Skip to content

chore(deps): Bump the github-actions group with 6 updates#92

Closed
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/github_actions/github-actions-68e9cdb5d2
Closed

chore(deps): Bump the github-actions group with 6 updates#92
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/github_actions/github-actions-68e9cdb5d2

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Apr 1, 2026

Copy link
Copy Markdown
Contributor

Bumps the github-actions group with 6 updates:

Package From To
actions/checkout 4 6
pnpm/action-setup 4 5
actions/setup-node 4 6
actions/setup-dotnet 4 5
marocchino/sticky-pull-request-comment 2 3
azure/login 2 3

Updates actions/checkout from 4 to 6

Release notes

Sourced from actions/checkout's releases.

v6.0.0

What's Changed

Full Changelog: actions/checkout@v5.0.0...v6.0.0

v6-beta

What's Changed

Updated persist-credentials to store the credentials under $RUNNER_TEMP instead of directly in the local git config.

This requires a minimum Actions Runner version of v2.329.0 to access the persisted credentials for Docker container action scenarios.

v5.0.1

What's Changed

Full Changelog: actions/checkout@v5...v5.0.1

v5.0.0

What's Changed

⚠️ Minimum Compatible Runner Version

v2.327.1
Release Notes

Make sure your runner is updated to this version or newer to use this release.

Full Changelog: actions/checkout@v4...v5.0.0

v4.3.1

What's Changed

Full Changelog: actions/checkout@v4...v4.3.1

v4.3.0

What's Changed

... (truncated)

Changelog

Sourced from actions/checkout's changelog.

Changelog

v6.0.2

v6.0.1

v6.0.0

v5.0.1

v5.0.0

v4.3.1

v4.3.0

v4.2.2

v4.2.1

v4.2.0

v4.1.7

v4.1.6

... (truncated)

Commits

Updates pnpm/action-setup from 4 to 5

Release notes

Sourced from pnpm/action-setup's releases.

v5.0.0

Updated the action to use Node.js 24.

v4.4.0

Updated the action to use Node.js 24.

v4.3.0

What's Changed

New Contributors

Full Changelog: pnpm/action-setup@v4.2.0...v4.3.0

v4.2.0

When there's a .npmrc file at the root of the repository, pnpm will be fetched from the registry that is specified in that .npmrc file #179

v4.1.0

Add support for package.yaml #156.

Commits

Updates actions/setup-node from 4 to 6

Release notes

Sourced from actions/setup-node's releases.

v6.0.0

What's Changed

Breaking Changes

Dependency Upgrades

Full Changelog: actions/setup-node@v5...v6.0.0

v5.0.0

What's Changed

Breaking Changes

This update, introduces automatic caching when a valid packageManager field is present in your package.json. This aims to improve workflow performance and make dependency management more seamless. To disable this automatic caching, set package-manager-cache: false

steps:
- uses: actions/checkout@v5
- uses: actions/setup-node@v5
  with:
    package-manager-cache: false

Make sure your runner is on version v2.327.1 or later to ensure compatibility with this release. See Release Notes

Dependency Upgrades

New Contributors

Full Changelog: actions/setup-node@v4...v5.0.0

v4.4.0

... (truncated)

Commits

Updates actions/setup-dotnet from 4 to 5

Release notes

Sourced from actions/setup-dotnet's releases.

v5.0.0

What's Changed

Breaking Changes

Make sure your runner is updated to this version or newer to use this release. v2.327.1 Release Notes

Dependency Updates

Bug Fixes

New Contributors

Full Changelog: actions/setup-dotnet@v4...v5.0.0

v4.3.1

What's Changed

Full Changelog: actions/setup-dotnet@v4...v4.3.1

v4.3.0

What's Changed

New Contributors

... (truncated)

Commits
  • c2fa09f Bump minimatch from 3.1.2 to 3.1.5 (#705)
  • 02574b1 Add support for optional architecture input for cross-architecture .NET insta...
  • 16c7b3c Bump fast-xml-parser from 4.4.1 to 5.3.6 (#671)
  • 131b410 Add support for workloads input (#693)
  • baa11fb Bump test dependencies to resolve System.Net.Http vulnerability, update workf...
  • 24ec4f2 Upgrade to latest actions packages (#687)
  • 4c100cb Fix icons (#604)
  • 25328d8 Bump actions/checkout from 5 to 6 (#684)
  • 937b8dd Update README with note on setting DOTNET_INSTALL_DIR for Linux permission is...
  • 2016bd2 Bump actions/publish-action from 0.3.0 to 0.4.0 and update macos-13 to macos-...
  • Additional commits viewable in compare view

Updates marocchino/sticky-pull-request-comment from 2 to 3

Release notes

Sourced from marocchino/sticky-pull-request-comment's releases.

v3.0.0

What's Changed

  • Update node to 24
  • Update deps

New Contributors

Full Changelog: marocchino/sticky-pull-request-comment@v2.9.4...v3.0.0

v2.9.4

What's Changed

Full Changelog: marocchino/sticky-pull-request-comment@v2.9.3...v2.9.4

v2.9.3

What's Changed

  • Update deps (including security issues)
  • Test with vitest instead of jest
  • Use biome

Full Changelog: marocchino/sticky-pull-request-comment@v2.9.2...v2.9.3

v2.9.2

What's Changed

Full Changelog: marocchino/sticky-pull-request-comment@v2.9.1...v2.9.2

v2.9.1

What's Changed

... (truncated)

Commits

Updates azure/login from 2 to 3

Release notes

Sourced from azure/login's releases.

Azure Login Action v3

What's Changed

Full Changelog: Azure/login@v2.3.0...v3

Azure Login Action v3.0.0

What's Changed

Full Changelog: Azure/login@v2.3.0...v3.0.0

Azure Login Action v2.3.0

What's Changed

Full Changelog: Azure/login@v2.2.0...v2.3.0

Azure Login Action v2.2.0

What's Changed

New Contributors

Full Changelog: Azure/login@v2.1.1...v2.2.0

v2.1.1

What's Changed

New Contributors

Full Changelog: Azure/login@v2.1.0...v2.1.1

... (truncated)

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
chore(deps): Bump the github-actions group with 6 updates
e779632 
Bumps the github-actions group with 6 updates:

| Package | From | To |
| --- | --- | --- |
| [actions/checkout](https://github.com/actions/checkout) | `4` | `6` |
| [pnpm/action-setup](https://github.com/pnpm/action-setup) | `4` | `5` |
| [actions/setup-node](https://github.com/actions/setup-node) | `4` | `6` |
| [actions/setup-dotnet](https://github.com/actions/setup-dotnet) | `4` | `5` |
| [marocchino/sticky-pull-request-comment](https://github.com/marocchino/sticky-pull-request-comment) | `2` | `3` |
| [azure/login](https://github.com/azure/login) | `2` | `3` |


Updates `actions/checkout` from 4 to 6
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](actions/checkout@v4...v6)

Updates `pnpm/action-setup` from 4 to 5
- [Release notes](https://github.com/pnpm/action-setup/releases)
- [Commits](pnpm/action-setup@v4...v5)

Updates `actions/setup-node` from 4 to 6
- [Release notes](https://github.com/actions/setup-node/releases)
- [Commits](actions/setup-node@v4...v6)

Updates `actions/setup-dotnet` from 4 to 5
- [Release notes](https://github.com/actions/setup-dotnet/releases)
- [Commits](actions/setup-dotnet@v4...v5)

Updates `marocchino/sticky-pull-request-comment` from 2 to 3
- [Release notes](https://github.com/marocchino/sticky-pull-request-comment/releases)
- [Commits](marocchino/sticky-pull-request-comment@v2...v3)

Updates `azure/login` from 2 to 3
- [Release notes](https://github.com/azure/login/releases)
- [Commits](Azure/login@v2...v3)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-version: '6'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions
- dependency-name: pnpm/action-setup
  dependency-version: '5'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions
- dependency-name: actions/setup-node
  dependency-version: '6'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions
- dependency-name: actions/setup-dotnet
  dependency-version: '5'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions
- dependency-name: marocchino/sticky-pull-request-comment
  dependency-version: '3'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions
- dependency-name: azure/login
  dependency-version: '3'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Apr 1, 2026
@chrisjwalk

chrisjwalk commented Apr 4, 2026

Copy link
Copy Markdown
Owner

Closing in favour of consolidated update PR on feat/consolidate-deps-94

@chrisjwalk chrisjwalk closed this Apr 4, 2026
@dependabot @github

dependabot Bot commented on behalf of github Apr 4, 2026

Copy link
Copy Markdown
Contributor Author

This pull request was built based on a group rule. Closing it will not ignore any of these versions in future pull requests.

To ignore these dependencies, configure ignore rules in dependabot.yml

@chrisjwalk chrisjwalk deleted the dependabot/github_actions/github-actions-68e9cdb5d2 branch April 4, 2026 16:25
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@chrisjwalk