Skip to content

build(deps): bump the github-actions-dependencies group with 3 updates#623

Merged
BaseMax merged 1 commit into
mainfrom
dependabot/github_actions/github-actions-dependencies-7df8b10c08
Jul 10, 2026
Merged

build(deps): bump the github-actions-dependencies group with 3 updates#623
BaseMax merged 1 commit into
mainfrom
dependabot/github_actions/github-actions-dependencies-7df8b10c08

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 9, 2026

Copy link
Copy Markdown
Contributor

Bumps the github-actions-dependencies group with 3 updates: github/codeql-action, docker/setup-buildx-action and docker/login-action.

Updates github/codeql-action from 4.36.2 to 4.36.3

Release notes

Sourced from github/codeql-action's releases.

v4.36.3

No user facing changes.

Changelog

Sourced from github/codeql-action's changelog.

4.36.3 - 01 Jul 2026

No user facing changes.

Commits
  • 54f647b Merge pull request #3984 from github/update-v4.36.3-1f34ec164
  • e78819e Trigger checks
  • 2c9d3d6 Update changelog for v4.36.3
  • 1f34ec1 Merge pull request #3983 from github/mbg/repo-props/ff-for-config-file-prop
  • d5f0145 Log when repository property has a value but is ignored
  • f27f563 Add test for when the FF is off
  • 0025d0f Use FF
  • f7fa18f Add FF for config file repo property
  • 628fc3f Merge pull request #3979 from github/henrymercer/overlay-db-cleanup-size-tele...
  • 9cfb67b Add clarifying comments
  • Additional commits viewable in compare view

Updates docker/setup-buildx-action from 4.1.0 to 4.2.0

Release notes

Sourced from docker/setup-buildx-action's releases.

v4.2.0

Full Changelog: docker/setup-buildx-action@v4.1.0...v4.2.0

Commits
  • bb05f3f Merge pull request #580 from docker/dependabot/npm_and_yarn/docker/actions-to...
  • 321c814 [dependabot skip] chore: update generated content
  • b9a36ef build(deps): bump @​docker/actions-toolkit from 0.91.0 to 0.92.0
  • ebeab24 Merge pull request #570 from docker/dependabot/npm_and_yarn/undici-6.27.0
  • 5c7b8ae [dependabot skip] chore: update generated content
  • 037e618 build(deps): bump undici from 6.25.0 to 6.27.0
  • 66080e5 Merge pull request #577 from docker/dependabot/npm_and_yarn/sigstore-4.1.1
  • 409aef0 Merge pull request #562 from docker/dependabot/npm_and_yarn/js-yaml-4.2.0
  • 49c6e42 build(deps): bump sigstore from 4.1.0 to 4.1.1
  • 2211273 [dependabot skip] chore: update generated content
  • Additional commits viewable in compare view

Updates docker/login-action from 4.2.0 to 4.3.0

Release notes

Sourced from docker/login-action's releases.

v4.3.0

Full Changelog: docker/login-action@v4.2.0...v4.3.0

Commits
  • c99871d Merge pull request #1030 from docker/dependabot/npm_and_yarn/aws-sdk-dependen...
  • b433555 [dependabot skip] chore: update generated content
  • 678a46a build(deps): bump the aws-sdk-dependencies group across 1 directory with 2 up...
  • f9a0aea Merge pull request #1031 from docker/dependabot/npm_and_yarn/sigstore-4.1.1
  • cc1e4cb build(deps): bump sigstore from 4.1.0 to 4.1.1
  • 02e1730 Merge pull request #1029 from docker/dependabot/npm_and_yarn/sigstore/verify-...
  • b548518 build(deps): bump @​sigstore/verify from 3.1.0 to 3.1.1
  • a244be3 Merge pull request #1027 from docker/dependabot/npm_and_yarn/docker/actions-t...
  • ee0d698 [dependabot skip] chore: update generated content
  • 127dc2c build(deps): bump @​docker/actions-toolkit from 0.91.0 to 0.92.0
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the github-actions-dependencies group with 3 updates: [github/codeql-action](https://github.com/github/codeql-action), [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) and [docker/login-action](https://github.com/docker/login-action).


Updates `github/codeql-action` from 4.36.2 to 4.36.3
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](github/codeql-action@v4.36.2...v4.36.3)

Updates `docker/setup-buildx-action` from 4.1.0 to 4.2.0
- [Release notes](https://github.com/docker/setup-buildx-action/releases)
- [Commits](docker/setup-buildx-action@v4.1.0...v4.2.0)

Updates `docker/login-action` from 4.2.0 to 4.3.0
- [Release notes](https://github.com/docker/login-action/releases)
- [Commits](docker/login-action@v4.2.0...v4.3.0)

---
updated-dependencies:
- dependency-name: github/codeql-action
  dependency-version: 4.36.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions-dependencies
- dependency-name: docker/setup-buildx-action
  dependency-version: 4.2.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions-dependencies
- dependency-name: docker/login-action
  dependency-version: 4.3.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Jul 9, 2026
@dependabot dependabot Bot requested review from BaseMax and jbampton as code owners July 9, 2026 19:04
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Jul 9, 2026
@github-project-automation github-project-automation Bot moved this to Backlog in Reboot Jul 9, 2026
@github-actions github-actions Bot added the github label Jul 9, 2026
@github-actions

github-actions Bot commented Jul 9, 2026

Copy link
Copy Markdown

Hey there! 👋 Thanks for submitting your first pull request. We're excited to see your contribution to our project.

If you have any questions, need help, or want feedback, please don't hesitate to reach out. Your efforts make our community stronger.

Keep up the great work! 💪

@BaseMax BaseMax merged commit 81fa86b into main Jul 10, 2026
16 of 19 checks passed
@BaseMax BaseMax deleted the dependabot/github_actions/github-actions-dependencies-7df8b10c08 branch July 10, 2026 00:50
@github-project-automation github-project-automation Bot moved this from Backlog to Done in Reboot Jul 10, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code github

Projects

Status: Done

Development

Successfully merging this pull request may close these issues.

1 participant