Skip to content

chore: bump the github-actions-dependencies group across 1 directory with 4 updates#468

Open
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/github_actions/github-actions-dependencies-9374882632
Open

chore: bump the github-actions-dependencies group across 1 directory with 4 updates#468
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/github_actions/github-actions-dependencies-9374882632

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Feb 6, 2026

Bumps the github-actions-dependencies group with 4 updates in the / directory: hoverkraft-tech/ci-github-publish/.github/workflows/release-actions.yml, super-linter/super-linter, github/codeql-action and alstr/todo-to-issue-action.

Updates hoverkraft-tech/ci-github-publish/.github/workflows/release-actions.yml from 0.20.1 to 0.21.1

Release notes

Sourced from hoverkraft-tech/ci-github-publish/.github/workflows/release-actions.yml's releases.

0.21.1

Release Summary

Deployment workflows now include the missing GitHub token permissions needed to reliably fetch pull-request data. Actions and workflows documentation was refreshed to reflect the latest recommended usage.

Internal: build dependencies were updated (mikefarah/yq 4.50.1 → 4.52.2) in the shared GitHub Actions dependency group.

Breaking change(s)

No breaking changes.

What's Changed

Full Changelog: hoverkraft-tech/ci-github-publish@0.21.0...0.21.1

0.21.0

Release Summary

Fixes (check/url-lighthouse, release): extra headers are now passed correctly and missing permissions during release creation have been resolved.

Internal: documentation for actions/workflows was refreshed and GitHub Actions dependencies were upgraded (including setup-node 6.2.0 and cache 5.0.3, plus grouped bumps across multiple directories).

Breaking change(s)

There is no breaking change.

What's Changed

Full Changelog: hoverkraft-tech/ci-github-publish@0.20.1...0.21.0

Commits
  • 5ff7d4c docs: update actions and workflows documentation
  • e7b81d1 build(deps): Bump the github-actions-dependencies group across 2 directories ...
  • 16b778a docs: update actions and workflows documentation
  • 93e616c fix(deployment): add missing permissions to fetch PR data
  • 5cb7c76 docs: update actions and workflows documentation
  • d060f68 fix(release): missing permissions issues when creating release
  • defea09 docs: update actions and workflows documentation
  • 7720619 build(deps): Bump the github-actions-dependencies group across 4 directories ...
  • 1803f48 build(deps): Bump actions/cache
  • 97aecdc docs: update actions and workflows documentation
  • Additional commits viewable in compare view

Updates super-linter/super-linter from 8.0.0 to 8.4.0

Release notes

Sourced from super-linter/super-linter's releases.

v8.4.0

8.4.0 (2026-01-28)

🚀 Features

🐛 Bugfixes

⬆️ Dependency updates

  • bundler: bump rubocop in /dependencies in the rubocop group (#7332) (612347c)
  • bundler: bump rubocop in /dependencies in the rubocop group (#7451) (f17c26b)
  • bundler: bump rubocop-rails in /dependencies in the rubocop group (#7356) (e7abb06)
  • bundler: bump rubocop-rspec in /dependencies in the rubocop group (#7367) (cee7c26)
  • docker: bump golangci/golangci-lint in the docker group (#7365) (149226b)
  • docker: bump the docker group across 1 directory with 2 updates (#7336) (9d05e2a)
  • docker: bump the docker group across 1 directory with 2 updates (#7440) (806ddf4)
  • docker: bump the docker group across 1 directory with 5 updates (#7388) (89c80ac)
  • docker: bump the docker group with 2 updates (#7343) (4d1a380)
  • docker: bump the docker group with 3 updates (#7412) (fa07160)
  • java: bump com.puppycrawl.tools:checkstyle (#7348) (3bc0dc2)
  • npm: bump @​modelcontextprotocol/sdk in /dependencies (#7364) (898760f)
  • npm: bump diff from 5.2.0 to 5.2.2 in /dependencies (#7425) (ee62ba3)
  • npm: bump hono from 4.11.3 to 4.11.4 in /dependencies (#7379) (ca2821d)
  • npm: bump lodash from 4.17.21 to 4.17.23 in /dependencies (#7433) (be94292)
  • npm: bump qs from 6.14.0 to 6.14.1 in /dependencies (#7350) (64969c4)
  • npm: bump the npm group across 1 directory with 16 updates (#7411) (644fff4)
  • npm: bump the npm group across 1 directory with 2 updates (#7438) (c501415)
  • npm: bump the npm group across 1 directory with 3 updates (#7341) (62ebdce)
  • npm: bump the npm group across 1 directory with 3 updates (#7371) (5112c87)
  • npm: bump the npm group across 1 directory with 4 updates (#7338) (07b91bc)
  • npm: bump the npm group across 1 directory with 4 updates (#7366) (13ced20)
  • npm: bump the npm group across 1 directory with 4 updates (#7418) (ec5d03f)
  • npm: bump the npm group across 1 directory with 8 updates (#7355) (1b38ef9)
  • npm: bump the npm group across 1 directory with 8 updates (#7452) (4347691)

... (truncated)

Changelog

Sourced from super-linter/super-linter's changelog.

Changelog

8.4.0 (2026-01-28)

🚀 Features

🐛 Bugfixes

⬆️ Dependency updates

  • bundler: bump rubocop in /dependencies in the rubocop group (#7332) (612347c)
  • bundler: bump rubocop in /dependencies in the rubocop group (#7451) (f17c26b)
  • bundler: bump rubocop-rails in /dependencies in the rubocop group (#7356) (e7abb06)
  • bundler: bump rubocop-rspec in /dependencies in the rubocop group (#7367) (cee7c26)
  • docker: bump golangci/golangci-lint in the docker group (#7365) (149226b)
  • docker: bump the docker group across 1 directory with 2 updates (#7336) (9d05e2a)
  • docker: bump the docker group across 1 directory with 2 updates (#7440) (806ddf4)
  • docker: bump the docker group across 1 directory with 5 updates (#7388) (89c80ac)
  • docker: bump the docker group with 2 updates (#7343) (4d1a380)
  • docker: bump the docker group with 3 updates (#7412) (fa07160)
  • java: bump com.puppycrawl.tools:checkstyle (#7348) (3bc0dc2)
  • npm: bump @​modelcontextprotocol/sdk in /dependencies (#7364) (898760f)
  • npm: bump diff from 5.2.0 to 5.2.2 in /dependencies (#7425) (ee62ba3)
  • npm: bump hono from 4.11.3 to 4.11.4 in /dependencies (#7379) (ca2821d)
  • npm: bump lodash from 4.17.21 to 4.17.23 in /dependencies (#7433) (be94292)
  • npm: bump qs from 6.14.0 to 6.14.1 in /dependencies (#7350) (64969c4)
  • npm: bump the npm group across 1 directory with 16 updates (#7411) (644fff4)
  • npm: bump the npm group across 1 directory with 2 updates (#7438) (c501415)
  • npm: bump the npm group across 1 directory with 3 updates (#7341) (62ebdce)
  • npm: bump the npm group across 1 directory with 3 updates (#7371) (5112c87)
  • npm: bump the npm group across 1 directory with 4 updates (#7338) (07b91bc)
  • npm: bump the npm group across 1 directory with 4 updates (#7366) (13ced20)
  • npm: bump the npm group across 1 directory with 4 updates (#7418) (ec5d03f)
  • npm: bump the npm group across 1 directory with 8 updates (#7355) (1b38ef9)

... (truncated)

Commits
  • 12562e4 chore(main): release 8.4.0 (#7339)
  • 334a7aa deps(python): bump the pip group across 1 directory with 5 updates (#7447)
  • f17c26b deps(bundler): bump rubocop in /dependencies in the rubocop group (#7451)
  • a8f5889 ci(dev-docker): bump node in /dev-dependencies (#7431)
  • 806ddf4 deps(docker): bump the docker group across 1 directory with 2 updates (#7440)
  • 4347691 deps(npm): bump the npm group across 1 directory with 8 updates (#7452)
  • d3fa12f chore: refactor tests (#7446)
  • c501415 deps(npm): bump the npm group across 1 directory with 2 updates (#7438)
  • ce306b8 fix: don't save logs to file when running parallel (#7442)
  • be04fc3 fix: don't add GITHUB_WORKSPACE multiple times (#7439)
  • Additional commits viewable in compare view

Updates github/codeql-action from 4.32.0 to 4.32.2

Release notes

Sourced from github/codeql-action's releases.

v4.32.2

  • Update default CodeQL bundle version to 2.24.1. #3460

v4.32.1

  • A warning is now shown in Default Setup workflow logs if a private package registry is configured using a GitHub Personal Access Token (PAT), but no username is configured. #3422
  • Fixed a bug which caused the CodeQL Action to fail when repository properties cannot successfully be retrieved. #3421
Changelog

Sourced from github/codeql-action's changelog.

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

[UNRELEASED]

  • Update default CodeQL bundle version to 2.24.1. #3460

4.32.1 - 02 Feb 2026

  • A warning is now shown in Default Setup workflow logs if a private package registry is configured using a GitHub Personal Access Token (PAT), but no username is configured. #3422
  • Fixed a bug which caused the CodeQL Action to fail when repository properties cannot successfully be retrieved. #3421

4.32.0 - 26 Jan 2026

  • Update default CodeQL bundle version to 2.24.0. #3425

4.31.11 - 23 Jan 2026

  • When running a Default Setup workflow with Actions debugging enabled, the CodeQL Action will now use more unique names when uploading logs from the Dependabot authentication proxy as workflow artifacts. This ensures that the artifact names do not clash between multiple jobs in a build matrix. #3409
  • Improved error handling throughout the CodeQL Action. #3415
  • Added experimental support for automatically excluding generated files from the analysis. This feature is not currently enabled for any analysis. In the future, it may be enabled by default for some GitHub-managed analyses. #3318
  • The changelog extracts that are included with releases of the CodeQL Action are now shorter to avoid duplicated information from appearing in Dependabot PRs. #3403

4.31.10 - 12 Jan 2026

  • Update default CodeQL bundle version to 2.23.9. #3393

4.31.9 - 16 Dec 2025

No user facing changes.

4.31.8 - 11 Dec 2025

  • Update default CodeQL bundle version to 2.23.8. #3354

4.31.7 - 05 Dec 2025

  • Update default CodeQL bundle version to 2.23.7. #3343

4.31.6 - 01 Dec 2025

No user facing changes.

4.31.5 - 24 Nov 2025

  • Update default CodeQL bundle version to 2.23.6. #3321

4.31.4 - 18 Nov 2025

... (truncated)

Commits
  • 45cbd0c Merge pull request #3461 from github/update-v4.32.2-7aee93297
  • cb528be Update changelog for v4.32.2
  • 7aee932 Merge pull request #3460 from github/update-bundle/codeql-bundle-v2.24.1
  • b5f028a Merge pull request #3457 from github/dependabot/npm_and_yarn/npm-minor-4c1fc3...
  • 9702c27 Merge branch 'main' into dependabot/npm_and_yarn/npm-minor-4c1fc3d0aa
  • c36c948 Add changelog note
  • 3d03318 Update default bundle to codeql-bundle-v2.24.1
  • 77591e2 Merge pull request #3459 from github/copilot/fix-github-actions-workflow-again
  • 7a44a9d Fix Rebuild Action workflow by adding --no-edit flag to git merge --continue
  • e2ac371 Initial plan
  • Additional commits viewable in compare view

Updates alstr/todo-to-issue-action from 5.1.13 to 5.1.14

Release notes

Sourced from alstr/todo-to-issue-action's releases.

v5.1.14

What's Changed

New Contributors

Full Changelog: alstr/todo-to-issue-action@v5.1.13...v5.1.14

Commits
  • 64aca8f Bump version
  • d1f79f2 Merge pull request #281 from soraxas/fix/unbounded-var
  • 82dd9d3 actually fallback to default dict
  • 62a4dd1 Merge pull request #279 from yonasBSD/chore/upgrade-actions-checkout
  • db0ad8b chore: Upgrade to actions/checkout@v6.
  • 71b3037 Update ace_mode values used in tests
  • cdddfe1 Merge pull request #277 from Christian-Schou/feature/chs-add-al-code
  • 1e495ff ♻️ Update expected line number in test_url_insertion
  • d14fc87 📝 Add AL to supported languages list in README
  • 399f21a ✅ Add AL codeunit test cases and update text issue counts
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
chore: bump the github-actions-dependencies group across 1 directory …
b86f924 
…with 4 updates

Bumps the github-actions-dependencies group with 4 updates in the / directory: [hoverkraft-tech/ci-github-publish/.github/workflows/release-actions.yml](https://github.com/hoverkraft-tech/ci-github-publish), [super-linter/super-linter](https://github.com/super-linter/super-linter), [github/codeql-action](https://github.com/github/codeql-action) and [alstr/todo-to-issue-action](https://github.com/alstr/todo-to-issue-action).


Updates `hoverkraft-tech/ci-github-publish/.github/workflows/release-actions.yml` from 0.20.1 to 0.21.1
- [Release notes](https://github.com/hoverkraft-tech/ci-github-publish/releases)
- [Commits](hoverkraft-tech/ci-github-publish@84e8ace...5ff7d4c)

Updates `super-linter/super-linter` from 8.0.0 to 8.4.0
- [Release notes](https://github.com/super-linter/super-linter/releases)
- [Changelog](https://github.com/super-linter/super-linter/blob/main/CHANGELOG.md)
- [Commits](super-linter/super-linter@5119dcd...12562e4)

Updates `github/codeql-action` from 4.32.0 to 4.32.2
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](github/codeql-action@b20883b...45cbd0c)

Updates `alstr/todo-to-issue-action` from 5.1.13 to 5.1.14
- [Release notes](https://github.com/alstr/todo-to-issue-action/releases)
- [Commits](alstr/todo-to-issue-action@c45b007...64aca8f)

---
updated-dependencies:
- dependency-name: hoverkraft-tech/ci-github-publish/.github/workflows/release-actions.yml
  dependency-version: 0.21.1
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions-dependencies
- dependency-name: super-linter/super-linter
  dependency-version: 8.4.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions-dependencies
- dependency-name: github/codeql-action
  dependency-version: 4.32.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions-dependencies
- dependency-name: alstr/todo-to-issue-action
  dependency-version: 5.1.14
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Feb 6, 2026
@github-actions
Copy link
Contributor

github-actions bot commented Feb 6, 2026

Hi, thank you for creating your PR, we will check it out very soon

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants