Skip to content

Comments

fix(bot): bump the dependencies group across 1 directory with 5 updates#184

Open
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/github_actions/dependencies-a1bed51c78
Open

fix(bot): bump the dependencies group across 1 directory with 5 updates#184
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/github_actions/dependencies-a1bed51c78

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Feb 8, 2026
edited
Loading

Bumps the dependencies group with 5 updates in the / directory:

Package From To
actions/checkout 4 6
actions/upload-artifact 4 6
cypress-io/github-action 6 7
SonarSource/sonarqube-scan-action 6 7
actions/download-artifact 4 7

Updates actions/checkout from 4 to 6

Release notes

Sourced from actions/checkout's releases.

v6.0.0

What's Changed

Full Changelog: actions/checkout@v5.0.0...v6.0.0

v6-beta

What's Changed

Updated persist-credentials to store the credentials under $RUNNER_TEMP instead of directly in the local git config.

This requires a minimum Actions Runner version of v2.329.0 to access the persisted credentials for Docker container action scenarios.

v5.0.1

What's Changed

Full Changelog: actions/checkout@v5...v5.0.1

v5.0.0

What's Changed

⚠️ Minimum Compatible Runner Version

v2.327.1
Release Notes

Make sure your runner is updated to this version or newer to use this release.

Full Changelog: actions/checkout@v4...v5.0.0

v4.3.1

What's Changed

Full Changelog: actions/checkout@v4...v4.3.1

v4.3.0

What's Changed

... (truncated)

Changelog

Sourced from actions/checkout's changelog.

Changelog

v6.0.2

v6.0.1

v6.0.0

v5.0.1

v5.0.0

v4.3.1

v4.3.0

v4.2.2

v4.2.1

v4.2.0

v4.1.7

v4.1.6

... (truncated)

Commits

Updates actions/upload-artifact from 4 to 6

Release notes

Sourced from actions/upload-artifact's releases.

v6.0.0

v6 - What's new

[!IMPORTANT] actions/upload-artifact@v6 now runs on Node.js 24 (runs.using: node24) and requires a minimum Actions Runner version of 2.327.1. If you are using self-hosted runners, ensure they are updated before upgrading.

Node.js 24

This release updates the runtime to Node.js 24. v5 had preliminary support for Node.js 24, however this action was by default still running on Node.js 20. Now this action by default will run on Node.js 24.

What's Changed

Full Changelog: actions/upload-artifact@v5.0.0...v6.0.0

v5.0.0

What's Changed

BREAKING CHANGE: this update supports Node v24.x. This is not a breaking change per-se but we're treating it as such.

New Contributors

Full Changelog: actions/upload-artifact@v4...v5.0.0

v4.6.2

What's Changed

New Contributors

Full Changelog: actions/upload-artifact@v4...v4.6.2

v4.6.1

What's Changed

... (truncated)

Commits
  • b7c566a Merge pull request #745 from actions/upload-artifact-v6-release
  • e516bc8 docs: correct description of Node.js 24 support in README
  • ddc45ed docs: update README to correct action name for Node.js 24 support
  • 615b319 chore: release v6.0.0 for Node.js 24 support
  • 017748b Merge pull request #744 from actions/fix-storage-blob
  • 38d4c79 chore: rebuild dist
  • 7d27270 chore: add missing license cache files for @​actions/core, @​actions/io, and mi...
  • 5f643d3 chore: update license files for @​actions/artifact@​5.0.1 dependencies
  • 1df1684 chore: update package-lock.json with @​actions/artifact@​5.0.1
  • b5b1a91 fix: update @​actions/artifact to ^5.0.0 for Node.js 24 punycode fix
  • Additional commits viewable in compare view

Updates cypress-io/github-action from 6 to 7

Release notes

Sourced from cypress-io/github-action's releases.

v7.0.0

7.0.0 (2026-01-21)

Features

  • deps: update action from node20 to node24 (#1639) (dca9861)

BREAKING CHANGES

  • deps: Update action from node20 to node24 cypress-io/github-action@v6, using node20, is deprecated

v6.10.9

6.10.9 (2026-01-20)

Bug Fixes

v6.10.8

6.10.8 (2025-12-15)

Bug Fixes

v6.10.7

6.10.7 (2025-12-15)

Bug Fixes

  • deps: update GitHub actions/toolkit dependencies (#1612) (fa1d27a)

v6.10.6

6.10.6 (2025-12-12)

Bug Fixes

v6.10.5

6.10.5 (2025-12-10)

... (truncated)

Changelog

Sourced from cypress-io/github-action's changelog.

Changelog

This document gives an overview of changes to the Cypress GitHub JavaScript Action cypress-io/github-action.

See Releases for full details of changes.

Version Changes
v7.1.0 Add parameter package-manager-cache
v7.0.0 Action runs under Node.js 24 instead of Node.js 20
v6.10.0 Examples remove Node.js 23. End of support for Node.js 23.
v6.9.0 Add parameter validation for command
v6.8.0 Examples remove Node.js 18. End of support for Node.js 18.
v6.7.10 Examples updated to Cypress 14
v6.7.9 Migrate to @actions/cache@4.0.0 for continued access to GitHub Actions caching services
v6.7.0 Examples remove Node.js 21. End of support for Node.js 21.
v6.6.0 Add parameter summary-title
v6.5.0 Examples remove Node.js 16. End of support for Node.js 16.
v6.4.0 Action adds PR number and URL if available when recording
v6.3.0 v6 is recommended action version
v6.2.0 Examples updated to Cypress 13
v6.1.0 Examples for Cypress 9 archived in action's v5 branch
v6.0.0 Action runs under Node.js 20 instead of Node.js 16
v5.8.1 Examples remove Node.js 19. End of support for Node.js 19
v5.8.0 Add GitHub step output resultsUrl. Deprecate dashboardUrl.
v5.7.0 Add basic Yarn Modern Plug'n'Play support
v5.6.2 Examples add Node.js 20. End of support and removal of Node.js 14 examples.
v5.6.0 Add check for lockfile presence
v5.5.0 Examples add Yarn Modern
v5.4.0 Examples add Yarn Classic
v5.3.0 Add parameter publish-summary (default true)
v5.2.0 Examples add Node.js 19
v5.1.0 Add parameter auto-cancel-after-failures
v5.0.0 Examples add Node.js 18 and remove Node.js 12
v4.2.2 Dependency on GitHub set-output workflow command removed
v4.2.0 Support for pnpm added
v4.0.0 Support for Cypress 10 and later versions added
v3 Action runs under Node.js 16 instead of Node.js 12
v2 Cypress runs using the Module API
v1 This version is no longer runnable in GitHub due to security changes.
Commits

Updates SonarSource/sonarqube-scan-action from 6 to 7

Release notes

Sourced from SonarSource/sonarqube-scan-action's releases.

v7.0.0

What's Changed

New Contributors

Full Changelog: SonarSource/sonarqube-scan-action@v6.0.0...v7.0.0

Commits
  • a31c939 SQSCANGHA-126 Update SonarScanner CLI to 8.0.1.6346 (#218)
  • 40f5b61 SQSCANGHA-123 NO-JIRA Bump actions/setup-node from 5 to 6 (#214)
  • 9bf7c12 SQSCANGHA-122 Include caveats for running SCA (#213)
  • ba6563c Update SonarScanner CLI to 7.3.0.5189 (#212)
  • 5ffbad4 SQSCANGHA-120 Bump actions/setup-node from 4 to 5 (#211)
  • See full diff in compare view

Updates actions/download-artifact from 4 to 7

Release notes

Sourced from actions/download-artifact's releases.

v7.0.0

v7 - What's new

[!IMPORTANT] actions/download-artifact@v7 now runs on Node.js 24 (runs.using: node24) and requires a minimum Actions Runner version of 2.327.1. If you are using self-hosted runners, ensure they are updated before upgrading.

Node.js 24

This release updates the runtime to Node.js 24. v6 had preliminary support for Node 24, however this action was by default still running on Node.js 20. Now this action by default will run on Node.js 24.

What's Changed

New Contributors

Full Changelog: actions/download-artifact@v6.0.0...v7.0.0

v6.0.0

What's Changed

BREAKING CHANGE: this update supports Node v24.x. This is not a breaking change per-se but we're treating it as such.

New Contributors

Full Changelog: actions/download-artifact@v5...v6.0.0

v5.0.0

What's Changed

v5.0.0

🚨 Breaking Change

This release fixes an inconsistency in path behavior for single artifact downloads by ID. If you're downloading single artifacts by ID, the output path may change.

What Changed

... (truncated)

Commits
  • 37930b1 Merge pull request #452 from actions/download-artifact-v7-release
  • 72582b9 doc: update readme
  • 0d2ec9d chore: release v7.0.0 for Node.js 24 support
  • fd7ae8f Merge pull request #451 from actions/fix-storage-blob
  • d484700 chore: restore minimatch.dep.yml license file
  • 03a8080 chore: remove obsolete dependency license files
  • 56fe6d9 chore: update @​actions/artifact license file to 5.0.1
  • 8e3ebc4 chore: update package-lock.json with @​actions/artifact@​5.0.1
  • 1e3c4b4 fix: update @​actions/artifact to ^5.0.0 for Node.js 24 punycode fix
  • 458627d chore: use local @​actions/artifact package for Node.js 24 testing
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot dependabot bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Feb 8, 2026
@dependabot dependabot bot requested a review from a team as a code owner February 8, 2026 14:17
@dependabot dependabot bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Feb 8, 2026
@gitstream-cm
Copy link

gitstream-cm bot commented Feb 8, 2026

This PR is missing a Jira ticket reference in the title or description.
Please add a Jira ticket reference to the title or description of this PR.

@dependabot dependabot bot force-pushed the dependabot/github_actions/dependencies-a1bed51c78 branch 6 times, most recently from 2daf30c to d0f1559 Compare February 11, 2026 15:13
@dependabot
fix(bot): bump the dependencies group across 1 directory with 5 updates
abebdfb 
Bumps the dependencies group with 5 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [actions/checkout](https://github.com/actions/checkout) | `4` | `6` |
| [actions/upload-artifact](https://github.com/actions/upload-artifact) | `4` | `6` |
| [cypress-io/github-action](https://github.com/cypress-io/github-action) | `6` | `7` |
| [SonarSource/sonarqube-scan-action](https://github.com/sonarsource/sonarqube-scan-action) | `6` | `7` |
| [actions/download-artifact](https://github.com/actions/download-artifact) | `4` | `7` |



Updates `actions/checkout` from 4 to 6
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](actions/checkout@v4...v6)

Updates `actions/upload-artifact` from 4 to 6
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](actions/upload-artifact@v4...v6)

Updates `cypress-io/github-action` from 6 to 7
- [Release notes](https://github.com/cypress-io/github-action/releases)
- [Changelog](https://github.com/cypress-io/github-action/blob/master/CHANGELOG.md)
- [Commits](cypress-io/github-action@v6...v7)

Updates `SonarSource/sonarqube-scan-action` from 6 to 7
- [Release notes](https://github.com/sonarsource/sonarqube-scan-action/releases)
- [Commits](SonarSource/sonarqube-scan-action@v6...v7)

Updates `actions/download-artifact` from 4 to 7
- [Release notes](https://github.com/actions/download-artifact/releases)
- [Commits](actions/download-artifact@v4...v7)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-version: '6'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: dependencies
- dependency-name: actions/upload-artifact
  dependency-version: '6'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: dependencies
- dependency-name: cypress-io/github-action
  dependency-version: '7'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: dependencies
- dependency-name: SonarSource/sonarqube-scan-action
  dependency-version: '7'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: dependencies
- dependency-name: actions/download-artifact
  dependency-version: '7'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot force-pushed the dependabot/github_actions/dependencies-a1bed51c78 branch from d0f1559 to abebdfb Compare February 11, 2026 15:19
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

10 min review dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code missing-jira

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants