build(deps): bump the production-dependencies group across 1 directory with 11 updates by dependabot[bot] · Pull Request #6 · devnw/workflows

dependabot · 2026-03-04T18:47:22Z

Bumps the production-dependencies group with 11 updates in the / directory:

Package	From	To
actions/upload-artifact	`4`	`7`
actions/setup-go	`5`	`6`
actions/setup-python	`5`	`6`
actions/setup-node	`4`	`6`
actions/upload-pages-artifact	`3`	`4`
actions/cache	`4`	`5`
peter-evans/create-pull-request	`7`	`8`
goreleaser/goreleaser-action	`6`	`7`
actions/checkout	`4`	`6`
tailscale/github-action	`3`	`4`
docker/login-action	`3`	`4`

Updates actions/upload-artifact from 4 to 7

Release notes

Sourced from actions/upload-artifact's releases.

v7.0.0

v7 What's new

Direct Uploads

Adds support for uploading single files directly (unzipped). Callers can set the new archive parameter to false to skip zipping the file during upload. Right now, we only support single files. The action will fail if the glob passed resolves to multiple files. The name parameter is also ignored with this setting. Instead, the name of the artifact will be the name of the uploaded file.

ESM

To support new versions of the @actions/* packages, we've upgraded the package to ESM.

What's Changed

Add proxy integration test by @Link- in actions/upload-artifact#754

Upgrade the module to ESM and bump dependencies by @danwkennedy in actions/upload-artifact#762

Support direct file uploads by @danwkennedy in actions/upload-artifact#764

New Contributors

@Link- made their first contribution in actions/upload-artifact#754

Full Changelog: actions/upload-artifact@v6...v7.0.0

v6.0.0

v6 - What's new

[!IMPORTANT] actions/upload-artifact@v6 now runs on Node.js 24 (runs.using: node24) and requires a minimum Actions Runner version of 2.327.1. If you are using self-hosted runners, ensure they are updated before upgrading.

Node.js 24

This release updates the runtime to Node.js 24. v5 had preliminary support for Node.js 24, however this action was by default still running on Node.js 20. Now this action by default will run on Node.js 24.

What's Changed

Upload Artifact Node 24 support by @salmanmkc in actions/upload-artifact#719

fix: update @actions/artifact for Node.js 24 punycode deprecation by @salmanmkc in actions/upload-artifact#744

prepare release v6.0.0 for Node.js 24 support by @salmanmkc in actions/upload-artifact#745

Full Changelog: actions/upload-artifact@v5.0.0...v6.0.0

v5.0.0

What's Changed

BREAKING CHANGE: this update supports Node v24.x. This is not a breaking change per-se but we're treating it as such.

Update README.md by @GhadimiR in actions/upload-artifact#681

Update README.md by @nebuk89 in actions/upload-artifact#712

Readme: spell out the first use of GHES by @danwkennedy in actions/upload-artifact#727

Update GHES guidance to include reference to Node 20 version by @patrikpolyak in actions/upload-artifact#725

Bump @actions/artifact to v4.0.0

Prepare v5.0.0 by @danwkennedy in actions/upload-artifact#734

... (truncated)

Commits

bbbca2d Support direct file uploads (#764)
589182c Upgrade the module to ESM and bump dependencies (#762)
47309c9 Merge pull request #754 from actions/Link-/add-proxy-integration-tests
02a8460 Add proxy integration test
b7c566a Merge pull request #745 from actions/upload-artifact-v6-release
e516bc8 docs: correct description of Node.js 24 support in README
ddc45ed docs: update README to correct action name for Node.js 24 support
615b319 chore: release v6.0.0 for Node.js 24 support
017748b Merge pull request #744 from actions/fix-storage-blob
38d4c79 chore: rebuild dist
Additional commits viewable in compare view

Updates actions/setup-go from 5 to 6

Release notes

Sourced from actions/setup-go's releases.

v6.0.0

What's Changed

Breaking Changes

Improve toolchain handling to ensure more reliable and consistent toolchain selection and management by @matthewhughes934 in actions/setup-go#460

Upgrade Nodejs runtime from node20 to node 24 by @salmanmkc in actions/setup-go#624

Make sure your runner is on version v2.327.1 or later to ensure compatibility with this release. See Release Notes

Dependency Upgrades

Upgrade @types/jest from 29.5.12 to 29.5.14 by @dependabot[bot] in actions/setup-go#589

Upgrade @actions/tool-cache from 2.0.1 to 2.0.2 by @dependabot[bot] in actions/setup-go#591

Upgrade @typescript-eslint/parser from 8.31.1 to 8.35.1 by @dependabot[bot] in actions/setup-go#590

Upgrade undici from 5.28.5 to 5.29.0 by @dependabot[bot] in actions/setup-go#594

Upgrade typescript from 5.4.2 to 5.8.3 by @dependabot[bot] in actions/setup-go#538

Upgrade eslint-plugin-jest from 28.11.0 to 29.0.1 by @dependabot[bot] in actions/setup-go#603

Upgrade form-data to bring in fix for critical vulnerability by @matthewhughes934 in actions/setup-go#618

Upgrade actions/checkout from 4 to 5 by @dependabot[bot] in actions/setup-go#631

New Contributors

@matthewhughes934 made their first contribution in actions/setup-go#618

@salmanmkc made their first contribution in actions/setup-go#624

Full Changelog: actions/setup-go@v5...v6.0.0

v5.6.0

What's Changed

Fall back to downloading from go.dev/dl instead of storage.googleapis.com/golang by @aparnajyothi-y in actions/setup-go#689

Full Changelog: actions/setup-go@v5...v5.6.0

v5.5.0

What's Changed

Bug fixes:

Update self-hosted environment validation by @priyagupta108 in actions/setup-go#556

Add manifest validation and improve error handling by @priyagupta108 in actions/setup-go#586

Update template link by @jsoref in actions/setup-go#527

Dependency updates:

Upgrade @action/cache from 4.0.2 to 4.0.3 by @aparnajyothi-y in actions/setup-go#574

Upgrade @actions/glob from 0.4.0 to 0.5.0 by @dependabot in actions/setup-go#573

Upgrade ts-jest from 29.1.2 to 29.3.2 by @dependabot in actions/setup-go#582

Upgrade eslint-plugin-jest from 27.9.0 to 28.11.0 by @dependabot in actions/setup-go#537

New Contributors

@jsoref made their first contribution in actions/setup-go#527

Full Changelog: actions/setup-go@v5...v5.5.0

... (truncated)

Commits

4b73464 Fix golang download url to go.dev (#469)
a5f9b05 Update default Go module caching to use go.mod (#705)
7a3fe6c Bump qs from 6.14.0 to 6.14.1 (#703)
b9adafd Bump actions/checkout from 5 to 6 (#686)
d73f6bc README.md: correct to actions/checkout@v6 (#683)
ae252ee Bump @actions/cache to v5 (#695)
bf7446a Bump js-yaml from 3.14.1 to 3.14.2 (#682)
02aadfe Fix Node.js version in action.yml (#691)
4aaadf4 Example for restore-only cache in documentation (#696)
4dc6199 Bump semver and @types/semver (#652)
Additional commits viewable in compare view

Updates actions/setup-python from 5 to 6

Release notes

Sourced from actions/setup-python's releases.

v6.0.0

What's Changed

Breaking Changes

Upgrade to node 24 by @salmanmkc in actions/setup-python#1164

Make sure your runner is on version v2.327.1 or later to ensure compatibility with this release. See Release Notes

Enhancements:

Add support for pip-version by @priyagupta108 in actions/setup-python#1129

Enhance reading from .python-version by @krystof-k in actions/setup-python#787

Add version parsing from Pipfile by @aradkdj in actions/setup-python#1067

Bug fixes:

Clarify pythonLocation behaviour for PyPy and GraalPy in environment variables by @aparnajyothi-y in actions/setup-python#1183

Change missing cache directory error to warning by @aparnajyothi-y in actions/setup-python#1182

Add Architecture-Specific PATH Management for Python with --user Flag on Windows by @aparnajyothi-y in actions/setup-python#1122

Include python version in PyPy python-version output by @cdce8p in actions/setup-python#1110

Update docs: clarification on pip authentication with setup-python by @priya-kinthali in actions/setup-python#1156

Dependency updates:

Upgrade idna from 2.9 to 3.7 in /tests/data by @dependabot[bot] in actions/setup-python#843

Upgrade form-data to fix critical vulnerabilities #182 & #183 by @aparnajyothi-y in actions/setup-python#1163

Upgrade setuptools to 78.1.1 to fix path traversal vulnerability in PackageIndex.download by @aparnajyothi-y in actions/setup-python#1165

Upgrade actions/checkout from 4 to 5 by @dependabot[bot] in actions/setup-python#1181

Upgrade @actions/tool-cache from 2.0.1 to 2.0.2 by @dependabot[bot] in actions/setup-python#1095

New Contributors

@krystof-k made their first contribution in actions/setup-python#787

@cdce8p made their first contribution in actions/setup-python#1110

@aradkdj made their first contribution in actions/setup-python#1067

Full Changelog: actions/setup-python@v5...v6.0.0

v5.6.0

What's Changed

Workflow updates related to Ubuntu 20.04 by @aparnajyothi-y in actions/setup-python#1065

Fix for Candidate Not Iterable Error by @aparnajyothi-y in actions/setup-python#1082

Upgrade semver and @types/semver by @dependabot in actions/setup-python#1091

Upgrade prettier from 2.8.8 to 3.5.3 by @dependabot in actions/setup-python#1046

Upgrade ts-jest from 29.1.2 to 29.3.2 by @dependabot in actions/setup-python#1081

Full Changelog: actions/setup-python@v5...v5.6.0

v5.5.0

What's Changed

Enhancements:

Support free threaded Python versions like '3.13t' by @colesbury in actions/setup-python#973

Enhance Workflows: Include ubuntu-arm runners, Add e2e Testing for free threaded and Upgrade @action/cache from 4.0.0 to 4.0.3 by @priya-kinthali in actions/setup-python#1056

Add support for .tool-versions file in setup-python by @mahabaleshwars in actions/setup-python#1043

Bug fixes:

Fix architecture for pypy on Linux ARM64 by @mayeut in actions/setup-python#1011 This update maps arm64 to aarch64 for Linux ARM64 PyPy installations.

... (truncated)

Commits

a309ff8 Bump urllib3 from 2.6.0 to 2.6.3 in /tests/data (#1264)
bfe8cc5 Upgrade @actions dependencies to Node 24 compatible versions (#1259)
4f41a90 Bump urllib3 from 2.5.0 to 2.6.0 in /tests/data (#1253)
83679a8 Bump @types/node from 24.1.0 to 24.9.1 and update macos-13 to macos-15-intel ...
bfc4944 Bump prettier from 3.5.3 to 3.6.2 (#1234)
97aeb3e Bump requests from 2.32.2 to 2.32.4 in /tests/data (#1130)
443da59 Bump actions/publish-action from 0.3.0 to 0.4.0 & Documentation update for pi...
cfd55ca graalpy: add graalpy early-access and windows builds (#880)
bba65e5 Bump typescript from 5.4.2 to 5.9.3 and update docs/advanced-usage.md (#1094)
18566f8 Improve wording and "fix example" (remove 3.13) on testing against pre-releas...
Additional commits viewable in compare view

Updates actions/setup-node from 4 to 6

Release notes

Sourced from actions/setup-node's releases.

v6.0.0

What's Changed

Breaking Changes

Limit automatic caching to npm, update workflows and documentation by @priyagupta108 in actions/setup-node#1374

Dependency Upgrades

Upgrade ts-jest from 29.1.2 to 29.4.1 and document breaking changes in v5 by @dependabot[bot] in #1336

Upgrade prettier from 2.8.8 to 3.6.2 by @dependabot[bot] in #1334

Upgrade actions/publish-action from 0.3.0 to 0.4.0 by @dependabot[bot] in #1362

Full Changelog: actions/setup-node@v5...v6.0.0

v5.0.0

What's Changed

Breaking Changes

Enhance caching in setup-node with automatic package manager detection by @priya-kinthali in actions/setup-node#1348

This update, introduces automatic caching when a valid packageManager field is present in your package.json. This aims to improve workflow performance and make dependency management more seamless. To disable this automatic caching, set package-manager-cache: false
steps:
- uses: actions/checkout@v5
- uses: actions/setup-node@v5
  with:
    package-manager-cache: false
Upgrade action to use node24 by @salmanmkc in actions/setup-node#1325

Make sure your runner is on version v2.327.1 or later to ensure compatibility with this release. See Release Notes

Dependency Upgrades

Upgrade @octokit/request-error and @actions/github by @dependabot[bot] in actions/setup-node#1227

Upgrade uuid from 9.0.1 to 11.1.0 by @dependabot[bot] in actions/setup-node#1273

Upgrade undici from 5.28.5 to 5.29.0 by @dependabot[bot] in actions/setup-node#1295

Upgrade form-data to bring in fix for critical vulnerability by @gowridurgad in actions/setup-node#1332

Upgrade actions/checkout from 4 to 5 by @dependabot[bot] in actions/setup-node#1345

New Contributors

@priya-kinthali made their first contribution in actions/setup-node#1348

@salmanmkc made their first contribution in actions/setup-node#1325

Full Changelog: actions/setup-node@v4...v5.0.0

v4.4.0

... (truncated)

Commits

53b8394 Bump minimatch from 3.1.2 to 3.1.5 (#1498)
54045ab Scope test lockfiles by package manager and update cache tests (#1495)
c882bff Replace uuid with crypto.randomUUID() (#1378)
774c1d6 feat(node-version-file): support parsing devEngines field (#1283)
efcb663 fix: remove hardcoded bearer (#1467)
d02c89d Fix npm audit issues (#1491)
6044e13 Docs: bump actions/checkout from v5 to v6 (#1468)
8e49463 Fix README typo (#1226)
621ac41 README.md: bump to latest released checkout version v6 (#1446)
2951748 Bump @actions/cache to v5.0.1 (#1449)
Additional commits viewable in compare view

Updates actions/upload-pages-artifact from 3 to 4

Release notes

Sourced from actions/upload-pages-artifact's releases.

v4.0.0

What's Changed

Potentially breaking change: hidden files (specifically dotfiles) will not be included in the artifact by @tsusdere in actions/upload-pages-artifact#102 If you need to include dotfiles in your artifact: instead of using this action, create your own artifact according to these requirements https://github.com/actions/upload-pages-artifact?tab=readme-ov-file#artifact-validation?target=https://github.com

Pin actions/upload-artifact to SHA by @heavymachinery in actions/upload-pages-artifact#127

Full Changelog: actions/upload-pages-artifact@v3.0.1...v4.0.0

v3.0.1

Changelog

Group tar's output to prevent it from messing up action logs @SilverRainZ (#94)

Update README.md @uiolee (#88)

Bump the non-breaking-changes group with 1 update @dependabot (#92)

Update Dependabot config to group non-breaking changes @JamesMGreene (#91)

Bump actions/checkout from 3 to 4 @dependabot (#76)

See details of all code changes since previous release.

Commits

7b1f4a7 Merge pull request #127 from heavymachinery/pin-sha
4cc19c7 Pin actions/upload-artifact to SHA
2d163be Merge pull request #107 from KittyChiu/main
c704843 fix: linted README
9605915 Merge pull request #106 from KittyChiu/kittychiu/update-readme-1
e59cdfe Update README.md
a2d6704 doc: updated usage section in readme
984864e Merge pull request #105 from actions/Jcambass-patch-1
45dc788 Add workflow file for publishing releases to immutable action package
efaad07 Merge pull request #102 from actions/hidden-files
Additional commits viewable in compare view

Updates actions/cache from 4 to 5

Release notes

Sourced from actions/cache's releases.

v5.0.0

[!IMPORTANT] actions/cache@v5 runs on the Node.js 24 runtime and requires a minimum Actions Runner version of 2.327.1.

If you are using self-hosted runners, ensure they are updated before upgrading.

What's Changed

Upgrade to use node24 by @salmanmkc in actions/cache#1630

Prepare v5.0.0 release by @salmanmkc in actions/cache#1684

Full Changelog: actions/cache@v4.3.0...v5.0.0

v4.3.0

What's Changed

Add note on runner versions by @GhadimiR in actions/cache#1642

Prepare v4.3.0 release by @Link- in actions/cache#1655

New Contributors

@GhadimiR made their first contribution in actions/cache#1642

Full Changelog: actions/cache@v4...v4.3.0

v4.2.4

What's Changed

Update README.md by @nebuk89 in actions/cache#1620

Upgrade @actions/cache to 4.0.5 and move @protobuf-ts/plugin to dev depdencies by @Link- in actions/cache#1634

Prepare release 4.2.4 by @Link- in actions/cache#1636

New Contributors

@nebuk89 made their first contribution in actions/cache#1620

Full Changelog: actions/cache@v4...v4.2.4

v4.2.3

What's Changed

Update to use @actions/cache 4.0.3 package & prepare for new release by @salmanmkc in actions/cache#1577 (SAS tokens for cache entries are now masked in debug logs)

New Contributors

@salmanmkc made their first contribution in actions/cache#1577

Full Changelog: actions/cache@v4.2.2...v4.2.3

... (truncated)

Changelog

Sourced from actions/cache's changelog.

Releases

How to prepare a release

[!NOTE]
Relevant for maintainers with write access only.

Switch to a new branch from main.

Run npm test to ensure all tests are passing.

Update the version in https://github.com/actions/cache/blob/main/package.json?target=https://github.com.

Run npm run build to update the compiled files.

Update this https://github.com/actions/cache/blob/main/RELEASES.md?target=https://github.com with the new version and changes in the ## Changelog section.

Run licensed cache to update the license report.

Run licensed status and resolve any warnings by updating the https://github.com/actions/cache/blob/main/.licensed.yml?target=https://github.com file with the exceptions.

Commit your changes and push your branch upstream.

Open a pull request against main and get it reviewed and merged.

Draft a new release https://github.com/actions/cache/releases?target=https://github.com use the same version number used in package.json

Create a new tag with the version number.

Auto generate release notes and update them to match the changes you made in RELEASES.md.

Toggle the set as the latest release option.

Publish the release.

Navigate to https://github.com/actions/cache/actions/workflows/release-new-action-version.yml?target=https://github.com

There should be a workflow run queued with the same version number.

Approve the run to publish the new version and update the major tags for this action.

Changelog

5.0.3

Bump @actions/cache to v5.0.5 (Resolves: https://github.com/actions/cache/security/dependabot/33?target=https://github.com)

Bump @actions/core to v2.0.3

5.0.2

Bump @actions/cache to v5.0.3 #1692

5.0.1

Update @azure/storage-blob to ^12.29.1 via @actions/cache@5.0.1 #1685

5.0.0

[!IMPORTANT] actions/cache@v5 runs on the Node.js 24 runtime and requires a minimum Actions Runner version of 2.327.1. If you are using self-hosted runners, ensure they are updated before upgrading.

4.3.0

Bump @actions/cache to v4.1.0

... (truncated)

Commits

cdf6c1f Merge pull request #1695 from actions/Link-/prepare-5.0.3
a1bee22 Add review for the @actions/http-client license
4695763 Add licensed output
dc73bb9 Upgrade dependencies and address security warnings
345d5c2 Add 5.0.3 builds
8b402f5 Merge pull request #1692 from GhadimiR/main
304ab5a license for httpclient
609fc19 Update licensed record for cache
b22231e Build
93150cd Add PR link to releases
Additional commits viewable in compare view

Updates peter-evans/create-pull-request from 7 to 8

Release notes

Sourced from peter-evans/create-pull-request's releases.

Create Pull Request v8.0.0

What's new in v8

Requires Actions Runner v2.327.1 or later if you are using a self-hosted runner for Node 24 support.

What's Changed

chore: Update checkout action version to v6 by @yonas in peter-evans/create-pull-request#4258

Update actions/checkout references to @v6 in docs by @Copilot in peter-evans/create-pull-request#4259

feat: v8 by @peter-evans in peter-evans/create-pull-request#4260

New Contributors

@yonas made their first contribution in peter-evans/create-pull-request#4258

@Copilot made their first contribution in peter-evans/create-pull-request#4259

Full Changelog: peter-evans/create-pull-request@v7.0.11...v8.0.0

Create Pull Request v7.0.11

What's Changed

fix: restrict remote prune to self-hosted runners by @peter-evans in peter-evans/create-pull-request#4250

Full Changelog: peter-evans/create-pull-request@v7.0.10...v7.0.11

Create Pull Request v7.0.10

⚙️ Fixes an issue where updating a pull request failed when targeting a forked repository with the same owner as its parent.

What's Changed

build(deps): bump the github-actions group with 2 updates by @dependabot[bot] in peter-evans/create-pull-request#4235

build(deps-dev): bump prettier from 3.6.2 to 3.7.3 in the npm group by @dependabot[bot] in peter-evans/create-pull-request#4240

fix: provider list pulls fallback for multi fork same owner by @peter-evans in peter-evans/create-pull-request#4245

New Contributors

@obnyis made their first contribution in peter-evans/create-pull-request#4064

Full Changelog: peter-evans/create-pull-request@v7.0.9...v7.0.10

Create Pull Request v7.0.9

⚙️ Fixes an incompatibility with the recently released actions/checkout@v6.

What's Changed

~70 dependency updates by @dependabot

docs: fix workaround description about ready_for_review by @ybiquitous in peter-evans/create-pull-request#3939

Docs: add-paths default behavior by @joeflack4 in peter-evans/create-pull-request#3928

docs: update to create-github-app-token v2 by @Goooler in peter-evans/create-pull-request#4063

Fix compatibility with actions/checkout@v6 by @ericsciple in peter-evans/create-pull-request#4230

New Contributors

@joeflack4 made their first contribution in peter-evans/create-pull-request#3928

@Goooler made their first contribution in peter-evans/create-pull-request#4063

@ericsciple made their first contribution in peter-evans/create-pull-request#4230

... (truncated)

Commits

c0f553f feat: add @octokit/plugin-retry to handle retriable server errors (#4298)
7000124 fix: Handle remote prune failures gracefully (#4295)
34aa40e build: update distribution (#4289)
641099d build(deps-dev): bump undici from 6.22.0 to 6.23.0 (#4284)
2271f1d build(deps-dev): bump the npm group with 2 updates (#4274)
437c31a build(deps): bump the github-actions group with 2 updates (#4273)
0979079 docs: update readme
5b751cd README.md: bump given GitHub actions to their latest versions (#4265)
98357b1 feat: v8 (#4260)
41c0e4b Update actions/checkout references to @v6 in docs (#4259)
Additional commits viewable in compare view

Updates goreleaser/goreleaser-action from 6 to 7

Release notes

Sourced from goreleaser/goreleaser-action's releases.

v7.0.0

What's Changed

feat!: node 24, update deps, rm yarn, ESM by @caarlos0 in goreleaser/goreleaser-action#533

sec: pin github action versions by @caarlos0 in goreleaser/goreleaser-action#514

docs: Upgrade checkout GitHub Action in README.md by @dunglas in goreleaser/goreleaser-action#507

chore(deps): bump actions/checkout from 4 to 5 by @dependabot[bot] in goreleaser/goreleaser-action#504

ci(deps): bump the actions group with 2 updates by @dependabot[bot] in goreleaser/goreleaser-action#517

ci(deps): bump the actions group with 2 updates by @dependabot[bot] in goreleaser/goreleaser-action#523

ci(deps): bump docker/bake-action from 6.9.0 to 6.10.0 in the actions group by @dependabot[bot] in goreleaser/goreleaser-action#526

ci(deps): bump the actions group across 1 directory with 4 updates by @dependabot[bot] in goreleaser/goreleaser-action#532

ci(deps): bump actions/checkout from 6.0.1 to 6.0.2 in the actions group by @dependabot[bot] in goreleaser/goreleaser-action#534

chore(deps): bump the npm group across 1 directory with 4 updates by @dependabot[bot] in goreleaser/goreleaser-action#536

chore(deps): bump @actions/http-client from 3.0.2 to 4.0.0 in the npm group by @dependabot[bot] in goreleaser/goreleaser-action#537

ci(deps): bump docker/setup-buildx-action from 3.10.0 to 3.12.0 in the actions group by @dependabot[bot] in goreleaser/goreleaser-action#538

chore(deps): bump semver from 7.7.3 to 7.7.4 in the npm group by @dependabot[bot] in goreleaser/goreleaser-action#539

Full Changelog: goreleaser/goreleaser-action@v6...v7.0.0

v6.4.0

What's Changed

ci: set contents read as default workflow permissions by @crazy-max in goreleaser/goreleaser-action#494

fix: support .config directory for goreleaser config files by @haya14busa in goreleaser/goreleaser-action#500

chore(deps): bump semver from 7.7.1 to 7.7.2 by @dependabot[bot] in goreleaser/goreleaser-action#495

chore(deps): bump brace-expansion from 1.1.11 to 1.1.12 by @dependabot[bot] in goreleaser/goreleaser-action#498

fix: do not get releases.json if version is specific by @caarlos0 in goreleaser/goreleaser-action#502

chore(deps): bump undici from 5.28.5 to 5.29.0 by @dependabot[bot] in goreleaser/goreleaser-action#496

feat: retry downloading releases json by @caarlos0 in goreleaser/goreleaser-action#503

New Contributors

@haya14busa made their first contribution in goreleaser/goreleaser-action#500

Full Changelog: goreleaser/goreleaser-action@v6.3.0...v6.4.0

v6.3.0

Bump undici from 5.28.3 to 5.28.5 in goreleaser/goreleaser-action#488

Full Changelog: goreleaser/goreleaser-action@v6.2.1...v6.3.0

v6.2.1

What's Changed

This version of the actions adds support for GoReleaser Pro v2.7.0 versioning (which dropped the -pro suffix). Older versions should work fine.

[!WARNING] This version is required for GoReleaser Pro v2.7.0+. Read more here.

Full Changelog: goreleaser/goreleaser-action@v6.2.0...v6.2.1

... (truncated)

CommitsDescription has been truncated

…y with 11 updates Bumps the production-dependencies group with 11 updates in the / directory: | Package | From | To | | --- | --- | --- | | [actions/upload-artifact](https://github.com/actions/upload-artifact?target=https://github.com) | `4` | `7` | | [actions/setup-go](https://github.com/actions/setup-go?target=https://github.com) | `5` | `6` | | [actions/setup-python](https://github.com/actions/setup-python?target=https://github.com) | `5` | `6` | | [actions/setup-node](https://github.com/actions/setup-node?target=https://github.com) | `4` | `6` | | [actions/upload-pages-artifact](https://github.com/actions/upload-pages-artifact?target=https://github.com) | `3` | `4` | | [actions/cache](https://github.com/actions/cache?target=https://github.com) | `4` | `5` | | [peter-evans/create-pull-request](https://github.com/peter-evans/create-pull-request?target=https://github.com) | `7` | `8` | | [goreleaser/goreleaser-action](https://github.com/goreleaser/goreleaser-action?target=https://github.com) | `6` | `7` | | [actions/checkout](https://github.com/actions/checkout?target=https://github.com) | `4` | `6` | | [tailscale/github-action](https://github.com/tailscale/github-action?target=https://github.com) | `3` | `4` | | [docker/login-action](https://github.com/docker/login-action?target=https://github.com) | `3` | `4` | Updates `actions/upload-artifact` from 4 to 7 - [Release notes](https://github.com/actions/upload-artifact/releases?target=https://github.com) - [Commits](actions/upload-artifact@v4...v7) Updates `actions/setup-go` from 5 to 6 - [Release notes](https://github.com/actions/setup-go/releases?target=https://github.com) - [Commits](actions/setup-go@v5...v6) Updates `actions/setup-python` from 5 to 6 - [Release notes](https://github.com/actions/setup-python/releases?target=https://github.com) - [Commits](actions/setup-python@v5...v6) Updates `actions/setup-node` from 4 to 6 - [Release notes](https://github.com/actions/setup-node/releases?target=https://github.com) - [Commits](actions/setup-node@v4...v6) Updates `actions/upload-pages-artifact` from 3 to 4 - [Release notes](https://github.com/actions/upload-pages-artifact/releases?target=https://github.com) - [Commits](actions/upload-pages-artifact@v3...v4) Updates `actions/cache` from 4 to 5 - [Release notes](https://github.com/actions/cache/releases?target=https://github.com) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md?target=https://github.com) - [Commits](actions/cache@v4...v5) Updates `peter-evans/create-pull-request` from 7 to 8 - [Release notes](https://github.com/peter-evans/create-pull-request/releases?target=https://github.com) - [Commits](peter-evans/create-pull-request@v7...v8) Updates `goreleaser/goreleaser-action` from 6 to 7 - [Release notes](https://github.com/goreleaser/goreleaser-action/releases?target=https://github.com) - [Commits](goreleaser/goreleaser-action@v6...v7) Updates `actions/checkout` from 4 to 6 - [Release notes](https://github.com/actions/checkout/releases?target=https://github.com) - [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md?target=https://github.com) - [Commits](actions/checkout@v4...v6) Updates `tailscale/github-action` from 3 to 4 - [Release notes](https://github.com/tailscale/github-action/releases?target=https://github.com) - [Commits](tailscale/github-action@v3...v4) Updates `docker/login-action` from 3 to 4 - [Release notes](https://github.com/docker/login-action/releases?target=https://github.com) - [Commits](docker/login-action@v3...v4) --- updated-dependencies: - dependency-name: actions/upload-artifact dependency-version: '7' dependency-type: direct:production update-type: version-update:semver-major dependency-group: production-dependencies - dependency-name: actions/setup-go dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major dependency-group: production-dependencies - dependency-name: actions/setup-python dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major dependency-group: production-dependencies - dependency-name: actions/setup-node dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major dependency-group: production-dependencies - dependency-name: actions/upload-pages-artifact dependency-version: '4' dependency-type: direct:production update-type: version-update:semver-major dependency-group: production-dependencies - dependency-name: actions/cache dependency-version: '5' dependency-type: direct:production update-type: version-update:semver-major dependency-group: production-dependencies - dependency-name: peter-evans/create-pull-request dependency-version: '8' dependency-type: direct:production update-type: version-update:semver-major dependency-group: production-dependencies - dependency-name: goreleaser/goreleaser-action dependency-version: '7' dependency-type: direct:production update-type: version-update:semver-major dependency-group: production-dependencies - dependency-name: actions/checkout dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major dependency-group: production-dependencies - dependency-name: tailscale/github-action dependency-version: '4' dependency-type: direct:production update-type: version-update:semver-major dependency-group: production-dependencies - dependency-name: docker/login-action dependency-version: '4' dependency-type: direct:production update-type: version-update:semver-major dependency-group: production-dependencies ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot · 2026-03-04T18:47:23Z

Labels

The following labels could not be found: deps, github-actions. Please create them before Dependabot can add them to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

build(deps): bump the production-dependencies group across 1 directory with 11 updates#6

build(deps): bump the production-dependencies group across 1 directory with 11 updates#6
dependabot[bot] wants to merge 1 commit intomainfrom
dependabot/github_actions/production-dependencies-e0ca206baa

dependabot bot commented on behalf of github Mar 4, 2026

Uh oh!

dependabot bot commented on behalf of github Mar 4, 2026

Uh oh!

Reviewers

Assignees

Labels

Milestone

Development

Uh oh!

0 participants

Uh oh!

Conversation

dependabot bot commented on behalf of github Mar 4, 2026

v7.0.0

v7 What's new

Direct Uploads

ESM

What's Changed

New Contributors

v6.0.0

v6 - What's new

Node.js 24

What's Changed

v5.0.0

What's Changed

v6.0.0

What's Changed

Breaking Changes

Dependency Upgrades

New Contributors

v5.6.0

What's Changed

v5.5.0

What's Changed

Bug fixes:

Dependency updates:

New Contributors

v6.0.0

What's Changed

Breaking Changes

Enhancements:

Bug fixes:

Dependency updates:

New Contributors

v5.6.0

What's Changed

v5.5.0

What's Changed

Enhancements:

Bug fixes:

v6.0.0

What's Changed

v5.0.0

What's Changed

Breaking Changes

Dependency Upgrades

New Contributors

v4.4.0

v4.0.0

What's Changed

v3.0.1

Changelog

v5.0.0

What's Changed

v4.3.0

What's Changed

New Contributors

v4.2.4

What's Changed

New Contributors

v4.2.3

What's Changed

New Contributors

Releases

How to prepare a release

Changelog

5.0.3

5.0.2

5.0.1

5.0.0

4.3.0

Create Pull Request v8.0.0

What's new in v8

What's Changed

New Contributors

Create Pull Request v7.0.11

What's Changed

Create Pull Request v7.0.10

What's Changed

New Contributors