Bump the all group across 1 directory with 3 updates #443

dependabot · 2025-05-11T16:09:51Z

Bumps the all group with 3 updates in the / directory: actions/setup-go, github/codeql-action and actions/attest-build-provenance.

Updates actions/setup-go from 5.4.0 to 5.5.0

Release notes

Sourced from actions/setup-go's releases.

v5.5.0

What's Changed

Bug fixes:

Update self-hosted environment validation by @priyagupta108 in actions/setup-go#556

Add manifest validation and improve error handling by @priyagupta108 in actions/setup-go#586

Update template link by @jsoref in actions/setup-go#527

Dependency updates:

Upgrade @action/cache from 4.0.2 to 4.0.3 by @aparnajyothi-y in actions/setup-go#574

Upgrade @actions/glob from 0.4.0 to 0.5.0 by @dependabot in actions/setup-go#573

Upgrade ts-jest from 29.1.2 to 29.3.2 by @dependabot in actions/setup-go#582

Upgrade eslint-plugin-jest from 27.9.0 to 28.11.0 by @dependabot in actions/setup-go#537

New Contributors

@jsoref made their first contribution in actions/setup-go#527

Full Changelog: actions/setup-go@v5...v5.5.0

Commits

d35c59a chore: update discussions url (#527)
29694d7 Add manifest validation and improve error handling (#586)
78535dd Bump eslint-plugin-jest from 27.9.0 to 28.11.0 (#537)
bb65d88 Bump ts-jest from 29.1.2 to 29.3.2 (#582)
7f17e83 Bump @actions/glob from 0.4.0 to 0.5.0 (#573)
dca8468 Update self-hosted environment validation and bump undici version (#556)
691cc35 upgrade actions/cache to 4.0.3 (#574)
See full diff in compare view

Updates github/codeql-action from 3.28.12 to 3.28.17

Release notes

Sourced from github/codeql-action's releases.

v3.28.17

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.28.17 - 02 May 2025

Update default CodeQL bundle version to 2.21.2. #2872

See the full CHANGELOG.md for more information.

v3.28.16

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.28.16 - 23 Apr 2025

Update default CodeQL bundle version to 2.21.1. #2863

See the full CHANGELOG.md for more information.

v3.28.15

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.28.15 - 07 Apr 2025

Fix bug where the action would fail if it tried to produce a debug artifact with more than 65535 files. #2842

See the full CHANGELOG.md for more information.

v3.28.14

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.28.14 - 07 Apr 2025

Update default CodeQL bundle version to 2.21.0. #2838

See the full CHANGELOG.md for more information.

v3.28.13

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

3.28.13 - 24 Mar 2025

... (truncated)

Changelog

Sourced from github/codeql-action's changelog.

CodeQL Action Changelog

See the releases page for the relevant changes to the CodeQL CLI and language packs.

[UNRELEASED]

No user facing changes.

3.28.17 - 02 May 2025

Update default CodeQL bundle version to 2.21.2. #2872

3.28.16 - 23 Apr 2025

Update default CodeQL bundle version to 2.21.1. #2863

3.28.15 - 07 Apr 2025

Fix bug where the action would fail if it tried to produce a debug artifact with more than 65535 files. #2842

3.28.14 - 07 Apr 2025

Update default CodeQL bundle version to 2.21.0. #2838

3.28.13 - 24 Mar 2025

No user facing changes.

3.28.12 - 19 Mar 2025

Dependency caching should now cache more dependencies for Java build-mode: none extractions. This should speed up workflows and avoid inconsistent alerts in some cases.

Update default CodeQL bundle version to 2.20.7. #2810

3.28.11 - 07 Mar 2025

Update default CodeQL bundle version to 2.20.6. #2793

3.28.10 - 21 Feb 2025

Update default CodeQL bundle version to 2.20.5. #2772

Address an issue where the CodeQL Bundle would occasionally fail to decompress on macOS. #2768

3.28.9 - 07 Feb 2025

Update default CodeQL bundle version to 2.20.4. #2753

3.28.8 - 29 Jan 2025

Enable support for Kotlin 2.1.10 when running with CodeQL CLI v2.20.3. #2744

... (truncated)

Commits

60168ef Merge pull request #2886 from github/update-v3.28.17-97a2bfd2a
0d5a311 Update changelog for v3.28.17
97a2bfd Merge pull request #2872 from github/update-bundle/codeql-bundle-v2.21.2
9aba20e Merge branch 'main' into update-bundle/codeql-bundle-v2.21.2
81a9508 Merge pull request #2876 from github/henrymercer/fix-diff-informed-multiple-a...
1569f4c Disable diff-informed queries in code scanning config tests
62fbeb6 Merge branch 'main' into henrymercer/fix-diff-informed-multiple-analyze
f122d1d Address test failures from computing temporary directory too early
083772a Do not fail diff informed analyses when analyze is run twice in the same job
5db14d0 Merge branch 'main' into update-bundle/codeql-bundle-v2.21.2
Additional commits viewable in compare view

Updates actions/attest-build-provenance from 2.2.3 to 2.3.0

Release notes

Sourced from actions/attest-build-provenance's releases.

v2.3.0

What's Changed

Bump actions/attest from 2.2.1 to 2.3.0 by @bdehamer in actions/attest-build-provenance#615

Updates @sigstore/oci from 0.4.0 to 0.5.0

Full Changelog: actions/attest-build-provenance@v2.2.3...v2.3.0

Commits

db473fd bump actions/attest from 2.2.1 to 2.3.0 (#615)
d3b713a Bump the actions-minor group with 2 updates (#566)
e042adb Bump the npm-development group with 4 updates (#567)
9d3beef Bump the npm-development group with 4 updates (#554)
877f50d Bump typescript-eslint in the npm-development group (#516)
b7ab740 Bump the npm-development group across 1 directory with 6 updates (#506)
See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the all group with 3 updates in the / directory: [actions/setup-go](https://github.com/actions/setup-go), [github/codeql-action](https://github.com/github/codeql-action) and [actions/attest-build-provenance](https://github.com/actions/attest-build-provenance). Updates `actions/setup-go` from 5.4.0 to 5.5.0 - [Release notes](https://github.com/actions/setup-go/releases) - [Commits](actions/setup-go@0aaccfd...d35c59a) Updates `github/codeql-action` from 3.28.12 to 3.28.17 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](github/codeql-action@5f8171a...60168ef) Updates `actions/attest-build-provenance` from 2.2.3 to 2.3.0 - [Release notes](https://github.com/actions/attest-build-provenance/releases) - [Changelog](https://github.com/actions/attest-build-provenance/blob/main/RELEASE.md) - [Commits](actions/attest-build-provenance@c074443...db473fd) --- updated-dependencies: - dependency-name: actions/setup-go dependency-version: 5.5.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all - dependency-name: github/codeql-action dependency-version: 3.28.17 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: all - dependency-name: actions/attest-build-provenance dependency-version: 2.3.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels May 11, 2025

dependabot bot requested a review from a team as a code owner May 11, 2025 16:09

dependabot bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels May 11, 2025

dependabot bot force-pushed the dependabot/github_actions/all-fe06a8bd36 branch from 0bf1da4 to 85113a8 Compare May 18, 2025 16:19

dependabot bot force-pushed the dependabot/github_actions/all-fe06a8bd36 branch from 85113a8 to def0932 Compare May 25, 2025 16:14

jakecoffman approved these changes May 29, 2025

View reviewed changes

jakecoffman added this pull request to the merge queue May 29, 2025

Merged via the queue into main with commit 0b7405a May 29, 2025
76 checks passed

jakecoffman deleted the dependabot/github_actions/all-fe06a8bd36 branch May 29, 2025 20:59

BrewTestBot mentioned this pull request May 30, 2025

dependabot 1.66.0 Homebrew/homebrew-core#225246

Merged

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Bump the all group across 1 directory with 3 updates #443

Bump the all group across 1 directory with 3 updates #443

Uh oh!

dependabot bot commented on behalf of github May 11, 2025 •

edited

Loading

Uh oh!

Uh oh!

Uh oh!

Bump the all group across 1 directory with 3 updates #443

Bump the all group across 1 directory with 3 updates #443

Uh oh!

Conversation

dependabot bot commented on behalf of github May 11, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

v5.5.0

What's Changed

Bug fixes:

Dependency updates:

New Contributors

v3.28.17

CodeQL Action Changelog

3.28.17 - 02 May 2025

v3.28.16

CodeQL Action Changelog

3.28.16 - 23 Apr 2025

v3.28.15

CodeQL Action Changelog

3.28.15 - 07 Apr 2025

v3.28.14

CodeQL Action Changelog

3.28.14 - 07 Apr 2025

v3.28.13

CodeQL Action Changelog

3.28.13 - 24 Mar 2025

CodeQL Action Changelog

[UNRELEASED]

3.28.17 - 02 May 2025

3.28.16 - 23 Apr 2025

3.28.15 - 07 Apr 2025

3.28.14 - 07 Apr 2025

3.28.13 - 24 Mar 2025

3.28.12 - 19 Mar 2025

3.28.11 - 07 Mar 2025

3.28.10 - 21 Feb 2025

3.28.9 - 07 Feb 2025

3.28.8 - 29 Jan 2025

v2.3.0

What's Changed

Uh oh!

Uh oh!

Uh oh!

dependabot bot commented on behalf of github May 11, 2025 •

edited

Loading