Skip to content

Bump the gh-actions-packages group across 6 directories with 6 updates #5802

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 1 commit into from
Closed

Bump the gh-actions-packages group across 6 directories with 6 updates #5802

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Jun 1, 2025
edited
Loading

Bumps the gh-actions-packages group with 5 updates in the / directory:

Package From To
raven-actions/actionlint 2.0.0 2.0.1
codecov/codecov-action 5.3.1 5.4.3
actions/create-github-app-token 2.0.5 2.0.6
github/codeql-action 3.28.17 3.28.18
actions/setup-node 4.2.0 4.4.0

Bumps the gh-actions-packages group with 1 update in the /.github/actions/node directory: actions/setup-node.
Bumps the gh-actions-packages group with 1 update in the /.github/actions/install/branch-diff directory: actions/cache.
Bumps the gh-actions-packages group with 1 update in the /.github/actions/plugins/test directory: codecov/codecov-action.
Bumps the gh-actions-packages group with 1 update in the /.github/actions/plugins/test-and-upstream directory: codecov/codecov-action.
Bumps the gh-actions-packages group with 1 update in the /.github/actions/plugins/upstream directory: codecov/codecov-action.

Updates raven-actions/actionlint from 2.0.0 to 2.0.1

Release notes

Sourced from raven-actions/actionlint's releases.

v2.0.1

🔄️ What's Changed

🐛 Bug Fixes

👥 Contributors

@​DariuszPorowski and @​Skipants

See details of all code changes: raven-actions/actionlint@v2.0.0...v2.0.1 since previous release.

Commits

Updates codecov/codecov-action from 5.3.1 to 5.4.3

Release notes

Sourced from codecov/codecov-action's releases.

v5.4.3

What's Changed

Full Changelog: codecov/codecov-action@v5.4.2...v5.4.3

v5.4.2

What's Changed

Full Changelog: codecov/codecov-action@v5.4.1...v5.4.2

v5.4.1

What's Changed

Full Changelog: codecov/codecov-action@v5.4.0...v5.4.1

v5.4.1-beta

What's Changed

Full Changelog: codecov/codecov-action@v5.4.0...v5.4.1-beta

v5.4.0

What's Changed

... (truncated)

Changelog

Sourced from codecov/codecov-action's changelog.

v5.4.3

What's Changed

Full Changelog: https://github.com/codecov/codecov-action/compare/v5.4.2..v5.4.3

v5.4.2

What's Changed

Full Changelog: https://github.com/codecov/codecov-action/compare/v5.4.1..v5.4.2

v5.4.1

What's Changed

Full Changelog: https://github.com/codecov/codecov-action/compare/v5.4.0..v5.4.1

v5.4.0

What's Changed

Full Changelog: https://github.com/codecov/codecov-action/compare/v5.3.1..v5.4.0

... (truncated)

Commits

Updates actions/create-github-app-token from 2.0.5 to 2.0.6

Release notes

Sourced from actions/create-github-app-token's releases.

v2.0.6

2.0.6 (2025-05-03)

Bug Fixes

Commits

Updates github/codeql-action from 3.28.17 to 3.28.18

Release notes

Sourced from github/codeql-action's releases.

v3.28.18

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.28.18 - 16 May 2025

  • Update default CodeQL bundle version to 2.21.3. #2893
  • Skip validating SARIF produced by CodeQL for improved performance. #2894
  • The number of threads and amount of RAM used by CodeQL can now be set via the CODEQL_THREADS and CODEQL_RAM runner environment variables. If set, these environment variables override the threads and ram inputs respectively. #2891

See the full CHANGELOG.md for more information.

Changelog

Sourced from github/codeql-action's changelog.

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

[UNRELEASED]

  • The CodeQL Action no longer includes its own copy of the extractor for the actions language, which is currently in public preview. The actions extractor has been included in the CodeQL CLI since v2.20.6. If your workflow has enabled the actions language and you have pinned your tools: property to a specific version of the CodeQL CLI earlier than v2.20.6, you will need to update to at least CodeQL v2.20.6 or disable actions analysis.

3.28.18 - 16 May 2025

  • Update default CodeQL bundle version to 2.21.3. #2893
  • Skip validating SARIF produced by CodeQL for improved performance. #2894
  • The number of threads and amount of RAM used by CodeQL can now be set via the CODEQL_THREADS and CODEQL_RAM runner environment variables. If set, these environment variables override the threads and ram inputs respectively. #2891

3.28.17 - 02 May 2025

  • Update default CodeQL bundle version to 2.21.2. #2872

3.28.16 - 23 Apr 2025

  • Update default CodeQL bundle version to 2.21.1. #2863

3.28.15 - 07 Apr 2025

  • Fix bug where the action would fail if it tried to produce a debug artifact with more than 65535 files. #2842

3.28.14 - 07 Apr 2025

  • Update default CodeQL bundle version to 2.21.0. #2838

3.28.13 - 24 Mar 2025

No user facing changes.

3.28.12 - 19 Mar 2025

  • Dependency caching should now cache more dependencies for Java build-mode: none extractions. This should speed up workflows and avoid inconsistent alerts in some cases.
  • Update default CodeQL bundle version to 2.20.7. #2810

3.28.11 - 07 Mar 2025

  • Update default CodeQL bundle version to 2.20.6. #2793

3.28.10 - 21 Feb 2025

  • Update default CodeQL bundle version to 2.20.5. #2772
  • Address an issue where the CodeQL Bundle would occasionally fail to decompress on macOS. #2768

... (truncated)

Commits
  • ff0a06e Merge pull request #2896 from github/update-v3.28.18-b86edfc27
  • a41e084 Update changelog for v3.28.18
  • b86edfc Merge pull request #2893 from github/update-bundle/codeql-bundle-v2.21.3
  • e93b900 Merge branch 'main' into update-bundle/codeql-bundle-v2.21.3
  • 510dfa3 Merge pull request #2894 from github/henrymercer/skip-validating-codeql-sarif
  • 492d783 Merge branch 'main' into henrymercer/skip-validating-codeql-sarif
  • 83bdf3b Merge pull request #2859 from github/update-supported-enterprise-server-versions
  • cffc916 Merge pull request #2891 from austinpray-mixpanel/patch-1
  • 4420887 Add deprecation warning for CodeQL 2.16.5 and earlier
  • 4e178c5 Update supported versions table in README
  • Additional commits viewable in compare view

Updates actions/setup-node from 4.2.0 to 4.4.0

Release notes

Sourced from actions/setup-node's releases.

v4.4.0

What's Changed

Bug fixes:

Enhancement:

Dependency update:

New Contributors

Full Changelogactions/setup-node@v4...v4.4.0

v4.3.0

What's Changed

Dependency updates

New Contributors

Full Changelog: actions/setup-node@v4...v4.3.0

Commits

Updates actions/setup-node from 4.3.0 to 4.4.0

Release notes

Sourced from actions/setup-node's releases.

v4.4.0

What's Changed

Bug fixes:

Enhancement:

Dependency update:

New Contributors

Full Changelogactions/setup-node@v4...v4.4.0

v4.3.0

What's Changed

Dependency updates

New Contributors

Full Changelog: actions/setup-node@v4...v4.3.0

Commits

Updates actions/cache from 4.2.2 to 4.2.3

Release notes

Sourced from actions/cache's releases.

v4.2.3

What's Changed

  • Update to use @​actions/cache 4.0.3 package & prepare for new release by @​salmanmkc in actions/cache#1577 (SAS tokens for cache entries are now masked in debug logs)

New Contributors

Full Changelog: actions/cache@v4.2.2...v4.2.3

Changelog

Sourced from actions/cache's changelog.

Releases

4.2.3

  • Bump @actions/cache to v4.0.3 (obfuscates SAS token in debug logs for cache entries)

4.2.2

  • Bump @actions/cache to v4.0.2

4.2.1

  • Bump @actions/cache to v4.0.1

4.2.0

TLDR; The cache backend service has been rewritten from the ground up for improved performance and reliability. actions/cache now integrates with the new cache service (v2) APIs.

The new service will gradually roll out as of February 1st, 2025. The legacy service will also be sunset on the same date. Changes in these release are fully backward compatible.

We are deprecating some versions of this action. We recommend upgrading to version v4 or v3 as soon as possible before February 1st, 2025. (Upgrade instructions below).

If you are using pinned SHAs, please use the SHAs of versions v4.2.0 or v3.4.0

If you do not upgrade, all workflow runs using any of the deprecated actions/cache will fail.

Upgrading to the recommended versions will not break your workflows.

4.1.2

  • Add GitHub Enterprise Cloud instances hostname filters to inform API endpoint choices - #1474
  • Security fix: Bump braces from 3.0.2 to 3.0.3 - #1475

4.1.1

  • Restore original behavior of cache-hit output - #1467

4.1.0

  • Ensure cache-hit output is set when a cache is missed - #1404
  • Deprecate save-always input - #1452

4.0.2

  • Fixed restore fail-on-cache-miss not working.

4.0.1

  • Updated isGhes check

... (truncated)

Commits

Updates codecov/codecov-action from 5.4.0 to 5.4.3

Release notes

Sourced from codecov/codecov-action's releases.

v5.4.3

What's Changed

Full Changelog: codecov/codecov-action@v5.4.2...v5.4.3

v5.4.2

What's Changed

Full Changelog: codecov/codecov-action@v5.4.1...v5.4.2

v5.4.1

What's Changed

Full Changelog: codecov/codecov-action@v5.4.0...v5.4.1

v5.4.1-beta

What's Changed

Full Changelog: codecov/codecov-action@v5.4.0...v5.4.1-beta

v5.4.0

What's Changed

... (truncated)

Changelog

Sourced from codecov/codecov-action's changelog.

v5.4.3

What's Changed

Full Changelog: https://github.com/codecov/codecov-action/compare/v5.4.2..v5.4.3

v5.4.2

What's Changed

Full Changelog: https://github.com/codecov/codecov-action/compare/v5.4.1..v5.4.2

v5.4.1

What's Changed

Full Changelog: https://github.com/codecov/codecov-action/compare/v5.4.0..v5.4.1

v5.4.0

What's Changed

Full Changelog: https://github.com/codecov/codecov-action/compare/v5.3.1..v5.4.0

... (truncated)

Commits

Updates codecov/codecov-action from 5.4.0 to 5.4.3

Release notes

Sourced from codecov/codecov-action's releases.

v5.4.3

What's Changed

Full Changelog: codecov/codecov-action@v5.4.2...v5.4.3

v5.4.2

What's Changed

Full Changelog: codecov/codecov-action@v5.4.1...v5.4.2

v5.4.1

What's Changed

Full Changelog: codecov/codecov-action@v5.4.0...v5.4.1

v5.4.1-beta

What's Changed

Full Changelog: codecov/codecov-action@v5.4.0...v5.4.1-beta

v5.4.0

What's Changed

@dependabot
Bump the gh-actions-packages group across 6 directories with 6 updates
263909a 
Bumps the gh-actions-packages group with 5 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [raven-actions/actionlint](https://github.com/raven-actions/actionlint) | `2.0.0` | `2.0.1` |
| [codecov/codecov-action](https://github.com/codecov/codecov-action) | `5.3.1` | `5.4.3` |
| [actions/create-github-app-token](https://github.com/actions/create-github-app-token) | `2.0.5` | `2.0.6` |
| [github/codeql-action](https://github.com/github/codeql-action) | `3.28.17` | `3.28.18` |
| [actions/setup-node](https://github.com/actions/setup-node) | `4.2.0` | `4.4.0` |

Bumps the gh-actions-packages group with 1 update in the /.github/actions/node directory: [actions/setup-node](https://github.com/actions/setup-node).
Bumps the gh-actions-packages group with 1 update in the /.github/actions/install/branch-diff directory: [actions/cache](https://github.com/actions/cache).
Bumps the gh-actions-packages group with 1 update in the /.github/actions/plugins/test directory: [codecov/codecov-action](https://github.com/codecov/codecov-action).
Bumps the gh-actions-packages group with 1 update in the /.github/actions/plugins/test-and-upstream directory: [codecov/codecov-action](https://github.com/codecov/codecov-action).
Bumps the gh-actions-packages group with 1 update in the /.github/actions/plugins/upstream directory: [codecov/codecov-action](https://github.com/codecov/codecov-action).


Updates `raven-actions/actionlint` from 2.0.0 to 2.0.1
- [Release notes](https://github.com/raven-actions/actionlint/releases)
- [Commits](raven-actions/actionlint@01fce4f...3a24062)

Updates `codecov/codecov-action` from 5.3.1 to 5.4.3
- [Release notes](https://github.com/codecov/codecov-action/releases)
- [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md)
- [Commits](codecov/codecov-action@v5.3.1...18283e0)

Updates `actions/create-github-app-token` from 2.0.5 to 2.0.6
- [Release notes](https://github.com/actions/create-github-app-token/releases)
- [Commits](actions/create-github-app-token@db3cdf4...df432ce)

Updates `github/codeql-action` from 3.28.17 to 3.28.18
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](github/codeql-action@60168ef...ff0a06e)

Updates `actions/setup-node` from 4.2.0 to 4.4.0
- [Release notes](https://github.com/actions/setup-node/releases)
- [Commits](actions/setup-node@1d0ff46...49933ea)

Updates `actions/setup-node` from 4.3.0 to 4.4.0
- [Release notes](https://github.com/actions/setup-node/releases)
- [Commits](actions/setup-node@1d0ff46...49933ea)

Updates `actions/cache` from 4.2.2 to 4.2.3
- [Release notes](https://github.com/actions/cache/releases)
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md)
- [Commits](actions/cache@d4323d4...5a3ec84)

Updates `codecov/codecov-action` from 5.4.0 to 5.4.3
- [Release notes](https://github.com/codecov/codecov-action/releases)
- [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md)
- [Commits](codecov/codecov-action@v5.3.1...18283e0)

Updates `codecov/codecov-action` from 5.4.0 to 5.4.3
- [Release notes](https://github.com/codecov/codecov-action/releases)
- [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md)
- [Commits](codecov/codecov-action@v5.3.1...18283e0)

Updates `codecov/codecov-action` from 5.4.0 to 5.4.3
- [Release notes](https://github.com/codecov/codecov-action/releases)
- [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md)
- [Commits](codecov/codecov-action@v5.3.1...18283e0)

---
updated-dependencies:
- dependency-name: raven-actions/actionlint
  dependency-version: 2.0.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: gh-actions-packages
- dependency-name: codecov/codecov-action
  dependency-version: 5.4.3
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: gh-actions-packages
- dependency-name: actions/create-github-app-token
  dependency-version: 2.0.6
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: gh-actions-packages
- dependency-name: github/codeql-action
  dependency-version: 3.28.18
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: gh-actions-packages
- dependency-name: actions/setup-node
  dependency-version: 4.4.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: gh-actions-packages
- dependency-name: actions/setup-node
  dependency-version: 4.4.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: gh-actions-packages
- dependency-name: actions/cache
  dependency-version: 4.2.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: gh-actions-packages
- dependency-name: codecov/codecov-action
  dependency-version: 5.4.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: gh-actions-packages
- dependency-name: codecov/codecov-action
  dependency-version: 5.4.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: gh-actions-packages
- dependency-name: codecov/codecov-action
  dependency-version: 5.4.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: gh-actions-packages
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added dependencies github_actions Pull requests that update GitHub Actions code labels Jun 1, 2025
@dependabot dependabot bot requested review from a team as code owners June 1, 2025 01:09
@dependabot dependabot bot requested a review from BSanchidrian June 1, 2025 01:09
@github-actions GitHub Actions
Copy link

github-actions bot commented Jun 1, 2025

Overall package size

Self size: 9.49 MB
Deduped: 103.7 MB
No deduping: 104.22 MB

Dependency sizes | name | version | self size | total size | |------|---------|-----------|------------| | @datadog/libdatadog | 0.5.1 | 29.73 MB | 29.73 MB | | @datadog/native-appsec | 8.5.2 | 19.33 MB | 19.34 MB | | @datadog/pprof | 5.8.0 | 12.55 MB | 12.92 MB | | @datadog/native-iast-taint-tracking | 4.0.0 | 11.72 MB | 11.73 MB | | @opentelemetry/core | 1.30.1 | 908.66 kB | 7.16 MB | | protobufjs | 7.5.3 | 2.95 MB | 5.6 MB | | @datadog/wasm-js-rewriter | 4.0.1 | 2.85 MB | 3.58 MB | | @datadog/native-metrics | 3.1.1 | 1.02 MB | 1.43 MB | | @opentelemetry/api | 1.8.0 | 1.21 MB | 1.21 MB | | import-in-the-middle | 1.14.0 | 120.58 kB | 842.2 kB | | source-map | 0.7.4 | 226 kB | 226 kB | | opentracing | 0.14.7 | 194.81 kB | 194.81 kB | | lru-cache | 7.18.3 | 133.92 kB | 133.92 kB | | pprof-format | 2.1.0 | 111.69 kB | 111.69 kB | | @datadog/sketches-js | 2.1.1 | 109.9 kB | 109.9 kB | | lodash.sortby | 4.7.0 | 75.76 kB | 75.76 kB | | ignore | 5.3.2 | 53.63 kB | 53.63 kB | | istanbul-lib-coverage | 3.2.2 | 34.37 kB | 34.37 kB | | rfdc | 1.4.1 | 27.15 kB | 27.15 kB | | @isaacs/ttlcache | 1.4.1 | 25.2 kB | 25.2 kB | | dc-polyfill | 0.1.9 | 25.11 kB | 25.11 kB | | tlhunter-sorted-set | 0.1.0 | 24.94 kB | 24.94 kB | | shell-quote | 1.8.2 | 23.54 kB | 23.54 kB | | limiter | 1.1.5 | 23.17 kB | 23.17 kB | | retry | 0.13.1 | 18.85 kB | 18.85 kB | | semifies | 1.0.0 | 15.84 kB | 15.84 kB | | jest-docblock | 29.7.0 | 8.99 kB | 12.76 kB | | crypto-randomuuid | 1.0.0 | 11.18 kB | 11.18 kB | | ttl-set | 1.0.0 | 4.61 kB | 9.69 kB | | mutexify | 1.4.0 | 5.71 kB | 8.74 kB | | path-to-regexp | 0.1.12 | 6.6 kB | 6.6 kB | | koalas | 1.0.2 | 6.47 kB | 6.47 kB | | module-details-from-path | 1.0.4 | 3.96 kB | 3.96 kB |

🤖 This report was automatically generated by heaviest-objects-in-the-universe

@codecov Codecov
Copy link

codecov bot commented Jun 1, 2025
edited
Loading

Codecov Report

All modified and coverable lines are covered by tests ✅

Project coverage is 79.00%. Comparing base (36f4669) to head (263909a).
Report is 10 commits behind head on master.

Additional details and impacted files 
@@            Coverage Diff             @@
##           master    #5802      +/-   ##
==========================================
- Coverage   79.41%   79.00%   -0.42%     
==========================================
  Files         522      522              
  Lines       23802    23802              
==========================================
- Hits        18902    18804      -98     
- Misses       4900     4998      +98

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

🚀 New features to boost your workflow:
  • ❄️ Test Analytics: Detect flaky tests, report on failures, and find test suite problems.
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@pr-commenter
Copy link

pr-commenter bot commented Jun 1, 2025

Benchmarks

Benchmark execution time: 2025-06-01 01:21:41

Comparing candidate commit 263909a in PR branch dependabot/github_actions/gh-actions-packages-384f53c8b8 with baseline commit 36f4669 in branch master.

Found 0 performance improvements and 0 performance regressions! Performance is the same for 1270 metrics, 53 unstable metrics.

@dependabot Dependabot
Copy link
Contributor Author

dependabot bot commented on behalf of github Jun 3, 2025

Superseded by #5813.

@dependabot dependabot bot closed this Jun 3, 2025
@dependabot dependabot bot deleted the dependabot/github_actions/gh-actions-packages-384f53c8b8 branch June 3, 2025 17:07
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@BSanchidrian BSanchidrian Awaiting requested review from BSanchidrian BSanchidrian is a code owner automatically assigned from DataDog/ci-app-libraries

Assignees
No one assigned
Labels
dependencies github_actions Pull requests that update GitHub Actions code semver-patch
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@BridgeAR