chore(deps): update github-actions#479
Conversation
|
The latest updates on your projects. Learn more about Vercel for GitHub.
|
dd3be19 to
f7576f7
Compare
f7576f7 to
427b140
Compare
427b140 to
49f9f82
Compare
49f9f82 to
c559a6e
Compare
c559a6e to
c1c407f
Compare
|
No actionable comments were generated in the recent review. 🎉 ℹ️ Recent review info⚙️ Run configurationConfiguration used: Path: .coderabbit.yaml Review profile: CHILL Plan: Pro Plus Run ID: 📒 Files selected for processing (9)
📝 WalkthroughWalkthroughChangesUpdates pinned GitHub Actions commit SHAs across CI/CD workflow files: Related PRs: none identified. Suggested labels: dependencies, ci, github-actions Suggested reviewers: none identified. No source code logic reviewed here—just SHA bumps. Verify each new SHA actually resolves to the claimed tag before merge; a mismatched SHA-to-tag comment is a silent supply-chain risk, not a typo. Confirm output SHA matches the pinned hash in every file before approving. 🚥 Pre-merge checks | ✅ 2✅ Passed checks (2 passed)
✨ Finishing Touches📝 Generate docstrings
🧪 Generate unit tests (beta)
Comment |
Edited/Blocked NotificationRenovate will not automatically rebase this PR, because it does not recognize the last commit author and assumes somebody else may have edited the PR. You can manually request rebase by checking the rebase/retry box above. |
This PR contains the following updates:
v5.0.4→v5.0.5v5.1.0v6.0.2→v6.0.3v2.16.2→v2.16.3v4.36.0→v4.36.2v4.36.3v3.1.0→v3.1.1v2.2.0→v2.2.1v0.5.6→v0.5.7Release Notes
actions/cache (actions/cache)
v5.0.5Compare Source
What's Changed
Full Changelog: actions/cache@v5...v5.0.5
actions/checkout (actions/checkout)
v6.0.3Compare Source
crowdin/github-action (crowdin/github-action)
v2.16.3Compare Source
What's Changed
Full Changelog: crowdin/github-action@v2.16.2...v2.16.3
github/codeql-action (github/codeql-action)
v4.36.2Compare Source
v4.36.1Compare Source
No user facing changes.
projectdiscovery/nuclei-action (projectdiscovery/nuclei-action)
v3.1.1Compare Source
qltysh/qlty-action (qltysh/qlty-action)
v2.2.1Compare Source
zizmorcore/zizmor-action (zizmorcore/zizmor-action)
v0.5.7Compare Source
1.26.1 is now available via the action
1.26.1 is now the default version of zizmor used by the action
Configuration
📅 Schedule: (in timezone America/New_York)
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.
👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.
This PR was generated by Mend Renovate. View the repository job log.
🔒 Security
actions/cachev5.0.4→v5.0.5actions/checkoutv6.0.2→v6.0.3crowdin/github-actionv2.16.2→v2.16.3github/codeql-actionv4.36.0→v4.36.2projectdiscovery/nuclei-actionv3.1.0→v3.1.1qltysh/qlty-actionv2.2.0→v2.2.1zizmorcore/zizmor-actionv0.5.6→v0.5.7🔧 Changed
.github/tests/crowdin-workflow.test.tswith the new immutable Crowdin action pin..github/tests/github-action-pins.tswith the new cachedactions/cacheandactions/checkoutSHAs.🐛 Fixed
Kept workflow self-tests in sync with Renovate-driven action pin updates.
Verify the updated pinned SHAs still match the intended immutable releases in all workflows.
Confirm no additional workflow files still reference the old action versions.
Ensure the CodeQL/Crowdin/Nuclei/Zizmor updates do not require any follow-up config changes.