Skip to content

Bump the ci group with 6 updates#59

Closed
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/github_actions/ci-b8c1d84f1c
Closed

Bump the ci group with 6 updates#59
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/github_actions/ci-b8c1d84f1c

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github May 22, 2026
edited
Loading

Bumps the ci group with 6 updates:

Package From To
step-security/harden-runner 2.19.3 2.19.4
goreleaser/goreleaser-action 7.2.1 7.2.2
docker/github-builder/.github/workflows/build.yml 1.8.0 1.9.0
docker/build-push-action 7.1.0 7.2.0
docker/scout-action 1.20.4 1.21.0
golangci/golangci-lint-action 9.2.0 9.2.1

Updates step-security/harden-runner from 2.19.3 to 2.19.4

Release notes

Sourced from step-security/harden-runner's releases.

v2.19.4

What's Changed

  • Improvements for HTTPS Monitoring for the Enterprise tier of Harden Runner

Full Changelog: step-security/harden-runner@v2.19.3...v2.19.4

Commits

Updates goreleaser/goreleaser-action from 7.2.1 to 7.2.2

Release notes

Sourced from goreleaser/goreleaser-action's releases.

v7.2.2

What's Changed

New Contributors

Full Changelog: goreleaser/goreleaser-action@v7...v7.2.2

Commits

Updates docker/github-builder/.github/workflows/build.yml from 1.8.0 to 1.9.0

Release notes

Sourced from docker/github-builder/.github/workflows/build.yml's releases.

v1.9.0

Full Changelog: docker/github-builder@v1.8.0...v1.9.0

Commits
  • 0738332 Merge pull request #204 from docker/fetch-by-commit
  • c838490 build/bake: enable fetch-by-commit for git contexts
  • 2c56d8e Merge pull request #205 from docker/deps/buildx-version
  • 41d992a chore(deps): update Buildx version to v0.34.1
  • 589aff6 Merge pull request #202 from docker/dependabot/github_actions/actions/create-...
  • 5c4c027 build(deps): Bump actions/create-github-app-token from 3.1.1 to 3.2.0
  • ff1758d Merge pull request #201 from docker/deps/buildkit-image
  • 4b7134d chore(deps): update BuildKit image to v0.30.0
  • d08d424 Merge pull request #200 from docker/deps/buildx-version
  • b002d00 chore(deps): update Buildx version to v0.34.0
  • Additional commits viewable in compare view

Updates docker/build-push-action from 7.1.0 to 7.2.0

Release notes

Sourced from docker/build-push-action's releases.

v7.2.0

Full Changelog: docker/build-push-action@v7.1.0...v7.2.0

Commits
  • f9f3042 Merge pull request #1517 from docker/dependabot/npm_and_yarn/docker/actions-t...
  • 812d5fd chore: update generated content
  • b6f6693 chore(deps): Bump @​docker/actions-toolkit from 0.87.0 to 0.90.0
  • c1c626e Merge pull request #1525 from docker/dependabot/npm_and_yarn/actions/core-3.0.1
  • 51bb284 chore: update generated content
  • 5f7884d chore(deps): Bump @​actions/core from 3.0.0 to 3.0.1
  • e01deff Merge pull request #1521 from docker/dependabot/npm_and_yarn/fast-xml-parser-...
  • 3804d49 chore: update generated content
  • 71e8947 chore(deps): Bump fast-xml-parser from 5.5.7 to 5.8.0
  • 4925ad2 Merge pull request #1526 from docker/dependabot/npm_and_yarn/postcss-8.5.10
  • Additional commits viewable in compare view

Updates docker/scout-action from 1.20.4 to 1.21.0

Release notes

Sourced from docker/scout-action's releases.

v1.21.0

What's Changed

  • Fix local DHI-derived image handling, including inherited VEX and quickview base-image display
  • Improve SBOM package qualifier handling, including DHI distro qualifiers
  • Update dependencies and Go toolchain
Commits

Updates golangci/golangci-lint-action from 9.2.0 to 9.2.1

Release notes

Sourced from golangci/golangci-lint-action's releases.

v9.2.1

What's Changed

IMPORTANT: this is the first immutable release.

Changes

Dependencies

Full Changelog: golangci/golangci-lint-action@v9.2.0...v9.2.1

Commits
  • 82606bf chore: prepare release v9.2.1
  • 97c8387 chore: improve workflows (#1394)
  • 28d0a19 build(deps): bump the dependencies group across 1 directory with 2 updates
  • 633fbc7 build(deps): bump github/codeql-action from 4.35.3 to 4.35.4 (#1391)
  • 59f43e2 build(deps): bump github/codeql-action from 4.35.2 to 4.35.3 (#1389)
  • 9eb174e build(deps): bump fast-xml-builder from 1.1.5 to 1.2.0 (#1386)
  • 4f52504 build(deps): bump github/codeql-action from 4 to 4.35.2 (#1384)
  • 6f87dfd docs: update examples
  • c9500d7 chore: improve workflows
  • 03b1faa chore: improve issue templates
  • Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
  • @dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
  • @dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
  • @dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
  • @dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

@dependabot
Bump the ci group with 6 updates
dd11c60 
Bumps the ci group with 6 updates:

| Package | From | To |
| --- | --- | --- |
| [step-security/harden-runner](https://github.com/step-security/harden-runner) | `2.19.3` | `2.19.4` |
| [goreleaser/goreleaser-action](https://github.com/goreleaser/goreleaser-action) | `7.2.1` | `7.2.2` |
| [docker/github-builder/.github/workflows/build.yml](https://github.com/docker/github-builder) | `1.8.0` | `1.9.0` |
| [docker/build-push-action](https://github.com/docker/build-push-action) | `7.1.0` | `7.2.0` |
| [docker/scout-action](https://github.com/docker/scout-action) | `1.20.4` | `1.21.0` |
| [golangci/golangci-lint-action](https://github.com/golangci/golangci-lint-action) | `9.2.0` | `9.2.1` |


Updates `step-security/harden-runner` from 2.19.3 to 2.19.4
- [Release notes](https://github.com/step-security/harden-runner/releases)
- [Commits](step-security/harden-runner@ab7a940...9af89fc)

Updates `goreleaser/goreleaser-action` from 7.2.1 to 7.2.2
- [Release notes](https://github.com/goreleaser/goreleaser-action/releases)
- [Commits](goreleaser/goreleaser-action@1a80836...5daf1e9)

Updates `docker/github-builder/.github/workflows/build.yml` from 1.8.0 to 1.9.0
- [Release notes](https://github.com/docker/github-builder/releases)
- [Commits](docker/github-builder@c2782c5...0738332)

Updates `docker/build-push-action` from 7.1.0 to 7.2.0
- [Release notes](https://github.com/docker/build-push-action/releases)
- [Commits](docker/build-push-action@bcafcac...f9f3042)

Updates `docker/scout-action` from 1.20.4 to 1.21.0
- [Release notes](https://github.com/docker/scout-action/releases)
- [Commits](docker/scout-action@bacf462...cd72f26)

Updates `golangci/golangci-lint-action` from 9.2.0 to 9.2.1
- [Release notes](https://github.com/golangci/golangci-lint-action/releases)
- [Commits](golangci/golangci-lint-action@1e7e51e...82606bf)

---
updated-dependencies:
- dependency-name: step-security/harden-runner
  dependency-version: 2.19.4
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: ci
- dependency-name: goreleaser/goreleaser-action
  dependency-version: 7.2.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: ci
- dependency-name: docker/github-builder/.github/workflows/build.yml
  dependency-version: 1.9.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: ci
- dependency-name: docker/build-push-action
  dependency-version: 7.2.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: ci
- dependency-name: docker/scout-action
  dependency-version: 1.21.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: ci
- dependency-name: golangci/golangci-lint-action
  dependency-version: 9.2.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: ci
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code labels May 22, 2026
@github-actions github-actions Bot enabled auto-merge (squash) May 22, 2026 10:05
@dependabot @github
Copy link
Copy Markdown
Contributor Author

dependabot Bot commented on behalf of github May 29, 2026

Looks like these dependencies are updatable in another way, so this is no longer needed.

@dependabot dependabot Bot closed this May 29, 2026
auto-merge was automatically disabled May 29, 2026 10:44

Pull request was closed

@dependabot dependabot Bot deleted the dependabot/github_actions/ci-b8c1d84f1c branch May 29, 2026 10:44
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@github-actions github-actions[bot] github-actions[bot] approved these changes

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file github_actions Pull requests that update GitHub Actions code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

0 participants