Skip to content

ci: bump the github-actions group across 1 directory with 4 updates#15

Merged
rustyconover merged 1 commit into
mainfrom
dependabot/github_actions/github-actions-cbb7e52037
Jun 22, 2026
Merged

ci: bump the github-actions group across 1 directory with 4 updates#15
rustyconover merged 1 commit into
mainfrom
dependabot/github_actions/github-actions-cbb7e52037

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 18, 2026
edited
Loading

Copy link
Copy Markdown
Contributor

Bumps the github-actions group with 4 updates in the / directory: actions/checkout, astral-sh/setup-uv, codecov/codecov-action and cloudflare/wrangler-action.

Updates actions/checkout from 5 to 7

Release notes

Sourced from actions/checkout's releases.

v7.0.0

What's Changed

New Contributors

Full Changelog: actions/checkout@v6.0.3...v7.0.0

v6.0.3

What's Changed

New Contributors

Full Changelog: actions/checkout@v6...v6.0.3

v6.0.2

What's Changed

Full Changelog: actions/checkout@v6.0.1...v6.0.2

v6.0.1

What's Changed

Full Changelog: actions/checkout@v6...v6.0.1

v6.0.0

What's Changed

... (truncated)

Changelog

Sourced from actions/checkout's changelog.

Changelog

v7.0.0

v6.0.3

v6.0.2

v6.0.1

v6.0.0

v5.0.1

v5.0.0

v4.3.1

v4.3.0

v4.2.2

v4.2.1

... (truncated)

Commits

Updates astral-sh/setup-uv from 8.1.0 to 8.2.0

Release notes

Sourced from astral-sh/setup-uv's releases.

v8.2.0 🌈 New inputs quiet and download-from-astral-mirror

Changes

This release brings two new inputs and a few bug fixes.

New inputs

Lets talk about the new inputs first.

quiet

Pretty simple. It turns of all info loggings. Useful if you use this in a composite action and are not interested in all the details. In the upcoming releases we will add log groups to fully implement support for "less noise"

[!NOTE]
Warnings and errors are always logged.

download-from-astral-mirror

In some cases you may want to directly use the fallback of checking for available versions and downloading releases from GitHub instead of using the astral.sh mirror. Setting download-from-astral-mirror: false allows you to do that.

Bugfixes

When using the astral.sh mirror to query available versions and download releases (done by default) we now stop sending the GitHub token in the header. The mirror never looked at it but we shouldn't be handing out that data even if it is just a short lived token. All other bugfixes try to limit the impact of failed GitHub queries due to retries and other faults.

We couldn't pinpoint all rootcauses yet but added more logging for error cases to track them down.

🐛 Bug fixes

🚀 Enhancements

🧰 Maintenance

... (truncated)

Commits
  • fac544c chore(deps): roll up dependabot updates (#903)
  • 7390f77 docs: update dependabot rollup biome guidance (#902)
  • 363c64a chore(deps): roll up dependabot updates (#901)
  • c4fcbaf chore(deps): bump release-drafter/release-drafter from 7.3.0 to 7.3.1 (#900)
  • 8e642c5 chore: update known checksums for 0.11.18 (#899)
  • a92cb43 Add quiet input to suppress info-level log output (#898)
  • e07f2ac chore(deps): bump eifinger/actionlint-action from 1.10.1 to 1.10.2 (#842)
  • bc4034e chore(deps): bump github/codeql-action from 4.35.4 to 4.36.0 (#893)
  • df42d4f chore(deps): bump zizmorcore/zizmor-action from 0.5.5 to 0.5.6 (#891)
  • b9c8c4c feat: add download-from-astral-mirror input (#897)
  • Additional commits viewable in compare view

Updates codecov/codecov-action from 5 to 7

Release notes

Sourced from codecov/codecov-action's releases.

v7.0.0

⚠️ Due to migration issues with keybase, we are unable to update our keys under the codecovsecurity account. We have deleted the account and are using codecovsecops with the original gpg key

What's Changed

Full Changelog: codecov/codecov-action@v6.0.1...v7.0.0

v6.0.2

This is a copy of the v7.0.0 release to make updates easier

What's Changed

Full Changelog: codecov/codecov-action@v6.0.1...v6.0.2

v6.0.1

What's Changed

Full Changelog: codecov/codecov-action@v6.0.0...v6.0.1

v6.0.0

⚠️ This version introduces support for node24 which make cause breaking changes for systems that do not currently support node24. ⚠️

What's Changed

Full Changelog: codecov/codecov-action@v5.5.4...v6.0.0

v5.5.5

This release only contains the keybase.io change as described here.

Full Changelog: codecov/codecov-action@v5.5.4...v5.5.5

v5.5.4

This is a mirror of v5.5.2. v6 will be released which requires node24

What's Changed

... (truncated)

Changelog

Sourced from codecov/codecov-action's changelog.

v5.5.2

What's Changed

Full Changelog: https://github.com/codecov/codecov-action/compare/v5.5.1..v5.5.2

v5.5.1

What's Changed

Full Changelog: https://github.com/codecov/codecov-action/compare/v5.5.0..v5.5.1

v5.5.0

What's Changed

Full Changelog: https://github.com/codecov/codecov-action/compare/v5.4.3..v5.5.0

v5.4.3

What's Changed

Full Changelog: https://github.com/codecov/codecov-action/compare/v5.4.2..v5.4.3

v5.4.2

... (truncated)

Commits

Updates cloudflare/wrangler-action from 3 to 4

Release notes

Sourced from cloudflare/wrangler-action's releases.

v4.0.0

Major Changes

  • #412 1029e90 Thanks @​ericclemmons! - Update default Wrangler version to v4 (latest). The action now installs Wrangler v4 by default when no wranglerVersion input is specified. Users can still pin to v3 by setting wranglerVersion: "3.90.0" explicitly.

v3.15.0

Minor Changes

  • #426 febbda6 Thanks @​WillTaylorDev! - Support version ranges and tags in wranglerVersion input. You can now set wranglerVersion to values like 4, ^4.0.0, 4.x, or latest instead of only exact versions like 4.81.0.

v3.14.1

Patch Changes

v3.14.0

Minor Changes

Patch Changes

v3.13.1

Patch Changes

v3.13.0

Minor Changes

v3.12.1

Patch Changes

v3.12.0

Minor Changes

  • #312 122ee5cf5b66847e0b6cfa67ecd9e03e38a67a42 Thanks @​Maximo-Guk! - This reapplies 303 add parity with pages-action for pages deploy outputs. Thanks @​courtney-sims! - Support pages-deployment-id, pages-environment, pages-deployment-alias-url and deployment-url outputs for Pages deploys when wrangler version is >=3.81.0. deployment-alias-url was also deprecated in favour of pages-deployment-alias.

v3.11.0

Minor Changes

... (truncated)

Changelog

Sourced from cloudflare/wrangler-action's changelog.

Changelog

4.0.0

Major Changes

  • #412 1029e90 Thanks @​ericclemmons! - Update default Wrangler version to v4 (latest). The action now installs Wrangler v4 by default when no wranglerVersion input is specified. Users can still pin to v3 by setting wranglerVersion: "3.90.0" explicitly.

3.15.0

Minor Changes

  • #426 febbda6 Thanks @​WillTaylorDev! - Support version ranges and tags in wranglerVersion input. You can now set wranglerVersion to values like 4, ^4.0.0, 4.x, or latest instead of only exact versions like 4.81.0.

3.14.1

Patch Changes

3.14.0

Minor Changes

Patch Changes

3.13.1

Patch Changes

3.13.0

Minor Changes

3.12.1

Patch Changes

... (truncated)

Commits
  • ebbaa15 Automatic compilation
  • a61fbea Merge pull request #429 from cloudflare/changeset-release/main
  • e804ea3 Version Packages
  • 8d0324a fix: update release workflow to v5 actions and regenerate lockfile
  • 2f18b18 Merge pull request #431 from cloudflare/fix/semgrep-blocking-findings
  • 622ff0d fix: upgrade checkout and setup-node to v5 for Node 24 runtime
  • f501f05 fix: force GitHub actions to run on Node 24 via env var
  • f990691 fix: resolve npm audit vulnerabilities via undici override and vitest v3
  • 652762d fix: migrate action runtime from node20 to node24
  • bd3f4f0 fix: add retry support to worker health check using better-result
  • Additional commits viewable in compare view

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Jun 18, 2026
@dependabot dependabot Bot changed the title ci: bump the github-actions group with 4 updates ci: bump the github-actions group across 1 directory with 4 updates Jun 22, 2026
@dependabot dependabot Bot force-pushed the dependabot/github_actions/github-actions-cbb7e52037 branch from 268b0e1 to 1a8219d Compare June 22, 2026 08:19
@dependabot
ci: bump the github-actions group across 1 directory with 4 updates
471b757 
Bumps the github-actions group with 4 updates in the / directory: [actions/checkout](https://github.com/actions/checkout), [astral-sh/setup-uv](https://github.com/astral-sh/setup-uv), [codecov/codecov-action](https://github.com/codecov/codecov-action) and [cloudflare/wrangler-action](https://github.com/cloudflare/wrangler-action).


Updates `actions/checkout` from 5 to 7
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](actions/checkout@v5...v7)

Updates `astral-sh/setup-uv` from 8.1.0 to 8.2.0
- [Release notes](https://github.com/astral-sh/setup-uv/releases)
- [Commits](astral-sh/setup-uv@v8.1.0...v8.2.0)

Updates `codecov/codecov-action` from 5 to 7
- [Release notes](https://github.com/codecov/codecov-action/releases)
- [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md)
- [Commits](codecov/codecov-action@v5...v7)

Updates `cloudflare/wrangler-action` from 3 to 4
- [Release notes](https://github.com/cloudflare/wrangler-action/releases)
- [Changelog](https://github.com/cloudflare/wrangler-action/blob/main/CHANGELOG.md)
- [Commits](cloudflare/wrangler-action@v3...v4)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-version: '6'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions
- dependency-name: astral-sh/setup-uv
  dependency-version: 8.2.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions
- dependency-name: cloudflare/wrangler-action
  dependency-version: '4'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions
- dependency-name: codecov/codecov-action
  dependency-version: '7'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/github_actions/github-actions-cbb7e52037 branch from 1a8219d to 471b757 Compare June 22, 2026 16:17
@rustyconover rustyconover merged commit c5a1b48 into main Jun 22, 2026
5 checks passed
@rustyconover rustyconover deleted the dependabot/github_actions/github-actions-cbb7e52037 branch June 22, 2026 16:19
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@rustyconover