Skip to content

build(deps): Bump pnpm/action-setup from 5.0.0 to 6.0.8#71

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/github_actions/pnpm/action-setup-6.0.8
Open

build(deps): Bump pnpm/action-setup from 5.0.0 to 6.0.8#71
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/github_actions/pnpm/action-setup-6.0.8

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github May 19, 2026

Bumps pnpm/action-setup from 5.0.0 to 6.0.8.

Release notes

Sourced from pnpm/action-setup's releases.

v6.0.8

What's Changed

New Contributors

Full Changelog: pnpm/action-setup@v6.0.7...v6.0.8

v6.0.7

What's Changed

New Contributors

Full Changelog: pnpm/action-setup@v6.0.6...v6.0.7

v6.0.6

What's Changed

Full Changelog: pnpm/action-setup@v6.0.5...v6.0.6

v6.0.5

What's Changed

Full Changelog: pnpm/action-setup@v6.0.4...v6.0.5

v6.0.4

What's Changed

New Contributors

Full Changelog: pnpm/action-setup@v6.0.3...v6.0.4

v6.0.3

Updated pnpm to v11.0.0-rc.5

Full Changelog: pnpm/action-setup@v6.0.2...v6.0.3

... (truncated)

Commits
  • 0e279bb fix: update pnpm to 11.1.1 (#248)
  • 3e83581 fix: drop patchPnpmEnv so standalone+self-update works on Windows (#258)
  • 551b42e docs(README): fix cache_dependency_path type (#257)
  • 739bfe4 fix: self-update bootstrap to packageManager-pinned version (#233) (#256)
  • f61705d chore: add CODEOWNERS
  • 7a5507b fix: restore inputs from state in post (#255)
  • 1155470 fix: honor devEngines.packageManager.onFail=error (#252) (#254)
  • 91ab88e fix: bin_dest output points to self-updated pnpm, not bootstrap (#249)
  • e578e19 fix: update pnpm to 11.0.4
  • 8912a91 fix: append (not prepend) action node dir to PATH for npm bootstrap (#241)
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
build(deps): Bump pnpm/action-setup from 5.0.0 to 6.0.8
c8a9dc7 
Bumps [pnpm/action-setup](https://github.com/pnpm/action-setup) from 5.0.0 to 6.0.8.
- [Release notes](https://github.com/pnpm/action-setup/releases)
- [Commits](pnpm/action-setup@fc06bc1...0e279bb)

---
updated-dependencies:
- dependency-name: pnpm/action-setup
  dependency-version: 6.0.8
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies github_actions Pull requests that update GitHub Actions code major Breaking changes labels May 19, 2026
@dependabot dependabot Bot mentioned this pull request May 19, 2026
Closed
@github-actions github-actions Bot added the ci label May 19, 2026
kilo-code-bot[bot]
kilo-code-bot Bot reviewed May 19, 2026
View reviewed changes
Comment thread .github/workflows/ci.yml

- name: Setup pnpm
uses: pnpm/action-setup@fc06bc1257f339d1d5d8b3a19a8cae5388b55320
uses: pnpm/action-setup@0e279bb959325dab635dd2c09392533439d90093
Copy link
Copy Markdown

@kilo-code-bot kilo-code-bot Bot May 19, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

WARNING: Major version bump (v5 -> v6.0.8) with several behavioral changes:

  • v6.0.7 honors devEngines.packageManager.onFail=error, so pnpm may now error where it silently succeeded before.
  • v6.0.8 drops patchPnpmEnv, fixing standalone+self-update on Windows — confirm no custom logic relied on the old patch behavior.
  • v6.0.6 changed bin_dest output behavior, which may affect any scripts inspecting action outputs.

Recommend verifying CI passes cleanly before merging.

@kilo-code-bot
Copy link
Copy Markdown

kilo-code-bot Bot commented May 19, 2026
edited
Loading

Code Review Summary

Status: 1 Issue Found | Recommendation: Address before merge

Overview

Severity Count
WARNING 1
Issue Details (click to expand)

WARNING

File Line Issue
.github/workflows/ci.yml 24 Major version bump v5 -> v6.0.8 carries behavioral changes: devEngines.packageManager.onFail=error now honored, patchPnpmEnv dropped, bin_dest output changed. CI should be verified before merging.
Files Reviewed (1 file)
  • .github/workflows/ci.yml — 1 issue

Reviewed by step-3.5-flash · 134,957 tokens

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@kilo-code-bot kilo-code-bot[bot] kilo-code-bot[bot] left review comments

Assignees

No one assigned

Labels

ci dependencies github_actions Pull requests that update GitHub Actions code major Breaking changes

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants