Skip to content

Bump the github-actions group across 1 directory with 2 updates#122

Closed
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/github_actions/github-actions-2e8e3f300d
Closed

Bump the github-actions group across 1 directory with 2 updates#122
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/github_actions/github-actions-2e8e3f300d

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github May 20, 2026

Copy link
Copy Markdown
Contributor

Bumps the github-actions group with 2 updates in the / directory: ruby/setup-ruby and shivammathur/setup-php.

Updates ruby/setup-ruby from 1.307.0 to 1.310.0

Release notes

Sourced from ruby/setup-ruby's releases.

v1.310.0

What's Changed

Full Changelog: ruby/setup-ruby@v1.309.0...v1.310.0

v1.309.0

What's Changed

Full Changelog: ruby/setup-ruby@v1.308.0...v1.309.0

v1.308.0

What's Changed

Full Changelog: ruby/setup-ruby@v1.307.0...v1.308.0

Commits

Updates shivammathur/setup-php from 2.37.0 to 2.37.1

Release notes

Sourced from shivammathur/setup-php's releases.

2.37.1

Changelog

Security Updates

[!NOTE] This can affect workflows that pass values from users or pull requests to setup-php, for example from comments, dispatch inputs, PR titles/branches, generated matrices, or files such as .php-version and composer.json. Be especially careful with pull_request_target workflows that use any value from the pull request. Workflows that only use fixed trusted values are not expected to be affected, but updating to 2.37.1 is recommended.

[!NOTE]
This only affects workflows where the composer version is pinned like composer:2.9.7, workflows that do not pin the version or use composer:v2 are not affected as those get automatic updates. In case you pin the version, it is highly recommended to upgrade and have automation to do such timely upgrades in your workflows.

Fixes and Improvements

  • Fixed support for phalcon on Windows.

  • Fixed restoring tools when using cached using previous runs.

  • Improved enabling gearman extension on Linux.

  • Fixed fallback when installing PhpManager and VcRedist modules on Windows.

  • Fixed parsing extension inputs with backslash line continuation.

  • Improved workflow examples

    • Added workflow examples for Drupal 11 composer-managed projects and WordPress plugins.
    • Added workflow examples for Yii3 web applications and replaced Yii2 Starter Kit examples.
    • Updated workflow examples to use currently supported PHP versions.
  • Updated OS release mappings for newer Ubuntu releases.

  • Updated internal workflows for Codecov v6 and NPM trusted publishing.

  • Updated Node.js dependencies.

  • Fixed composer version in README. (#1081)

Thanks @​Pyker for the contribution

For the complete list of changes, please refer to the Full Changelog

Commits

@dependabot dependabot Bot added the dependencies Pull requests that update a dependency file label May 20, 2026
@dependabot @github

dependabot Bot commented on behalf of github May 20, 2026

Copy link
Copy Markdown
Contributor Author

Labels

The following labels could not be found: github-actions. Please create it before Dependabot can add it to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

@dependabot dependabot Bot requested a review from eviltester as a code owner May 20, 2026 08:09
@dependabot dependabot Bot added the dependencies Pull requests that update a dependency file label May 20, 2026
Bumps the github-actions group with 2 updates in the / directory: [ruby/setup-ruby](https://github.com/ruby/setup-ruby) and [shivammathur/setup-php](https://github.com/shivammathur/setup-php).


Updates `ruby/setup-ruby` from 1.307.0 to 1.310.0
- [Release notes](https://github.com/ruby/setup-ruby/releases)
- [Changelog](https://github.com/ruby/setup-ruby/blob/master/release.rb)
- [Commits](ruby/setup-ruby@6aaa311...afeafc3)

Updates `shivammathur/setup-php` from 2.37.0 to 2.37.1
- [Release notes](https://github.com/shivammathur/setup-php/releases)
- [Commits](shivammathur/setup-php@accd612...7c071df)

---
updated-dependencies:
- dependency-name: ruby/setup-ruby
  dependency-version: 1.308.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions
- dependency-name: shivammathur/setup-php
  dependency-version: 2.37.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot changed the title Bump the github-actions group with 2 updates Bump the github-actions group across 1 directory with 2 updates May 27, 2026
@dependabot dependabot Bot force-pushed the dependabot/github_actions/github-actions-2e8e3f300d branch from 7146c1d to e76ea18 Compare May 27, 2026 05:31
@dependabot @github

dependabot Bot commented on behalf of github Jun 4, 2026

Copy link
Copy Markdown
Contributor Author

Looks like these dependencies are updatable in another way, so this is no longer needed.

@dependabot dependabot Bot closed this Jun 4, 2026
@dependabot dependabot Bot deleted the dependabot/github_actions/github-actions-2e8e3f300d branch June 4, 2026 01:17
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants