Skip to content

chore(deps): bump the all group across 1 directory with 2 updates#1807

Open
dependabot[bot] wants to merge 1 commit into
release-v0.20.xfrom
dependabot/github_actions/release-v0.20.x/all-0a511eb020
Open

chore(deps): bump the all group across 1 directory with 2 updates#1807
dependabot[bot] wants to merge 1 commit into
release-v0.20.xfrom
dependabot/github_actions/release-v0.20.x/all-0a511eb020

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 18, 2026

Copy link
Copy Markdown
Contributor

Bumps the all group with 2 updates in the / directory: golangci/golangci-lint-action and sigstore/scaffolding/actions/setup.

Updates golangci/golangci-lint-action from 9.2.0 to 9.2.1

Release notes

Sourced from golangci/golangci-lint-action's releases.

v9.2.1

What's Changed

IMPORTANT: this is the first immutable release.

Changes

Dependencies

Full Changelog: golangci/golangci-lint-action@v9.2.0...v9.2.1

Commits
  • 82606bf chore: prepare release v9.2.1
  • 97c8387 chore: improve workflows (#1394)
  • 28d0a19 build(deps): bump the dependencies group across 1 directory with 2 updates
  • 633fbc7 build(deps): bump github/codeql-action from 4.35.3 to 4.35.4 (#1391)
  • 59f43e2 build(deps): bump github/codeql-action from 4.35.2 to 4.35.3 (#1389)
  • 9eb174e build(deps): bump fast-xml-builder from 1.1.5 to 1.2.0 (#1386)
  • 4f52504 build(deps): bump github/codeql-action from 4 to 4.35.2 (#1384)
  • 6f87dfd docs: update examples
  • c9500d7 chore: improve workflows
  • 03b1faa chore: improve issue templates
  • Additional commits viewable in compare view

Updates sigstore/scaffolding/actions/setup from 039e0ece31c5fc9fe0466d2f7b289ed643b88fdb to fb8d1817d2571303daf88f49d3a23daeb7474e84

Changelog

Sourced from sigstore/scaffolding/actions/setup's changelog.

Scaffolding Release Process

Prerequisites

You should be part of the scaffolding-codeowners or sigstore-oncall groups, which are defined within the community repo.

Steps

Sync tags

Ensure that sure your local branch is up-to-date from the upstream:

git pull upstream main --tags

Pick a new version number

The scaffolding repo uses semver. Your first step is to determine the latest tag used.

List the latest tags in date order:

git tag | tail

Example output:

...
v0.0.0
v0.1.0

Show a list of changes since the latest version (v0.1.0):

git log v0.1.0..

If the commits include a new feature or breaking change, bump the minor version. If it only includes bug fixes, bump the patch version.

Tagging

Once you have a version number in mind, tag it locally:

git tag -a v0.2.0 -m v0.2.0

... (truncated)

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the all group with 2 updates in the / directory: [golangci/golangci-lint-action](https://github.com/golangci/golangci-lint-action) and [sigstore/scaffolding/actions/setup](https://github.com/sigstore/scaffolding).


Updates `golangci/golangci-lint-action` from 9.2.0 to 9.2.1
- [Release notes](https://github.com/golangci/golangci-lint-action/releases)
- [Commits](golangci/golangci-lint-action@1e7e51e...82606bf)

Updates `sigstore/scaffolding/actions/setup` from 039e0ece31c5fc9fe0466d2f7b289ed643b88fdb to fb8d1817d2571303daf88f49d3a23daeb7474e84
- [Release notes](https://github.com/sigstore/scaffolding/releases)
- [Changelog](https://github.com/sigstore/scaffolding/blob/main/release.md)
- [Commits](sigstore/scaffolding@039e0ec...fb8d181)

---
updated-dependencies:
- dependency-name: golangci/golangci-lint-action
  dependency-version: 9.2.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all
- dependency-name: sigstore/scaffolding/actions/setup
  dependency-version: fb8d1817d2571303daf88f49d3a23daeb7474e84
  dependency-type: direct:production
  dependency-group: all
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Used by dependabot - identifies all PRs created by dependabot kind/misc Categorizes issue or PR as a miscellaneuous one. ok-to-test Indicates a non-member PR verified by an org member that is safe to test. release-note-none Denotes a PR that doesnt merit a release note. labels Jul 18, 2026
@tekton-robot

Copy link
Copy Markdown

[APPROVALNOTIFIER] This PR is NOT APPROVED

This pull-request has been approved by:
To complete the pull request process, please assign chitrangpatel after the PR has been reviewed.
You can assign the PR to them by writing /assign @chitrangpatel in a comment when ready.

The full list of commands accepted by this bot can be found here.

Details Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@tekton-robot tekton-robot added the size/XS Denotes a PR that changes 0-9 lines, ignoring generated files. label Jul 18, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Used by dependabot - identifies all PRs created by dependabot kind/misc Categorizes issue or PR as a miscellaneuous one. ok-to-test Indicates a non-member PR verified by an org member that is safe to test. release-note-none Denotes a PR that doesnt merit a release note. size/XS Denotes a PR that changes 0-9 lines, ignoring generated files.

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant