chore(deps): bump the dependencies group with 4 updates #369

dependabot · 2025-08-17T23:08:05Z

Bumps the dependencies group with 4 updates: actions/checkout, google-github-actions/auth, browser-actions/setup-chrome and goreleaser/goreleaser-action.

Updates actions/checkout from 4.2.2 to 5.0.0

Release notes

Sourced from actions/checkout's releases.

v5.0.0

What's Changed

Update actions checkout to use node 24 by @salmanmkc in actions/checkout#2226

Prepare v5.0.0 release by @salmanmkc in actions/checkout#2238

⚠️ Minimum Compatible Runner Version

v2.327.1
Release Notes

Make sure your runner is updated to this version or newer to use this release.

Full Changelog: actions/checkout@v4...v5.0.0

v4.3.0

What's Changed

docs: update README.md by @motss in actions/checkout#1971

Add internal repos for checking out multiple repositories by @mouismail in actions/checkout#1977

Documentation update - add recommended permissions to Readme by @benwells in actions/checkout#2043

Adjust positioning of user email note and permissions heading by @joshmgross in actions/checkout#2044

Update README.md by @nebuk89 in actions/checkout#2194

Update CODEOWNERS for actions by @TingluoHuang in actions/checkout#2224

Update package dependencies by @salmanmkc in actions/checkout#2236

Prepare release v4.3.0 by @salmanmkc in actions/checkout#2237

New Contributors

@motss made their first contribution in actions/checkout#1971

@mouismail made their first contribution in actions/checkout#1977

@benwells made their first contribution in actions/checkout#2043

@nebuk89 made their first contribution in actions/checkout#2194

@salmanmkc made their first contribution in actions/checkout#2236

Full Changelog: actions/checkout@v4...v4.3.0

Changelog

Sourced from actions/checkout's changelog.

Changelog

V5.0.0

Update actions checkout to use node 24 by @salmanmkc in actions/checkout#2226

V4.3.0

docs: update README.md by @motss in actions/checkout#1971

Add internal repos for checking out multiple repositories by @mouismail in actions/checkout#1977

Documentation update - add recommended permissions to Readme by @benwells in actions/checkout#2043

Adjust positioning of user email note and permissions heading by @joshmgross in actions/checkout#2044

Update README.md by @nebuk89 in actions/checkout#2194

Update CODEOWNERS for actions by @TingluoHuang in actions/checkout#2224

Update package dependencies by @salmanmkc in actions/checkout#2236

v4.2.2

url-helper.ts now leverages well-known environment variables by @jww3 in actions/checkout#1941

Expand unit test coverage for isGhes by @jww3 in actions/checkout#1946

v4.2.1

Check out other refs/* by commit if provided, fall back to ref by @orhantoy in actions/checkout#1924

v4.2.0

Add Ref and Commit outputs by @lucacome in actions/checkout#1180

Dependency updates by @dependabot- actions/checkout#1777, actions/checkout#1872

v4.1.7

Bump the minor-npm-dependencies group across 1 directory with 4 updates by @dependabot in actions/checkout#1739

Bump actions/checkout from 3 to 4 by @dependabot in actions/checkout#1697

Check out other refs/* by commit by @orhantoy in actions/checkout#1774

Pin actions/checkout's own workflows to a known, good, stable version. by @jww3 in actions/checkout#1776

v4.1.6

Check platform to set archive extension appropriately by @cory-miller in actions/checkout#1732

v4.1.5

Update NPM dependencies by @cory-miller in actions/checkout#1703

Bump github/codeql-action from 2 to 3 by @dependabot in actions/checkout#1694

Bump actions/setup-node from 1 to 4 by @dependabot in actions/checkout#1696

Bump actions/upload-artifact from 2 to 4 by @dependabot in actions/checkout#1695

README: Suggest user.email to be 41898282+github-actions[bot]@users.noreply.github.com by @cory-miller in actions/checkout#1707

v4.1.4

Disable extensions.worktreeConfig when disabling sparse-checkout by @jww3 in actions/checkout#1692

Add dependabot config by @cory-miller in actions/checkout#1688

Bump the minor-actions-dependencies group with 2 updates by @dependabot in actions/checkout#1693

Bump word-wrap from 1.2.3 to 1.2.5 by @dependabot in actions/checkout#1643

v4.1.3

... (truncated)

Commits

08c6903 Prepare v5.0.0 release (#2238)
9f26565 Update actions checkout to use node 24 (#2226)
08eba0b Prepare release v4.3.0 (#2237)
631c7dc Update package dependencies (#2236)
8edcb1b Update CODEOWNERS for actions (#2224)
09d2aca Update README.md (#2194)
85e6279 Adjust positioning of user email note and permissions heading (#2044)
009b9ae Documentation update - add recommended permissions to Readme (#2043)
cbb7224 Update README.md (#1977)
3b9b8c8 docs: update README.md (#1971)
See full diff in compare view

Updates google-github-actions/auth from 2.1.7 to 2.1.12

Release notes

Sourced from google-github-actions/auth's releases.

v2.1.12

What's Changed

Add retries for getIDToken by @sethvargo in google-github-actions/auth#502

Release: v2.1.12 by @google-github-actions-bot in google-github-actions/auth#503

Full Changelog: google-github-actions/auth@v2.1.11...v2.1.12

v2.1.11

What's Changed

Update troubleshooting docs for Python by @sethvargo in google-github-actions/auth#488

Add linters by @sethvargo in google-github-actions/auth#499

Update deps by @sethvargo in google-github-actions/auth#500

Release: v2.1.11 by @google-github-actions-bot in google-github-actions/auth#501

Full Changelog: google-github-actions/auth@v2.1.10...v2.1.11

v2.1.10

What's Changed

Declare workflow permissions by @sethvargo in google-github-actions/auth#482

Document that the OIDC token expires in 5min by @sethvargo in google-github-actions/auth#483

Release: v2.1.10 by @google-github-actions-bot in google-github-actions/auth#484

Full Changelog: google-github-actions/auth@v2.1.9...v2.1.10

v2.1.9

What's Changed

Use our custom boolean parsing by @sethvargo in google-github-actions/auth#478

Update deps by @sethvargo in google-github-actions/auth#479

Release: v2.1.9 by @google-github-actions-bot in google-github-actions/auth#480

Full Changelog: google-github-actions/auth@v2.1.8...v2.1.9

v2.1.8

What's Changed

Update TROUBLESHOOTING.md by @sethvargo in google-github-actions/auth#457

fix: add runs-on to README.md example by @lbarthon in google-github-actions/auth#460

security: bump undici from 5.28.4 to 5.28.5 in the npm_and_yarn group by @dependabot in google-github-actions/auth#463

Update deps by @sethvargo in google-github-actions/auth#466

Release: v2.1.8 by @google-github-actions-bot in google-github-actions/auth#467

New Contributors

@lbarthon made their first contribution in google-github-actions/auth#460

Full Changelog: google-github-actions/auth@v2...v2.1.8

Commits

b7593ed Release: v2.1.12 (#503)
c1ee334 Add retries for getIDToken (#502)
140bb51 Release: v2.1.11 (#501)
ab3132e Update deps (#500)
25b96ba Add linters (#499)
0920706 Update troubleshooting docs for Python (#488)
ba79af0 Release: v2.1.10 (#484)
bfaa66b Document that the OIDC token expires in 5min (#483)
d0822ad Declare workflow permissions (#482)
7b53cdc Release: v2.1.9 (#480)
Additional commits viewable in compare view

Updates browser-actions/setup-chrome from 1.7.3 to 2.1.0

Release notes

Sourced from browser-actions/setup-chrome's releases.

setup-chrome: v2.1.0

2.1.0 (2025-07-13)

Features

Support snapshot installs on Windows ARM64 (#635) (12261ee)

v2.1.0

2.1.0 (2025-07-13)

Features

Support snapshot installs on Windows ARM64 (#635) (12261ee)

setup-chrome: v2.0.0

2.0.0 (2025-07-06)

⚠ BREAKING CHANGES

Use chrome for testing as default (#632)

Features

Use chrome for testing as default (#632) (3bb0bd6)

v2.0.0

2.0.0 (2025-07-06)

⚠ BREAKING CHANGES

Use chrome for testing as default (#632)

Features

Use chrome for testing as default (#632) (3bb0bd6)

Migration guide for v2.0.0

1. Installer Changes on Channel Name Installs

If you are using the channel name (stable, beta, dev, or canary) to install the browser, the new version of the action installs the browser from [Chrome for Testing][] instead of the official installer. Please check if your workflow is using the expected browser binary version with the new version of the action.

The installed browser binary with the channel name is as follows:

| Platform | New Binary Path |

... (truncated)

Changelog

Sourced from browser-actions/setup-chrome's changelog.

Changelog

2.1.0 (2025-07-13)

Features

Support snapshot installs on Windows ARM64 (#635) (12261ee)

2.0.0 (2025-07-06)

⚠ BREAKING CHANGES

Use chrome for testing as default (#632)

Features

Use chrome for testing as default (#632) (3bb0bd6)

1.7.3 (2025-01-25)

Bug Fixes

support ubuntu 24 (#620) (fffa33d), closes #618

1.7.2 (2024-07-13)

Bug Fixes

sign published tags and commits (#573) (d5fbe5f), closes #558

1.7.1 (2024-05-27)

Bug Fixes

try to install browser version when user will not install ChromeDriver (#551) (f5596e0), closes #550

1.7.0 (2024-05-26)

Features

support installing a compatible version of ChromeDriver (#548) (f0f75ba)

1.6.2 (2024-05-15)

... (truncated)

Commits

b94431e Release v2.1.0 at 5f2f9dae94e061474cbfa44c9901c5faee86f8e9
4c4260d Release v2.0.0 at 3289928922e4e14c8d0131d7da41090f078025bb
See full diff in compare view

Updates goreleaser/goreleaser-action from 6.3.0 to 6.4.0

Release notes

Sourced from goreleaser/goreleaser-action's releases.

v6.4.0

What's Changed

ci: set contents read as default workflow permissions by @crazy-max in goreleaser/goreleaser-action#494

fix: support .config directory for goreleaser config files by @haya14busa in goreleaser/goreleaser-action#500

chore(deps): bump semver from 7.7.1 to 7.7.2 by @dependabot[bot] in goreleaser/goreleaser-action#495

chore(deps): bump brace-expansion from 1.1.11 to 1.1.12 by @dependabot[bot] in goreleaser/goreleaser-action#498

fix: do not get releases.json if version is specific by @caarlos0 in goreleaser/goreleaser-action#502

chore(deps): bump undici from 5.28.5 to 5.29.0 by @dependabot[bot] in goreleaser/goreleaser-action#496

feat: retry downloading releases json by @caarlos0 in goreleaser/goreleaser-action#503

New Contributors

@haya14busa made their first contribution in goreleaser/goreleaser-action#500

Full Changelog: goreleaser/goreleaser-action@v6.3.0...v6.4.0

Commits

e435ccd feat: retry downloading releases json (#503)
2ff5850 chore(deps): bump undici from 5.28.5 to 5.29.0 (#496)
9a6cd01 fix: do not get releases.json if version is specific (#502)
a386515 chore(deps): bump brace-expansion from 1.1.11 to 1.1.12 (#498)
ca48102 chore(deps): bump semver from 7.7.1 to 7.7.2 (#495)
0931acf fix: support .config directory for goreleaser config files (#500)
90c43f2 ci: set contents read as default workflow permissions (#494)
See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the dependencies group with 4 updates: [actions/checkout](https://github.com/actions/checkout), [google-github-actions/auth](https://github.com/google-github-actions/auth), [browser-actions/setup-chrome](https://github.com/browser-actions/setup-chrome) and [goreleaser/goreleaser-action](https://github.com/goreleaser/goreleaser-action). Updates `actions/checkout` from 4.2.2 to 5.0.0 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@v4.2.2...08c6903) Updates `google-github-actions/auth` from 2.1.7 to 2.1.12 - [Release notes](https://github.com/google-github-actions/auth/releases) - [Changelog](https://github.com/google-github-actions/auth/blob/main/CHANGELOG.md) - [Commits](google-github-actions/auth@6fc4af4...b7593ed) Updates `browser-actions/setup-chrome` from 1.7.3 to 2.1.0 - [Release notes](https://github.com/browser-actions/setup-chrome/releases) - [Changelog](https://github.com/browser-actions/setup-chrome/blob/master/CHANGELOG.md) - [Commits](browser-actions/setup-chrome@c785b87...b94431e) Updates `goreleaser/goreleaser-action` from 6.3.0 to 6.4.0 - [Release notes](https://github.com/goreleaser/goreleaser-action/releases) - [Commits](goreleaser/goreleaser-action@9c156ee...e435ccd) --- updated-dependencies: - dependency-name: actions/checkout dependency-version: 5.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: dependencies - dependency-name: google-github-actions/auth dependency-version: 2.1.12 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: dependencies - dependency-name: browser-actions/setup-chrome dependency-version: 2.1.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: dependencies - dependency-name: goreleaser/goreleaser-action dependency-version: 6.4.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: dependencies ... Signed-off-by: dependabot[bot] <support@github.com>

github-actions · 2025-08-17T23:09:21Z

Code Metrics Report

	main (d4cdbb7)	#369 (dec13a2)	+/-
Coverage	31.7%	31.7%	0.0%
Code to Test Ratio	1:0.8	1:0.8	0.0
Test Execution Time	10s	10s	0s

Details

  |                     | main (d4cdbb7) | #369 (dec13a2) | +/-  |
  |---------------------|----------------|----------------|------|
  | Coverage            |          31.7% |          31.7% | 0.0% |
  |   Files             |             26 |             26 |    0 |
  |   Lines             |           3066 |           3066 |    0 |
  |   Covered           |            972 |            972 |    0 |
  | Code to Test Ratio  |          1:0.8 |          1:0.8 |  0.0 |
  |   Code              |           6299 |           6299 |    0 |
  |   Test              |           5481 |           5481 |    0 |
  | Test Execution Time |            10s |            10s |   0s |

Reported by octocov

dependabot bot assigned k1LoW Aug 17, 2025

dependabot bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Aug 17, 2025

Songmu merged commit bf73fa0 into main Aug 18, 2025
3 checks passed

Songmu deleted the dependabot/github_actions/dependencies-610edbea94 branch August 18, 2025 15:47

github-actions bot mentioned this pull request Aug 18, 2025

Release for v1.15.1 #373

Merged

BrewTestBot mentioned this pull request Aug 18, 2025

deck 1.15.1 Homebrew/homebrew-core#233971

Merged

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Uh oh!

chore(deps): bump the dependencies group with 4 updates #369

chore(deps): bump the dependencies group with 4 updates #369

Uh oh!

dependabot bot commented on behalf of github Aug 17, 2025

Uh oh!

github-actions bot commented Aug 17, 2025

Uh oh!

Uh oh!

Uh oh!

Uh oh!

chore(deps): bump the dependencies group with 4 updates #369

chore(deps): bump the dependencies group with 4 updates #369

Uh oh!

Conversation

dependabot bot commented on behalf of github Aug 17, 2025

v5.0.0

What's Changed

⚠️ Minimum Compatible Runner Version

v4.3.0

What's Changed

New Contributors

Changelog

V5.0.0

V4.3.0

v4.2.2

v4.2.1

v4.2.0

v4.1.7

v4.1.6

v4.1.5

v4.1.4

v4.1.3

v2.1.12

What's Changed

v2.1.11

What's Changed

v2.1.10

What's Changed

v2.1.9

What's Changed

v2.1.8

What's Changed

New Contributors

setup-chrome: v2.1.0

2.1.0 (2025-07-13)

Features

v2.1.0

2.1.0 (2025-07-13)

Features

setup-chrome: v2.0.0

2.0.0 (2025-07-06)

⚠ BREAKING CHANGES

Features

v2.0.0

2.0.0 (2025-07-06)

⚠ BREAKING CHANGES

Features

Migration guide for v2.0.0

1. Installer Changes on Channel Name Installs

Changelog

2.1.0 (2025-07-13)

Features

2.0.0 (2025-07-06)

⚠ BREAKING CHANGES

Features

1.7.3 (2025-01-25)

Bug Fixes

1.7.2 (2024-07-13)

Bug Fixes

1.7.1 (2024-05-27)

Bug Fixes

1.7.0 (2024-05-26)

Features

1.6.2 (2024-05-15)

v6.4.0

What's Changed

New Contributors

Uh oh!

github-actions bot commented Aug 17, 2025

Code Metrics Report

Uh oh!

Uh oh!

Uh oh!