Bump the github-actions group across 1 directory with 8 updates by dependabot[bot] · Pull Request #941 · conda/conda-libmamba-solver

dependabot · 2026-05-12T02:18:47Z

Bumps the github-actions group with 8 updates in the / directory:

Package	From	To
actions/github-script	`8.0.0`	`9.0.0`
conda-incubator/setup-miniconda	`3.3.0`	`4.0.1`
actions/upload-pages-artifact	`4.0.0`	`5.0.0`
actions/add-to-project	`1.0.2`	`2.0.0`
actions/cache	`5.0.4`	`5.0.5`
actions/upload-artifact	`7.0.0`	`7.0.1`
CodSpeedHQ/action	`4.13.0`	`4.15.1`
test-summary/action	`2.4`	`2.6`

Updates actions/github-script from 8.0.0 to 9.0.0

Release notes

Sourced from actions/github-script's releases.

v9.0.0

New features:

getOctokit factory function — Available directly in the script context. Create additional authenticated Octokit clients with different tokens for multi-token workflows, GitHub App tokens, and cross-org access. See Creating additional clients with getOctokit for details and examples.

Orchestration ID in user-agent — The ACTIONS_ORCHESTRATION_ID environment variable is automatically appended to the user-agent string for request tracing.

Breaking changes:

require('@actions/github') no longer works in scripts. The upgrade to @actions/github v9 (ESM-only) means require('@actions/github') will fail at runtime. If you previously used patterns like const { getOctokit } = require('@actions/github') to create secondary clients, use the new injected getOctokit function instead — it's available directly in the script context with no imports needed.

getOctokit is now an injected function parameter. Scripts that declare const getOctokit = ... or let getOctokit = ... will get a SyntaxError because JavaScript does not allow const/let redeclaration of function parameters. Use the injected getOctokit directly, or use var getOctokit = ... if you need to redeclare it.

If your script accesses other @actions/github internals beyond the standard github/octokit client, you may need to update those references for v9 compatibility.

What's Changed

Add ACTIONS_ORCHESTRATION_ID to user-agent string by @Copilot in actions/github-script#695

ci: use deployment: false for integration test environments by @salmanmkc in actions/github-script#712

feat!: add getOctokit to script context, upgrade @actions/github v9, @octokit/core v7, and related packages by @salmanmkc in actions/github-script#700

New Contributors

@Copilot made their first contribution in actions/github-script#695

Full Changelog: actions/github-script@v8.0.0...v9.0.0

Commits

3a2844b Merge pull request #700 from actions/salmanmkc/expose-getoctokit + prepare re...
ca10bbd fix: use @octokit/core/types import for v7 compatibility
86e48e2 merge: incorporate main branch changes
c108472 chore: rebuild dist for v9 upgrade and getOctokit factory
afff112 Merge pull request #712 from actions/salmanmkc/deployment-false + fix user-ag...
ff8117e ci: fix user-agent test to handle orchestration ID
81c6b78 ci: use deployment: false to suppress deployment noise from integration tests
3953caf docs: update README examples from @v8 to @v9, add getOctokit docs and v9 brea...
c17d55b ci: add getOctokit integration test job
a047196 test: add getOctokit integration tests via callAsyncFunction
Additional commits viewable in compare view

Updates conda-incubator/setup-miniconda from 3.3.0 to 4.0.1

Release notes

Sourced from conda-incubator/setup-miniconda's releases.

Version 4.0.1

What's Changed

Fix MultipleKeysError when user condarc declares auto_activate by @jezdez in conda-incubator/setup-miniconda#500

Full Changelog: conda-incubator/setup-miniconda@v4.0.0...v4.0.1

Version 4.0.0

Breaking Changes

#459: Upgrade action runtime to Node.js 24.x (requires runners with Node 24 support; this is the reason for the v4 major bump)

#450: Switch action build to ESM (for @actions/exec v3)

Features and Enhancements

#469: Add conda-init input to optionally skip conda init and document activation for restricted environments

#482: Add channels parsing utility and URL validation

#481: Enable stricter TypeScript checks and typing

#480: Add more tests, increase coverage, add Codecov integration and coverage badge

#479: Add TypeDoc-based API docs, generation and checks; configure GitHub Pages and Netlify previews

Fixes

#465: Fix double channel configuration being applied

#467: Speed up Windows post-run cleanup by moving the extracted packages directory instead of removing files one by one

#470: Fix name-version-build syntax expansion and add tests

#475: Split shell init and activation of the test environment to remove spurious warning

#498: Skip Netlify preview for Dependabot PRs

Performance

#486: Remove HTML index scraping for Miniconda version validation

#487: Parallelize Windows takeown calls with Promise.all

#488: Replace isDefaultEnvironment subprocess with local YAML reads

#489: Replace conda config subprocesses with direct .condarc YAML writes

Tasks and Maintenance

#444: Bump conda-incubator/setup-miniconda from 3.2.0 to 3.3.0

#445: Bump actions/checkout from 6.0.1 to 6.0.2

#449: Bump @actions/exec from 2.0.0 to 3.0.0

#456, #484, #491: Bump actions/upload-artifact

#460: Bump actions/download-artifact from 7.0.0 to 8.0.1

... (truncated)

Changelog

Sourced from conda-incubator/setup-miniconda's changelog.

CHANGELOG

v4.0.1 (2026-04-24)

Fixes

Fix MultipleKeysError on conda 25.11+ when a user-supplied condarc-file already declares auto_activate: now only one of auto_activate / auto_activate_base is written to .condarc, preferring whichever key the user's existing condarc uses.

Add auto_activate to the boolean coercion set so its value is serialized as a YAML boolean when it is the chosen canonical key.

Add local_repodata_ttl to KNOWN_CONDARC_KEYS to silence a spurious "Unrecognized condarc key" warning for a valid conda key.

[v4.0.0] (2026-04-23)

Breaking Changes

#459[459]: Upgrade action runtime to Node.js 24.x (requires runners with Node 24 support; this is the reason for the v4 major bump)

#450[450]: Switch action build to ESM (for @actions/exec v3)

Features and Enhancements

#469[469]: Add conda-init input to optionally skip conda init and document activation for restricted environments

#482[482]: Add channels parsing utility and URL validation

#481[481]: Enable stricter TypeScript checks and typing

#480[480]: Add more tests, increase coverage, add Codecov integration and coverage badge

#479[479]: Add TypeDoc-based API docs, generation and checks; configure GitHub Pages and Netlify previews

Fixes

#465[465]: Fix double channel configuration being applied

#467[467]: Speed up Windows post-run cleanup by moving the extracted packages directory instead of removing files one by one

#470[470]: Fix name-version-build syntax expansion and add tests

#475[475]: Split shell init and activation of the test environment to remove spurious warning

Performance

#486[486]: Remove HTML index scraping for Miniconda version validation

#487[487]: Parallelize Windows takeown calls with Promise.all

#488[488]: Replace isDefaultEnvironment subprocess with local YAML reads

... (truncated)

Commits

8ee1f36 Fix MultipleKeysError when user condarc declares auto_activate (#500)
bce0bd8 Prepare v4 release (#499)
78fb0ff ci(docs): skip Netlify preview for Dependabot PRs (#498)
d32e72e Bump @actions/core from 3.0.0 to 3.0.1 (#496)
3e251ae Bump actions/upload-artifact from 4 to 7 (#491)
7ff02ae Bump actions/upload-pages-artifact from 3 to 5 (#492)
65b62b8 Bump actions/deploy-pages from 4 to 5 (#494)
1eb4d38 Bump marocchino/sticky-pull-request-comment from 2 to 3 (#493)
bfb6f7e Bump codecov/codecov-action from 5 to 6 (#495)
77236ef Merge pull request #489 from conda-incubator/perf/direct-condarc-write
Additional commits viewable in compare view

Updates actions/upload-pages-artifact from 4.0.0 to 5.0.0

Release notes

Sourced from actions/upload-pages-artifact's releases.

v5.0.0

Changelog

Update upload-artifact action to version 7 @Tom-van-Woudenberg (#139)

feat: add include-hidden-files input @jonchurch (#137)

See details of all code changes since previous release.

Commits

fc324d3 Merge pull request #139 from Tom-van-Woudenberg/patch-1
fe9d4b7 Merge branch 'main' into patch-1
0ca1617 Merge pull request #137 from jonchurch/include-hidden-files
57f0e84 Update action.yml
4a90348 v7 --> hash
56f665a Update upload-artifact action to version 7
f7615f5 Add include-hidden-files input
See full diff in compare view

Updates actions/add-to-project from 1.0.2 to 2.0.0

Release notes

Sourced from actions/add-to-project's releases.

v2

What's Changed

Update instructions for fine grained PAT by @talune in actions/add-to-project#596

build(deps-dev): bump prettier from 3.2.5 to 3.3.2 by @dependabot[bot] in actions/add-to-project#594

build(deps-dev): bump eslint-plugin-github from 4.10.2 to 5.0.1 by @dependabot[bot] in actions/add-to-project#593

Resolve Regular Expression syntax checking errors by @talune in actions/add-to-project#598

build(deps-dev): bump typescript from 5.4.5 to 5.5.2 by @dependabot[bot] in actions/add-to-project#595

build(deps-dev): bump ts-jest from 29.1.5 to 29.3.0 by @dependabot[bot] in actions/add-to-project#675

Batch updating some dependencies for vulns by @TylerDixon in actions/add-to-project#679

build(deps): bump undici from 5.28.4 to 5.28.5 by @dependabot[bot] in actions/add-to-project#662

build(deps-dev): bump eslint-plugin-prettier from 5.1.3 to 5.2.5 by @dependabot[bot] in actions/add-to-project#682

Have dependabot also run builds as another commit when creating PRs by @TylerDixon in actions/add-to-project#684

build(deps): bump @octokit/request-error from 5.1.1 to 6.1.7 by @dependabot[bot] in actions/add-to-project#683

build(deps): bump @octokit/request from 8.4.1 to 9.2.2 by @dependabot[bot] in actions/add-to-project#681

Bump eslint-plugin-jest from 28.6.0 to 28.11.0 by @dependabot[bot] in actions/add-to-project#685

Bump @types/node from 16.18.101 to 22.13.14 by @dependabot[bot] in actions/add-to-project#686

Bump @types/jest from 29.5.12 to 29.5.14 by @dependabot[bot] in actions/add-to-project#687

Bump @vercel/ncc from 0.38.1 to 0.38.3 by @dependabot[bot] in actions/add-to-project#688

Bump ts-jest from 29.3.0 to 29.3.2 by @dependabot[bot] in actions/add-to-project#694

chore: removes sourcemap-register from build step by @andrialexandrou in actions/add-to-project#696

Bump @octokit/plugin-paginate-rest from 9.2.2 to 13.0.1 by @dependabot[bot] in actions/add-to-project#699

Bump ts-jest from 29.3.2 to 29.4.0 by @dependabot[bot] in actions/add-to-project#703

Bump @types/node from 22.13.14 to 24.0.12 by @dependabot[bot] in actions/add-to-project#709

Potential fix for code scanning alert no. 6: Workflow does not contain permissions by @wiinci in actions/add-to-project#715

Potential fix for code scanning alert no. 5: Workflow does not contain permissions by @wiinci in actions/add-to-project#716

Potential fix for code scanning alert no. 7: Workflow does not contain permissions by @wiinci in actions/add-to-project#717

Fix code scanning alert:missing regex anchor by @wiinci in actions/add-to-project#719

Add Missing Languages to CodeQL Advanced Configuration by @KyFaSt in actions/add-to-project#710

Bump @octokit/request from 9.2.2 to 10.0.3 by @dependabot[bot] in actions/add-to-project#705

Bump concurrently from 8.2.2 to 9.2.0 by @dependabot[bot] in actions/add-to-project#707

Bump prettier from 3.3.2 to 3.6.2 by @dependabot[bot] in actions/add-to-project#721

Bump concurrently from 9.2.0 to 9.2.1 by @dependabot[bot] in actions/add-to-project#722

Bump @types/node from 24.0.12 to 24.5.2 by @dependabot[bot] in actions/add-to-project#730

Bump actions/checkout from 4 to 5 by @dependabot[bot] in actions/add-to-project#714

Bump actions/setup-node from 4 to 5 by @dependabot[bot] in actions/add-to-project#726

build(deps-dev): bump @typescript-eslint/parser from 7.14.1 to 7.18.0 by @dependabot[bot] in actions/add-to-project#616

Bump ts-jest from 29.4.1 to 29.4.5 by @dependabot[bot] in actions/add-to-project#742

Bump js-yaml from 3.14.1 to 3.14.2 by @dependabot[bot] in actions/add-to-project#750

Bump actions/upload-artifact from 4 to 5 by @dependabot[bot] in actions/add-to-project#748

Bump github/codeql-action from 3 to 4 by @dependabot[bot] in actions/add-to-project#741

Bump jest and @types/jest by @dependabot[bot] in actions/add-to-project#743

Bump actions/setup-node from 5 to 6 by @dependabot[bot] in actions/add-to-project#744

Consolidate ESLint 9 and TypeScript ESLint 8 dependency updates by @Copilot in actions/add-to-project#751

Bump @octokit/request-error from 6.1.8 to 7.1.0 by @dependabot[bot] in actions/add-to-project#757

Bump globals from 15.15.0 to 16.5.0 by @dependabot[bot] in actions/add-to-project#756

Bump @octokit/plugin-paginate-rest from 13.1.1 to 14.0.0 by @dependabot[bot] in actions/add-to-project#754

Bump @vercel/ncc from 0.38.3 to 0.38.4 by @dependabot[bot] in actions/add-to-project#753

Bump actions/checkout from 5 to 6 by @dependabot[bot] in actions/add-to-project#752

Bump eslint from 9.39.1 to 9.39.2 by @dependabot[bot] in actions/add-to-project#759

Bump ts-jest from 29.4.5 to 29.4.6 by @dependabot[bot] in actions/add-to-project#760

... (truncated)

Commits

5afcf98 Merge pull request #712 from salmanmkc/node24
ffed68f Merge main and update action runtime to Node 24
27022a1 Merge pull request #777 from actions/dependabot/npm_and_yarn/types/node-25.5.0
cc89d2e Merge pull request #778 from actions/dependabot/npm_and_yarn/globals-17.4.0
ef8e6ff Merge pull request #779 from actions/dependabot/npm_and_yarn/eslint-plugin-je...
eb406b3 Merge pull request #780 from actions/dependabot/npm_and_yarn/handlebars-4.7.9
bb8d4d7 Bump handlebars from 4.7.8 to 4.7.9
a6fcf8b Bump eslint-plugin-jest from 29.12.1 to 29.15.1
b35f5d3 Bump globals from 17.0.0 to 17.4.0
036fea0 Bump @types/node from 25.0.3 to 25.5.0
Additional commits viewable in compare view

Updates actions/cache from 5.0.4 to 5.0.5

Release notes

Sourced from actions/cache's releases.

v5.0.5

What's Changed

Update ts-http-runtime dependency by @yacaovsnc in actions/cache#1747

Full Changelog: actions/cache@v5...v5.0.5

Changelog

Sourced from actions/cache's changelog.

Releases

How to prepare a release

[!NOTE]
Relevant for maintainers with write access only.

Switch to a new branch from main.

Run npm test to ensure all tests are passing.

Update the version in https://github.com/actions/cache/blob/main/package.json.

Run npm run build to update the compiled files.

Update this https://github.com/actions/cache/blob/main/RELEASES.md with the new version and changes in the ## Changelog section.

Run licensed cache to update the license report.

Run licensed status and resolve any warnings by updating the https://github.com/actions/cache/blob/main/.licensed.yml file with the exceptions.

Commit your changes and push your branch upstream.

Open a pull request against main and get it reviewed and merged.

Draft a new release https://github.com/actions/cache/releases use the same version number used in package.json

Create a new tag with the version number.

Auto generate release notes and update them to match the changes you made in RELEASES.md.

Toggle the set as the latest release option.

Publish the release.

Navigate to https://github.com/actions/cache/actions/workflows/release-new-action-version.yml

There should be a workflow run queued with the same version number.

Approve the run to publish the new version and update the major tags for this action.

Changelog

5.0.4

Bump minimatch to v3.1.5 (fixes ReDoS via globstar patterns)

Bump undici to v6.24.1 (WebSocket decompression bomb protection, header validation fixes)

Bump fast-xml-parser to v5.5.6

5.0.3

Bump @actions/cache to v5.0.5 (Resolves: https://github.com/actions/cache/security/dependabot/33)

Bump @actions/core to v2.0.3

5.0.2

Bump @actions/cache to v5.0.3 #1692

5.0.1

Update @azure/storage-blob to ^12.29.1 via @actions/cache@5.0.1 #1685

5.0.0

[!IMPORTANT] actions/cache@v5 runs on the Node.js 24 runtime and requires a minimum Actions Runner version of 2.327.1.

... (truncated)

Commits

27d5ce7 Merge pull request #1747 from actions/yacaovsnc/update-dependency
f280785 licensed changes
619aeb1 npm run build generated dist files
bcf16c2 Update ts-http-runtime to 0.3.5
See full diff in compare view

Updates actions/upload-artifact from 7.0.0 to 7.0.1

Release notes

Sourced from actions/upload-artifact's releases.

v7.0.1

What's Changed

Update the readme with direct upload details by @danwkennedy in actions/upload-artifact#795

Readme: bump all the example versions to v7 by @danwkennedy in actions/upload-artifact#796

Include changes in typespec/ts-http-runtime 0.3.5 by @yacaovsnc in actions/upload-artifact#797

Full Changelog: actions/upload-artifact@v7...v7.0.1

Commits

043fb46 Merge pull request #797 from actions/yacaovsnc/update-dependency
634250c Include changes in typespec/ts-http-runtime 0.3.5
e454baa Readme: bump all the example versions to v7 (#796)
74fad66 Update the readme with direct upload details (#795)
See full diff in compare view

Updates CodSpeedHQ/action from 4.13.0 to 4.15.1

Release notes

Sourced from CodSpeedHQ/action's releases.

v4.15.1

Release Notes

🚀 Features

Add a way to disable perf compression through env var by @GuillaumeLagrange in #334

Do not display the comparison nudge when not in an interactive terminal by @GuillaumeLagrange in #300

Display a warning when profiling generation failed by @GuillaumeLagrange

Detect and abort on ring buffer overflow by @not-matthias in #321

Grow ring buffer to 16 MiB by @not-matthias

⚙️ Internals

chore: bump runner version to 4.15.1 by @github-actions[bot] in CodSpeedHQ/action#205

Increase stack sampling for python by @GuillaumeLagrange in #337

Replace hard coded lint job for a dedicated check action by @GuillaumeLagrange in #320

Bump cpp-linter-hooks to support darwin by @GuillaumeLagrange

Swap pre-commit action for prek by @GuillaumeLagrange

Fix unused clippy errors in test targets on macos by @GuillaumeLagrange

Run pre-commit hooks on macos and ubuntu-latest by @GuillaumeLagrange

Install codspeed-runner 4.15.1

Install prebuilt binaries via shell script
curl --proto '=https' --tlsv1.2 -LsSf https://github.com/CodSpeedHQ/codspeed/releases/download/v4.15.1/codspeed-runner-installer.sh | sh
Download codspeed-runner 4.15.1

File Platform Checksum

codspeed-runner-aarch64-apple-darwin.tar.gz Apple Silicon macOS checksum

codspeed-runner-aarch64-unknown-linux-musl.tar.gz ARM64 MUSL Linux checksum

codspeed-runner-x86_64-unknown-linux-musl.tar.gz x64 MUSL Linux checksum

Full Runner Changelog: https://github.com/CodSpeedHQ/codspeed/blob/main/CHANGELOG.md

Full Changelog: CodSpeedHQ/action@v4.15.0...v4.15.1

v4.15.0

Release Notes

This release adds first support for macOS walltime.

Please note that profiling and other instruments are not yet available on macOS and will come in a later update.

Minimum integration versions

pytest-codspeed v4.5.0

codspeed-rust v4.6.0

... (truncated)

Commits

3194d9a Release v4.15.1 🚀
91dff45 chore: bump runner version to 4.15.1
c381be0 Release v4.15.0 🚀
5cb7f66 chore: bump runner version to 4.15.0
658a901 Release v4.14.0 🚀
1d42668 chore: bump runner version to 4.14.0
db35df7 Release v4.13.1 🚀
bc11107 feat: support action-only releases with explicit version argument
12a303d feat: fail release script if version already exists
6e1e277 feat: add dry-run mode to release script
Additional commits viewable in compare view

Updates test-summary/action from 2.4 to 2.6

Release notes

Sourced from test-summary/action's releases.

v2.6

Actually update the tag to point to the correct branch (dist) instead of the dev branch.

v2.5

What's Changed

Switch to using NodeJS v16 as a action runtime by @webknjaz in test-summary/action#17

Use HTTPS to link SVG images by @webknjaz in test-summary/action#16

Bump xml2js from 0.4.23 to 0.5.0 by @dependabot[bot] in test-summary/action#31

Bump @babel/traverse from 7.20.13 to 7.23.6 by @dependabot[bot] in test-summary/action#36

HTML escaping of dashboard results by @dil-gschreiber in test-summary/action#26

Update dependencies by @ethomson in test-summary/action#37

Bump NodeJS to 20 LTS by @gstokkink in test-summary/action#42

Use new Github Actions output syntax by @gstokkink in test-summary/action#41

Include failure or error message on dashboard by @gstokkink in test-summary/action#40

Don't deference null by @ethomson in test-summary/action#49

Parse attributeless tags correctly by @sujeet in test-summary/action#55

add folded option by @braingram in test-summary/action#53

Check for key existence to identify junit file by @crammond in test-summary/action#52

ci: update actions versions by @ethomson in test-summary/action#72

Upgrade to node 24 by @jagthedrummer in test-summary/action#71

Fix #1 Add support for .trx by @siegfriedpammer in test-summary/action#59

Updates to use node24 by @CharlieM312 in test-summary/action#66

New Contributors

@webknjaz made their first contribution in test-summary/action#17

@dependabot[bot] made their first contribution in test-summary/action#31

@dil-gschreiber made their first contribution in test-summary/action#26

@ethomson made their first contribution in test-summary/action#37

@gstokkink made their first contribution in test-summary/action#42

@sujeet made their first contribution in test-summary/action#55

@braingram made their first contribution in test-summary/action#53

@crammond made their first contribution in test-summary/action#52

@jagthedrummer made their first contribution in test-summary/action#71

@siegfriedpammer made their first contribution in test-summary/action#59

@CharlieM312 made their first contribution in test-summary/action#66

Full Changelog: https://github.com/test-summary/action/commits/v2.5

Commits

37b508c Update from CI
3c2d3e2 Update from CI
f6ac61a Update from CI
14d976e Update from CI
See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the github-actions group with 8 updates in the / directory: | Package | From | To | | --- | --- | --- | | [actions/github-script](https://github.com/actions/github-script) | `8.0.0` | `9.0.0` | | [conda-incubator/setup-miniconda](https://github.com/conda-incubator/setup-miniconda) | `3.3.0` | `4.0.1` | | [actions/upload-pages-artifact](https://github.com/actions/upload-pages-artifact) | `4.0.0` | `5.0.0` | | [actions/add-to-project](https://github.com/actions/add-to-project) | `1.0.2` | `2.0.0` | | [actions/cache](https://github.com/actions/cache) | `5.0.4` | `5.0.5` | | [actions/upload-artifact](https://github.com/actions/upload-artifact) | `7.0.0` | `7.0.1` | | [CodSpeedHQ/action](https://github.com/codspeedhq/action) | `4.13.0` | `4.15.1` | | [test-summary/action](https://github.com/test-summary/action) | `2.4` | `2.6` | Updates `actions/github-script` from 8.0.0 to 9.0.0 - [Release notes](https://github.com/actions/github-script/releases) - [Commits](actions/github-script@ed59741...3a2844b) Updates `conda-incubator/setup-miniconda` from 3.3.0 to 4.0.1 - [Release notes](https://github.com/conda-incubator/setup-miniconda/releases) - [Changelog](https://github.com/conda-incubator/setup-miniconda/blob/main/CHANGELOG.md) - [Commits](conda-incubator/setup-miniconda@fc2d68f...8ee1f36) Updates `actions/upload-pages-artifact` from 4.0.0 to 5.0.0 - [Release notes](https://github.com/actions/upload-pages-artifact/releases) - [Commits](actions/upload-pages-artifact@7b1f4a7...fc324d3) Updates `actions/add-to-project` from 1.0.2 to 2.0.0 - [Release notes](https://github.com/actions/add-to-project/releases) - [Commits](actions/add-to-project@244f685...5afcf98) Updates `actions/cache` from 5.0.4 to 5.0.5 - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](actions/cache@6682284...27d5ce7) Updates `actions/upload-artifact` from 7.0.0 to 7.0.1 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](actions/upload-artifact@bbbca2d...043fb46) Updates `CodSpeedHQ/action` from 4.13.0 to 4.15.1 - [Release notes](https://github.com/codspeedhq/action/releases) - [Changelog](https://github.com/CodSpeedHQ/action/blob/main/CHANGELOG.md) - [Commits](CodSpeedHQ/action@d872884...3194d9a) Updates `test-summary/action` from 2.4 to 2.6 - [Release notes](https://github.com/test-summary/action/releases) - [Commits](test-summary/action@31493c7...37b508c) --- updated-dependencies: - dependency-name: actions/github-script dependency-version: 9.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: conda-incubator/setup-miniconda dependency-version: 4.0.1 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: actions/upload-pages-artifact dependency-version: 5.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: actions/add-to-project dependency-version: 2.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: actions/cache dependency-version: 5.0.5 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: actions/upload-artifact dependency-version: 7.0.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: CodSpeedHQ/action dependency-version: 4.15.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: test-summary/action dependency-version: '2.6' dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot Bot added dependencies [bot] PRs that update a dependency file github_actions Pull requests that update GitHub Actions code labels May 12, 2026

dependabot Bot requested a review from a team as a code owner May 12, 2026 02:18

dependabot Bot added dependencies [bot] PRs that update a dependency file github_actions Pull requests that update GitHub Actions code labels May 12, 2026

conda-bot added the cla-signed [bot] added once the contributor has signed the CLA label May 12, 2026

conda-bot added this to 🔎 Review May 12, 2026

github-project-automation Bot moved this to 🆕 New in 🔎 Review May 12, 2026

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump the github-actions group across 1 directory with 8 updates#941

Bump the github-actions group across 1 directory with 8 updates#941
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/github_actions/github-actions-017c5d7c41

dependabot Bot commented on behalf of github May 12, 2026

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

File	Platform	Checksum
codspeed-runner-aarch64-apple-darwin.tar.gz	Apple Silicon macOS	checksum
codspeed-runner-aarch64-unknown-linux-musl.tar.gz	ARM64 MUSL Linux	checksum
codspeed-runner-x86_64-unknown-linux-musl.tar.gz	x64 MUSL Linux	checksum

Conversation

dependabot Bot commented on behalf of github May 12, 2026

v9.0.0

What's Changed

New Contributors

Version 4.0.1

What's Changed

Version 4.0.0

Breaking Changes

Features and Enhancements

Fixes

Performance

Tasks and Maintenance

CHANGELOG

v4.0.1 (2026-04-24)

Fixes

[v4.0.0] (2026-04-23)

Breaking Changes

Features and Enhancements

Fixes

Performance

v5.0.0

Changelog

v2

What's Changed

v5.0.5

What's Changed

Releases

How to prepare a release

Changelog

5.0.4

5.0.3

5.0.2

5.0.1

5.0.0

v7.0.1

What's Changed

v4.15.1

Release Notes

🚀 Features

⚙️ Internals

Install codspeed-runner 4.15.1

Install prebuilt binaries via shell script

Download codspeed-runner 4.15.1

v4.15.0

Release Notes

Minimum integration versions

v2.6

v2.5

What's Changed

New Contributors

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant