Skip to content

Bump the github-actions group across 1 directory with 4 updates#239

Closed
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/github_actions/github-actions-f6db357207
Closed

Bump the github-actions group across 1 directory with 4 updates#239
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/github_actions/github-actions-f6db357207

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 22, 2026

Copy link
Copy Markdown
Contributor

Bumps the github-actions group with 4 updates in the / directory: actions/checkout, pnpm/action-setup, ruby/setup-ruby and actions/setup-java.

Updates actions/checkout from 6.0.3 to 7.0.0

Release notes

Sourced from actions/checkout's releases.

v7.0.0

What's Changed

New Contributors

Full Changelog: actions/checkout@v6.0.3...v7.0.0

Changelog

Sourced from actions/checkout's changelog.

Changelog

v7.0.0

v6.0.3

v6.0.2

v6.0.1

v6.0.0

v5.0.1

v5.0.0

v4.3.1

v4.3.0

v4.2.2

v4.2.1

... (truncated)

Commits

Updates pnpm/action-setup from 5.0.0 to 6.0.9

Release notes

Sourced from pnpm/action-setup's releases.

v6.0.9

What's Changed

Full Changelog: pnpm/action-setup@v6...v6.0.9

v6.0.8

What's Changed

New Contributors

Full Changelog: pnpm/action-setup@v6.0.7...v6.0.8

v6.0.7

What's Changed

New Contributors

Full Changelog: pnpm/action-setup@v6.0.6...v6.0.7

v6.0.6

What's Changed

Full Changelog: pnpm/action-setup@v6.0.5...v6.0.6

v6.0.5

What's Changed

Full Changelog: pnpm/action-setup@v6.0.4...v6.0.5

v6.0.4

What's Changed

New Contributors

... (truncated)

Commits
  • 0ebf471 fix: update pnpm to v11.7.0 (#267)
  • 0e279bb fix: update pnpm to 11.1.1 (#248)
  • 3e83581 fix: drop patchPnpmEnv so standalone+self-update works on Windows (#258)
  • 551b42e docs(README): fix cache_dependency_path type (#257)
  • 739bfe4 fix: self-update bootstrap to packageManager-pinned version (#233) (#256)
  • f61705d chore: add CODEOWNERS
  • 7a5507b fix: restore inputs from state in post (#255)
  • 1155470 fix: honor devEngines.packageManager.onFail=error (#252) (#254)
  • 91ab88e fix: bin_dest output points to self-updated pnpm, not bootstrap (#249)
  • e578e19 fix: update pnpm to 11.0.4
  • Additional commits viewable in compare view

Updates ruby/setup-ruby from 1.312.0 to 1.314.0

Release notes

Sourced from ruby/setup-ruby's releases.

v1.314.0

What's Changed

Full Changelog: ruby/setup-ruby@v1.313.0...v1.314.0

v1.313.0

What's Changed

Full Changelog: ruby/setup-ruby@v1.312.0...v1.313.0

Commits
  • 9eb537c Add support for ubuntu-26.04 and ubuntu-26.04-arm
  • e1a3b10 Improve versions-strings-for-builder.rb
  • 0df5288 Remove gem install sassc on Windows JRuby
  • 89f9052 Add jruby-10.0.6.0
  • See full diff in compare view

Updates actions/setup-java from 5.2.0 to 5.3.0

Release notes

Sourced from actions/setup-java's releases.

v5.3.0

What's Changed

New Contributors

Full Changelog: actions/setup-java@v5...v5.3.0

Commits
  • ad2b381 Bump @​vercel/ncc from 0.38.1 to 0.44.0 (#1018)
  • b24df5b Make the Adoptopenjdk package type look at the Temurin repo first for latest ...
  • 43120bc Implement pagination with link headers for Adoptium based apis (#1014)
  • ad9d6a6 Bump @​types/node from 24.1.0 to 25.9.3 (#950)
  • 039af37 Bump picomatch, @​types/jest, jest, jest-circus and ts-jest (#1016)
  • 1756ab6 Bump eslint-config-prettier from 8.10.0 to 10.1.8 (#881)
  • 662bb59 Bump @​typescript-eslint/eslint-plugin from 8.35.1 to 8.46.2 (#952)
  • 1071fc1 fix: resolve npm audit vulnerabilities in fast-xml-builder and fast-xml-parse...
  • 576b821 Merge pull request #674 from gdams/alpine
  • 307d3a2 update readme for ubuntu sudo java_home behavior (#1013)
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the github-actions group with 4 updates in the / directory: [actions/checkout](https://github.com/actions/checkout), [pnpm/action-setup](https://github.com/pnpm/action-setup), [ruby/setup-ruby](https://github.com/ruby/setup-ruby) and [actions/setup-java](https://github.com/actions/setup-java).


Updates `actions/checkout` from 6.0.3 to 7.0.0
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](actions/checkout@df4cb1c...9c091bb)

Updates `pnpm/action-setup` from 5.0.0 to 6.0.9
- [Release notes](https://github.com/pnpm/action-setup/releases)
- [Commits](pnpm/action-setup@fc06bc1...0ebf471)

Updates `ruby/setup-ruby` from 1.312.0 to 1.314.0
- [Release notes](https://github.com/ruby/setup-ruby/releases)
- [Changelog](https://github.com/ruby/setup-ruby/blob/master/release.rb)
- [Commits](ruby/setup-ruby@12fd324...9eb537c)

Updates `actions/setup-java` from 5.2.0 to 5.3.0
- [Release notes](https://github.com/actions/setup-java/releases)
- [Commits](actions/setup-java@be666c2...ad2b381)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-version: 7.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions
- dependency-name: pnpm/action-setup
  dependency-version: 6.0.9
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions
- dependency-name: ruby/setup-ruby
  dependency-version: 1.314.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions
- dependency-name: actions/setup-java
  dependency-version: 5.3.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot @github

dependabot Bot commented on behalf of github Jun 22, 2026

Copy link
Copy Markdown
Contributor Author

Labels

The following labels could not be found: github-actions. Please create it before Dependabot can add it to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

@dependabot dependabot Bot added the dependencies Pull requests that update a dependency file label Jun 22, 2026
@dependabot dependabot Bot requested a review from eviltester as a code owner June 22, 2026 22:28
@dependabot dependabot Bot added the dependencies Pull requests that update a dependency file label Jun 22, 2026
@greptile-apps

greptile-apps Bot commented Jun 22, 2026

Copy link
Copy Markdown

Greptile Summary

  • Updates GitHub Actions workflow dependencies across .github/workflows.
  • Bumps actions/checkout to v7.0.0 in CI, deploy, and test environment workflows.
  • Bumps pnpm/action-setup to v6.0.9 for Node.js CI jobs.
  • Bumps ruby/setup-ruby to v1.314.0 and actions/setup-java to v5.3.0 in the cross-language toolchain job.

Confidence Score: 5/5

The workflow-only dependency updates are safe to merge with no code issues identified.

The changes are limited to GitHub Actions version bumps and no review comments were produced.

T-Rex T-Rex Logs

What T-Rex did

  • The pre-change workflow files showed old pins for actions/checkout, pnpm/action-setup, ruby/setup-ruby, and actions/setup-java.
  • The workflow pins were updated to new versions as shown after the change.
  • Validation checks for the changed workflows were executed and completed successfully, with exit code 0 and YAML parse: OK for each changed workflow file.

View all artifacts

T-Rex Ran code and verified through T-Rex

Reviews (1): Last reviewed commit: "Bump the github-actions group across 1 d..." | Re-trigger Greptile

@dependabot @github

dependabot Bot commented on behalf of github Jun 24, 2026

Copy link
Copy Markdown
Contributor Author

Looks like these dependencies are updatable in another way, so this is no longer needed.

@dependabot dependabot Bot closed this Jun 24, 2026
@dependabot dependabot Bot deleted the dependabot/github_actions/github-actions-f6db357207 branch June 24, 2026 03:54
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants