Bump the github-actions group across 1 directory with 10 updates #178

dependabot · 2025-10-24T22:06:16Z

Bumps the github-actions group with 10 updates in the / directory:

Package	From	To
actions/github-script	`7.0.1`	`8.0.0`
actions/checkout	`4.2.2`	`5.0.0`
shivammathur/setup-php	`2.32.0`	`2.35.5`
actions/setup-node	`4.3.0`	`6.0.0`
actions/upload-artifact	`4.6.2`	`5.0.0`
ramsey/composer-install	`3.1.0`	`3.1.1`
actions/cache	`4.2.3`	`4.3.0`
actions/download-artifact	`4.2.1`	`6.0.0`
codecov/codecov-action	`5.4.0`	`5.5.1`
slackapi/slack-github-action	`2.0.0`	`2.1.1`

Updates actions/github-script from 7.0.1 to 8.0.0

Release notes

Sourced from actions/github-script's releases.

v8.0.0

What's Changed

Update Node.js version support to 24.x by @salmanmkc in actions/github-script#637

README for updating actions/github-script from v7 to v8 by @sneha-krip in actions/github-script#653

⚠️ Minimum Compatible Runner Version

v2.327.1
Release Notes

Make sure your runner is updated to this version or newer to use this release.

New Contributors

@salmanmkc made their first contribution in actions/github-script#637

@sneha-krip made their first contribution in actions/github-script#653

Full Changelog: actions/github-script@v7.1.0...v8.0.0

v7.1.0

What's Changed

Upgrade husky to v9 by @benelan in actions/github-script#482

Add workflow file for publishing releases to immutable action package by @Jcambass in actions/github-script#485

Upgrade IA Publish by @Jcambass in actions/github-script#486

Fix workflow status badges by @joshmgross in actions/github-script#497

Update usage of actions/upload-artifact by @joshmgross in actions/github-script#512

Clear up package name confusion by @joshmgross in actions/github-script#514

Update dependencies with npm audit fix by @joshmgross in actions/github-script#515

Specify that the used script is JavaScript by @timotk in actions/github-script#478

chore: Add Dependabot for NPM and Actions by @nschonni in actions/github-script#472

Define permissions in workflows and update actions by @joshmgross in actions/github-script#531

chore: Add Dependabot for .github/actions/install-dependencies by @nschonni in actions/github-script#532

chore: Remove .vscode settings by @nschonni in actions/github-script#533

ci: Use github/setup-licensed by @nschonni in actions/github-script#473

make octokit instance available as octokit on top of github, to make it easier to seamlessly copy examples from GitHub rest api or octokit documentations by @iamstarkov in actions/github-script#508

Remove octokit README updates for v7 by @joshmgross in actions/github-script#557

docs: add "exec" usage examples by @neilime in actions/github-script#546

Bump ruby/setup-ruby from 1.213.0 to 1.222.0 by @dependabot[bot] in actions/github-script#563

Bump ruby/setup-ruby from 1.222.0 to 1.229.0 by @dependabot[bot] in actions/github-script#575

Clearly document passing inputs to the script by @joshmgross in actions/github-script#603

Update README.md by @nebuk89 in actions/github-script#610

New Contributors

@benelan made their first contribution in actions/github-script#482

@Jcambass made their first contribution in actions/github-script#485

@timotk made their first contribution in actions/github-script#478

@iamstarkov made their first contribution in actions/github-script#508

@neilime made their first contribution in actions/github-script#546

@nebuk89 made their first contribution in actions/github-script#610

Full Changelog: actions/github-script@v7...v7.1.0

Commits

ed59741 Merge pull request #653 from actions/sneha-krip/readme-for-v8
2dc352e Bold minimum Actions Runner version in README
01e118c Update README for Node 24 runtime requirements
8b222ac Apply suggestion from @salmanmkc
adc0eea README for updating actions/github-script from v7 to v8
20fe497 Merge pull request #637 from actions/node24
e7b7f22 update licenses
2c81ba0 Update Node.js version support to 24.x
f28e40c Merge pull request #610 from actions/nebuk89-patch-1
1ae9958 Update README.md
Additional commits viewable in compare view

Updates actions/checkout from 4.2.2 to 5.0.0

Release notes

Sourced from actions/checkout's releases.

v5.0.0

What's Changed

Update actions checkout to use node 24 by @salmanmkc in actions/checkout#2226

Prepare v5.0.0 release by @salmanmkc in actions/checkout#2238

⚠️ Minimum Compatible Runner Version

v2.327.1
Release Notes

Make sure your runner is updated to this version or newer to use this release.

Full Changelog: actions/checkout@v4...v5.0.0

v4.3.0

What's Changed

docs: update README.md by @motss in actions/checkout#1971

Add internal repos for checking out multiple repositories by @mouismail in actions/checkout#1977

Documentation update - add recommended permissions to Readme by @benwells in actions/checkout#2043

Adjust positioning of user email note and permissions heading by @joshmgross in actions/checkout#2044

Update README.md by @nebuk89 in actions/checkout#2194

Update CODEOWNERS for actions by @TingluoHuang in actions/checkout#2224

Update package dependencies by @salmanmkc in actions/checkout#2236

Prepare release v4.3.0 by @salmanmkc in actions/checkout#2237

New Contributors

@motss made their first contribution in actions/checkout#1971

@mouismail made their first contribution in actions/checkout#1977

@benwells made their first contribution in actions/checkout#2043

@nebuk89 made their first contribution in actions/checkout#2194

@salmanmkc made their first contribution in actions/checkout#2236

Full Changelog: actions/checkout@v4...v4.3.0

Changelog

Sourced from actions/checkout's changelog.

Changelog

V5.0.0

Update actions checkout to use node 24 by @salmanmkc in actions/checkout#2226

V4.3.0

docs: update README.md by @motss in actions/checkout#1971

Add internal repos for checking out multiple repositories by @mouismail in actions/checkout#1977

Documentation update - add recommended permissions to Readme by @benwells in actions/checkout#2043

Adjust positioning of user email note and permissions heading by @joshmgross in actions/checkout#2044

Update README.md by @nebuk89 in actions/checkout#2194

Update CODEOWNERS for actions by @TingluoHuang in actions/checkout#2224

Update package dependencies by @salmanmkc in actions/checkout#2236

v4.2.2

url-helper.ts now leverages well-known environment variables by @jww3 in actions/checkout#1941

Expand unit test coverage for isGhes by @jww3 in actions/checkout#1946

v4.2.1

Check out other refs/* by commit if provided, fall back to ref by @orhantoy in actions/checkout#1924

v4.2.0

Add Ref and Commit outputs by @lucacome in actions/checkout#1180

Dependency updates by @dependabot- actions/checkout#1777, actions/checkout#1872

v4.1.7

Bump the minor-npm-dependencies group across 1 directory with 4 updates by @dependabot in actions/checkout#1739

Bump actions/checkout from 3 to 4 by @dependabot in actions/checkout#1697

Check out other refs/* by commit by @orhantoy in actions/checkout#1774

Pin actions/checkout's own workflows to a known, good, stable version. by @jww3 in actions/checkout#1776

v4.1.6

Check platform to set archive extension appropriately by @cory-miller in actions/checkout#1732

v4.1.5

Update NPM dependencies by @cory-miller in actions/checkout#1703

Bump github/codeql-action from 2 to 3 by @dependabot in actions/checkout#1694

Bump actions/setup-node from 1 to 4 by @dependabot in actions/checkout#1696

Bump actions/upload-artifact from 2 to 4 by @dependabot in actions/checkout#1695

README: Suggest user.email to be 41898282+github-actions[bot]@users.noreply.github.com by @cory-miller in actions/checkout#1707

v4.1.4

Disable extensions.worktreeConfig when disabling sparse-checkout by @jww3 in actions/checkout#1692

Add dependabot config by @cory-miller in actions/checkout#1688

Bump the minor-actions-dependencies group with 2 updates by @dependabot in actions/checkout#1693

Bump word-wrap from 1.2.3 to 1.2.5 by @dependabot in actions/checkout#1643

v4.1.3

... (truncated)

Commits

08c6903 Prepare v5.0.0 release (#2238)
9f26565 Update actions checkout to use node 24 (#2226)
08eba0b Prepare release v4.3.0 (#2237)
631c7dc Update package dependencies (#2236)
8edcb1b Update CODEOWNERS for actions (#2224)
09d2aca Update README.md (#2194)
85e6279 Adjust positioning of user email note and permissions heading (#2044)
009b9ae Documentation update - add recommended permissions to Readme (#2043)
cbb7224 Update README.md (#1977)
3b9b8c8 docs: update README.md (#1971)
See full diff in compare view

Updates shivammathur/setup-php from 2.32.0 to 2.35.5

Release notes

Sourced from shivammathur/setup-php's releases.

2.35.5

Changelog

Added support for macOS 26 based environments.
runs-on: macos-26
steps:
- name: Setup PHP
  uses: shivammathur/setup-php@v2
Fixed resolving tools' releases to the latest one for a version prefix in tools input. (#1000) For example, this should install the latest release of PHPUnit with 10.5 as the prefix.
- name: Setup PHP
  uses: shivammathur/setup-php@v2
  with:
    php-version: '8.1'
    tools: phpunit:10.5.x
Improved installing intl extension with a particular ICU versions.
- name: Setup PHP
  uses: shivammathur/setup-php@v2
  with:
    php-version: '8.4'
    extensions: intl-77.1
Fixed tools setup to use the new github-token input value to avoid rate limits.
- name: Setup PHP
  uses: shivammathur/setup-php@v2
  with:
    php-version: '8.4'
    tools: phpcs: 4
    github-token: ${{ secrets.GITHUB_TOKEN }}
Improved errors when tools fail to install. (#991)

Fixed warning in get function on request failure.

Added a fallback source for composer phar archives. (#956)

Added a fallback source for PPA keys. (#996)

Fixed opcache.jit_buffer_size config on arm environments. (#999)

... (truncated)

Commits

bf6b4fb Improve sorting in tools.getSemverVersion
8f81967 Fix sorting in tools.getSemverVersion
06512d9 Update macos-latest in README [skip ci]
1c302ae Mark macOS 26 as supported [skip ci]
dcffe28 Fix jit config on arm
6ffdb3d Bump version to 2.35.5
c97dacb Merge pull request #995 from shivammathur/dependabot/github_actions/develop/a...
34f574e Bump actions/setup-node from 4 to 5
317a051 Add fallback cache for keys in ppa.sh
dfcda83 Add fallback url for composer
Additional commits viewable in compare view

Updates actions/setup-node from 4.3.0 to 6.0.0

Release notes

Sourced from actions/setup-node's releases.

v6.0.0

What's Changed

Breaking Changes

Limit automatic caching to npm, update workflows and documentation by @priyagupta108 in actions/setup-node#1374

Dependency Upgrades

Upgrade ts-jest from 29.1.2 to 29.4.1 and document breaking changes in v5 by @dependabot[bot] in #1336

Upgrade prettier from 2.8.8 to 3.6.2 by @dependabot[bot] in #1334

Upgrade actions/publish-action from 0.3.0 to 0.4.0 by @dependabot[bot] in #1362

Full Changelog: actions/setup-node@v5...v6.0.0

v5.0.0

What's Changed

Breaking Changes

Enhance caching in setup-node with automatic package manager detection by @priya-kinthali in actions/setup-node#1348

This update, introduces automatic caching when a valid packageManager field is present in your package.json. This aims to improve workflow performance and make dependency management more seamless. To disable this automatic caching, set package-manager-cache: false
steps:
- uses: actions/checkout@v5
- uses: actions/setup-node@v5
  with:
    package-manager-cache: false
Upgrade action to use node24 by @salmanmkc in actions/setup-node#1325

Make sure your runner is on version v2.327.1 or later to ensure compatibility with this release. See Release Notes

Dependency Upgrades

Upgrade @octokit/request-error and @actions/github by @dependabot[bot] in actions/setup-node#1227

Upgrade uuid from 9.0.1 to 11.1.0 by @dependabot[bot] in actions/setup-node#1273

Upgrade undici from 5.28.5 to 5.29.0 by @dependabot[bot] in actions/setup-node#1295

Upgrade form-data to bring in fix for critical vulnerability by @gowridurgad in actions/setup-node#1332

Upgrade actions/checkout from 4 to 5 by @dependabot[bot] in actions/setup-node#1345

New Contributors

@priya-kinthali made their first contribution in actions/setup-node#1348

@salmanmkc made their first contribution in actions/setup-node#1325

Full Changelog: actions/setup-node@v4...v5.0.0

v4.4.0

... (truncated)

Commits

2028fbc Limit automatic caching to npm, update workflows and documentation (#1374)
1342781 Bump actions/publish-action from 0.3.0 to 0.4.0 (#1362)
89d709d Bump prettier from 2.8.8 to 3.6.2 (#1334)
cd2651c Bump ts-jest from 29.1.2 to 29.4.1 (#1336)
a0853c2 Bump actions/checkout from 4 to 5 (#1345)
b7234cc Upgrade action to use node24 (#1325)
d7a1131 Enhance caching in setup-node with automatic package manager detection (#1348)
5e2628c Bumps form-data (#1332)
65becef Bump undici from 5.28.5 to 5.29.0 (#1295)
7e24a65 Bump uuid from 9.0.1 to 11.1.0 (#1273)
Additional commits viewable in compare view

Updates actions/upload-artifact from 4.6.2 to 5.0.0

Release notes

Sourced from actions/upload-artifact's releases.

v5.0.0

What's Changed

BREAKING CHANGE: this update supports Node v24.x. This is not a breaking change per-se but we're treating it as such.

Update README.md by @GhadimiR in actions/upload-artifact#681

Update README.md by @nebuk89 in actions/upload-artifact#712

Readme: spell out the first use of GHES by @danwkennedy in actions/upload-artifact#727

Update GHES guidance to include reference to Node 20 version by @patrikpolyak in actions/upload-artifact#725

Bump @actions/artifact to v4.0.0

Prepare v5.0.0 by @danwkennedy in actions/upload-artifact#734

New Contributors

@GhadimiR made their first contribution in actions/upload-artifact#681

@nebuk89 made their first contribution in actions/upload-artifact#712

@danwkennedy made their first contribution in actions/upload-artifact#727

@patrikpolyak made their first contribution in actions/upload-artifact#725

Full Changelog: actions/upload-artifact@v4...v5.0.0

Commits

330a01c Merge pull request #734 from actions/danwkennedy/prepare-5.0.0
03f2824 Update github.dep.yml
905a1ec Prepare v5.0.0
2d9f9cd Merge pull request #725 from patrikpolyak/patch-1
9687587 Merge branch 'main' into patch-1
2848b2c Merge pull request #727 from danwkennedy/patch-1
9b51177 Spell out the first use of GHES
cd231ca Update GHES guidance to include reference to Node 20 version
de65e23 Merge pull request #712 from actions/nebuk89-patch-1
8747d8c Update README.md
Additional commits viewable in compare view

Updates ramsey/composer-install from 3.1.0 to 3.1.1

Release notes

Sourced from ramsey/composer-install's releases.

3.1.1

What's Changed

Use the value of the COMPOSER environment variable if it exists; fixes ramsey/composer-install#264

Full Changelog: ramsey/composer-install@3.1.0...3.1.1

Commits

3cf229d Update branch for codecov badge
8c24b23 Update branch for build badge
d7e1308 Protect against unbound variables
3561d3d Use the value of COMPOSER env var, if it exists
705380e Use a .shellcheckrc file
0211e1b Use latest PHP when running composer normalize
e527794 docs: fix misspelled parameter name in README
See full diff in compare view

Updates actions/cache from 4.2.3 to 4.3.0

Release notes

Sourced from actions/cache's releases.

v4.3.0

What's Changed

Add note on runner versions by @GhadimiR in actions/cache#1642

Prepare v4.3.0 release by @Link- in actions/cache#1655

New Contributors

@GhadimiR made their first contribution in actions/cache#1642

Full Changelog: actions/cache@v4...v4.3.0

v4.2.4

What's Changed

Update README.md by @nebuk89 in actions/cache#1620

Upgrade @actions/cache to 4.0.5 and move @protobuf-ts/plugin to dev depdencies by @Link- in actions/cache#1634

Prepare release 4.2.4 by @Link- in actions/cache#1636

New Contributors

@nebuk89 made their first contribution in actions/cache#1620

Full Changelog: actions/cache@v4...v4.2.4

Changelog

Sourced from actions/cache's changelog.

Releases

4.3.0

Bump @actions/cache to v4.1.0

4.2.4

Bump @actions/cache to v4.0.5

4.2.3

Bump @actions/cache to v4.0.3 (obfuscates SAS token in debug logs for cache entries)

4.2.2

Bump @actions/cache to v4.0.2

4.2.1

Bump @actions/cache to v4.0.1

4.2.0

TLDR; The cache backend service has been rewritten from the ground up for improved performance and reliability. actions/cache now integrates with the new cache service (v2) APIs.

The new service will gradually roll out as of February 1st, 2025. The legacy service will also be sunset on the same date. Changes in these release are fully backward compatible.

We are deprecating some versions of this action. We recommend upgrading to version v4 or v3 as soon as possible before February 1st, 2025. (Upgrade instructions below).

If you are using pinned SHAs, please use the SHAs of versions v4.2.0 or v3.4.0

If you do not upgrade, all workflow runs using any of the deprecated actions/cache will fail.

Upgrading to the recommended versions will not break your workflows.

4.1.2

Add GitHub Enterprise Cloud instances hostname filters to inform API endpoint choices - #1474

Security fix: Bump braces from 3.0.2 to 3.0.3 - #1475

4.1.1

Restore original behavior of cache-hit output - #1467

4.1.0

Ensure cache-hit output is set when a cache is missed - #1404

Deprecate save-always input - #1452

... (truncated)

Commits

0057852 Merge pull request #1655 from actions/Link-/prepare-4.3.0
4f5ea67 Update licensed cache
9fcad95 Upgrade actions/cache to 4.1.0 and prepare 4.3.0 release
638ed79 Merge pull request #1642 from actions/GhadimiR-patch-1
3862dcc Add note on runner versions
0400d5f Merge pull request #1636 from actions/Link-/release-4.2.4
374a27f Prepare release 4.2.4
358a730 Merge pull request #1634 from actions/Link-/optimise-deps
2ee706e Fix with another approach
94f7b5d Fix bundle exec
Additional commits viewable in compare view

Updates actions/download-artifact from 4.2.1 to 6.0.0

Release notes

Sourced from actions/download-artifact's releases.

v6.0.0

What's Changed

BREAKING CHANGE: this update supports Node v24.x. This is not a breaking change per-se but we're treating it as such.

Update README for download-artifact v5 changes by @yacaovsnc in actions/download-artifact#417

Update README with artifact extraction details by @yacaovsnc in actions/download-artifact#424

Readme: spell out the first use of GHES by @danwkennedy in actions/download-artifact#431

Bump @actions/artifact to v4.0.0

Prepare v6.0.0 by @danwkennedy in actions/download-artifact#438

New Contributors

@danwkennedy made their first contribution in actions/download-artifact#431

Full Changelog: actions/download-artifact@v5...v6.0.0

v5.0.0

What's Changed

Update README.md by @nebuk89 in actions/download-artifact#407

BREAKING fix: inconsistent path behavior for single artifact downloads by ID by @GrantBirki in actions/download-artifact#416

v5.0.0

🚨 Breaking Change

This release fixes an inconsistency in path behavior for single artifact downloads by ID. If you're downloading single artifacts by ID, the output path may change.

What Changed

Previously, single artifact downloads behaved differently depending on how you specified the artifact:

By name: name: my-artifact → extracted to path/ (direct)

By ID: artifact-ids: 12345 → extracted to path/my-artifact/ (nested)

Now both methods are consistent:

By name: name: my-artifact → extracted to path/ (unchanged)

By ID: artifact-ids: 12345 → extracted to path/ (fixed - now direct)

Migration Guide

✅ No Action Needed If:

You download artifacts by name

You download multiple artifacts by ID

You already use merge-multiple: true as a workaround

⚠️ Action Required If:

You download single artifacts by ID and your workflows expect the nested directory structure.

... (truncated)

Commits

018cc2c Merge pull request #438 from actions/danwkennedy/prepare-6.0.0
815651c Revert "Remove github.dep.yml"
bb3a066 Remove github.dep.yml
fa1ce46 Prepare v6.0.0
4a24838 Merge pull request #431 from danwkennedy/patch-1
5e3251c Readme: spell out the first use of GHES
abefc31 Merge pull request #424 from actions/yacaovsnc/update_readme
ac43a60 Update README with artifact extraction details
de96f46 Merge pull request #417 from actions/yacaovsnc/update_readme
7993cb4 Remove migration guide for artifact download changes
Additional commits viewable in compare view

Updates codecov/codecov-action from 5.4.0 to 5.5.1

Release notes

Sourced from codecov/codecov-action's releases.

v5.5.1

What's Changed

build(deps): bump ossf/scorecard-action from 2.4.1 to 2.4.2 by @dependabot[bot] in codecov/codecov-action#1833

build(deps): bump github/codeql-action from 3.28.18 to 3.29.9 by @dependabot[bot] in codecov/codecov-action#1861

Document a codecov-cli version reference example by @webknjaz in codecov/codecov-action#1774

docs: fix typo in README by @datalater in codecov/codecov-action#1866

fix: update to use local app/ dir by @thomasrockhu-codecov in codecov/codecov-action#1872

build(deps): bump github/codeql-action from 3.29.9 to 3.29.11 by @dependabot[bot] in codecov/codecov-action#1867

build(deps): bump actions/checkout from 4.2.2 to 5.0.0 by @dependabot[bot] in codecov/codecov-action#1868

fix: overwrite pr number on fork by @thomasrockhu-codecov in codecov/codecov-action#1871

chore(release): 5.5.1 by @thomasrockhu-codecov in codecov/codecov-action#1873

New Contributors

@datalater made their first contribution in codecov/codecov-action#1866

Full Changelog: codecov/codecov-action@v5.5.0...v5.5.1

v5.5.0

What's Changed

build(deps): bump github/codeql-action from 3.28.17 to 3.28.18 by @dependabot[bot] in codecov/codecov-action#1829

docs: Refine OIDC docs by @spalmurray in codecov/codecov-action#1837

fix: Typo in README by @spalmurray in codecov/codecov-action#1838

fix: check reqs exist by @joseph-sentry in codecov/codecov-action#1835

Pin actions/github-script by Git SHA by @martincostello in codecov/codecov-action#1859

feat: upgrade wrapper to 0.2.4 by @jviall in codecov/codecov-action#1864

chore(release): 5.5.0 by @thomasrockhu-codecov in codecov/codecov-action#1865

New Contributors

@spalmurray made their first contribution in codecov/codecov-action#1837

@martincostello made their first contribution in codecov/codecov-action#1859

@jviall made their first contribution in codecov/codecov-action#1864

Full Changelog: codecov/codecov-action@v5.4.3...v5.5.0

v5.4.3

What's Changed

fix: OIDC on forks by @joseph-sentry in codecov/codecov-action#1823

build(deps): bump github/codeql-action from 3.28.13 to 3.28.17 by @dependabot in codecov/codecov-action#1822

chore(release): 5.4.3 by @thomasrockhu-codecov in codecov/codecov-action#1827

Full Changelog: codecov/codecov-action@v5.4.2...v5.4.3

v5.4.2

What's Changed

fix: hotfix oidc by @thomasrockhu-codecov in codecov/codecov-action#1813

Full Changelog: codecov/codecov-action@v5.4.1...v5.4.2

... (truncated)

Changelog

Sourced from codecov/codecov-action's changelog.

v5.5.1

What's Changed

fix: overwrite pr number on fork by @thomasrockhu-codecov in codecov/codecov-action#1871

build(deps): bump actions/checkout from 4.2.2 to 5.0.0 by @app/dependabot in codecov/codecov-action#1868

build(deps): bump github/codeql-action from 3.29.9 to 3.29.11 by @app/dependabot in codecov/codecov-action#1867

fix: update to use local app/ dir by @thomasrockhu-codecov in codecov/codecov-action#1872

docs: fix typo in README by @datalater in codecov/codecov-action#1866

Document a codecov-cli version reference example by @webknjaz in codecov/codecov-action#1774

build(deps): bump github/codeql-action from 3.28.18 to 3.29.9 by @app/dependabot in codecov/codecov-action#1861

build(deps): bump ossf/scorecard-action from 2.4.1 to 2.4.2 by @app/dependabot in codecov/codecov-action#1833

Full Changelog: https://github.com/codecov/codecov-action/compare/v5.5.0..v5.5.1

v5.5.0

What's Ch...
Description has been truncated

Bumps the github-actions group with 10 updates in the / directory: | Package | From | To | | --- | --- | --- | | [actions/github-script](https://github.com/actions/github-script) | `7.0.1` | `8.0.0` | | [actions/checkout](https://github.com/actions/checkout) | `4.2.2` | `5.0.0` | | [shivammathur/setup-php](https://github.com/shivammathur/setup-php) | `2.32.0` | `2.35.5` | | [actions/setup-node](https://github.com/actions/setup-node) | `4.3.0` | `6.0.0` | | [actions/upload-artifact](https://github.com/actions/upload-artifact) | `4.6.2` | `5.0.0` | | [ramsey/composer-install](https://github.com/ramsey/composer-install) | `3.1.0` | `3.1.1` | | [actions/cache](https://github.com/actions/cache) | `4.2.3` | `4.3.0` | | [actions/download-artifact](https://github.com/actions/download-artifact) | `4.2.1` | `6.0.0` | | [codecov/codecov-action](https://github.com/codecov/codecov-action) | `5.4.0` | `5.5.1` | | [slackapi/slack-github-action](https://github.com/slackapi/slack-github-action) | `2.0.0` | `2.1.1` | Updates `actions/github-script` from 7.0.1 to 8.0.0 - [Release notes](https://github.com/actions/github-script/releases) - [Commits](actions/github-script@60a0d83...ed59741) Updates `actions/checkout` from 4.2.2 to 5.0.0 - [Release notes](https://github.com/actions/checkout/releases) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md) - [Commits](actions/checkout@11bd719...08c6903) Updates `shivammathur/setup-php` from 2.32.0 to 2.35.5 - [Release notes](https://github.com/shivammathur/setup-php/releases) - [Commits](shivammathur/setup-php@9e72090...bf6b4fb) Updates `actions/setup-node` from 4.3.0 to 6.0.0 - [Release notes](https://github.com/actions/setup-node/releases) - [Commits](actions/setup-node@cdca736...2028fbc) Updates `actions/upload-artifact` from 4.6.2 to 5.0.0 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](actions/upload-artifact@ea165f8...330a01c) Updates `ramsey/composer-install` from 3.1.0 to 3.1.1 - [Release notes](https://github.com/ramsey/composer-install/releases) - [Commits](ramsey/composer-install@a2636af...3cf229d) Updates `actions/cache` from 4.2.3 to 4.3.0 - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](actions/cache@5a3ec84...0057852) Updates `actions/download-artifact` from 4.2.1 to 6.0.0 - [Release notes](https://github.com/actions/download-artifact/releases) - [Commits](actions/download-artifact@95815c3...018cc2c) Updates `codecov/codecov-action` from 5.4.0 to 5.5.1 - [Release notes](https://github.com/codecov/codecov-action/releases) - [Changelog](https://github.com/codecov/codecov-action/blob/main/CHANGELOG.md) - [Commits](codecov/codecov-action@0565863...5a10915) Updates `slackapi/slack-github-action` from 2.0.0 to 2.1.1 - [Release notes](https://github.com/slackapi/slack-github-action/releases) - [Commits](slackapi/slack-github-action@485a9d4...91efab1) --- updated-dependencies: - dependency-name: actions/github-script dependency-version: 8.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: actions/checkout dependency-version: 5.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: shivammathur/setup-php dependency-version: 2.35.5 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: actions/setup-node dependency-version: 6.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: actions/upload-artifact dependency-version: 5.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: ramsey/composer-install dependency-version: 3.1.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: actions/cache dependency-version: 4.3.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: actions/download-artifact dependency-version: 6.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: codecov/codecov-action dependency-version: 5.5.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: slackapi/slack-github-action dependency-version: 2.1.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions ... Signed-off-by: dependabot[bot] <[email protected]>

dependabot bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Oct 24, 2025

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Bump the github-actions group across 1 directory with 10 updates #178

Bump the github-actions group across 1 directory with 10 updates #178

Uh oh!

dependabot bot commented on behalf of github Oct 24, 2025 •

edited

Loading

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

1 participant

Bump the github-actions group across 1 directory with 10 updates #178

Are you sure you want to change the base?

Bump the github-actions group across 1 directory with 10 updates #178

Uh oh!

Conversation

dependabot bot commented on behalf of github Oct 24, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

v8.0.0

What's Changed

⚠️ Minimum Compatible Runner Version

New Contributors

v7.1.0

What's Changed

New Contributors

v5.0.0

What's Changed

⚠️ Minimum Compatible Runner Version

v4.3.0

What's Changed

New Contributors

Changelog

V5.0.0

V4.3.0

v4.2.2

v4.2.1

v4.2.0

v4.1.7

v4.1.6

v4.1.5

v4.1.4

v4.1.3

2.35.5

Changelog

v6.0.0

What's Changed

v5.0.0

What's Changed

Breaking Changes

Dependency Upgrades

New Contributors

v4.4.0

v5.0.0

What's Changed

New Contributors

3.1.1

What's Changed

v4.3.0

What's Changed

New Contributors

v4.2.4

What's Changed

New Contributors

Releases

4.3.0

4.2.4

4.2.3

4.2.2

4.2.1

4.2.0

4.1.2

4.1.1

4.1.0

v6.0.0

What's Changed

New Contributors

v5.0.0

What's Changed

v5.0.0

🚨 Breaking Change

What Changed

Migration Guide

✅ No Action Needed If:

⚠️ Action Required If:

v5.5.1

What's Changed

New Contributors

v5.5.0

What's Changed

New Contributors

v5.4.3

dependabot bot commented on behalf of github Oct 24, 2025 •

edited

Loading

What's Ch...
Description has been truncated