Skip to content

chore(deps): bump the github-actions-dependencies group across 3 directories with 8 updates #352

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
neilime merged 1 commit into from
Nov 30, 2025
Merged

chore(deps): bump the github-actions-dependencies group across 3 directories with 8 updates #352

neilime merged 1 commit into from
Nov 30, 2025

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Nov 28, 2025
edited
Loading

Bumps the github-actions-dependencies group with 8 updates in the / directory:

Package From To
hoverkraft-tech/ci-github-common/.github/workflows/greetings.yml 0.30.2 0.31.0
hoverkraft-tech/ci-github-publish/.github/workflows/release-actions.yml 0.15.2 0.16.0
hoverkraft-tech/ci-github-common/.github/workflows/need-fix-to-issue.yml 0.30.2 0.31.0
hoverkraft-tech/ci-github-common/.github/workflows/semantic-pull-request.yml 0.30.2 0.31.0
hoverkraft-tech/ci-github-common/.github/workflows/linter.yml 0.30.2 0.31.0
hoverkraft-tech/ci-github-common/.github/workflows/stale.yml 0.30.2 0.31.0
hoverkraft-tech/ci-github-container/.github/workflows/docker-build-images.yml 0.29.1 0.30.0
hoverkraft-tech/ci-github-common 0.30.2 0.31.0

Bumps the github-actions-dependencies group with 1 update in the /actions/lint directory: hoverkraft-tech/ci-github-common.
Bumps the github-actions-dependencies group with 1 update in the /actions/test directory: hoverkraft-tech/ci-github-common.

Updates hoverkraft-tech/ci-github-common/.github/workflows/greetings.yml from 0.30.2 to 0.31.0

Release notes

Sourced from hoverkraft-tech/ci-github-common/.github/workflows/greetings.yml's releases.

0.31.0

Release Summary

Feature: introduces the local-workflow-actions action to simplify using local composite actions. Fix (checkout): default persist-credentials is now false to harden security and prevent unintended token persistence.

Internal: documentation for actions and workflows has been refreshed.

Breaking change(s)

The checkout step now sets persist-credentials: false by default; workflows that rely on persisted GitHub tokens for subsequent Git operations must explicitly opt in or adjust authentication.

What's Changed

Full Changelog: hoverkraft-tech/ci-github-common@0.30.2...0.31.0

Commits
  • a55670b docs: update actions and workflows documentation
  • 09f42e4 chore(deps): bump the github-actions-dependencies group across 3 directories ...
  • e8d06f4 feat: add local-workflow-actions action
  • cdf2bbe docs: update actions and workflows documentation
  • 4faa04a fix(checkout)!: set persist-credentials to false by default for security reason
  • 26b03d1 docs: update actions and workflows documentation
  • See full diff in compare view

Updates hoverkraft-tech/ci-github-publish/.github/workflows/release-actions.yml from 0.15.2 to 0.16.0

Release notes

Sourced from hoverkraft-tech/ci-github-publish/.github/workflows/release-actions.yml's releases.

0.16.0

Release Summary

Fix: forces ArgoCD sync on redeployments when using the hoverkraft-deployment plugin to ensure reliable re-deploys without code changes. 

Internal: actions and workflows documentation refreshed. 

Breaking change(s)

No breaking changes. 

What's Changed

Full Changelog: hoverkraft-tech/ci-github-publish@0.15.2...0.16.0

Commits
  • ed864a8 docs: update actions and workflows documentation
  • e1a381b refactor: rename plugin to hoverkraft-deployment and add conditional check
  • bc2fe44 test: add plugin entry to test template for validation
  • 472f7f3 fix: force ArgoCD sync on redeployment using plugin environment variable
  • a6df652 refactor: replace operation block with plugin env update for sync detection
  • 9c9b5d0 feat: add ArgoCD refresh behavior timestamp to force sync on every deployment
  • d2b9385 docs: update actions and workflows documentation
  • a631cc8 build(deps): Bump the github-actions-dependencies group across 5 directories ...
  • See full diff in compare view

Updates hoverkraft-tech/ci-github-common/.github/workflows/need-fix-to-issue.yml from 0.30.2 to 0.31.0

Release notes

Sourced from hoverkraft-tech/ci-github-common/.github/workflows/need-fix-to-issue.yml's releases.

0.31.0

Release Summary

Feature: introduces the local-workflow-actions action to simplify using local composite actions. Fix (checkout): default persist-credentials is now false to harden security and prevent unintended token persistence.

Internal: documentation for actions and workflows has been refreshed.

Breaking change(s)

The checkout step now sets persist-credentials: false by default; workflows that rely on persisted GitHub tokens for subsequent Git operations must explicitly opt in or adjust authentication.

What's Changed

Full Changelog: hoverkraft-tech/ci-github-common@0.30.2...0.31.0

Commits
  • a55670b docs: update actions and workflows documentation
  • 09f42e4 chore(deps): bump the github-actions-dependencies group across 3 directories ...
  • e8d06f4 feat: add local-workflow-actions action
  • cdf2bbe docs: update actions and workflows documentation
  • 4faa04a fix(checkout)!: set persist-credentials to false by default for security reason
  • 26b03d1 docs: update actions and workflows documentation
  • See full diff in compare view

Updates hoverkraft-tech/ci-github-common/.github/workflows/semantic-pull-request.yml from 0.30.2 to 0.31.0

Release notes

Sourced from hoverkraft-tech/ci-github-common/.github/workflows/semantic-pull-request.yml's releases.

0.31.0

Release Summary

Feature: introduces the local-workflow-actions action to simplify using local composite actions. Fix (checkout): default persist-credentials is now false to harden security and prevent unintended token persistence.

Internal: documentation for actions and workflows has been refreshed.

Breaking change(s)

The checkout step now sets persist-credentials: false by default; workflows that rely on persisted GitHub tokens for subsequent Git operations must explicitly opt in or adjust authentication.

What's Changed

Full Changelog: hoverkraft-tech/ci-github-common@0.30.2...0.31.0

Commits
  • a55670b docs: update actions and workflows documentation
  • 09f42e4 chore(deps): bump the github-actions-dependencies group across 3 directories ...
  • e8d06f4 feat: add local-workflow-actions action
  • cdf2bbe docs: update actions and workflows documentation
  • 4faa04a fix(checkout)!: set persist-credentials to false by default for security reason
  • 26b03d1 docs: update actions and workflows documentation
  • See full diff in compare view

Updates hoverkraft-tech/ci-github-common/.github/workflows/linter.yml from 0.30.2 to 0.31.0

Release notes

Sourced from hoverkraft-tech/ci-github-common/.github/workflows/linter.yml's releases.

0.31.0

Release Summary

Feature: introduces the local-workflow-actions action to simplify using local composite actions. Fix (checkout): default persist-credentials is now false to harden security and prevent unintended token persistence.

Internal: documentation for actions and workflows has been refreshed.

Breaking change(s)

The checkout step now sets persist-credentials: false by default; workflows that rely on persisted GitHub tokens for subsequent Git operations must explicitly opt in or adjust authentication.

What's Changed

Full Changelog: hoverkraft-tech/ci-github-common@0.30.2...0.31.0

Commits
  • a55670b docs: update actions and workflows documentation
  • 09f42e4 chore(deps): bump the github-actions-dependencies group across 3 directories ...
  • e8d06f4 feat: add local-workflow-actions action
  • cdf2bbe docs: update actions and workflows documentation
  • 4faa04a fix(checkout)!: set persist-credentials to false by default for security reason
  • 26b03d1 docs: update actions and workflows documentation
  • See full diff in compare view

Updates hoverkraft-tech/ci-github-common/.github/workflows/stale.yml from 0.30.2 to 0.31.0

Release notes

Sourced from hoverkraft-tech/ci-github-common/.github/workflows/stale.yml's releases.

0.31.0

Release Summary

Feature: introduces the local-workflow-actions action to simplify using local composite actions. Fix (checkout): default persist-credentials is now false to harden security and prevent unintended token persistence.

Internal: documentation for actions and workflows has been refreshed.

Breaking change(s)

The checkout step now sets persist-credentials: false by default; workflows that rely on persisted GitHub tokens for subsequent Git operations must explicitly opt in or adjust authentication.

What's Changed

Full Changelog: hoverkraft-tech/ci-github-common@0.30.2...0.31.0

Commits
  • a55670b docs: update actions and workflows documentation
  • 09f42e4 chore(deps): bump the github-actions-dependencies group across 3 directories ...
  • e8d06f4 feat: add local-workflow-actions action
  • cdf2bbe docs: update actions and workflows documentation
  • 4faa04a fix(checkout)!: set persist-credentials to false by default for security reason
  • 26b03d1 docs: update actions and workflows documentation
  • See full diff in compare view

Updates hoverkraft-tech/ci-github-container/.github/workflows/docker-build-images.yml from 0.29.1 to 0.30.0

Release notes

Sourced from hoverkraft-tech/ci-github-container/.github/workflows/docker-build-images.yml's releases.

0.30.0

Release Summary

Features (docker): upgraded BuildKit and Buildx.

Internal changes: CI test stability improvements for tag push and workflow_dispatch events, documentation refresh, and GitHub Actions dependency bumps.

Breaking change(s)

No breaking changes.

What's Changed

Full Changelog: hoverkraft-tech/ci-github-container@0.29.1...0.30.0

Commits
  • 0d92511 chore(deps): bump the github-actions-dependencies group across 7 directories ...
  • e1a9e05 feat(docker): upgrade buildkit and buildx
  • 02e761d chore(deps): bump the github-actions-dependencies group across 7 directories ...
  • 83f97ee chore(deps): bump the github-actions-dependencies group across 7 directories ...
  • fd3b3f5 docs: update actions and workflows documentation
  • ce170ef ci: add workflow to check semantic pull requests
  • 2cf87c4 ci: fix failing test on workflow_dispatch event
  • 63efcb8 chore(deps): bump hoverkraft-tech/ci-github-publish/.github/workflows/release...
  • 3fe7366 docs: update actions and workflows documentation
  • 564b5a3 Revert cleanup script changes per review feedback
  • Additional commits viewable in compare view

Updates hoverkraft-tech/ci-github-common from 0.30.2 to 0.31.0

Release notes

Sourced from hoverkraft-tech/ci-github-common's releases.

0.31.0

Release Summary

Feature: introduces the local-workflow-actions action to simplify using local composite actions. Fix (checkout): default persist-credentials is now false to harden security and prevent unintended token persistence.

Internal: documentation for actions and workflows has been refreshed.

Breaking change(s)

The checkout step now sets persist-credentials: false by default; workflows that rely on persisted GitHub tokens for subsequent Git operations must explicitly opt in or adjust authentication.

What's Changed

Full Changelog: hoverkraft-tech/ci-github-common@0.30.2...0.31.0

Commits
  • a55670b docs: update actions and workflows documentation
  • 09f42e4 chore(deps): bump the github-actions-dependencies group across 3 directories ...
  • e8d06f4 feat: add local-workflow-actions action
  • cdf2bbe docs: update actions and workflows documentation
  • 4faa04a fix(checkout)!: set persist-credentials to false by default for security reason
  • 26b03d1 docs: update actions and workflows documentation
  • See full diff in compare view

Updates hoverkraft-tech/ci-github-common from 0.30.2 to 0.31.0

Release notes

Sourced from hoverkraft-tech/ci-github-common's releases.

0.31.0

Release Summary

Feature: introduces the local-workflow-actions action to simplify using local composite actions. Fix (checkout): default persist-credentials is now false to harden security and prevent unintended token persistence.

Internal: documentation for actions and workflows has been refreshed.

Breaking change(s)

The checkout step now sets persist-credentials: false by default; workflows that rely on persisted GitHub tokens for subsequent Git operations must explicitly opt in or adjust authentication.

What's Changed

Full Changelog: hoverkraft-tech/ci-github-common@0.30.2...0.31.0

Commits
  • a55670b docs: update actions and workflows documentation
  • 09f42e4 chore(deps): bump the github-actions-dependencies group across 3 directories ...
  • e8d06f4 feat: add local-workflow-actions action
  • cdf2bbe docs: update actions and workflows documentation
  • 4faa04a fix(checkout)!: set persist-credentials to false by default for security reason
  • 26b03d1 docs: update actions and workflows documentation
  • See full diff in compare view

Updates hoverkraft-tech/ci-github-common from 0.30.2 to 0.31.0

Release notes

Sourced from hoverkraft-tech/ci-github-common's releases.

0.31.0

Release Summary

Feature: introduces the local-workflow-actions action to simplify using local composite actions. Fix (checkout): default persist-credentials is now false to harden security and prevent unintended token persistence.

Internal: documentation for actions and workflows has been refreshed.

Breaking change(s)

The checkout step now sets persist-credentials: false by default; workflows that rely on persisted GitHub tokens for subsequent Git operations must explicitly opt in or adjust authentication.

What's Changed

Full Changelog: hoverkraft-tech/ci-github-common@0.30.2...0.31.0

Commits
  • a55670b docs: update actions and workflows documentation
  • 09f42e4 chore(deps): bump the github-actions-dependencies group across 3 directories ...
  • e8d06f4 feat: add local-workflow-actions action
  • cdf2bbe docs: update actions and workflows documentation
  • 4faa04a fix(checkout)!: set persist-credentials to false by default for security reason
  • 26b03d1 docs: update actions and workflows documentation
  • See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot dependabot bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels Nov 28, 2025
@github-actions
Copy link
Contributor

github-actions bot commented Nov 28, 2025

Hi, thank you for creating your PR, we will check it out very soon

@github-actions
Copy link
Contributor

github-actions bot commented Nov 28, 2025
edited
Loading

Code Coverage Report

Coverage Results

Coverage

Metric Covered Total Percentage
Lines 2 2 100.00%
Functions 1 1 100.00%

Overall: 100.00% 🟢
🟩🟩🟩🟩🟩🟩🟩🟩🟩🟩🟩🟩🟩🟩🟩🟩🟩🟩🟩🟩

@dependabot dependabot bot force-pushed the dependabot/github_actions/github-actions-dependencies-0f44b91f20 branch from 97c1643 to b720746 Compare November 28, 2025 06:36
@neilime neilime force-pushed the dependabot/github_actions/github-actions-dependencies-0f44b91f20 branch 11 times, most recently from 92be0d7 to cf8939d Compare November 30, 2025 19:43
@dependabot @neilime
chore(deps): bump the github-actions-dependencies group across 3 dire…
827f468 
…ctories with 8 updates

Bumps the github-actions-dependencies group with 8 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [hoverkraft-tech/ci-github-common/.github/workflows/greetings.yml](https://github.com/hoverkraft-tech/ci-github-common) | `0.30.2` | `0.31.0` |
| [hoverkraft-tech/ci-github-publish/.github/workflows/release-actions.yml](https://github.com/hoverkraft-tech/ci-github-publish) | `0.15.2` | `0.16.0` |
| [hoverkraft-tech/ci-github-common/.github/workflows/need-fix-to-issue.yml](https://github.com/hoverkraft-tech/ci-github-common) | `0.30.2` | `0.31.0` |
| [hoverkraft-tech/ci-github-common/.github/workflows/semantic-pull-request.yml](https://github.com/hoverkraft-tech/ci-github-common) | `0.30.2` | `0.31.0` |
| [hoverkraft-tech/ci-github-common/.github/workflows/linter.yml](https://github.com/hoverkraft-tech/ci-github-common) | `0.30.2` | `0.31.0` |
| [hoverkraft-tech/ci-github-common/.github/workflows/stale.yml](https://github.com/hoverkraft-tech/ci-github-common) | `0.30.2` | `0.31.0` |
| [hoverkraft-tech/ci-github-container/.github/workflows/docker-build-images.yml](https://github.com/hoverkraft-tech/ci-github-container) | `0.29.1` | `0.30.0` |
| [hoverkraft-tech/ci-github-common](https://github.com/hoverkraft-tech/ci-github-common) | `0.30.2` | `0.31.0` |

Bumps the github-actions-dependencies group with 1 update in the /actions/lint directory: [hoverkraft-tech/ci-github-common](https://github.com/hoverkraft-tech/ci-github-common).
Bumps the github-actions-dependencies group with 1 update in the /actions/test directory: [hoverkraft-tech/ci-github-common](https://github.com/hoverkraft-tech/ci-github-common).

Updates `hoverkraft-tech/ci-github-common/.github/workflows/greetings.yml` from 0.30.2 to 0.31.0
- [Release notes](https://github.com/hoverkraft-tech/ci-github-common/releases)
- [Commits](hoverkraft-tech/ci-github-common@5e8d0e6...a55670b)

Updates `hoverkraft-tech/ci-github-publish/.github/workflows/release-actions.yml` from 0.15.2 to 0.16.0
- [Release notes](https://github.com/hoverkraft-tech/ci-github-publish/releases)
- [Commits](hoverkraft-tech/ci-github-publish@dbdcce2...ed864a8)

Updates `hoverkraft-tech/ci-github-common/.github/workflows/need-fix-to-issue.yml` from 0.30.2 to 0.31.0
- [Release notes](https://github.com/hoverkraft-tech/ci-github-common/releases)
- [Commits](hoverkraft-tech/ci-github-common@5e8d0e6...a55670b)

Updates `hoverkraft-tech/ci-github-common/.github/workflows/semantic-pull-request.yml` from 0.30.2 to 0.31.0
- [Release notes](https://github.com/hoverkraft-tech/ci-github-common/releases)
- [Commits](hoverkraft-tech/ci-github-common@5e8d0e6...a55670b)

Updates `hoverkraft-tech/ci-github-common/.github/workflows/linter.yml` from 0.30.2 to 0.31.0
- [Release notes](https://github.com/hoverkraft-tech/ci-github-common/releases)
- [Commits](hoverkraft-tech/ci-github-common@5e8d0e6...a55670b)

Updates `hoverkraft-tech/ci-github-common/.github/workflows/stale.yml` from 0.30.2 to 0.31.0
- [Release notes](https://github.com/hoverkraft-tech/ci-github-common/releases)
- [Commits](hoverkraft-tech/ci-github-common@5e8d0e6...a55670b)

Updates `hoverkraft-tech/ci-github-container/.github/workflows/docker-build-images.yml` from 0.29.1 to 0.30.0
- [Release notes](https://github.com/hoverkraft-tech/ci-github-container/releases)
- [Commits](hoverkraft-tech/ci-github-container@6b0d5ca...0d92511)

Updates `hoverkraft-tech/ci-github-common` from 0.30.2 to 0.31.0
- [Release notes](https://github.com/hoverkraft-tech/ci-github-common/releases)
- [Commits](hoverkraft-tech/ci-github-common@5e8d0e6...a55670b)

Updates `hoverkraft-tech/ci-github-common` from 0.30.2 to 0.31.0
- [Release notes](https://github.com/hoverkraft-tech/ci-github-common/releases)
- [Commits](hoverkraft-tech/ci-github-common@5e8d0e6...a55670b)

Updates `hoverkraft-tech/ci-github-common` from 0.30.2 to 0.31.0
- [Release notes](https://github.com/hoverkraft-tech/ci-github-common/releases)
- [Commits](hoverkraft-tech/ci-github-common@5e8d0e6...a55670b)

---
updated-dependencies:
- dependency-name: hoverkraft-tech/ci-github-common/.github/workflows/greetings.yml
  dependency-version: 0.31.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions-dependencies
- dependency-name: hoverkraft-tech/ci-github-publish/.github/workflows/release-actions.yml
  dependency-version: 0.16.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions-dependencies
- dependency-name: hoverkraft-tech/ci-github-common/.github/workflows/need-fix-to-issue.yml
  dependency-version: 0.31.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions-dependencies
- dependency-name: hoverkraft-tech/ci-github-common/.github/workflows/semantic-pull-request.yml
  dependency-version: 0.31.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions-dependencies
- dependency-name: hoverkraft-tech/ci-github-common/.github/workflows/linter.yml
  dependency-version: 0.31.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions-dependencies
- dependency-name: hoverkraft-tech/ci-github-common/.github/workflows/stale.yml
  dependency-version: 0.31.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions-dependencies
- dependency-name: hoverkraft-tech/ci-github-container/.github/workflows/docker-build-images.yml
  dependency-version: 0.30.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions-dependencies
- dependency-name: hoverkraft-tech/ci-github-common
  dependency-version: 0.31.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions-dependencies
- dependency-name: hoverkraft-tech/ci-github-common
  dependency-version: 0.31.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions-dependencies
- dependency-name: hoverkraft-tech/ci-github-common
  dependency-version: 0.31.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions-dependencies
...

Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Emilien Escalle <emilien.escalle@escemi.com>
@neilime neilime force-pushed the dependabot/github_actions/github-actions-dependencies-0f44b91f20 branch from cf8939d to 827f468 Compare November 30, 2025 20:02
@codecov
Copy link

codecov bot commented Nov 30, 2025

Welcome to Codecov 🎉

Once you merge this PR into your default branch, you're all set! Codecov will compare coverage reports and display results in all future pull requests.

Thanks for integrating Codecov - We've got you covered ☂️

@neilime neilime merged commit 7b366a2 into main Nov 30, 2025
66 checks passed
@neilime neilime deleted the dependabot/github_actions/github-actions-dependencies-0f44b91f20 branch November 30, 2025 21:57
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@neilime