Skip to content

Bump the all-github-actions group with 10 updates#2454

Open
dependabot[bot] wants to merge 1 commit into
devfrom
dependabot/github_actions/dev/all-github-actions-526e0e918f
Open

Bump the all-github-actions group with 10 updates#2454
dependabot[bot] wants to merge 1 commit into
devfrom
dependabot/github_actions/dev/all-github-actions-526e0e918f

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 1, 2026

Copy link
Copy Markdown
Contributor

Bumps the all-github-actions group with 10 updates:

Package From To
actions/checkout 4.2.2 7.0.0
actions/github-script 8.0.0 9.0.0
aws-actions/configure-aws-credentials 6.0.0 6.2.1
aws-actions/aws-codebuild-run-build 1.0.18 1.0.19
docker/setup-qemu-action 4.1.0 4.2.0
docker/build-push-action 7.2.0 7.3.0
tj-actions/changed-files 47.0.5 47.0.6
aws-actions/aws-secretsmanager-get-secrets 3.0.0 3.0.1
actions/setup-dotnet 5.1.0 5.4.0
github/codeql-action/upload-sarif 4.32.6 4.36.2

Updates actions/checkout from 4.2.2 to 7.0.0

Release notes

Sourced from actions/checkout's releases.

v7.0.0

What's Changed

New Contributors

Full Changelog: actions/checkout@v6.0.3...v7.0.0

v6.0.3

What's Changed

New Contributors

Full Changelog: actions/checkout@v6...v6.0.3

v6.0.2

What's Changed

Full Changelog: actions/checkout@v6.0.1...v6.0.2

v6.0.1

What's Changed

Full Changelog: actions/checkout@v6...v6.0.1

v6.0.0

What's Changed

... (truncated)

Changelog

Sourced from actions/checkout's changelog.

Changelog

v7.0.0

v6.0.3

v6.0.2

v6.0.1

v6.0.0

v5.0.1

v5.0.0

v4.3.1

v4.3.0

v4.2.2

v4.2.1

... (truncated)

Commits

Updates actions/github-script from 8.0.0 to 9.0.0

Release notes

Sourced from actions/github-script's releases.

v9.0.0

New features:

  • getOctokit factory function — Available directly in the script context. Create additional authenticated Octokit clients with different tokens for multi-token workflows, GitHub App tokens, and cross-org access. See Creating additional clients with getOctokit for details and examples.
  • Orchestration ID in user-agent — The ACTIONS_ORCHESTRATION_ID environment variable is automatically appended to the user-agent string for request tracing.

Breaking changes:

  • require('@actions/github') no longer works in scripts. The upgrade to @actions/github v9 (ESM-only) means require('@actions/github') will fail at runtime. If you previously used patterns like const { getOctokit } = require('@actions/github') to create secondary clients, use the new injected getOctokit function instead — it's available directly in the script context with no imports needed.
  • getOctokit is now an injected function parameter. Scripts that declare const getOctokit = ... or let getOctokit = ... will get a SyntaxError because JavaScript does not allow const/let redeclaration of function parameters. Use the injected getOctokit directly, or use var getOctokit = ... if you need to redeclare it.
  • If your script accesses other @actions/github internals beyond the standard github/octokit client, you may need to update those references for v9 compatibility.

What's Changed

New Contributors

Full Changelog: actions/github-script@v8.0.0...v9.0.0

Commits
  • 3a2844b Merge pull request #700 from actions/salmanmkc/expose-getoctokit + prepare re...
  • ca10bbd fix: use @​octokit/core/types import for v7 compatibility
  • 86e48e2 merge: incorporate main branch changes
  • c108472 chore: rebuild dist for v9 upgrade and getOctokit factory
  • afff112 Merge pull request #712 from actions/salmanmkc/deployment-false + fix user-ag...
  • ff8117e ci: fix user-agent test to handle orchestration ID
  • 81c6b78 ci: use deployment: false to suppress deployment noise from integration tests
  • 3953caf docs: update README examples from @​v8 to @​v9, add getOctokit docs and v9 brea...
  • c17d55b ci: add getOctokit integration test job
  • a047196 test: add getOctokit integration tests via callAsyncFunction
  • Additional commits viewable in compare view

Updates aws-actions/configure-aws-credentials from 6.0.0 to 6.2.1

Release notes

Sourced from aws-actions/configure-aws-credentials's releases.

v6.2.1

6.2.1 (2026-06-26)

Bug Fixes

  • enforce allowed-account-ids on all auth paths (#1847) (4d281fb)

v6.2.0

6.2.0 (2026-06-01)

Features

Bug Fixes

  • skip credential check on output-env-credentials: false (#1778) (58e7c47)
  • assumeRole failing from session tag size too large (#1808) (d6f5dc3)

v6.1.3

6.1.3 (2026-05-27)

Bug Fixes

v6.1.2

6.1.2 (2026-05-26)

Bug Fixes

v6.1.1

What's Changed

... (truncated)

Changelog

Sourced from aws-actions/configure-aws-credentials's changelog.

Changelog

All notable changes to this project will be documented in this file. See standard-version for commit guidelines.

6.2.1 (2026-06-26)

Bug Fixes

  • enforce allowed-account-ids on all auth paths (#1847) (4d281fb)

6.2.0 (2026-06-01)

Features

Bug Fixes

  • skip credential check on output-env-credentials: false (#1778) (58e7c47)
  • assumeRole failing from session tag size too large (#1808) (d6f5dc3)

6.1.3 (2026-05-28)

Bug Fixes

  • fix: allow kubelet token symlink in #1805

6.1.2 (2026-05-26)

Bug Fixes

6.1.1 (2026-05-05)

Miscellaneous Chores

  • various dependency updates

6.1.0 (2026-04-06)

Features

... (truncated)

Commits
  • 254c19b chore(main): release 6.2.1 (#1849)
  • a20cf82 chore: Update dist
  • 4d281fb fix: enforce allowed-account-ids on all auth paths (#1847)
  • e004cdc chore(deps-dev): bump @​smithy/property-provider from 4.4.0 to 4.4.2 (#1845)
  • 88aa369 chore: Update dist
  • 687331b chore(deps): bump @​aws-sdk/client-sts from 3.1069.0 to 3.1075.0 (#1841)
  • ea607be chore: Update dist
  • 6d13606 chore(deps): bump @​smithy/node-http-handler from 4.8.0 to 4.8.2 (#1842)
  • 71a32ae chore: Update dist
  • b290f2c chore(deps-dev): bump @​aws-sdk/credential-provider-env (#1844)
  • Additional commits viewable in compare view

Updates aws-actions/aws-codebuild-run-build from 1.0.18 to 1.0.19

Release notes

Sourced from aws-actions/aws-codebuild-run-build's releases.

v1.0.19

What's Changed

New Contributors

Full Changelog: aws-actions/aws-codebuild-run-build@v1.0.18...v1.0.19

Commits
  • 7e46c3f Automatic compilation
  • e3bc6b5 Merge pull request #184 from scottschreckengaust/node24
  • e7345b5 style: format files based on npm run lint
  • 947df8b fix(upgrade): upate node version from 20 to 24
  • d8279f3 Merge pull request #182 from ranjan-mohanty/scopedown-token
  • 4864fde ci: scope down permissions for publish.yaml
  • d72652c Merge pull request #181 from ahmedwalid05/patch-1
  • c46e970 Use Github NPM registry for NPX command
  • fb90f82 Merge pull request #178 from theboyisno-one/main
  • 47ffde2 document workaround for npm 404 error on local
  • See full diff in compare view

Updates docker/setup-qemu-action from 4.1.0 to 4.2.0

Release notes

Sourced from docker/setup-qemu-action's releases.

v4.2.0

Full Changelog: docker/setup-qemu-action@v4.1.0...v4.2.0

Commits
  • 96fe6ef Merge pull request #315 from docker/dependabot/npm_and_yarn/docker/actions-to...
  • 31f08d3 [dependabot skip] chore: update generated content
  • 4e7017a build(deps): bump @​docker/actions-toolkit from 0.91.0 to 0.92.0
  • 0eca235 Merge pull request #314 from crazy-max/fix-yarn-preapprove-actions-toolkit
  • ea66a41 chore: allow actions-toolkit to bypass yarn age gate
  • 451542b Merge pull request #308 from docker/dependabot/npm_and_yarn/undici-6.27.0
  • 532ae00 [dependabot skip] chore: update generated content
  • b6f5af6 build(deps): bump undici from 6.26.0 to 6.27.0
  • cf96b86 Merge pull request #304 from docker/dependabot/npm_and_yarn/tmp-0.2.7
  • f0ba643 [dependabot skip] chore: update generated content
  • Additional commits viewable in compare view

Updates docker/build-push-action from 7.2.0 to 7.3.0

Release notes

Sourced from docker/build-push-action's releases.

v7.3.0

Full Changelog: docker/build-push-action@v7.2.0...v7.3.0

Commits
  • 53b7df9 Merge pull request #1572 from docker/dependabot/npm_and_yarn/docker/actions-t...
  • 154298c [dependabot skip] chore: update generated content
  • cb1238b chore(deps): Bump @​docker/actions-toolkit from 0.91.0 to 0.92.0
  • 24f845d Merge pull request #1566 from docker/dependabot/npm_and_yarn/js-yaml-4.2.0
  • 9c69730 [dependabot skip] chore: update generated content
  • bc3a3a5 Merge pull request #1574 from docker/dependabot/github_actions/aws-actions/co...
  • a82c504 chore(deps): Bump js-yaml from 4.1.1 to 4.3.0
  • 0285a75 Merge pull request #1573 from docker/dependabot/github_actions/actions/cache-...
  • c6ad2a3 Merge pull request #1575 from docker/dependabot/github_actions/actions/checko...
  • d37484f Merge pull request #1564 from docker/dependabot/npm_and_yarn/undici-6.27.0
  • Additional commits viewable in compare view

Updates tj-actions/changed-files from 47.0.5 to 47.0.6

Release notes

Sourced from tj-actions/changed-files's releases.

v47.0.6

What's Changed

Full Changelog: tj-actions/changed-files@v47.0.5...v47.0.6

Changelog

Sourced from tj-actions/changed-files's changelog.

Changelog

47.0.6 - (2026-04-18)

🔄 Update

  • Updated README.md (#2817)

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@​users.noreply.github.com> Co-authored-by: Tonye Jack jtonye@ymail.com (c23d52b) - (github-actions[bot])

⚙️ Miscellaneous Tasks

  • deps: Bump lodash from 4.17.23 to 4.18.1 (#2837) (9426d40) - (dependabot[bot])
  • deps: Bump peter-evans/create-pull-request from 8.1.0 to 8.1.1 (#2843) (32de080) - (dependabot[bot])
  • deps: Bump actions/upload-artifact from 7.0.0 to 7.0.1 (#2844) (2487d12) - (dependabot[bot])
  • deps-dev: Bump @​types/node from 25.5.0 to 25.6.0 (#2846) (cef85a3) - (dependabot[bot])
  • deps-dev: Bump prettier from 3.8.1 to 3.8.3 (#2848) (7b082de) - (dependabot[bot])
  • deps: Bump github/codeql-action from 4.35.1 to 4.35.2 (#2849) (07224ca) - (dependabot[bot])
  • deps-dev: Bump jest from 30.2.0 to 30.3.0 (#2822) (2bb1357) - (dependabot[bot])
  • deps: Bump nrwl/nx-set-shas from 4.4.0 to 5.0.1 (#2829) (cc98117) - (dependabot[bot])
  • deps: Bump yaml from 2.8.2 to 2.8.3 (#2830) (786e421) - (dependabot[bot])
  • deps-dev: Bump eslint-plugin-jest from 29.15.0 to 29.15.1 (#2831) (726b41b) - (dependabot[bot])
  • deps: Bump github/codeql-action from 4.32.6 to 4.35.1 (#2834) (2c3585e) - (dependabot[bot])
  • deps: Bump actions/download-artifact from 8.0.0 to 8.0.1 (#2824) (3d37a7f) - (dependabot[bot])
  • deps-dev: Bump @​types/node from 25.3.5 to 25.5.0 (#2825) (445b0eb) - (dependabot[bot])
  • deps: Bump github/codeql-action from 4.32.5 to 4.32.6 (#2819) (4f892cd) - (dependabot[bot])
  • deps-dev: Bump @​types/node from 25.3.3 to 25.3.5 (#2820) (6118651) - (dependabot[bot])
  • deps: Bump actions/setup-node from 6.2.0 to 6.3.0 (#2818) (e517d7a) - (dependabot[bot])

⬆️ Upgrades

  • Upgraded to v47.0.5 (#2816)

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@​users.noreply.github.com> Co-authored-by: Tonye Jack jtonye@ymail.com (4750530) - (github-actions[bot])

47.0.5 - (2026-03-03)

🔄 Update

  • Updated README.md (#2805)

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@​users.noreply.github.com> (35dace0) - (github-actions[bot])

  • Updated README.md (#2803)

Co-authored-by: github-actions[bot] <41898282+github-actions[bot]@​users.noreply.github.com> Co-authored-by: Tonye Jack jtonye@ymail.com (9ee99eb) - (github-actions[bot])

⚙️ Miscellaneous Tasks

... (truncated)

Commits
  • 9426d40 chore(deps): bump lodash from 4.17.23 to 4.18.1 (#2837)
  • 32de080 chore(deps): bump peter-evans/create-pull-request from 8.1.0 to 8.1.1 (#2843)
  • 2487d12 chore(deps): bump actions/upload-artifact from 7.0.0 to 7.0.1 (#2844)
  • cef85a3 chore(deps-dev): bump @​types/node from 25.5.0 to 25.6.0 (#2846)
  • 7b082de chore(deps-dev): bump prettier from 3.8.1 to 3.8.3 (#2848)
  • 07224ca chore(deps): bump github/codeql-action from 4.35.1 to 4.35.2 (#2849)
  • 2bb1357 chore(deps-dev): bump jest from 30.2.0 to 30.3.0 (#2822)

Bumps the all-github-actions group with 10 updates:

| Package | From | To |
| --- | --- | --- |
| [actions/checkout](https://github.com/actions/checkout) | `4.2.2` | `7.0.0` |
| [actions/github-script](https://github.com/actions/github-script) | `8.0.0` | `9.0.0` |
| [aws-actions/configure-aws-credentials](https://github.com/aws-actions/configure-aws-credentials) | `6.0.0` | `6.2.1` |
| [aws-actions/aws-codebuild-run-build](https://github.com/aws-actions/aws-codebuild-run-build) | `1.0.18` | `1.0.19` |
| [docker/setup-qemu-action](https://github.com/docker/setup-qemu-action) | `4.1.0` | `4.2.0` |
| [docker/build-push-action](https://github.com/docker/build-push-action) | `7.2.0` | `7.3.0` |
| [tj-actions/changed-files](https://github.com/tj-actions/changed-files) | `47.0.5` | `47.0.6` |
| [aws-actions/aws-secretsmanager-get-secrets](https://github.com/aws-actions/aws-secretsmanager-get-secrets) | `3.0.0` | `3.0.1` |
| [actions/setup-dotnet](https://github.com/actions/setup-dotnet) | `5.1.0` | `5.4.0` |
| [github/codeql-action/upload-sarif](https://github.com/github/codeql-action) | `4.32.6` | `4.36.2` |


Updates `actions/checkout` from 4.2.2 to 7.0.0
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](actions/checkout@v4.2.2...9c091bb)

Updates `actions/github-script` from 8.0.0 to 9.0.0
- [Release notes](https://github.com/actions/github-script/releases)
- [Commits](actions/github-script@ed59741...3a2844b)

Updates `aws-actions/configure-aws-credentials` from 6.0.0 to 6.2.1
- [Release notes](https://github.com/aws-actions/configure-aws-credentials/releases)
- [Changelog](https://github.com/aws-actions/configure-aws-credentials/blob/main/CHANGELOG.md)
- [Commits](aws-actions/configure-aws-credentials@8df5847...254c19b)

Updates `aws-actions/aws-codebuild-run-build` from 1.0.18 to 1.0.19
- [Release notes](https://github.com/aws-actions/aws-codebuild-run-build/releases)
- [Commits](aws-actions/aws-codebuild-run-build@4d15a47...7e46c3f)

Updates `docker/setup-qemu-action` from 4.1.0 to 4.2.0
- [Release notes](https://github.com/docker/setup-qemu-action/releases)
- [Commits](docker/setup-qemu-action@0611638...96fe6ef)

Updates `docker/build-push-action` from 7.2.0 to 7.3.0
- [Release notes](https://github.com/docker/build-push-action/releases)
- [Commits](docker/build-push-action@f9f3042...53b7df9)

Updates `tj-actions/changed-files` from 47.0.5 to 47.0.6
- [Release notes](https://github.com/tj-actions/changed-files/releases)
- [Changelog](https://github.com/tj-actions/changed-files/blob/main/HISTORY.md)
- [Commits](tj-actions/changed-files@22103cc...9426d40)

Updates `aws-actions/aws-secretsmanager-get-secrets` from 3.0.0 to 3.0.1
- [Release notes](https://github.com/aws-actions/aws-secretsmanager-get-secrets/releases)
- [Commits](aws-actions/aws-secretsmanager-get-secrets@3a411b6...2cb1a46)

Updates `actions/setup-dotnet` from 5.1.0 to 5.4.0
- [Release notes](https://github.com/actions/setup-dotnet/releases)
- [Commits](actions/setup-dotnet@v5.1.0...26b0ec1)

Updates `github/codeql-action/upload-sarif` from 4.32.6 to 4.36.2
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](github/codeql-action@0d579ff...8aad20d)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-version: 7.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: all-github-actions
- dependency-name: actions/github-script
  dependency-version: 9.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: all-github-actions
- dependency-name: aws-actions/configure-aws-credentials
  dependency-version: 6.2.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all-github-actions
- dependency-name: aws-actions/aws-codebuild-run-build
  dependency-version: 1.0.19
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all-github-actions
- dependency-name: docker/setup-qemu-action
  dependency-version: 4.2.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all-github-actions
- dependency-name: docker/build-push-action
  dependency-version: 7.3.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all-github-actions
- dependency-name: tj-actions/changed-files
  dependency-version: 47.0.6
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all-github-actions
- dependency-name: aws-actions/aws-secretsmanager-get-secrets
  dependency-version: 3.0.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: all-github-actions
- dependency-name: actions/setup-dotnet
  dependency-version: 5.4.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all-github-actions
- dependency-name: github/codeql-action/upload-sarif
  dependency-version: 4.36.2
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: all-github-actions
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added the Release Not Needed Add this label if a PR does not need to be released. label Jul 1, 2026
@dependabot dependabot Bot requested review from a team as code owners July 1, 2026 20:21
@dependabot dependabot Bot requested review from GarrettBeatty and normj July 1, 2026 20:21
@dependabot dependabot Bot added the Release Not Needed Add this label if a PR does not need to be released. label Jul 1, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

Release Not Needed Add this label if a PR does not need to be released.

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants