chore(deps): bump the all group across 1 directory with 7 updates by dependabot[bot] · Pull Request #47 · nowsecure/nowsecure-ci

dependabot · 2026-03-23T02:10:10Z

Bumps the all group with 7 updates in the / directory:

Package	From	To
docker/metadata-action	`5`	`6`
docker/login-action	`3`	`4`
docker/setup-buildx-action	`3`	`4`
docker/build-push-action	`6`	`7`
dorny/test-reporter	`2`	`3`
crate-ci/typos	`1.42.1`	`1.47.0`
goreleaser/goreleaser-action	`6`	`7`

Updates docker/metadata-action from 5 to 6

Release notes

Sourced from docker/metadata-action's releases.

v6.0.0

Node 24 as default runtime (requires Actions Runner v2.327.1 or later) by @crazy-max in docker/metadata-action#605

List inputs now preserve # inside values while still supporting full-line # comments by @crazy-max in docker/metadata-action#607

Switch to ESM and update config/test wiring by @crazy-max in docker/metadata-action#602

Bump lodash from 4.17.21 to 4.17.23 in docker/metadata-action#588

Bump @actions/core from 1.11.1 to 3.0.0 in docker/metadata-action#599

Bump @actions/github from 6.0.1 to 9.0.0 in docker/metadata-action#597

Bump @docker/actions-toolkit from 0.68.0 to 0.79.0 in docker/metadata-action#604

Bump @isaacs/brace-expansion from 5.0.0 to 5.0.1 in docker/metadata-action#600

Bump semver from 7.7.3 to 7.7.4 in docker/metadata-action#603

Full Changelog: docker/metadata-action@v5.10.0...v6.0.0

v5.10.0

Bump @docker/actions-toolkit from 0.66.0 to 0.68.0 in docker/metadata-action#559 docker/metadata-action#569

Bump js-yaml from 3.14.1 to 3.14.2 in docker/metadata-action#564

Full Changelog: docker/metadata-action@v5.9.0...v5.10.0

v5.9.0

Add tag-names output to return tag names without image base name by @crazy-max in docker/metadata-action#553

Bump @babel/runtime-corejs3 from 7.14.7 to 7.28.2 in docker/metadata-action#539

Bump @docker/actions-toolkit from 0.62.1 to 0.66.0 in docker/metadata-action#555

Bump brace-expansion from 1.1.11 to 1.1.12 in docker/metadata-action#540

Bump csv-parse from 5.6.0 to 6.1.0 in docker/metadata-action#532

Bump semver from 7.7.2 to 7.7.3 in in docker/metadata-action#554

Bump tmp from 0.2.3 to 0.2.5 in docker/metadata-action#541

Full Changelog: docker/metadata-action@v5.8.0...v5.9.0

v5.8.0

New is_not_default_branch global expression by @crazy-max in docker/metadata-action#535

Allow to match part of the git tag or value for semver/pep440 types by @crazy-max in docker/metadata-action#536 docker/metadata-action#537

Bump @actions/github from 6.0.0 to 6.0.1 in docker/metadata-action#523

Bump @docker/actions-toolkit from 0.56.0 to 0.62.1 in docker/metadata-action#526

Bump form-data from 2.5.1 to 2.5.5 in docker/metadata-action#533

Bump moment-timezone from 0.5.47 to 0.6.0 in docker/metadata-action#525

Bump semver from 7.7.1 to 7.7.2 in docker/metadata-action#524

Full Changelog: docker/metadata-action@v5.7.0...v5.8.0

v5.7.0

Global expressions support for labels and annotations by @crazy-max in docker/metadata-action#489

Support disabling outputs as environment variables by @omus in docker/metadata-action#497

Bump @docker/actions-toolkit from 0.44.0 to 0.56.0 in docker/metadata-action#507 docker/metadata-action#509

Bump csv-parse from 5.5.6 to 5.6.0 in docker/metadata-action#482

Bump moment-timezone from 0.5.46 to 0.5.47 in docker/metadata-action#501

Bump semver from 7.6.3 to 7.7.1 in docker/metadata-action#504

Full Changelog: docker/metadata-action@v5.6.1...v5.7.0

... (truncated)

Commits

80c7e94 Merge pull request #613 from docker/dependabot/npm_and_yarn/docker/actions-to...
8e0ddab chore: update generated content
a8db14b chore(deps): Bump @docker/actions-toolkit from 0.79.0 to 0.90.0
63a7371 Merge pull request #617 from docker/dependabot/npm_and_yarn/csv-parse-6.2.0
c6916a6 chore: update generated content
aca9205 chore(deps): Bump csv-parse from 6.1.0 to 6.2.1
9dcfe60 Merge pull request #629 from docker/dependabot/npm_and_yarn/handlebars-4.7.9
43dea76 chore: update generated content
7a56f5a chore(deps): Bump handlebars from 4.7.8 to 4.7.9
e49e0aa Merge pull request #658 from docker/dependabot/npm_and_yarn/brace-expansion-5...
Additional commits viewable in compare view

Updates docker/login-action from 3 to 4

Release notes

Sourced from docker/login-action's releases.

v4.0.0

Node 24 as default runtime (requires Actions Runner v2.327.1 or later) by @crazy-max in docker/login-action#929

Switch to ESM and update config/test wiring by @crazy-max in docker/login-action#927

Bump @actions/core from 1.11.1 to 3.0.0 in docker/login-action#919

Bump @aws-sdk/client-ecr from 3.890.0 to 3.1000.0 in docker/login-action#909 docker/login-action#920

Bump @aws-sdk/client-ecr-public from 3.890.0 to 3.1000.0 in docker/login-action#909 docker/login-action#920

Bump @docker/actions-toolkit from 0.63.0 to 0.77.0 in docker/login-action#910 docker/login-action#928

Bump @isaacs/brace-expansion from 5.0.0 to 5.0.1 in docker/login-action#921

Bump js-yaml from 4.1.0 to 4.1.1 in docker/login-action#901

Full Changelog: docker/login-action@v3.7.0...v4.0.0

v3.7.0

Add scope input to set scopes for the authentication token by @crazy-max in docker/login-action#912

Add support for AWS European Sovereign Cloud ECR by @dphi in docker/login-action#914

Ensure passwords are redacted with registry-auth input by @crazy-max in docker/login-action#911

build(deps): bump lodash from 4.17.21 to 4.17.23 in docker/login-action#915

Full Changelog: docker/login-action@v3.6.0...v3.7.0

v3.6.0

Add registry-auth input for raw authentication to registries by @crazy-max in docker/login-action#887

Bump @aws-sdk/client-ecr to 3.890.0 in docker/login-action#882 docker/login-action#890

Bump @aws-sdk/client-ecr-public to 3.890.0 in docker/login-action#882 docker/login-action#890

Bump @docker/actions-toolkit from 0.62.1 to 0.63.0 in docker/login-action#883

Bump brace-expansion from 1.1.11 to 1.1.12 in docker/login-action#880

Bump undici from 5.28.4 to 5.29.0 in docker/login-action#879

Bump tmp from 0.2.3 to 0.2.4 in docker/login-action#881

Full Changelog: docker/login-action@v3.5.0...v3.6.0

v3.5.0

Support dual-stack endpoints for AWS ECR by @Spacefish @crazy-max in docker/login-action#874 docker/login-action#876

Bump @aws-sdk/client-ecr to 3.859.0 in docker/login-action#860 docker/login-action#878

Bump @aws-sdk/client-ecr-public to 3.859.0 in docker/login-action#860 docker/login-action#878

Bump @docker/actions-toolkit from 0.57.0 to 0.62.1 in docker/login-action#870

Bump form-data from 2.5.1 to 2.5.5 in docker/login-action#875

Full Changelog: docker/login-action@v3.4.0...v3.5.0

v3.4.0

Bump @actions/core from 1.10.1 to 1.11.1 in docker/login-action#791

Bump @aws-sdk/client-ecr to 3.766.0 in docker/login-action#789 docker/login-action#856

Bump @aws-sdk/client-ecr-public to 3.758.0 in docker/login-action#789 docker/login-action#856

Bump @docker/actions-toolkit from 0.35.0 to 0.57.0 in docker/login-action#801 docker/login-action#806 docker/login-action#858

Bump cross-spawn from 7.0.3 to 7.0.6 in docker/login-action#814

Bump https-proxy-agent from 7.0.5 to 7.0.6 in docker/login-action#823

Bump path-to-regexp from 6.2.2 to 6.3.0 in docker/login-action#777

Full Changelog: docker/login-action@v3.3.0...v3.4.0

... (truncated)

Commits

650006c Merge pull request #960 from docker/dependabot/npm_and_yarn/aws-sdk-dependenc...
99df1a3 chore: update generated content
3ab375f build(deps): bump the aws-sdk-dependencies group across 1 directory with 2 up...
39d8580 Merge pull request #970 from docker/dependabot/npm_and_yarn/docker/actions-to...
4eefcd3 chore: update generated content
56d092c build(deps): bump @docker/actions-toolkit from 0.86.0 to 0.90.0
e2e31ca Merge pull request #976 from docker/dependabot/npm_and_yarn/actions/core-3.0.1
0bced94 chore: update generated content
3e75a0f build(deps): bump @actions/core from 3.0.0 to 3.0.1
365bebd Merge pull request #984 from docker/dependabot/github_actions/aws-actions/con...
Additional commits viewable in compare view

Updates docker/setup-buildx-action from 3 to 4

Release notes

Sourced from docker/setup-buildx-action's releases.

v4.0.0

Node 24 as default runtime (requires Actions Runner v2.327.1 or later) by @crazy-max in docker/setup-buildx-action#483

Remove deprecated inputs/outputs by @crazy-max in docker/setup-buildx-action#464

Switch to ESM and update config/test wiring by @crazy-max in docker/setup-buildx-action#481

Bump @actions/core from 1.11.1 to 3.0.0 in docker/setup-buildx-action#475

Bump @docker/actions-toolkit from 0.63.0 to 0.79.0 in docker/setup-buildx-action#482 docker/setup-buildx-action#485

Bump js-yaml from 4.1.0 to 4.1.1 in docker/setup-buildx-action#452

Bump lodash from 4.17.21 to 4.17.23 in docker/setup-buildx-action#472

Bump minimatch from 3.1.2 to 3.1.5 in docker/setup-buildx-action#480

Full Changelog: docker/setup-buildx-action@v3.12.0...v4.0.0

v3.12.0

Deprecate install input by @crazy-max in docker/setup-buildx-action#455

Bump @docker/actions-toolkit from 0.62.1 to 0.63.0 in docker/setup-buildx-action#434

Bump brace-expansion from 1.1.11 to 1.1.12 in docker/setup-buildx-action#436

Bump form-data from 2.5.1 to 2.5.5 in docker/setup-buildx-action#432

Bump undici from 5.28.4 to 5.29.0 in docker/setup-buildx-action#435

Full Changelog: docker/setup-buildx-action@v3.11.1...v3.12.0

v3.11.1

Fix keep-state not being respected by @crazy-max in docker/setup-buildx-action#429

Full Changelog: docker/setup-buildx-action@v3.11.0...v3.11.1

v3.11.0

Keep BuildKit state support by @crazy-max in docker/setup-buildx-action#427

Remove aliases created when installing by default by @hashhar in docker/setup-buildx-action#139

Bump @docker/actions-toolkit from 0.56.0 to 0.62.1 in docker/setup-buildx-action#422 docker/setup-buildx-action#425

Full Changelog: docker/setup-buildx-action@v3.10.0...v3.11.0

v3.10.0

Bump @docker/actions-toolkit from 0.54.0 to 0.56.0 in docker/setup-buildx-action#408

Full Changelog: docker/setup-buildx-action@v3.9.0...v3.10.0

v3.9.0

Bump @docker/actions-toolkit from 0.48.0 to 0.54.0 in docker/setup-buildx-action#402 docker/setup-buildx-action#404

Full Changelog: docker/setup-buildx-action@v3.8.0...v3.9.0

v3.8.0

Make cloud prefix optional to download buildx if driver is cloud by @crazy-max in docker/setup-buildx-action#390

Bump @actions/core from 1.10.1 to 1.11.1 in docker/setup-buildx-action#370

Bump @docker/actions-toolkit from 0.39.0 to 0.48.0 in docker/setup-buildx-action#389

Bump cross-spawn from 7.0.3 to 7.0.6 in docker/setup-buildx-action#382

Full Changelog: docker/setup-buildx-action@v3.7.1...v3.8.0

... (truncated)

Commits

d7f5e7f Merge pull request #489 from docker/dependabot/npm_and_yarn/docker/actions-to...
92bc5c9 chore: update generated content
da11e35 build(deps): bump @docker/actions-toolkit from 0.79.0 to 0.90.0
f021e16 Merge pull request #492 from docker/dependabot/npm_and_yarn/undici-6.24.1
b5af94f chore: update generated content
16ad977 build(deps): bump undici from 6.23.0 to 6.25.0
d7a12d7 Merge pull request #495 from docker/dependabot/npm_and_yarn/glob-10.5.0
28ff27d build(deps): bump glob from 10.3.12 to 13.0.6
daf436b Merge pull request #496 from docker/dependabot/npm_and_yarn/fast-xml-parser-5...
9725348 chore: update generated content
Additional commits viewable in compare view

Updates docker/build-push-action from 6 to 7

Release notes

Sourced from docker/build-push-action's releases.

v7.0.0

Node 24 as default runtime (requires Actions Runner v2.327.1 or later) by @crazy-max in docker/build-push-action#1470

Remove deprecated DOCKER_BUILD_NO_SUMMARY and DOCKER_BUILD_EXPORT_RETENTION_DAYS envs by @crazy-max in docker/build-push-action#1473

Remove legacy export-build tool support for build summary by @crazy-max in docker/build-push-action#1474

Switch to ESM and update config/test wiring by @crazy-max in docker/build-push-action#1466

Bump @actions/core from 1.11.1 to 3.0.0 in docker/build-push-action#1454

Bump @docker/actions-toolkit from 0.62.1 to 0.79.0 in docker/build-push-action#1453 docker/build-push-action#1472 docker/build-push-action#1479

Bump minimatch from 3.1.2 to 3.1.5 in docker/build-push-action#1463

Full Changelog: docker/build-push-action@v6.19.2...v7.0.0

v6.19.2

Preserve port in GIT_AUTH_TOKEN host by @crazy-max in docker/build-push-action#1458

Full Changelog: docker/build-push-action@v6.19.1...v6.19.2

v6.19.1

Derive GIT_AUTH_TOKEN host from GitHub server URL by @crazy-max in docker/build-push-action#1456

Full Changelog: docker/build-push-action@v6.19.0...v6.19.1

v6.19.0

Scope default git auth token to github.com by @crazy-max in docker/build-push-action#1451

Bump brace-expansion from 1.1.11 to 1.1.12 in docker/build-push-action#1396

Bump form-data from 2.5.1 to 2.5.5 in docker/build-push-action#1391

Bump js-yaml from 3.14.1 to 3.14.2 in docker/build-push-action#1429

Bump lodash from 4.17.21 to 4.17.23 in docker/build-push-action#1446

Bump tmp from 0.2.3 to 0.2.4 in docker/build-push-action#1398

Bump undici from 5.28.4 to 5.29.0 in docker/build-push-action#1397

Full Changelog: docker/build-push-action@v6.18.0...v6.19.0

v6.18.0

Bump @docker/actions-toolkit from 0.61.0 to 0.62.1 in docker/build-push-action#1381

[!NOTE] Build summary is now supported with Docker Build Cloud.

Full Changelog: docker/build-push-action@v6.17.0...v6.18.0

v6.17.0

Bump @docker/actions-toolkit from 0.59.0 to 0.61.0 by @crazy-max in docker/build-push-action#1364

[!NOTE] Build record is now exported using the buildx history export command instead of the legacy export-build tool.

Full Changelog: docker/build-push-action@v6.16.0...v6.17.0

v6.16.0

Handle no default attestations env var by @crazy-max in docker/build-push-action#1343

... (truncated)

Commits

f9f3042 Merge pull request #1517 from docker/dependabot/npm_and_yarn/docker/actions-t...
812d5fd chore: update generated content
b6f6693 chore(deps): Bump @docker/actions-toolkit from 0.87.0 to 0.90.0
c1c626e Merge pull request #1525 from docker/dependabot/npm_and_yarn/actions/core-3.0.1
51bb284 chore: update generated content
5f7884d chore(deps): Bump @actions/core from 3.0.0 to 3.0.1
e01deff Merge pull request #1521 from docker/dependabot/npm_and_yarn/fast-xml-parser-...
3804d49 chore: update generated content
71e8947 chore(deps): Bump fast-xml-parser from 5.5.7 to 5.8.0
4925ad2 Merge pull request #1526 from docker/dependabot/npm_and_yarn/postcss-8.5.10
Additional commits viewable in compare view

Updates dorny/test-reporter from 2 to 3

Release notes

Sourced from dorny/test-reporter's releases.

v3.0.0

Note: The v3 release requires NodeJS 24 runtime on GitHub Actions runners.

What's Changed

Upgrade action runtime to Node.js 24 by @dav-tb in dorny/test-reporter#738

Explicitly use lowest permissions required to run workflow by @jozefizso in dorny/test-reporter#745

Other Changes

Bump @typescript-eslint/parser from 8.57.0 to 8.57.1 by @dependabot[bot] in dorny/test-reporter#742

Bump @types/adm-zip from 0.5.7 to 0.5.8 by @dependabot[bot] in dorny/test-reporter#743

Bump flatted from 3.4.1 to 3.4.2 by @dependabot[bot] in dorny/test-reporter#744

New Contributors

@dav-tb made their first contribution in dorny/test-reporter#738

Full Changelog: dorny/test-reporter@v2.7.0...v3.0.0

v2.7.0

What's Changed

Feature: Add slug-prefix output for link anchors dorny/test-reporter#731

Feature: Report jest-junit testsuite errors as failures dorny/test-reporter#155

Security: Update dependencies to fix reported security vulnerabilities

Other Changes

Bump eslint from 9.39.3 to 9.39.4 by @dependabot[bot] in dorny/test-reporter#732

Bump @typescript-eslint/parser from 8.56.1 to 8.57.0 by @dependabot[bot] in dorny/test-reporter#733

Bump jest from 30.2.0 to 30.3.0 by @dependabot[bot] in dorny/test-reporter#734

Bump undici from 6.23.0 to 6.24.1 by @dependabot[bot] in dorny/test-reporter#736

Update flatted package to v3.4.1 to fix a vulnerability by @jozefizso in dorny/test-reporter#739

New Contributors

@dt-thomas-durand made their first contribution in dorny/test-reporter#731

@johnbartholomew made their first contribution in dorny/test-reporter#155

Full Changelog: dorny/test-reporter@v2.6.0...v2.7.0

v2.6.0

We updated all dependency packages to latest versions to fix reported security vulnerabilities.

What's Changed

Fix: For workflow_run events, resolve the commit of the check run from related pull request head commits first (matching workflow_run.head_branch, then first PR), and fall back to workflow_run.head_sha for non-PR runs dorny/test-reporter#673

Change: The test-reporter action will listed all artifacts associated with the build run dorny/test-reporter#693

Maintenance: Upgrade to ESLint v9 dorny/test-reporter#629

New Contributors

@azchohfi made their first contribution in dorny/test-reporter#673

Full Changelog: dorny/test-reporter@v2.5.0...v2.6.0

... (truncated)

Changelog

Sourced from dorny/test-reporter's changelog.

Changelog

3.1.0

Feature: Add list-files input to control test report file listing dorny/test-reporter#773

Feature: Add summary_file output with the path to the generated summary in Markdown format dorny/test-reporter#772

3.0.0

Feature: Use NodeJS 24 LTS as default runtime dorny/test-reporter#738

2.7.0

Feature: Add slug-prefix output for link anchors dorny/test-reporter#731

Feature: Report jest-junit testsuite errors as failures dorny/test-reporter#155

Security: Update dependencies to fix reported security vulnerabilities

2.6.0

Fix: For workflow_run events, resolve the commit of the check run from related pull request head commits first (matching workflow_run.head_branch, then first PR), and fall back to workflow_run.head_sha for non-PR runs dorny/test-reporter#673

Change: The test-reporter action will listed all artifacts associated with the build run dorny/test-reporter#693

Maintenance: Upgrade to ESLint v9 dorny/test-reporter#629

2.5.0

Feature: Add Nette Tester support with tester-junit reporter dorny/test-reporter#707

Maintenance: Bump actions/upload-artifact from 5 to 6 dorny/test-reporter#695

2.4.0

Feature: Add PHPUnit support with JUnit XML dialect parser dorny/test-reporter#422

Feature: Add JUnit XML sample files and tests for validation dorny/test-reporter#701

Fix: Refactor deprecated String.substr() function to use String.substring() dorny/test-reporter#704

2.3.0

Feature: Add Python support with python-xunit reporter (pytest) dorny/test-reporter#643

Feature: Add pytest traceback parsing and directory-mapping option dorny/test-reporter#238

Performance: Update sax.js to fix large XML file parsing dorny/test-reporter#681

Documentation: Complete documentation for all supported reporters dorny/test-reporter#691

Security: Bump js-yaml and mocha in /reports/mocha (fixes prototype pollution) dorny/test-reporter#682

2.2.0

Feature: Add collapsed option to control report summary visibility dorny/test-reporter#664

Fix badge encoding for values including underscore and hyphens dorny/test-reporter#672

Fix missing report-title attribute in action definition dorny/test-reporter#637

Refactor variable names to fix shadowing issues dorny/test-reporter#630

2.1.1

Fix error when a TestMethod element does not have a className attribute in a trx file dorny/test-reporter#623

Add stack trace from trx to summary dorny/test-reporter#615

List only failed tests dorny/test-reporter#606

Add type definitions to github-utils.ts dorny/test-reporter#604

Avoid split on undefined dorny/test-reporter#258

Return links to summary report dorny/test-reporter#588

Add step summary short summary dorny/test-reporter#589

Fix for empty TRX TestDefinitions dorny/test-reporter#582

... (truncated)

Commits

a43b3a5 test-reporter release v3.0.0
79216dc Merge pull request #744 from dorny/dependabot/npm_and_yarn/flatted-3.4.2
62c3873 Merge pull request #745 from dorny/feature/workflow_permissions
bd74ca6 Explicitly use lowest permissions required to run workflow
0c2b2aa Merge pull request #738 from dav-tb/feature/node24-runtime
f7eee30 Use the @types/node definitions for NodeJS 24 runtime
ad0a96f Upgrade action runtime to Node.js 24
543415c Merge pull request #741 from dorny/release/v2.7.0
f1284d0 Bump flatted from 3.4.1 to 3.4.2
3c1b53f Merge pull request #743 from dorny/dependabot/npm_and_yarn/types/adm-zip-0.5.8
Additional commits viewable in compare view

Updates crate-ci/typos from 1.42.1 to 1.47.0

Release notes

Sourced from crate-ci/typos's releases.

v1.47.0

[1.47.0] - 2026-05-29

Features

Updated the dictionary with the May 2026 changes

v1.46.3

[1.46.3] - 2026-05-23

Fixes

Don't correct to sequentials

Don't correct to subdolder

v1.46.2

[1.46.2] - 2026-05-16

Fixes

Don't correct to criterias

Don't correct to replaceables

v1.46.1

[1.46.1] - 2026-05-08

Fixes

Don't correct to confidentials

v1.46.0

[1.46.0] - 2026-04-30

Features

Updated the dictionary with the April 2026 changes

v1.45.2

[1.45.2] - 2026-04-27

Fixes

Ignore ssh ed25519 public keys

v1.45.1

[1.45.1] - 2026-04-13

Fixes

(action) Use a temp dir for caching

... (truncated)

Changelog

Sourced from crate-ci/typos's changelog.

[1.47.0] - 2026-05-29

Features

Updated the dictionary with the May 2026 changes

[1.46.3] - 2026-05-23

Fixes

Don't correct to sequentials

Don't correct to subdolder

[1.46.2] - 2026-05-16

Fixes

Don't correct to criterias

Don't correct to replaceables

[1.46.1] - 2026-05-08

Fixes

Don't correct to confidentials

[1.46.0] - 2026-04-30

Features

Updated the dictionary with the April 2026 changes

[1.45.2] - 2026-04-27

Fixes

Ignore ssh ed25519 public keys

[1.45.1] - 2026-04-13

Fixes

(action) Use a temp dir for caching

[1.45.0] - 2026-04-01

Features

Updated the dictionary with the March 2026 changes

... (truncated)

Commits

f8a58b6 chore: Release
52ee9d7 chore: Release
f1aafea docs: Update changelog
0d2e4af Merge pull request #1563 from epage/may
d818ce0 feat(dict): May updates
547b806 chore(deps): Update Rust Stable to v1.96 (#1561)
7b04f66 chore: Release
6eefe9f docs: Update changelog
27ae304 Merge pull request #1559 from epage/fixes
5b01f66 fix(dict): Don't correct to sequentials
Additional commits viewable in compare view

Updates goreleaser/goreleaser-action from 6 to 7

Release notes

Sourced from goreleaser/goreleaser-action's releases.

v7.0.0

What's Changed

feat!: node 24, update deps, rm yarn, ESM by @caarlos0 in goreleaser/goreleaser-action#533

sec: pin github action versions by @caarlos0 in goreleaser/goreleaser-action#514

docs: Upgrade checkout GitHub Action in README.md by @dunglas in goreleaser/goreleaser-action#507

chore(deps): bump actions/checkout from 4 to 5 by @dependabot[bot] in goreleaser/goreleaser-action#504

ci(deps): bump the actions group with 2 updates by @dependabot[bot] in goreleaser/goreleaser-action#517

ci(deps): bump the actions group with 2 updates by @dependabot[bot] in goreleaser/goreleaser-action#523

ci(deps): bump docker/bake-action from 6.9.0 to 6.10.0 in the actions group by @dependabot[bot] in goreleaser/goreleaser-action#526

ci(deps): bump the actions group across 1 directory with 4 updates by @dependabot[bot] in goreleaser/goreleaser-action#532

ci(deps): bump actions/checkout from 6.0.1 to 6.0.2 in the actions group by @dependabot[bot] in goreleaser/goreleaser-action#534

chore(deps): bump the npm group across 1 directory with 4 updates by @dependabot[bot] in goreleaser/goreleaser-action#536

chore(deps): bump @actions/http-client from 3.0.2 to 4.0.0 in the npm group by @dependabot[bot] in goreleaser/goreleaser-action#537

ci(deps): bump docker/setup-buildx-action from 3.10.0 to 3.12.0 in the actions group by @dependabot[bot] in goreleaser/goreleaser-action#538

chore(deps): bump semver from 7.7.3 to 7.7.4 in the npm group by @dependabot[bot] in goreleaser/goreleaser-action#539

Full Changelog: goreleaser/goreleaser-action@v6...v7.0.0

v6.4.0

What's Changed

ci: set contents read as default workflow permissions by @crazy-max in goreleaser/goreleaser-action#494

fix: support .config directory for goreleaser config files by @haya14busa in goreleaser/goreleaser-action#500

chore(deps): bump semver from 7.7.1 to 7.7.2 by @dependabot[bot] in goreleaser/goreleaser-action#495

chore(deps): bump brace-expansion from 1.1.11 to 1.1.12 by @dependabot[bot] in goreleaser/goreleaser-action#498

fix: do not get releases.json if version is specific by @caarlos0 in goreleaser/goreleaser-action#502

chore(deps): bump undici from 5.28.5 to 5.29.0 by @dependabot[bot] in goreleaser/goreleaser-action#496

feat: retry downloading releases json by @caarlos0 in goreleaser/goreleaser-action#503

New Contributors

@haya14busa made their first contribution in goreleaser/goreleaser-action#500

Full Changelog: goreleaser/goreleaser-action@v6.3.0...v6.4.0

v6.3.0

Bump undici from 5.28.3 to 5.28.5 in goreleaser/goreleaser-action#488

Full Changelog: goreleaser/goreleaser-action@v6.2.1...v6.3.0

v6.2.1

What's Changed

This version of the actions adds support for GoReleaser Pro v2.7.0 versioning (which dropped the -pro suffix). Older versions should work fine.

[!WARNING] This version is required for GoReleaser Pro v2.7.0+. Read more here.

Full Changelog: goreleaser/goreleaser-action@v6.2.0...v6.2.1

... (truncated)

Commits

5daf1e9 fix: nightly resolution to select newest published release (#562)
5cc7ebb ci: update actions
702f5f9 ci(deps): ...
Description has been truncated

Bumps the all group with 7 updates in the / directory: | Package | From | To | | --- | --- | --- | | [docker/metadata-action](https://github.com/docker/metadata-action) | `5` | `6` | | [docker/login-action](https://github.com/docker/login-action) | `3` | `4` | | [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) | `3` | `4` | | [docker/build-push-action](https://github.com/docker/build-push-action) | `6` | `7` | | [dorny/test-reporter](https://github.com/dorny/test-reporter) | `2` | `3` | | [crate-ci/typos](https://github.com/crate-ci/typos) | `1.42.1` | `1.47.0` | | [goreleaser/goreleaser-action](https://github.com/goreleaser/goreleaser-action) | `6` | `7` | Updates `docker/metadata-action` from 5 to 6 - [Release notes](https://github.com/docker/metadata-action/releases) - [Commits](docker/metadata-action@v5...v6) Updates `docker/login-action` from 3 to 4 - [Release notes](https://github.com/docker/login-action/releases) - [Commits](docker/login-action@v3...v4) Updates `docker/setup-buildx-action` from 3 to 4 - [Release notes](https://github.com/docker/setup-buildx-action/releases) - [Commits](docker/setup-buildx-action@v3...v4) Updates `docker/build-push-action` from 6 to 7 - [Release notes](https://github.com/docker/build-push-action/releases) - [Commits](docker/build-push-action@v6...v7) Updates `dorny/test-reporter` from 2 to 3 - [Release notes](https://github.com/dorny/test-reporter/releases) - [Changelog](https://github.com/dorny/test-reporter/blob/main/CHANGELOG.md) - [Commits](dorny/test-reporter@v2...v3) Updates `crate-ci/typos` from 1.42.1 to 1.47.0 - [Release notes](https://github.com/crate-ci/typos/releases) - [Changelog](https://github.com/crate-ci/typos/blob/master/CHANGELOG.md) - [Commits](crate-ci/typos@v1.42.1...v1.47.0) Updates `goreleaser/goreleaser-action` from 6 to 7 - [Release notes](https://github.com/goreleaser/goreleaser-action/releases) - [Commits](goreleaser/goreleaser-action@v6...v7) --- updated-dependencies: - dependency-name: crate-ci/typos dependency-version: 1.44.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: all - dependency-name: docker/build-push-action dependency-version: '7' dependency-type: direct:production update-type: version-update:semver-major dependency-group: all - dependency-name: docker/login-action dependency-version: '4' dependency-type: direct:production update-type: version-update:semver-major dependency-group: all - dependency-name: docker/metadata-action dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major dependency-group: all - dependency-name: docker/setup-buildx-action dependency-version: '4' dependency-type: direct:production update-type: version-update:semver-major dependency-group: all - dependency-name: dorny/test-reporter dependency-version: '3' dependency-type: direct:production update-type: version-update:semver-major dependency-group: all - dependency-name: goreleaser/goreleaser-action dependency-version: '7' dependency-type: direct:production update-type: version-update:semver-major dependency-group: all ... Signed-off-by: dependabot[bot] <support@github.com>

dependabot Bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Mar 23, 2026

dependabot Bot force-pushed the dependabot/github_actions/all-45f528ed96 branch from dacd3c1 to 866b252 Compare April 13, 2026 02:11

dependabot Bot force-pushed the dependabot/github_actions/all-45f528ed96 branch from 866b252 to 8eeb464 Compare May 25, 2026 02:27

dependabot Bot force-pushed the dependabot/github_actions/all-45f528ed96 branch from 8eeb464 to 0693088 Compare June 1, 2026 03:43

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

chore(deps): bump the all group across 1 directory with 7 updates#47

chore(deps): bump the all group across 1 directory with 7 updates#47
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/github_actions/all-45f528ed96

dependabot Bot commented on behalf of github Mar 23, 2026 •

edited

Loading

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

0 participants

Conversation

dependabot Bot commented on behalf of github Mar 23, 2026 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

v6.0.0

v5.10.0

v5.9.0

v5.8.0

v5.7.0

v4.0.0

v3.7.0

v3.6.0

v3.5.0

v3.4.0

v4.0.0

v3.12.0

v3.11.1

v3.11.0

v3.10.0

v3.9.0

v3.8.0

v7.0.0

v6.19.2

v6.19.1

v6.19.0

v6.18.0

v6.17.0

v6.16.0

v3.0.0

What's Changed

Other Changes

New Contributors

v2.7.0

What's Changed

Other Changes

New Contributors

v2.6.0

What's Changed

New Contributors

Changelog

3.1.0

3.0.0

2.7.0

2.6.0

2.5.0

2.4.0

2.3.0

2.2.0

2.1.1

v1.47.0

[1.47.0] - 2026-05-29

Features

v1.46.3

[1.46.3] - 2026-05-23

Fixes

v1.46.2

[1.46.2] - 2026-05-16

Fixes

v1.46.1

[1.46.1] - 2026-05-08

Fixes

v1.46.0

[1.46.0] - 2026-04-30

Features

v1.45.2

[1.45.2] - 2026-04-27

Fixes

v1.45.1

[1.45.1] - 2026-04-13

Fixes

[1.47.0] - 2026-05-29

Features

[1.46.3] - 2026-05-23

Fixes

[1.46.2] - 2026-05-16

Fixes

[1.46.1] - 2026-05-08

Fixes

[1.46.0] - 2026-04-30

Features

[1.45.2] - 2026-04-27

dependabot Bot commented on behalf of github Mar 23, 2026 •

edited

Loading