Skip to content

chore(deps): bump the github-actions-dependencies group across 1 directory with 2 updates#543

Merged
JerrettDavis merged 2 commits into
mainfrom
dependabot/github_actions/github-actions-dependencies-0e13d744f4
Jun 22, 2026
Merged

chore(deps): bump the github-actions-dependencies group across 1 directory with 2 updates#543
JerrettDavis merged 2 commits into
mainfrom
dependabot/github_actions/github-actions-dependencies-0e13d744f4

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 22, 2026

Copy link
Copy Markdown
Contributor

Bumps the github-actions-dependencies group with 2 updates in the / directory: actions/checkout and EnricoMi/publish-unit-test-result-action.

Updates actions/checkout from 6 to 7

Release notes

Sourced from actions/checkout's releases.

v7.0.0

What's Changed

New Contributors

Full Changelog: actions/checkout@v6.0.3...v7.0.0

v6.0.3

What's Changed

New Contributors

Full Changelog: actions/checkout@v6...v6.0.3

v6.0.2

What's Changed

Full Changelog: actions/checkout@v6.0.1...v6.0.2

v6.0.1

What's Changed

Full Changelog: actions/checkout@v6...v6.0.1

Changelog

Sourced from actions/checkout's changelog.

Changelog

v7.0.0

v6.0.3

v6.0.2

v6.0.1

v6.0.0

v5.0.1

v5.0.0

v4.3.1

v4.3.0

v4.2.2

v4.2.1

... (truncated)

Commits

Updates EnricoMi/publish-unit-test-result-action from 2.23.0 to 2.24.0

Release notes

Sourced from EnricoMi/publish-unit-test-result-action's releases.

v2.24.0

Adds the following improvements:

  • Fix: use env var indirection for inputs #737
  • Upgrading dependencies

Full Changelog: EnricoMi/publish-unit-test-result-action@v2.23.0...v2.24.0

Commits
  • d0a4676 Releasing v2.24.0
  • 473c3f2 Upgrade GitHub Actions in action.yml files (#776)
  • 49f3291 Add Ubuntu 26.04, add arm versions (#775)
  • 4ed2544 Bump emibcn/badge-action from 2.0.3 to 2.0.4 (#758)
  • f2856f6 Bump docker/metadata-action from 5.10.0 to 6.1.0 (#760)
  • 5ec6b13 Bump docker/setup-qemu-action from 3.7.0 to 4.1.0 (#759)
  • a199e4e Use env var indirection for Docker action inputs (#737)
  • 60b1d8c Bump github/codeql-action from 4.32.4 to 4.36.0 (#757)
  • b1d9536 Bump docker/build-push-action from 6.19.2 to 7.2.0 (#756)
  • 17f8820 Revert "Create and add workflow to enhance dependabot GHA upgrade PRs (#761)"
  • Additional commits viewable in compare view

@dependabot @github

dependabot Bot commented on behalf of github Jun 22, 2026

Copy link
Copy Markdown
Contributor Author

Labels

The following labels could not be found: ci. Please create it before Dependabot can add it to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

@github-actions

github-actions Bot commented Jun 22, 2026

Copy link
Copy Markdown
Contributor

Test Results

7 641 tests   7 622 ✅  2m 45s ⏱️
    7 suites     19 💤
    7 files        0 ❌

Results for commit 6ecbfc0.

♻️ This comment has been updated with latest results.

@github-actions

github-actions Bot commented Jun 22, 2026

Copy link
Copy Markdown
Contributor

⚠️ Deprecation Warning: The deny-licenses option is deprecated for possible removal in the next major release. For more information, see issue 997.

Dependency Review

The following issues were found:
  • ✅ 0 vulnerable package(s)
  • ✅ 0 package(s) with incompatible licenses
  • ✅ 0 package(s) with invalid SPDX license definitions
  • ⚠️ 3 package(s) with unknown licenses.
See the Details below.

License Issues

.github/workflows/docs.yml

PackageVersionLicenseIssue Type
actions/checkout7.*.*NullUnknown License

.github/workflows/regenerate-screenshots.yml

PackageVersionLicenseIssue Type
actions/checkout7.*.*NullUnknown License

.github/workflows/version-bump.yml

PackageVersionLicenseIssue Type
actions/checkout7.*.*NullUnknown License
Denied Licenses: GPL-2.0, GPL-3.0, AGPL-3.0

OpenSSF Scorecard

PackageVersionScoreDetails
actions/actions/checkout 7.*.* 🟢 6.9
Details
CheckScoreReason
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Code-Review🟢 10all changesets reviewed
Maintained🟢 1016 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10
Binary-Artifacts🟢 10no binaries found in the repo
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Pinned-Dependencies🟢 3dependency not pinned by hash detected -- score normalized to 3
Fuzzing⚠️ 0project is not fuzzed
License🟢 10license file detected
Packaging⚠️ -1packaging workflow not detected
Signed-Releases⚠️ -1no releases found
Security-Policy🟢 9security policy file detected
Branch-Protection🟢 5branch protection is not maximal on development and all release branches
SAST🟢 10SAST tool is run on all commits
actions/actions/checkout 7.*.* 🟢 6.9
Details
CheckScoreReason
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Code-Review🟢 10all changesets reviewed
Maintained🟢 1016 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10
Binary-Artifacts🟢 10no binaries found in the repo
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Pinned-Dependencies🟢 3dependency not pinned by hash detected -- score normalized to 3
Fuzzing⚠️ 0project is not fuzzed
License🟢 10license file detected
Packaging⚠️ -1packaging workflow not detected
Signed-Releases⚠️ -1no releases found
Security-Policy🟢 9security policy file detected
Branch-Protection🟢 5branch protection is not maximal on development and all release branches
SAST🟢 10SAST tool is run on all commits
actions/actions/checkout 7.*.* 🟢 6.9
Details
CheckScoreReason
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Code-Review🟢 10all changesets reviewed
Maintained🟢 1016 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10
Binary-Artifacts🟢 10no binaries found in the repo
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Token-Permissions⚠️ 0detected GitHub workflow tokens with excessive permissions
Pinned-Dependencies🟢 3dependency not pinned by hash detected -- score normalized to 3
Fuzzing⚠️ 0project is not fuzzed
License🟢 10license file detected
Packaging⚠️ -1packaging workflow not detected
Signed-Releases⚠️ -1no releases found
Security-Policy🟢 9security policy file detected
Branch-Protection🟢 5branch protection is not maximal on development and all release branches
SAST🟢 10SAST tool is run on all commits

Scanned Files

  • .github/workflows/docs.yml
  • .github/workflows/regenerate-screenshots.yml
  • .github/workflows/version-bump.yml

@JerrettDavis

Copy link
Copy Markdown
Owner

@dependabot rebase

@dependabot dependabot Bot changed the title chore(deps): bump the github-actions-dependencies group with 2 updates chore(deps): bump the github-actions-dependencies group across 1 directory with 2 updates Jun 22, 2026
@dependabot dependabot Bot force-pushed the dependabot/github_actions/github-actions-dependencies-0e13d744f4 branch from 76420e6 to 8919973 Compare June 22, 2026 18:27
@JerrettDavis

Copy link
Copy Markdown
Owner

@dependabot rebase

@dependabot @github

dependabot Bot commented on behalf of github Jun 22, 2026

Copy link
Copy Markdown
Contributor Author

Looks like this PR has been edited by someone other than Dependabot. That means Dependabot can't rebase it - sorry!

If you're happy for Dependabot to recreate it from scratch, overwriting any edits, you can request @dependabot recreate.

@JerrettDavis

Copy link
Copy Markdown
Owner

@dependabot recreate

…ctory with 2 updates

Bumps the github-actions-dependencies group with 2 updates in the / directory: [actions/checkout](https://github.com/actions/checkout) and [EnricoMi/publish-unit-test-result-action](https://github.com/enricomi/publish-unit-test-result-action).


Updates `actions/checkout` from 6 to 7
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](actions/checkout@v6...v7)

Updates `EnricoMi/publish-unit-test-result-action` from 2.23.0 to 2.24.0
- [Release notes](https://github.com/enricomi/publish-unit-test-result-action/releases)
- [Commits](EnricoMi/publish-unit-test-result-action@v2.23.0...v2.24.0)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-version: '7'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions-dependencies
- dependency-name: EnricoMi/publish-unit-test-result-action
  dependency-version: 2.24.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/github_actions/github-actions-dependencies-0e13d744f4 branch from 5d53407 to b474113 Compare June 22, 2026 18:52
  Generated 50 examples via llama3.2:1b
  Triggered by: push
  Workflow run: 27976356270
@dependabot @github

dependabot Bot commented on behalf of github Jun 22, 2026

Copy link
Copy Markdown
Contributor Author

This pull request was built based on a group rule. Closing it will not ignore any of these versions in future pull requests.

To ignore these dependencies, configure ignore rules in dependabot.yml

@JerrettDavis JerrettDavis reopened this Jun 22, 2026
@github-actions

Copy link
Copy Markdown
Contributor

Code Coverage

Summary
  Generated on: 06/22/2026 - 19:09:46
  Coverage date: 06/22/2026 - 19:07:48 - 06/22/2026 - 19:09:38
  Parser: MultiReport (7x Cobertura)
  Assemblies: 23
  Classes: 1067
  Files: 591
  Line coverage: 74.6%
  Covered lines: 36822
  Uncovered lines: 12489
  Coverable lines: 49311
  Total lines: 97272
  Branch coverage: 61.8% (13925 of 22510)
  Covered branches: 13925
  Total branches: 22510
  Method coverage: 86.4% (6316 of 7307)
  Full method coverage: 74.2% (5425 of 7307)
  Covered methods: 6316
  Fully covered methods: 5425
  Total methods: 7307

@JerrettDavis JerrettDavis merged commit fb59386 into main Jun 22, 2026
15 checks passed
@JerrettDavis JerrettDavis deleted the dependabot/github_actions/github-actions-dependencies-0e13d744f4 branch June 22, 2026 19:13
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant