Skip to content

chore(deps): bump the all-actions group with 3 updates#631

Merged
github-actions[bot] merged 1 commit intomainfrom
dependabot/github_actions/all-actions-9115413ef8
Mar 26, 2026
Merged

chore(deps): bump the all-actions group with 3 updates#631
github-actions[bot] merged 1 commit intomainfrom
dependabot/github_actions/all-actions-9115413ef8

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Mar 26, 2026

Bumps the all-actions group with 3 updates: gradle/actions, actions/deploy-pages and codecov/codecov-action.

Updates gradle/actions from 5 to 6

Release notes

Sourced from gradle/actions's releases.

v6.0.0

[!IMPORTANT] The release of gradle/actions@v6 contains important changes to the license terms. More details in this blog post. TL;DR: By upgrading to v6, you accept the Terms of Use for the gradle-actions-caching component.

Summary

  • Caching functionality of 'gradle-actions' has been extracted into a separate gradle-actions-caching library, and is no longer open-source. See this blog post for more context.
  • Existing, rudimentary, configuration-cache support has been removed, pending a fully functional implementation in gradle-actions-caching.
  • Dependencies updated to address security vulnerabilities

[!IMPORTANT]

Licensing notice

The caching functionality in `gradle-actions` has been extracted into `gradle-actions-caching`, a proprietary commercial component that is not covered by the MIT License. The bundled `gradle-actions-caching` component is licensed and governed by a separate license, available at https://gradle.com/legal/terms-of-use/.

The `gradle-actions-caching` component is used only when caching is enabled and is not loaded or used when caching is disabled.

Use of the `gradle-actions-caching` component is subject to a separate license, available at https://gradle.com/legal/terms-of-use/. If you do not agree to these license terms, do not use the `gradle-actions-caching` component.

What's Changed

Full Changelog: gradle/actions@v5.0.2...v6.0.0

v5.0.2

Summary

This release contains no functional changes. It updates dependencies and known Gradle wrapper checksums.

What's Changed

... (truncated)

Commits
  • 39e147c [bot] Update dist directory
  • 14ac3d6 Bump com.fasterxml.jackson.dataformat:jackson-dataformat-smile from 2.21.1 to...
  • 81fec7a Mention explicit license acceptance in notice (#912)
  • 4ac5b01 [bot] Update dist directory
  • f64284c Mute license warning when terms are accepted (#911)
  • c2457a7 Update tagging instructions for release
  • 8205114 Update Gradle version compatibility information
  • 6710000 Add typing information for use by typesafegithub (#910)
  • 3d0e2a8 Pin version for github actions
  • f663ed9 Ignore internal action files for type validation
  • Additional commits viewable in compare view

Updates actions/deploy-pages from 4 to 5

Release notes

Sourced from actions/deploy-pages's releases.

v5.0.0

Changelog

See details of all code changes since previous release.

⚠️ For use with products other than GitHub.com, such as GitHub Enterprise Server, please consult the compatibility table.

v4.0.5

Changelog

See details of all code changes since previous release.

⚠️ For use with products other than GitHub.com, such as GitHub Enterprise Server, please consult the compatibility table.

v4.0.4

Changelog

See details of all code changes since previous release.

⚠️ For use with products other than GitHub.com, such as GitHub Enterprise Server, please consult the compatibility table.

v4.0.3

Changelog

... (truncated)

Commits
  • cd2ce8f Merge pull request #404 from salmanmkc/node24
  • bbe2a95 Update Node.js version to 24.x
  • 854d7aa Merge pull request #374 from actions/Jcambass-patch-1
  • 306bb81 Add workflow file for publishing releases to immutable action package
  • b742728 Merge pull request #360 from actions/dependabot/npm_and_yarn/npm_and_yarn-513...
  • 7273294 Bump braces in the npm_and_yarn group across 1 directory
  • 963791f Merge pull request #361 from actions/dependabot-friendly
  • 51bb29d Make the rebuild dist workflow safer for Dependabot
  • 89f3d10 Merge pull request #358 from actions/dependabot/npm_and_yarn/non-breaking-cha...
  • bce7355 Merge branch 'main' into dependabot/npm_and_yarn/non-breaking-changes-99c12deb21
  • Additional commits viewable in compare view

Updates codecov/codecov-action from 5 to 6

Release notes

Sourced from codecov/codecov-action's releases.

v6.0.0

⚠️ This version introduces support for node24 which make cause breaking changes for systems that do not currently support node24. ⚠️

What's Changed

Full Changelog: codecov/codecov-action@v5.5.4...v6.0.0

v5.5.4

This is a mirror of v5.5.2. v6 will be released which requires node24

What's Changed

Full Changelog: codecov/codecov-action@v5.5.3...v5.5.4

v5.5.3

What's Changed

Full Changelog: codecov/codecov-action@v5.5.2...v5.5.3

v5.5.2

What's Changed

New Contributors

Full Changelog: codecov/codecov-action@v5.5.1...v5.5.2

v5.5.1

What's Changed

... (truncated)

Changelog

Sourced from codecov/codecov-action's changelog.

v5.5.2

What's Changed

Full Changelog: https://github.com/codecov/codecov-action/compare/v5.5.1..v5.5.2

v5.5.1

What's Changed

Full Changelog: https://github.com/codecov/codecov-action/compare/v5.5.0..v5.5.1

v5.5.0

What's Changed

Full Changelog: https://github.com/codecov/codecov-action/compare/v5.4.3..v5.5.0

v5.4.3

What's Changed

Full Changelog: https://github.com/codecov/codecov-action/compare/v5.4.2..v5.4.3

v5.4.2

... (truncated)

Commits

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot dependabot bot added dependencies Pull requests that update a dependency file github-actions labels Mar 26, 2026
@github-actions github-actions bot enabled auto-merge (squash) March 26, 2026 19:36
@dependabot @kpavlov
chore(deps): bump the all-actions group with 3 updates
bcb0ab2 
Bumps the all-actions group with 3 updates: [gradle/actions](https://github.com/gradle/actions), [actions/deploy-pages](https://github.com/actions/deploy-pages) and [codecov/codecov-action](https://github.com/codecov/codecov-action).


Updates `gradle/actions` from 5 to 6
- [Release notes](https://github.com/gradle/actions/releases)
- [Commits](gradle/actions@v5...v6)

Updates `actions/deploy-pages` from 4 to 5
- [Release notes](https://github.com/actions/deploy-pages/releases)
- [Commits](actions/deploy-pages@v4...v5)

Updates `codecov/codecov-action` from 5 to 6
- [Release notes](https://github.com/codecov/codecov-action/releases)
- [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md)
- [Commits](codecov/codecov-action@v5...v6)

---
updated-dependencies:
- dependency-name: gradle/actions
  dependency-version: '6'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: all-actions
- dependency-name: actions/deploy-pages
  dependency-version: '5'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: all-actions
- dependency-name: codecov/codecov-action
  dependency-version: '6'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: all-actions
...

Signed-off-by: dependabot[bot] <support@github.com>
@kpavlov kpavlov force-pushed the dependabot/github_actions/all-actions-9115413ef8 branch from 0884f75 to bcb0ab2 Compare March 26, 2026 21:11
@github-actions github-actions bot merged commit 1cda704 into main Mar 26, 2026
20 checks passed
@github-actions github-actions bot deleted the dependabot/github_actions/all-actions-9115413ef8 branch March 26, 2026 21:28
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@kpavlov kpavlov kpavlov approved these changes

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file github-actions

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@kpavlov