Skip to content

ci: bump the github-actions group across 1 directory with 7 updates#336

Open
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/github_actions/github-actions-414c55c95b
Open

ci: bump the github-actions group across 1 directory with 7 updates#336
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/github_actions/github-actions-414c55c95b

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github Mar 23, 2026
edited
Loading

Bumps the github-actions group with 7 updates in the / directory:

Package From To
actions/checkout 6.0.1 6.0.2
moonrepo/setup-rust 1.2.2 1.3.0
taiki-e/setup-cross-toolchain-action 1.32.1 1.41.0
taiki-e/upload-rust-binary-action 1.27.0 1.30.2
actions/upload-artifact 5 7
actions/create-github-app-token 2.2.1 3.2.0
MarcoIeni/release-plz-action 0.5.120 0.5.129

Updates actions/checkout from 6.0.1 to 6.0.2

Release notes

Sourced from actions/checkout's releases.

v6.0.2

What's Changed

Full Changelog: actions/checkout@v6.0.1...v6.0.2

Changelog

Sourced from actions/checkout's changelog.

Changelog

v6.0.2

v6.0.1

v6.0.0

v5.0.1

v5.0.0

v4.3.1

v4.3.0

v4.2.2

v4.2.1

v4.2.0

v4.1.7

v4.1.6

... (truncated)

Commits
  • de0fac2 Fix tag handling: preserve annotations and explicit fetch-tags (#2356)
  • 064fe7f Add orchestration_id to git user-agent when ACTIONS_ORCHESTRATION_ID is set (...
  • See full diff in compare view

Updates moonrepo/setup-rust from 1.2.2 to 1.3.0

Release notes

Sourced from moonrepo/setup-rust's releases.

v1.3.0

  • Added a cache-extra-identifier input.
  • Updated action to Node.js v24.
  • Updated dependencies.
Changelog

Sourced from moonrepo/setup-rust's changelog.

1.3.0

  • Added a cache-extra-identifier input.
  • Updated action to Node.js v24.
  • Updated dependencies.

1.2.2

  • Updated dependencies.

1.2.1

  • Pinned the cargo-binstall version to v1.8 to work around the 404 errors in CI.
  • Added support for the CARGO_BINSTALL_VERSION environment variable.

1.2.0

  • Added a target-dirs input, allowing the target folders to be specified. Can now cache multiple target folders.
  • Updated to skip caching a directory if it does not exist, instead of failing.
  • Updated dependencies.

1.1.0

  • Added a cache-base input. When provided, will only save cache on this branch/ref, but will restore cache on all branches/refs.
  • Updated dependencies.

1.0.3

  • Include GITHUB_WORKFLOW in cache key.
  • Updated dependencies.

1.0.2

  • Switch to Node.js v20.

1.0.1

  • Fixed an issue where a module was missing from the build.

1.0.0

  • Will now install rustup if it does not exist in the environment.
  • Added musl support to cargo-binstall.

0.6.0

  • Breaking: Cargo bins must provide the cargo- crate prefix manually. This change allows non-crate globals to be installed.

... (truncated)

Commits

Updates taiki-e/setup-cross-toolchain-action from 1.32.1 to 1.41.0

Release notes

Sourced from taiki-e/setup-cross-toolchain-action's releases.

1.41.0

  • Update the default Valgrind version from 3.26.0 to 3.27.1.

1.40.1

  • Revert update of default Valgrind version and default Valgrind arguments change in 1.40.0 due to Valgrind 3.27.0 bug.

1.40.0

  • Support trailing comma in package input option.

  • Support specifying Valgrind version via valgrind input option and runner input option (valgrind@<version> syntax).

  • Use --fair-sched=try instead of --fair-sched=yes in default arguments passed to Valgrind.

  • Update the default QEMU version from 10.2 to 11.0.

  • Update the default Valgrind version from 3.26.0 to 3.27.0.

  • Improve robustness for network failure.

1.39.2

  • Improve support for Ubuntu 26.04.

1.39.1

  • Avoid triggering zizmor ref-confusion when using this action in form of uses: taiki-e/setup-cross-toolchain-action@v1.

1.39.0

  • Support native runner for soft-float little-endian Arm linux-gnu targets on GitHub-hosted AArch64 Linux runners (ubuntu-22.04-arm, ubuntu-24.04-arm) with Debian containers.

1.38.0

1.37.1

1.37.0

  • Support {x86_64,aarch64}-pc-windows-gnullvm on Windows host.

1.36.0

  • Accept target: host-tuple input option (align to Cargo 1.91+).

1.35.0

  • Add runner: valgrind input option to run tests with Valgrind. (#35)

  • Add package input option to install packages for target. (#34)

    This is currently only supported for some Linux (GNU) targets on Ubuntu/Debian hosts, and packages will be installed using the form: <sudo as needed> apt-get install --no-install-recommends <each package>:<target's dpkg arch>...

1.34.0

... (truncated)

Changelog

Sourced from taiki-e/setup-cross-toolchain-action's changelog.

Changelog

All notable changes to this project will be documented in this file.

This project adheres to Semantic Versioning.

[Unreleased]

[1.41.0] - 2026-05-23

  • Update the default Valgrind version from 3.26.0 to 3.27.1.

[1.40.1] - 2026-05-04

  • Revert update of default Valgrind version and default Valgrind arguments change in 1.40.0 due to Valgrind 3.27.0 bug.

[1.40.0] - 2026-05-03

  • Support trailing comma in package input option.

  • Support specifying Valgrind version via valgrind input option and runner input option (valgrind@<version> syntax).

  • Use --fair-sched=try instead of --fair-sched=yes in default arguments passed to Valgrind.

  • Update the default QEMU version from 10.2 to 11.0.

  • Update the default Valgrind version from 3.26.0 to 3.27.0.

  • Improve robustness for network failure.

[1.39.2] - 2026-03-29

  • Improve support for Ubuntu 26.04.

[1.39.1] - 2026-03-08

  • Avoid triggering zizmor ref-confusion when using this action in form of uses: taiki-e/setup-cross-toolchain-action@v1.

[1.39.0] - 2026-03-07

  • Support native runner for soft-float little-endian Arm linux-gnu targets on GitHub-hosted AArch64 Linux runners (ubuntu-22.04-arm, ubuntu-24.04-arm) with Debian containers.

[1.38.0] - 2026-01-29

  • Support riscv64a23-unknown-linux-gnu.

... (truncated)

Commits
  • 3d9770c Release 1.41.0
  • ea3a67a Bump taiki-e/install-action from 2.77.0 to 2.77.3 (#40)
  • 70227b7 ci: Update config
  • 649d48d Update default Valgrind version from 3.26.0 to 3.27.1
  • db31c28 Update scripts and CI config
  • 1293612 Release 1.40.1
  • 6fa8352 Update changelog
  • efd1b72 Revert default Valgrind version update
  • 7d4cc08 Revert "Use --fair-sched=try instead of --fair-sched=yes"
  • 74847e5 Release 1.40.0
  • Additional commits viewable in compare view

Updates taiki-e/upload-rust-binary-action from 1.27.0 to 1.30.2

Release notes

Sourced from taiki-e/upload-rust-binary-action's releases.

1.30.2

  • Enhance security when dry-run is true.

1.30.1

  • Enhance security against supply chain attacks.

1.30.0

  • upload-rust-binary-action no longer requires token input. This action now uses ${{ github.token }} as the default token, like actions/checkout does.

  • Support trailing comma in bin, package, include, asset, and checksum input options.

  • Documentation improvements.

1.29.1

  • Fix missing default value for all-features causing build errors. (#114, thanks @​ftnfurina)

1.29.0

  • Add all-features and workspace input options. (#112)

  • Accept whitespace or comma separated list in package input option. (#112)

1.28.1

  • Avoid triggering zizmor ref-confusion when using this action in form of uses: taiki-e/upload-rust-binary-action@v1.

1.28.0

  • bin, checksum, include, and asset input options now support whitespace (space, tab, and line) or comma separated list. Previously, only comma-separated list was supported. (#111)

  • Enable release immutability.

Changelog

Sourced from taiki-e/upload-rust-binary-action's changelog.

Changelog

All notable changes to this project will be documented in this file.

This project adheres to Semantic Versioning.

[Unreleased]

[1.30.2] - 2026-04-17

  • Enhance security when dry-run is true.

[1.30.1] - 2026-04-17

  • Enhance security against supply chain attacks.

[1.30.0] - 2026-04-04

  • upload-rust-binary-action no longer requires token input. This action now uses ${{ github.token }} as the default token, like actions/checkout does.

  • Support trailing comma in bin, package, include, asset, and checksum input options.

  • Documentation improvements.

[1.29.1] - 2026-03-18

  • Fix missing default value for all-features causing build errors. (#114, thanks @​ftnfurina)

[1.29.0] - 2026-03-17

  • Add all-features and workspace input options. (#112)

  • Accept whitespace or comma separated list in package input option. (#112)

[1.28.1] - 2026-03-08

  • Avoid triggering zizmor ref-confusion when using this action in form of uses: taiki-e/upload-rust-binary-action@v1.

[1.28.0] - 2026-02-11

  • bin, checksum, include, and asset input options now support whitespace (space, tab, and line) or comma separated list. Previously, only comma-separated list was supported. (#111)

  • Enable release immutability.

[1.27.0] - 2025-06-14

... (truncated)

Commits

Updates actions/upload-artifact from 5 to 7

Release notes

Sourced from actions/upload-artifact's releases.

v7.0.0

v7 What's new

Direct Uploads

Adds support for uploading single files directly (unzipped). Callers can set the new archive parameter to false to skip zipping the file during upload. Right now, we only support single files. The action will fail if the glob passed resolves to multiple files. The name parameter is also ignored with this setting. Instead, the name of the artifact will be the name of the uploaded file.

ESM

To support new versions of the @actions/* packages, we've upgraded the package to ESM.

What's Changed

New Contributors

Full Changelog: actions/upload-artifact@v6...v7.0.0

v6.0.0

v6 - What's new

[!IMPORTANT] actions/upload-artifact@v6 now runs on Node.js 24 (runs.using: node24) and requires a minimum Actions Runner version of 2.327.1. If you are using self-hosted runners, ensure they are updated before upgrading.

Node.js 24

This release updates the runtime to Node.js 24. v5 had preliminary support for Node.js 24, however this action was by default still running on Node.js 20. Now this action by default will run on Node.js 24.

What's Changed

Full Changelog: actions/upload-artifact@v5.0.0...v6.0.0

Commits
  • 043fb46 Merge pull request #797 from actions/yacaovsnc/update-dependency
  • 634250c Include changes in typespec/ts-http-runtime 0.3.5
  • e454baa Readme: bump all the example versions to v7 (#796)
  • 74fad66 Update the readme with direct upload details (#795)
  • bbbca2d Support direct file uploads (#764)
  • 589182c Upgrade the module to ESM and bump dependencies (#762)
  • 47309c9 Merge pull request #754 from actions/Link-/add-proxy-integration-tests
  • 02a8460 Add proxy integration test
  • b7c566a Merge pull request #745 from actions/upload-artifact-v6-release
  • e516bc8 docs: correct description of Node.js 24 support in README
  • Additional commits viewable in compare view

Updates actions/create-github-app-token from 2.2.1 to 3.2.0

Release notes

Sourced from actions/create-github-app-token's releases.

v3.2.0

3.2.0 (2026-05-12)

Features

  • add support for enterprise-level GitHub Apps (#263) (952a2a7)
  • support full repository names in repositories input (#372) (85eb8dd)

Bug Fixes

  • deps: bump @​actions/core from 3.0.0 to 3.0.1 in the production-dependencies group (#364) (43e5c34)
  • validate private-key input (#376) (f24bbd8)

v3.1.1

3.1.1 (2026-04-11)

Bug Fixes

  • improve error message when app identifier is empty (#362) (07e2b76), closes #249

v3.1.0

3.1.0 (2026-04-11)

Bug Fixes

  • deps: bump p-retry from 7.1.1 to 8.0.0 (#357) (3bbe07d)

Features

v3.0.0

3.0.0 (2026-03-14)

Bug Fixes

... (truncated)

Changelog

Sourced from actions/create-github-app-token's changelog.

Changelog

3.2.0 (2026-05-12)

Features

  • add support for enterprise-level GitHub Apps (#263) (952a2a7)
  • support full repository names in repositories input (#372) (85eb8dd)

Bug Fixes

  • deps: bump @​actions/core from 3.0.0 to 3.0.1 in the production-dependencies group (#364) (43e5c34)
  • validate private-key input (#376) (f24bbd8)
Commits
  • bcd2ba4 chore(main): release 3.2.0 (#370)
  • f24bbd8 fix: validate private-key input (#376)
  • 363531b docs: capitalize Git as a proper noun in README (#374)
  • fd28011 docs: update procedure to configure Git (#287)
  • 85eb8dd feat: support full repository names in repositories input (#372)
  • c9aabb8 build(deps-dev): bump yaml from 2.8.3 to 2.8.4 in the development-dependencie...
  • e02e816 build(deps-dev): bump undici from 7.24.6 to 8.2.0 (#366)
  • 8d835bf build(deps-dev): bump esbuild from 0.27.4 to 0.28.0 in the development-depend...
  • 952a2a7 feat: add support for enterprise-level GitHub Apps (#263)
  • 43e5c34 fix(deps): bump @​actions/core from 3.0.0 to 3.0.1 in the production-dependenc...
  • Additional commits viewable in compare view

Updates MarcoIeni/release-plz-action from 0.5.120 to 0.5.129

Release notes

Sourced from MarcoIeni/release-plz-action's releases.

v0.5.129

What's Changed

... (truncated)

Commits
  • 064f4d1 chore(deps): update dependency obi1kenobi/cargo-semver-checks to v0.47 (#397)
  • 4f2dca0 fix cargo-semver-checks renovate update (#396)
  • 39f5787 Update to 0.3.158 (#395)
  • bb36e14 chore(deps): update dependency taiki-e/install-action to v2.77.4 (#394)
  • 3711471 chore(deps): update dependency taiki-e/install-action to v2.77.3 (#393)
  • b234371 chore(deps): update dependency taiki-e/install-action to v2.77.2 (#392)
  • 3427ba6 chore(deps): update dependency cargo-bins/cargo-binstall to v1.19.1 (#391)
  • 37e90aa chore(deps): update dependency taiki-e/install-action to v2.77.1 (#390)
  • eef2a46 chore(deps): update dependency taiki-e/install-action to v2.77.0 (#389)
  • eb60137 chore(deps): update dependency taiki-e/install-action to v2.76.0 (#388)
  • Additional commits viewable in compare view

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Mar 23, 2026
@dependabot dependabot Bot force-pushed the dependabot/github_actions/github-actions-414c55c95b branch from 0d493b2 to ee3f74c Compare April 27, 2026 04:45
@dependabot dependabot Bot force-pushed the dependabot/github_actions/github-actions-414c55c95b branch from ee3f74c to a6bc8f5 Compare May 4, 2026 04:48
@dependabot dependabot Bot force-pushed the dependabot/github_actions/github-actions-414c55c95b branch from a6bc8f5 to d5f3cac Compare May 11, 2026 04:54
@dependabot
ci: bump the github-actions group across 1 directory with 7 updates
b7c7ed3 
Bumps the github-actions group with 7 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [actions/checkout](https://github.com/actions/checkout) | `6.0.1` | `6.0.2` |
| [moonrepo/setup-rust](https://github.com/moonrepo/setup-rust) | `1.2.2` | `1.3.0` |
| [taiki-e/setup-cross-toolchain-action](https://github.com/taiki-e/setup-cross-toolchain-action) | `1.32.1` | `1.41.0` |
| [taiki-e/upload-rust-binary-action](https://github.com/taiki-e/upload-rust-binary-action) | `1.27.0` | `1.30.2` |
| [actions/upload-artifact](https://github.com/actions/upload-artifact) | `5` | `7` |
| [actions/create-github-app-token](https://github.com/actions/create-github-app-token) | `2.2.1` | `3.2.0` |
| [MarcoIeni/release-plz-action](https://github.com/marcoieni/release-plz-action) | `0.5.120` | `0.5.129` |



Updates `actions/checkout` from 6.0.1 to 6.0.2
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](actions/checkout@8e8c483...de0fac2)

Updates `moonrepo/setup-rust` from 1.2.2 to 1.3.0
- [Release notes](https://github.com/moonrepo/setup-rust/releases)
- [Changelog](https://github.com/moonrepo/setup-rust/blob/master/CHANGELOG.md)
- [Commits](moonrepo/setup-rust@ede6de0...abb2d32)

Updates `taiki-e/setup-cross-toolchain-action` from 1.32.1 to 1.41.0
- [Release notes](https://github.com/taiki-e/setup-cross-toolchain-action/releases)
- [Changelog](https://github.com/taiki-e/setup-cross-toolchain-action/blob/main/CHANGELOG.md)
- [Commits](taiki-e/setup-cross-toolchain-action@84e58a4...3d9770c)

Updates `taiki-e/upload-rust-binary-action` from 1.27.0 to 1.30.2
- [Release notes](https://github.com/taiki-e/upload-rust-binary-action/releases)
- [Changelog](https://github.com/taiki-e/upload-rust-binary-action/blob/main/CHANGELOG.md)
- [Commits](taiki-e/upload-rust-binary-action@3962470...f0d45ae)

Updates `actions/upload-artifact` from 5 to 7
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](actions/upload-artifact@v5...v7)

Updates `actions/create-github-app-token` from 2.2.1 to 3.2.0
- [Release notes](https://github.com/actions/create-github-app-token/releases)
- [Changelog](https://github.com/actions/create-github-app-token/blob/main/CHANGELOG.md)
- [Commits](actions/create-github-app-token@29824e6...bcd2ba4)

Updates `MarcoIeni/release-plz-action` from 0.5.120 to 0.5.129
- [Release notes](https://github.com/marcoieni/release-plz-action/releases)
- [Commits](release-plz/action@487eb7b...064f4d1)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-version: 6.0.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions
- dependency-name: actions/create-github-app-token
  dependency-version: 3.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions
- dependency-name: actions/upload-artifact
  dependency-version: '7'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions
- dependency-name: MarcoIeni/release-plz-action
  dependency-version: 0.5.128
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions
- dependency-name: moonrepo/setup-rust
  dependency-version: 1.3.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions
- dependency-name: taiki-e/setup-cross-toolchain-action
  dependency-version: 1.39.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions
- dependency-name: taiki-e/upload-rust-binary-action
  dependency-version: 1.29.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/github_actions/github-actions-414c55c95b branch from d5f3cac to b7c7ed3 Compare May 25, 2026 05:31
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants