Bump the version-updates group with 7 updates by dependabot[bot] · Pull Request #351 · fish-shop/install-plugin-manager

dependabot · 2026-03-27T18:02:52Z

Bumps the version-updates group with 7 updates:

Package	From	To
fish-shop/workflows/.github/workflows/codeql-analysis.yml	`1.13.50`	`1.14.0`
fish-shop/workflows/.github/workflows/dependency-review.yml	`1.13.50`	`1.14.0`
fish-shop/workflows/.github/workflows/gitleaks.yml	`1.13.50`	`1.14.0`
fish-shop/workflows/.github/workflows/markdown-links.yml	`1.13.50`	`1.14.0`
fish-shop/workflows/.github/workflows/openssf-scorecard.yml	`1.13.50`	`1.14.0`
fish-shop/workflows/.github/workflows/release-tags.yml	`1.13.50`	`1.14.0`
fish-shop/install-fish-shell	`2.1.6`	`2.1.7`

Updates fish-shop/workflows/.github/workflows/codeql-analysis.yml from 1.13.50 to 1.14.0

Release notes

Sourced from fish-shop/workflows/.github/workflows/codeql-analysis.yml's releases.

v1.14.0

What's Changed

Enforce egress filtering in release tags reusable workflow by @marcransome in fish-shop/workflows#177

Enforce egress filtering in OpenSSF Scorecard reusable workflow by @marcransome in fish-shop/workflows#178

Enforce egress filtering in CodeQL reusable workflow by @marcransome in fish-shop/workflows#179

Enforce egress filtering in dependency review reusable workflow by @marcransome in fish-shop/workflows#180

Enforce egress filtering in gitleaks reusable workflow by @marcransome in fish-shop/workflows#181

Update README.md by @marcransome in fish-shop/workflows#182

Full Changelog: fish-shop/workflows@v1.13.51...v1.14.0

v1.13.51

What's Changed

Bump github/codeql-action from 4.34.1 to 4.35.0 in the version-updates group by @dependabot[bot] in fish-shop/workflows#174

Bump github/codeql-action from 4.35.0 to 4.35.1 in the version-updates group by @dependabot[bot] in fish-shop/workflows#175

Enforce egress filtering in release tags workflow by @marcransome in fish-shop/workflows#176

Full Changelog: fish-shop/workflows@v1.13.50...v1.13.51

Commits

8ef6869 Merge pull request #182 from fish-shop/update-readme
0f6a310 Update README.md
aef7718 Merge pull request #181 from fish-shop/gitleaks-egress-filtering-workflow
8aa0092 Enforce egress filtering in gitleaks reusable workflow
8316799 Merge pull request #180 from fish-shop/dependency-review-egress-filtering-wor...
19f736f Enforce egress filtering in dependency review reusable workflow
91b85aa Merge pull request #179 from fish-shop/codeql-egress-filtering-workflow
8ff283f Enforce egress filtering in CodeQL reusable workflow
3537197 Merge pull request #178 from fish-shop/openssf-scorecard-egress-filtering-wor...
c788835 Enforce egress filtering in OpenSSF Scorecard reusable workflow
Additional commits viewable in compare view

Updates fish-shop/workflows/.github/workflows/dependency-review.yml from 1.13.50 to 1.14.0

Release notes

Sourced from fish-shop/workflows/.github/workflows/dependency-review.yml's releases.

v1.14.0

What's Changed

Enforce egress filtering in release tags reusable workflow by @marcransome in fish-shop/workflows#177

Enforce egress filtering in OpenSSF Scorecard reusable workflow by @marcransome in fish-shop/workflows#178

Enforce egress filtering in CodeQL reusable workflow by @marcransome in fish-shop/workflows#179

Enforce egress filtering in dependency review reusable workflow by @marcransome in fish-shop/workflows#180

Enforce egress filtering in gitleaks reusable workflow by @marcransome in fish-shop/workflows#181

Update README.md by @marcransome in fish-shop/workflows#182

Full Changelog: fish-shop/workflows@v1.13.51...v1.14.0

v1.13.51

What's Changed

Bump github/codeql-action from 4.34.1 to 4.35.0 in the version-updates group by @dependabot[bot] in fish-shop/workflows#174

Bump github/codeql-action from 4.35.0 to 4.35.1 in the version-updates group by @dependabot[bot] in fish-shop/workflows#175

Enforce egress filtering in release tags workflow by @marcransome in fish-shop/workflows#176

Full Changelog: fish-shop/workflows@v1.13.50...v1.13.51

Commits

8ef6869 Merge pull request #182 from fish-shop/update-readme
0f6a310 Update README.md
aef7718 Merge pull request #181 from fish-shop/gitleaks-egress-filtering-workflow
8aa0092 Enforce egress filtering in gitleaks reusable workflow
8316799 Merge pull request #180 from fish-shop/dependency-review-egress-filtering-wor...
19f736f Enforce egress filtering in dependency review reusable workflow
91b85aa Merge pull request #179 from fish-shop/codeql-egress-filtering-workflow
8ff283f Enforce egress filtering in CodeQL reusable workflow
3537197 Merge pull request #178 from fish-shop/openssf-scorecard-egress-filtering-wor...
c788835 Enforce egress filtering in OpenSSF Scorecard reusable workflow
Additional commits viewable in compare view

Updates fish-shop/workflows/.github/workflows/gitleaks.yml from 1.13.50 to 1.14.0

Release notes

Sourced from fish-shop/workflows/.github/workflows/gitleaks.yml's releases.

v1.14.0

What's Changed

Enforce egress filtering in release tags reusable workflow by @marcransome in fish-shop/workflows#177

Enforce egress filtering in OpenSSF Scorecard reusable workflow by @marcransome in fish-shop/workflows#178

Enforce egress filtering in CodeQL reusable workflow by @marcransome in fish-shop/workflows#179

Enforce egress filtering in dependency review reusable workflow by @marcransome in fish-shop/workflows#180

Enforce egress filtering in gitleaks reusable workflow by @marcransome in fish-shop/workflows#181

Update README.md by @marcransome in fish-shop/workflows#182

Full Changelog: fish-shop/workflows@v1.13.51...v1.14.0

v1.13.51

What's Changed

Bump github/codeql-action from 4.34.1 to 4.35.0 in the version-updates group by @dependabot[bot] in fish-shop/workflows#174

Bump github/codeql-action from 4.35.0 to 4.35.1 in the version-updates group by @dependabot[bot] in fish-shop/workflows#175

Enforce egress filtering in release tags workflow by @marcransome in fish-shop/workflows#176

Full Changelog: fish-shop/workflows@v1.13.50...v1.13.51

Commits

8ef6869 Merge pull request #182 from fish-shop/update-readme
0f6a310 Update README.md
aef7718 Merge pull request #181 from fish-shop/gitleaks-egress-filtering-workflow
8aa0092 Enforce egress filtering in gitleaks reusable workflow
8316799 Merge pull request #180 from fish-shop/dependency-review-egress-filtering-wor...
19f736f Enforce egress filtering in dependency review reusable workflow
91b85aa Merge pull request #179 from fish-shop/codeql-egress-filtering-workflow
8ff283f Enforce egress filtering in CodeQL reusable workflow
3537197 Merge pull request #178 from fish-shop/openssf-scorecard-egress-filtering-wor...
c788835 Enforce egress filtering in OpenSSF Scorecard reusable workflow
Additional commits viewable in compare view

Updates fish-shop/workflows/.github/workflows/markdown-links.yml from 1.13.50 to 1.14.0

Release notes

Sourced from fish-shop/workflows/.github/workflows/markdown-links.yml's releases.

v1.14.0

What's Changed

Enforce egress filtering in release tags reusable workflow by @marcransome in fish-shop/workflows#177

Enforce egress filtering in OpenSSF Scorecard reusable workflow by @marcransome in fish-shop/workflows#178

Enforce egress filtering in CodeQL reusable workflow by @marcransome in fish-shop/workflows#179

Enforce egress filtering in dependency review reusable workflow by @marcransome in fish-shop/workflows#180

Enforce egress filtering in gitleaks reusable workflow by @marcransome in fish-shop/workflows#181

Update README.md by @marcransome in fish-shop/workflows#182

Full Changelog: fish-shop/workflows@v1.13.51...v1.14.0

v1.13.51

What's Changed

Bump github/codeql-action from 4.34.1 to 4.35.0 in the version-updates group by @dependabot[bot] in fish-shop/workflows#174

Bump github/codeql-action from 4.35.0 to 4.35.1 in the version-updates group by @dependabot[bot] in fish-shop/workflows#175

Enforce egress filtering in release tags workflow by @marcransome in fish-shop/workflows#176

Full Changelog: fish-shop/workflows@v1.13.50...v1.13.51

Commits

8ef6869 Merge pull request #182 from fish-shop/update-readme
0f6a310 Update README.md
aef7718 Merge pull request #181 from fish-shop/gitleaks-egress-filtering-workflow
8aa0092 Enforce egress filtering in gitleaks reusable workflow
8316799 Merge pull request #180 from fish-shop/dependency-review-egress-filtering-wor...
19f736f Enforce egress filtering in dependency review reusable workflow
91b85aa Merge pull request #179 from fish-shop/codeql-egress-filtering-workflow
8ff283f Enforce egress filtering in CodeQL reusable workflow
3537197 Merge pull request #178 from fish-shop/openssf-scorecard-egress-filtering-wor...
c788835 Enforce egress filtering in OpenSSF Scorecard reusable workflow
Additional commits viewable in compare view

Updates fish-shop/workflows/.github/workflows/openssf-scorecard.yml from 1.13.50 to 1.14.0

Release notes

Sourced from fish-shop/workflows/.github/workflows/openssf-scorecard.yml's releases.

v1.14.0

What's Changed

Enforce egress filtering in release tags reusable workflow by @marcransome in fish-shop/workflows#177

Enforce egress filtering in OpenSSF Scorecard reusable workflow by @marcransome in fish-shop/workflows#178

Enforce egress filtering in CodeQL reusable workflow by @marcransome in fish-shop/workflows#179

Enforce egress filtering in dependency review reusable workflow by @marcransome in fish-shop/workflows#180

Enforce egress filtering in gitleaks reusable workflow by @marcransome in fish-shop/workflows#181

Update README.md by @marcransome in fish-shop/workflows#182

Full Changelog: fish-shop/workflows@v1.13.51...v1.14.0

v1.13.51

What's Changed

Bump github/codeql-action from 4.34.1 to 4.35.0 in the version-updates group by @dependabot[bot] in fish-shop/workflows#174

Bump github/codeql-action from 4.35.0 to 4.35.1 in the version-updates group by @dependabot[bot] in fish-shop/workflows#175

Enforce egress filtering in release tags workflow by @marcransome in fish-shop/workflows#176

Full Changelog: fish-shop/workflows@v1.13.50...v1.13.51

Commits

8ef6869 Merge pull request #182 from fish-shop/update-readme
0f6a310 Update README.md
aef7718 Merge pull request #181 from fish-shop/gitleaks-egress-filtering-workflow
8aa0092 Enforce egress filtering in gitleaks reusable workflow
8316799 Merge pull request #180 from fish-shop/dependency-review-egress-filtering-wor...
19f736f Enforce egress filtering in dependency review reusable workflow
91b85aa Merge pull request #179 from fish-shop/codeql-egress-filtering-workflow
8ff283f Enforce egress filtering in CodeQL reusable workflow
3537197 Merge pull request #178 from fish-shop/openssf-scorecard-egress-filtering-wor...
c788835 Enforce egress filtering in OpenSSF Scorecard reusable workflow
Additional commits viewable in compare view

Updates fish-shop/workflows/.github/workflows/release-tags.yml from 1.13.50 to 1.14.0

Release notes

Sourced from fish-shop/workflows/.github/workflows/release-tags.yml's releases.

v1.14.0

What's Changed

Enforce egress filtering in release tags reusable workflow by @marcransome in fish-shop/workflows#177

Enforce egress filtering in OpenSSF Scorecard reusable workflow by @marcransome in fish-shop/workflows#178

Enforce egress filtering in CodeQL reusable workflow by @marcransome in fish-shop/workflows#179

Enforce egress filtering in dependency review reusable workflow by @marcransome in fish-shop/workflows#180

Enforce egress filtering in gitleaks reusable workflow by @marcransome in fish-shop/workflows#181

Update README.md by @marcransome in fish-shop/workflows#182

Full Changelog: fish-shop/workflows@v1.13.51...v1.14.0

v1.13.51

What's Changed

Bump github/codeql-action from 4.34.1 to 4.35.0 in the version-updates group by @dependabot[bot] in fish-shop/workflows#174

Bump github/codeql-action from 4.35.0 to 4.35.1 in the version-updates group by @dependabot[bot] in fish-shop/workflows#175

Enforce egress filtering in release tags workflow by @marcransome in fish-shop/workflows#176

Full Changelog: fish-shop/workflows@v1.13.50...v1.13.51

Commits

8ef6869 Merge pull request #182 from fish-shop/update-readme
0f6a310 Update README.md
aef7718 Merge pull request #181 from fish-shop/gitleaks-egress-filtering-workflow
8aa0092 Enforce egress filtering in gitleaks reusable workflow
8316799 Merge pull request #180 from fish-shop/dependency-review-egress-filtering-wor...
19f736f Enforce egress filtering in dependency review reusable workflow
91b85aa Merge pull request #179 from fish-shop/codeql-egress-filtering-workflow
8ff283f Enforce egress filtering in CodeQL reusable workflow
3537197 Merge pull request #178 from fish-shop/openssf-scorecard-egress-filtering-wor...
c788835 Enforce egress filtering in OpenSSF Scorecard reusable workflow
Additional commits viewable in compare view

Updates fish-shop/install-fish-shell from 2.1.6 to 2.1.7

Release notes

Sourced from fish-shop/install-fish-shell's releases.

v2.1.7

What's Changed

Bump the version-updates group with 6 updates by @dependabot[bot] in fish-shop/install-fish-shell#277

Full Changelog: fish-shop/install-fish-shell@v2.1.6...v2.1.7

Commits

07c1da1 Merge pull request #277 from fish-shop/dependabot/github_actions/version-upda...
9858c46 Bump the version-updates group with 6 updates
See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the version-updates group with 7 updates: | Package | From | To | | --- | --- | --- | | [fish-shop/workflows/.github/workflows/codeql-analysis.yml](https://github.com/fish-shop/workflows) | `1.13.50` | `1.14.0` | | [fish-shop/workflows/.github/workflows/dependency-review.yml](https://github.com/fish-shop/workflows) | `1.13.50` | `1.14.0` | | [fish-shop/workflows/.github/workflows/gitleaks.yml](https://github.com/fish-shop/workflows) | `1.13.50` | `1.14.0` | | [fish-shop/workflows/.github/workflows/markdown-links.yml](https://github.com/fish-shop/workflows) | `1.13.50` | `1.14.0` | | [fish-shop/workflows/.github/workflows/openssf-scorecard.yml](https://github.com/fish-shop/workflows) | `1.13.50` | `1.14.0` | | [fish-shop/workflows/.github/workflows/release-tags.yml](https://github.com/fish-shop/workflows) | `1.13.50` | `1.14.0` | | [fish-shop/install-fish-shell](https://github.com/fish-shop/install-fish-shell) | `2.1.6` | `2.1.7` | Updates `fish-shop/workflows/.github/workflows/codeql-analysis.yml` from 1.13.50 to 1.14.0 - [Release notes](https://github.com/fish-shop/workflows/releases) - [Commits](fish-shop/workflows@09fba09...8ef6869) Updates `fish-shop/workflows/.github/workflows/dependency-review.yml` from 1.13.50 to 1.14.0 - [Release notes](https://github.com/fish-shop/workflows/releases) - [Commits](fish-shop/workflows@09fba09...8ef6869) Updates `fish-shop/workflows/.github/workflows/gitleaks.yml` from 1.13.50 to 1.14.0 - [Release notes](https://github.com/fish-shop/workflows/releases) - [Commits](fish-shop/workflows@09fba09...8ef6869) Updates `fish-shop/workflows/.github/workflows/markdown-links.yml` from 1.13.50 to 1.14.0 - [Release notes](https://github.com/fish-shop/workflows/releases) - [Commits](fish-shop/workflows@09fba09...8ef6869) Updates `fish-shop/workflows/.github/workflows/openssf-scorecard.yml` from 1.13.50 to 1.14.0 - [Release notes](https://github.com/fish-shop/workflows/releases) - [Commits](fish-shop/workflows@09fba09...8ef6869) Updates `fish-shop/workflows/.github/workflows/release-tags.yml` from 1.13.50 to 1.14.0 - [Release notes](https://github.com/fish-shop/workflows/releases) - [Commits](fish-shop/workflows@09fba09...8ef6869) Updates `fish-shop/install-fish-shell` from 2.1.6 to 2.1.7 - [Release notes](https://github.com/fish-shop/install-fish-shell/releases) - [Commits](fish-shop/install-fish-shell@b045f2d...07c1da1) --- updated-dependencies: - dependency-name: fish-shop/workflows/.github/workflows/codeql-analysis.yml dependency-version: 1.14.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: version-updates - dependency-name: fish-shop/workflows/.github/workflows/dependency-review.yml dependency-version: 1.14.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: version-updates - dependency-name: fish-shop/workflows/.github/workflows/gitleaks.yml dependency-version: 1.14.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: version-updates - dependency-name: fish-shop/workflows/.github/workflows/markdown-links.yml dependency-version: 1.14.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: version-updates - dependency-name: fish-shop/workflows/.github/workflows/openssf-scorecard.yml dependency-version: 1.14.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: version-updates - dependency-name: fish-shop/workflows/.github/workflows/release-tags.yml dependency-version: 1.14.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: version-updates - dependency-name: fish-shop/install-fish-shell dependency-version: 2.1.7 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: version-updates ... Signed-off-by: dependabot[bot] <support@github.com>

github-actions · 2026-03-27T18:03:14Z

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

Snapshot Warnings

⚠️: No snapshots were found for the head SHA f073aaa.

Ensure that dependencies are being submitted on PR branches and consider enabling retry-on-snapshot-warnings. See the documentation for more information and troubleshooting advice.

OpenSSF Scorecard

Package

Version

Score

Details

actions/fish-shop/workflows/.github/workflows/openssf-scorecard.yml

8ef68690e6bbe9a7aca9a307b2583f07aaa90f59

Unknown

actions/fish-shop/install-fish-shell

07c1da1152b6b796c792b53215c97771dc5e5391

🟢 8.2

Details

Check	Score	Reason
Dependency-Update-Tool	🟢 10	update tool detected
Maintained	🟢 10	30 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 10
Dangerous-Workflow	🟢 10	no dangerous workflow patterns detected
Packaging	⚠️ -1	packaging workflow not detected
Security-Policy	🟢 10	security policy file detected
Binary-Artifacts	🟢 10	no binaries found in the repo
Pinned-Dependencies	🟢 10	all dependencies are pinned
Code-Review	⚠️ 0	Found 0/1 approved changesets -- score normalized to 0
Token-Permissions	🟢 10	GitHub workflow tokens follow principle of least privilege
Vulnerabilities	🟢 10	0 existing vulnerabilities detected
CII-Best-Practices	⚠️ 0	no effort to earn an OpenSSF best practices badge detected
License	🟢 10	license file detected
Signed-Releases	⚠️ -1	no releases found
SAST	🟢 10	SAST tool is run on all commits
Fuzzing	⚠️ 0	project is not fuzzed
Branch-Protection	🟢 8	branch protection is not maximal on development and all release branches
Contributors	🟢 10	project has 3 contributing companies or organizations -- score normalized to 10
CI-Tests	🟢 10	15 out of 15 merged PRs checked by a CI test -- score normalized to 10

Scanned Files

.github/workflows/openssf-scorecard.yml
.github/workflows/test.yml

dependabot Bot assigned marcransome Mar 27, 2026

dependabot Bot requested a review from a team as a code owner March 27, 2026 18:02

dependabot Bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Mar 27, 2026

marcransome approved these changes Mar 27, 2026

View reviewed changes

marcransome merged commit a4b6b44 into main Mar 27, 2026
17 checks passed

marcransome deleted the dependabot/github_actions/version-updates-f6f4b15182 branch March 27, 2026 18:04

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Bump the version-updates group with 7 updates#351

Bump the version-updates group with 7 updates#351
marcransome merged 1 commit intomainfrom
dependabot/github_actions/version-updates-f6f4b15182

dependabot Bot commented on behalf of github Mar 27, 2026

Uh oh!

github-actions Bot commented Mar 27, 2026

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

Uh oh!

Conversation

dependabot Bot commented on behalf of github Mar 27, 2026

v1.14.0

What's Changed

v1.13.51

What's Changed

v1.14.0

What's Changed

v1.13.51

What's Changed

v1.14.0

What's Changed

v1.13.51

What's Changed

v1.14.0

What's Changed

v1.13.51

What's Changed

v1.14.0

What's Changed

v1.13.51

What's Changed

v1.14.0

What's Changed

v1.13.51

What's Changed

v2.1.7

What's Changed

Uh oh!

github-actions Bot commented Mar 27, 2026

Dependency Review

Snapshot Warnings

OpenSSF Scorecard

Scanned Files

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant