Skip to content

Bump the actions-deps group with 2 updates#34

Closed
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/github_actions/actions-deps-316fc8e727
Closed

Bump the actions-deps group with 2 updates#34
dependabot[bot] wants to merge 1 commit into
masterfrom
dependabot/github_actions/actions-deps-316fc8e727

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 5, 2026

Copy link
Copy Markdown
Contributor

Bumps the actions-deps group with 2 updates: actions/checkout and lfit/releng-reusable-workflows/.github/workflows/composed-maven-sonar-cloud.yaml.

Updates actions/checkout from 6.0.2 to 6.0.3

Release notes

Sourced from actions/checkout's releases.

v6.0.3

What's Changed

New Contributors

Full Changelog: actions/checkout@v6...v6.0.3

Changelog

Sourced from actions/checkout's changelog.

Changelog

v6.0.3

v6.0.2

v6.0.1

v6.0.0

v5.0.1

v5.0.0

v4.3.1

v4.3.0

v4.2.2

v4.2.1

v4.2.0

v4.1.7

... (truncated)

Commits

Updates lfit/releng-reusable-workflows/.github/workflows/composed-maven-sonar-cloud.yaml from 0.3.4 to 0.5.0

Release notes

Sourced from lfit/releng-reusable-workflows/.github/workflows/composed-maven-sonar-cloud.yaml's releases.

v0.5.0

Downloads for this release

✨ New Features ✨

🐛 Bug Fixes 🐛

🔧 Maintenance 🔧

Links

v0.4.0

Downloads for this release

✨ New Features ✨

  • Feat: add POST_BUILD_SCRIPT support to compose-maven-verify @​askb (#658)

🔧 Maintenance 🔧

  • Chore: Bump github/codeql-action from 4.35.4 to 4.36.0 @dependabot[bot] (#657)
  • Chore: Bump step-security/harden-runner from 2.19.1 to 2.19.4 @dependabot[bot] (#654)
  • Chore: Bump docker/build-push-action from 7.1.0 to 7.2.0 @dependabot[bot] (#656)
  • Chore: Bump im-open/workflow-conclusion from 2.2.4 to 2.2.5 @dependabot[bot] (#653)
  • Chore: Bump release-drafter/release-drafter from 7.3.0 to 7.3.1 @dependabot[bot] (#655)
  • Chore: Bump lfreleng-actions/gerrit-review-action from 1.0.1 to 1.1.0 @dependabot[bot] (#652)
  • Chore: Bump lfit/releng-reusable-workflows/.github/workflows/reuse-sonatype-lifecycle.yaml from 0.3.3 to 0.3.4 @dependabot[bot] (#649)
  • Chore: Bump lfit/releng-reusable-workflows/.github/workflows/compose-packer-verify.yaml from 0.3.3 to 0.3.4 @dependabot[bot] (#648)
  • Chore: Bump lfit/releng-reusable-workflows/.github/workflows/compose-repo-linting.yaml from 0.3.3 to 0.3.4 @dependabot[bot] (#647)
  • Chore: Bump lfit/releng-reusable-workflows/.github/workflows/gerrit-compose-required-tox-verify.yaml from 0.3.3 to 0.3.4 @dependabot[bot] (#646)
  • Chore: Bump lfit/releng-reusable-workflows/.github/workflows/compose-jjb-verify.yaml from 0.3.3 to 0.3.4 @dependabot[bot] (#645)
  • Chore: Bump lfit/releng-reusable-workflows/.github/workflows/reuse-verify-github-actions.yaml from 0.3.3 to 0.3.4 @dependabot[bot] (#644)
  • Chore: Bump lfit/releng-reusable-workflows/.github/workflows/reuse-openssf-scorecard.yaml from 0.3.3 to 0.3.4 @dependabot[bot] (#643)
  • Chore: pre-commit linting updates @pre-commit-ci[bot] (#642)
  • Chore: pre-commit linting updates @pre-commit-ci[bot] (#660)

🎓 Code Quality 🎓

... (truncated)

Commits
  • b2adc11 Merge pull request #668 from askb/feat/maven-verify-pre-build-script
  • be7dbd6 Feat: add PRE_BUILD_SCRIPT support to compose-maven-verify
  • cf4b36b Merge pull request #667 from modeseven-lfit/feat/zizmor-scan-action
  • e72c3e3 Merge pull request #661 from modeseven-lfit/feat/reuse-semantic-pull-request
  • 4ab3f9e Fix: Use zizmor-scan-action for security audit
  • ecc98da Feat: Add semantic pull request reusable workflow
  • 0a6f35f Merge pull request #666 from lfit/dependabot/github_actions/hashicorp/setup-p...
  • d9be754 Merge pull request #664 from lfit/dependabot/github_actions/actions/checkout-...
  • b854da1 Merge pull request #663 from lfit/dependabot/github_actions/lfreleng-actions/...
  • f8bbaff Merge pull request #665 from lfit/dependabot/github_actions/github/codeql-act...
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the actions-deps group with 2 updates: [actions/checkout](https://github.com/actions/checkout) and [lfit/releng-reusable-workflows/.github/workflows/composed-maven-sonar-cloud.yaml](https://github.com/lfit/releng-reusable-workflows).


Updates `actions/checkout` from 6.0.2 to 6.0.3
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](actions/checkout@de0fac2...df4cb1c)

Updates `lfit/releng-reusable-workflows/.github/workflows/composed-maven-sonar-cloud.yaml` from 0.3.4 to 0.5.0
- [Release notes](https://github.com/lfit/releng-reusable-workflows/releases)
- [Commits](lfit/releng-reusable-workflows@9b7880d...b2adc11)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-version: 6.0.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: actions-deps
- dependency-name: lfit/releng-reusable-workflows/.github/workflows/composed-maven-sonar-cloud.yaml
  dependency-version: 0.5.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: actions-deps
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Jun 5, 2026
@github-actions

github-actions Bot commented Jun 5, 2026

Copy link
Copy Markdown

PR: #34
Mode: squash
Topic: GH-controller-34
Change-Ids:
Ia5efd51d276ab1da075977e3f08a19b42d0ea792
Digest: 09afc14140c4
GitHub-Hash: e899afaf2d788038

Note: This metadata is also included in the Gerrit commit message for reconciliation.

@github-actions

github-actions Bot commented Jun 5, 2026

Copy link
Copy Markdown

Change raised in Gerrit by GitHub2Gerrit: https://git.opendaylight.org/gerrit/c/controller/+/123395

odl-github pushed a commit that referenced this pull request Jun 5, 2026
Bumps the actions-deps group with 2 updates: [actions/checkout](https://github.com/actions/checkout) and [lfit/releng-reusable-workflows/.github/workflows/composed-maven-sonar-cloud.yaml](https://github.com/lfit/releng-reusable-workflows).
Updates `actions/checkout` from 6.0.2 to 6.0.3
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](actions/checkout@de0fac2...df4cb1c)
Updates `lfit/releng-reusable-workflows/.github/workflows/composed-maven-sonar-cloud.yaml` from 0.3.4 to 0.5.0
- [Release notes](https://github.com/lfit/releng-reusable-workflows/releases)
- [Commits](lfit/releng-reusable-workflows@9b7880d...b2adc11)

Signed-off-by: dependabot[bot] <support@github.com>
Change-Id: Ia5efd51d276ab1da075977e3f08a19b42d0ea792
GitHub-PR: #34
GitHub-Hash: e899afaf2d788038
Signed-off-by: gh2gerrit <releng+odl-gh2gerrit@linuxfoundation.org>
@github-actions

github-actions Bot commented Jun 5, 2026

Copy link
Copy Markdown

Automated PR Closure

This pull request has been automatically closed by GitHub2Gerrit.

The corresponding Gerrit change has been accepted and merged ✅

The changes from this PR are now part of the main codebase in Gerrit.


This is an automated action performed by the GitHub2Gerrit tool.

@github-actions github-actions Bot closed this Jun 5, 2026
@dependabot @github

dependabot Bot commented on behalf of github Jun 5, 2026

Copy link
Copy Markdown
Contributor Author

This pull request was built based on a group rule. Closing it will not ignore any of these versions in future pull requests.

To ignore these dependencies, configure ignore rules in dependabot.yml

@dependabot dependabot Bot deleted the dependabot/github_actions/actions-deps-316fc8e727 branch June 5, 2026 11:48
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code

Development

Successfully merging this pull request may close these issues.

0 participants