Skip to content

chore(deps): update github actions#497

Merged
AlexanderBarabanov merged 1 commit into
masterfrom
renovate/github-actions
Mar 6, 2026
Merged

chore(deps): update github actions#497
AlexanderBarabanov merged 1 commit into
masterfrom
renovate/github-actions

Conversation

@oep-renovate

@oep-renovate oep-renovate Bot commented Mar 1, 2026
edited
Loading

Copy link
Copy Markdown
Contributor

This PR contains the following updates:

Package Type Update Change
actions/download-artifact action major v7v8
actions/upload-artifact action major v6.0.0v7.0.0
astral-sh/setup-uv action patch v7.3.0v7.3.1
astral-sh/uv uses-with patch 0.10.00.10.8
github/codeql-action action patch v4.32.2v4.32.6
open-edge-platform/geti-ci action digest 3a4b81ecc6fbe8
renovatebot/github-action action minor v46.0.2v46.1.3
svenstaro/upload-release-action action patch 2.11.32.11.4

Release Notes

actions/download-artifact (actions/download-artifact)

v8

Compare Source

actions/upload-artifact (actions/upload-artifact)

v7.0.0

Compare Source

v7 What's new
Direct Uploads

Adds support for uploading single files directly (unzipped). Callers can set the new archive parameter to false to skip zipping the file during upload. Right now, we only support single files. The action will fail if the glob passed resolves to multiple files. The name parameter is also ignored with this setting. Instead, the name of the artifact will be the name of the uploaded file.

ESM

To support new versions of the @actions/* packages, we've upgraded the package to ESM.

What's Changed
New Contributors

Full Changelog: actions/upload-artifact@v6...v7.0.0

astral-sh/setup-uv (astral-sh/setup-uv)

v7.3.1: 🌈 fall back to VERSION_CODENAME when VERSION_ID is not available

Compare Source

Changes

This release adds support for running in containers like debian:testing or debian:unstable

🐛 Bug fixes
🧰 Maintenance
⬆️ Dependency updates
astral-sh/uv (astral-sh/uv)

v0.10.8

Compare Source

Released on 2026-03-03.

Python
  • Add CPython 3.10.20
  • Add CPython 3.11.15
  • Add CPython 3.12.13
Enhancements
  • Add Docker images based on Docker Hardened Images (#​18247)
  • Add resolver hint when --exclude-newer filters out all versions of a package (#​18217)
  • Configure a real retry minimum delay of 1s (#​18201)
  • Expand uv_build direct build compatibility (#​17902)
  • Fetch CPython from an Astral mirror by default (#​18207)
  • Download uv releases from an Astral mirror in installers by default (#​18191)
  • Add SBOM attestations to Docker images (#​18252)
  • Improve hint for installing meson-python when missing as build backend (#​15826)
Configuration
  • Add UV_INIT_BARE environment variable for uv init (#​18210)
Bug fixes
  • Prevent uv tool upgrade from installing excluded dependencies (#​18022)
  • Promote authentication policy when saving tool receipts (#​18246)
  • Respect exclusions in scripts (#​18269)
  • Retain default-branch Git SHAs in pylock.toml files (#​18227)
  • Skip installed Python check for URL dependencies (#​18211)
  • Respect constraints during --upgrade (#​18226)
  • Fix uv tree orphaned roots and premature deduplication (#​17212)
Documentation
  • Mention cooldown and tweak inline script metadata in dependency bots documentation (#​18230)
  • Move cache prune in GitLab to after_script (#​18206)

v0.10.7

Compare Source

Released on 2026-02-27.

Bug fixes
  • Fix handling of junctions in Windows Containers on Windows (#​18192)
Enhancements
  • Activate logging for middleware retries (#​18200)
  • Upload uv releases to a mirror (#​18159)

v0.10.6

Compare Source

Released on 2026-02-24.

Bug fixes
  • Apply lockfile marker normalization for fork markers (#​18116)
  • Fix Python version selection for scripts with a requires-python conflicting with .python-version (#​18097)
  • Preserve file permissions when using reflinks on Linux (#​18187)
Documentation
  • Remove verbose documentation from optional dependencies help text (#​18180)

v0.10.5

Compare Source

Released on 2026-02-23.

Enhancements
  • Add hint when named index is found in a parent config file (#​18087)
  • Add warning for uv lock --frozen (#​17859)
  • Attempt to use reflinks by default on Linux (#​18117)
  • Fallback to hardlinks after reflink failure before copying (#​18104)
  • Filter pylock.toml wheels by tags and requires-python (#​18081)
  • Validate wheel filenames are normalized during uv publish (#​17783)
  • Fix message when exclude-newer invalidates the lock file (#​18100)
  • Change the missing files log level to debug (#​18075)
Performance
  • Improve performance of repeated conflicts with an extra (#​18094)
Bug fixes
  • Fix --no-emit-workspace with --all-packages on single-member workspaces (#​18098)
  • Fix UV_NO_DEFAULT_GROUPS rejecting truthy values like 1 (#​18057)
  • Fix iOS detection (#​17973)
  • Propagate project-level conflicts to package extras (#​18096)
  • Use a global build concurrency semaphore (#​18054)
Documentation
  • Update documentation heading for environment variable files (#​18122)
  • Fix comment about uv export formats (#​17900)
  • Make it clear that Windows is supported in user- and system- level configuration docs (#​18106)

v0.10.4

Compare Source

Released on 2026-02-17.

Enhancements
  • Remove duplicate references to the affected paths when showing uv python errors (#​18008)
  • Skip discovery of workspace members that contain only git-ignored files, including in sub-directories (#​18051)
Bug fixes
  • Don't panic when initialising a package at the filesystem root (e.g. uv init / --name foo) (#​17983)
  • Fix permissions on wheel and sdist files produced by the uv_build build backend (#​18020)
  • Revert locked file change to fix locked files on NFS mounts (#​18071)

v0.10.3

Compare Source

Released on 2026-02-16.

Python
  • Add CPython 3.15.0a6
Enhancements
  • Don't open file locks for writing (#​17956)
  • Make Windows trampoline error messages consistent with uv proper (#​17969)
  • Log which preview features are enabled (#​17968)
Preview features
  • Add support for ruff version constraints and exclude-newer in uv format (#​17651)
  • Fix script path handling when target-workspace-discovery is enabled (#​17965)
  • Use version constraints to select the default ruff version used by uv format (#​17977)
Bug fixes
  • Avoid matching managed Python versions by prefixes, e.g. don't match CPython 3.10 when cpython-3.1 is specified (#​17972)
  • Fix handling of --allow-existing with minor version links on Windows (#​17978)
  • Fix panic when encountering unmanaged workspace members (#​17974)
  • Improve accuracy of request timing (#​18007)
  • Reject u64::MAX in version segments to prevent overflow (#​17985)
Documentation
  • Reference Debian Trixie instead of Bookworm (#​17991)

v0.10.2

Compare Source

Released on 2026-02-10.

Enhancements
  • Deprecate unexpected ZIP compression methods (#​17946)
Bug fixes
  • Fix cargo-install failing due to missing uv-test dependency (#​17954)

v0.10.1

Compare Source

Released on 2026-02-10.

Enhancements
  • Don't panic on metadata read errors (#​17904)
  • Skip empty workspace members instead of failing (#​17901)
  • Don't fail creating a read-only sdist-vX/.git if it already exists (#​17825)
Documentation
  • Suggest uv python update-shell over uv tool update-shell in Python docs (#​17941)
github/codeql-action (github/codeql-action)

v4.32.6

Compare Source

v4.32.5

Compare Source

  • Repositories owned by an organization can now set up the github-codeql-disable-overlay custom repository property to disable improved incremental analysis for CodeQL. First, create a custom repository property with the name github-codeql-disable-overlay and the type "True/false" in the organization's settings. Then in the repository's settings, set this property to true to disable improved incremental analysis. For more information, see Managing custom properties for repositories in your organization. This feature is not yet available on GitHub Enterprise Server. #​3507
  • Added an experimental change so that when improved incremental analysis fails on a runner — potentially due to insufficient disk space — the failure is recorded in the Actions cache so that subsequent runs will automatically skip improved incremental analysis until something changes (e.g. a larger runner is provisioned or a new CodeQL version is released). We expect to roll this change out to everyone in March. #​3487
  • The minimum memory check for improved incremental analysis is now skipped for CodeQL 2.24.3 and later, which has reduced peak RAM usage. #​3515
  • Reduced log levels for best-effort private package registry connection check failures to reduce noise from workflow annotations. #​3516
  • Added an experimental change which lowers the minimum disk space requirement for improved incremental analysis, enabling it to run on standard GitHub Actions runners. We expect to roll this change out to everyone in March. #​3498
  • Added an experimental change which allows the start-proxy action to resolve the CodeQL CLI version from feature flags instead of using the linked CLI bundle version. We expect to roll this change out to everyone in March. #​3512
  • The previously experimental changes from versions 4.32.3, 4.32.4, 3.32.3 and 3.32.4 are now enabled by default. #​3503, #​3504

v4.32.4

Compare Source

  • Update default CodeQL bundle version to 2.24.2. #​3493
  • Added an experimental change which improves how certificates are generated for the authentication proxy that is used by the CodeQL Action in Default Setup when private package registries are configured. This is expected to generate more widely compatible certificates and should have no impact on analyses which are working correctly already. We expect to roll this change out to everyone in February. #​3473
  • When the CodeQL Action is run with debugging enabled in Default Setup and private package registries are configured, the "Setup proxy for registries" step will output additional diagnostic information that can be used for troubleshooting. #​3486
  • Added a setting which allows the CodeQL Action to enable network debugging for Java programs. This will help GitHub staff support customers with troubleshooting issues in GitHub-managed CodeQL workflows, such as Default Setup. This setting can only be enabled by GitHub staff. #​3485
  • Added a setting which enables GitHub-managed workflows, such as Default Setup, to use a nightly CodeQL CLI release instead of the latest, stable release that is used by default. This will help GitHub staff support customers whose analyses for a given repository or organization require early access to a change in an upcoming CodeQL CLI release. This setting can only be enabled by GitHub staff. #​3484

v4.32.3

Compare Source

  • Added experimental support for testing connections to private package registries. This feature is not currently enabled for any analysis. In the future, it may be enabled by default for Default Setup. #​3466
renovatebot/github-action (renovatebot/github-action)

v46.1.3

Compare Source

Documentation
  • update references to renovatebot/github-action to v46.1.2 (c1919e8)
Miscellaneous Chores
  • deps: update commitlint monorepo to v20.4.2 (33d9930)
  • deps: update dependency rimraf to v6.1.3 (e766d22)
  • deps: update dependency typescript-eslint to v8.56.0 (f9dcda0)
  • deps: update linters to v9.39.3 (ef9b9ba)
  • deps: update node.js to v24.14.0 (b3a0880)
  • deps: update pnpm to v10.30.0 (59ce301)
  • deps: update pnpm to v10.30.1 (e845459)
Build System
  • deps: lock file maintenance (dd48f24)
Continuous Integration
  • deps: update ghcr.io/renovatebot/renovate docker tag to v43.31.3 (9491cf2)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v43.31.6 (3922baa)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v43.31.7 (c0d62e6)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v43.31.9 (4e978b3)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v43.32.1 (6114872)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v43.33.1 (86fceaf)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v43.35.0 (d3a54e6)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v43.35.1 (cda9844)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v43.36.2 (4c8e2c8)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v43.38.0 (872efd3)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v43.38.1 (#​1019) (900671c)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v43.39.2 (817380b)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v43.40.0 (f2dac01)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v43.40.2 (bce9221)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v43.43.0 (f958e7f)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v43.43.2 (93ae713)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v43.43.3 (425dcb0)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v43.46.0 (ab1321e)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v43.46.1 (d980a96)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v43.46.2 (79b889c)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v43.46.3 (98559e2)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v43.46.5 (05b9a1e)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v43.46.6 (e2f421a)

v46.1.2

Compare Source

Documentation
  • update references to renovatebot/github-action to v46.1.1 (bf2591a)
Miscellaneous Chores
Build System
  • deps: lock file maintenance (6197b28)
Continuous Integration
  • deps: update ghcr.io/renovatebot/renovate docker tag to v43.15.2 (6c531ac)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v43.15.3 (e4db07f)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v43.16.0 (dae8968)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v43.17.1 (01bec16)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v43.18.0 (30300b2)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v43.19.0 (9fad834)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v43.19.2 (a57ccc4)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v43.23.0 (1dc2f66)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v43.24.0 (9b2fdf5)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v43.24.1 (c8ef6d8)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v43.24.2 (adb1170)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v43.25.10 (fd47a40)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v43.25.11 (c9fc4f3)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v43.25.2 (ea9ae42)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v43.25.6 (e00d40c)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v43.25.7 (f547592)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v43.25.8 (54bb8d4)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v43.26.0 (577731a)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v43.26.1 (8b1d0d4)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v43.26.2 (2b3fcc8)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v43.26.4 (9fcdb6d)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v43.27.0 (3e7006a)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v43.29.0 (acd7cdb)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v43.29.2 (b2bea5d)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v43.30.0 (57724db)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v43.30.1 (80729bd)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v43.31.0 (53a62bb)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v43.31.1 (087d576)

v46.1.1

Compare Source

Documentation
  • update references to renovatebot/github-action to v46.1.0 (3e59b30)
Miscellaneous Chores
Build System
  • deps: lock file maintenance (6d4f8ba)
Continuous Integration
  • deps: update ghcr.io/renovatebot/renovate docker tag to v43.10.1 (aafa9c6)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v43.10.2 (8905d37)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v43.10.3 (5583fa9)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v43.11.0 (acd6b7a)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v43.11.1 (13d385d)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v43.12.1 (de54e2e)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v43.14.0 (9f6ab2c)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v43.14.1 (1891356)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v43.15.0 (f9a9a11)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v43.15.1 (1b92a45)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v43.9.0 (e8637fa)

v46.1.0

Compare Source

Features
Documentation
  • update references to renovatebot/github-action to v46.0.2 (b305ad3)
Miscellaneous Chores
Continuous Integration
  • deps: update ghcr.io/renovatebot/renovate docker tag to v43.5.1 (1a6a41a)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v43.5.2 (57787cb)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v43.5.3 (8d7d410)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v43.5.4 (bfef2fb)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v43.5.5 (20ee987)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v43.6.0 (7e341be)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v43.6.2 (931fd8e)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v43.6.3 (5f27c88)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v43.8.0 (cdaa9e6)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v43.8.1 (28b06b1)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v43.8.2 (4d22b44)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v43.8.3 (81ff6bf)
  • deps: update ghcr.io/renovatebot/renovate docker tag to v43.8.5 (f8022fe)
svenstaro/upload-release-action (svenstaro/upload-release-action)

v2.11.4

Compare Source

  • Bump npm versions

Configuration

📅 Schedule: Branch creation - On day 1 of the month ( * * 1 * * ) (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

  • If you want to rebase/retry this PR, check this box

This PR has been generated by Renovate Bot.

@oep-renovate oep-renovate Bot requested a review from a team as a code owner March 1, 2026 03:04
@github-actions github-actions Bot added the build Related to build scripts label Mar 1, 2026
@oep-renovate oep-renovate Bot force-pushed the renovate/github-actions branch 4 times, most recently from 34f6474 to 2f7e0a4 Compare March 5, 2026 02:59
@oep-renovate
chore(deps): update github actions
80a49ef 
Signed-off-by: oep-renovate[bot] <212772560+oep-renovate[bot]@users.noreply.github.com>
@oep-renovate oep-renovate Bot force-pushed the renovate/github-actions branch from 2f7e0a4 to 80a49ef Compare March 6, 2026 02:59
@AlexanderBarabanov AlexanderBarabanov added this pull request to the merge queue Mar 6, 2026
Merged via the queue into master with commit d7f8278 Mar 6, 2026
52 of 54 checks passed
@AlexanderBarabanov AlexanderBarabanov deleted the renovate/github-actions branch March 6, 2026 15:16
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@AlexanderBarabanov AlexanderBarabanov AlexanderBarabanov approved these changes

Assignees

No one assigned

Labels

build Related to build scripts

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@AlexanderBarabanov