Bump the github-actions group with 4 updates by dependabot[bot] · Pull Request #438 · jetstack/version-checker

dependabot · 2026-06-01T12:08:35Z

Bumps the github-actions group with 4 updates: golangci/golangci-lint-action, ad-m/github-push-action, devops-infra/action-pull-request and sigstore/cosign-installer.

Updates golangci/golangci-lint-action from 9.2.0 to 9.2.1

Release notes

Sourced from golangci/golangci-lint-action's releases.

v9.2.1

What's Changed

IMPORTANT: this is the first immutable release.

Changes

chore: improve workflows by @ldez in golangci/golangci-lint-action#1394

Dependencies

build(deps-dev): bump the dev-dependencies group with 3 updates by @dependabot[bot] in golangci/golangci-lint-action#1325

build(deps-dev): bump the dev-dependencies group with 2 updates by @dependabot[bot] in golangci/golangci-lint-action#1326

build(deps): bump the dependencies group with 4 updates by @dependabot[bot] in golangci/golangci-lint-action#1327

build(deps-dev): bump the dev-dependencies group with 2 updates by @dependabot[bot] in golangci/golangci-lint-action#1328

build(deps): bump @types/node from 25.0.2 to 25.0.3 in the dependencies group by @dependabot[bot] in golangci/golangci-lint-action#1329

build(deps-dev): bump the dev-dependencies group with 2 updates by @dependabot[bot] in golangci/golangci-lint-action#1330

build(deps-dev): bump the dev-dependencies group with 2 updates by @dependabot[bot] in golangci/golangci-lint-action#1332

build(deps-dev): bump the dev-dependencies group with 2 updates by @dependabot[bot] in golangci/golangci-lint-action#1333

build(deps): bump the dependencies group with 6 updates by @dependabot[bot] in golangci/golangci-lint-action#1334

build(deps-dev): bump the dev-dependencies group with 4 updates by @dependabot[bot] in golangci/golangci-lint-action#1335

build(deps): bump the dependencies group with 2 updates by @dependabot[bot] in golangci/golangci-lint-action#1336

build(deps-dev): bump the dev-dependencies group with 3 updates by @dependabot[bot] in golangci/golangci-lint-action#1337

build(deps): bump @types/node from 25.0.9 to 25.0.10 in the dependencies group by @dependabot[bot] in golangci/golangci-lint-action#1338

build(deps): bump fast-xml-parser from 5.3.3 to 5.3.4 by @dependabot[bot] in golangci/golangci-lint-action#1339

build(deps-dev): bump the dev-dependencies group with 2 updates by @dependabot[bot] in golangci/golangci-lint-action#1340

build(deps-dev): bump the dev-dependencies group across 1 directory with 3 updates by @dependabot[bot] in golangci/golangci-lint-action#1344

build(deps): bump fast-xml-parser from 5.3.4 to 5.3.6 by @dependabot[bot] in golangci/golangci-lint-action#1346

build(deps): bump minimatch by @dependabot[bot] in golangci/golangci-lint-action#1348

build(deps): bump minimatch from 3.1.3 to 3.1.5 by @dependabot[bot] in golangci/golangci-lint-action#1350

build(deps): bump fast-xml-parser from 5.3.6 to 5.4.1 by @dependabot[bot] in golangci/golangci-lint-action#1351

build(deps): bump fast-xml-parser from 5.4.1 to 5.5.6 by @dependabot[bot] in golangci/golangci-lint-action#1357

build(deps): bump fast-xml-parser from 5.5.6 to 5.5.7 by @dependabot[bot] in golangci/golangci-lint-action#1358

build(deps-dev): bump flatted from 3.3.3 to 3.4.2 by @dependabot[bot] in golangci/golangci-lint-action#1359

build(deps): bump picomatch from 4.0.3 to 4.0.4 by @dependabot[bot] in golangci/golangci-lint-action#1364

build(deps): bump yaml from 2.8.2 to 2.8.3 by @dependabot[bot] in golangci/golangci-lint-action#1365

build(deps): bump brace-expansion by @dependabot[bot] in golangci/golangci-lint-action#1370

build(deps-dev): bump the dev-dependencies group across 1 directory with 7 updates by @ldez in golangci/golangci-lint-action#1374

build(deps): bump github/codeql-action from 4 to 4.35.2 by @dependabot[bot] in golangci/golangci-lint-action#1384

build(deps): bump fast-xml-builder from 1.1.5 to 1.2.0 by @dependabot[bot] in golangci/golangci-lint-action#1386

build(deps): bump github/codeql-action from 4.35.2 to 4.35.3 by @dependabot[bot] in golangci/golangci-lint-action#1389

build(deps): bump github/codeql-action from 4.35.3 to 4.35.4 by @dependabot[bot] in golangci/golangci-lint-action#1391

Full Changelog: golangci/golangci-lint-action@v9.2.0...v9.2.1

Commits

82606bf chore: prepare release v9.2.1
97c8387 chore: improve workflows (#1394)
28d0a19 build(deps): bump the dependencies group across 1 directory with 2 updates
633fbc7 build(deps): bump github/codeql-action from 4.35.3 to 4.35.4 (#1391)
59f43e2 build(deps): bump github/codeql-action from 4.35.2 to 4.35.3 (#1389)
9eb174e build(deps): bump fast-xml-builder from 1.1.5 to 1.2.0 (#1386)
4f52504 build(deps): bump github/codeql-action from 4 to 4.35.2 (#1384)
6f87dfd docs: update examples
c9500d7 chore: improve workflows
03b1faa chore: improve issue templates
Additional commits viewable in compare view

Updates ad-m/github-push-action from 1.1.0 to 1.3.0

Release notes

Sourced from ad-m/github-push-action's releases.

v1.3.0

What's Changed

feat: Add addional GH token descriptor name by @ZPascal in ad-m/github-push-action#375

feat: Adjust the detached HEAD documentation by @ZPascal in ad-m/github-push-action#376

Full Changelog: ad-m/github-push-action@v1...v1.3.0

v1.2.0

What's Changed

feat: Add git pull support by @ZPascal in ad-m/github-push-action#373

Full Changelog: ad-m/github-push-action@v1...v1.2.0

Commits

881a632 feat: Adjust the detached HEAD documentation (#376)
f917f9b feat: Add addional GH token descriptor name (#375)
fdfe7e8 feat: Add git pull support (#373)
d30dc2d docs: Adjust the link
See full diff in compare view

Updates devops-infra/action-pull-request from 1.0.2 to 1.2.1

Release notes

Sourced from devops-infra/action-pull-request's releases.

v1.2.1

What's Changed

feat: add Triglav as end-to-end test orchestrator by @github-actions[bot] in devops-infra/action-pull-request#222

chore(release): prepare v1.2.1 by @github-actions[bot] in devops-infra/action-pull-request#227

Full Changelog: devops-infra/action-pull-request@v1.2.0...v1.2.1

v1.2.0

What's Changed

feat: add repository and repository_path inputs for enhanced configuration by @github-actions[bot] in devops-infra/action-pull-request#220

chore(release): prepare v1.2.0 by @github-actions[bot] in devops-infra/action-pull-request#221

Full Changelog: devops-infra/action-pull-request@v1.1...v1.2.0

v1.1.3

What's Changed

fix: update README for clarity and versioning guidance by @github-actions[bot] in devops-infra/action-pull-request#218

chore(release): prepare v1.1.3 by @github-actions[bot] in devops-infra/action-pull-request#219

Full Changelog: devops-infra/action-pull-request@v1.1.2...v1.1.3

v1.1.2

What's Changed

feat: improve workflow linting and update workflow files by @github-actions[bot] in devops-infra/action-pull-request#215

fix: update Alpine package handling to allow optional version pinning by @github-actions[bot] in devops-infra/action-pull-request#216

chore(release): prepare v1.1.2 by @github-actions[bot] in devops-infra/action-pull-request#217

Full Changelog: devops-infra/action-pull-request@v1.1.1...v1.1.2

v1.1.1

What's Changed

chore: update action-pull-request version to v1.1.0 in action.yml and README.md by @github-actions[bot] in devops-infra/action-pull-request#211

chore: update action-pull-request version to v1.1.1 in action.yml and README.md by @github-actions[bot] in devops-infra/action-pull-request#212

Full Changelog: devops-infra/action-pull-request@v1.1.0...v1.1.1

v1.1.0

What's Changed

⚡ Improve Taskfiles and workflows with new options by @github-actions[bot] in devops-infra/action-pull-request#197

⚡ Sync workflows with template by @github-actions[bot] in devops-infra/action-pull-request#198

Bump ubuntu from questing-20251007 to questing-20251029 by @dependabot[bot] in devops-infra/action-pull-request#199

Bump ubuntu from questing-20251029 to questing-20251217 by @dependabot[bot] in devops-infra/action-pull-request#200

Mirror template-action PR #129: fix buildx install flag and add manual release dispatch by @Copilot in devops-infra/action-pull-request#201

Bump docker/setup-qemu-action from 3 to 4 by @dependabot[bot] in devops-infra/action-pull-request#203

Bump docker/setup-buildx-action from 3 to 4 by @dependabot[bot] in devops-infra/action-pull-request#202

... (truncated)

Commits

c5a99ac chore(release): prepare v1.2.1 (#227)
6aa878a feat: add Triglav as end-to-end test orchestrator (#222)
562d37b chore(release): prepare v1.2.0 (#221)
766f664 feat: add repository and repository_path inputs for enhanced configuration (#...
86d8692 chore(release): prepare v1.1.3 (#219)
0ca8a22 fix: update README for clarity and versioning guidance (#218)
eb4c48b chore(release): prepare v1.1.2 (#217)
5b6f69b fix: update Alpine package handling to allow optional version pinning (#216)
ea294d9 feat: improve workflow linting and update workflow files (#215)
378b46d chore: update action-pull-request version to v1.1.1 in action.yml and README....
Additional commits viewable in compare view

Updates sigstore/cosign-installer from 4.1.1 to 4.1.2

Release notes

Sourced from sigstore/cosign-installer's releases.

v4.1.2

What's Changed

Bump cosign to 3.0.6 in sigstore/cosign-installer#232

Commits

6f9f177 Bump cosign to 3.0.6 (#232)
b5e753a Bump actions/github-script from 8.0.0 to 9.0.0 (#230)
115e4ce Bump actions/setup-go from 6.3.0 to 6.4.0 (#226)
See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the github-actions group with 4 updates: [golangci/golangci-lint-action](https://github.com/golangci/golangci-lint-action), [ad-m/github-push-action](https://github.com/ad-m/github-push-action), [devops-infra/action-pull-request](https://github.com/devops-infra/action-pull-request) and [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer). Updates `golangci/golangci-lint-action` from 9.2.0 to 9.2.1 - [Release notes](https://github.com/golangci/golangci-lint-action/releases) - [Commits](golangci/golangci-lint-action@1e7e51e...82606bf) Updates `ad-m/github-push-action` from 1.1.0 to 1.3.0 - [Release notes](https://github.com/ad-m/github-push-action/releases) - [Commits](ad-m/github-push-action@v1.1.0...v1.3.0) Updates `devops-infra/action-pull-request` from 1.0.2 to 1.2.1 - [Release notes](https://github.com/devops-infra/action-pull-request/releases) - [Commits](devops-infra/action-pull-request@v1.0.2...v1.2.1) Updates `sigstore/cosign-installer` from 4.1.1 to 4.1.2 - [Release notes](https://github.com/sigstore/cosign-installer/releases) - [Commits](sigstore/cosign-installer@cad07c2...6f9f177) --- updated-dependencies: - dependency-name: golangci/golangci-lint-action dependency-version: 9.2.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: ad-m/github-push-action dependency-version: 1.3.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: devops-infra/action-pull-request dependency-version: 1.2.1 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: sigstore/cosign-installer dependency-version: 4.1.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot Bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Jun 1, 2026

dependabot Bot requested review from davidcollom and maria-reynoso as code owners June 1, 2026 12:08

github-actions Bot approved these changes Jun 1, 2026

View reviewed changes

github-actions Bot merged commit bbe46c2 into main Jun 1, 2026
4 of 6 checks passed

github-actions Bot deleted the dependabot/github_actions/github-actions-4f9c7c918e branch June 1, 2026 12:08

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Bump the github-actions group with 4 updates#438

Bump the github-actions group with 4 updates#438
github-actions[bot] merged 1 commit into
mainfrom
dependabot/github_actions/github-actions-4f9c7c918e

dependabot Bot commented on behalf of github Jun 1, 2026

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

Conversation

dependabot Bot commented on behalf of github Jun 1, 2026

v9.2.1

What's Changed

Changes

Dependencies

v1.3.0

What's Changed

v1.2.0

What's Changed

v1.2.1

What's Changed

v1.2.0

What's Changed

v1.1.3

What's Changed

v1.1.2

What's Changed

v1.1.1

What's Changed

v1.1.0

What's Changed

v4.1.2

What's Changed

Uh oh!

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants