action@v5.5.0...v5.5.1

v5.5.0

What's Changed

build(deps): bump github/codeql-action from 3.28.17 to 3.28.18 by @dependabot[bot] in codecov/codecov-action#1829

docs: Refine OIDC docs by @spalmurray in codecov/codecov-action#1837

fix: Typo in README by @spalmurray in codecov/codecov-action#1838

fix: check reqs exist by @joseph-sentry in codecov/codecov-action#1835

Pin actions/github-script by Git SHA by @martincostello in codecov/codecov-action#1859

feat: upgrade wrapper to 0.2.4 by @jviall in codecov/codecov-action#1864

chore(release): 5.5.0 by @thomasrockhu-codecov in codecov/codecov-action#1865

New Contributors

@spalmurray made their first contribution in codecov/codecov-action#1837

@martincostello made their first contribution in codecov/codecov-action#1859

@jviall made their first contribution in codecov/codecov-action#1864

Full Changelog: codecov/codecov-action@v5.4.3...v5.5.0

v5.4.3

What's Changed

fix: OIDC on forks by @joseph-sentry in codecov/codecov-action#1823

build(deps): bump github/codeql-action from 3.28.13 to 3.28.17 by @dependabot in codecov/codecov-action#1822

chore(release): 5.4.3 by @thomasrockhu-codecov in codecov/codecov-action#1827

Full Changelog: codecov/codecov-action@v5.4.2...v5.4.3

v5.4.2

What's Changed

fix: hotfix oidc by @thomasrockhu-codecov in codecov/codecov-action#1813

Full Changelog: codecov/codecov-action@v5.4.1...v5.4.2

... (truncated)

Changelog

Sourced from codecov/codecov-action's changelog.

v5.5.1

What's Changed

fix: overwrite pr number on fork by @thomasrockhu-codecov in codecov/codecov-action#1871

build(deps): bump actions/checkout from 4.2.2 to 5.0.0 by @app/dependabot in codecov/codecov-action#1868

build(deps): bump github/codeql-action from 3.29.9 to 3.29.11 by @app/dependabot in codecov/codecov-action#1867

fix: update to use local app/ dir by @thomasrockhu-codecov in codecov/codecov-action#1872

docs: fix typo in README by @datalater in codecov/codecov-action#1866

Document a codecov-cli version reference example by @webknjaz in codecov/codecov-action#1774

build(deps): bump github/codeql-action from 3.28.18 to 3.29.9 by @app/dependabot in codecov/codecov-action#1861

build(deps): bump ossf/scorecard-action from 2.4.1 to 2.4.2 by @app/dependabot in codecov/codecov-action#1833

Full Changelog: https://github.com/codecov/codecov-action/compare/v5.5.0..v5.5.1

v5.5.0

What's Changed

feat: upgrade wrapper to 0.2.4 by @jviall in codecov/codecov-action#1864

Pin actions/github-script by Git SHA by @martincostello in codecov/codecov-action#1859

fix: check reqs exist by @joseph-sentry in codecov/codecov-action#1835

fix: Typo in README by @spalmurray in codecov/codecov-action#1838

docs: Refine OIDC docs by @spalmurray in codecov/codecov-action#1837

build(deps): bump github/codeql-action from 3.28.17 to 3.28.18 by @app/dependabot in codecov/codecov-action#1829

Full Changelog: https://github.com/codecov/codecov-action/compare/v5.4.3..v5.5.0

v5.4.3

What's Changed

build(deps): bump github/codeql-action from 3.28.13 to 3.28.17 by @app/dependabot in codecov/codecov-action#1822

fix: OIDC on forks by @joseph-sentry in codecov/codecov-action#1823

Full Changelog: https://github.com/codecov/codecov-action/compare/v5.4.2..v5.4.3

v5.4.2

What's Changed

Full Changelog: https://github.com/codecov/codecov-action/compare/v5.4.1..v5.4.2

v5.4.1

... (truncated)

Commits

5a10915 chore(release): 5.5.1 (#1873)
3e0ce21 fix: overwrite pr number on fork (#1871)
c4741c8 build(deps): bump actions/checkout from 4.2.2 to 5.0.0 (#1868)
17370e8 build(deps): bump github/codeql-action from 3.29.9 to 3.29.11 (#1867)
18fdacf fix: update to use local app/ dir (#1872)
206148c docs: fix typo in README (#1866)
3cb13a1 Document a codecov-cli version reference example (#1774)
a4803c1 build(deps): bump github/codeql-action from 3.28.18 to 3.29.9 (#1861)
3139621 build(deps): bump ossf/scorecard-action from 2.4.1 to 2.4.2 (#1833)
fdcc847 chore(release): 5.5.0 (#1865)
Additional commits viewable in compare view

Updates trufflesecurity/trufflehog from 3.90.8 to 3.90.12

Release notes

Sourced from trufflesecurity/trufflehog's releases.

v3.90.12

What's Changed

Updated Docker source with new test cases and README by @kashifkhan0771 in trufflesecurity/trufflehog#4481

Comment out broken CircleCI integration test by @trufflesteeeve in trufflesecurity/trufflehog#4505

Fix "skipping binary file" logging to show actual file name by @mariduv in trufflesecurity/trufflehog#4509

Refactored circleci source test cases by @kashifkhan0771 in trufflesecurity/trufflehog#4506

added ability to run github-experimental against private repos by @joeleonjr in trufflesecurity/trufflehog#4508

explicit repositories now bypass wantRepo() filtering entirely. added ctx to newConnector by @jordanTunstill in trufflesecurity/trufflehog#4507

Remove include repos by @jordanTunstill in trufflesecurity/trufflehog#4469

Remove depaware by @rosecodym in trufflesecurity/trufflehog#4515

Full Changelog: trufflesecurity/trufflehog@v3.90.11...v3.90.12

v3.90.11

What's Changed

bump rardecode by @rosecodym in trufflesecurity/trufflehog#4503

Full Changelog: trufflesecurity/trufflehog@v3.90.10...v3.90.11

v3.90.10

What's Changed

Local Git Config Sanitization by @joeleonjr in trufflesecurity/trufflehog#4502

Full Changelog: trufflesecurity/trufflehog@v3.90.9...v3.90.10

v3.90.9

What's Changed

Return non-zero exit code if an error occurs during a scan. by @mplzik in trufflesecurity/trufflehog#4476

Fix: SonarCloud Verification Logic by @shahzadhaider1 in trufflesecurity/trufflehog#4482

Clarify what 'unknown' means by @dustin-decker in trufflesecurity/trufflehog#4477

Proto update to support scanning confluence comments by @mustansir14 in trufflesecurity/trufflehog#4484

Fix SSH schema error executing git clone by @shahzadhaider1 in trufflesecurity/trufflehog#4488

Detect Organization ID to pass into AnalysisInfo for Atlassian Detector by @mustansir14 in trufflesecurity/trufflehog#4480

Add support for Account API Token verification in Postmark Detector by @mustansir14 in trufflesecurity/trufflehog#4495

refactor: use b.Loop() to simplify the code and improve performance by @dulanting in trufflesecurity/trufflehog#4497

Fix wrong line number in private key detector (#4485) by @kmgv in trufflesecurity/trufflehog#4486

Reduce GitHub V1 Detector False Positives by @shahzadhaider1 in trufflesecurity/trufflehog#4494

Bump github.com/nwaples/rardecode/v2 from 2.0.0-beta.4.0.20241112120701-034e449c6e78 to 2.2.0 by @dependabot[bot] in trufflesecurity/trufflehog#4501

New Contributors

@mplzik made their first contribution in trufflesecurity/trufflehog#4476

@mustansir14 made their first contribution in trufflesecurity/trufflehog#4484

@dulanting made their first contribution in trufflesecurity/trufflehog#4497

@kmgv made their first contribution in trufflesecurity/trufflehog#4486

Full Changelog: trufflesecurity/trufflehog@v3.90.8...v3.90.9

Commits

b84c3d1 Remove depaware (#4515)
24c73b0 Remove include repos (#4469)
0f60f6e explicit repositories now bypass wantRepo() filtering entirely. added ctx to ...
fd007c7 add ability to run github-experimental against private repos (#4508)
bef5eb6 Refactored circleci source test cases (#4506)
7ba7a00 Fix "skipping binary file" logging to show actual file name (#4509)
7d61a4b Comment out broken CircleCI integration test (#4505)
ec61ad9 Updated Docker source with new test cases and README (#4481)
ad6fc8f bump rardecode (#4503)
bc2cd3e Local Git Config Sanitization (#4502)
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group upd...

Description has been truncated

Bumps the github-actions group with 8 updates: | Package | From | To | | --- | --- | --- | | [actions/checkout](https://github.com/actions/checkout) | `4.3.0` | `5.0.0` | | [github/codeql-action](https://github.com/github/codeql-action) | `3.29.7` | `4.31.0` | | [actions/dependency-review-action](https://github.com/actions/dependency-review-action) | `4.8.0` | `4.8.1` | | [actions/upload-artifact](https://github.com/actions/upload-artifact) | `4.6.2` | `5.0.0` | | [actions/setup-node](https://github.com/actions/setup-node) | `5.0.0` | `6.0.0` | | [ncipollo/release-action](https://github.com/ncipollo/release-action) | `1.14.0` | `1.20.0` | | [codecov/codecov-action](https://github.com/codecov/codecov-action) | `5.1.1` | `5.5.1` | | [trufflesecurity/trufflehog](https://github.com/trufflesecurity/trufflehog) | `3.90.8` | `3.90.12` | Updates `actions/checkout` from 4.3.0 to 5.0.0 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@v4.3.0...08c6903) Updates `github/codeql-action` from 3.29.7 to 4.31.0 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@v3.29.7...4e94bd1) Updates `actions/dependency-review-action` from 4.8.0 to 4.8.1 - [Release notes](https://github.com/actions/dependency-review-action/releases) - [Commits](actions/dependency-review-action@56339e5...40c09b7) Updates `actions/upload-artifact` from 4.6.2 to 5.0.0 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](actions/upload-artifact@ea165f8...330a01c) Updates `actions/setup-node` from 5.0.0 to 6.0.0 - [Release notes](https://github.com/actions/setup-node/releases) - [Commits](actions/setup-node@v5...2028fbc) Updates `ncipollo/release-action` from 1.14.0 to 1.20.0 - [Release notes](https://github.com/ncipollo/release-action/releases) - [Commits](ncipollo/release-action@2c591bc...b7eabc9) Updates `codecov/codecov-action` from 5.1.1 to 5.5.1 - [Release notes](https://github.com/codecov/codecov-action/releases) - [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md) - [Commits](codecov/codecov-action@7f8b4b4...5a10915) Updates `trufflesecurity/trufflehog` from 3.90.8 to 3.90.12 - [Release notes](https://github.com/trufflesecurity/trufflehog/releases) - [Changelog](https://github.com/trufflesecurity/trufflehog/blob/main/.goreleaser.yml) - [Commits](trufflesecurity/trufflehog@466da5b...b84c3d1) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: 5.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: github/codeql-action dependency-version: 4.31.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: actions/dependency-review-action dependency-version: 4.8.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: actions/upload-artifact dependency-version: 5.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: actions/setup-node dependency-version: 6.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: ncipollo/release-action dependency-version: 1.20.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: codecov/codecov-action dependency-version: 5.5.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: trufflesecurity/trufflehog dependency-version: 3.90.12 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions ... Signed-off-by: dependabot[bot] <support@github.com>

codecov · 2025-10-29T00:15:01Z

Codecov Report

✅ All modified and coverable lines are covered by tests.

Flag	Coverage Δ
pwsh-macos-latest	`82.25% <ø> (ø)`
pwsh-ubuntu-latest	`81.97% <ø> (ø)`
pwsh-windows-latest	`82.25% <ø> (ø)`
windows-powershell-51	`80.87% <ø> (ø)`

Flags with carried forward coverage won't be shown. Click here to find out more.

🚀 New features to boost your workflow:

❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

dependabot Bot assigned Nick2bad4u Oct 28, 2025

dependabot Bot requested a review from Nick2bad4u as a code owner October 28, 2025 23:53

dependabot Bot added dependabot dependencies github-actions labels Oct 28, 2025

Nick2bad4u merged commit 7199778 into main Oct 29, 2025
30 of 33 checks passed

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

[ci][skip-ci](deps): Bump the github-actions group with 8 updates#7

[ci][skip-ci](deps): Bump the github-actions group with 8 updates#7
Nick2bad4u merged 1 commit into
mainfrom
dependabot/github_actions/github-actions-a952a031d6

dependabot Bot commented on behalf of github Oct 28, 2025

Uh oh!

Uh oh!

codecov Bot commented Oct 29, 2025

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

Uh oh!

Conversation

dependabot Bot commented on behalf of github Oct 28, 2025

v5.0.0

What's Changed

⚠️ Minimum Compatible Runner Version

Changelog

V5.0.0

V4.3.0

v4.2.2

v4.2.1

v4.2.0

v4.1.7

v4.1.6

v4.1.5

v4.1.4

v4.1.3

v4.31.0

CodeQL Action Changelog

4.31.0 - 24 Oct 2025

v4.30.9

CodeQL Action Changelog

4.30.9 - 17 Oct 2025

v4.30.8

CodeQL Action Changelog

4.30.8 - 10 Oct 2025

v4.30.7

CodeQL Action Changelog

4.30.7 - 06 Oct 2025

v3.31.0

CodeQL Action Changelog

CodeQL Action Changelog

[UNRELEASED]

4.31.0 - 24 Oct 2025

4.30.9 - 17 Oct 2025

4.30.8 - 10 Oct 2025

4.30.7 - 06 Oct 2025

3.30.6 - 02 Oct 2025

3.30.5 - 26 Sep 2025

3.30.4 - 25 Sep 2025

3.30.3 - 10 Sep 2025

3.30.2 - 09 Sep 2025

Dependency Review Action v4.8.1

What's Changed

v5.0.0

What's Changed

New Contributors

v6.0.0

What's Changed

v1.20.0

What's Changed

v1.19.2

What's Changed

New Contributors

v1.19.1

v1.19.0

What's Changed

v1.18.0

v1.17.0

What's Changed

v5.5.1

What's Changed

New Contributors

v5.5.0

What's Changed

New Contributors

v5.4.3

What's Changed

v5.4.2

What's Changed

v5.5.1

What's Changed

v5.5.0

What's Changed

v5.4.3

What's Changed

v5.4.2

What's Changed

v5.4.1

v3.90.12