Skip to content

chore(deps): update github-actions #390

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
renovate wants to merge 1 commit into
base: main
Choose a base branch
from
Open

chore(deps): update github-actions #390

renovate wants to merge 1 commit into from
+16 −16

Conversation

@renovate
Copy link
Contributor

@renovate renovate bot commented Feb 9, 2026
edited
Loading

This PR contains the following updates:

Package Type Update Change
actions/checkout action patch v6.0.1v6.0.2
docker/login-action (changelog) action digest 5e57cd1c94ce9f
dtolnay/rust-toolchain action digest 4be9e76f7ccc83
github/codeql-action action minor v4.31.9v4.32.2
taiki-e/install-action action digest b49dc18d4422f2

Warning

Some dependencies could not be looked up. Check the Dependency Dashboard for more information.

Release Notes

actions/checkout (actions/checkout)

v6.0.2

Compare Source

github/codeql-action (github/codeql-action)

v4.32.2

Compare Source

v4.32.1

Compare Source

  • A warning is now shown in Default Setup workflow logs if a private package registry is configured using a GitHub Personal Access Token (PAT), but no username is configured. #​3422
  • Fixed a bug which caused the CodeQL Action to fail when repository properties cannot successfully be retrieved. #​3421

v4.32.0

Compare Source

v4.31.11

Compare Source

  • When running a Default Setup workflow with Actions debugging enabled, the CodeQL Action will now use more unique names when uploading logs from the Dependabot authentication proxy as workflow artifacts. This ensures that the artifact names do not clash between multiple jobs in a build matrix. #​3409
  • Improved error handling throughout the CodeQL Action. #​3415
  • Added experimental support for automatically excluding generated files from the analysis. This feature is not currently enabled for any analysis. In the future, it may be enabled by default for some GitHub-managed analyses. #​3318
  • The changelog extracts that are included with releases of the CodeQL Action are now shorter to avoid duplicated information from appearing in Dependabot PRs. #​3403

v4.31.10

Compare Source

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

4.31.10 - 12 Jan 2026
  • Update default CodeQL bundle version to 2.23.9. #​3393

See the full CHANGELOG.md for more information.

Configuration

📅 Schedule: Branch creation - Between 12:00 AM and 03:59 AM, only on Monday ( * 0-3 * * 1 ) (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate renovate bot added the dependencies Pull requests that update a dependency file label Feb 9, 2026
@github-actions
Copy link
Contributor

github-actions bot commented Feb 9, 2026
edited
Loading

Omen Analysis

Diff Risk
Risk Score 26%
Risk Level LOW
Files Modified 3
Lines Added +16
Lines Deleted -16
Commits 2
Risk Factors
Factor Score
file_churn 0.1
entropy 0.0655
num_files 0.016
commits 0.0140
lines_added 0.0064
lines_deleted 0.0064
ownership_diffusion 0.0059
file_complexity 0
Recommendations
  • Touches historically volatile files - changes here often introduce bugs

Repository Health
Health Score 77.24020756590306 / 100
Grade C
Files Analyzed 101
Critical Issues 1
Score Components
Component Score Weight
complexity 92 1
duplication 42 0.8
cohesion 94.2 0.6
tdg 81.9 0.6
coupling 53.1 0.4
satd 91.1 0.4
smells 100 0.2
Tips for AI agents

Use these commands to investigate and improve low-scoring areas.

Run full analysis:

omen -f json score    # health score with component breakdown
omen -f json diff     # PR risk analysis
omen hotspot          # high-churn + high-complexity files

Coupling (score: 53.110891089108904) -- needs attention

omen graph && omen smells

Break cyclic dependencies by introducing interfaces or extracting shared types. Reduce fan-out from hub modules by splitting responsibilities.

Duplication (score: 42.047601744186046) -- needs attention

omen clones

Look for Type-1 (exact) and Type-2 (renamed) clones. Extract shared logic into reusable functions or modules. Prioritize clones in high-churn files.

General workflow for improving scores:

  1. Run the relevant analyzer command to identify specific files
  2. Focus on the highest-weight components first (complexity 25%, duplication 20%, cohesion 15%, TDG 15%)
  3. Make targeted improvements -- small refactors that reduce complexity or eliminate duplication
  4. Re-run omen score to verify improvement

@renovate renovate bot force-pushed the renovate/github-actions branch from a6bc446 to 863e289 Compare February 9, 2026 05:42
@panbanda panbanda mentioned this pull request Feb 9, 2026
Merged
5 tasks
@renovate renovate bot force-pushed the renovate/github-actions branch 4 times, most recently from 11f1aa2 to 0a5c92b Compare February 10, 2026 21:47
@renovate renovate bot force-pushed the renovate/github-actions branch from 0a5c92b to 855b28a Compare February 11, 2026 04:56
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file risk: low

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants