Skip to content

Bump the "infra" group with 1 updates across multiple ecosystems #310

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
sid-maddy merged 1 commit into from
Dec 6, 2025
Merged

Bump the "infra" group with 1 updates across multiple ecosystems #310

sid-maddy merged 1 commit into from
Dec 6, 2025

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Dec 1, 2025

Bumps the infra group with 4 updates: actions/checkout, docker/metadata-action, astral-sh/setup-uv and getsentry/action-release.

Updates actions/checkout from 5.0.0 to 6.0.0

Release notes

Sourced from actions/checkout's releases.

v6.0.0

What's Changed

Full Changelog: actions/checkout@v5.0.0...v6.0.0

v6-beta

What's Changed

Updated persist-credentials to store the credentials under $RUNNER_TEMP instead of directly in the local git config.

This requires a minimum Actions Runner version of v2.329.0 to access the persisted credentials for Docker container action scenarios.

v5.0.1

What's Changed

Full Changelog: actions/checkout@v5...v5.0.1

Changelog

Sourced from actions/checkout's changelog.

Changelog

V6.0.0

V5.0.1

V5.0.0

V4.3.1

V4.3.0

v4.2.2

v4.2.1

v4.2.0

v4.1.7

v4.1.6

v4.1.5

... (truncated)

Commits

Updates docker/metadata-action from 5.8.0 to 5.10.0

Release notes

Sourced from docker/metadata-action's releases.

v5.10.0

Full Changelog: docker/metadata-action@v5.9.0...v5.10.0

v5.9.0

Full Changelog: docker/metadata-action@v5.8.0...v5.9.0

Commits
  • c299e40 Merge pull request #569 from docker/dependabot/npm_and_yarn/docker/actions-to...
  • f015d79 chore: update generated content
  • 121bcc2 chore(deps): Bump @​docker/actions-toolkit from 0.67.0 to 0.68.0
  • f7b6bf4 Merge pull request #564 from docker/dependabot/npm_and_yarn/js-yaml-3.14.2
  • 0b95c6b Merge pull request #565 from docker/dependabot/github_actions/actions/checkout-6
  • 17f70d7 Merge pull request #568 from motoki317/docs/fix-to-24h-schedule-pattern
  • afd7e6d docs(README): Fix date format from 12h to 24h in schedule pattern
  • 602aff8 chore(deps): Bump actions/checkout from 5 to 6
  • aecb1a4 chore(deps): Bump js-yaml from 3.14.1 to 3.14.2
  • 8d8c7c1 Merge pull request #559 from docker/dependabot/npm_and_yarn/docker/actions-to...
  • Additional commits viewable in compare view

Updates astral-sh/setup-uv from 7.1.2 to 7.1.4

Release notes

Sourced from astral-sh/setup-uv's releases.

v7.1.4 🌈 Fix libuv closing bug on Windows

Changes

This release fixes the bug Assertion failed: !(handle->flags & UV_HANDLE_CLOSING) on Windows runners

🐛 Bug fixes

🧰 Maintenance

v7.1.3 🌈 Support act

Changes

This bug fix release adds support for https://github.com/nektos/act It was previously broken because of a too new undici version and TS transpilation target.

Compatibility with act is now automatically tested.

🐛 Bug fixes

🧰 Maintenance

📚 Documentation

Commits

Updates getsentry/action-release from 3.3.0 to 3.4.0

Release notes

Sourced from getsentry/action-release's releases.

3.4.0

Work in this release was contributed by @​trevorkwhite. Thank you for your contribution!

Changelog

Sourced from getsentry/action-release's changelog.

Changelog

3.4.0

Work in this release was contributed by @​trevorkwhite. Thank you for your contribution!

3.3.0

Various fixes & improvements

Work in this release was contributed by @​saibotk. Thank you for your contribution!

3.2.0

Various fixes & improvements

3.1.2

3.1.1

3.1.0

  • feat: Add release and release_prefix in favor of version and version_prefix (#273) by @​andreiborza

Input parameter version has been deprecated and will be removed in a future version in favor of a newly introduced release parameter.

Input parameter version_prefix has been deprecated and will be removed in a future version in favor of a newly introduced release_prefix parameter.

3.0.0

Version 3.0.0 contains breaking changes:

The action now automatically injects Debug IDs into your JavaScript source files and source maps to ensure your stacktraces can be properly un-minified.

... (truncated)

Commits
  • 128c505 release: 3.4.0
  • 2daf0cb chore: Set docker tag for master [skip ci]
  • e96ef20 feat: Add support for setting manual commit range (#291)
  • d54ba90 chore: Set docker tag for master [skip ci]
  • 26897ba Merge branch 'release/3.3.0'
  • See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
deps(infra): bump the infra group with 4 updates
6effb43 
Bumps the infra group with 4 updates: [actions/checkout](https://github.com/actions/checkout), [docker/metadata-action](https://github.com/docker/metadata-action), [astral-sh/setup-uv](https://github.com/astral-sh/setup-uv) and [getsentry/action-release](https://github.com/getsentry/action-release).


Updates `actions/checkout` from 5.0.0 to 6.0.0
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](actions/checkout@08c6903...1af3b93)

Updates `docker/metadata-action` from 5.8.0 to 5.10.0
- [Release notes](https://github.com/docker/metadata-action/releases)
- [Commits](docker/metadata-action@c1e5197...c299e40)

Updates `astral-sh/setup-uv` from 7.1.2 to 7.1.4
- [Release notes](https://github.com/astral-sh/setup-uv/releases)
- [Commits](astral-sh/setup-uv@8585678...1e862df)

Updates `getsentry/action-release` from 3.3.0 to 3.4.0
- [Release notes](https://github.com/getsentry/action-release/releases)
- [Changelog](https://github.com/getsentry/action-release/blob/master/CHANGELOG.md)
- [Commits](getsentry/action-release@4f502ac...128c505)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-version: 6.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: infra
- dependency-name: docker/metadata-action
  dependency-version: 5.10.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: infra
- dependency-name: astral-sh/setup-uv
  dependency-version: 7.1.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: infra
- dependency-name: getsentry/action-release
  dependency-version: 3.4.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: infra
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Dec 1, 2025
@dependabot dependabot bot requested a review from a team as a code owner December 1, 2025 10:33
@dependabot dependabot bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Dec 1, 2025
@sid-maddy sid-maddy self-assigned this Dec 6, 2025
@sid-maddy sid-maddy merged commit e87e4d2 into main Dec 6, 2025
5 checks passed
@sid-maddy sid-maddy deleted the dependabot/infra-1c3adbebc7 branch December 6, 2025 12:01
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@sid-maddy sid-maddy sid-maddy approved these changes

Assignees

@sid-maddy sid-maddy

Labels

dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@sid-maddy