Skip to content

ci(deps): bump the github-actions group with 3 updates#99

Closed
dependabot[bot] wants to merge 1 commit into
developmentfrom
dependabot/github_actions/github-actions-11cc96f33d
Closed

ci(deps): bump the github-actions group with 3 updates#99
dependabot[bot] wants to merge 1 commit into
developmentfrom
dependabot/github_actions/github-actions-11cc96f33d

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 10, 2026

Copy link
Copy Markdown
Contributor

Bumps the github-actions group with 3 updates: dataaxiom/ghcr-cleanup-action, gradle/actions and epam/ai-dial-ci.

Updates dataaxiom/ghcr-cleanup-action from 1.2.1 to 1.2.2

Release notes

Sourced from dataaxiom/ghcr-cleanup-action's releases.

v1.2.2

  • feature: skip-regex-checks input bypasses regex length/ReDoS guards for intentionally large patterns (fix #128)
Commits
  • d52806a Merge pull request #129 from rohanmars/main
  • 7f28f9d feat: add skip-regex-checks input to opt out of regex safety guards
  • See full diff in compare view

Updates gradle/actions from 6.1.0 to 6.1.1

Release notes

Sourced from gradle/actions's releases.

v6.1.1

This release updates various dependency versions, resolving several reported security vulnerabilities. No functional changes are included

What's Changed

Full Changelog: gradle/actions@v6.1.0...v6.1.1

Commits
  • 5e2ebd0 [bot] Update dist directory
  • 9e2c1cc Resolve npm security vulnerabilities via dependency overrides (#980)
  • 657f690 [bot] Update dist directory
  • 9d6bacd Update @​actions/cache and @​actions/artifact, stop ignoring them in Dependabot...
  • 79f6b19 [bot] Update dist directory
  • 6781648 Bump the npm-dependencies group in /sources with 5 updates (#977)
  • a3b40d2 [bot] Update dist directory
  • f37016f Bump references to Develocity Gradle plugin from 4.4.0 to 4.4.2 (#973)
  • 2afdab2 [bot] Update dist directory
  • 1046ffa Bump the npm-dependencies group across 1 directory with 14 updates (#970)
  • Additional commits viewable in compare view

Updates epam/ai-dial-ci from 4.4.0 to 4.4.1

Release notes

Sourced from epam/ai-dial-ci's releases.

4.4.1

What's Changed

Full Changelog: epam/ai-dial-ci@4.4.0...4.4.1

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the github-actions group with 3 updates: [dataaxiom/ghcr-cleanup-action](https://github.com/dataaxiom/ghcr-cleanup-action), [gradle/actions](https://github.com/gradle/actions) and [epam/ai-dial-ci](https://github.com/epam/ai-dial-ci).


Updates `dataaxiom/ghcr-cleanup-action` from 1.2.1 to 1.2.2
- [Release notes](https://github.com/dataaxiom/ghcr-cleanup-action/releases)
- [Commits](dataaxiom/ghcr-cleanup-action@f092b48...d52806a)

Updates `gradle/actions` from 6.1.0 to 6.1.1
- [Release notes](https://github.com/gradle/actions/releases)
- [Commits](gradle/actions@50e97c2...5e2ebd0)

Updates `epam/ai-dial-ci` from 4.4.0 to 4.4.1
- [Release notes](https://github.com/epam/ai-dial-ci/releases)
- [Commits](epam/ai-dial-ci@4.4.0...4.4.1)

---
updated-dependencies:
- dependency-name: dataaxiom/ghcr-cleanup-action
  dependency-version: 1.2.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions
- dependency-name: gradle/actions
  dependency-version: 6.1.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions
- dependency-name: epam/ai-dial-ci
  dependency-version: 4.4.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Dependencies update github_actions Pull requests that update GitHub Actions code labels Jun 10, 2026
@dependabot dependabot Bot requested a review from MykhailoRyzhman as a code owner June 10, 2026 09:23
@dependabot dependabot Bot added dependencies Dependencies update github_actions Pull requests that update GitHub Actions code labels Jun 10, 2026
@statgpt-actions

Copy link
Copy Markdown
Collaborator

Dependency Review

The following issues were found:
  • ✅ 0 vulnerable package(s)
  • ✅ 0 package(s) with incompatible licenses
  • ✅ 0 package(s) with invalid SPDX license definitions
  • ⚠️ 1 package(s) with unknown licenses.
See the Details below.

License Issues

.github/workflows/test.yml

PackageVersionLicenseIssue Type
epam/ai-dial-ci/actions/java_prepare4.4.1NullUnknown License

OpenSSF Scorecard

PackageVersionScoreDetails
actions/epam/ai-dial-ci/actions/java_prepare 4.4.1 UnknownUnknown

Scanned Files

  • .github/workflows/test.yml

@dependabot @github

dependabot Bot commented on behalf of github Jun 15, 2026

Copy link
Copy Markdown
Contributor Author

Looks like these dependencies are no longer updatable, so this is no longer needed.

@dependabot dependabot Bot closed this Jun 15, 2026
@dependabot dependabot Bot deleted the dependabot/github_actions/github-actions-11cc96f33d branch June 15, 2026 20:28
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Dependencies update github_actions Pull requests that update GitHub Actions code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant