Skip to content

Bump actions/cache from 5.0.5 to 6.1.0#4130

Merged
llastflowers merged 1 commit into
mainfrom
dependabot/github_actions/actions/cache-6.1.0
Jul 6, 2026
Merged

Bump actions/cache from 5.0.5 to 6.1.0#4130
llastflowers merged 1 commit into
mainfrom
dependabot/github_actions/actions/cache-6.1.0

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 1, 2026

Copy link
Copy Markdown
Contributor

Bumps actions/cache from 5.0.5 to 6.1.0.

Release notes

Sourced from actions/cache's releases.

v6.1.0

What's Changed

Full Changelog: actions/cache@v6...v6.1.0

v6.0.0

What's Changed

Full Changelog: actions/cache@v5...v6.0.0

v5.1.0

What's Changed

Full Changelog: actions/cache@v5...v5.1.0

Changelog

Sourced from actions/cache's changelog.

6.1.0

6.0.0

  • Updated @actions/cache to ^6.0.1, @actions/core to ^3.0.1, @actions/exec to ^3.0.0, @actions/io to ^3.0.2
  • Migrated to ESM module system
  • Upgraded Jest to v30 and test infrastructure to be ESM compatible

5.0.4

  • Bump minimatch to v3.1.5 (fixes ReDoS via globstar patterns)
  • Bump undici to v6.24.1 (WebSocket decompression bomb protection, header validation fixes)
  • Bump fast-xml-parser to v5.5.6

5.0.3

5.0.2

  • Bump @actions/cache to v5.0.3 #1692

5.0.1

  • Update @azure/storage-blob to ^12.29.1 via @actions/cache@5.0.1 #1685

5.0.0

[!IMPORTANT] actions/cache@v5 runs on the Node.js 24 runtime and requires a minimum Actions Runner version of 2.327.1. If you are using self-hosted runners, ensure they are updated before upgrading.

4.3.0

  • Bump @actions/cache to v4.1.0

4.2.4

  • Bump @actions/cache to v4.0.5

4.2.3

  • Bump @actions/cache to v4.0.3 (obfuscates SAS token in debug logs for cache entries)

4.2.2

... (truncated)

Commits
  • 55cc834 Merge pull request #1768 from jasongin/readonly-cache
  • d8cd72f Bump @​actions/cache to v6.1.0 - handle cache write error due to RO token
  • 2c8a9bd Merge pull request #1760 from actions/samirat/esm_migration_and_package_update
  • e9b91fd Prettier fixes
  • e4884b8 Rebuild dist
  • 10baf01 Fixed licenses
  • e39b386 Fix test mock return order
  • b692820 PR feedback
  • 6074912 Rebuild dist bundles as ESM to match type:module
  • 5a912e8 Fix lint and jest issues
  • Additional commits viewable in compare view

@dependabot dependabot Bot added actions GitHub actions dependencies dependencies Pull requests that update a dependency file skip changeset Pull requests that don't change the library output labels Jul 1, 2026
@dependabot
dependabot Bot requested a review from a team as a code owner July 1, 2026 10:06
@dependabot
dependabot Bot requested a review from llastflowers July 1, 2026 10:06
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file skip changeset Pull requests that don't change the library output actions GitHub actions dependencies labels Jul 1, 2026
@changeset-bot

changeset-bot Bot commented Jul 1, 2026

Copy link
Copy Markdown

⚠️ No Changeset found

Latest commit: 3e473d2

Merging this PR will not cause a version bump for any packages. If these changes should not result in a new version, you're good to go. If these changes should result in a version bump, you need to add a changeset.

This PR includes no changesets

When changesets are added to this PR, you'll see the packages that this PR includes changesets for and the associated semver types

Click here to learn what changesets are, and how to add one.

Click here if you're a maintainer who wants to add a changeset to this PR

@llastflowers

Copy link
Copy Markdown
Contributor

@dependabot recreate

Bumps [actions/cache](https://github.com/actions/cache) from 5.0.5 to 6.1.0.
- [Release notes](https://github.com/actions/cache/releases)
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md)
- [Commits](actions/cache@v5.0.5...v6.1.0)

---
updated-dependencies:
- dependency-name: actions/cache
  dependency-version: 6.1.0
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot
dependabot Bot force-pushed the dependabot/github_actions/actions/cache-6.1.0 branch from 4cf13a3 to 3e473d2 Compare July 6, 2026 17:26
@llastflowers

Copy link
Copy Markdown
Contributor

@copilot Do the breaking changes in this PR appear safe to merge?

Copilot AI commented Jul 6, 2026

Copy link
Copy Markdown
Contributor

@copilot Do the breaking changes in this PR appear safe to merge?

Yes — this appears safe to merge for this repo.

I checked our usage in .github/workflows/demo-production-deploy.yml and we only use standard path/key inputs, which are unchanged. The action metadata is the same between v5.0.5 and v6.1.0 (including runs.using: node24), and the v6.x release notes are internal/runtime dependency updates plus a cache-save logging tweak. Since this workflow runs on ubuntu-latest (GitHub-hosted), I don’t see a runner-compatibility risk from this bump.

Copilot AI requested a review from llastflowers July 6, 2026 17:46
@llastflowers
llastflowers merged commit 71b4aef into main Jul 6, 2026
36 of 37 checks passed
@llastflowers
llastflowers deleted the dependabot/github_actions/actions/cache-6.1.0 branch July 6, 2026 17:47
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

actions GitHub actions dependencies dependencies Pull requests that update a dependency file skip changeset Pull requests that don't change the library output

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants