Bump the actions group with 5 updates #47

dependabot · 2025-07-21T15:50:59Z

Bumps the actions group with 5 updates:

Package	From	To
github/codeql-action	`3.28.1`	`3.29.3`
actions/setup-python	`5.3.0`	`5.6.0`
reviewdog/action-setup	`1.3.0`	`1.3.2`
reviewdog/action-ansiblelint	`1.16.0`	`1.17.0`
reviewdog/action-yamllint	`1.20.0`	`1.21.0`

Updates github/codeql-action from 3.28.1 to 3.29.3

Release notes

Sourced from github/codeql-action's releases.

v3.29.3

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.29.3 - 21 Jul 2025

No user facing changes.

See the full CHANGELOG.md for more information.

v3.29.2

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.29.2 - 30 Jun 2025

Experimental: When the quality-queries input for the init action is provided with an argument, separate .quality.sarif files are produced and uploaded for each language with the results of the specified queries. Do not use this in production as it is part of an internal experiment and subject to change at any time. #2935

See the full CHANGELOG.md for more information.

v3.29.1

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.29.1 - 27 Jun 2025

Fix bug in PR analysis where user-provided include query filter fails to exclude non-included queries. #2938

Update default CodeQL bundle version to 2.22.1. #2950

See the full CHANGELOG.md for more information.

v3.29.0

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.29.0 - 11 Jun 2025

Update default CodeQL bundle version to 2.22.0. #2925

Bump minimum CodeQL bundle version to 2.16.6. #2912

See the full CHANGELOG.md for more information.

v3.28.20

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

... (truncated)

Changelog

Sourced from github/codeql-action's changelog.

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

[UNRELEASED]

No user facing changes.

3.29.3 - 21 Jul 2025

No user facing changes.

3.29.2 - 30 Jun 2025

Experimental: When the quality-queries input for the init action is provided with an argument, separate .quality.sarif files are produced and uploaded for each language with the results of the specified queries. Do not use this in production as it is part of an internal experiment and subject to change at any time. #2935

3.29.1 - 27 Jun 2025

Fix bug in PR analysis where user-provided include query filter fails to exclude non-included queries. #2938

Update default CodeQL bundle version to 2.22.1. #2950

3.29.0 - 11 Jun 2025

Update default CodeQL bundle version to 2.22.0. #2925

Bump minimum CodeQL bundle version to 2.16.6. #2912

3.28.20 - 21 July 2025

Remove support for combining SARIF files from a single upload for GHES 3.18, see the changelog post. #2959

3.28.19 - 03 Jun 2025

The CodeQL Action no longer includes its own copy of the extractor for the actions language, which is currently in public preview. The actions extractor has been included in the CodeQL CLI since v2.20.6. If your workflow has enabled the actions language and you have pinned your tools: property to a specific version of the CodeQL CLI earlier than v2.20.6, you will need to update to at least CodeQL v2.20.6 or disable actions analysis.

Update default CodeQL bundle version to 2.21.4. #2910

3.28.18 - 16 May 2025

Update default CodeQL bundle version to 2.21.3. #2893

Skip validating SARIF produced by CodeQL for improved performance. #2894

The number of threads and amount of RAM used by CodeQL can now be set via the CODEQL_THREADS and CODEQL_RAM runner environment variables. If set, these environment variables override the threads and ram inputs respectively. #2891

3.28.17 - 02 May 2025

Update default CodeQL bundle version to 2.21.2. #2872

3.28.16 - 23 Apr 2025

... (truncated)

Commits

d6bbdef Merge pull request #2977 from github/update-v3.29.3-7710ed11e
210cc9b Update changelog for v3.29.3
7710ed1 Merge pull request #2970 from github/cklin/diff-informed-feature-enable
6a49a8c build: refresh js files
3aef410 Add diff-informed-analysis-utils.test.ts
614b64c Diff-informed analysis: disable for GHES below 3.19
aefb854 Feature.DiffInformedQueries: default to true
03a2a17 Merge pull request #2967 from github/cklin/overlay-feature-flags
07455ed Merge pull request #2972 from github/koesie10/ghes-satisfies
3fb562d build: refresh js files
Additional commits viewable in compare view

Updates actions/setup-python from 5.3.0 to 5.6.0

Release notes

Sourced from actions/setup-python's releases.

v5.6.0

What's Changed

Workflow updates related to Ubuntu 20.04 by @aparnajyothi-y in actions/setup-python#1065

Fix for Candidate Not Iterable Error by @aparnajyothi-y in actions/setup-python#1082

Upgrade semver and @types/semver by @dependabot in actions/setup-python#1091

Upgrade prettier from 2.8.8 to 3.5.3 by @dependabot in actions/setup-python#1046

Upgrade ts-jest from 29.1.2 to 29.3.2 by @dependabot in actions/setup-python#1081

Full Changelog: actions/setup-python@v5...v5.6.0

v5.5.0

What's Changed

Enhancements:

Support free threaded Python versions like '3.13t' by @colesbury in actions/setup-python#973

Enhance Workflows: Include ubuntu-arm runners, Add e2e Testing for free threaded and Upgrade @action/cache from 4.0.0 to 4.0.3 by @priya-kinthali in actions/setup-python#1056

Add support for .tool-versions file in setup-python by @mahabaleshwars in actions/setup-python#1043

Bug fixes:

Fix architecture for pypy on Linux ARM64 by @mayeut in actions/setup-python#1011 This update maps arm64 to aarch64 for Linux ARM64 PyPy installations.

Dependency updates:

Upgrade @vercel/ncc from 0.38.1 to 0.38.3 by @dependabot in actions/setup-python#1016

Upgrade @actions/glob from 0.4.0 to 0.5.0 by @dependabot in actions/setup-python#1015

New Contributors

@colesbury made their first contribution in actions/setup-python#973

@mahabaleshwars made their first contribution in actions/setup-python#1043

Full Changelog: actions/setup-python@v5...v5.5.0

v5.4.0

What's Changed

Enhancements:

Update cache error message by @aparnajyothi-y in actions/setup-python#968

Enhance Workflows: Add Ubuntu-24, Remove Python 3.8 by @priya-kinthali in actions/setup-python#985

Configure Dependabot settings by @HarithaVattikuti in actions/setup-python#1008

Documentation changes:

Readme update - recommended permissions by @benwells in actions/setup-python#1009

Improve Advanced Usage examples by @lrq3000 in actions/setup-python#645

Dependency updates:

Upgrade undici from 5.28.4 to 5.28.5 by @dependabot in actions/setup-python#1012

Upgrade urllib3 from 1.25.9 to 1.26.19 in /tests/data by @dependabot in actions/setup-python#895

Upgrade actions/publish-immutable-action from 0.0.3 to 0.0.4 by @dependabot in actions/setup-python#1014

Upgrade @actions/http-client from 2.2.1 to 2.2.3 by @dependabot in actions/setup-python#1020

Upgrade requests from 2.24.0 to 2.32.2 in /tests/data by @dependabot in actions/setup-python#1019

Upgrade @actions/cache to ^4.0.0 by @priyagupta108 in actions/setup-python#1007

New Contributors

@benwells made their first contribution in actions/setup-python#1009

@HarithaVattikuti made their first contribution in actions/setup-python#1008

... (truncated)

Commits

a26af69 Bump ts-jest from 29.1.2 to 29.3.2 (#1081)
30eafe9 Bump prettier from 2.8.8 to 3.5.3 (#1046)
5d95bc1 Bump semver and @types/semver (#1091)
6ed2c67 Fix for Candidate Not Iterable Error (#1082)
e348410 Remove Ubuntu 20.04 from workflows due to deprecation from 2025-04-15 (#1065)
8d9ed9a Add e2e Testing for free threaded and Bump @action/cache from 4.0.0 to 4.0.3 ...
19e4675 Add support for .tool-versions file in setup-python (#1043)
6fd11e1 Bump @actions/glob from 0.4.0 to 0.5.0 (#1015)
9e62be8 Support free threaded Python versions like '3.13t' (#973)
6ca8e85 Bump @vercel/ncc from 0.38.1 to 0.38.3 (#1016)
Additional commits viewable in compare view

Updates reviewdog/action-setup from 1.3.0 to 1.3.2

Release notes

Sourced from reviewdog/action-setup's releases.

Release v1.3.2

What's Changed

Pin reviewdog install script version with commit SHA by @haya14busa in reviewdog/action-setup#51

Full Changelog: reviewdog/action-setup@v1.3.1...v1.3.2

Release v1.3.1

What's Changed

chore(deps): update reviewdog to 0.17.4 by @github-actions in reviewdog/action-setup#37

Update test case reviewdog version to work with Apple Silicon Mac runner by @sksat in reviewdog/action-setup#38

chore(deps): update reviewdog to 0.17.5 by @github-actions in reviewdog/action-setup#39

Add used-by counter badge by @haya14busa in reviewdog/action-setup#40

chore(deps): update reviewdog to 0.18.0 by @github-actions in reviewdog/action-setup#41

chore(deps): update reviewdog to 0.18.1 by @github-actions in reviewdog/action-setup#42

chore(deps): update reviewdog to 0.19.0 by @github-actions in reviewdog/action-setup#44

chore(deps): update reviewdog to 0.20.0 by @github-actions in reviewdog/action-setup#45

chore(deps): update reviewdog to 0.20.1 by @github-actions in reviewdog/action-setup#46

chore(deps): update reviewdog to 0.20.2 by @github-actions in reviewdog/action-setup#48

chore(deps): update peter-evans/create-pull-request action to v7 by @renovate in reviewdog/action-setup#47

chore(deps): update reviewdog to 0.20.3 by @github-actions in reviewdog/action-setup#49

Pin GitHub Actions with commit SHA using pinact by @haya14busa in reviewdog/action-setup#50

New Contributors

@sksat made their first contribution in reviewdog/action-setup#38

Full Changelog: reviewdog/action-setup@v1.3.0...v1.3.1

Commits

e04ffab Merge pull request #51 from reviewdog/pin-install-script-ver
2bf9f4f Pin reviewdog install script version with commit SHA
bddaa4f Merge pull request #50 from reviewdog/pinact
f3f55da Pin actions with pinact
113423a Merge pull request #49 from reviewdog/depup/reviewdog
44b7052 chore(deps): update reviewdog to 0.20.3
424f33b Merge pull request #47 from reviewdog/renovate/peter-evans-create-pull-reques...
3c35733 Merge pull request #48 from reviewdog/depup/reviewdog
fdfd48a chore(deps): update reviewdog to 0.20.2
31dbca7 chore(deps): update peter-evans/create-pull-request action to v7
Additional commits viewable in compare view

Updates reviewdog/action-ansiblelint from 1.16.0 to 1.17.0

Release notes

Sourced from reviewdog/action-ansiblelint's releases.

Release v1.17.0

v1.17.0: PR #52 - chore(deps): update reviewdog to 0.20.3

Release v1.16.1

v1.16.1: PR #50 - Pin reviewdog install script version with commit SHA

Commits

5b8ca4b Merge pull request #52 from reviewdog/depup/reviewdog
eed5ad8 Merge pull request #49 from reviewdog/renovate/python-3.x
827c3e0 Merge pull request #43 from reviewdog/renovate/peter-evans-create-pull-reques...
28a22f7 chore(deps): update reviewdog to 0.20.3
05f49d6 Merge pull request #51 from reviewdog/renovate/haya14busa-action-depup-1.x
9ab9693 chore(deps): update peter-evans/create-pull-request action to v7
9d05e1a chore(deps): update haya14busa/action-depup action to v1.6.4
40693e6 Merge pull request #50 from reviewdog/pin-install-script-ver
0139807 Pin reviewdog install script version with commit SHA
fce86f7 Pin GitHub Actions with commit SHA using pinact
Additional commits viewable in compare view

Updates reviewdog/action-yamllint from 1.20.0 to 1.21.0

Release notes

Sourced from reviewdog/action-yamllint's releases.

Release v1.21.0

What's Changed

chore(deps): update haya14busa/action-depup action to v1.6.4 by @renovate in reviewdog/action-yamllint#48

chore(deps): update peter-evans/create-pull-request action to v7 by @renovate in reviewdog/action-yamllint#42

chore(deps): update reviewdog to 0.20.3 by @github-actions in reviewdog/action-yamllint#49

Full Changelog: reviewdog/action-yamllint@v1.20.2...v1.21.0

Release v1.20.2

What's Changed

Pin reviewdog install script version with commit SHA by @haya14busa in reviewdog/action-yamllint#47

Full Changelog: reviewdog/action-yamllint@v1.20.1...v1.20.2

Release v1.20.1

What's Changed

Pin GitHub Actions with commit SHA using pinact by @haya14busa in reviewdog/action-yamllint#46

New Contributors

@haya14busa made their first contribution in reviewdog/action-yamllint#46

Full Changelog: reviewdog/action-yamllint@v1.20.0...v1.20.1

Commits

f01d8a4 chore(deps): update reviewdog to 0.20.3 (#49)
54ea4b6 chore(deps): update peter-evans/create-pull-request action to v7 (#42)
c1da13a chore(deps): update haya14busa/action-depup action to v1.6.4 (#48)
81e7f3c Pin reviewdog install script version with commit SHA (#47)
b4cb69c Pin GitHub Actions with commit SHA using pinact (#46)
See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the actions group with 5 updates: | Package | From | To | | --- | --- | --- | | [github/codeql-action](https://github.com/github/codeql-action) | `3.28.1` | `3.29.3` | | [actions/setup-python](https://github.com/actions/setup-python) | `5.3.0` | `5.6.0` | | [reviewdog/action-setup](https://github.com/reviewdog/action-setup) | `1.3.0` | `1.3.2` | | [reviewdog/action-ansiblelint](https://github.com/reviewdog/action-ansiblelint) | `1.16.0` | `1.17.0` | | [reviewdog/action-yamllint](https://github.com/reviewdog/action-yamllint) | `1.20.0` | `1.21.0` | Updates `github/codeql-action` from 3.28.1 to 3.29.3 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@b6a472f...d6bbdef) Updates `actions/setup-python` from 5.3.0 to 5.6.0 - [Release notes](https://github.com/actions/setup-python/releases) - [Commits](actions/setup-python@0b93645...a26af69) Updates `reviewdog/action-setup` from 1.3.0 to 1.3.2 - [Release notes](https://github.com/reviewdog/action-setup/releases) - [Commits](reviewdog/action-setup@3f401fe...e04ffab) Updates `reviewdog/action-ansiblelint` from 1.16.0 to 1.17.0 - [Release notes](https://github.com/reviewdog/action-ansiblelint/releases) - [Commits](reviewdog/action-ansiblelint@281c57a...5b8ca4b) Updates `reviewdog/action-yamllint` from 1.20.0 to 1.21.0 - [Release notes](https://github.com/reviewdog/action-yamllint/releases) - [Commits](reviewdog/action-yamllint@1dca3ad...f01d8a4) --- updated-dependencies: - dependency-name: github/codeql-action dependency-version: 3.29.3 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions - dependency-name: actions/setup-python dependency-version: 5.6.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions - dependency-name: reviewdog/action-setup dependency-version: 1.3.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: actions - dependency-name: reviewdog/action-ansiblelint dependency-version: 1.17.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions - dependency-name: reviewdog/action-yamllint dependency-version: 1.21.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: actions ... Signed-off-by: dependabot[bot] <support@github.com>

.github/workflows/lint.yml

Co-authored-by: Elliott Sales de Andrade <quantum.analyst@gmail.com>

dependabot bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Jul 21, 2025

QuLogic reviewed Jul 22, 2025

View reviewed changes

.github/workflows/lint.yml Outdated Show resolved Hide resolved

CI: update version string

c173d63

Co-authored-by: Elliott Sales de Andrade <quantum.analyst@gmail.com>

QuLogic approved these changes Jul 24, 2025

View reviewed changes

QuLogic merged commit c8fdb9c into main Jul 24, 2025
12 checks passed

dependabot bot deleted the dependabot/github_actions/actions-e6042b09fc branch July 24, 2025 02:38

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Bump the actions group with 5 updates #47

Bump the actions group with 5 updates #47

Uh oh!

dependabot bot commented on behalf of github Jul 21, 2025

Uh oh!

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

3 participants

Bump the actions group with 5 updates #47

Bump the actions group with 5 updates #47

Uh oh!

Conversation

dependabot bot commented on behalf of github Jul 21, 2025

v3.29.3

CodeQL Action Changelog

3.29.3 - 21 Jul 2025

v3.29.2

CodeQL Action Changelog

3.29.2 - 30 Jun 2025

v3.29.1

CodeQL Action Changelog

3.29.1 - 27 Jun 2025

v3.29.0

CodeQL Action Changelog

3.29.0 - 11 Jun 2025

v3.28.20

CodeQL Action Changelog

CodeQL Action Changelog

[UNRELEASED]

3.29.3 - 21 Jul 2025

3.29.2 - 30 Jun 2025

3.29.1 - 27 Jun 2025

3.29.0 - 11 Jun 2025

3.28.20 - 21 July 2025

3.28.19 - 03 Jun 2025

3.28.18 - 16 May 2025

3.28.17 - 02 May 2025

3.28.16 - 23 Apr 2025

v5.6.0

What's Changed

v5.5.0

What's Changed

Enhancements:

Bug fixes:

Dependency updates:

New Contributors

v5.4.0

What's Changed

Enhancements:

Documentation changes:

Dependency updates:

New Contributors

Release v1.3.2

What's Changed

Release v1.3.1

What's Changed

New Contributors

Release v1.17.0

Release v1.16.1

Release v1.21.0

What's Changed

Release v1.20.2

What's Changed

Release v1.20.1

What's Changed

New Contributors

Uh oh!

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

3 participants