Skip to content

⬆ Bump the github-actions group across 1 directory with 10 updates#30

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/github_actions/github-actions-795404db1a
Open

⬆ Bump the github-actions group across 1 directory with 10 updates#30
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/github_actions/github-actions-795404db1a

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 4, 2026

Copy link
Copy Markdown
Contributor

Bumps the github-actions group with 10 updates in the / directory:

Package From To
actions/checkout 6.0.2 7.0.0
eps1lon/actions-label-merge-conflict 3.0.3 3.1.0
tiangolo/issue-manager 0.6.0 0.8.0
actions/labeler 6.0.1 6.1.0
tiangolo/latest-changes 0.4.1 0.6.0
actions/setup-python 6.2.0 6.3.0
mxschmitt/action-tmate 3.23 3.24
astral-sh/setup-uv 8.1.0 8.2.0
actions/upload-artifact 7.0.0 7.0.1
zizmorcore/zizmor-action 0.5.3 0.5.7

Updates actions/checkout from 6.0.2 to 7.0.0

Release notes

Sourced from actions/checkout's releases.

v7.0.0

What's Changed

New Contributors

Full Changelog: actions/checkout@v6.0.3...v7.0.0

v6.0.3

What's Changed

New Contributors

Full Changelog: actions/checkout@v6...v6.0.3

Changelog

Sourced from actions/checkout's changelog.

Changelog

v7.0.0

v6.0.3

v6.0.2

v6.0.1

v6.0.0

v5.0.1

v5.0.0

v4.3.1

v4.3.0

v4.2.2

v4.2.1

... (truncated)

Commits

Updates eps1lon/actions-label-merge-conflict from 3.0.3 to 3.1.0

Release notes

Sourced from eps1lon/actions-label-merge-conflict's releases.

v3.1.0

What's Changed

New Contributors

Full Changelog: eps1lon/actions-label-merge-conflict@v3.0.3...v3.1.0

Changelog

Sourced from eps1lon/actions-label-merge-conflict's changelog.

Changelog

3.1.0

  • Update Node.js to 24 (#152)

3.0.3

  • Ensure outputs is populated (#136)

3.0.2

  • Handle error when label is not available (part 2) (#126)

3.0.1

  • Handle error when label is not available (#123)

3.0.0

  • Update to node20 (#115)

2.1.0

2.0.1

2.0.0

  • Only update PRs based off of the branch in the push event Previously we checked every open PR. Since a push to a branch can only create merge conflicts with that branch we can limit the set of checked PRs. This should help repositories with lots of PRs targetting different branches with rate limiting.
  • Only leave comments if the dirtyLabel was added or removed

1.4.0

  • Allow warning only if secrets aren't available (#22 by @​baywet)
  • Remove requirement for removeOnDirtyLabel (#21 by @​baywet)

1.3.0

Commits

Updates tiangolo/issue-manager from 0.6.0 to 0.8.0

Release notes

Sourced from tiangolo/issue-manager's releases.

0.8.0

Refactors

  • ♻️ Refactor main Dockerfile to contain all logic, cache by uv. PR #62 by @​tiangolo.

Internal

0.7.1

Fixes

Internal

0.7.0

Features

  • ✨ Add default labels answered, waiting, invalid, maybe-ai. PR #56 by @​tiangolo.

Docs

Internal

Changelog

Sourced from tiangolo/issue-manager's changelog.

Release Notes

Latest Changes

0.8.1 (2026-07-03)

Internal

0.8.0 (2026-06-24)

Refactors

  • ♻️ Refactor main Dockerfile to contain all logic, cache by uv. PR #62 by @​tiangolo.

Internal

0.7.1

Fixes

Internal

0.7.0

Features

  • ✨ Add default labels answered, waiting, invalid, maybe-ai. PR #56 by @​tiangolo.

Docs

Internal

... (truncated)

Commits
  • 48bacd8 🔖 Release version 0.8.0 (#66)
  • 2f4681c 📝 Update release notes
  • 82e5268 ⬆ Bump actions/checkout from 6.0.3 to 7.0.0 in the github-actions group (#61)
  • 99e80ec 📝 Update release notes
  • a86623f 👷 Add CI to automate release process (#65)
  • dccb880 📝 Update release notes
  • f0c6613 📝 Refactor release notes, move to its own file (#64)
  • fd6332f 📝 Update release notes
  • 48066a6 ♻️ Refactor main Dockerfile to contain all logic, cache by uv (#62)
  • f7f8417 📝 Update release notes
  • Additional commits viewable in compare view

Updates actions/labeler from 6.0.1 to 6.1.0

Release notes

Sourced from actions/labeler's releases.

v6.1.0

Enhancements

  • Add changed-files-labels-limit and max-files-changed configuration options to cap the number of labels added by @​bluca in actions/labeler#923

Bug Fixes

Dependency Updates

New Contributors

Full Changelog: actions/labeler@v6...v6.1.0

Commits
  • f27b608 chore: upgrade dependencies (@​actions/core, @​actions/github, js-yaml, minimat...
  • c5dadc2 Add 'changed-files-labels-limit' and 'max-files-changed' configs to allow cap...
  • e52e4fb Bump minimatch from 10.0.1 to 10.2.3 (#926)
  • 77a4082 Fix: Preserve manually added labels during workflow run and refine label sync...
  • 25abb3c Improve Labeler Action Documentation and Error Handling for Permissions (#897)
  • 395c8cf Bump brace-expansion from 1.1.11 to 1.1.12 and document breaking changes in v...
  • See full diff in compare view

Updates tiangolo/latest-changes from 0.4.1 to 0.6.0

Release notes

Sourced from tiangolo/latest-changes's releases.

0.6.0

Features

  • ✨ Add support for skip labels, useful for making a PR with the actual release. PR #96 by @​tiangolo.

Refactors

  • ♻️ Refactor main Dockerfile to contain all logic, cache by uv. PR #113 by @​tiangolo.

Docs

Internal

0.5.0

Features

  • ✨ Add support for skipping release PRs with skip_labels, with release skipped by default.

Refactors

Docs

Changelog

Sourced from tiangolo/latest-changes's changelog.

Release Notes

Latest Changes

Internal

0.6.1 (2026-07-03)

Fixes

Internal

0.6.0 (2026-06-24)

Features

  • ✨ Add support for skip labels, useful for making a PR with the actual release. PR #96 by @​tiangolo.

Refactors

  • ♻️ Refactor main Dockerfile to contain all logic, cache by uv. PR #113 by @​tiangolo.

Docs

Internal

... (truncated)

Commits

Updates actions/setup-python from 6.2.0 to 6.3.0

Release notes

Sourced from actions/setup-python's releases.

v6.3.0

What's Changed

Enhancement

Dependency update

Documentation

New Contributors

Full Changelog: actions/setup-python@v6...v6.3.0

Commits

Updates mxschmitt/action-tmate from 3.23 to 3.24

Release notes

Sourced from mxschmitt/action-tmate's releases.

v3.24

What's Changed

New Contributors

Full Changelog: mxschmitt/action-tmate@v3.23...v3.24

Commits
  • 35b54af Update Node.js runtime from 20 to 24 (#242)
  • ebce6f7 chore(deps-dev): bump @​babel/plugin-transform-modules-systemjs (#240)
  • bc851d8 chore(deps-dev): bump picomatch from 2.3.1 to 2.3.2 (#238)
  • 6c825b1 chore(deps): bump minimatch from 3.1.2 to 3.1.5 (#237)
  • 10570f9 Merge pull request #236 from mxschmitt/dependabot/npm_and_yarn/js-yaml-3.14.2
  • 7b3d87e chore(deps): bump js-yaml from 3.14.1 to 3.14.2
  • See full diff in compare view

Updates astral-sh/setup-uv from 8.1.0 to 8.2.0

Release notes

Sourced from astral-sh/setup-uv's releases.

v8.2.0 🌈 New inputs quiet and download-from-astral-mirror

Changes

This release brings two new inputs and a few bug fixes.

New inputs

Lets talk about the new inputs first.

quiet

Pretty simple. It turns of all info loggings. Useful if you use this in a composite action and are not interested in all the details. In the upcoming releases we will add log groups to fully implement support for "less noise"

[!NOTE]
Warnings and errors are always logged.

download-from-astral-mirror

In some cases you may want to directly use the fallback of checking for available versions and downloading releases from GitHub instead of using the astral.sh mirror. Setting download-from-astral-mirror: false allows you to do that.

Bugfixes

When using the astral.sh mirror to query available versions and download releases (done by default) we now stop sending the GitHub token in the header. The mirror never looked at it but we shouldn't be handing out that data even if it is just a short lived token. All other bugfixes try to limit the impact of failed GitHub queries due to retries and other faults.

We couldn't pinpoint all rootcauses yet but added more logging for error cases to track them down.

🐛 Bug fixes

🚀 Enhancements

🧰 Maintenance

... (truncated)

Commits
  • fac544c chore(deps): roll up dependabot updates (#903)
  • 7390f77 docs: update dependabot rollup biome guidance (#902)
  • 363c64a chore(deps): roll up dependabot updates (#901)
  • c4fcbaf chore(deps): bump release-drafter/release-drafter from 7.3.0 to 7.3.1 (#900)
  • 8e642c5 chore: update known checksums for 0.11.18 (#899)
  • a92cb43 Add quiet input to suppress info-level log output (#898)
  • e07f2ac chore(deps): bump eifinger/actionlint-action from 1.10.1 to 1.10.2 (#842)
  • bc4034e chore(deps): bump github/codeql-action from 4.35.4 to 4.36.0 (#893)
  • df42d4f chore(deps): bump zizmorcore/zizmor-action from 0.5.5 to 0.5.6 (#891)
  • b9c8c4c feat: add download-from-astral-mirror input (#897)
  • Additional commits viewable in compare view

Updates actions/upload-artifact from 7.0.0 to 7.0.1

Release notes

Sourced from actions/upload-artifact's releases.

v7.0.1

What's Changed

  • Update the readme with direct upload details by

Bumps the github-actions group with 10 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [actions/checkout](https://github.com/actions/checkout) | `6.0.2` | `7.0.0` |
| [eps1lon/actions-label-merge-conflict](https://github.com/eps1lon/actions-label-merge-conflict) | `3.0.3` | `3.1.0` |
| [tiangolo/issue-manager](https://github.com/tiangolo/issue-manager) | `0.6.0` | `0.8.0` |
| [actions/labeler](https://github.com/actions/labeler) | `6.0.1` | `6.1.0` |
| [tiangolo/latest-changes](https://github.com/tiangolo/latest-changes) | `0.4.1` | `0.6.0` |
| [actions/setup-python](https://github.com/actions/setup-python) | `6.2.0` | `6.3.0` |
| [mxschmitt/action-tmate](https://github.com/mxschmitt/action-tmate) | `3.23` | `3.24` |
| [astral-sh/setup-uv](https://github.com/astral-sh/setup-uv) | `8.1.0` | `8.2.0` |
| [actions/upload-artifact](https://github.com/actions/upload-artifact) | `7.0.0` | `7.0.1` |
| [zizmorcore/zizmor-action](https://github.com/zizmorcore/zizmor-action) | `0.5.3` | `0.5.7` |



Updates `actions/checkout` from 6.0.2 to 7.0.0
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](actions/checkout@de0fac2...9c091bb)

Updates `eps1lon/actions-label-merge-conflict` from 3.0.3 to 3.1.0
- [Release notes](https://github.com/eps1lon/actions-label-merge-conflict/releases)
- [Changelog](https://github.com/eps1lon/actions-label-merge-conflict/blob/main/CHANGELOG.md)
- [Commits](eps1lon/actions-label-merge-conflict@1df065e...0273be7)

Updates `tiangolo/issue-manager` from 0.6.0 to 0.8.0
- [Release notes](https://github.com/tiangolo/issue-manager/releases)
- [Changelog](https://github.com/tiangolo/issue-manager/blob/master/release-notes.md)
- [Commits](tiangolo/issue-manager@2fb3484...48bacd8)

Updates `actions/labeler` from 6.0.1 to 6.1.0
- [Release notes](https://github.com/actions/labeler/releases)
- [Commits](actions/labeler@634933e...f27b608)

Updates `tiangolo/latest-changes` from 0.4.1 to 0.6.0
- [Release notes](https://github.com/tiangolo/latest-changes/releases)
- [Changelog](https://github.com/tiangolo/latest-changes/blob/main/release-notes.md)
- [Commits](tiangolo/latest-changes@c9d329c...43f19d6)

Updates `actions/setup-python` from 6.2.0 to 6.3.0
- [Release notes](https://github.com/actions/setup-python/releases)
- [Commits](actions/setup-python@a309ff8...ece7cb0)

Updates `mxschmitt/action-tmate` from 3.23 to 3.24
- [Release notes](https://github.com/mxschmitt/action-tmate/releases)
- [Changelog](https://github.com/mxschmitt/action-tmate/blob/master/RELEASE.md)
- [Commits](mxschmitt/action-tmate@c0afd6f...35b54af)

Updates `astral-sh/setup-uv` from 8.1.0 to 8.2.0
- [Release notes](https://github.com/astral-sh/setup-uv/releases)
- [Commits](astral-sh/setup-uv@0880764...fac544c)

Updates `actions/upload-artifact` from 7.0.0 to 7.0.1
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](actions/upload-artifact@bbbca2d...043fb46)

Updates `zizmorcore/zizmor-action` from 0.5.3 to 0.5.7
- [Release notes](https://github.com/zizmorcore/zizmor-action/releases)
- [Commits](zizmorcore/zizmor-action@b1d7e1f...192e21d)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-version: 7.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions
- dependency-name: eps1lon/actions-label-merge-conflict
  dependency-version: 3.1.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions
- dependency-name: tiangolo/issue-manager
  dependency-version: 0.8.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions
- dependency-name: actions/labeler
  dependency-version: 6.1.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions
- dependency-name: tiangolo/latest-changes
  dependency-version: 0.6.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions
- dependency-name: actions/setup-python
  dependency-version: 6.3.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions
- dependency-name: mxschmitt/action-tmate
  dependency-version: '3.24'
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions
- dependency-name: astral-sh/setup-uv
  dependency-version: 8.2.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions
- dependency-name: actions/upload-artifact
  dependency-version: 7.0.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions
- dependency-name: zizmorcore/zizmor-action
  dependency-version: 0.5.7
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file internal labels Jul 4, 2026
@dependabot @github

dependabot Bot commented on behalf of github Jul 4, 2026

Copy link
Copy Markdown
Contributor Author

Labels

The following labels could not be found: github_actions. Please create it before Dependabot can add it to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

@dependabot dependabot Bot added the dependencies Pull requests that update a dependency file label Jul 4, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file internal

Development

Successfully merging this pull request may close these issues.

0 participants