chore(deps): bump the github-actions group with 6 updates#3151
Closed
dependabot[bot] wants to merge 1 commit into
Closed
chore(deps): bump the github-actions group with 6 updates#3151dependabot[bot] wants to merge 1 commit into
dependabot[bot] wants to merge 1 commit into
Conversation
There was a problem hiding this comment.
⚠️ Performance Alert ⚠️
Possible performance regression was detected for benchmark.
Benchmark result of this commit is worse than the previous benchmark result exceeding threshold 2.
| Benchmark suite | Current: 5327459 | Previous: 4bb1d7b | Ratio |
|---|---|---|---|
BenchmarkDatastoreDriver/cockroachdb-overlap-static/TestTuple/SnapshotReverseRead (github.com/authzed/spicedb/internal/datastore/benchmark) |
33849667 ns/op 176129 B/op 20204 allocs/op |
7650956 ns/op 172630 B/op 20195 allocs/op |
4.42 |
BenchmarkDatastoreDriver/cockroachdb-overlap-static/TestTuple/SnapshotReverseRead (github.com/authzed/spicedb/internal/datastore/benchmark) - ns/op |
33849667 ns/op |
7650956 ns/op |
4.42 |
BenchmarkDatastoreDriver/cockroachdb-overlap-static/TestTuple/Touch (github.com/authzed/spicedb/internal/datastore/benchmark) |
32596503 ns/op 26934 B/op 321 allocs/op |
13748624 ns/op 24958 B/op 316 allocs/op |
2.37 |
BenchmarkDatastoreDriver/cockroachdb-overlap-static/TestTuple/Touch (github.com/authzed/spicedb/internal/datastore/benchmark) - ns/op |
32596503 ns/op |
13748624 ns/op |
2.37 |
BenchmarkDatastoreDriver/cockroachdb-overlap-static/TestTuple/CreateAndTouch/0.5_ (github.com/authzed/spicedb/internal/datastore/benchmark) |
68928185 ns/op 4668926 B/op 46984 allocs/op |
28357248 ns/op 4660041 B/op 46978 allocs/op |
2.43 |
BenchmarkDatastoreDriver/cockroachdb-overlap-static/TestTuple/CreateAndTouch/0.5_ (github.com/authzed/spicedb/internal/datastore/benchmark) - ns/op |
68928185 ns/op |
28357248 ns/op |
2.43 |
BenchmarkDatastoreDriver/cockroachdb-overlap-insecure/TestTuple/SnapshotReverseRead (github.com/authzed/spicedb/internal/datastore/benchmark) |
32685652 ns/op 174825 B/op 20201 allocs/op |
7599582 ns/op 172729 B/op 20195 allocs/op |
4.30 |
BenchmarkDatastoreDriver/cockroachdb-overlap-insecure/TestTuple/SnapshotReverseRead (github.com/authzed/spicedb/internal/datastore/benchmark) - ns/op |
32685652 ns/op |
7599582 ns/op |
4.30 |
BenchmarkDatastoreDriver/cockroachdb-overlap-insecure/TestTuple/Touch (github.com/authzed/spicedb/internal/datastore/benchmark) |
6271903 ns/op 22030 B/op 287 allocs/op |
3088336 ns/op 22213 B/op 287 allocs/op |
2.03 |
BenchmarkDatastoreDriver/cockroachdb-overlap-insecure/TestTuple/Touch (github.com/authzed/spicedb/internal/datastore/benchmark) - ns/op |
6271903 ns/op |
3088336 ns/op |
2.03 |
BenchmarkDatastoreDriver/cockroachdb-overlap-insecure/TestTuple/Create (github.com/authzed/spicedb/internal/datastore/benchmark) |
5808510 ns/op 19754 B/op 281 allocs/op |
2761030 ns/op 19484 B/op 281 allocs/op |
2.10 |
BenchmarkDatastoreDriver/cockroachdb-overlap-insecure/TestTuple/Create (github.com/authzed/spicedb/internal/datastore/benchmark) - ns/op |
5808510 ns/op |
2761030 ns/op |
2.10 |
This comment was automatically generated by workflow using github-action-benchmark.
4cc794e to
988fb5b
Compare
Codecov Report✅ All modified and coverable lines are covered by tests. 📢 Thoughts on this report? Let us know! |
Contributor
|
@dependabot rebase |
Contributor
Author
|
Looks like this PR has been edited by someone other than Dependabot. That means Dependabot can't rebase it - sorry! If you're happy for Dependabot to recreate it from scratch, overwriting any edits, you can request |
miparnisari
approved these changes
Jun 23, 2026
Bumps the github-actions group with 6 updates: | Package | From | To | | --- | --- | --- | | [docker/login-action](https://github.com/docker/login-action) | `4.1.0` | `4.2.0` | | [codecov/codecov-action](https://github.com/codecov/codecov-action) | `6.0.0` | `6.0.1` | | [chainguard-dev/actions](https://github.com/chainguard-dev/actions) | `1.6.19` | `1.6.21` | | [docker/setup-qemu-action](https://github.com/docker/setup-qemu-action) | `4.0.0` | `4.1.0` | | [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) | `4.0.0` | `4.1.0` | | [goreleaser/goreleaser-action](https://github.com/goreleaser/goreleaser-action) | `7.2.1` | `7.2.2` | Updates `docker/login-action` from 4.1.0 to 4.2.0 - [Release notes](https://github.com/docker/login-action/releases) - [Commits](docker/login-action@v4.1.0...v4.2.0) Updates `codecov/codecov-action` from 6.0.0 to 6.0.1 - [Release notes](https://github.com/codecov/codecov-action/releases) - [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md) - [Commits](codecov/codecov-action@57e3a13...e79a696) Updates `chainguard-dev/actions` from 1.6.19 to 1.6.21 - [Release notes](https://github.com/chainguard-dev/actions/releases) - [Commits](chainguard-dev/actions@c69a264...05fbd38) Updates `docker/setup-qemu-action` from 4.0.0 to 4.1.0 - [Release notes](https://github.com/docker/setup-qemu-action/releases) - [Commits](docker/setup-qemu-action@ce36039...0611638) Updates `docker/setup-buildx-action` from 4.0.0 to 4.1.0 - [Release notes](https://github.com/docker/setup-buildx-action/releases) - [Commits](docker/setup-buildx-action@4d04d5d...d7f5e7f) Updates `goreleaser/goreleaser-action` from 7.2.1 to 7.2.2 - [Release notes](https://github.com/goreleaser/goreleaser-action/releases) - [Commits](goreleaser/goreleaser-action@1a80836...5daf1e9) --- updated-dependencies: - dependency-name: docker/login-action dependency-version: 4.2.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: codecov/codecov-action dependency-version: 6.0.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: chainguard-dev/actions dependency-version: 1.6.21 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: docker/setup-qemu-action dependency-version: 4.1.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: docker/setup-buildx-action dependency-version: 4.1.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: goreleaser/goreleaser-action dependency-version: 7.2.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions ... Signed-off-by: dependabot[bot] <support@github.com>
988fb5b to
5327459
Compare
Contributor
Author
|
Looks like these dependencies are updatable in another way, so this is no longer needed. |
auto-merge was automatically disabled
July 1, 2026 18:46
Pull request was closed
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Bumps the github-actions group with 6 updates:
4.1.04.2.06.0.06.0.11.6.191.6.214.0.04.1.04.0.04.1.07.2.17.2.2Updates
docker/login-actionfrom 4.1.0 to 4.2.0Release notes
Sourced from docker/login-action's releases.
Commits
650006cMerge pull request #960 from docker/dependabot/npm_and_yarn/aws-sdk-dependenc...99df1a3chore: update generated content3ab375fbuild(deps): bump the aws-sdk-dependencies group across 1 directory with 2 up...39d8580Merge pull request #970 from docker/dependabot/npm_and_yarn/docker/actions-to...4eefcd3chore: update generated content56d092cbuild(deps): bump@docker/actions-toolkitfrom 0.86.0 to 0.90.0e2e31caMerge pull request #976 from docker/dependabot/npm_and_yarn/actions/core-3.0.10bced94chore: update generated content3e75a0fbuild(deps): bump@actions/corefrom 3.0.0 to 3.0.1365bebdMerge pull request #984 from docker/dependabot/github_actions/aws-actions/con...Updates
codecov/codecov-actionfrom 6.0.0 to 6.0.1Release notes
Sourced from codecov/codecov-action's releases.
Changelog
Sourced from codecov/codecov-action's changelog.
... (truncated)
Commits
e79a696chore(release): 6.0.1 (#1949)51e6422fix: prevent template injection in run: steps (VULN-1652) (#1947)Updates
chainguard-dev/actionsfrom 1.6.19 to 1.6.21Release notes
Sourced from chainguard-dev/actions's releases.
Commits
05fbd38build(deps): bump peter-evans/create-pull-request (#916)6a031ddbuild(deps): bump sigstore/cosign-installer in /chainguard-install (#917)2aa42abbuild(deps): bump chainguard-dev/actions in /release-notes (#918)2a43818build(deps): bump actions/checkout from 4.2.2 to 6.0.2 in /release-notes (#919)90e5d19build(deps): bump peter-evans/create-pull-request in /release-notes (#920)0d3ec12fix release workflow (#921)2716a7dUpdate git tag (#915)bb3c0f7bump gitsign to release v0.16.0 (#914)3e76343Update Go version from 1.25 to 1.26 (#913)9feb67cbuild(deps): bump step-security/harden-runner from 2.19.3 to 2.19.4 (#912)Updates
docker/setup-qemu-actionfrom 4.0.0 to 4.1.0Release notes
Sourced from docker/setup-qemu-action's releases.
Commits
0611638Merge pull request #21 from crazy-max/uninstce59c81chore: update generated content2ddad44uninstall current emulators8c37cd6Merge pull request #250 from docker/dependabot/npm_and_yarn/docker/actions-to...d1a0ff3chore: update generated content0a8f3dcbuild(deps): bump@docker/actions-toolkitfrom 0.79.0 to 0.91.09430f61Merge pull request #291 from docker/dependabot/npm_and_yarn/tmp-0.2.6978bd77chore: update generated content3479febbuild(deps): bump tmp from 0.2.5 to 0.2.6b113c26Merge pull request #255 from docker/dependabot/npm_and_yarn/fast-xml-parser-5...Updates
docker/setup-buildx-actionfrom 4.0.0 to 4.1.0Release notes
Sourced from docker/setup-buildx-action's releases.
Commits
d7f5e7fMerge pull request #489 from docker/dependabot/npm_and_yarn/docker/actions-to...92bc5c9chore: update generated contentda11e35build(deps): bump@docker/actions-toolkitfrom 0.79.0 to 0.90.0f021e16Merge pull request #492 from docker/dependabot/npm_and_yarn/undici-6.24.1b5af94fchore: update generated content16ad977build(deps): bump undici from 6.23.0 to 6.25.0d7a12d7Merge pull request #495 from docker/dependabot/npm_and_yarn/glob-10.5.028ff27dbuild(deps): bump glob from 10.3.12 to 13.0.6daf436bMerge pull request #496 from docker/dependabot/npm_and_yarn/fast-xml-parser-5...9725348chore: update generated contentUpdates
goreleaser/goreleaser-actionfrom 7.2.1 to 7.2.2Release notes
Sourced from goreleaser/goreleaser-action's releases.
Commits
5daf1e9fix: nightly resolution to select newest published release (#562)5cc7ebbci: update actions702f5f9ci(deps): bump the actions group with 3 updates (#560)Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore <dependency name> major versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)@dependabot ignore <dependency name> minor versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)@dependabot ignore <dependency name>will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)@dependabot unignore <dependency name>will remove all of the ignore conditions of the specified dependency@dependabot unignore <dependency name> <ignore condition>will remove the ignore condition of the specified dependency and ignore conditions