Bump the development-dependencies group across 1 directory with 11 updates #23

dependabot · 2025-11-28T01:06:20Z

Bumps the development-dependencies group with 11 updates in the / directory:

Package	From	To
actions/checkout	`5.0.0`	`6.0.0`
github/codeql-action	`4.31.3`	`4.31.5`
github/contributors	`1.7.5`	`1.7.6`
peter-evans/create-pull-request	`7.0.8`	`7.0.9`
rojopolis/spellcheck-github-actions	`0.51.0`	`0.55.0`
actions/upload-artifact	`4`	`5`
actions/setup-go	`6.0.0`	`6.1.0`
golangci/golangci-lint-action	`9.0.0`	`9.1.0`
actions/download-artifact	`5`	`6`
peter-evans/find-comment	`3`	`4`
peter-evans/create-or-update-comment	`4`	`5`

Updates actions/checkout from 5.0.0 to 6.0.0

Release notes

Sourced from actions/checkout's releases.

v6.0.0

What's Changed

Update README to include Node.js 24 support details and requirements by @salmanmkc in actions/checkout#2248

Persist creds to a separate file by @ericsciple in actions/checkout#2286

v6-beta by @ericsciple in actions/checkout#2298

update readme/changelog for v6 by @ericsciple in actions/checkout#2311

Full Changelog: actions/checkout@v5.0.0...v6.0.0

v6-beta

What's Changed

Updated persist-credentials to store the credentials under $RUNNER_TEMP instead of directly in the local git config.

This requires a minimum Actions Runner version of v2.329.0 to access the persisted credentials for Docker container action scenarios.

v5.0.1

What's Changed

Port v6 cleanup to v5 by @ericsciple in actions/checkout#2301

Full Changelog: actions/checkout@v5...v5.0.1

Changelog

Sourced from actions/checkout's changelog.

Changelog

V6.0.0

Persist creds to a separate file by @ericsciple in actions/checkout#2286

Update README to include Node.js 24 support details and requirements by @salmanmkc in actions/checkout#2248

V5.0.1

Port v6 cleanup to v5 by @ericsciple in actions/checkout#2301

V5.0.0

Update actions checkout to use node 24 by @salmanmkc in actions/checkout#2226

V4.3.1

Port v6 cleanup to v4 by @ericsciple in actions/checkout#2305

V4.3.0

docs: update README.md by @motss in actions/checkout#1971

Add internal repos for checking out multiple repositories by @mouismail in actions/checkout#1977

Documentation update - add recommended permissions to Readme by @benwells in actions/checkout#2043

Adjust positioning of user email note and permissions heading by @joshmgross in actions/checkout#2044

Update README.md by @nebuk89 in actions/checkout#2194

Update CODEOWNERS for actions by @TingluoHuang in actions/checkout#2224

Update package dependencies by @salmanmkc in actions/checkout#2236

v4.2.2

url-helper.ts now leverages well-known environment variables by @jww3 in actions/checkout#1941

Expand unit test coverage for isGhes by @jww3 in actions/checkout#1946

v4.2.1

Check out other refs/* by commit if provided, fall back to ref by @orhantoy in actions/checkout#1924

v4.2.0

Add Ref and Commit outputs by @lucacome in actions/checkout#1180

Dependency updates by @dependabot- actions/checkout#1777, actions/checkout#1872

v4.1.7

Bump the minor-npm-dependencies group across 1 directory with 4 updates by @dependabot in actions/checkout#1739

Bump actions/checkout from 3 to 4 by @dependabot in actions/checkout#1697

Check out other refs/* by commit by @orhantoy in actions/checkout#1774

Pin actions/checkout's own workflows to a known, good, stable version. by @jww3 in actions/checkout#1776

v4.1.6

Check platform to set archive extension appropriately by @cory-miller in actions/checkout#1732

v4.1.5

Update NPM dependencies by @cory-miller in actions/checkout#1703

Bump github/codeql-action from 2 to 3 by @dependabot in actions/checkout#1694

Bump actions/setup-node from 1 to 4 by @dependabot in actions/checkout#1696

Bump actions/upload-artifact from 2 to 4 by @dependabot in actions/checkout#1695

... (truncated)

Commits

1af3b93 update readme/changelog for v6 (#2311)
71cf226 v6-beta (#2298)
069c695 Persist creds to a separate file (#2286)
ff7abcd Update README to include Node.js 24 support details and requirements (#2248)
See full diff in compare view

Updates github/codeql-action from 4.31.3 to 4.31.5

Release notes

Sourced from github/codeql-action's releases.

v4.31.5

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

4.31.5 - 24 Nov 2025

Update default CodeQL bundle version to 2.23.6. #3321

See the full CHANGELOG.md for more information.

v4.31.4

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

4.31.4 - 18 Nov 2025

No user facing changes.

See the full CHANGELOG.md for more information.

Changelog

Sourced from github/codeql-action's changelog.

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

[UNRELEASED]

No user facing changes.

4.31.5 - 24 Nov 2025

Update default CodeQL bundle version to 2.23.6. #3321

4.31.4 - 18 Nov 2025

No user facing changes.

4.31.3 - 13 Nov 2025

CodeQL Action v3 will be deprecated in December 2026. The Action now logs a warning for customers who are running v3 but could be running v4. For more information, see Upcoming deprecation of CodeQL Action v3.

Update default CodeQL bundle version to 2.23.5. #3288

4.31.2 - 30 Oct 2025

No user facing changes.

4.31.1 - 30 Oct 2025

The add-snippets input has been removed from the analyze action. This input has been deprecated since CodeQL Action 3.26.4 in August 2024 when this removal was announced.

4.31.0 - 24 Oct 2025

Bump minimum CodeQL bundle version to 2.17.6. #3223

When SARIF files are uploaded by the analyze or upload-sarif actions, the CodeQL Action automatically performs post-processing steps to prepare the data for the upload. Previously, these post-processing steps were only performed before an upload took place. We are now changing this so that the post-processing steps will always be performed, even when the SARIF files are not uploaded. This does not change anything for the upload-sarif action. For analyze, this may affect Advanced Setup for CodeQL users who specify a value other than always for the upload input. #3222

4.30.9 - 17 Oct 2025

Update default CodeQL bundle version to 2.23.3. #3205

Experimental: A new setup-codeql action has been added which is similar to init, except it only installs the CodeQL CLI and does not initialize a database. Do not use this in production as it is part of an internal experiment and subject to change at any time. #3204

4.30.8 - 10 Oct 2025

No user facing changes.

4.30.7 - 06 Oct 2025

[v4+ only] The CodeQL Action now runs on Node.js v24. #3169

3.30.6 - 02 Oct 2025

Update default CodeQL bundle version to 2.23.2. #3168

... (truncated)

Commits

fdbfb4d Merge pull request #3322 from github/update-v4.31.5-ec2ee575c
81f6d64 Update changelog for v4.31.5
ec2ee57 Merge pull request #3321 from github/update-bundle/codeql-bundle-v2.23.6
ecc8787 Add changelog note
1d2a238 Update default bundle to codeql-bundle-v2.23.6
ce729e4 Merge pull request #3315 from github/henrymercer/dead-code-elimination
ac359aa Add return type
112cd07 Merge branch 'main' into henrymercer/dead-code-elimination
0b43179 Merge pull request #3306 from github/dependabot/npm_and_yarn/types/sinon-21.0.0
e818008 Merge pull request #3305 from github/dependabot/npm_and_yarn/eslint/compat-2.0.0
Additional commits viewable in compare view

Updates github/contributors from 1.7.5 to 1.7.6

Release notes

Sourced from github/contributors's releases.

v1.7.6

Changelog

🧰 Maintenance

chore(deps): bump python from 9813eec to 0aecac0 @dependabot[bot] (#365)

chore(deps): bump the dependencies group with 3 updates @dependabot[bot] (#364)

chore(deps): bump actions/checkout from 5.0.0 to 6.0.0 @dependabot[bot] (#363)

chore(deps): bump github/codeql-action from 4.31.3 to 4.31.4 in the dependencies group @dependabot[bot] (#362)

chore(deps): bump github/codeql-action from 4.31.2 to 4.31.3 in the dependencies group @dependabot[bot] (#360)

chore(deps): bump python from 4ed3310 to 9813eec @dependabot[bot] (#358)

chore(deps): bump pytest from 8.4.2 to 9.0.0 @dependabot[bot] (#359)

chore(deps): bump the dependencies group with 2 updates @dependabot[bot] (#357)

See details of all code changes since previous release

Commits

abf3681 chore(deps): bump python from 9813eec to 0aecac0 (#365)
20bc7e4 chore(deps): bump the dependencies group with 3 updates (#364)
4b2eb00 chore(deps): bump actions/checkout from 5.0.0 to 6.0.0 (#363)
23d7d72 chore(deps): bump github/codeql-action in the dependencies group (#362)
e3c7f37 Merge pull request #360 from github/dependabot/github_actions/dependencies-1f...
49452c8 chore(deps): bump github/codeql-action in the dependencies group
e2b307c chore(deps): bump python from 4ed3310 to 9813eec (#358)
a1f07a0 chore(deps): bump pytest from 8.4.2 to 9.0.0 (#359)
e6f229f chore(deps): bump the dependencies group with 2 updates (#357)
See full diff in compare view

Updates peter-evans/create-pull-request from 7.0.8 to 7.0.9

Release notes

Sourced from peter-evans/create-pull-request's releases.

Create Pull Request v7.0.9

⚙️ Fixes an incompatibility with the recently released actions/checkout@v6.

What's Changed

~70 dependency updates by @dependabot

docs: fix workaround description about ready_for_review by @ybiquitous in peter-evans/create-pull-request#3939

Docs: add-paths default behavior by @joeflack4 in peter-evans/create-pull-request#3928

docs: update to create-github-app-token v2 by @Goooler in peter-evans/create-pull-request#4063

Fix compatibility with actions/checkout@v6 by @ericsciple in peter-evans/create-pull-request#4230

New Contributors

@joeflack4 made their first contribution in peter-evans/create-pull-request#3928

@Goooler made their first contribution in peter-evans/create-pull-request#4063

@ericsciple made their first contribution in peter-evans/create-pull-request#4230

Full Changelog: peter-evans/create-pull-request@v7.0.8...v7.0.9

Commits

84ae59a fix: compatibility with actions/checkout@v6 (#4230)
b4733b9 build(deps-dev): bump js-yaml from 4.1.0 to 4.1.1 (#4222)
0edc001 build(deps-dev): bump the npm group with 2 updates (#4201)
430aea0 build(deps): bump the github-actions group with 3 updates (#4200)
46cdba7 build(deps-dev): bump the npm group with 3 updates (#4185)
b937339 build(deps): bump the github-actions group with 2 updates (#4184)
e9af275 ci: update dependabot config
d3e081a build(deps-dev): bump @types/node from 18.19.127 to 18.19.128 (#4178)
9ec683e build(deps-dev): bump @types/node from 18.19.125 to 18.19.127 (#4165)
65d8d10 build(deps-dev): bump ts-jest from 29.4.2 to 29.4.4 (#4163)
Additional commits viewable in compare view

Updates rojopolis/spellcheck-github-actions from 0.51.0 to 0.55.0

Release notes

Sourced from rojopolis/spellcheck-github-actions's releases.

0.55.0

What's Changed

Bump rojopolis/spellcheck-github-actions from 0.53.0 to 0.54.0 by @dependabot[bot] in rojopolis/spellcheck-github-actions#287

Bump docker/metadata-action from 5.8.0 to 5.9.0 by @dependabot[bot] in rojopolis/spellcheck-github-actions#286

Bump docker/setup-qemu-action from 3.6.0 to 3.7.0 by @dependabot[bot] in rojopolis/spellcheck-github-actions#288

Bump actions/checkout from 5.0.0 to 5.0.1 by @dependabot[bot] in rojopolis/spellcheck-github-actions#290

Bump actions/checkout from 5.0.1 to 6.0.0 by @dependabot[bot] in rojopolis/spellcheck-github-actions#291

Preparing release 0.55.0 with an update of PySpelling to version 2.12.1 by @jonasbn in rojopolis/spellcheck-github-actions#294

Full Changelog: rojopolis/spellcheck-github-actions@0.54.0...0.55.0

0.54.0

What's Changed

Bump rojopolis/spellcheck-github-actions from 0.52.0 to 0.53.0 by @dependabot[bot] in rojopolis/spellcheck-github-actions#278

Bump actions/upload-artifact from 4.6.2 to 5.0.0 by @dependabot[bot] in rojopolis/spellcheck-github-actions#277

Bump of core component pyspelling from 2.11 to 2.12 by @jonasbn in rojopolis/spellcheck-github-actions#280

Release candidate for 0.54.0 by @jonasbn in rojopolis/spellcheck-github-actions#281

Full Changelog: rojopolis/spellcheck-github-actions@0.53.0...0.54.0

0.53.0

What's Changed

Bump rojopolis/spellcheck-github-actions from 0.51.0 to 0.52.0 by @dependabot[bot] in rojopolis/spellcheck-github-actions#268

Bump docker/login-action from 3.5.0 to 3.6.0 by @dependabot[bot] in rojopolis/spellcheck-github-actions#271

Bump python from 5fa2567 to e3a6ccb by @dependabot[bot] in rojopolis/spellcheck-github-actions#274

Full Changelog: rojopolis/spellcheck-github-actions@0.52.0...0.53.0

0.52.0

What's Changed

Pinned base image and added a secondary maintainer label by @jonasbn in rojopolis/spellcheck-github-actions#254

All GitHub actions pinned using ratchet, I wonder if this collides with Dependabot by @jonasbn in rojopolis/spellcheck-github-actions#255

Bump docker/setup-buildx-action from 3.11.0 to 3.11.1 by @dependabot[bot] in rojopolis/spellcheck-github-actions#256

Bump actions/checkout from 4.2.2 to 5.0.0 by @dependabot[bot] in rojopolis/spellcheck-github-actions#261

Bump docker/metadata-action from 5.7.0 to 5.8.0 by @dependabot[bot] in rojopolis/spellcheck-github-actions#260

Bump docker/login-action from 3.4.0 to 3.5.0 by @dependabot[bot] in rojopolis/spellcheck-github-actions#263

Feature release with PySpelling 2.11 by @jonasbn in rojopolis/spellcheck-github-actions#266

Full Changelog: rojopolis/spellcheck-github-actions@0.51.0...0.52.0

Changelog

Sourced from rojopolis/spellcheck-github-actions's changelog.

0.55.0, 2025-11-27, maintenance release, update not required

Via an issue [#293 from @shoverbj, an update to the core component PySpelling from version 2.12.0 to version 2.12.1 was made, this allows for use of large dictionaries with Aspell

0.54.0, 2025-11-05, feature release, update not required

PySpelling the core component has been updated to version 2.12.0, which introduces support for maximum available cores. The feature is described in the release notes for PySpelling 2.12.0. See the documentation for PySpelling.

The flag was introduced with release 2.10 of PySpelling, which was adopted in release 0.36.0 of this action.

0.53.0, 2025-10-25, maintenance release, update not required

Docker image updated to Python 3.14.0 trixie slim Release notes for Python 3.14.0, this originated from the PR mentioned below, however updated to Trixie from Bookworm and as always the slim variant is used

Bumped the requirement for cython to 3.0.11 or above, addressing a build issue with lxml, located when testing the PR : #274 from @dependabot, the above update of Python

In general the Docker build file had a few updates since the above changes required some tweaking of the Dockerfile

Order of installation of dependencies adjusted to ensure that lxml can build correctly

Installation of:

build-essential

pkg-config

libxml2-dev

libxslt1-dev

zlib1g-dev

0.52.0, 2025-09-10, feature release, update not required

With version 2.11 of PySpelling a new command line option --skip-dict-compile is introduced to PySpelling and is adopted by this action. This will skip the dictionary compiling step if the dictionary already exists. Changes to a custom dictionary will be ignored., see the release notes for PySpelling. Do see the updated documentation for details.

The feature can be enabled by setting the input parameter skip_dict_compile to true, the default is false, meaning that the dictionary will be compiled on each run of the action.

This can save time if you have a large custom dictionary that does not change often.

Docker image updated to Python 3.13.7 bookworm slim Release notes for Python 3.13.7

Commits

16d0338 Preparing release 0.55.0 with an update of PySpelling to version 2.12.1 (#294)
605a59e Merge pull request #291 from rojopolis/dependabot/github_actions/actions/chec...
f4497bb Bump actions/checkout from 5.0.1 to 6.0.0
1cae94c Merge pull request #290 from rojopolis/dependabot/github_actions/actions/chec...
359c44a Bump actions/checkout from 5.0.0 to 5.0.1
fcf71b4 Added initial revision of CODEOWNERS since this works for Dependabot and auto...
8709763 Added initial revision of CODEOWNERS since this works for Dependabot and auto...
c5dddfa Added initial revision of CODEOWNERS since this works for Dependabot and auto...
5ecc8c4 Merge pull request #288 from rojopolis/dependabot/github_actions/docker/setup...
46323f3 Merge pull request #286 from rojopolis/dependabot/github_actions/docker/metad...
Additional commits viewable in compare view

Updates actions/upload-artifact from 4 to 5

Release notes

Sourced from actions/upload-artifact's releases.

v5.0.0

What's Changed

BREAKING CHANGE: this update supports Node v24.x. This is not a breaking change per-se but we're treating it as such.

Update README.md by @GhadimiR in actions/upload-artifact#681

Update README.md by @nebuk89 in actions/upload-artifact#712

Readme: spell out the first use of GHES by @danwkennedy in actions/upload-artifact#727

Update GHES guidance to include reference to Node 20 version by @patrikpolyak in actions/upload-artifact#725

Bump @actions/artifact to v4.0.0

Prepare v5.0.0 by @danwkennedy in actions/upload-artifact#734

New Contributors

@GhadimiR made their first contribution in actions/upload-artifact#681

@nebuk89 made their first contribution in actions/upload-artifact#712

@danwkennedy made their first contribution in actions/upload-artifact#727

@patrikpolyak made their first contribution in actions/upload-artifact#725

Full Changelog: actions/upload-artifact@v4...v5.0.0

v4.6.2

What's Changed

Update to use artifact 2.3.2 package & prepare for new upload-artifact release by @salmanmkc in actions/upload-artifact#685

New Contributors

@salmanmkc made their first contribution in actions/upload-artifact#685

Full Changelog: actions/upload-artifact@v4...v4.6.2

v4.6.1

What's Changed

Update to use artifact 2.2.2 package by @yacaovsnc in actions/upload-artifact#673

Full Changelog: actions/upload-artifact@v4...v4.6.1

v4.6.0

What's Changed

Expose env vars to control concurrency and timeout by @yacaovsnc in actions/upload-artifact#662

Full Changelog: actions/upload-artifact@v4...v4.6.0

v4.5.0

What's Changed

fix: deprecated Node.js version in action by @hamirmahal in actions/upload-artifact#578

Add new artifact-digest output by @bdehamer in actions/upload-artifact#656

New Contributors

@hamirmahal made their first contribution in actions/upload-artifact#578

... (truncated)

Commits

330a01c Merge pull request #734 from actions/danwkennedy/prepare-5.0.0
03f2824 Update github.dep.yml
905a1ec Prepare v5.0.0
2d9f9cd Merge pull request #725 from patrikpolyak/patch-1
9687587 Merge branch 'main' into patch-1
2848b2c Merge pull request #727 from danwkennedy/patch-1
9b51177 Spell out the first use of GHES
cd231ca Update GHES guidance to include reference to Node 20 version
de65e23 Merge pull request #712 from actions/nebuk89-patch-1
8747d8c Update README.md
Additional commits viewable in compare view

Updates actions/setup-go from 6.0.0 to 6.1.0

Release notes

Sourced from actions/setup-go's releases.

v6.1.0

What's Changed

Enhancements

Fall back to downloading from go.dev/dl instead of storage.googleapis.com/golang by @nicholasngai in actions/setup-go#665

Add support for .tool-versions file and update workflow by @priya-kinthali in actions/setup-go#673

Add comprehensive breaking changes documentation for v6 by @mahabaleshwars in actions/setup-go#674

Dependency updates

Upgrade eslint-config-prettier from 10.0.1 to 10.1.8 and document breaking changes in v6 by @dependabot in actions/setup-go#617

Upgrade actions/publish-action from 0.3.0 to 0.4.0 by @dependabot in actions/setup-go#641

Upgrade semver and @types/semver by @dependabot in actions/setup-go#652

New Contributors

@nicholasngai made their first contribution in actions/setup-go#665

@priya-kinthali made their first contribution in actions/setup-go#673

@mahabaleshwars made their first contribution in actions/setup-go#674

Full Changelog: actions/setup-go@v6...v6.1.0

Commits

4dc6199 Bump semver and @types/semver (#652)
f3787be Add comprehensive breaking changes documentation for v6 (#674)
3a0c2c8 Bump actions/publish-action from 0.3.0 to 0.4.0 (#641)
faf5242 Add support for .tool-versions file in setup-go, update workflow (#673)
7bc60db Fall back to downloading from go.dev/dl instead of storage.googleapis.com/gol...
c0137ca Bump eslint-config-prettier from 10.0.1 to 10.1.8 and document breaking chang...
See full diff in compare view

Updates golangci/golangci-lint-action from 9.0.0 to 9.1.0

Release notes

Sourced from golangci/golangci-lint-action's releases.

v9.1.0

What's Changed

Changes

feat: automatic module directories by @ldez in golangci/golangci-lint-action#1315

Documentation

docs: organize options by @ldez in golangci/golangci-lint-action#1314

Dependencies

build(deps-dev): bump the dev-dependencies group with 2 updates by @dependabot[bot] in golangci/golangci-lint-action#1307

build(deps-dev): bump js-yaml from 4.1.0 to 4.1.1 by @dependabot[bot] in golangci/golangci-lint-action#1309

build(deps-dev): bump the dev-dependencies group with 2 updates by @dependabot[bot] in golangci/golangci-lint-action#1310

build(deps): bump the dependencies group with 2 updates by @dependabot[bot] in golangci/golangci-lint-action#1311

Full Changelog: golangci/golangci-lint-action@v9.0.0...v9.1.0

Commits

e7fa5ac feat: automatic module directories (#1315)
f3ae99f docs: organize options (#1314)
1dfda28 docs: update readme
8b0f942 build(deps): bump the dependencies group with 2 updates (#1311)
a77756c build(deps-dev): bump the dev-dependencies group with 2 updates (#1310)
37a9faf build(deps-dev): bump js-yaml from 4.1.0 to 4.1.1 (#1309)
199a9c2 build(deps-dev): bump the dev-dependencies group with 2 updates (#1307)
c7c1219 chore: simplify
See full diff in compare view

Updates actions/download-artifact from 5 to 6

Release notes

Sourced from actions/download-artifact's releases.

v6.0.0

What's Changed

BREAKING CHANGE: this update supports Node v24.x. This is not a breaking change per-se but we're treating it as such.

Update README for download-artifact v5 changes by @yacaovsnc in actions/download-artifact#417

Update README with artifact extraction details by @yacaovsnc in actions/download-artifact#424

Readme: spell out the first use of GHES by @danwkennedy in actions/download-artifact#431

Bump @actions/artifact to v4.0.0

Prepare v6.0.0 by @danwkennedy in actions/download-artifact#438

New Contributors

@danwkennedy made their first contribution in actions/download-artifact#431

Full Changelog: actions/download-artifact@v5...v6.0.0

Commits

018cc2c Merge pull request #438 from actions/danwkennedy/prepare-6.0.0
815651c Revert "Remove github.dep.yml"
bb3a066 Remove github.dep.yml
fa1ce46 Prepare v6.0.0
4a24838 Merge pull request #431 from danwkennedy/patch-1
5e3251c Readme: spell out the first use of GHES
abefc31 Merge pull request #424 from actions/yacaovsnc/update_readme
ac43a60 Update README with artifact extraction details
de96f46 Merge pull request #417 from actions/yacaovsnc/update_readme
7993cb4 Remove migration guide for artifact download changes
Additional commits viewable in compare view

Updates peter-evans/find-comment from 3 to 4

Release notes

Sourced from peter-evans/find-comment's releases.

Find Comment v4.0.0

⚙️ Requires Actions Runner v2.327.1 or later if you are using a self-hosted runner for Node 24 support.

What's Changed

build(deps-dev): bump @types/node from 18.19.28 to 18.19.30 by @dependabot[bot] in peter-evans/find-comment#301

build(deps-dev): bump @types/node from 18.19.30 to 18.19.31 by @dependabot[bot] in peter-evans/find-comment#302

build(deps-dev): bump @types/node from 18.19.31 to 18.19.33 by @dependabot[bot] in peter-evans/find-comment#303

build(deps-dev): bump prettier from 3.2.5 to 3.3.0 by @dependabot[bot] in peter-evans/find-comment#304

build(deps-dev): bump prettier from 3.3.0 to 3.3.1 by @dependabot[bot] in peter-evans/find-comment#305

build(deps-dev): bump @types/node from 18.19.33 to 18.19.34 by @dependabot[bot] in peter-evans/find-comment#306

build(deps-dev): bump prettier from 3.3.1 to 3.3.2 by @dependabot[bot] in peter-evans/find-comment#307

build(deps-dev): bump braces from 3.0.2 to 3.0.3 by @dependabot[bot] in peter-evans/find-comment#308

build(deps-dev): bump ws from 7.5.9 to 7.5.10 by @dependabot[bot] in peter-evans/find-comment#309

build(deps-dev): bump @types/node from 18.19.34 to 18.19.39 by @dependabot[bot] in peter-evans/find-comment#310

build(deps-dev): bump prettier from 3.3.2 to 3.3.3 by @dependabot[bot] in peter-evans/find-comment#311

build(deps-dev): bump eslint-plugin-prettier ...
Description has been truncated

…dates Bumps the development-dependencies group with 11 updates in the / directory: | Package | From | To | | --- | --- | --- | | [actions/checkout](https://github.com/actions/checkout) | `5.0.0` | `6.0.0` | | [github/codeql-action](https://github.com/github/codeql-action) | `4.31.3` | `4.31.5` | | [github/contributors](https://github.com/github/contributors) | `1.7.5` | `1.7.6` | | [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request) | `7.0.8` | `7.0.9` | | [rojopolis/spellcheck-github-actions](https://github.com/rojopolis/spellcheck-github-actions) | `0.51.0` | `0.55.0` | | [actions/upload-artifact](https://github.com/actions/upload-artifact) | `4` | `5` | | [actions/setup-go](https://github.com/actions/setup-go) | `6.0.0` | `6.1.0` | | [golangci/golangci-lint-action](https://github.com/golangci/golangci-lint-action) | `9.0.0` | `9.1.0` | | [actions/download-artifact](https://github.com/actions/download-artifact) | `5` | `6` | | [peter-evans/find-comment](https://github.com/peter-evans/find-comment) | `3` | `4` | | [peter-evans/create-or-update-comment](https://github.com/peter-evans/create-or-update-comment) | `4` | `5` | Updates `actions/checkout` from 5.0.0 to 6.0.0 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@08c6903...1af3b93) Updates `github/codeql-action` from 4.31.3 to 4.31.5 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@014f16e...fdbfb4d) Updates `github/contributors` from 1.7.5 to 1.7.6 - [Release notes](https://github.com/github/contributors/releases) - [Commits](github/contributors@8b75869...abf3681) Updates `peter-evans/create-pull-request` from 7.0.8 to 7.0.9 - [Release notes](https://github.com/peter-evans/create-pull-request/releases) - [Commits](peter-evans/create-pull-request@271a8d0...84ae59a) Updates `rojopolis/spellcheck-github-actions` from 0.51.0 to 0.55.0 - [Release notes](https://github.com/rojopolis/spellcheck-github-actions/releases) - [Changelog](https://github.com/rojopolis/spellcheck-github-actions/blob/master/CHANGELOG.md) - [Commits](rojopolis/spellcheck-github-actions@0.51.0...0.55.0) Updates `actions/upload-artifact` from 4 to 5 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](actions/upload-artifact@v4...v5) Updates `actions/setup-go` from 6.0.0 to 6.1.0 - [Release notes](https://github.com/actions/setup-go/releases) - [Commits](actions/setup-go@4469467...4dc6199) Updates `golangci/golangci-lint-action` from 9.0.0 to 9.1.0 - [Release notes](https://github.com/golangci/golangci-lint-action/releases) - [Commits](golangci/golangci-lint-action@0a35821...e7fa5ac) Updates `actions/download-artifact` from 5 to 6 - [Release notes](https://github.com/actions/download-artifact/releases) - [Commits](actions/download-artifact@v5...v6) Updates `peter-evans/find-comment` from 3 to 4 - [Release notes](https://github.com/peter-evans/find-comment/releases) - [Commits](peter-evans/find-comment@v3...v4) Updates `peter-evans/create-or-update-comment` from 4 to 5 - [Release notes](https://github.com/peter-evans/create-or-update-comment/releases) - [Commits](peter-evans/create-or-update-comment@v4...v5) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: 6.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: development-dependencies - dependency-name: github/codeql-action dependency-version: 4.31.5 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: development-dependencies - dependency-name: github/contributors dependency-version: 1.7.6 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: development-dependencies - dependency-name: peter-evans/create-pull-request dependency-version: 7.0.9 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: development-dependencies - dependency-name: rojopolis/spellcheck-github-actions dependency-version: 0.55.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: development-dependencies - dependency-name: actions/upload-artifact dependency-version: '5' dependency-type: direct:production update-type: version-update:semver-major dependency-group: development-dependencies - dependency-name: actions/setup-go dependency-version: 6.1.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: development-dependencies - dependency-name: golangci/golangci-lint-action dependency-version: 9.1.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: development-dependencies - dependency-name: actions/download-artifact dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major dependency-group: development-dependencies - dependency-name: peter-evans/find-comment dependency-version: '4' dependency-type: direct:production update-type: version-update:semver-major dependency-group: development-dependencies - dependency-name: peter-evans/create-or-update-comment dependency-version: '5' dependency-type: direct:production update-type: version-update:semver-major dependency-group: development-dependencies ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Nov 28, 2025

github-actions bot approved these changes Nov 28, 2025

View reviewed changes

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Bump the development-dependencies group across 1 directory with 11 updates #23

Bump the development-dependencies group across 1 directory with 11 updates #23

Uh oh!

dependabot bot commented on behalf of github Nov 28, 2025

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

Bump the development-dependencies group across 1 directory with 11 updates #23

Are you sure you want to change the base?

Bump the development-dependencies group across 1 directory with 11 updates #23

Uh oh!

Conversation

dependabot bot commented on behalf of github Nov 28, 2025

v6.0.0

What's Changed

v6-beta

What's Changed

v5.0.1

What's Changed

Changelog

V6.0.0

V5.0.1

V5.0.0

V4.3.1

V4.3.0

v4.2.2

v4.2.1

v4.2.0

v4.1.7

v4.1.6

v4.1.5

v4.31.5

CodeQL Action Changelog

4.31.5 - 24 Nov 2025

v4.31.4

CodeQL Action Changelog

4.31.4 - 18 Nov 2025

CodeQL Action Changelog

[UNRELEASED]

4.31.5 - 24 Nov 2025

4.31.4 - 18 Nov 2025

4.31.3 - 13 Nov 2025

4.31.2 - 30 Oct 2025

4.31.1 - 30 Oct 2025

4.31.0 - 24 Oct 2025

4.30.9 - 17 Oct 2025

4.30.8 - 10 Oct 2025

4.30.7 - 06 Oct 2025

3.30.6 - 02 Oct 2025

v1.7.6

Changelog

🧰 Maintenance

Create Pull Request v7.0.9

What's Changed

New Contributors

0.55.0

What's Changed

0.54.0

What's Changed

0.53.0

What's Changed

0.52.0

What's Changed

0.55.0, 2025-11-27, maintenance release, update not required

0.54.0, 2025-11-05, feature release, update not required

0.53.0, 2025-10-25, maintenance release, update not required

0.52.0, 2025-09-10, feature release, update not required

v5.0.0

What's Changed

New Contributors

v4.6.2

What's Changed

New Contributors

v4.6.1

What's Changed

v4.6.0

What's Changed

v4.5.0

What's Changed

New Contributors

v6.1.0

What's Changed

Enhancements

Dependency updates

New Contributors

v9.1.0

What's Changed