Skip to content

Bump the github-actions group with 4 updates#598

Merged
drmowinckels merged 1 commit into
mainfrom
dependabot/github_actions/github-actions-43de620d10
Jun 9, 2026
Merged

Bump the github-actions group with 4 updates#598
drmowinckels merged 1 commit into
mainfrom
dependabot/github_actions/github-actions-43de620d10

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 2, 2026

Copy link
Copy Markdown
Contributor

Bumps the github-actions group with 4 updates: pozil/auto-assign-issue, actions/create-github-app-token, actions/checkout and peter-evans/create-pull-request.

Updates pozil/auto-assign-issue from 2 to 4

Release notes

Sourced from pozil/auto-assign-issue's releases.

v4.0.0 - Node@24 support

feat: add Node@24 support

v3.0.0 - Switch to EcmaScript Module

  • feat: switch to EcmaScript Module
  • build: bump dependencies

v2.2.0 - Add support for pull_request_target

  • feat: Add support for pull_request_target. #152 thanks to @​thedjnK
  • build: bump dependencies

v2.1.2 - Fix failsIfUsersCannotBeAssigned flag support

  • fix: failsIfUsersCannotBeAssigned flag support and improves error handling

v2.1.0 - User assignment check

  • feat: added an optional user assignment check via the failsIfUsersCannotBeAssigned flag as per #148
  • build: bump dependencies

v2.0.1 - Bump dependencies

  • build: bump dependencies
  • feat: extra test for random PR reviewer
Commits

Updates actions/create-github-app-token from 1 to 3

Release notes

Sourced from actions/create-github-app-token's releases.

v3.0.0

3.0.0 (2026-03-14)

Bug Fixes

BREAKING CHANGES

  • Custom proxy handling has been removed. If you use HTTP_PROXY or HTTPS_PROXY, you must now also set NODE_USE_ENV_PROXY=1 on the action step.
  • Requires Actions Runner v2.327.1 or later if you are using a self-hosted runner.

v3.0.0-beta.6

3.0.0-beta.6 (2026-03-13)

Bug Fixes

  • deps: bump @​actions/core from 1.11.1 to 3.0.0 (#337) (b044133)
  • deps: bump minimatch from 9.0.5 to 9.0.9 (#335) (5cbc656)
  • deps: bump the production-dependencies group with 4 updates (#336) (6bda5bc)
  • deps: bump undici from 7.16.0 to 7.18.2 (#323) (b4f638f)

v3.0.0-beta.5

3.0.0-beta.5 (2026-03-13)

  • fix!: require NODE_USE_ENV_PROXY for proxy support (#342) (d53a1cd)

BREAKING CHANGES

  • Custom proxy handling has been removed. If you use HTTP_PROXY or HTTPS_PROXY, you must now also set NODE_USE_ENV_PROXY=1 on the action step.

v3.0.0-beta.4

3.0.0-beta.4 (2026-03-13)

Bug Fixes

  • deps: bump @​octokit/auth-app from 7.2.1 to 8.0.1 (#257) (bef1eaf)
  • deps: bump @​octokit/request from 9.2.3 to 10.0.2 (#256) (5d7307b)
  • deps: bump glob from 10.4.5 to 10.5.0 (#305) (5480f43)
  • deps: bump p-retry from 6.2.1 to 7.1.0 (#294) (dce3be8)

... (truncated)

Changelog

Sourced from actions/create-github-app-token's changelog.

Changelog

3.2.0 (2026-05-12)

Features

  • add support for enterprise-level GitHub Apps (#263) (952a2a7)
  • support full repository names in repositories input (#372) (85eb8dd)

Bug Fixes

  • deps: bump @​actions/core from 3.0.0 to 3.0.1 in the production-dependencies group (#364) (43e5c34)
  • validate private-key input (#376) (f24bbd8)
Commits
  • bcd2ba4 chore(main): release 3.2.0 (#370)
  • f24bbd8 fix: validate private-key input (#376)
  • 363531b docs: capitalize Git as a proper noun in README (#374)
  • fd28011 docs: update procedure to configure Git (#287)
  • 85eb8dd feat: support full repository names in repositories input (#372)
  • c9aabb8 build(deps-dev): bump yaml from 2.8.3 to 2.8.4 in the development-dependencie...
  • e02e816 build(deps-dev): bump undici from 7.24.6 to 8.2.0 (#366)
  • 8d835bf build(deps-dev): bump esbuild from 0.27.4 to 0.28.0 in the development-depend...
  • 952a2a7 feat: add support for enterprise-level GitHub Apps (#263)
  • 43e5c34 fix(deps): bump @​actions/core from 3.0.0 to 3.0.1 in the production-dependenc...
  • Additional commits viewable in compare view

Updates actions/checkout from 4 to 6

Release notes

Sourced from actions/checkout's releases.

v6.0.0

What's Changed

Full Changelog: actions/checkout@v5.0.0...v6.0.0

v6-beta

What's Changed

Updated persist-credentials to store the credentials under $RUNNER_TEMP instead of directly in the local git config.

This requires a minimum Actions Runner version of v2.329.0 to access the persisted credentials for Docker container action scenarios.

v5.0.1

What's Changed

Full Changelog: actions/checkout@v5...v5.0.1

v5.0.0

What's Changed

⚠️ Minimum Compatible Runner Version

v2.327.1
Release Notes

Make sure your runner is updated to this version or newer to use this release.

Full Changelog: actions/checkout@v4...v5.0.0

v4.3.1

What's Changed

Full Changelog: actions/checkout@v4...v4.3.1

v4.3.0

What's Changed

... (truncated)

Changelog

Sourced from actions/checkout's changelog.

Changelog

v6.0.3

v6.0.2

v6.0.1

v6.0.0

v5.0.1

v5.0.0

v4.3.1

v4.3.0

v4.2.2

v4.2.1

v4.2.0

v4.1.7

... (truncated)

Commits

Updates peter-evans/create-pull-request from 7 to 8

Release notes

Sourced from peter-evans/create-pull-request's releases.

Create Pull Request v8.0.0

What's new in v8

What's Changed

New Contributors

Full Changelog: peter-evans/create-pull-request@v7.0.11...v8.0.0

Create Pull Request v7.0.11

What's Changed

Full Changelog: peter-evans/create-pull-request@v7.0.10...v7.0.11

Create Pull Request v7.0.10

⚙️ Fixes an issue where updating a pull request failed when targeting a forked repository with the same owner as its parent.

What's Changed

New Contributors

Full Changelog: peter-evans/create-pull-request@v7.0.9...v7.0.10

Create Pull Request v7.0.9

⚙️ Fixes an incompatibility with the recently released actions/checkout@v6.

What's Changed

New Contributors

... (truncated)

Commits
  • 5f6978f fix: retry post-creation API calls on 422 eventual consistency errors (#4356)
  • d32e88d build(deps-dev): bump the npm group with 3 updates (#4349)
  • 8170bcc build(deps-dev): bump handlebars from 4.7.8 to 4.7.9 (#4344)
  • 0041819 build(deps): bump picomatch (#4339)
  • b993918 build(deps-dev): bump flatted from 3.3.1 to 3.4.2 (#4334)
  • 36d7c84 build(deps-dev): bump undici from 6.23.0 to 6.24.0 (#4328)
  • a45d1fb build(deps): bump @​tootallnate/once and jest-environment-jsdom (#4323)
  • 3499eb6 build(deps): bump the github-actions group with 2 updates (#4316)
  • 3f3b473 build(deps): bump minimatch (#4311)
  • 6699836 build(deps-dev): bump the npm group with 2 updates (#4305)
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
Bump the github-actions group with 4 updates
3284e52 
Bumps the github-actions group with 4 updates: [pozil/auto-assign-issue](https://github.com/pozil/auto-assign-issue), [actions/create-github-app-token](https://github.com/actions/create-github-app-token), [actions/checkout](https://github.com/actions/checkout) and [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request).


Updates `pozil/auto-assign-issue` from 2 to 4
- [Release notes](https://github.com/pozil/auto-assign-issue/releases)
- [Commits](pozil/auto-assign-issue@v2...v4)

Updates `actions/create-github-app-token` from 1 to 3
- [Release notes](https://github.com/actions/create-github-app-token/releases)
- [Changelog](https://github.com/actions/create-github-app-token/blob/main/CHANGELOG.md)
- [Commits](actions/create-github-app-token@v1...v3)

Updates `actions/checkout` from 4 to 6
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](actions/checkout@v4...v6)

Updates `peter-evans/create-pull-request` from 7 to 8
- [Release notes](https://github.com/peter-evans/create-pull-request/releases)
- [Commits](peter-evans/create-pull-request@v7...v8)

---
updated-dependencies:
- dependency-name: pozil/auto-assign-issue
  dependency-version: '4'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions
- dependency-name: actions/create-github-app-token
  dependency-version: '3'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions
- dependency-name: actions/checkout
  dependency-version: '6'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions
- dependency-name: peter-evans/create-pull-request
  dependency-version: '8'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added the dependencies Pull requests that update a dependency file label Jun 2, 2026
@dependabot dependabot Bot requested a review from a team as a code owner June 2, 2026 23:12
@dependabot dependabot Bot requested review from reshamas and removed request for a team June 2, 2026 23:12
@dependabot dependabot Bot added the dependencies Pull requests that update a dependency file label Jun 2, 2026
@netlify

netlify Bot commented Jun 2, 2026
edited
Loading

Copy link
Copy Markdown

Deploy Preview for rladies-dev ready!

Name Link
🔨 Latest commit 3284e52
🔍 Latest deploy log https://app.netlify.com/projects/rladies-dev/deploys/6a1f637c7eb5db0008705a18
😎 Deploy Preview https://deploy-preview-598--rladies-dev.netlify.app
📱 Preview on mobile
Toggle QR Code...

QR Code

Use your smartphone camera to open QR code link.
🤖 Make changes Run an agent on this branch

To edit notification comments on pull requests, go to your Netlify project configuration.

@drmowinckels drmowinckels merged commit 6a9cfcd into main Jun 9, 2026
8 of 13 checks passed
@drmowinckels drmowinckels deleted the dependabot/github_actions/github-actions-43de620d10 branch June 9, 2026 14:32
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@reshamas reshamas Awaiting requested review from reshamas reshamas is a code owner automatically assigned from rladies/website

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@drmowinckels