Skip to content

build(deps): bump the dependencies group across 1 directory with 6 updates #5936

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 1 commit into from
Closed

build(deps): bump the dependencies group across 1 directory with 6 updates #5936

wants to merge 1 commit into from

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Sep 21, 2025
edited
Loading

Bumps the dependencies group with 6 updates in the / directory:

Package From To
actions/checkout 4 5
actions/setup-go 5 6
golangci/golangci-lint-action 6.5.0 8.0.0
megalinter/megalinter 8.4.2 9.0.1
actions/github-script 7 8
actions/stale 9 10

Updates actions/checkout from 4 to 5

Release notes

Sourced from actions/checkout's releases.

v5.0.0

What's Changed

⚠️ Minimum Compatible Runner Version

v2.327.1
Release Notes

Make sure your runner is updated to this version or newer to use this release.

Full Changelog: actions/checkout@v4...v5.0.0

v4.3.0

What's Changed

New Contributors

Full Changelog: actions/checkout@v4...v4.3.0

v4.2.2

What's Changed

Full Changelog: actions/checkout@v4.2.1...v4.2.2

v4.2.1

What's Changed

New Contributors

Full Changelog: actions/checkout@v4.2.0...v4.2.1

... (truncated)

Changelog

Sourced from actions/checkout's changelog.

Changelog

V5.0.0

V4.3.0

v4.2.2

v4.2.1

v4.2.0

v4.1.7

v4.1.6

v4.1.5

v4.1.4

v4.1.3

... (truncated)

Commits

Updates actions/setup-go from 5 to 6

Release notes

Sourced from actions/setup-go's releases.

v6.0.0

What's Changed

Breaking Changes

Make sure your runner is on version v2.327.1 or later to ensure compatibility with this release. See Release Notes

Dependency Upgrades

New Contributors

Full Changelog: actions/setup-go@v5...v6.0.0

v5.5.0

What's Changed

Bug fixes:

Dependency updates:

New Contributors

Full Changelog: actions/setup-go@v5...v5.5.0

v5.4.0

What's Changed

Dependency updates :

... (truncated)

Commits

Updates golangci/golangci-lint-action from 6.5.0 to 8.0.0

Release notes

Sourced from golangci/golangci-lint-action's releases.

v8.0.0

Requires golangci-lint version >= v2.1.0

What's Changed

Changes

Full Changelog: golangci/golangci-lint-action@v7...v8.0.0

v7.0.1

What's Changed

Documentation

Dependencies

New Contributors

Full Changelog: golangci/golangci-lint-action@v7.0.0...v7.0.1

v7.0.0

⚠️ The GitHub Action v7 supports golangci-lint v2 only. ⚠️

What's Changed

Changes

Documentation

Dependencies

New Contributors

... (truncated)

Commits
  • 4afd733 8.0.0
  • 7774f98 feat: use absolute paths by default when using working-directory option (#1231)
  • 9fae48a 7.0.1
  • 16ece5e docs: clarify that ’args: --path-mode=abs’ is needed for working-directory (...
  • a3942e2 build(deps-dev): bump the dev-dependencies group with 2 updates (#1227)
  • 7ecb048 build(deps): bump @​types/node from 22.14.0 to 22.14.1 in the dependencies gro...
  • 63a0d0e build(deps-dev): bump the dev-dependencies group with 3 updates (#1224)
  • c2427fe docs: update problem matchers section
  • 642f8ee build(deps): bump @​types/node from 22.13.14 to 22.14.0 in the dependencies gr...
  • d84be92 build(deps-dev): bump the dev-dependencies group with 4 updates (#1220)
  • Additional commits viewable in compare view

Updates megalinter/megalinter from 8.4.2 to 9.0.1

Release notes

Sourced from megalinter/megalinter's releases.

v9.0.1

What's Changed

  • Fix v9 release issue

Full Changelog: https://github.com/oxsecurity/megalinter/compare/v9.0.0..v9.0.1

v9.0.0

What's Changed

  • Core

    • Create your own Megalinter Custom Flavors to dramatically improve your performances
      • See documentation for usage
      • Use npx mega-linter-runner@beta --custom-flavor-setup to initialize repo
      • Suggest new flavors in reporters with a mega-linter-runner including the list of linters
    • New LLM Advisor: call external LLMs to get hints to solve linter errors, available in:
      • Console Reporter
      • Text Reporter
      • Git platforms PR/MR comments Reporter
    • Use ghcr.io docker images by default because of rate limits on docker.io
    • Use uv to create the venv folder for pip-installed linters
    • Add copilot instructions for GitHub Copilot
    • Update base image to python:3.13-alpine3.21 (also embeds go 1.24)

  • Disabled linters

  • Removed linters

    • markdown-link-check has been removed because lychee can be used instead, and has much better performances

  • Linters enhancements

    • PHP-CS-Fixer is able to run on PHP 8.4 without error (change default configuration) by @​llaville
    • cspell: Filter output lines that do not contain found issues
    • hadolint: Extend DOCKERFILE_HADOLINT_FILE_NAMES_REGEX to include the purpose.Dockerfile convention eg service.Dockerfile.
    • sqlfluff: Handle fixing of issues

  • Fixes

... (truncated)

Changelog

Sourced from megalinter/megalinter's changelog.

[v9.0.1] - 2025-09-21

  • Fix v9 release issue

[v9.0.0] - 2025-09-20

  • Core

    • Create your own Megalinter Custom Flavors to dramatically improve your performances
      • See documentation for usage
      • Use npx mega-linter-runner@beta --custom-flavor-setup to initialize repo
      • Suggest new flavors in reporters with a mega-linter-runner including the list of linters
    • New LLM Advisor: call external LLMs to get hints to solve linter errors, available in:
      • Console Reporter
      • Text Reporter
      • Git platforms PR/MR comments Reporter
    • Use ghcr.io docker images by default because of rate limits on docker.io
    • Use uv to create the venv folder for pip-installed linters
    • Add copilot instructions for GitHub Copilot
    • Update base image to python:3.13-alpine3.21 (also embeds go 1.24)

  • Disabled linters

  • Removed linters

    • markdown-link-check has been removed because lychee can be used instead, and has much better performances

  • Linters enhancements

    • PHP-CS-Fixer is able to run on PHP 8.4 without error (change default configuration) by @​llaville
    • cspell: Filter output lines that do not contain found issues
    • hadolint: Extend DOCKERFILE_HADOLINT_FILE_NAMES_REGEX to include the purpose.Dockerfile convention eg service.Dockerfile.
    • sqlfluff: Handle fixing of issues

  • Fixes

    • When linter is docker based, force --platform=linux/amd64 so it works when running locally on Mac
    • Added checking of *.pyi and *.ipynb files to the ruff and ruff-format linters

  • Reporters

    • New default display for Pull Request comments, with expandable sections containing the first 1000 lines of the output log. Former display remains available by defining REPORTERS_MARKDOWN_SUMMARY_TYPE=table
    • Markdown summary reporter:
      • Write a file for Github integration if GITHUB_STEP_SUMMARY is set
      • Truncate less linter output lines
    • Text reporter: Change the output file names to put the linter name first, then the status
    • Enhance display of markdown summary

  • Doc

    • Update documentation in all megalinter descriptor files to improve accuracy and consistency
    • Fix incorrect information in linters documentation and descriptors
    • Remove dead links
    • Add linter description (linter_text) in all linter descriptor, to generate a more exhaustive documentation.

... (truncated)

Commits
  • 0dcbedd Release MegaLinter v9.0.1
  • 9f48fcd Fix v9 release issue (#6197)
  • 139ebb5 chore(deps): update dependency uvicorn to v0.36.0 (#6189)
  • b23f125 [automation] Auto-update linters version, help and documentation (#6194)
  • 0214a3a Update README with v9 announcement (#6193)
  • e552e5c chore(deps): update tflint plugin terraform-linters/tflint-ruleset-aws to v0....
  • ecfbd88 chore(deps): update dependency sfdx-hardis to v6.5.1 (#6188)
  • 60af444 chore(deps): update dependency mega-linter-runner to v9 (#6191)
  • ff177bf Release MegaLinter v9.0.0
  • a6b6815 release changelog
  • Additional commits viewable in compare view

Updates actions/github-script from 7 to 8

Release notes

Sourced from actions/github-script's releases.

v8.0.0

What's Changed

⚠️ Minimum Compatible Runner Version

v2.327.1
Release Notes

Make sure your runner is updated to this version or newer to use this release.

New Contributors

Full Changelog: actions/github-script@v7.1.0...v8.0.0

v7.1.0

What's Changed

New Contributors

Full Changelog: actions/github-script@v7...v7.1.0

... (truncated)

Commits

Updates actions/stale from 9 to 10

Release notes

Sourced from actions/stale's releases.

v10.0.0

What's Changed

Breaking Changes

Enhancement

Dependency Upgrades

Documentation changes

New Contributors

Full Changelog: actions/stale@v9...v10.0.0

v9.1.0

What's Changed

New Contributors

Full Changelog: actions/stale@v9...v9.1.0

Changelog

Sourced from actions/stale's changelog.

Changelog

[9.1.0]

What's Changed

[9.0.0]

Breaking Changes

  1. Action is now stateful: If the action ends because of operations-per-run then the next run will start from the first unprocessed issue skipping the issues processed during the previous run(s). The state is reset when all the issues are processed. This should be considered for scheduling workflow runs.
  2. Version 9 of this action updated the runtime to Node.js 20. All scripts are now run with Node.js 20 instead of Node.js 16 and are affected by any breaking changes between Node.js 16 and 20.

What Else Changed

  1. Performance optimization that removes unnecessary API calls by @​dsame in #1033; fixes #792
  2. Logs displaying current GitHub API rate limit by @​dsame in #1032; addresses #1029

For more information, please read the action documentation and its section about statefulness

[4.1.1]

In scope of this release we updated actions/core to 1.10.0 for v4 and fixed issues operation count.

[8.0.0]

⚠️ This version contains breaking changes ⚠️

[7.0.0]

⚠️ Breaking change ⚠️

... (truncated)

Commits

@dependabot
build(deps): bump the dependencies group across 1 directory with 6 up…
5e3e331 
…dates

Bumps the dependencies group with 6 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [actions/checkout](https://github.com/actions/checkout) | `4` | `5` |
| [actions/setup-go](https://github.com/actions/setup-go) | `5` | `6` |
| [golangci/golangci-lint-action](https://github.com/golangci/golangci-lint-action) | `6.5.0` | `8.0.0` |
| [megalinter/megalinter](https://github.com/megalinter/megalinter) | `8.4.2` | `9.0.1` |
| [actions/github-script](https://github.com/actions/github-script) | `7` | `8` |
| [actions/stale](https://github.com/actions/stale) | `9` | `10` |



Updates `actions/checkout` from 4 to 5
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](actions/checkout@v4...v5)

Updates `actions/setup-go` from 5 to 6
- [Release notes](https://github.com/actions/setup-go/releases)
- [Commits](actions/setup-go@v5...v6)

Updates `golangci/golangci-lint-action` from 6.5.0 to 8.0.0
- [Release notes](https://github.com/golangci/golangci-lint-action/releases)
- [Commits](golangci/golangci-lint-action@v6.5.0...v8.0.0)

Updates `megalinter/megalinter` from 8.4.2 to 9.0.1
- [Release notes](https://github.com/megalinter/megalinter/releases)
- [Changelog](https://github.com/oxsecurity/megalinter/blob/main/CHANGELOG.md)
- [Commits](oxsecurity/megalinter@v8.4.2...v9.0.1)

Updates `actions/github-script` from 7 to 8
- [Release notes](https://github.com/actions/github-script/releases)
- [Commits](actions/github-script@v7...v8)

Updates `actions/stale` from 9 to 10
- [Release notes](https://github.com/actions/stale/releases)
- [Changelog](https://github.com/actions/stale/blob/main/CHANGELOG.md)
- [Commits](actions/stale@v9...v10)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-version: '5'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: dependencies
- dependency-name: actions/setup-go
  dependency-version: '6'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: dependencies
- dependency-name: golangci/golangci-lint-action
  dependency-version: 8.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: dependencies
- dependency-name: megalinter/megalinter
  dependency-version: 9.0.1
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: dependencies
- dependency-name: actions/github-script
  dependency-version: '8'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: dependencies
- dependency-name: actions/stale
  dependency-version: '10'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: dependencies
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update Github_actions code labels Sep 21, 2025
@mergify mergify bot added the needs-work Extra attention is needed label Sep 21, 2025
@codecov
Copy link

codecov bot commented Sep 21, 2025
edited
Loading

Codecov Report

✅ All modified and coverable lines are covered by tests.
✅ Project coverage is 74.87%. Comparing base (bd4bc99) to head (5e3e331).
⚠️ Report is 27 commits behind head on master.

Additional details and impacted files 
@@            Coverage Diff             @@
##           master    #5936      +/-   ##
==========================================
+ Coverage   74.65%   74.87%   +0.22%     
==========================================
  Files          73       73              
  Lines       11139    11198      +59     
==========================================
+ Hits         8316     8385      +69     
+ Misses       2186     2178       -8     
+ Partials      637      635       -2

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github Nov 1, 2025

Looks like these dependencies are updatable in another way, so this is no longer needed.

@dependabot dependabot bot closed this Nov 1, 2025
@dependabot dependabot bot deleted the dependabot/github_actions/dependencies-27043a4009 branch November 1, 2025 02:01
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file github_actions Pull requests that update Github_actions code needs-work Extra attention is needed size/M

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant