Skip to content

chore(deps): bump the github-actions group with 3 updates #97

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
dependabot wants to merge 1 commit into from
Closed

chore(deps): bump the github-actions group with 3 updates #97

dependabot wants to merge 1 commit into from

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Aug 6, 2025
edited
Loading

Bumps the github-actions group with 3 updates: docker/metadata-action, docker/login-action and marocchino/sticky-pull-request-comment.

Updates docker/metadata-action from 5.7.0 to 5.8.0

Release notes

Sourced from docker/metadata-action's releases.

v5.8.0

Full Changelog: docker/metadata-action@v5.7.0...v5.8.0

Commits
  • c1e5197 Merge pull request #537 from crazy-max/pep440-match
  • 89dd65a chore: update generated content
  • 699ee45 allow to match part of the git tag or value for pep440 type
  • e0542a6 Merge pull request #536 from crazy-max/semver-match
  • b7facdf chore: update generated content
  • 81c60df allow to match part of the git tag or value for semver type
  • de11195 Merge pull request #535 from crazy-max/not_def_branch
  • 2f9c64b Merge pull request #533 from docker/dependabot/npm_and_yarn/form-data-2.5.5
  • 510f746 chore: update generated content
  • 2bc3f4e is_not_default_branch global expression
  • Additional commits viewable in compare view

Updates docker/login-action from 3.4.0 to 3.5.0

Release notes

Sourced from docker/login-action's releases.

v3.5.0

Full Changelog: docker/login-action@v3.4.0...v3.5.0

Commits
  • 184bdaa Merge pull request #878 from docker/dependabot/npm_and_yarn/aws-sdk-dependenc...
  • 5c6bc94 chore: update generated content
  • caf4058 build(deps): bump the aws-sdk-dependencies group with 2 updates
  • ef38ec3 Merge pull request #860 from docker/dependabot/npm_and_yarn/aws-sdk-dependenc...
  • d52e8ef chore: update generated content
  • 9644ab7 build(deps): bump the aws-sdk-dependencies group with 2 updates
  • 7abd1d5 Merge pull request #875 from docker/dependabot/npm_and_yarn/form-data-2.5.5
  • 1a81202 Merge pull request #876 from crazy-max/aws-public-dual-stack
  • d1ab30d chore: update generated content
  • f25ff28 support dual-stack for aws public ecr
  • Additional commits viewable in compare view

Updates marocchino/sticky-pull-request-comment from 2.9.3 to 2.9.4

Release notes

Sourced from marocchino/sticky-pull-request-comment's releases.

v2.9.4

What's Changed

Full Changelog: marocchino/sticky-pull-request-comment@v2.9.3...v2.9.4

Commits
  • 7737449 📦️ Build
  • 8b423c6 Merge pull request #1564 from marocchino/dependabot/npm_and_yarn/types/node-2...
  • 3ac8a74 build(deps-dev): Bump @​types/node from 24.0.12 to 24.0.13
  • e430cfc Merge pull request #1563 from marocchino/dependabot/npm_and_yarn/types/node-2...
  • 99f9378 build(deps-dev): Bump @​types/node from 24.0.11 to 24.0.12
  • 2216b3a Merge pull request #1562 from marocchino/dependabot/npm_and_yarn/biomejs/biom...
  • 482d7fd build(deps-dev): Bump @​biomejs/biome from 2.0.4 to 2.1.1
  • c2da581 Merge pull request #1561 from marocchino/dependabot/npm_and_yarn/types/node-2...
  • 76f8462 build(deps-dev): Bump @​types/node from 24.0.3 to 24.0.11
  • 246151a ⬆️ Update biome
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
chore(deps): bump the github-actions group with 3 updates
7621950 
Bumps the github-actions group with 3 updates: [docker/metadata-action](https://github.com/docker/metadata-action), [docker/login-action](https://github.com/docker/login-action) and [marocchino/sticky-pull-request-comment](https://github.com/marocchino/sticky-pull-request-comment).


Updates `docker/metadata-action` from 5.7.0 to 5.8.0
- [Release notes](https://github.com/docker/metadata-action/releases)
- [Commits](docker/metadata-action@902fa8e...c1e5197)

Updates `docker/login-action` from 3.4.0 to 3.5.0
- [Release notes](https://github.com/docker/login-action/releases)
- [Commits](docker/login-action@74a5d14...184bdaa)

Updates `marocchino/sticky-pull-request-comment` from 2.9.3 to 2.9.4
- [Release notes](https://github.com/marocchino/sticky-pull-request-comment/releases)
- [Commits](marocchino/sticky-pull-request-comment@d2ad0de...7737449)

---
updated-dependencies:
- dependency-name: docker/metadata-action
  dependency-version: 5.8.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions
- dependency-name: docker/login-action
  dependency-version: 3.5.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions
- dependency-name: marocchino/sticky-pull-request-comment
  dependency-version: 2.9.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot requested a review from EkelmansPh as a code owner August 6, 2025 05:14
@dependabot dependabot bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Aug 6, 2025
@github-actions
Copy link
Contributor

github-actions bot commented Aug 6, 2025

🦙 MegaLinter status: ⚠️ WARNING

Descriptor Linter Files Fixed Errors Warnings Elapsed time
✅ ACTION actionlint 5 0 0 0.42s
✅ DOCKERFILE hadolint 1 0 0 0.27s
✅ JSON prettier 6 1 0 0 0.66s
✅ JSON v8r 6 0 0 3.86s
⚠️ MARKDOWN markdownlint 8 1 3 0 0.76s
⚠️ MARKDOWN markdown-link-check 8 7 0 4.13s
✅ MARKDOWN markdown-table-formatter 8 1 0 0 0.31s
⚠️ REPOSITORY checkov yes no 1 14.56s
✅ REPOSITORY git_diff yes no no 0.09s
✅ REPOSITORY grype yes no no 23.87s
✅ REPOSITORY secretlint yes no no 1.26s
✅ REPOSITORY syft yes no no 1.04s
✅ REPOSITORY trivy yes no no 6.97s
✅ REPOSITORY trivy-sbom yes no no 0.21s
✅ REPOSITORY trufflehog yes no no 2.23s
⚠️ SPELL lychee 38 10 0 1.47s
✅ YAML prettier 9 0 0 0 0.6s
✅ YAML v8r 9 0 0 4.37s
✅ YAML yamllint 9 0 0 0.4s

See detailed report in MegaLinter reports

MegaLinter is graciously provided by OX Security

@dependabot @github
Copy link
Contributor Author

dependabot bot commented on behalf of github Aug 8, 2025

Looks like these dependencies are updatable in another way, so this is no longer needed.

@dependabot dependabot bot closed this Aug 8, 2025
@dependabot dependabot bot deleted the dependabot/github_actions/github-actions-ae5f54b79f branch August 8, 2025 04:58
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@EkelmansPh EkelmansPh Awaiting requested review from EkelmansPh EkelmansPh is a code owner

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant