Skip to content

Bump the github-dependencies group with 4 updates#119

Open
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/github_actions/github-dependencies-14608e638f
Open

Bump the github-dependencies group with 4 updates#119
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/github_actions/github-dependencies-14608e638f

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Feb 1, 2026
edited
Loading

Bumps the github-dependencies group with 4 updates: dependabot/fetch-metadata, actions/checkout, actions/setup-java and actions/cache.

Updates dependabot/fetch-metadata from 2.2.0 to 2.5.0

Release notes

Sourced from dependabot/fetch-metadata's releases.

v2.5.0

What's Changed

Full Changelog: dependabot/fetch-metadata@v2...v2.5.0

v2.4.0

What's Changed

Full Changelog: dependabot/fetch-metadata@v2...v2.4.0

v2.3.0

What's Changed

... (truncated)

Commits
  • 21025c7 v2.5.0
  • 252291c Merge pull request #647 from dependabot/dependabot/npm_and_yarn/modelcontextp...
  • fa144c9 chore: Migrate jest expectation function
  • 33c7a0b bug: Mock PR body in test
  • 99c27ad Bump @​modelcontextprotocol/sdk from 1.11.2 to 1.24.0
  • 3837dcc Merge pull request #645 from dependabot/dependabot/npm_and_yarn/express-5.2.1
  • d411582 Bump express from 5.1.0 to 5.2.1
  • 186ccbb Merge pull request #644 from dependabot/dependabot/npm_and_yarn/js-yaml-3.14.2
  • 84c891e Bump js-yaml from 3.14.1 to 3.14.2
  • 4542092 Merge pull request #648 from dependabot/dependabot/github_actions/actions/cre...
  • Additional commits viewable in compare view

Updates actions/checkout from 4 to 6

Release notes

Sourced from actions/checkout's releases.

v6.0.0

What's Changed

Full Changelog: actions/checkout@v5.0.0...v6.0.0

v6-beta

What's Changed

Updated persist-credentials to store the credentials under $RUNNER_TEMP instead of directly in the local git config.

This requires a minimum Actions Runner version of v2.329.0 to access the persisted credentials for Docker container action scenarios.

v5.0.1

What's Changed

Full Changelog: actions/checkout@v5...v5.0.1

v5.0.0

What's Changed

⚠️ Minimum Compatible Runner Version

v2.327.1
Release Notes

Make sure your runner is updated to this version or newer to use this release.

Full Changelog: actions/checkout@v4...v5.0.0

v4.3.1

What's Changed

Full Changelog: actions/checkout@v4...v4.3.1

v4.3.0

What's Changed

... (truncated)

Changelog

Sourced from actions/checkout's changelog.

Changelog

v6.0.2

v6.0.1

v6.0.0

v5.0.1

v5.0.0

v4.3.1

v4.3.0

v4.2.2

v4.2.1

v4.2.0

v4.1.7

v4.1.6

... (truncated)

Commits

Updates actions/setup-java from 4.0.0 to 5.2.0

Release notes

Sourced from actions/setup-java's releases.

v5.2.0

What's Changed

Enhancement

Documentation Changes

Dependency Updates

New Contributors

Full Changelog: actions/setup-java@v5...v5.2.0

v5.1.0

What's Changed

New Features

Bug Fixes & Improvements

Documentation changes

Dependency updates

New Contributors

Full Changelog: actions/setup-java@v5...v5.1.0

... (truncated)

Commits
  • be666c2 Chore: Version Update and Checkout Update to v6 (#973)
  • f7a6fef Bump actions/checkout from 5 to 6 (#961)
  • d81c4e4 Upgrade @​actions/cache to v5 (#968)
  • 1b1bbe1 readme update (#972)
  • 5d7b214 Retry on HTTP 522 Connection timed out (#964)
  • f2beeb2 Bump actions/publish-action from 0.3.0 to 0.4.0 (#912)
  • 4e7e684 feat: Add support for .sdkmanrc file in java-version-file parameter (#736)
  • 46c56d6 Add GitHub Token Support for GraalVM and Refactor Code (#849)
  • 66b9457 Update SapMachine URLs (#955)
  • 6ba5449 Enhance error logging for network failures to include endpoint/IP details, ad...
  • Additional commits viewable in compare view

Updates actions/cache from 4 to 5

Release notes

Sourced from actions/cache's releases.

v5.0.0

[!IMPORTANT] actions/cache@v5 runs on the Node.js 24 runtime and requires a minimum Actions Runner version of 2.327.1.

If you are using self-hosted runners, ensure they are updated before upgrading.

What's Changed

Full Changelog: actions/cache@v4.3.0...v5.0.0

v4.3.0

What's Changed

New Contributors

Full Changelog: actions/cache@v4...v4.3.0

v4.2.4

What's Changed

New Contributors

Full Changelog: actions/cache@v4...v4.2.4

v4.2.3

What's Changed

  • Update to use @​actions/cache 4.0.3 package & prepare for new release by @​salmanmkc in actions/cache#1577 (SAS tokens for cache entries are now masked in debug logs)

New Contributors

Full Changelog: actions/cache@v4.2.2...v4.2.3

... (truncated)

Changelog

Sourced from actions/cache's changelog.

Releases

How to prepare a release

[!NOTE]
Relevant for maintainers with write access only.

  1. Switch to a new branch from main.
  2. Run npm test to ensure all tests are passing.
  3. Update the version in https://github.com/actions/cache/blob/main/package.json.
  4. Run npm run build to update the compiled files.
  5. Update this https://github.com/actions/cache/blob/main/RELEASES.md with the new version and changes in the ## Changelog section.
  6. Run licensed cache to update the license report.
  7. Run licensed status and resolve any warnings by updating the https://github.com/actions/cache/blob/main/.licensed.yml file with the exceptions.
  8. Commit your changes and push your branch upstream.
  9. Open a pull request against main and get it reviewed and merged.
  10. Draft a new release https://github.com/actions/cache/releases use the same version number used in package.json
    1. Create a new tag with the version number.
    2. Auto generate release notes and update them to match the changes you made in RELEASES.md.
    3. Toggle the set as the latest release option.
    4. Publish the release.
  11. Navigate to https://github.com/actions/cache/actions/workflows/release-new-action-version.yml
    1. There should be a workflow run queued with the same version number.
    2. Approve the run to publish the new version and update the major tags for this action.

Changelog

5.0.3

5.0.2

  • Bump @actions/cache to v5.0.3 #1692

5.0.1

  • Update @azure/storage-blob to ^12.29.1 via @actions/cache@5.0.1 #1685

5.0.0

[!IMPORTANT] actions/cache@v5 runs on the Node.js 24 runtime and requires a minimum Actions Runner version of 2.327.1. If you are using self-hosted runners, ensure they are updated before upgrading.

4.3.0

  • Bump @actions/cache to v4.1.0

... (truncated)

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@sonarqubecloud
Copy link

sonarqubecloud bot commented Feb 1, 2026

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@dependabot
Bump the github-dependencies group with 4 updates
9acc7e9 
Bumps the github-dependencies group with 4 updates: [dependabot/fetch-metadata](https://github.com/dependabot/fetch-metadata), [actions/checkout](https://github.com/actions/checkout), [actions/setup-java](https://github.com/actions/setup-java) and [actions/cache](https://github.com/actions/cache).


Updates `dependabot/fetch-metadata` from 2.2.0 to 2.5.0
- [Release notes](https://github.com/dependabot/fetch-metadata/releases)
- [Commits](dependabot/fetch-metadata@v2.2.0...v2.5.0)

Updates `actions/checkout` from 4 to 6
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](actions/checkout@v4...v6)

Updates `actions/setup-java` from 4.0.0 to 5.2.0
- [Release notes](https://github.com/actions/setup-java/releases)
- [Commits](actions/setup-java@v4...v5.2.0)

Updates `actions/cache` from 4 to 5
- [Release notes](https://github.com/actions/cache/releases)
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md)
- [Commits](actions/cache@v4...v5)

---
updated-dependencies:
- dependency-name: dependabot/fetch-metadata
  dependency-version: 2.5.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-dependencies
- dependency-name: actions/checkout
  dependency-version: '6'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-dependencies
- dependency-name: actions/setup-java
  dependency-version: 5.2.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-dependencies
- dependency-name: actions/cache
  dependency-version: '5'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/github_actions/github-dependencies-14608e638f branch from e5eca8c to 9acc7e9 Compare March 15, 2026 14:22
@sonarqubecloud
Copy link

sonarqubecloud bot commented Mar 15, 2026

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@github-actions github-actions[bot] github-actions[bot] approved these changes

Assignees

No one assigned

Labels

Priority 1: Must Type: Dependency Upgrade

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants