Bump the gha-dependencies group with 5 updates #1124

dependabot · 2025-11-01T04:03:35Z

Bumps the gha-dependencies group with 5 updates:

Package	From	To
actions/upload-artifact	`4`	`5`
tiangolo/issue-manager	`0.5.1`	`0.6.0`
peter-evans/create-issue-from-file	`5`	`6`
actions/download-artifact	`5`	`6`
astral-sh/setup-uv	`6.8.0`	`7.1.2`

Updates actions/upload-artifact from 4 to 5

Release notes

Sourced from actions/upload-artifact's releases.

v5.0.0

What's Changed

BREAKING CHANGE: this update supports Node v24.x. This is not a breaking change per-se but we're treating it as such.

Update README.md by @GhadimiR in actions/upload-artifact#681

Update README.md by @nebuk89 in actions/upload-artifact#712

Readme: spell out the first use of GHES by @danwkennedy in actions/upload-artifact#727

Update GHES guidance to include reference to Node 20 version by @patrikpolyak in actions/upload-artifact#725

Bump @actions/artifact to v4.0.0

Prepare v5.0.0 by @danwkennedy in actions/upload-artifact#734

New Contributors

@GhadimiR made their first contribution in actions/upload-artifact#681

@nebuk89 made their first contribution in actions/upload-artifact#712

@danwkennedy made their first contribution in actions/upload-artifact#727

@patrikpolyak made their first contribution in actions/upload-artifact#725

Full Changelog: actions/upload-artifact@v4...v5.0.0

v4.6.2

What's Changed

Update to use artifact 2.3.2 package & prepare for new upload-artifact release by @salmanmkc in actions/upload-artifact#685

New Contributors

@salmanmkc made their first contribution in actions/upload-artifact#685

Full Changelog: actions/upload-artifact@v4...v4.6.2

v4.6.1

What's Changed

Update to use artifact 2.2.2 package by @yacaovsnc in actions/upload-artifact#673

Full Changelog: actions/upload-artifact@v4...v4.6.1

v4.6.0

What's Changed

Expose env vars to control concurrency and timeout by @yacaovsnc in actions/upload-artifact#662

Full Changelog: actions/upload-artifact@v4...v4.6.0

v4.5.0

What's Changed

fix: deprecated Node.js version in action by @hamirmahal in actions/upload-artifact#578

Add new artifact-digest output by @bdehamer in actions/upload-artifact#656

New Contributors

@hamirmahal made their first contribution in actions/upload-artifact#578

... (truncated)

Commits

330a01c Merge pull request #734 from actions/danwkennedy/prepare-5.0.0
03f2824 Update github.dep.yml
905a1ec Prepare v5.0.0
2d9f9cd Merge pull request #725 from patrikpolyak/patch-1
9687587 Merge branch 'main' into patch-1
2848b2c Merge pull request #727 from danwkennedy/patch-1
9b51177 Spell out the first use of GHES
cd231ca Update GHES guidance to include reference to Node 20 version
de65e23 Merge pull request #712 from actions/nebuk89-patch-1
8747d8c Update README.md
Additional commits viewable in compare view

Updates tiangolo/issue-manager from 0.5.1 to 0.6.0

Release notes

Sourced from tiangolo/issue-manager's releases.

0.6.0

✨ Add configurable reminder before closing issue. PR #39 by @YuriiMotov.

Internal

🎨 Format code with Ruff, to make reviews easier. PR #40 by @tiangolo.

⬆ Bump tiangolo/latest-changes from 0.3.1 to 0.3.2. PR #36 by @dependabot[bot].

⬆ Bump docker/build-push-action from 5 to 6. PR #35 by @dependabot[bot].

Commits

2fb3484 🔖 Release version 0.6.0
8b14ed3 📝 Update release notes
d7b0278 ✨ Add configurable reminder before closing issue (#39)
0a9b900 📝 Update release notes
2417ac2 🎨 Format code with Ruff, to make reviews easier (#40)
bcb6514 📝 Update release notes
14d6326 ⬆ Bump tiangolo/latest-changes from 0.3.1 to 0.3.2 (#36)
eb905f7 📝 Update release notes
938907d ⬆ Bump docker/build-push-action from 5 to 6 (#35)
See full diff in compare view

Updates peter-evans/create-issue-from-file from 5 to 6

Release notes

Sourced from peter-evans/create-issue-from-file's releases.

Create Issue From File v6.0.0

⚙️ Requires Actions Runner v2.327.1 or later if you are using a self-hosted runner for Node 24 support.

What's Changed

Bump @types/node from 18.19.50 to 18.19.53 by @dependabot[bot] in peter-evans/create-issue-from-file#1717

Bump @vercel/ncc from 0.38.1 to 0.38.2 by @dependabot[bot] in peter-evans/create-issue-from-file#1718

Update distribution by @actions-bot in peter-evans/create-issue-from-file#1727

Bump @actions/core from 1.10.1 to 1.11.0 by @dependabot[bot] in peter-evans/create-issue-from-file#1733

Bump @types/node from 18.19.53 to 18.19.54 by @dependabot[bot] in peter-evans/create-issue-from-file#1732

Update distribution by @actions-bot in peter-evans/create-issue-from-file#1742

Bump @types/node from 18.19.54 to 18.19.55 by @dependabot[bot] in peter-evans/create-issue-from-file#1749

Bump @actions/core from 1.11.0 to 1.11.1 by @dependabot[bot] in peter-evans/create-issue-from-file#1750

Update distribution by @actions-bot in peter-evans/create-issue-from-file#1759

Bump @types/node from 18.19.55 to 18.19.56 by @dependabot[bot] in peter-evans/create-issue-from-file#1764

Bump @types/node from 18.19.56 to 18.19.59 by @dependabot[bot] in peter-evans/create-issue-from-file#1769

Bump @types/node from 18.19.59 to 18.19.63 by @dependabot[bot] in peter-evans/create-issue-from-file#1774

Bump @types/node from 18.19.63 to 18.19.64 by @dependabot[bot] in peter-evans/create-issue-from-file#1779

Bump @vercel/ncc from 0.38.2 to 0.38.3 by @dependabot[bot] in peter-evans/create-issue-from-file#1784

Bump prettier from 3.3.3 to 3.4.1 by @dependabot[bot] in peter-evans/create-issue-from-file#1789

Bump @types/node from 18.19.64 to 18.19.67 by @dependabot[bot] in peter-evans/create-issue-from-file#1790

Bump prettier from 3.4.1 to 3.4.2 by @dependabot[bot] in peter-evans/create-issue-from-file#1799

Bump @types/node from 18.19.67 to 18.19.68 by @dependabot[bot] in peter-evans/create-issue-from-file#1804

Bump @types/node from 18.19.68 to 18.19.69 by @dependabot[bot] in peter-evans/create-issue-from-file#1809

Bump @types/node from 18.19.69 to 18.19.70 by @dependabot[bot] in peter-evans/create-issue-from-file#1814

Bump @types/node from 18.19.70 to 18.19.71 by @dependabot[bot] in peter-evans/create-issue-from-file#1820

Bump eslint-plugin-prettier from 5.2.1 to 5.2.2 by @dependabot[bot] in peter-evans/create-issue-from-file#1821

Bump eslint-plugin-prettier from 5.2.2 to 5.2.3 by @dependabot[bot] in peter-evans/create-issue-from-file#1830

Bump @types/node from 18.19.71 to 18.19.74 by @dependabot[bot] in peter-evans/create-issue-from-file#1831

Bump @types/node from 18.19.74 to 18.19.75 by @dependabot[bot] in peter-evans/create-issue-from-file#1840

Bump prettier from 3.4.2 to 3.5.1 by @dependabot[bot] in peter-evans/create-issue-from-file#1846

Bump @types/node from 18.19.75 to 18.19.76 by @dependabot[bot] in peter-evans/create-issue-from-file#1845

Bump @octokit/request-error and @actions/github by @dependabot[bot] in peter-evans/create-issue-from-file#1855

Update distribution by @actions-bot in peter-evans/create-issue-from-file#1860

Bump @octokit/plugin-paginate-rest from 9.2.1 to 9.2.2 by @dependabot[bot] in peter-evans/create-issue-from-file#1865

Update distribution by @actions-bot in peter-evans/create-issue-from-file#1870

Bump prettier from 3.5.1 to 3.5.2 by @dependabot[bot] in peter-evans/create-issue-from-file#1875

Bump @octokit/request from 8.4.0 to 8.4.1 by @dependabot[bot] in peter-evans/create-issue-from-file#1880

Update distribution by @actions-bot in peter-evans/create-issue-from-file#1885

Bump @types/node from 18.19.76 to 18.19.79 by @dependabot[bot] in peter-evans/create-issue-from-file#1893

Bump prettier from 3.5.2 to 3.5.3 by @dependabot[bot] in peter-evans/create-issue-from-file#1894

Bump @types/node from 18.19.79 to 18.19.80 by @dependabot[bot] in peter-evans/create-issue-from-file#1903

Bump @types/node from 18.19.80 to 18.19.81 by @dependabot[bot] in peter-evans/create-issue-from-file#1908

Bump @types/node from 18.19.81 to 18.19.84 by @dependabot[bot] in peter-evans/create-issue-from-file#1913

Bump eslint-plugin-prettier from 5.2.3 to 5.2.5 by @dependabot[bot] in peter-evans/create-issue-from-file#1914

Bump eslint-plugin-prettier from 5.2.5 to 5.2.6 by @dependabot[bot] in peter-evans/create-issue-from-file#1924

Bump @types/node from 18.19.84 to 18.19.86 by @dependabot[bot] in peter-evans/create-issue-from-file#1923

Bump @types/node from 18.19.86 to 18.19.87 by @dependabot[bot] in peter-evans/create-issue-from-file#1933

Bump eslint-plugin-prettier from 5.2.6 to 5.4.0 by @dependabot[bot] in peter-evans/create-issue-from-file#1938

Bump @types/node from 18.19.87 to 18.19.100 by @dependabot[bot] in peter-evans/create-issue-from-file#1939

Bump @actions/github from 6.0.0 to 6.0.1 by @dependabot[bot] in peter-evans/create-issue-from-file#1940

... (truncated)

Commits

fca9117 v6 (#2082)
b6ec9cb Bump @types/node from 18.19.124 to 18.19.127 (#2073)
c30fbe4 Bump @vercel/ncc from 0.38.3 to 0.38.4 (#2072)
6c3e77c Bump @types/node from 18.19.123 to 18.19.124 (#2065)
cdb4e84 Bump actions/setup-node from 4 to 5 (#2062)
b1e467e Bump @types/node from 18.19.121 to 18.19.123 (#2057)
b7a1ca8 Bump actions/checkout from 4 to 5 (#2052)
376c7d8 Bump eslint-plugin-prettier from 5.5.3 to 5.5.4 (#2047)
433a878 Bump actions/download-artifact from 4 to 5 (#2042)
a56a9d1 Bump @types/node from 18.19.120 to 18.19.121 (#2037)
Additional commits viewable in compare view

Updates actions/download-artifact from 5 to 6

Release notes

Sourced from actions/download-artifact's releases.

v6.0.0

What's Changed

BREAKING CHANGE: this update supports Node v24.x. This is not a breaking change per-se but we're treating it as such.

Update README for download-artifact v5 changes by @yacaovsnc in actions/download-artifact#417

Update README with artifact extraction details by @yacaovsnc in actions/download-artifact#424

Readme: spell out the first use of GHES by @danwkennedy in actions/download-artifact#431

Bump @actions/artifact to v4.0.0

Prepare v6.0.0 by @danwkennedy in actions/download-artifact#438

New Contributors

@danwkennedy made their first contribution in actions/download-artifact#431

Full Changelog: actions/download-artifact@v5...v6.0.0

Commits

018cc2c Merge pull request #438 from actions/danwkennedy/prepare-6.0.0
815651c Revert "Remove github.dep.yml"
bb3a066 Remove github.dep.yml
fa1ce46 Prepare v6.0.0
4a24838 Merge pull request #431 from danwkennedy/patch-1
5e3251c Readme: spell out the first use of GHES
abefc31 Merge pull request #424 from actions/yacaovsnc/update_readme
ac43a60 Update README with artifact extraction details
de96f46 Merge pull request #417 from actions/yacaovsnc/update_readme
7993cb4 Remove migration guide for artifact download changes
Additional commits viewable in compare view

Updates astral-sh/setup-uv from 6.8.0 to 7.1.2

Release notes

Sourced from astral-sh/setup-uv's releases.

v7.1.2 🌈 Speed up extraction on Windows

Changes

@lazka fixed a bug that caused extracting uv to take up to 30s. Thank you!

🐛 Bug fixes

Use tar for extracting the uv zip file on Windows too @lazka (#660)

🧰 Maintenance

chore: update known checksums for 0.9.5 @github-actions[bot] (#663)

⬆️ Dependency updates

Bump dependencies @eifinger (#664)

Bump github/codeql-action from 4.30.8 to 4.30.9 @dependabot[bot] (#652)

v7.1.1 🌈 Fix empty workdir detection and lowest resolution strategy

Changes

This release fixes a bug where the working-directory input was not used to detect an empty work dir. It also fixes the lowest resolution strategy resolving to latest when only a lower bound was specified.

Special thanks to @tpgillam for the first contribution!

🐛 Bug fixes

Fix "lowest" resolution strategy with lower-bound only @tpgillam (#649)

Use working-directory to detect empty workdir @eifinger (#645)

🧰 Maintenance

chore: update known checksums for 0.9.4 @github-actions[bot] (#651)

chore: update known checksums for 0.9.3 @github-actions[bot] (#644)

📚 Documentation

Change version in docs to v7 @eifinger (#647)

⬆️ Dependency updates

Bump github/codeql-action from 4.30.7 to 4.30.8 @dependabot[bot] (#639)

Bump actions/setup-node from 5.0.0 to 6.0.0 @dependabot[bot] (#641)

Bump eifinger/actionlint-action from 1.9.1 to 1.9.2 @dependabot[bot] (#634)

Update lockfile with latest npm @eifinger (#636)

v7.1.0 🌈 Support all the use cases

Changes

Support all the use cases!!!

... (truncated)

Commits

8585678 Bump dependencies (#664)
22d500a Bump github/codeql-action from 4.30.8 to 4.30.9 (#652)
14d5571 chore: update known checksums for 0.9.5 (#663)
29cd235 Use tar for extracting the uv zip file on Windows too (#660)
2ddd2b9 chore: update known checksums for 0.9.4 (#651)
b7bf789 Fix "lowest" resolution strategy with lower-bound only (#649)
cb6c0a5 Change version in docs to v7 (#647)
dffc629 Use working-directory to detect empty workdir (#645)
6e346e1 chore: update known checksums for 0.9.3 (#644)
3ccd0fd Bump github/codeql-action from 4.30.7 to 4.30.8 (#639)
Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

📚 Documentation preview 📚: https://earthaccess--1124.org.readthedocs.build/en/1124/

Bumps the gha-dependencies group with 5 updates: | Package | From | To | | --- | --- | --- | | [actions/upload-artifact](https://github.com/actions/upload-artifact) | `4` | `5` | | [tiangolo/issue-manager](https://github.com/tiangolo/issue-manager) | `0.5.1` | `0.6.0` | | [peter-evans/create-issue-from-file](https://github.com/peter-evans/create-issue-from-file) | `5` | `6` | | [actions/download-artifact](https://github.com/actions/download-artifact) | `5` | `6` | | [astral-sh/setup-uv](https://github.com/astral-sh/setup-uv) | `6.8.0` | `7.1.2` | Updates `actions/upload-artifact` from 4 to 5 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](actions/upload-artifact@v4...v5) Updates `tiangolo/issue-manager` from 0.5.1 to 0.6.0 - [Release notes](https://github.com/tiangolo/issue-manager/releases) - [Commits](tiangolo/issue-manager@0.5.1...0.6.0) Updates `peter-evans/create-issue-from-file` from 5 to 6 - [Release notes](https://github.com/peter-evans/create-issue-from-file/releases) - [Commits](peter-evans/create-issue-from-file@v5...v6) Updates `actions/download-artifact` from 5 to 6 - [Release notes](https://github.com/actions/download-artifact/releases) - [Commits](actions/download-artifact@v5...v6) Updates `astral-sh/setup-uv` from 6.8.0 to 7.1.2 - [Release notes](https://github.com/astral-sh/setup-uv/releases) - [Commits](astral-sh/setup-uv@v6.8.0...v7.1.2) --- updated-dependencies: - dependency-name: actions/upload-artifact dependency-version: '5' dependency-type: direct:production update-type: version-update:semver-major dependency-group: gha-dependencies - dependency-name: tiangolo/issue-manager dependency-version: 0.6.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: gha-dependencies - dependency-name: peter-evans/create-issue-from-file dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major dependency-group: gha-dependencies - dependency-name: actions/download-artifact dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major dependency-group: gha-dependencies - dependency-name: astral-sh/setup-uv dependency-version: 7.1.2 dependency-type: direct:production update-type: version-update:semver-major dependency-group: gha-dependencies ... Signed-off-by: dependabot[bot] <[email protected]>

github-actions · 2025-11-01T04:03:46Z

👈 Launch a binder notebook on this branch for commit f4434cc

I will automatically update this comment whenever this PR is modified

dependabot · 2025-12-01T04:20:42Z

Looks like these dependencies are updatable in another way, so this is no longer needed.

dependabot bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Nov 1, 2025

mfisher87 approved these changes Nov 2, 2025

View reviewed changes

dependabot bot closed this Dec 1, 2025

dependabot bot deleted the dependabot/github_actions/gha-dependencies-1082fe0314 branch December 1, 2025 04:20

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Bump the gha-dependencies group with 5 updates #1124

Bump the gha-dependencies group with 5 updates #1124

Uh oh!

dependabot bot commented on behalf of github Nov 1, 2025 •

edited

Loading

Uh oh!

github-actions bot commented Nov 1, 2025

Uh oh!

dependabot bot commented on behalf of github Dec 1, 2025

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

Bump the gha-dependencies group with 5 updates #1124

Bump the gha-dependencies group with 5 updates #1124

Uh oh!

Conversation

dependabot bot commented on behalf of github Nov 1, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

v5.0.0

What's Changed

New Contributors

v4.6.2

What's Changed

New Contributors

v4.6.1

What's Changed

v4.6.0

What's Changed

v4.5.0

What's Changed

New Contributors

0.6.0

Internal

Create Issue From File v6.0.0

What's Changed

v6.0.0

What's Changed

New Contributors

v7.1.2 🌈 Speed up extraction on Windows

Changes

🐛 Bug fixes

🧰 Maintenance

⬆️ Dependency updates

v7.1.1 🌈 Fix empty workdir detection and lowest resolution strategy

Changes

🐛 Bug fixes

🧰 Maintenance

📚 Documentation

⬆️ Dependency updates

v7.1.0 🌈 Support all the use cases

Changes

Uh oh!

github-actions bot commented Nov 1, 2025

Uh oh!

dependabot bot commented on behalf of github Dec 1, 2025

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

dependabot bot commented on behalf of github Nov 1, 2025 •

edited

Loading