From 8cf1acac2e43e3bf8dfffa71e81f4d5734792319 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Sun, 1 Feb 2026 15:56:09 +0000 Subject: [PATCH] build(deps): bump the gh-actions group across 1 directory with 7 updates Bumps the gh-actions group with 7 updates in the / directory: | Package | From | To | | --- | --- | --- | | [actions/checkout](https://github.com/actions/checkout) | `4.3.0` | `6.0.1` | | [github/codeql-action](https://github.com/github/codeql-action) | `3.30.5` | `4.31.9` | | [actions/setup-node](https://github.com/actions/setup-node) | `4.4.0` | `6.1.0` | | [wagoid/commitlint-github-action](https://github.com/wagoid/commitlint-github-action) | `5.5.1` | `6.2.1` | | [nrwl/nx-set-shas](https://github.com/nrwl/nx-set-shas) | `4.3.3` | `4.4.0` | | [actions/cache](https://github.com/actions/cache) | `4.3.0` | `5.0.1` | | [actions/github-script](https://github.com/actions/github-script) | `7.1.0` | `8.0.0` | Updates `actions/checkout` from 4.3.0 to 6.0.1 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](https://github.com/actions/checkout/compare/08eba0b27e820071cde6df949e0beb9ba4906955...8e8c483db84b4bee98b60c0593521ed34d9990e8) Updates `github/codeql-action` from 3.30.5 to 4.31.9 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](https://github.com/github/codeql-action/compare/3599b3baa15b485a2e49ef411a7a4bb2452e7f93...5d4e8d1aca955e8d8589aabd499c5cae939e33c7) Updates `actions/setup-node` from 4.4.0 to 6.1.0 - [Release notes](https://github.com/actions/setup-node/releases) - [Commits](https://github.com/actions/setup-node/compare/49933ea5288caeca8642d1e84afbd3f7d6820020...395ad3262231945c25e8478fd5baf05154b1d79f) Updates `wagoid/commitlint-github-action` from 5.5.1 to 6.2.1 - [Changelog](https://github.com/wagoid/commitlint-github-action/blob/master/CHANGELOG.md) - [Commits](https://github.com/wagoid/commitlint-github-action/compare/9763196e10f27aef304c9b8b660d31d97fce0f99...b948419dd99f3fd78a6548d48f94e3df7f6bf3ed) Updates `nrwl/nx-set-shas` from 4.3.3 to 4.4.0 - [Release notes](https://github.com/nrwl/nx-set-shas/releases) - [Commits](https://github.com/nrwl/nx-set-shas/compare/826660b82addbef3abff5fa871492ebad618c9e1...3e9ad7370203c1e93d109be57f3b72eb0eb511b1) Updates `actions/cache` from 4.3.0 to 5.0.1 - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](https://github.com/actions/cache/compare/0057852bfaa89a56745cba8c7296529d2fc39830...9255dc7a253b0ccc959486e2bca901246202afeb) Updates `actions/github-script` from 7.1.0 to 8.0.0 - [Release notes](https://github.com/actions/github-script/releases) - [Commits](https://github.com/actions/github-script/compare/f28e40c7f34bde8b3046d885e986cb6290c5673b...ed597411d8f924073f98dfc5c65a23a2325f34cd) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: 6.0.1 dependency-type: direct:production update-type: version-update:semver-major dependency-group: gh-actions - dependency-name: github/codeql-action dependency-version: 4.31.9 dependency-type: direct:production update-type: version-update:semver-major dependency-group: gh-actions - dependency-name: actions/setup-node dependency-version: 6.1.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: gh-actions - dependency-name: wagoid/commitlint-github-action dependency-version: 6.2.1 dependency-type: direct:production update-type: version-update:semver-major dependency-group: gh-actions - dependency-name: nrwl/nx-set-shas dependency-version: 4.4.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: gh-actions - dependency-name: actions/cache dependency-version: 5.0.1 dependency-type: direct:production update-type: version-update:semver-major dependency-group: gh-actions - dependency-name: actions/github-script dependency-version: 8.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: gh-actions ... Signed-off-by: dependabot[bot] --- .github/workflows/codeql-analysis.yml | 8 ++++---- .github/workflows/commitlint.yml | 6 +++--- .github/workflows/deploy.yml | 20 ++++++++++---------- .github/workflows/pr-build.yml | 8 ++++---- .github/workflows/preview.yml | 12 ++++++------ .github/workflows/repo-metrics.yml | 2 +- 6 files changed, 28 insertions(+), 28 deletions(-) diff --git a/.github/workflows/codeql-analysis.yml b/.github/workflows/codeql-analysis.yml index 6cffb28e2..751dd429a 100644 --- a/.github/workflows/codeql-analysis.yml +++ b/.github/workflows/codeql-analysis.yml @@ -39,11 +39,11 @@ jobs: steps: - name: Checkout repository - uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 # Initializes the CodeQL tools for scanning. - name: Initialize CodeQL - uses: github/codeql-action/init@3599b3baa15b485a2e49ef411a7a4bb2452e7f93 # v3.30.5 + uses: github/codeql-action/init@b20883b0cd1f46c72ae0ba6d1090936928f9fa30 # v4.32.0 with: languages: ${{ matrix.language }} # If you wish to specify custom queries, you can do so here or in a config file. @@ -54,7 +54,7 @@ jobs: # Autobuild attempts to build any compiled languages (C/C++, C#, or Java). # If this step fails, then you should remove it and run the build manually (see below) - name: Autobuild - uses: github/codeql-action/autobuild@3599b3baa15b485a2e49ef411a7a4bb2452e7f93 # v3.30.5 + uses: github/codeql-action/autobuild@b20883b0cd1f46c72ae0ba6d1090936928f9fa30 # v4.32.0 # ℹī¸ Command-line programs to run using the OS shell. # 📚 https://git.io/JvXDl @@ -68,4 +68,4 @@ jobs: # make release - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@3599b3baa15b485a2e49ef411a7a4bb2452e7f93 # v3.30.5 + uses: github/codeql-action/analyze@b20883b0cd1f46c72ae0ba6d1090936928f9fa30 # v4.32.0 diff --git a/.github/workflows/commitlint.yml b/.github/workflows/commitlint.yml index ba2fae3a2..9e05171c2 100644 --- a/.github/workflows/commitlint.yml +++ b/.github/workflows/commitlint.yml @@ -6,16 +6,16 @@ jobs: if: github.actor != 'dependabot[bot]' runs-on: ubuntu-latest steps: - - uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: fetch-depth: 0 - - uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0 + - uses: actions/setup-node@6044e13b5dc448c55e2357c09f80417699197238 # v6.2.0 with: node-version: '24' - run: yarn install --immutable - - uses: wagoid/commitlint-github-action@9763196e10f27aef304c9b8b660d31d97fce0f99 # v5.5.1 + - uses: wagoid/commitlint-github-action@b948419dd99f3fd78a6548d48f94e3df7f6bf3ed # v6.2.1 env: NODE_PATH: ${{ github.workspace }}/node_modules diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml index 58d1de9eb..5a53f69e5 100644 --- a/.github/workflows/deploy.yml +++ b/.github/workflows/deploy.yml @@ -15,16 +15,16 @@ jobs: actions: read steps: - name: Checkout Code - uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: fetch-depth: 0 ref: 'main' - name: Derive appropriate SHAs for base and head for `nx affected` commands - uses: nrwl/nx-set-shas@826660b82addbef3abff5fa871492ebad618c9e1 # v4.3.3 + uses: nrwl/nx-set-shas@3e9ad7370203c1e93d109be57f3b72eb0eb511b1 # v4.4.0 - name: Set Node Version - uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0 + uses: actions/setup-node@6044e13b5dc448c55e2357c09f80417699197238 # v6.2.0 with: node-version: 24 @@ -34,7 +34,7 @@ jobs: echo "dir=$(yarn config get cacheFolder)" >> $GITHUB_OUTPUT - name: Restore yarn cache - uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0 + uses: actions/cache@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # v5.0.3 id: yarn-cache with: path: ${{ steps.yarn-cache-dir-path.outputs.dir }} @@ -63,17 +63,17 @@ jobs: id-token: write steps: - name: Checkout Code - uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: token: ${{ secrets.GITHUB_TOKEN }} fetch-depth: 0 ref: 'main' - name: Derive appropriate SHAs for base and head for `nx affected` commands - uses: nrwl/nx-set-shas@826660b82addbef3abff5fa871492ebad618c9e1 # v4.3.3 + uses: nrwl/nx-set-shas@3e9ad7370203c1e93d109be57f3b72eb0eb511b1 # v4.4.0 - name: Set Node Version - uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0 + uses: actions/setup-node@6044e13b5dc448c55e2357c09f80417699197238 # v6.2.0 with: node-version: 24 @@ -86,7 +86,7 @@ jobs: echo "dir=$(yarn config get cacheFolder)" >> $GITHUB_OUTPUT - name: Restore yarn cache - uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0 + uses: actions/cache@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # v5.0.3 id: yarn-cache with: path: ${{ steps.yarn-cache-dir-path.outputs.dir }} @@ -150,13 +150,13 @@ jobs: permissions: contents: write steps: - - uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0 + - uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: fetch-depth: 0 ref: ${{ github.sha }} - name: Set Node Version - uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0 + uses: actions/setup-node@6044e13b5dc448c55e2357c09f80417699197238 # v6.2.0 with: node-version: 24 cache: 'yarn' diff --git a/.github/workflows/pr-build.yml b/.github/workflows/pr-build.yml index 4ba8153f5..ca95de06c 100644 --- a/.github/workflows/pr-build.yml +++ b/.github/workflows/pr-build.yml @@ -26,15 +26,15 @@ jobs: steps: - name: Checkout Code - uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: fetch-depth: 0 - name: Derive appropriate SHAs for base and head for `nx affected` commands - uses: nrwl/nx-set-shas@826660b82addbef3abff5fa871492ebad618c9e1 # v4.3.3 + uses: nrwl/nx-set-shas@3e9ad7370203c1e93d109be57f3b72eb0eb511b1 # v4.4.0 - name: Set Node Version - uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0 + uses: actions/setup-node@6044e13b5dc448c55e2357c09f80417699197238 # v6.2.0 with: node-version: ${{ matrix.node }} @@ -43,7 +43,7 @@ jobs: run: echo "dir=$(yarn config get cacheFolder)" >> $GITHUB_OUTPUT - name: Restore yarn cache - uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0 + uses: actions/cache@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # v5.0.3 id: yarn-cache with: path: ${{ steps.yarn-cache-dir-path.outputs.dir }} diff --git a/.github/workflows/preview.yml b/.github/workflows/preview.yml index 40b95c858..c2714f7e8 100644 --- a/.github/workflows/preview.yml +++ b/.github/workflows/preview.yml @@ -21,15 +21,15 @@ jobs: runs-on: ubuntu-latest steps: - name: Checkout Code - uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: fetch-depth: 0 - name: Derive appropriate SHAs for base and head for `nx affected` commands - uses: nrwl/nx-set-shas@826660b82addbef3abff5fa871492ebad618c9e1 # v4.3.3 + uses: nrwl/nx-set-shas@3e9ad7370203c1e93d109be57f3b72eb0eb511b1 # v4.4.0 - name: Set Node Version - uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0 + uses: actions/setup-node@6044e13b5dc448c55e2357c09f80417699197238 # v6.2.0 with: node-version: 24 @@ -39,7 +39,7 @@ jobs: echo "dir=$(yarn config get cacheFolder)" >> $GITHUB_OUTPUT - name: Restore yarn cache - uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0 + uses: actions/cache@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # v5.0.3 id: yarn-cache with: path: ${{ steps.yarn-cache-dir-path.outputs.dir }} @@ -66,7 +66,7 @@ jobs: enable_jekyll: false - name: Comment PR - uses: actions/github-script@f28e40c7f34bde8b3046d885e986cb6290c5673b # v7.1.0 + uses: actions/github-script@ed597411d8f924073f98dfc5c65a23a2325f34cd # v8.0.0 with: script: | github.rest.issues.createComment({ @@ -82,7 +82,7 @@ jobs: contents: write steps: - name: Checkout gh-pages - uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: ref: gh-pages diff --git a/.github/workflows/repo-metrics.yml b/.github/workflows/repo-metrics.yml index 50ae12c0b..720709019 100644 --- a/.github/workflows/repo-metrics.yml +++ b/.github/workflows/repo-metrics.yml @@ -12,7 +12,7 @@ jobs: REPO: ${{ github.event.repository.name }} steps: - name: Check out the repository to the runner - uses: actions/checkout@08eba0b27e820071cde6df949e0beb9ba4906955 # v4.3.0 + uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2 with: fetch-depth: 0 - name: Install Dependencies