chore(deps): bump the github-actions group across 1 directory with 2 updates#306
chore(deps): bump the github-actions group across 1 directory with 2 updates#306dependabot[bot] wants to merge 1 commit into
Conversation
3b5c180 to
79c2135
Compare
79c2135 to
c496263
Compare
Code Review — PR #306 (bump github-actions group)Verdict: Approve with comments — no blockers. The Verified safe
Non-blocking hygiene
⚠ Cross-cutting (not this PR, but gates this PR)The |
2a76397 to
62ef170
Compare
|
Auto-merge refusé : bump semver-major. Validation manuelle requise (e2e / boot de l'artefact), puis merge à la main. |
|
ℹ️ The Result:
|
|
@dependabot recreate |
…updates Bumps the github-actions group with 2 updates in the / directory: [actions/checkout](https://github.com/actions/checkout) and [actions/setup-python](https://github.com/actions/setup-python). Updates `actions/checkout` from 6 to 7 - [Release notes](https://github.com/actions/checkout/releases) - [Commits](actions/checkout@v6...v7) Updates `actions/setup-python` from 6.2.0 to 6.3.0 - [Release notes](https://github.com/actions/setup-python/releases) - [Commits](actions/setup-python@a309ff8...ece7cb0) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: 7.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: actions/setup-python dependency-version: 6.3.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions ... Signed-off-by: dependabot[bot] <support@github.com>
62ef170 to
f4f7854
Compare
|
ℹ️ The No action needed here and nothing is at risk: the semver-major auto-merge guard is verified working, so this PR cannot auto-merge while it contains a major. Leaving it open rather than closing it — closing a Dependabot PR suppresses re-proposal of that version, which would also drop the safe bumps. |
|
Looks like these dependencies are updatable in another way, so this is no longer needed. |
Bumps the github-actions group with 2 updates in the / directory: actions/checkout and actions/setup-python.
Updates
actions/checkoutfrom 6 to 7Release notes
Sourced from actions/checkout's releases.
Commits
9c091bbupdate error wording (#2467)1044a6dgetting ready for checkout v7 release (#2464)f028218Bump the minor-npm-dependencies group across 1 directory with 3 updates (#2462)d914b26upgrade module to esm and update dependencies (#2463)537c7efBump@actions/coreand@actions/tool-cacheand Remove uuid (#2459)130a169Bump js-yaml from 4.1.0 to 4.2.0 (#2461)7d09575Bump flatted from 3.3.1 to 3.4.2 (#2460)0f9f3aaBump actions/publish-immutable-action (#2458)f9e715ablock checking out fork pr for pull_request_target and workflow_run (#2454)Updates
actions/setup-pythonfrom 6.2.0 to 6.3.0Release notes
Sourced from actions/setup-python's releases.
Commits
ece7cb0Fix pip cache error handling on Windows. (#1040)1d18d7aUpdate advanced-usage.md (#811)d2b357aUpdate dependency versions and test workflow configuration (#1322)8f639b1Merge pull request #1324 from jasongin/update-actions-cache-5.1.06731c2bResolve high-severity audit issues0cb1a84Add RHEL support and include Linux distro in cache keys (#1323)dc6eab6Update dist6f4b74bStrict equalityfa8bde1Bump@actions/cacheto 5.1.0, log cache write deniedc8813baUpgrade@actionsdependencies and update licenses (#1303)