build(deps): bump the actions group with 2 updates

[dependabot]

Bumps the actions group with 2 updates: actions/add-to-project and actions/setup-node.

Updates actions/add-to-project from 1.0.2 to 2.0.0

Release notes

Sourced from actions/add-to-project's releases.

v2

What's Changed

• Update instructions for fine grained PAT by @​talune in actions/add-to-project#596
• build(deps-dev): bump prettier from 3.2.5 to 3.3.2 by @​dependabot[bot] in actions/add-to-project#594
• build(deps-dev): bump eslint-plugin-github from 4.10.2 to 5.0.1 by @​dependabot[bot] in actions/add-to-project#593
• Resolve Regular Expression syntax checking errors by @​talune in actions/add-to-project#598
• build(deps-dev): bump typescript from 5.4.5 to 5.5.2 by @​dependabot[bot] in actions/add-to-project#595
• build(deps-dev): bump ts-jest from 29.1.5 to 29.3.0 by @​dependabot[bot] in actions/add-to-project#675
• Batch updating some dependencies for vulns by @​TylerDixon in actions/add-to-project#679
• build(deps): bump undici from 5.28.4 to 5.28.5 by @​dependabot[bot] in actions/add-to-project#662
• build(deps-dev): bump eslint-plugin-prettier from 5.1.3 to 5.2.5 by @​dependabot[bot] in actions/add-to-project#682
• Have dependabot also run builds as another commit when creating PRs by @​TylerDixon in actions/add-to-project#684
• build(deps): bump @​octokit/request-error from 5.1.1 to 6.1.7 by @​dependabot[bot] in actions/add-to-project#683
• build(deps): bump @​octokit/request from 8.4.1 to 9.2.2 by @​dependabot[bot] in actions/add-to-project#681
• Bump eslint-plugin-jest from 28.6.0 to 28.11.0 by @​dependabot[bot] in actions/add-to-project#685
• Bump @​types/node from 16.18.101 to 22.13.14 by @​dependabot[bot] in actions/add-to-project#686
• Bump @​types/jest from 29.5.12 to 29.5.14 by @​dependabot[bot] in actions/add-to-project#687
• Bump @​vercel/ncc from 0.38.1 to 0.38.3 by @​dependabot[bot] in actions/add-to-project#688
• Bump ts-jest from 29.3.0 to 29.3.2 by @​dependabot[bot] in actions/add-to-project#694
• chore: removes sourcemap-register from build step by @​andrialexandrou in actions/add-to-project#696
• Bump @​octokit/plugin-paginate-rest from 9.2.2 to 13.0.1 by @​dependabot[bot] in actions/add-to-project#699
• Bump ts-jest from 29.3.2 to 29.4.0 by @​dependabot[bot] in actions/add-to-project#703
• Bump @​types/node from 22.13.14 to 24.0.12 by @​dependabot[bot] in actions/add-to-project#709
• Potential fix for code scanning alert no. 6: Workflow does not contain permissions by @​wiinci in actions/add-to-project#715
• Potential fix for code scanning alert no. 5: Workflow does not contain permissions by @​wiinci in actions/add-to-project#716
• Potential fix for code scanning alert no. 7: Workflow does not contain permissions by @​wiinci in actions/add-to-project#717
• Fix code scanning alert:missing regex anchor by @​wiinci in actions/add-to-project#719
• Add Missing Languages to CodeQL Advanced Configuration by @​KyFaSt in actions/add-to-project#710
• Bump @​octokit/request from 9.2.2 to 10.0.3 by @​dependabot[bot] in actions/add-to-project#705
• Bump concurrently from 8.2.2 to 9.2.0 by @​dependabot[bot] in actions/add-to-project#707
• Bump prettier from 3.3.2 to 3.6.2 by @​dependabot[bot] in actions/add-to-project#721
• Bump concurrently from 9.2.0 to 9.2.1 by @​dependabot[bot] in actions/add-to-project#722
• Bump @​types/node from 24.0.12 to 24.5.2 by @​dependabot[bot] in actions/add-to-project#730
• Bump actions/checkout from 4 to 5 by @​dependabot[bot] in actions/add-to-project#714
• Bump actions/setup-node from 4 to 5 by @​dependabot[bot] in actions/add-to-project#726
• build(deps-dev): bump @​typescript-eslint/parser from 7.14.1 to 7.18.0 by @​dependabot[bot] in actions/add-to-project#616
• Bump ts-jest from 29.4.1 to 29.4.5 by @​dependabot[bot] in actions/add-to-project#742
• Bump js-yaml from 3.14.1 to 3.14.2 by @​dependabot[bot] in actions/add-to-project#750
• Bump actions/upload-artifact from 4 to 5 by @​dependabot[bot] in actions/add-to-project#748
• Bump github/codeql-action from 3 to 4 by @​dependabot[bot] in actions/add-to-project#741
• Bump jest and @​types/jest by @​dependabot[bot] in actions/add-to-project#743
• Bump actions/setup-node from 5 to 6 by @​dependabot[bot] in actions/add-to-project#744
• Consolidate ESLint 9 and TypeScript ESLint 8 dependency updates by @​Copilot in actions/add-to-project#751
• Bump @​octokit/request-error from 6.1.8 to 7.1.0 by @​dependabot[bot] in actions/add-to-project#757
• Bump globals from 15.15.0 to 16.5.0 by @​dependabot[bot] in actions/add-to-project#756
• Bump @​octokit/plugin-paginate-rest from 13.1.1 to 14.0.0 by @​dependabot[bot] in actions/add-to-project#754
• Bump @​vercel/ncc from 0.38.3 to 0.38.4 by @​dependabot[bot] in actions/add-to-project#753
• Bump actions/checkout from 5 to 6 by @​dependabot[bot] in actions/add-to-project#752
• Bump eslint from 9.39.1 to 9.39.2 by @​dependabot[bot] in actions/add-to-project#759
• Bump ts-jest from 29.4.5 to 29.4.6 by @​dependabot[bot] in actions/add-to-project#760

... (truncated)

Commits

• 5afcf98 Merge pull request #712 from salmanmkc/node24
• ffed68f Merge main and update action runtime to Node 24
• 27022a1 Merge pull request #777 from actions/dependabot/npm_and_yarn/types/node-25.5.0
• cc89d2e Merge pull request #778 from actions/dependabot/npm_and_yarn/globals-17.4.0
• ef8e6ff Merge pull request #779 from actions/dependabot/npm_and_yarn/eslint-plugin-je...
• eb406b3 Merge pull request #780 from actions/dependabot/npm_and_yarn/handlebars-4.7.9
• bb8d4d7 Bump handlebars from 4.7.8 to 4.7.9
• a6fcf8b Bump eslint-plugin-jest from 29.12.1 to 29.15.1
• b35f5d3 Bump globals from 17.0.0 to 17.4.0
• 036fea0 Bump @​types/node from 25.0.3 to 25.5.0
• Additional commits viewable in compare view

Updates actions/setup-node from 4 to 6

Release notes

Sourced from actions/setup-node's releases.

v6.0.0

What's Changed

Breaking Changes

• Limit automatic caching to npm, update workflows and documentation by @​priyagupta108 in actions/setup-node#1374

Dependency Upgrades

• Upgrade ts-jest from 29.1.2 to 29.4.1 and document breaking changes in v5 by @​dependabot[bot] in #1336
• Upgrade prettier from 2.8.8 to 3.6.2 by @​dependabot[bot] in #1334
• Upgrade actions/publish-action from 0.3.0 to 0.4.0 by @​dependabot[bot] in #1362

Full Changelog: actions/setup-node@v5...v6.0.0

v5.0.0

What's Changed

Breaking Changes

• Enhance caching in setup-node with automatic package manager detection by @​priya-kinthali in actions/setup-node#1348

This update, introduces automatic caching when a valid packageManager field is present in your package.json. This aims to improve workflow performance and make dependency management more seamless. To disable this automatic caching, set package-manager-cache: false

steps:
- uses: actions/checkout@v5
- uses: actions/setup-node@v5
  with:
    package-manager-cache: false

• Upgrade action to use node24 by @​salmanmkc in actions/setup-node#1325

Make sure your runner is on version v2.327.1 or later to ensure compatibility with this release. See Release Notes

Dependency Upgrades

• Upgrade @​octokit/request-error and @​actions/github by @​dependabot[bot] in actions/setup-node#1227
• Upgrade uuid from 9.0.1 to 11.1.0 by @​dependabot[bot] in actions/setup-node#1273
• Upgrade undici from 5.28.5 to 5.29.0 by @​dependabot[bot] in actions/setup-node#1295
• Upgrade form-data to bring in fix for critical vulnerability by @​gowridurgad in actions/setup-node#1332
• Upgrade actions/checkout from 4 to 5 by @​dependabot[bot] in actions/setup-node#1345

New Contributors

• @​priya-kinthali made their first contribution in actions/setup-node#1348
• @​salmanmkc made their first contribution in actions/setup-node#1325

Full Changelog: actions/setup-node@v4...v5.0.0

v4.4.0

... (truncated)

Commits

• 48b55a0 Update Node.js versions in versions.yml and bump package to v6.4.0 (#1533)
• ab72c7e Upgrade @​actions dependencies (#1525)
• 53b8394 Bump minimatch from 3.1.2 to 3.1.5 (#1498)
• 54045ab Scope test lockfiles by package manager and update cache tests (#1495)
• c882bff Replace uuid with crypto.randomUUID() (#1378)
• 774c1d6 feat(node-version-file): support parsing devEngines field (#1283)
• efcb663 fix: remove hardcoded bearer (#1467)
• d02c89d Fix npm audit issues (#1491)
• 6044e13 Docs: bump actions/checkout from v5 to v6 (#1468)
• 8e49463 Fix README typo (#1226)
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
• @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
• @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
• @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
• @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

[vercel]

The latest updates on your projects. Learn more about Vercel for GitHub.

Project	Deployment	Actions	Updated (UTC)
filecoin-cloud	Ready	Preview, Comment	May 10, 2026 2:24pm