chore(deps): bump the ci-dependencies group with 3 updates by dependabot[bot] · Pull Request #522 · agrc/plss

dependabot · 2026-04-01T04:44:18Z

Bumps the ci-dependencies group with 3 updates: pnpm/action-setup, actions/setup-java and agrc/firebase-website-deploy-composite-action.

Updates pnpm/action-setup from 4 to 5

Release notes

Sourced from pnpm/action-setup's releases.

v5.0.0

Updated the action to use Node.js 24.

v4.4.0

Updated the action to use Node.js 24.

v4.3.0

What's Changed

docs: fix the run_install example in the Readme by @dreyks in pnpm/action-setup#175

chore: remove unused @types/node-fetch dependency by @silverwind in pnpm/action-setup#186

Clarify that package_json_file is relative to GITHUB_WORKSPACE by @chris-martin in pnpm/action-setup#184

feat: store caching by @jrmajor in pnpm/action-setup#188

refactor: remove star imports by @KSXGitHub in pnpm/action-setup#196

fix(ci): exclude macos by @KSXGitHub in pnpm/action-setup#197

New Contributors

@dreyks made their first contribution in pnpm/action-setup#175

@silverwind made their first contribution in pnpm/action-setup#186

@chris-martin made their first contribution in pnpm/action-setup#184

@jrmajor made their first contribution in pnpm/action-setup#188

@Boosted-Bonobo made their first contribution in pnpm/action-setup#199

Full Changelog: pnpm/action-setup@v4.2.0...v4.3.0

v4.2.0

When there's a .npmrc file at the root of the repository, pnpm will be fetched from the registry that is specified in that .npmrc file #179

v4.1.0

Add support for package.yaml #156.

Commits

fc06bc1 feat!: run the action on Node.js 24 (#205)
See full diff in compare view

Updates actions/setup-java from 4 to 5

Release notes

Sourced from actions/setup-java's releases.

v5.0.0

What's Changed

Breaking Changes

Upgrade to node 24 by @salmanmkc in actions/setup-java#888

Make sure your runner is updated to this version or newer to use this release. v2.327.1 Release Notes

Dependency Upgrades

Upgrade Publish Immutable Action by @HarithaVattikuti in actions/setup-java#798

Upgrade eslint-plugin-jest from 27.9.0 to 28.11.0 by @dependabot[bot] in actions/setup-java#730

Upgrade undici from 5.28.5 to 5.29.0 by @dependabot[bot] in actions/setup-java#833

Upgrade form-data to bring in fix for critical vulnerability by @gowridurgad in actions/setup-java#887

Upgrade actions/checkout from 4 to 5 by @dependabot[bot] in actions/setup-java#896

Bug Fixes

Prevent default installation of JetBrains pre-releases by @priyagupta108 in actions/setup-java#859

Improve Error Handling for Setup-Java Action to Help Debug Intermittent Failures by @gowridurgad in actions/setup-java#848

New Contributors

@gowridurgad made their first contribution in actions/setup-java#848

@salmanmkc made their first contribution in actions/setup-java#888

Full Changelog: actions/setup-java@v4...v5.0.0

v4.8.0

What's Changed

License and Audit Fixes by @HarithaVattikuti in actions/setup-java#960

Update SapMachine URLs by @RealCLanger in actions/setup-java#965

Full Changelog: actions/setup-java@v4...v4.8.0

v4.7.1

What's Changed

Documentation changes

Add Documentation to Recommend Using GraalVM JDK 17 Version to 17.0.12 to Align with GFTC License Terms by @aparnajyothi-y in actions/setup-java#704

Remove duplicated GraalVM section in documentation by @Marcono1234 in actions/setup-java#716

Dependency updates:

Upgrade @action/cache from 4.0.0 to 4.0.2 by @aparnajyothi-y in actions/setup-java#766

Upgrade @actions/glob from 0.4.0 to 0.5.0 by @dependabot in actions/setup-java#744

Upgrade ts-jest from 29.1.2 to 29.2.5 by @dependabot in actions/setup-java#743

Upgrade @action/cache to 4.0.3 by @aparnajyothi-y in actions/setup-java#773

Full Changelog: actions/setup-java@v4...v4.7.1

v4.7.0

What's Changed

... (truncated)

Commits

be666c2 Chore: Version Update and Checkout Update to v6 (#973)
f7a6fef Bump actions/checkout from 5 to 6 (#961)
d81c4e4 Upgrade @actions/cache to v5 (#968)
1b1bbe1 readme update (#972)
5d7b214 Retry on HTTP 522 Connection timed out (#964)
f2beeb2 Bump actions/publish-action from 0.3.0 to 0.4.0 (#912)
4e7e684 feat: Add support for .sdkmanrc file in java-version-file parameter (#736)
46c56d6 Add GitHub Token Support for GraalVM and Refactor Code (#849)
66b9457 Update SapMachine URLs (#955)
6ba5449 Enhance error logging for network failures to include endpoint/IP details, ad...
Additional commits viewable in compare view

Updates agrc/firebase-website-deploy-composite-action from 1 to 2

Release notes

Sourced from agrc/firebase-website-deploy-composite-action's releases.

v2.0.0

2.0.0 (2026-01-27)

⚠ BREAKING CHANGES

the actions/checkout step has been removed from this action to allow for more flexibility between checkout and this action running. Migration instructions: Add checkout to the parent workflow before executing this step.

Features

display summary in github annotations (c1f864b), closes #73

remove checkout from action (8c1595b)

Documentation

update example to include checkout (5490018)

v2.0.0-rc.2

2.0.0-rc.2 (2026-01-27)

Features

display summary in github annotations (73c4190), closes #73

v2.0.0-rc.1

2.0.0-rc.1 (2026-01-26)

⚠ BREAKING CHANGES

the actions/checkout step has been removed from this action to allow for more flexibility between checkout and this action running. Migration instructions: Add checkout to the parent workflow before executing this step.

Features

remove checkout from action (76f1a57)

Documentation

update example to include checkout (e21986f)

v1.7.4

1.7.4 (2025-12-01)

Dependencies

bump actions/checkout from 5 to 6 in the ci-dependencies group (749d207)

... (truncated)

Changelog

Sourced from agrc/firebase-website-deploy-composite-action's changelog.

2.0.0 (2026-01-27)

⚠ BREAKING CHANGES

the actions/checkout step has been removed from this action to allow for more flexibility between checkout and this action running. Migration instructions: Add checkout to the parent workflow before executing this step.

Features

display summary in github annotations (c1f864b), closes #73

remove checkout from action (8c1595b)

Documentation

update example to include checkout (5490018)

2.0.0-rc.2 (2026-01-27)

Features

display summary in github annotations (73c4190), closes #73

v2.0.0-rc.1 (2026-01-26)

⚠ BREAKING CHANGES

the actions/checkout step has been removed from this action to allow for more flexibility between checkout and this action running. Migration instructions: Add checkout to the parent workflow before executing this step.

Features

remove checkout from action (76f1a57)

Documentation

update example to include checkout (e21986f)

1.7.4 (2025-12-01)

Dependencies

bump actions/checkout from 5 to 6 in the ci-dependencies group (749d207)

1.7.3 (2025-11-05)

... (truncated)

Commits

494c82f chore: release v2.0.0
b490b2f chore: release v2.0.0-rc.2
c1f864b feat: display summary in github annotations
7602ef0 chore: release v2.0.0-rc.1
5490018 docs: update example to include checkout
8c1595b feat!: remove checkout from action
823c61b Remove Bower cache step from action
See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the ci-dependencies group with 3 updates: [pnpm/action-setup](https://github.com/pnpm/action-setup), [actions/setup-java](https://github.com/actions/setup-java) and [agrc/firebase-website-deploy-composite-action](https://github.com/agrc/firebase-website-deploy-composite-action). Updates `pnpm/action-setup` from 4 to 5 - [Release notes](https://github.com/pnpm/action-setup/releases) - [Commits](pnpm/action-setup@v4...v5) Updates `actions/setup-java` from 4 to 5 - [Release notes](https://github.com/actions/setup-java/releases) - [Commits](actions/setup-java@v4...v5) Updates `agrc/firebase-website-deploy-composite-action` from 1 to 2 - [Release notes](https://github.com/agrc/firebase-website-deploy-composite-action/releases) - [Changelog](https://github.com/agrc/firebase-website-deploy-composite-action/blob/main/CHANGELOG.md) - [Commits](agrc/firebase-website-deploy-composite-action@v1...v2) --- updated-dependencies: - dependency-name: pnpm/action-setup dependency-version: '5' dependency-type: direct:production update-type: version-update:semver-major dependency-group: ci-dependencies - dependency-name: actions/setup-java dependency-version: '5' dependency-type: direct:production update-type: version-update:semver-major dependency-group: ci-dependencies - dependency-name: agrc/firebase-website-deploy-composite-action dependency-version: '2' dependency-type: direct:production update-type: version-update:semver-major dependency-group: ci-dependencies ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Apr 1, 2026

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore(deps): bump the ci-dependencies group with 3 updates#522

chore(deps): bump the ci-dependencies group with 3 updates#522
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/github_actions/ci-dependencies-16f02c10e9

dependabot bot commented on behalf of github Apr 1, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

Conversation

dependabot bot commented on behalf of github Apr 1, 2026

v5.0.0

v4.4.0

v4.3.0

What's Changed

New Contributors

v4.2.0

v4.1.0

v5.0.0

What's Changed

Breaking Changes

Dependency Upgrades

Bug Fixes

New Contributors

v4.8.0

What's Changed

v4.7.1

What's Changed

Documentation changes

Dependency updates:

v4.7.0

What's Changed

v2.0.0

2.0.0 (2026-01-27)

⚠ BREAKING CHANGES

Features

Documentation

v2.0.0-rc.2

2.0.0-rc.2 (2026-01-27)

Features

v2.0.0-rc.1

2.0.0-rc.1 (2026-01-26)

⚠ BREAKING CHANGES

Features

Documentation

v1.7.4

1.7.4 (2025-12-01)

Dependencies

2.0.0 (2026-01-27)

⚠ BREAKING CHANGES

Features

Documentation

2.0.0-rc.2 (2026-01-27)

Features

v2.0.0-rc.1 (2026-01-26)

⚠ BREAKING CHANGES

Features

Documentation

1.7.4 (2025-12-01)

Dependencies

1.7.3 (2025-11-05)

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants