Bump the actions group across 1 directory with 4 updates #4243

dependabot · 2025-09-08T22:17:33Z

Bumps the actions group with 4 updates in the / directory: azure/setup-helm, actions/setup-python, actions/setup-go and actions/stale.

Updates azure/setup-helm from 4.3.0 to 4.3.1

Release notes

Sourced from azure/setup-helm's releases.

v4.3.1

Changed

#167 Pinning Action Dependencies for Security and Reliability

#181 Fix types, and update node version.

#191 chore(tests): Mock arch to make tests pass on arm host

#192 chore: remove unnecessary prebuild script

#203 Update helm version retrieval to use JSON output for latest version

#207 ci(workflows): update helm version to v3.18.4 and add matrix for tests

Added

#197 Add pre-commit hook

Changelog

Sourced from azure/setup-helm's changelog.

Change Log

[4.3.1] - 2025-08-12

Changed

#167 Pinning Action Dependencies for Security and Reliability

#181 Fix types, and update node version.

#191 chore(tests): Mock arch to make tests pass on arm host

#192 chore: remove unnecessary prebuild script

#203 Update helm version retrieval to use JSON output for latest version

#207 ci(workflows): update helm version to v3.18.4 and add matrix for tests

Added

#197 Add pre-commit hook

[4.3.0] - 2025-02-15

#152 feat: log when restoring from cache

#157 Dependencies Update

#137 Add dependabot

[4.2.0] - 2024-04-15

#124 Fix OS detection and download OS-native archive extension

[4.1.0] - 2024-03-01

#130 switches to use Helm published file to read latest version instead of using GitHub releases

[4.0.0] - 2024-02-12

#121 update to node20 as node16 is deprecated

Commits

1a275c3 build
9e7f762 chore(release): v4.3.1 (#208)
c096176 Bump @types/node from 24.1.0 to 24.2.1 in the actions group (#206)
5e72872 ci(workflows): update helm version to v3.18.4 and add matrix for tests (#207)
fb8fa40 Update default helm version to 3.18.3 (#194)
0d09729 chore: remove unnecessary prebuild script (#192)
32bc120 chore(tests): Mock arch to make tests pass on arm host (#191)
51463d6 Bump the actions group with 2 updates (#205)
aff1094 Bump the actions group across 1 directory with 2 updates (#204)
a10a524 Update helm version retrieval to use JSON output for latest version (#203)
Additional commits viewable in compare view

Updates actions/setup-python from 5 to 6

Release notes

Sourced from actions/setup-python's releases.

v6.0.0

What's Changed

Breaking Changes

Upgrade to node 24 by @salmanmkc in actions/setup-python#1164

Make sure your runner is on version v2.327.1 or later to ensure compatibility with this release. See Release Notes

Enhancements:

Add support for pip-version by @priyagupta108 in actions/setup-python#1129

Enhance reading from .python-version by @krystof-k in actions/setup-python#787

Add version parsing from Pipfile by @aradkdj in actions/setup-python#1067

Bug fixes:

Clarify pythonLocation behaviour for PyPy and GraalPy in environment variables by @aparnajyothi-y in actions/setup-python#1183

Change missing cache directory error to warning by @aparnajyothi-y in actions/setup-python#1182

Add Architecture-Specific PATH Management for Python with --user Flag on Windows by @aparnajyothi-y in actions/setup-python#1122

Include python version in PyPy python-version output by @cdce8p in actions/setup-python#1110

Update docs: clarification on pip authentication with setup-python by @priya-kinthali in actions/setup-python#1156

Dependency updates:

Upgrade idna from 2.9 to 3.7 in /tests/data by @dependabot[bot] in actions/setup-python#843

Upgrade form-data to fix critical vulnerabilities #182 & #183 by @aparnajyothi-y in actions/setup-python#1163

Upgrade setuptools to 78.1.1 to fix path traversal vulnerability in PackageIndex.download by @aparnajyothi-y in actions/setup-python#1165

Upgrade actions/checkout from 4 to 5 by @dependabot[bot] in actions/setup-python#1181

Upgrade @actions/tool-cache from 2.0.1 to 2.0.2 by @dependabot[bot] in actions/setup-python#1095

New Contributors

@krystof-k made their first contribution in actions/setup-python#787

@cdce8p made their first contribution in actions/setup-python#1110

@aradkdj made their first contribution in actions/setup-python#1067

Full Changelog: actions/setup-python@v5...v6.0.0

v5.6.0

What's Changed

Workflow updates related to Ubuntu 20.04 by @aparnajyothi-y in actions/setup-python#1065

Fix for Candidate Not Iterable Error by @aparnajyothi-y in actions/setup-python#1082

Upgrade semver and @types/semver by @dependabot in actions/setup-python#1091

Upgrade prettier from 2.8.8 to 3.5.3 by @dependabot in actions/setup-python#1046

Upgrade ts-jest from 29.1.2 to 29.3.2 by @dependabot in actions/setup-python#1081

Full Changelog: actions/setup-python@v5...v5.6.0

v5.5.0

What's Changed

Enhancements:

Support free threaded Python versions like '3.13t' by @colesbury in actions/setup-python#973

Enhance Workflows: Include ubuntu-arm runners, Add e2e Testing for free threaded and Upgrade @action/cache from 4.0.0 to 4.0.3 by @priya-kinthali in actions/setup-python#1056

Add support for .tool-versions file in setup-python by @mahabaleshwars in actions/setup-python#1043

Bug fixes:

Fix architecture for pypy on Linux ARM64 by @mayeut in actions/setup-python#1011 This update maps arm64 to aarch64 for Linux ARM64 PyPy installations.

... (truncated)

Commits

e797f83 Upgrade to node 24 (#1164)
3d1e2d2 Revert "Enhance cache-dependency-path handling to support files outside the w...
65b0712 Clarify pythonLocation behavior for PyPy and GraalPy in environment variables...
5b668cf Bump actions/checkout from 4 to 5 (#1181)
f62a0e2 Change missing cache directory error to warning (#1182)
9322b3c Upgrade setuptools to 78.1.1 to fix path traversal vulnerability in PackageIn...
fbeb884 Bump form-data to fix critical vulnerabilities #182 & #183 (#1163)
03bb615 Bump idna from 2.9 to 3.7 in /tests/data (#843)
36da51d Add version parsing from Pipfile (#1067)
3c6f142 update documentation (#1156)
Additional commits viewable in compare view

Updates actions/setup-go from 5 to 6

Release notes

Sourced from actions/setup-go's releases.

v6.0.0

What's Changed

Breaking Changes

Improve toolchain handling to ensure more reliable and consistent toolchain selection and management by @matthewhughes934 in actions/setup-go#460

Upgrade Nodejs runtime from node20 to node 24 by @salmanmkc in actions/setup-go#624

Make sure your runner is on version v2.327.1 or later to ensure compatibility with this release. See Release Notes

Dependency Upgrades

Upgrade @types/jest from 29.5.12 to 29.5.14 by @dependabot[bot] in actions/setup-go#589

Upgrade @actions/tool-cache from 2.0.1 to 2.0.2 by @dependabot[bot] in actions/setup-go#591

Upgrade @typescript-eslint/parser from 8.31.1 to 8.35.1 by @dependabot[bot] in actions/setup-go#590

Upgrade undici from 5.28.5 to 5.29.0 by @dependabot[bot] in actions/setup-go#594

Upgrade typescript from 5.4.2 to 5.8.3 by @dependabot[bot] in actions/setup-go#538

Upgrade eslint-plugin-jest from 28.11.0 to 29.0.1 by @dependabot[bot] in actions/setup-go#603

Upgrade form-data to bring in fix for critical vulnerability by @matthewhughes934 in actions/setup-go#618

Upgrade actions/checkout from 4 to 5 by @dependabot[bot] in actions/setup-go#631

New Contributors

@matthewhughes934 made their first contribution in actions/setup-go#618

@salmanmkc made their first contribution in actions/setup-go#624

Full Changelog: actions/setup-go@v5...v6.0.0

v5.5.0

What's Changed

Bug fixes:

Update self-hosted environment validation by @priyagupta108 in actions/setup-go#556

Add manifest validation and improve error handling by @priyagupta108 in actions/setup-go#586

Update template link by @jsoref in actions/setup-go#527

Dependency updates:

Upgrade @action/cache from 4.0.2 to 4.0.3 by @aparnajyothi-y in actions/setup-go#574

Upgrade @actions/glob from 0.4.0 to 0.5.0 by @dependabot in actions/setup-go#573

Upgrade ts-jest from 29.1.2 to 29.3.2 by @dependabot in actions/setup-go#582

Upgrade eslint-plugin-jest from 27.9.0 to 28.11.0 by @dependabot in actions/setup-go#537

New Contributors

@jsoref made their first contribution in actions/setup-go#527

Full Changelog: actions/setup-go@v5...v5.5.0

v5.4.0

What's Changed

Dependency updates :

Upgrade semver from 7.6.0 to 7.6.3 by @dependabot in actions/setup-go#535

Upgrade eslint-config-prettier from 8.10.0 to 10.0.1 by @dependabot in actions/setup-go#536

Upgrade @action/cache from 4.0.0 to 4.0.2 by @aparnajyothi-y in actions/setup-go#568

Upgrade undici from 5.28.4 to 5.28.5 by @dependabot in actions/setup-go#541

... (truncated)

Commits

4469467 Bump actions/checkout from 4 to 5 (#631)
e093d1e Node 24 upgrade (#624)
1d76b95 Improve toolchain handling (#460)
e75c3e8 Bump form-data to bring in fix for critical vulnerability (#618)
8e57b58 Bump eslint-plugin-jest from 28.11.0 to 29.0.1 (#603)
7c0b336 Bump typescript from 5.4.2 to 5.8.3 (#538)
6f26dcc Bump undici from 5.28.5 to 5.29.0 (#594)
8d4083a Bump @typescript-eslint/parser from 5.62.0 to 8.32.0 (#590)
fa96338 Bump @actions/tool-cache from 2.0.1 to 2.0.2 (#591)
4de67c0 Bump @types/jest from 29.5.12 to 29.5.14 (#589)
See full diff in compare view

Updates actions/stale from 9 to 10

Release notes

Sourced from actions/stale's releases.

v10.0.0

What's Changed

Breaking Changes

Upgrade to node 24 by @salmanmkc in actions/stale#1279 Make sure your runner is on version v2.327.1 or later to ensure compatibility with this release. Release Notes

Enhancement

Introducing sort-by option by @suyashgaonkar in actions/stale#1254

Dependency Upgrades

Upgrade actions/publish-immutable-action from 0.0.3 to 0.0.4 by @dependabot[bot] in actions/stale#1186

Upgrade undici from 5.28.4 to 5.28.5 by @dependabot[bot] in actions/stale#1201

Upgrade @action/cache from 4.0.0 to 4.0.2 by @aparnajyothi-y in actions/stale#1226

Upgrade @action/cache from 4.0.2 to 4.0.3 by @suyashgaonkar in actions/stale#1233

Upgrade undici from 5.28.5 to 5.29.0 by @dependabot[bot] in actions/stale#1251

Upgrade form-data to bring in fix for critical vulnerability by @gowridurgad in actions/stale#1277

Documentation changes

Changelog update for recent releases by @suyashgaonkar in actions/stale#1224

Permissions update in Readme by @ghadimir in actions/stale#1248

New Contributors

@suyashgaonkar made their first contribution in actions/stale#1224

@GhadimiR made their first contribution in actions/stale#1248

@gowridurgad made their first contribution in actions/stale#1277

@salmanmkc made their first contribution in actions/stale#1279

Full Changelog: actions/stale@v9...v10.0.0

v9.1.0

What's Changed

Documentation update by @Marukome0743 in actions/stale#1116

Add workflow file for publishing releases to immutable action package by @Jcambass in actions/stale#1179

Update undici from 5.28.2 to 5.28.4 by @dependabot in actions/stale#1150

Update actions/checkout from 3 to 4 by @dependabot in actions/stale#1091

Update actions/publish-action from 0.2.2 to 0.3.0 by @dependabot in actions/stale#1147

Update ts-jest from 29.1.1 to 29.2.5 by @dependabot in actions/stale#1175

Update @actions/core from 1.10.1 to 1.11.1 by @dependabot in actions/stale#1191

Update @types/jest from 29.5.11 to 29.5.14 by @dependabot in actions/stale#1193

Update @actions/cache from 3.2.2 to 4.0.0 by @dependabot in actions/stale#1194

New Contributors

@Marukome0743 made their first contribution in actions/stale#1116

@Jcambass made their first contribution in actions/stale#1179

Full Changelog: actions/stale@v9...v9.1.0

Changelog

Sourced from actions/stale's changelog.

Changelog

[9.1.0]

What's Changed

Documentation update by @Marukome0743 in actions/stale#1116

Add workflow file for publishing releases to immutable action package by @Jcambass in actions/stale#1179

Update undici from 5.28.2 to 5.28.4 by @dependabot in actions/stale#1150

Update actions/checkout from 3 to 4 by @dependabot in actions/stale#1091

Update actions/publish-action from 0.2.2 to 0.3.0 by @dependabot in actions/stale#1147

Update ts-jest from 29.1.1 to 29.2.5 by @dependabot in actions/stale#1175

Update @actions/core from 1.10.1 to 1.11.1 by @dependabot in actions/stale#1191

Update @types/jest from 29.5.11 to 29.5.14 by @dependabot in actions/stale#1193

Update @actions/cache from 3.2.2 to 4.0.0 by @dependabot in actions/stale#1194

[9.0.0]

Breaking Changes

Action is now stateful: If the action ends because of operations-per-run then the next run will start from the first unprocessed issue skipping the issues processed during the previous run(s). The state is reset when all the issues are processed. This should be considered for scheduling workflow runs.

Version 9 of this action updated the runtime to Node.js 20. All scripts are now run with Node.js 20 instead of Node.js 16 and are affected by any breaking changes between Node.js 16 and 20.

What Else Changed

Performance optimization that removes unnecessary API calls by @dsame in #1033; fixes #792

Logs displaying current GitHub API rate limit by @dsame in #1032; addresses #1029

For more information, please read the action documentation and its section about statefulness

[4.1.1]

In scope of this release we updated actions/core to 1.10.0 for v4 and fixed issues operation count.

[8.0.0]

⚠️ This version contains breaking changes ⚠️

New option labels-to-remove-when-stale enables users to specify list of comma delimited labels that will be removed when the issue or PR becomes stale by @panticmilos actions/stale#770

Skip deleting the branch in the upstream of a forked repo by @dsame actions/stale#913

abort the build on the error by @dsame in actions/stale#935

[7.0.0]

⚠️ Breaking change ⚠️

Allow daysBeforeStale options to be float by @irega in actions/stale#841

Use cache in check-dist.yml by @jongwooo in actions/stale#876

fix print outputs step in existing workflows by @irega in actions/stale#859

Update issue and PR templates, add/delete workflow files by @IvanZosimov in actions/stale#880

Update how stale handles exempt items by @johnsudol in actions/stale#874

... (truncated)

Commits

3a9db7e Upgrade to node 24 (#1279)
8f717f0 Bumps form-data (#1277)
a92fd57 build(deps): bump undici from 5.28.5 to 5.29.0 (#1251)
128b2c8 Introducing sort-by option (#1254)
f78de97 Update README.md (#1248)
816d9db Upgrade @action/cache from 4.0.2 to 4.0.3 (#1233)
ba23c1c upgrade actions/cache from 4.0.0 to 4.0.2 (#1226)
a65e88a build(deps): bump undici from 5.28.4 to 5.28.5 (#1201)
d4df79c Updates to CHANGELOG.MD for recent releases (#1224)
ee7ef89 build(deps): bump actions/publish-immutable-action from 0.0.3 to 0.0.4 (#1186)
See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR
@dependabot recreate will recreate this PR, overwriting any edits that have been made to it
@dependabot merge will merge this PR after your CI passes on it
@dependabot squash and merge will squash and merge this PR after your CI passes on it
@dependabot cancel merge will cancel a previously requested merge and block automerging
@dependabot reopen will reopen this PR if it is closed
@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
@dependabot ignore <dependency name> major version will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)
@dependabot ignore <dependency name> minor version will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)
@dependabot ignore <dependency name> will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)
@dependabot unignore <dependency name> will remove all of the ignore conditions of the specified dependency
@dependabot unignore <dependency name> <ignore condition> will remove the ignore condition of the specified dependency and ignore conditions

Bumps the actions group with 4 updates in the / directory: [azure/setup-helm](https://github.com/azure/setup-helm), [actions/setup-python](https://github.com/actions/setup-python), [actions/setup-go](https://github.com/actions/setup-go) and [actions/stale](https://github.com/actions/stale). Updates `azure/setup-helm` from 4.3.0 to 4.3.1 - [Release notes](https://github.com/azure/setup-helm/releases) - [Changelog](https://github.com/Azure/setup-helm/blob/main/CHANGELOG.md) - [Commits](Azure/setup-helm@b9e5190...1a275c3) Updates `actions/setup-python` from 5 to 6 - [Release notes](https://github.com/actions/setup-python/releases) - [Commits](actions/setup-python@v5...v6) Updates `actions/setup-go` from 5 to 6 - [Release notes](https://github.com/actions/setup-go/releases) - [Commits](actions/setup-go@v5...v6) Updates `actions/stale` from 9 to 10 - [Release notes](https://github.com/actions/stale/releases) - [Changelog](https://github.com/actions/stale/blob/main/CHANGELOG.md) - [Commits](actions/stale@v9...v10) --- updated-dependencies: - dependency-name: azure/setup-helm dependency-version: 4.3.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: actions - dependency-name: actions/setup-python dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions - dependency-name: actions/setup-go dependency-version: '6' dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions - dependency-name: actions/stale dependency-version: '10' dependency-type: direct:production update-type: version-update:semver-major dependency-group: actions ... Signed-off-by: dependabot[bot] <[email protected]>

dependabot · 2025-09-15T22:28:16Z

Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting @dependabot rebase.

dependabot · 2025-09-15T22:50:16Z

Dependabot tried to update this pull request, but something went wrong. We're looking into it, but in the meantime you can retry the update by commenting @dependabot rebase.

dependabot bot added dependencies github_actions Pull requests that update GitHub Actions code labels Sep 8, 2025

dependabot bot requested review from mumoshu, toast-gear, nikola-jokic, rentziass and a team as code owners September 8, 2025 22:17

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Bump the actions group across 1 directory with 4 updates #4243

Bump the actions group across 1 directory with 4 updates #4243

Uh oh!

dependabot bot commented on behalf of github Sep 8, 2025 •

edited

Loading

Uh oh!

dependabot bot commented on behalf of github Sep 15, 2025

Uh oh!

dependabot bot commented on behalf of github Sep 15, 2025

Uh oh!

Uh oh!

Bump the actions group across 1 directory with 4 updates #4243

Are you sure you want to change the base?

Bump the actions group across 1 directory with 4 updates #4243

Uh oh!

Conversation

dependabot bot commented on behalf of github Sep 8, 2025 • edited Loading Uh oh! There was an error while loading. Please reload this page.

Uh oh!

v4.3.1

Changed

Added

Change Log

[4.3.1] - 2025-08-12

Changed

Added

[4.3.0] - 2025-02-15

[4.2.0] - 2024-04-15

[4.1.0] - 2024-03-01

[4.0.0] - 2024-02-12

v6.0.0

What's Changed

Breaking Changes

Enhancements:

Bug fixes:

Dependency updates:

New Contributors

v5.6.0

What's Changed

v5.5.0

What's Changed

Enhancements:

Bug fixes:

v6.0.0

What's Changed

Breaking Changes

Dependency Upgrades

New Contributors

v5.5.0

What's Changed

Bug fixes:

Dependency updates:

New Contributors

v5.4.0

What's Changed

Dependency updates :

v10.0.0

What's Changed

Breaking Changes

Enhancement

Dependency Upgrades

Documentation changes

New Contributors

v9.1.0

What's Changed

New Contributors

Changelog

[9.1.0]

What's Changed

[9.0.0]

Breaking Changes

What Else Changed

[4.1.1]

[8.0.0]

[7.0.0]

Uh oh!

dependabot bot commented on behalf of github Sep 15, 2025

Uh oh!

dependabot bot commented on behalf of github Sep 15, 2025

Uh oh!

Uh oh!

dependabot bot commented on behalf of github Sep 8, 2025 •

edited

Loading