Skip to content

ci: bump the github-actions group across 1 directory with 4 updates#141

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/github_actions/github-actions-6ec637e0b3
Open

ci: bump the github-actions group across 1 directory with 4 updates#141
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/github_actions/github-actions-6ec637e0b3

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 22, 2026

Copy link
Copy Markdown
Contributor

Bumps the github-actions group with 4 updates in the / directory: actions/checkout, android-actions/setup-android, gradle/actions and softprops/action-gh-release.

Updates actions/checkout from 6 to 7

Release notes

Sourced from actions/checkout's releases.

v7.0.0

What's Changed

New Contributors

Full Changelog: actions/checkout@v6.0.3...v7.0.0

v6.0.3

What's Changed

New Contributors

Full Changelog: actions/checkout@v6...v6.0.3

v6.0.2

What's Changed

Full Changelog: actions/checkout@v6.0.1...v6.0.2

v6.0.1

What's Changed

Full Changelog: actions/checkout@v6...v6.0.1

Changelog

Sourced from actions/checkout's changelog.

Changelog

v7.0.0

v6.0.3

v6.0.2

v6.0.1

v6.0.0

v5.0.1

v5.0.0

v4.3.1

v4.3.0

v4.2.2

v4.2.1

... (truncated)

Commits

Updates android-actions/setup-android from 3 to 4

Release notes

Sourced from android-actions/setup-android's releases.

v4.0.0

Hello,

The long awaited update of setup-android.

  • Migrate action to Node24 (by @​TWiStErRob)
  • Add and default to cmdline-tools version 20.0 ( 14742923 )
  • Update CI runners (by @​TWiStErRob)
  • Update README.md (by @​vil02)
  • Update npm dependencies to solve CVE's

Incrementing major version to safeguard incase node upgrade or default cmdline-tools upgrade breaks something downstream.

v3.2.2

Add support for cmdline-tools versions 12, 13, and 16 by @​warting in android-actions/setup-android#493 .

Updated npm dependencies

v3.2.1

Updated dependencies

v3.2.0

Implement 'packages' input argument, which allows choosing which packages to install from Android SDK

v3.1.0

Allow installing different Android SDK versions. Allow silent license agreement.

Commits
  • 40fd30f Update setup-android version in README.md
  • d4e21bf Update dependencies and rebuild
  • b7f140e Bump actions/checkout from 5 to 6
  • 651bceb Migrate from ncc to esbuild
  • 144235e Update actions steps. checkout to v5, node to v6, java to v5, codeql to v4
  • 200c644 Add cmdline-tools version 20.0 ( 14742923 )
  • 715acc5 Remove @​actions/cache dependency
  • 125835f Update (not all) deps, migrate eslint to new format. compile to es2024
  • c4c8fe5 Encourage users to use latest version of actions/setup-java
  • 6a40db5 Migrate from Node 20 to Node 24
  • Additional commits viewable in compare view

Updates gradle/actions from 5.0.2 to 6.2.0

Release notes

Sourced from gradle/actions's releases.

v6.2.0

Highlights

This release brings significant behaviour improvements to Enhanced caching, improvements to the generated Job Summary, and a number of correctness and security fixes.

  1. Improved cache-cleanup mechanism. Cleanup of stale files from the Gradle User Home is now faster, and no longer depends on Gradle or a JVM. It works by inspecting the local file state directly, removing the Gradle invocation from the post-build step.
  2. More granular, more stable caching. The local build cache is stored as a separate cache entry, so it can be restored and invalidated independently of the main Gradle User Home entry. Transient Gradle housekeeping files are excluded from the cache, reducing its size and improving stability.
  3. Hide obsolete Job summaries in PR commments: When a new Job summary comment is added to a PR, previous outdated Job summaries are now hidden.
  4. Improved caching report in the job summary. The cache report now uses a single, consistent layout across all cache states and providers. Provider information is integrated directly into the report, and per-entry details are available in an expandable section. (#985)
  5. Correctness and security fixes. A unique cache key is now used per run attempt, so re-runs no longer collide; the job summary shows the cache key string rather than an internal id; and bundled dependencies have been updated, including a ReDoS fix and a fast-xml CVE fix.

What's Changed

New Contributors

Full Changelog: gradle/actions@v6.1.1...v6.2.0

v6.1.1

This release updates various dependency versions, resolving several reported security vulnerabilities. No functional changes are included

What's Changed

Full Changelog: gradle/actions@v6.1.0...v6.1.1

v6.1.0

New: Basic Cache Provider

A new MIT-licensed Basic Caching provider is now available as an alternative to the proprietary Enhanced Caching provided by gradle-actions-caching. Choose Basic Caching by setting cache-provider: basic on setup-gradle or dependency-submission actions.

  • Built on @actions/cache -- fully open source

... (truncated)

Commits

Updates softprops/action-gh-release from 2 to 3

Release notes

Sourced from softprops/action-gh-release's releases.

v3.0.0

3.0.0 is a major release that moves the action runtime from Node 20 to Node 24. Use v3 on GitHub-hosted runners and self-hosted fleets that already support the Node 24 Actions runtime. If you still need the last Node 20-compatible line, stay on v2.6.2.

What's Changed

Other Changes 🔄

  • Move the action runtime and bundle target to Node 24
  • Update @types/node to the Node 24 line and allow future Dependabot updates
  • Keep the floating major tag on v3; v2 remains pinned to the latest 2.x release

v2.6.2

What's Changed

Other Changes 🔄

Full Changelog: softprops/action-gh-release@v2...v2.6.2

v2.6.1

2.6.1 is a patch release focused on restoring linked discussion thread creation when discussion_category_name is set. It fixes [#764](https://github.com/softprops/action-gh-release/issues/764), where the draft-first publish flow stopped carrying the discussion category through the final publish step.

If you still hit an issue after upgrading, please open a report with the bug template and include a minimal repro or sanitized workflow snippet where possible.

What's Changed

Bug fixes 🐛

v2.6.0

2.6.0 is a minor release centered on previous_tag support for generate_release_notes, which lets workflows pin GitHub's comparison base explicitly instead of relying on the default range. It also includes the recent concurrent asset upload recovery fix, a working_directory docs sync, a checked-bundle freshness guard for maintainers, and clearer immutable-prerelease guidance where GitHub platform behavior imposes constraints on how prerelease asset uploads can be published.

If you still hit an issue after upgrading, please open a report with the bug template and include a minimal repro or sanitized workflow snippet where possible.

What's Changed

... (truncated)

Changelog

Sourced from softprops/action-gh-release's changelog.

0.1.13

  • fix issue with multiple runs concatenating release bodies #145
Commits
  • 718ea10 release 3.0.1
  • f1a938b chore(deps): bump esbuild from 0.28.0 to 0.28.1 (#802)
  • 0066ead chore(deps): bump vite from 8.0.14 to 8.0.16 (#806)
  • dc643ca chore(deps): bump the npm group with 3 updates (#805)
  • 85ee99b chore(deps): bump actions/checkout in the github-actions group (#804)
  • 9ed3cf9 chore(deps): bump the npm group with 2 updates (#800)
  • 3efcac8 chore(deps): bump the npm group with 3 updates (#798)
  • 05d6b91 chore(deps): bump brace-expansion from 5.0.5 to 5.0.6 (#797)
  • 403a524 chore(deps): bump @​types/node from 24.12.2 to 24.12.3 in the npm group (#796)
  • 437e073 chore(deps): bump the npm group with 4 updates (#792)
  • Additional commits viewable in compare view

@dependabot @github

dependabot Bot commented on behalf of github Jun 22, 2026

Copy link
Copy Markdown
Contributor Author

Labels

The following labels could not be found: github-actions. Please create it before Dependabot can add it to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

@dependabot dependabot Bot added dependencies Pull requests that update a dependency file major labels Jun 22, 2026
Bumps the github-actions group with 4 updates in the / directory: [actions/checkout](https://github.com/actions/checkout), [android-actions/setup-android](https://github.com/android-actions/setup-android), [gradle/actions](https://github.com/gradle/actions) and [softprops/action-gh-release](https://github.com/softprops/action-gh-release).


Updates `actions/checkout` from 6 to 7
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](actions/checkout@v6...v7)

Updates `android-actions/setup-android` from 3 to 4
- [Release notes](https://github.com/android-actions/setup-android/releases)
- [Commits](android-actions/setup-android@v3...v4)

Updates `gradle/actions` from 5.0.2 to 6.2.0
- [Release notes](https://github.com/gradle/actions/releases)
- [Commits](gradle/actions@v5.0.2...v6.2.0)

Updates `softprops/action-gh-release` from 2 to 3
- [Release notes](https://github.com/softprops/action-gh-release/releases)
- [Changelog](https://github.com/softprops/action-gh-release/blob/master/CHANGELOG.md)
- [Commits](softprops/action-gh-release@v2...v3)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-version: '7'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions
- dependency-name: android-actions/setup-android
  dependency-version: '4'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions
- dependency-name: gradle/actions
  dependency-version: 6.2.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions
- dependency-name: softprops/action-gh-release
  dependency-version: '3'
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/github_actions/github-actions-6ec637e0b3 branch from b55dcba to 616a52c Compare June 29, 2026 01:24
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Pull requests that update a dependency file major

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants