{"id":575,"name":"DavidAnson/markdownlint-cli2-action","ecosystem":"actions","repository_url":"https://github.com/DavidAnson/markdownlint-cli2-action","issues_count":1197,"created_at":"2025-06-06T15:01:35.485Z","updated_at":"2025-06-06T15:01:35.485Z","purl":"pkg:githubactions/DavidAnson/markdownlint-cli2-action","metadata":{"id":5800276,"name":"DavidAnson/markdownlint-cli2-action","ecosystem":"actions","description":"A GitHub Action to run the markdownlint-cli2 tool for linting Markdown/CommonMark files with the markdownlint library","homepage":"https://github.com/marketplace/actions/markdownlint-cli2-action","licenses":"mit","normalized_licenses":["MIT"],"repository_url":"https://github.com/DavidAnson/markdownlint-cli2-action","keywords_array":[],"namespace":"DavidAnson","versions_count":44,"first_release_published_at":"2021-01-13T23:30:04.000Z","latest_release_published_at":"2025-05-15T04:20:14.000Z","latest_release_number":"v20.0.0","last_synced_at":"2025-06-04T00:40:49.384Z","created_at":"2023-01-04T11:59:53.971Z","updated_at":"2025-06-04T00:40:49.384Z","registry_url":"https://github.com/DavidAnson/markdownlint-cli2-action","install_command":null,"documentation_url":null,"metadata":{"name":"markdownlint-cli2-action","author":"David Anson","description":"A GitHub Action to run the markdownlint-cli2 tool for linting Markdown/CommonMark files with the markdownlint library","branding":{"icon":"check-square","color":"orange"},"inputs":{"config":{"description":"Path of a file to use for the base configuration object (defaults to none)","default":"","required":false},"fix":{"description":"Whether to fix supported issues automatically (any truthy value enables)","default":"","required":false},"globs":{"description":"Glob expression(s) of files to lint (newline-delimited)","default":"*.{md,markdown}","required":false},"separator":{"description":"String to use as a separator for the \"globs\" input (defaults to newline)","default":"\n","required":false}},"runs":{"using":"node20","main":"dist/index.mjs"},"default_branch":"main","path":null},"repo_metadata":{"id":44598552,"uuid":"329203602","full_name":"DavidAnson/markdownlint-cli2-action","owner":"DavidAnson","description":"A GitHub Action to run the markdownlint-cli2 tool for linting Markdown/CommonMark files with the markdownlint library","archived":false,"fork":false,"pushed_at":"2024-10-21T15:41:35.000Z","size":2848,"stargazers_count":92,"open_issues_count":0,"forks_count":11,"subscribers_count":5,"default_branch":"main","last_synced_at":"2024-10-24T15:45:23.692Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"https://github.com/marketplace/actions/markdownlint-cli2-action","language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/DavidAnson.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":"CONTRIBUTING.md","funding":".github/FUNDING.yml","license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null},"funding":{"github":"DavidAnson"}},"created_at":"2021-01-13T05:28:45.000Z","updated_at":"2024-10-21T15:41:32.000Z","dependencies_parsed_at":"2023-02-16T11:31:19.268Z","dependency_job_id":"5658b0fe-a1c7-4528-8079-cb61e8d94c72","html_url":"https://github.com/DavidAnson/markdownlint-cli2-action","commit_stats":{"total_commits":278,"total_committers":2,"mean_commits":139.0,"dds":"0.42805755395683454","last_synced_commit":"bce62fc0a09de648c7f221ee0896b054912b6b55"},"previous_names":[],"tags_count":41,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/DavidAnson%2Fmarkdownlint-cli2-action","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/DavidAnson%2Fmarkdownlint-cli2-action/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/DavidAnson%2Fmarkdownlint-cli2-action/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/DavidAnson%2Fmarkdownlint-cli2-action/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/DavidAnson","download_url":"https://codeload.github.com/DavidAnson/markdownlint-cli2-action/tar.gz/refs/heads/main","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":248799954,"owners_count":21163404,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"},"owner_record":{"login":"DavidAnson","name":"David Anson","uuid":"1828270","kind":"user","description":"I work at Microsoft where I've helped build client, server, and web applications. I contribute to open-source software.","email":"","website":"https://dlaa.me","location":null,"twitter":null,"company":"@Microsoft @Azure","icon_url":"https://avatars.githubusercontent.com/u/1828270?u=54078b1c0e8c10542af30d59822ee2b2b23bb3e9\u0026v=4","repositories_count":42,"last_synced_at":"2025-04-11T22:58:09.773Z","metadata":{"has_sponsors_listing":true},"html_url":"https://github.com/DavidAnson","funding_links":["https://github.com/sponsors/DavidAnson"],"total_stars":6176,"followers":518,"following":0,"created_at":"2022-11-02T16:29:19.572Z","updated_at":"2025-04-11T22:58:09.773Z","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/DavidAnson","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/DavidAnson/repositories"},"tags":[{"name":"v19","sha":"a23dae216ce3fee4db69da41fed90d2a4af801cf","kind":"commit","published_at":"2024-12-29T01:23:01.000Z","download_url":"https://codeload.github.com/DavidAnson/markdownlint-cli2-action/tar.gz/v19","html_url":"https://github.com/DavidAnson/markdownlint-cli2-action/releases/tag/v19","dependencies_parsed_at":"2024-12-30T05:49:03.336Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/DavidAnson%2Fmarkdownlint-cli2-action/tags/v19","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/DavidAnson%2Fmarkdownlint-cli2-action/tags/v19/manifests"},{"name":"v19.0.0","sha":"a23dae216ce3fee4db69da41fed90d2a4af801cf","kind":"commit","published_at":"2024-12-29T01:23:01.000Z","download_url":"https://codeload.github.com/DavidAnson/markdownlint-cli2-action/tar.gz/v19.0.0","html_url":"https://github.com/DavidAnson/markdownlint-cli2-action/releases/tag/v19.0.0","dependencies_parsed_at":"2024-12-30T05:49:03.044Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/DavidAnson%2Fmarkdownlint-cli2-action/tags/v19.0.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/DavidAnson%2Fmarkdownlint-cli2-action/tags/v19.0.0/manifests"},{"name":"v18","sha":"eb5ca3ab411449c66620fe7f1b3c9e10547144b0","kind":"commit","published_at":"2024-11-15T02:45:17.000Z","download_url":"https://codeload.github.com/DavidAnson/markdownlint-cli2-action/tar.gz/v18","html_url":"https://github.com/DavidAnson/markdownlint-cli2-action/releases/tag/v18","dependencies_parsed_at":"2024-11-25T04:22:46.105Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/DavidAnson%2Fmarkdownlint-cli2-action/tags/v18","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/DavidAnson%2Fmarkdownlint-cli2-action/tags/v18/manifests"},{"name":"v18.0.0","sha":"eb5ca3ab411449c66620fe7f1b3c9e10547144b0","kind":"commit","published_at":"2024-11-15T02:45:17.000Z","download_url":"https://codeload.github.com/DavidAnson/markdownlint-cli2-action/tar.gz/v18.0.0","html_url":"https://github.com/DavidAnson/markdownlint-cli2-action/releases/tag/v18.0.0","dependencies_parsed_at":"2024-11-25T04:22:45.762Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/DavidAnson%2Fmarkdownlint-cli2-action/tags/v18.0.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/DavidAnson%2Fmarkdownlint-cli2-action/tags/v18.0.0/manifests"},{"name":"v17.0.0","sha":"db43aef879112c3119a410d69f66701e0d530809","kind":"commit","published_at":"2024-09-11T02:59:48.000Z","download_url":"https://codeload.github.com/DavidAnson/markdownlint-cli2-action/tar.gz/v17.0.0","html_url":"https://github.com/DavidAnson/markdownlint-cli2-action/releases/tag/v17.0.0","dependencies_parsed_at":"2024-09-11T04:44:06.898Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/DavidAnson%2Fmarkdownlint-cli2-action/tags/v17.0.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/DavidAnson%2Fmarkdownlint-cli2-action/tags/v17.0.0/manifests"},{"name":"v17","sha":"db43aef879112c3119a410d69f66701e0d530809","kind":"commit","published_at":"2024-09-11T02:59:48.000Z","download_url":"https://codeload.github.com/DavidAnson/markdownlint-cli2-action/tar.gz/v17","html_url":"https://github.com/DavidAnson/markdownlint-cli2-action/releases/tag/v17","dependencies_parsed_at":"2024-09-12T04:10:39.667Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/DavidAnson%2Fmarkdownlint-cli2-action/tags/v17","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/DavidAnson%2Fmarkdownlint-cli2-action/tags/v17/manifests"},{"name":"v16","sha":"b4c9feab76d8025d1e83c653fa3990936df0e6c8","kind":"commit","published_at":"2024-04-08T00:08:56.000Z","download_url":"https://codeload.github.com/DavidAnson/markdownlint-cli2-action/tar.gz/v16","html_url":"https://github.com/DavidAnson/markdownlint-cli2-action/releases/tag/v16","dependencies_parsed_at":"2024-04-10T05:41:02.037Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/DavidAnson%2Fmarkdownlint-cli2-action/tags/v16","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/DavidAnson%2Fmarkdownlint-cli2-action/tags/v16/manifests"},{"name":"v16.0.0","sha":"b4c9feab76d8025d1e83c653fa3990936df0e6c8","kind":"commit","published_at":"2024-04-08T00:08:56.000Z","download_url":"https://codeload.github.com/DavidAnson/markdownlint-cli2-action/tar.gz/v16.0.0","html_url":"https://github.com/DavidAnson/markdownlint-cli2-action/releases/tag/v16.0.0","dependencies_parsed_at":"2024-04-10T05:41:00.454Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/DavidAnson%2Fmarkdownlint-cli2-action/tags/v16.0.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/DavidAnson%2Fmarkdownlint-cli2-action/tags/v16.0.0/manifests"},{"name":"v15.0.0","sha":"510b996878fc0d1a46c8a04ec86b06dbfba09de7","kind":"commit","published_at":"2024-01-18T05:14:04.000Z","download_url":"https://codeload.github.com/DavidAnson/markdownlint-cli2-action/tar.gz/v15.0.0","html_url":"https://github.com/DavidAnson/markdownlint-cli2-action/releases/tag/v15.0.0","dependencies_parsed_at":"2024-01-19T04:23:45.379Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/DavidAnson%2Fmarkdownlint-cli2-action/tags/v15.0.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/DavidAnson%2Fmarkdownlint-cli2-action/tags/v15.0.0/manifests"},{"name":"v15","sha":"510b996878fc0d1a46c8a04ec86b06dbfba09de7","kind":"commit","published_at":"2024-01-18T05:14:04.000Z","download_url":"https://codeload.github.com/DavidAnson/markdownlint-cli2-action/tar.gz/v15","html_url":"https://github.com/DavidAnson/markdownlint-cli2-action/releases/tag/v15","dependencies_parsed_at":"2024-01-19T04:23:45.378Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/DavidAnson%2Fmarkdownlint-cli2-action/tags/v15","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/DavidAnson%2Fmarkdownlint-cli2-action/tags/v15/manifests"},{"name":"v14","sha":"455b6612a7b7a80f28be9e019b70abdd11696e4e","kind":"commit","published_at":"2023-11-26T00:44:26.000Z","download_url":"https://codeload.github.com/DavidAnson/markdownlint-cli2-action/tar.gz/v14","html_url":"https://github.com/DavidAnson/markdownlint-cli2-action/releases/tag/v14","dependencies_parsed_at":"2023-11-27T04:19:09.153Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/DavidAnson%2Fmarkdownlint-cli2-action/tags/v14","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/DavidAnson%2Fmarkdownlint-cli2-action/tags/v14/manifests"},{"name":"v14.0.0","sha":"455b6612a7b7a80f28be9e019b70abdd11696e4e","kind":"commit","published_at":"2023-11-26T00:44:26.000Z","download_url":"https://codeload.github.com/DavidAnson/markdownlint-cli2-action/tar.gz/v14.0.0","html_url":"https://github.com/DavidAnson/markdownlint-cli2-action/releases/tag/v14.0.0","dependencies_parsed_at":"2023-11-27T04:19:09.155Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/DavidAnson%2Fmarkdownlint-cli2-action/tags/v14.0.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/DavidAnson%2Fmarkdownlint-cli2-action/tags/v14.0.0/manifests"},{"name":"v13","sha":"ed4dec634fd2ef689c7061d5647371d8248064f1","kind":"commit","published_at":"2023-09-20T03:45:33.000Z","download_url":"https://codeload.github.com/DavidAnson/markdownlint-cli2-action/tar.gz/v13","html_url":"https://github.com/DavidAnson/markdownlint-cli2-action/releases/tag/v13","dependencies_parsed_at":"2023-09-22T05:23:28.008Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/DavidAnson%2Fmarkdownlint-cli2-action/tags/v13","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/DavidAnson%2Fmarkdownlint-cli2-action/tags/v13/manifests"},{"name":"v13.0.0","sha":"ed4dec634fd2ef689c7061d5647371d8248064f1","kind":"commit","published_at":"2023-09-20T03:45:33.000Z","download_url":"https://codeload.github.com/DavidAnson/markdownlint-cli2-action/tar.gz/v13.0.0","html_url":"https://github.com/DavidAnson/markdownlint-cli2-action/releases/tag/v13.0.0","dependencies_parsed_at":"2023-09-22T05:23:27.648Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/DavidAnson%2Fmarkdownlint-cli2-action/tags/v13.0.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/DavidAnson%2Fmarkdownlint-cli2-action/tags/v13.0.0/manifests"},{"name":"v12.0.0","sha":"3aaa38e446fbd2c288af4291aa0f55d64651050f","kind":"commit","published_at":"2023-08-30T04:30:26.000Z","download_url":"https://codeload.github.com/DavidAnson/markdownlint-cli2-action/tar.gz/v12.0.0","html_url":"https://github.com/DavidAnson/markdownlint-cli2-action/releases/tag/v12.0.0","dependencies_parsed_at":"2023-09-01T04:06:59.787Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/DavidAnson%2Fmarkdownlint-cli2-action/tags/v12.0.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/DavidAnson%2Fmarkdownlint-cli2-action/tags/v12.0.0/manifests"},{"name":"v12","sha":"3aaa38e446fbd2c288af4291aa0f55d64651050f","kind":"commit","published_at":"2023-08-30T04:30:26.000Z","download_url":"https://codeload.github.com/DavidAnson/markdownlint-cli2-action/tar.gz/v12","html_url":"https://github.com/DavidAnson/markdownlint-cli2-action/releases/tag/v12","dependencies_parsed_at":"2023-09-01T04:07:00.910Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/DavidAnson%2Fmarkdownlint-cli2-action/tags/v12","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/DavidAnson%2Fmarkdownlint-cli2-action/tags/v12/manifests"},{"name":"v11","sha":"8f3516061301755c97ff833a8e933f09282cc5b5","kind":"commit","published_at":"2023-06-13T03:59:55.000Z","download_url":"https://codeload.github.com/DavidAnson/markdownlint-cli2-action/tar.gz/v11","html_url":"https://github.com/DavidAnson/markdownlint-cli2-action/releases/tag/v11","dependencies_parsed_at":"2023-06-15T00:10:13.093Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/DavidAnson%2Fmarkdownlint-cli2-action/tags/v11","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/DavidAnson%2Fmarkdownlint-cli2-action/tags/v11/manifests"},{"name":"v11.0.0","sha":"8f3516061301755c97ff833a8e933f09282cc5b5","kind":"commit","published_at":"2023-06-13T03:59:55.000Z","download_url":"https://codeload.github.com/DavidAnson/markdownlint-cli2-action/tar.gz/v11.0.0","html_url":"https://github.com/DavidAnson/markdownlint-cli2-action/releases/tag/v11.0.0","dependencies_parsed_at":"2023-06-15T00:10:13.093Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/DavidAnson%2Fmarkdownlint-cli2-action/tags/v11.0.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/DavidAnson%2Fmarkdownlint-cli2-action/tags/v11.0.0/manifests"},{"name":"v10.0.1","sha":"bb4bb94c73936643d73d345b48fead3e96f90a5e","kind":"commit","published_at":"2023-04-30T03:24:48.000Z","download_url":"https://codeload.github.com/DavidAnson/markdownlint-cli2-action/tar.gz/v10.0.1","html_url":"https://github.com/DavidAnson/markdownlint-cli2-action/releases/tag/v10.0.1","dependencies_parsed_at":"2023-06-02T00:22:20.873Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/DavidAnson%2Fmarkdownlint-cli2-action/tags/v10.0.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/DavidAnson%2Fmarkdownlint-cli2-action/tags/v10.0.1/manifests"},{"name":"v10","sha":"bb4bb94c73936643d73d345b48fead3e96f90a5e","kind":"commit","published_at":"2023-04-30T03:24:48.000Z","download_url":"https://codeload.github.com/DavidAnson/markdownlint-cli2-action/tar.gz/v10","html_url":"https://github.com/DavidAnson/markdownlint-cli2-action/releases/tag/v10","dependencies_parsed_at":"2023-06-02T00:22:20.609Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/DavidAnson%2Fmarkdownlint-cli2-action/tags/v10","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/DavidAnson%2Fmarkdownlint-cli2-action/tags/v10/manifests"},{"name":"v10.0.0","sha":"cdfad95cc96588c74b62ad2d3f2e1772090099ac","kind":"commit","published_at":"2023-04-26T03:06:07.000Z","download_url":"https://codeload.github.com/DavidAnson/markdownlint-cli2-action/tar.gz/v10.0.0","html_url":"https://github.com/DavidAnson/markdownlint-cli2-action/releases/tag/v10.0.0","dependencies_parsed_at":"2023-06-02T00:22:20.647Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/DavidAnson%2Fmarkdownlint-cli2-action/tags/v10.0.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/DavidAnson%2Fmarkdownlint-cli2-action/tags/v10.0.0/manifests"},{"name":"v9.0.0","sha":"5b7c9f74fec47e6b15667b2cc23c63dff11e449e","kind":"commit","published_at":"2023-01-03T00:07:54.000Z","download_url":"https://codeload.github.com/DavidAnson/markdownlint-cli2-action/tar.gz/v9.0.0","html_url":"https://github.com/DavidAnson/markdownlint-cli2-action/releases/tag/v9.0.0","dependencies_parsed_at":"2023-06-01T10:16:03.706Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/DavidAnson%2Fmarkdownlint-cli2-action/tags/v9.0.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/DavidAnson%2Fmarkdownlint-cli2-action/tags/v9.0.0/manifests"},{"name":"v9","sha":"5b7c9f74fec47e6b15667b2cc23c63dff11e449e","kind":"commit","published_at":"2023-01-03T00:07:54.000Z","download_url":"https://codeload.github.com/DavidAnson/markdownlint-cli2-action/tar.gz/v9","html_url":"https://github.com/DavidAnson/markdownlint-cli2-action/releases/tag/v9","dependencies_parsed_at":"2023-06-01T10:16:09.281Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/DavidAnson%2Fmarkdownlint-cli2-action/tags/v9","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/DavidAnson%2Fmarkdownlint-cli2-action/tags/v9/manifests"},{"name":"v8","sha":"d57f8bd57670b9c1deedf71219dd494614ff3335","kind":"commit","published_at":"2022-11-30T03:43:33.000Z","download_url":"https://codeload.github.com/DavidAnson/markdownlint-cli2-action/tar.gz/v8","html_url":"https://github.com/DavidAnson/markdownlint-cli2-action/releases/tag/v8","dependencies_parsed_at":"2023-05-31T20:57:11.937Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/DavidAnson%2Fmarkdownlint-cli2-action/tags/v8","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/DavidAnson%2Fmarkdownlint-cli2-action/tags/v8/manifests"},{"name":"v8.0.0","sha":"d57f8bd57670b9c1deedf71219dd494614ff3335","kind":"commit","published_at":"2022-11-30T03:43:33.000Z","download_url":"https://codeload.github.com/DavidAnson/markdownlint-cli2-action/tar.gz/v8.0.0","html_url":"https://github.com/DavidAnson/markdownlint-cli2-action/releases/tag/v8.0.0","dependencies_parsed_at":"2023-05-31T20:57:10.997Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/DavidAnson%2Fmarkdownlint-cli2-action/tags/v8.0.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/DavidAnson%2Fmarkdownlint-cli2-action/tags/v8.0.0/manifests"},{"name":"v7","sha":"e3969ef4ed874458f4b66d4631f78fff7717012c","kind":"commit","published_at":"2022-08-14T00:38:04.000Z","download_url":"https://codeload.github.com/DavidAnson/markdownlint-cli2-action/tar.gz/v7","html_url":"https://github.com/DavidAnson/markdownlint-cli2-action/releases/tag/v7","dependencies_parsed_at":"2023-05-31T02:10:00.948Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/DavidAnson%2Fmarkdownlint-cli2-action/tags/v7","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/DavidAnson%2Fmarkdownlint-cli2-action/tags/v7/manifests"},{"name":"v7.0.0","sha":"e3969ef4ed874458f4b66d4631f78fff7717012c","kind":"commit","published_at":"2022-08-14T00:38:04.000Z","download_url":"https://codeload.github.com/DavidAnson/markdownlint-cli2-action/tar.gz/v7.0.0","html_url":"https://github.com/DavidAnson/markdownlint-cli2-action/releases/tag/v7.0.0","dependencies_parsed_at":"2023-05-31T02:10:00.331Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/DavidAnson%2Fmarkdownlint-cli2-action/tags/v7.0.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/DavidAnson%2Fmarkdownlint-cli2-action/tags/v7.0.0/manifests"},{"name":"v6","sha":"d199b6e1b89360c71e0c21eac02f7965faf07ba6","kind":"commit","published_at":"2022-07-23T20:41:12.000Z","download_url":"https://codeload.github.com/DavidAnson/markdownlint-cli2-action/tar.gz/v6","html_url":"https://github.com/DavidAnson/markdownlint-cli2-action/releases/tag/v6","dependencies_parsed_at":"2023-05-31T02:10:17.124Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/DavidAnson%2Fmarkdownlint-cli2-action/tags/v6","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/DavidAnson%2Fmarkdownlint-cli2-action/tags/v6/manifests"},{"name":"v6.0.0","sha":"d199b6e1b89360c71e0c21eac02f7965faf07ba6","kind":"commit","published_at":"2022-07-23T20:41:12.000Z","download_url":"https://codeload.github.com/DavidAnson/markdownlint-cli2-action/tar.gz/v6.0.0","html_url":"https://github.com/DavidAnson/markdownlint-cli2-action/releases/tag/v6.0.0","dependencies_parsed_at":"2023-05-31T02:10:01.565Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/DavidAnson%2Fmarkdownlint-cli2-action/tags/v6.0.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/DavidAnson%2Fmarkdownlint-cli2-action/tags/v6.0.0/manifests"},{"name":"v5","sha":"744f913a124058ee903768d3adb92a4847e5d132","kind":"commit","published_at":"2022-02-06T01:18:07.000Z","download_url":"https://codeload.github.com/DavidAnson/markdownlint-cli2-action/tar.gz/v5","html_url":"https://github.com/DavidAnson/markdownlint-cli2-action/releases/tag/v5","dependencies_parsed_at":"2023-05-31T02:10:19.089Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/DavidAnson%2Fmarkdownlint-cli2-action/tags/v5","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/DavidAnson%2Fmarkdownlint-cli2-action/tags/v5/manifests"},{"name":"v5.1.0","sha":"744f913a124058ee903768d3adb92a4847e5d132","kind":"commit","published_at":"2022-02-06T01:18:07.000Z","download_url":"https://codeload.github.com/DavidAnson/markdownlint-cli2-action/tar.gz/v5.1.0","html_url":"https://github.com/DavidAnson/markdownlint-cli2-action/releases/tag/v5.1.0","dependencies_parsed_at":"2023-05-31T02:10:18.517Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/DavidAnson%2Fmarkdownlint-cli2-action/tags/v5.1.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/DavidAnson%2Fmarkdownlint-cli2-action/tags/v5.1.0/manifests"},{"name":"v5.0.0","sha":"b3c3b40b95c18bfa5363f6821764398c7149ad04","kind":"commit","published_at":"2022-01-23T00:09:20.000Z","download_url":"https://codeload.github.com/DavidAnson/markdownlint-cli2-action/tar.gz/v5.0.0","html_url":"https://github.com/DavidAnson/markdownlint-cli2-action/releases/tag/v5.0.0","dependencies_parsed_at":"2023-05-31T02:10:19.660Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/DavidAnson%2Fmarkdownlint-cli2-action/tags/v5.0.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/DavidAnson%2Fmarkdownlint-cli2-action/tags/v5.0.0/manifests"},{"name":"v4","sha":"75ca8bd12ca0eba81ae8ebdb07b6609632c2e025","kind":"commit","published_at":"2021-09-15T05:17:12.000Z","download_url":"https://codeload.github.com/DavidAnson/markdownlint-cli2-action/tar.gz/v4","html_url":"https://github.com/DavidAnson/markdownlint-cli2-action/releases/tag/v4","dependencies_parsed_at":"2023-05-31T02:10:20.768Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/DavidAnson%2Fmarkdownlint-cli2-action/tags/v4","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/DavidAnson%2Fmarkdownlint-cli2-action/tags/v4/manifests"},{"name":"v4.0.0","sha":"75ca8bd12ca0eba81ae8ebdb07b6609632c2e025","kind":"commit","published_at":"2021-09-15T05:17:12.000Z","download_url":"https://codeload.github.com/DavidAnson/markdownlint-cli2-action/tar.gz/v4.0.0","html_url":"https://github.com/DavidAnson/markdownlint-cli2-action/releases/tag/v4.0.0","dependencies_parsed_at":"2023-05-31T02:10:20.248Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/DavidAnson%2Fmarkdownlint-cli2-action/tags/v4.0.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/DavidAnson%2Fmarkdownlint-cli2-action/tags/v4.0.0/manifests"},{"name":"v3.0.0","sha":"b0bc151ba329544dfdc613400474ac37f2f5ef0f","kind":"commit","published_at":"2021-07-23T05:06:07.000Z","download_url":"https://codeload.github.com/DavidAnson/markdownlint-cli2-action/tar.gz/v3.0.0","html_url":"https://github.com/DavidAnson/markdownlint-cli2-action/releases/tag/v3.0.0","dependencies_parsed_at":"2023-05-31T02:10:21.410Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/DavidAnson%2Fmarkdownlint-cli2-action/tags/v3.0.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/DavidAnson%2Fmarkdownlint-cli2-action/tags/v3.0.0/manifests"},{"name":"v3","sha":"b0bc151ba329544dfdc613400474ac37f2f5ef0f","kind":"commit","published_at":"2021-07-23T05:06:07.000Z","download_url":"https://codeload.github.com/DavidAnson/markdownlint-cli2-action/tar.gz/v3","html_url":"https://github.com/DavidAnson/markdownlint-cli2-action/releases/tag/v3","dependencies_parsed_at":"2023-05-31T02:10:22.643Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/DavidAnson%2Fmarkdownlint-cli2-action/tags/v3","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/DavidAnson%2Fmarkdownlint-cli2-action/tags/v3/manifests"},{"name":"v2.0.0","sha":"df5e41bfe87014dffa695c68b9fb66565e43140a","kind":"commit","published_at":"2021-02-21T03:24:49.000Z","download_url":"https://codeload.github.com/DavidAnson/markdownlint-cli2-action/tar.gz/v2.0.0","html_url":"https://github.com/DavidAnson/markdownlint-cli2-action/releases/tag/v2.0.0","dependencies_parsed_at":"2023-05-31T02:10:23.332Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/DavidAnson%2Fmarkdownlint-cli2-action/tags/v2.0.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/DavidAnson%2Fmarkdownlint-cli2-action/tags/v2.0.0/manifests"},{"name":"v2","sha":"df5e41bfe87014dffa695c68b9fb66565e43140a","kind":"commit","published_at":"2021-02-21T03:24:49.000Z","download_url":"https://codeload.github.com/DavidAnson/markdownlint-cli2-action/tar.gz/v2","html_url":"https://github.com/DavidAnson/markdownlint-cli2-action/releases/tag/v2","dependencies_parsed_at":"2023-05-31T02:10:23.955Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/DavidAnson%2Fmarkdownlint-cli2-action/tags/v2","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/DavidAnson%2Fmarkdownlint-cli2-action/tags/v2/manifests"},{"name":"v1.0.1","sha":"ea5cc041bf75e8f2ee60db4a68b86254cec9fcd8","kind":"commit","published_at":"2021-01-16T04:44:36.000Z","download_url":"https://codeload.github.com/DavidAnson/markdownlint-cli2-action/tar.gz/v1.0.1","html_url":"https://github.com/DavidAnson/markdownlint-cli2-action/releases/tag/v1.0.1","dependencies_parsed_at":"2023-05-31T02:10:24.371Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/DavidAnson%2Fmarkdownlint-cli2-action/tags/v1.0.1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/DavidAnson%2Fmarkdownlint-cli2-action/tags/v1.0.1/manifests"},{"name":"v1","sha":"ea5cc041bf75e8f2ee60db4a68b86254cec9fcd8","kind":"commit","published_at":"2021-01-16T04:44:36.000Z","download_url":"https://codeload.github.com/DavidAnson/markdownlint-cli2-action/tar.gz/v1","html_url":"https://github.com/DavidAnson/markdownlint-cli2-action/releases/tag/v1","dependencies_parsed_at":"2023-05-31T02:10:24.743Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/DavidAnson%2Fmarkdownlint-cli2-action/tags/v1","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/DavidAnson%2Fmarkdownlint-cli2-action/tags/v1/manifests"},{"name":"v1.0.0","sha":"b228c2ca003a6b6abc7b53ecfc5884744bf171aa","kind":"commit","published_at":"2021-01-13T23:30:04.000Z","download_url":"https://codeload.github.com/DavidAnson/markdownlint-cli2-action/tar.gz/v1.0.0","html_url":"https://github.com/DavidAnson/markdownlint-cli2-action/releases/tag/v1.0.0","dependencies_parsed_at":"2023-05-31T02:10:25.045Z","dependency_job_id":null,"tag_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/DavidAnson%2Fmarkdownlint-cli2-action/tags/v1.0.0","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/DavidAnson%2Fmarkdownlint-cli2-action/tags/v1.0.0/manifests"}]},"repo_metadata_updated_at":"2025-04-14T00:14:39.112Z","dependent_packages_count":0,"downloads":null,"downloads_period":null,"dependent_repos_count":972,"rankings":{"downloads":null,"dependent_repos_count":0.8651560766914911,"dependent_packages_count":0.0,"stargazers_count":3.5081603549358262,"forks_count":6.128981144034226,"docker_downloads_count":2.8236412612898114,"average":2.665187767390271},"purl":"pkg:githubactions/DavidAnson/markdownlint-cli2-action","advisories":[],"docker_usage_url":"https://docker.ecosyste.ms/usage/actions/DavidAnson/markdownlint-cli2-action","docker_dependents_count":1,"docker_downloads_count":211,"usage_url":"https://repos.ecosyste.ms/usage/actions/DavidAnson/markdownlint-cli2-action","dependent_repositories_url":"https://repos.ecosyste.ms/api/v1/usage/actions/DavidAnson/markdownlint-cli2-action/dependencies","status":"removed","funding_links":["https://github.com/sponsors/DavidAnson"],"critical":null,"versions_url":"https://packages.ecosyste.ms/api/v1/registries/github%20actions/packages/DavidAnson%2Fmarkdownlint-cli2-action/versions","version_numbers_url":"https://packages.ecosyste.ms/api/v1/registries/github%20actions/packages/DavidAnson%2Fmarkdownlint-cli2-action/version_numbers","dependent_packages_url":"https://packages.ecosyste.ms/api/v1/registries/github%20actions/packages/DavidAnson%2Fmarkdownlint-cli2-action/dependent_packages","related_packages_url":"https://packages.ecosyste.ms/api/v1/registries/github%20actions/packages/DavidAnson%2Fmarkdownlint-cli2-action/related_packages","maintainers":[],"registry":{"name":"github actions","url":"https://github.com/marketplace/actions/","ecosystem":"actions","default":true,"packages_count":31615,"maintainers_count":0,"namespaces_count":19962,"keywords_count":6709,"github":"actions","metadata":{"funded_packages_count":2985},"icon_url":"https://github.com/actions.png","created_at":"2023-01-03T17:16:39.185Z","updated_at":"2025-06-06T06:00:12.453Z","packages_url":"https://packages.ecosyste.ms/api/v1/registries/github%20actions/packages","maintainers_url":"https://packages.ecosyste.ms/api/v1/registries/github%20actions/maintainers","namespaces_url":"https://packages.ecosyste.ms/api/v1/registries/github%20actions/namespaces"}},"unique_repositories_count":820,"unique_repositories_count_past_30_days":52,"recent_issues":[{"uuid":"4557410748","node_id":"PR_kwDOSmuxdc7hFO9h","number":2,"state":"open","title":"Bump DavidAnson/markdownlint-cli2-action from 16 to 23","user":"dependabot[bot]","labels":[],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-31T11:33:52.000Z","updated_at":"2026-05-31T11:33:52.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"DavidAnson/markdownlint-cli2-action","old_version":"16","new_version":"23","repository_url":"https://github.com/davidanson/markdownlint-cli2-action"}],"path":null,"ecosystem":"actions"},"body":"Bumps [DavidAnson/markdownlint-cli2-action](https://github.com/davidanson/markdownlint-cli2-action) from 16 to 23.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/davidanson/markdownlint-cli2-action/releases\"\u003eDavidAnson/markdownlint-cli2-action's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eUpdate markdownlint-cli2 version (markdownlint-cli2 v0.22.1, markdownlint v0.40.0).\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003eUpdate markdownlint-cli2 version (markdownlint-cli2 v0.22.0, markdownlint v0.40.0), update Node.js dependency to 24.\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003eUpdate markdownlint version (markdownlint-cli2 v0.20.0, markdownlint v0.40.0).\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003eUpdate markdownlint version (markdownlint-cli2 v0.19.0, markdownlint v0.39.0).\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003eUpdate markdownlint version (markdownlint-cli2 v0.18.1, markdownlint v0.38.0).\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003eUpdate markdownlint version (markdownlint-cli2 v0.17.2, markdownlint v0.37.4).\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003eUpdate markdownlint version (markdownlint-cli2 v0.17.0, markdownlint v0.37.0).\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003eUpdate markdownlint version (markdownlint-cli2 v0.15.0, markdownlint v0.36.1).\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003eUpdate markdownlint version (markdownlint-cli2 v0.14.0, markdownlint v0.35.0).\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003eUpdate markdownlint version (markdownlint-cli2 v0.13.0, markdownlint v0.34.0).\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003cp\u003eUpdate markdownlint version (markdownlint-cli2 v0.12.1, markdownlint v0.33.0).\u003c/p\u003e\n\u003ch2\u003eUpdate markdownlint version (markdownlint-cli2 v0.11.0, markdownlint v0.32.1), remove deprecated \u0026quot;command\u0026quot; input.\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003eUpdate markdownlint version (markdownlint-cli2 v0.10.0, markdownlint v0.31.1).\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003eUpdate markdownlint version (markdownlint-cli2 v0.9.2, markdownlint v0.30.0).\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003eUpdate markdownlint version (markdownlint-cli2 v0.8.1, markdownlint v0.29.0), add \u0026quot;config\u0026quot; and \u0026quot;fix\u0026quot; inputs, deprecate \u0026quot;command\u0026quot; input.\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003eUpdate markdownlint version (markdownlint-cli2 v0.7.1, markdownlint v0.28.2).\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003eUpdate markdownlint version (markdownlint-cli2 v0.7.0, markdownlint v0.28.1), include link to rule information in title of annotations (clickable in GitHub).\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/ded1f9488f68a970bc66ea5619e13e9b52e601cd\"\u003e\u003ccode\u003eded1f94\u003c/code\u003e\u003c/a\u003e Update to version 23.2.0.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/dc5dad9f8ba073d9c126e0d851df92a6d37edf73\"\u003e\u003ccode\u003edc5dad9\u003c/code\u003e\u003c/a\u003e Add 10-day cooldown period to Dependabot updates.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/64b1c6ae183a8eb20a1aa3953e30a9dd4d432402\"\u003e\u003ccode\u003e64b1c6a\u003c/code\u003e\u003c/a\u003e Add package-lock.json for reproducible builds (fixes \u003ca href=\"https://redirect.github.com/davidanson/markdownlint-cli2-action/issues/362\"\u003e#362\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/6c62e06b9a7e92ae00b281d5c6794123911021af\"\u003e\u003ccode\u003e6c62e06\u003c/code\u003e\u003c/a\u003e Bump eslint-plugin-n from 17.24.0 to 18.0.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/9b5720cdbb216ebfd0f8ebfcd1b213c83ed1b206\"\u003e\u003ccode\u003e9b5720c\u003c/code\u003e\u003c/a\u003e Bump eslint from 10.2.1 to 10.3.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/6b51ade7a9e4a75a7ad929842dd298a3804ebe8b\"\u003e\u003ccode\u003e6b51ade\u003c/code\u003e\u003c/a\u003e Update to version 23.1.0.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/ea6e0dad81a67897db7632a0a41b3a0e7cc03ca3\"\u003e\u003ccode\u003eea6e0da\u003c/code\u003e\u003c/a\u003e Freshen generated index.js file.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/3c4c2c842cd43c2afe7cb5f2ecfe9e1623fa8d14\"\u003e\u003ccode\u003e3c4c2c8\u003c/code\u003e\u003c/a\u003e Bump markdownlint-cli2 from 0.22.0 to 0.22.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/3a933d45e20b54b80131d0335d61186e63e552bd\"\u003e\u003ccode\u003e3a933d4\u003c/code\u003e\u003c/a\u003e Bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/648042e2afed596b673a8b3f8fc8fbfb48b41f43\"\u003e\u003ccode\u003e648042e\u003c/code\u003e\u003c/a\u003e Freshen generated index.js file.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/davidanson/markdownlint-cli2-action/compare/v16...v23\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=DavidAnson/markdownlint-cli2-action\u0026package-manager=github_actions\u0026previous-version=16\u0026new-version=23)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/pol4rfuchs/Thermalguard-hwinfo64/pull/2","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/pol4rfuchs%2FThermalguard-hwinfo64/issues/2","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/2/packages"},{"uuid":"4555447739","node_id":"PR_kwDOSsdUbs7g_cEb","number":4,"state":"closed","title":"ci: bump the actions group across 1 directory with 9 updates","user":"dependabot[bot]","labels":["dependencies","github_actions"],"assignees":[],"locked":false,"comments_count":5,"pull_request":true,"closed_at":"2026-05-31T01:16:58.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-30T19:29:21.000Z","updated_at":"2026-05-31T01:17:07.000Z","time_to_close":20857,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"ci: bump","group_name":"actions","update_count":9,"packages":[{"name":"actions/checkout","old_version":"4","new_version":"6","repository_url":"https://github.com/actions/checkout"},{"name":"jdx/mise-action","old_version":"2","new_version":"4","repository_url":"https://github.com/jdx/mise-action"},{"name":"actions/upload-artifact","old_version":"4","new_version":"7","repository_url":"https://github.com/actions/upload-artifact"},{"name":"DavidAnson/markdownlint-cli2-action","old_version":"17","new_version":"23","repository_url":"https://github.com/davidanson/markdownlint-cli2-action"},{"name":"docker/setup-buildx-action","old_version":"3","new_version":"4","repository_url":"https://github.com/docker/setup-buildx-action"},{"name":"docker/bake-action","old_version":"6","new_version":"7","repository_url":"https://github.com/docker/bake-action"},{"name":"google/osv-scanner-action","old_version":"2.2.4","new_version":"2.3.8","repository_url":"https://github.com/google/osv-scanner-action"},{"name":"github/codeql-action","old_version":"3","new_version":"4","repository_url":"https://github.com/github/codeql-action"},{"name":"ossf/scorecard-action","old_version":"2.4.2","new_version":"2.4.3","repository_url":"https://github.com/ossf/scorecard-action"}],"path":null,"ecosystem":"actions"},"body":"Bumps the actions group with 9 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [actions/checkout](https://github.com/actions/checkout) | `4` | `6` |\n| [jdx/mise-action](https://github.com/jdx/mise-action) | `2` | `4` |\n| [actions/upload-artifact](https://github.com/actions/upload-artifact) | `4` | `7` |\n| [DavidAnson/markdownlint-cli2-action](https://github.com/davidanson/markdownlint-cli2-action) | `17` | `23` |\n| [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) | `3` | `4` |\n| [docker/bake-action](https://github.com/docker/bake-action) | `6` | `7` |\n| [google/osv-scanner-action](https://github.com/google/osv-scanner-action) | `2.2.4` | `2.3.8` |\n| [github/codeql-action](https://github.com/github/codeql-action) | `3` | `4` |\n| [ossf/scorecard-action](https://github.com/ossf/scorecard-action) | `2.4.2` | `2.4.3` |\n\n\nUpdates `actions/checkout` from 4 to 6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/checkout/releases\"\u003eactions/checkout's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.0.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate README to include Node.js 24 support details and requirements by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2248\"\u003eactions/checkout#2248\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePersist creds to a separate file by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2286\"\u003eactions/checkout#2286\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ev6-beta by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2298\"\u003eactions/checkout#2298\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eupdate readme/changelog for v6 by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2311\"\u003eactions/checkout#2311\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/checkout/compare/v5.0.0...v6.0.0\"\u003ehttps://github.com/actions/checkout/compare/v5.0.0...v6.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6-beta\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cp\u003eUpdated persist-credentials to store the credentials under \u003ccode\u003e$RUNNER_TEMP\u003c/code\u003e instead of directly in the local git config.\u003c/p\u003e\n\u003cp\u003eThis requires a minimum Actions Runner version of \u003ca href=\"https://github.com/actions/runner/releases/tag/v2.329.0\"\u003ev2.329.0\u003c/a\u003e to access the persisted credentials for \u003ca href=\"https://docs.github.com/en/actions/tutorials/use-containerized-services/create-a-docker-container-action\"\u003eDocker container action\u003c/a\u003e scenarios.\u003c/p\u003e\n\u003ch2\u003ev5.0.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePort v6 cleanup to v5 by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2301\"\u003eactions/checkout#2301\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/checkout/compare/v5...v5.0.1\"\u003ehttps://github.com/actions/checkout/compare/v5...v5.0.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.0.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate actions checkout to use node 24 by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2226\"\u003eactions/checkout#2226\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePrepare v5.0.0 release by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2238\"\u003eactions/checkout#2238\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e⚠️ Minimum Compatible Runner Version\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003ev2.327.1\u003c/strong\u003e\u003cbr /\u003e\n\u003ca href=\"https://github.com/actions/runner/releases/tag/v2.327.1\"\u003eRelease Notes\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eMake sure your runner is updated to this version or newer to use this release.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/checkout/compare/v4...v5.0.0\"\u003ehttps://github.com/actions/checkout/compare/v4...v5.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.3.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePort v6 cleanup to v4 by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2305\"\u003eactions/checkout#2305\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/checkout/compare/v4...v4.3.1\"\u003ehttps://github.com/actions/checkout/compare/v4...v4.3.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.3.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edocs: update README.md by \u003ca href=\"https://github.com/motss\"\u003e\u003ccode\u003e@​motss\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1971\"\u003eactions/checkout#1971\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd internal repos for checking out multiple repositories by \u003ca href=\"https://github.com/mouismail\"\u003e\u003ccode\u003e@​mouismail\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1977\"\u003eactions/checkout#1977\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDocumentation update - add recommended permissions to Readme by \u003ca href=\"https://github.com/benwells\"\u003e\u003ccode\u003e@​benwells\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2043\"\u003eactions/checkout#2043\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/de0fac2e4500dabe0009e67214ff5f5447ce83dd\"\u003e\u003ccode\u003ede0fac2\u003c/code\u003e\u003c/a\u003e Fix tag handling: preserve annotations and explicit fetch-tags (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2356\"\u003e#2356\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/064fe7f3312418007dea2b49a19844a9ee378f49\"\u003e\u003ccode\u003e064fe7f\u003c/code\u003e\u003c/a\u003e Add orchestration_id to git user-agent when ACTIONS_ORCHESTRATION_ID is set (...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/8e8c483db84b4bee98b60c0593521ed34d9990e8\"\u003e\u003ccode\u003e8e8c483\u003c/code\u003e\u003c/a\u003e Clarify v6 README (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2328\"\u003e#2328\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/033fa0dc0b82693d8986f1016a0ec2c5e7d9cbb1\"\u003e\u003ccode\u003e033fa0d\u003c/code\u003e\u003c/a\u003e Add worktree support for persist-credentials includeIf (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2327\"\u003e#2327\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/c2d88d3ecc89a9ef08eebf45d9637801dcee7eb5\"\u003e\u003ccode\u003ec2d88d3\u003c/code\u003e\u003c/a\u003e Update all references from v5 and v4 to v6 (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2314\"\u003e#2314\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/1af3b93b6815bc44a9784bd300feb67ff0d1eeb3\"\u003e\u003ccode\u003e1af3b93\u003c/code\u003e\u003c/a\u003e update readme/changelog for v6 (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2311\"\u003e#2311\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/71cf2267d89c5cb81562390fa70a37fa40b1305e\"\u003e\u003ccode\u003e71cf226\u003c/code\u003e\u003c/a\u003e v6-beta (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2298\"\u003e#2298\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/069c6959146423d11cd0184e6accf28f9d45f06e\"\u003e\u003ccode\u003e069c695\u003c/code\u003e\u003c/a\u003e Persist creds to a separate file (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2286\"\u003e#2286\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/ff7abcd0c3c05ccf6adc123a8cd1fd4fb30fb493\"\u003e\u003ccode\u003eff7abcd\u003c/code\u003e\u003c/a\u003e Update README to include Node.js 24 support details and requirements (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2248\"\u003e#2248\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/08c6903cd8c0fde910a37f88322edcfb5dd907a8\"\u003e\u003ccode\u003e08c6903\u003c/code\u003e\u003c/a\u003e Prepare v5.0.0 release (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2238\"\u003e#2238\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/actions/checkout/compare/v4...v6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `jdx/mise-action` from 2 to 4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jdx/mise-action/releases\"\u003ejdx/mise-action's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.0.0: Node.js 24 Runtime\u003c/h2\u003e\n\u003cp\u003eA major version bump that updates the action's runtime from Node.js 20 to Node.js 24. GitHub has deprecated Node.js 20 for Actions and will force Node.js 24 as the default starting June 2, 2026. This release proactively adopts the new runtime to eliminate deprecation warnings and ensure continued compatibility.\u003c/p\u003e\n\u003ch2\u003eBreaking Changes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eThe action now runs on the \u003cstrong\u003eNode.js 24\u003c/strong\u003e runtime instead of Node.js 20. If your workflow pins \u003ccode\u003ejdx/mise-action@v3\u003c/code\u003e, you will continue to see deprecation warnings. Update to \u003ccode\u003ejdx/mise-action@v4\u003c/code\u003e to resolve them:\u003c/p\u003e\n\u003cpre lang=\"yaml\"\u003e\u003ccode\u003e- uses: jdx/mise-action@v4\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003eThis should be a seamless upgrade for the vast majority of users — no configuration changes are needed beyond updating the version reference.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eChanged\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated GitHub Actions runtime from Node.js 20 to Node.js 24 by \u003ca href=\"https://github.com/tumerorkun\"\u003e\u003ccode\u003e@​tumerorkun\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jdx/mise-action/pull/395\"\u003e#395\u003c/a\u003e (fixes \u003ca href=\"https://redirect.github.com/jdx/mise-action/issues/394\"\u003e#394\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tumerorkun\"\u003e\u003ccode\u003e@​tumerorkun\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/jdx/mise-action/pull/395\"\u003e#395\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/jdx/mise-action/compare/v3...v4.0.0\"\u003ehttps://github.com/jdx/mise-action/compare/v3...v4.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.6.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: pass cwd to all exec calls in exportMiseEnv() by \u003ca href=\"https://github.com/andrewthauer\"\u003e\u003ccode\u003e@​andrewthauer\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jdx/mise-action/pull/390\"\u003ejdx/mise-action#390\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: release v3.6.3 by \u003ca href=\"https://github.com/mise-en-dev\"\u003e\u003ccode\u003e@​mise-en-dev\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jdx/mise-action/pull/391\"\u003ejdx/mise-action#391\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/andrewthauer\"\u003e\u003ccode\u003e@​andrewthauer\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/jdx/mise-action/pull/390\"\u003ejdx/mise-action#390\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/jdx/mise-action/compare/v3.6.2...v3.6.3\"\u003ehttps://github.com/jdx/mise-action/compare/v3.6.2...v3.6.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.6.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003echore(deps): update dependency prettier to v3.8.1 by \u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/jdx/mise-action/pull/368\"\u003ejdx/mise-action#368\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): update dependency \u003ccode\u003e@​types/node\u003c/code\u003e to v24.10.9 by \u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/jdx/mise-action/pull/367\"\u003ejdx/mise-action#367\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): update github/codeql-action digest to 439137e by \u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/jdx/mise-action/pull/370\"\u003ejdx/mise-action#370\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): lock file maintenance by \u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/jdx/mise-action/pull/372\"\u003ejdx/mise-action#372\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): update autofix-ci/action digest to 7a166d7 by \u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/jdx/mise-action/pull/375\"\u003ejdx/mise-action#375\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): update actions/checkout digest to de0fac2 by \u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/jdx/mise-action/pull/374\"\u003ejdx/mise-action#374\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): lock file maintenance by \u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/jdx/mise-action/pull/377\"\u003ejdx/mise-action#377\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): update github/codeql-action digest to b5ebac6 by \u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/jdx/mise-action/pull/378\"\u003ejdx/mise-action#378\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): update dependency \u003ccode\u003e@​types/node\u003c/code\u003e to v24.10.13 by \u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/jdx/mise-action/pull/379\"\u003ejdx/mise-action#379\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): update github/codeql-action digest to f5c2471 by \u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/jdx/mise-action/pull/380\"\u003ejdx/mise-action#380\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: move file_hash to end of cache key template to prevent prefix matching by \u003ca href=\"https://github.com/altendky\"\u003e\u003ccode\u003e@​altendky\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jdx/mise-action/pull/384\"\u003ejdx/mise-action#384\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): update dependency \u003ccode\u003e@​types/handlebars\u003c/code\u003e to v4.1.0 by \u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/jdx/mise-action/pull/381\"\u003ejdx/mise-action#381\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): lock file maintenance by \u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/jdx/mise-action/pull/386\"\u003ejdx/mise-action#386\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): update github/codeql-action digest to 4558047 by \u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/jdx/mise-action/pull/387\"\u003ejdx/mise-action#387\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): lock file maintenance by \u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/jdx/mise-action/pull/389\"\u003ejdx/mise-action#389\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: release v3.6.2 by \u003ca href=\"https://github.com/mise-en-dev\"\u003e\u003ccode\u003e@​mise-en-dev\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jdx/mise-action/pull/385\"\u003ejdx/mise-action#385\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jdx/mise-action/blob/main/CHANGELOG.md\"\u003ejdx/mise-action's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/jdx/mise-action/compare/v4.0.0..v4.0.1\"\u003e4.0.1\u003c/a\u003e - 2026-03-22\u003c/h2\u003e\n\u003ch3\u003e🐛 Bug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003erun npm install in pre-commit hook before build (\u003ca href=\"https://redirect.github.com/jdx/mise-action/issues/410\"\u003e#410\u003c/a\u003e) by \u003ca href=\"https://github.com/jdx\"\u003e\u003ccode\u003e@​jdx\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jdx/mise-action/pull/410\"\u003e#410\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e🚜 Refactor\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eextract getCwd() helper to deduplicate working directory resolution (\u003ca href=\"https://redirect.github.com/jdx/mise-action/issues/403\"\u003e#403\u003c/a\u003e) by \u003ca href=\"https://github.com/altendky\"\u003e\u003ccode\u003e@​altendky\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jdx/mise-action/pull/403\"\u003e#403\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e📚 Documentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ebump versions listed im README.md (\u003ca href=\"https://redirect.github.com/jdx/mise-action/issues/407\"\u003e#407\u003c/a\u003e) by \u003ca href=\"https://github.com/deining\"\u003e\u003ccode\u003e@​deining\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jdx/mise-action/pull/407\"\u003e#407\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebump more versions listed in README.md (\u003ca href=\"https://redirect.github.com/jdx/mise-action/issues/408\"\u003e#408\u003c/a\u003e) by \u003ca href=\"https://github.com/deining\"\u003e\u003ccode\u003e@​deining\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jdx/mise-action/pull/408\"\u003e#408\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e⚙️ Miscellaneous Tasks\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd workflow to auto-close stale PRs (\u003ca href=\"https://redirect.github.com/jdx/mise-action/issues/409\"\u003e#409\u003c/a\u003e) by \u003ca href=\"https://github.com/jdx\"\u003e\u003ccode\u003e@​jdx\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jdx/mise-action/pull/409\"\u003e#409\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eNew Contributors\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/deining\"\u003e\u003ccode\u003e@​deining\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/jdx/mise-action/pull/408\"\u003e#408\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/jdx/mise-action/compare/v3.6.3..v4.0.0\"\u003e4.0.0\u003c/a\u003e - 2026-03-13\u003c/h2\u003e\n\u003ch3\u003e🚀 Features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ebreaking\u003c/strong\u003e Update Node.js version from 20 to 24 (\u003ca href=\"https://redirect.github.com/jdx/mise-action/issues/395\"\u003e#395\u003c/a\u003e) by \u003ca href=\"https://github.com/tumerorkun\"\u003e\u003ccode\u003e@​tumerorkun\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jdx/mise-action/pull/395\"\u003e#395\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eNew Contributors\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tumerorkun\"\u003e\u003ccode\u003e@​tumerorkun\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/jdx/mise-action/pull/395\"\u003e#395\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/jdx/mise-action/compare/v3.6.2..v3.6.3\"\u003e3.6.3\u003c/a\u003e - 2026-03-06\u003c/h2\u003e\n\u003ch3\u003e🐛 Bug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003epass cwd to all exec calls in exportMiseEnv() (\u003ca href=\"https://redirect.github.com/jdx/mise-action/issues/390\"\u003e#390\u003c/a\u003e) by \u003ca href=\"https://github.com/andrewthauer\"\u003e\u003ccode\u003e@​andrewthauer\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jdx/mise-action/pull/390\"\u003e#390\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eNew Contributors\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/andrewthauer\"\u003e\u003ccode\u003e@​andrewthauer\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/jdx/mise-action/pull/390\"\u003e#390\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/jdx/mise-action/compare/v3.6.1..v3.6.2\"\u003e3.6.2\u003c/a\u003e - 2026-03-02\u003c/h2\u003e\n\u003ch3\u003e🐛 Bug Fixes\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jdx/mise-action/commit/1648a7812b9aeae629881980618f079932869151\"\u003e\u003ccode\u003e1648a78\u003c/code\u003e\u003c/a\u003e chore: release v4.0.1 (\u003ca href=\"https://redirect.github.com/jdx/mise-action/issues/406\"\u003e#406\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jdx/mise-action/commit/e2d499cca69a193bf3a0996426c5b3ccb94b2c97\"\u003e\u003ccode\u003ee2d499c\u003c/code\u003e\u003c/a\u003e ci: add workflow to auto-close stale PRs (\u003ca href=\"https://redirect.github.com/jdx/mise-action/issues/409\"\u003e#409\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jdx/mise-action/commit/0cc0f1903615c9dac89b7dea8a31a86bfd9dab51\"\u003e\u003ccode\u003e0cc0f19\u003c/code\u003e\u003c/a\u003e fix: run npm install in pre-commit hook before build (\u003ca href=\"https://redirect.github.com/jdx/mise-action/issues/410\"\u003e#410\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jdx/mise-action/commit/89c67a39ab4d727fde43e3f8f0f810d8202d34e8\"\u003e\u003ccode\u003e89c67a3\u003c/code\u003e\u003c/a\u003e docs: bump more versions listed in README.md (\u003ca href=\"https://redirect.github.com/jdx/mise-action/issues/408\"\u003e#408\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jdx/mise-action/commit/0409dde834f41cd7d184340824f5557970508db8\"\u003e\u003ccode\u003e0409dde\u003c/code\u003e\u003c/a\u003e docs: bump versions listed im README.md (\u003ca href=\"https://redirect.github.com/jdx/mise-action/issues/407\"\u003e#407\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jdx/mise-action/commit/abadabdb1fdc80cf6563f9bd749bf473c860bb5e\"\u003e\u003ccode\u003eabadabd\u003c/code\u003e\u003c/a\u003e refactor: extract getCwd() helper to deduplicate working directory resolution...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jdx/mise-action/commit/c5b2043e51040594ce6979ffd7d682ebbcada18c\"\u003e\u003ccode\u003ec5b2043\u003c/code\u003e\u003c/a\u003e chore(deps): update github/codeql-action digest to 603b797 (\u003ca href=\"https://redirect.github.com/jdx/mise-action/issues/404\"\u003e#404\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jdx/mise-action/commit/71c0f0ac17abbafcd73c2c637b6f7a5c2c8162c1\"\u003e\u003ccode\u003e71c0f0a\u003c/code\u003e\u003c/a\u003e chore(deps): lock file maintenance (\u003ca href=\"https://redirect.github.com/jdx/mise-action/issues/400\"\u003e#400\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jdx/mise-action/commit/c1ecc8f748cd28cdeabf76dab3cccde4ce692fe4\"\u003e\u003ccode\u003ec1ecc8f\u003c/code\u003e\u003c/a\u003e chore: release v4.0.0 (\u003ca href=\"https://redirect.github.com/jdx/mise-action/issues/398\"\u003e#398\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jdx/mise-action/commit/1cbe8c560f203f9ab4eaaf8a3064a85ee965298b\"\u003e\u003ccode\u003e1cbe8c5\u003c/code\u003e\u003c/a\u003e chore(deps): update github/codeql-action digest to 820e316 (\u003ca href=\"https://redirect.github.com/jdx/mise-action/issues/397\"\u003e#397\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/jdx/mise-action/compare/v2...v4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `actions/upload-artifact` from 4 to 7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/upload-artifact/releases\"\u003eactions/upload-artifact's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.0.0\u003c/h2\u003e\n\u003ch2\u003ev7 What's new\u003c/h2\u003e\n\u003ch3\u003eDirect Uploads\u003c/h3\u003e\n\u003cp\u003eAdds support for uploading single files directly (unzipped). Callers can set the new \u003ccode\u003earchive\u003c/code\u003e parameter to \u003ccode\u003efalse\u003c/code\u003e to skip zipping the file during upload. Right now, we only support single files. The action will fail if the glob passed resolves to multiple files. The \u003ccode\u003ename\u003c/code\u003e parameter is also ignored with this setting. Instead, the name of the artifact will be the name of the uploaded file.\u003c/p\u003e\n\u003ch3\u003eESM\u003c/h3\u003e\n\u003cp\u003eTo support new versions of the \u003ccode\u003e@actions/*\u003c/code\u003e packages, we've upgraded the package to ESM.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd proxy integration test by \u003ca href=\"https://github.com/Link\"\u003e\u003ccode\u003e@​Link\u003c/code\u003e\u003c/a\u003e- in \u003ca href=\"https://redirect.github.com/actions/upload-artifact/pull/754\"\u003eactions/upload-artifact#754\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade the module to ESM and bump dependencies by \u003ca href=\"https://github.com/danwkennedy\"\u003e\u003ccode\u003e@​danwkennedy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/upload-artifact/pull/762\"\u003eactions/upload-artifact#762\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSupport direct file uploads by \u003ca href=\"https://github.com/danwkennedy\"\u003e\u003ccode\u003e@​danwkennedy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/upload-artifact/pull/764\"\u003eactions/upload-artifact#764\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Link\"\u003e\u003ccode\u003e@​Link\u003c/code\u003e\u003c/a\u003e- made their first contribution in \u003ca href=\"https://redirect.github.com/actions/upload-artifact/pull/754\"\u003eactions/upload-artifact#754\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/upload-artifact/compare/v6...v7.0.0\"\u003ehttps://github.com/actions/upload-artifact/compare/v6...v7.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.0.0\u003c/h2\u003e\n\u003ch2\u003ev6 - What's new\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!IMPORTANT]\nactions/upload-artifact@v6 now runs on Node.js 24 (\u003ccode\u003eruns.using: node24\u003c/code\u003e) and requires a minimum Actions Runner version of 2.327.1. If you are using self-hosted runners, ensure they are updated before upgrading.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003ch3\u003eNode.js 24\u003c/h3\u003e\n\u003cp\u003eThis release updates the runtime to Node.js 24. v5 had preliminary support for Node.js 24, however this action was by default still running on Node.js 20. Now this action by default will run on Node.js 24.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpload Artifact Node 24 support by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/upload-artifact/pull/719\"\u003eactions/upload-artifact#719\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: update \u003ccode\u003e@​actions/artifact\u003c/code\u003e for Node.js 24 punycode deprecation by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/upload-artifact/pull/744\"\u003eactions/upload-artifact#744\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eprepare release v6.0.0 for Node.js 24 support by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/upload-artifact/pull/745\"\u003eactions/upload-artifact#745\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/upload-artifact/compare/v5.0.0...v6.0.0\"\u003ehttps://github.com/actions/upload-artifact/compare/v5.0.0...v6.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.0.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBREAKING CHANGE:\u003c/strong\u003e this update supports Node \u003ccode\u003ev24.x\u003c/code\u003e. This is not a breaking change per-se but we're treating it as such.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate README.md by \u003ca href=\"https://github.com/GhadimiR\"\u003e\u003ccode\u003e@​GhadimiR\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/upload-artifact/pull/681\"\u003eactions/upload-artifact#681\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate README.md by \u003ca href=\"https://github.com/nebuk89\"\u003e\u003ccode\u003e@​nebuk89\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/upload-artifact/pull/712\"\u003eactions/upload-artifact#712\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eReadme: spell out the first use of GHES by \u003ca href=\"https://github.com/danwkennedy\"\u003e\u003ccode\u003e@​danwkennedy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/upload-artifact/pull/727\"\u003eactions/upload-artifact#727\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate GHES guidance to include reference to Node 20 version by \u003ca href=\"https://github.com/patrikpolyak\"\u003e\u003ccode\u003e@​patrikpolyak\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/upload-artifact/pull/725\"\u003eactions/upload-artifact#725\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@actions/artifact\u003c/code\u003e to \u003ccode\u003ev4.0.0\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003ePrepare \u003ccode\u003ev5.0.0\u003c/code\u003e by \u003ca href=\"https://github.com/danwkennedy\"\u003e\u003ccode\u003e@​danwkennedy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/upload-artifact/pull/734\"\u003eactions/upload-artifact#734\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-artifact/commit/043fb46d1a93c77aae656e7c1c64a875d1fc6a0a\"\u003e\u003ccode\u003e043fb46\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/upload-artifact/issues/797\"\u003e#797\u003c/a\u003e from actions/yacaovsnc/update-dependency\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-artifact/commit/634250c1388765ea7ed0f053e636f1f399000b94\"\u003e\u003ccode\u003e634250c\u003c/code\u003e\u003c/a\u003e Include changes in typespec/ts-http-runtime 0.3.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-artifact/commit/e454baaac2be505c9450e11b8f3215c6fc023ce8\"\u003e\u003ccode\u003ee454baa\u003c/code\u003e\u003c/a\u003e Readme: bump all the example versions to v7 (\u003ca href=\"https://redirect.github.com/actions/upload-artifact/issues/796\"\u003e#796\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-artifact/commit/74fad66b98a6d799dc004d3353ccd0e6f6b2530e\"\u003e\u003ccode\u003e74fad66\u003c/code\u003e\u003c/a\u003e Update the readme with direct upload details (\u003ca href=\"https://redirect.github.com/actions/upload-artifact/issues/795\"\u003e#795\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-artifact/commit/bbbca2ddaa5d8feaa63e36b76fdaad77386f024f\"\u003e\u003ccode\u003ebbbca2d\u003c/code\u003e\u003c/a\u003e Support direct file uploads (\u003ca href=\"https://redirect.github.com/actions/upload-artifact/issues/764\"\u003e#764\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-artifact/commit/589182c5a4cec8920b8c1bce3e2fab1c97a02296\"\u003e\u003ccode\u003e589182c\u003c/code\u003e\u003c/a\u003e Upgrade the module to ESM and bump dependencies (\u003ca href=\"https://redirect.github.com/actions/upload-artifact/issues/762\"\u003e#762\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-artifact/commit/47309c993abb98030a35d55ef7ff34b7fa1074b5\"\u003e\u003ccode\u003e47309c9\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/upload-artifact/issues/754\"\u003e#754\u003c/a\u003e from actions/Link-/add-proxy-integration-tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-artifact/commit/02a8460834e70dab0ce194c64360c59dc1475ef0\"\u003e\u003ccode\u003e02a8460\u003c/code\u003e\u003c/a\u003e Add proxy integration test\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-artifact/commit/b7c566a772e6b6bfb58ed0dc250532a479d7789f\"\u003e\u003ccode\u003eb7c566a\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/upload-artifact/issues/745\"\u003e#745\u003c/a\u003e from actions/upload-artifact-v6-release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-artifact/commit/e516bc8500aaf3d07d591fcd4ae6ab5f9c391d5b\"\u003e\u003ccode\u003ee516bc8\u003c/code\u003e\u003c/a\u003e docs: correct description of Node.js 24 support in README\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/actions/upload-artifact/compare/v4...v7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `DavidAnson/markdownlint-cli2-action` from 17 to 23\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/davidanson/markdownlint-cli2-action/releases\"\u003eDavidAnson/markdownlint-cli2-action's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eUpdate markdownlint-cli2 version (markdownlint-cli2 v0.22.1, markdownlint v0.40.0).\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003eUpdate markdownlint-cli2 version (markdownlint-cli2 v0.22.0, markdownlint v0.40.0), update Node.js dependency to 24.\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003eUpdate markdownlint version (markdownlint-cli2 v0.20.0, markdownlint v0.40.0).\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003eUpdate markdownlint version (markdownlint-cli2 v0.19.0, markdownlint v0.39.0).\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003eUpdate markdownlint version (markdownlint-cli2 v0.18.1, markdownlint v0.38.0).\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003eUpdate markdownlint version (markdownlint-cli2 v0.17.2, markdownlint v0.37.4).\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003eUpdate markdownlint version (markdownlint-cli2 v0.17.0, markdownlint v0.37.0).\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003eUpdate markdownlint version (markdownlint-cli2 v0.15.0, markdownlint v0.36.1).\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003eUpdate markdownlint version (markdownlint-cli2 v0.14.0, markdownlint v0.35.0).\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003eUpdate markdownlint version (markdownlint-cli2 v0.13.0, markdownlint v0.34.0).\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003cp\u003eUpdate markdownlint version (markdownlint-cli2 v0.12.1, markdownlint v0.33.0).\u003c/p\u003e\n\u003ch2\u003eUpdate markdownlint version (markdownlint-cli2 v0.11.0, markdownlint v0.32.1), remove deprecated \u0026quot;command\u0026quot; input.\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003eUpdate markdownlint version (markdownlint-cli2 v0.10.0, markdownlint v0.31.1).\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003eUpdate markdownlint version (markdownlint-cli2 v0.9.2, markdownlint v0.30.0).\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003eUpdate markdownlint version (markdownlint-cli2 v0.8.1, markdownlint v0.29.0), add \u0026quot;config\u0026quot; and \u0026quot;fix\u0026quot; inputs, deprecate \u0026quot;command\u0026quot; input.\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003eUpdate markdownlint version (markdownlint-cli2 v0.7.1, markdownlint v0.28.2).\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003eUpdate markdownlint version (markdownlint-cli2 v0.7.0, markdownlint v0.28.1), include link to rule information in title of annotations (clickable in GitHub).\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/ded1f9488f68a970bc66ea5619e13e9b52e601cd\"\u003e\u003ccode\u003eded1f94\u003c/code\u003e\u003c/a\u003e Update to version 23.2.0.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/dc5dad9f8ba073d9c126e0d851df92a6d37edf73\"\u003e\u003ccode\u003edc5dad9\u003c/code\u003e\u003c/a\u003e Add 10-day cooldown period to Dependabot updates.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/64b1c6ae183a8eb20a1aa3953e30a9dd4d432402\"\u003e\u003ccode\u003e64b1c6a\u003c/code\u003e\u003c/a\u003e Add package-lock.json for reproducible builds (fixes \u003ca href=\"https://redirect.github.com/davidanson/markdownlint-cli2-action/issues/362\"\u003e#362\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/6c62e06b9a7e92ae00b281d5c6794123911021af\"\u003e\u003ccode\u003e6c62e06\u003c/code\u003e\u003c/a\u003e Bump eslint-plugin-n from 17.24.0 to 18.0.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/9b5720cdbb216ebfd0f8ebfcd1b213c83ed1b206\"\u003e\u003ccode\u003e9b5720c\u003c/code\u003e\u003c/a\u003e Bump eslint from 10.2.1 to 10.3.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/6b51ade7a9e4a75a7ad929842dd298a3804ebe8b\"\u003e\u003ccode\u003e6b51ade\u003c/code\u003e\u003c/a\u003e Update to version 23.1.0.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/ea6e0dad81a67897db7632a0a41b3a0e7cc03ca3\"\u003e\u003ccode\u003eea6e0da\u003c/code\u003e\u003c/a\u003e Freshen generated index.js file.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/3c4c2c842cd43c2afe7cb5f2ecfe9e1623fa8d14\"\u003e\u003ccode\u003e3c4c2c8\u003c/code\u003e\u003c/a\u003e Bump markdownlint-cli2 from 0.22.0 to 0.22.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/3a933d45e20b54b80131d0335d61186e63e552bd\"\u003e\u003ccode\u003e3a933d4\u003c/code\u003e\u003c/a\u003e Bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/648042e2afed596b673a8b3f8fc8fbfb48b41f43\"\u003e\u003ccode\u003e648042e\u003c/code\u003e\u003c/a\u003e Freshen generated index.js file.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/davidanson/markdownlint-cli2-action/compare/v17...v23\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `docker/setup-buildx-action` from 3 to 4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/docker/setup-buildx-action/releases\"\u003edocker/setup-buildx-action's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.0.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNode 24 as default runtime (requires \u003ca href=\"https://github.com/actions/runner/releases/tag/v2.327.1\"\u003eActions Runner v2.327.1\u003c/a\u003e or later) by \u003ca href=\"https://github.com/crazy-max\"\u003e\u003ccode\u003e@​crazy-max\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/pull/483\"\u003edocker/setup-buildx-action#483\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemove deprecated inputs/outputs by \u003ca href=\"https://github.com/crazy-max\"\u003e\u003ccode\u003e@​crazy-max\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/pull/464\"\u003edocker/setup-buildx-action#464\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSwitch to ESM and update config/test wiring by \u003ca href=\"https://github.com/crazy-max\"\u003e\u003ccode\u003e@​crazy-max\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/pull/481\"\u003edocker/setup-buildx-action#481\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​actions/core\u003c/code\u003e from 1.11.1 to 3.0.0 in \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/pull/475\"\u003edocker/setup-buildx-action#475\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​docker/actions-toolkit\u003c/code\u003e from 0.63.0 to 0.79.0 in \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/pull/482\"\u003edocker/setup-buildx-action#482\u003c/a\u003e \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/pull/485\"\u003edocker/setup-buildx-action#485\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump js-yaml from 4.1.0 to 4.1.1 in \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/pull/452\"\u003edocker/setup-buildx-action#452\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump lodash from 4.17.21 to 4.17.23 in \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/pull/472\"\u003edocker/setup-buildx-action#472\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump minimatch from 3.1.2 to 3.1.5 in \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/pull/480\"\u003edocker/setup-buildx-action#480\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/docker/setup-buildx-action/compare/v3.12.0...v4.0.0\"\u003ehttps://github.com/docker/setup-buildx-action/compare/v3.12.0...v4.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.12.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDeprecate \u003ccode\u003einstall\u003c/code\u003e input by \u003ca href=\"https://github.com/crazy-max\"\u003e\u003ccode\u003e@​crazy-max\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/pull/455\"\u003edocker/setup-buildx-action#455\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​docker/actions-toolkit\u003c/code\u003e from 0.62.1 to 0.63.0 in \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/pull/434\"\u003edocker/setup-buildx-action#434\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump brace-expansion from 1.1.11 to 1.1.12 in \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/pull/436\"\u003edocker/setup-buildx-action#436\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump form-data from 2.5.1 to 2.5.5 in \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/pull/432\"\u003edocker/setup-buildx-action#432\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump undici from 5.28.4 to 5.29.0 in \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/pull/435\"\u003edocker/setup-buildx-action#435\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/docker/setup-buildx-action/compare/v3.11.1...v3.12.0\"\u003ehttps://github.com/docker/setup-buildx-action/compare/v3.11.1...v3.12.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.11.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix \u003ccode\u003ekeep-state\u003c/code\u003e not being respected by \u003ca href=\"https://github.com/crazy-max\"\u003e\u003ccode\u003e@​crazy-max\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/pull/429\"\u003edocker/setup-buildx-action#429\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/docker/setup-buildx-action/compare/v3.11.0...v3.11.1\"\u003ehttps://github.com/docker/setup-buildx-action/compare/v3.11.0...v3.11.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.11.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eKeep BuildKit state support by \u003ca href=\"https://github.com/crazy-max\"\u003e\u003ccode\u003e@​crazy-max\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/pull/427\"\u003edocker/setup-buildx-action#427\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemove aliases created when installing by default by \u003ca href=\"https://github.com/hashhar\"\u003e\u003ccode\u003e@​hashhar\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/pull/139\"\u003edocker/setup-buildx-action#139\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​docker/actions-toolkit\u003c/code\u003e from 0.56.0 to 0.62.1 in \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/pull/422\"\u003edocker/setup-buildx-action#422\u003c/a\u003e \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/pull/425\"\u003edocker/setup-buildx-action#425\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/docker/setup-buildx-action/compare/v3.10.0...v3.11.0\"\u003ehttps://github.com/docker/setup-buildx-action/compare/v3.10.0...v3.11.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.10.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBump \u003ccode\u003e@​docker/actions-toolkit\u003c/code\u003e from 0.54.0 to 0.56.0 in \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/pull/408\"\u003edocker/setup-buildx-action#408\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/docker/setup-buildx-action/compare/v3.9.0...v3.10.0\"\u003ehttps://github.com/docker/setup-buildx-action/compare/v3.9.0...v3.10.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.9.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBump \u003ccode\u003e@​docker/actions-toolkit\u003c/code\u003e from 0.48.0 to 0.54.0 in \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/pull/402\"\u003edocker/setup-buildx-action#402\u003c/a\u003e \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/pull/404\"\u003edocker/setup-buildx-action#404\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/docker/setup-buildx-action/compare/v3.8.0...v3.9.0\"\u003ehttps://github.com/docker/setup-buildx-action/compare/v3.8.0...v3.9.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.8.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMake cloud prefix optional to download buildx if driver is cloud by \u003ca href=\"https://github.com/crazy-max\"\u003e\u003ccode\u003e@​crazy-max\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/pull/390\"\u003edocker/setup-buildx-action#390\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​actions/core\u003c/code\u003e from 1.10.1 to 1.11.1 in \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/pull/370\"\u003edocker/setup-buildx-action#370\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​docker/actions-toolkit\u003c/code\u003e from 0.39.0 to 0.48.0 in \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/pull/389\"\u003edocker/setup-buildx-action#389\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump cross-spawn from 7.0.3 to 7.0.6 in \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/pull/382\"\u003edocker/setup-buildx-action#382\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/docker/setup-buildx-action/compare/v3.7.1...v3.8.0\"\u003ehttps://github.com/docker/setup-buildx-action/compare/v3.7.1...v3.8.0\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/setup-buildx-action/commit/d7f5e7f509e45cec5c76c4d5afdd7de93d0b3df5\"\u003e\u003ccode\u003ed7f5e7f\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/issues/489\"\u003e#489\u003c/a\u003e from docker/dependabot/npm_and_yarn/docker/actions-to...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/setup-buildx-action/commit/92bc5c9777806d0a73d9d668ba2114fa1177f164\"\u003e\u003ccode\u003e92bc5c9\u003c/code\u003e\u003c/a\u003e chore: update generated content\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/setup-buildx-action/commit/da11e35abee0f20cb4f1c1b7c461d37c29be52f5\"\u003e\u003ccode\u003eda11e35\u003c/code\u003e\u003c/a\u003e build(deps): bump \u003ccode\u003e@​docker/actions-toolkit\u003c/code\u003e from 0.79.0 to 0.90.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/setup-buildx-action/commit/f021e162ef95b6fba51af1c6674f537f25bce851\"\u003e\u003ccode\u003ef021e16\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/issues/492\"\u003e#492\u003c/a\u003e from docker/dependabot/npm_and_yarn/undici-6.24.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/setup-buildx-action/commit/b5af94fab700aee0c64d6077e0e34ae987815b67\"\u003e\u003ccode\u003eb5af94f\u003c/code\u003e\u003c/a\u003e chore: update generated content\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/setup-buildx-action/commit/16ad9776a801d0c47f0a05f007b88a3789aa8ab6\"\u003e\u003ccode\u003e16ad977\u003c/code\u003e\u003c/a\u003e build(deps): bump undici from 6.23.0 to 6.25.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/setup-buildx-action/commit/d7a12d7df895b33bd02a9b4bf62a12f2b9a24458\"\u003e\u003ccode\u003ed7a12d7\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/issues/495\"\u003e#495\u003c/a\u003e from docker/dependabot/npm_and_yarn/glob-10.5.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/setup-buildx-action/commit/28ff27de4eed7518d361591f2cd1dfb69c34a7cb\"\u003e\u003ccode\u003e28ff27d\u003c/code\u003e\u003c/a\u003e build(deps): bump glob from 10.3.12 to 13.0.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/setup-buildx-action/commit/daf436b50e13d9053b9730cbc16516891878b019\"\u003e\u003ccode\u003edaf436b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/issues/496\"\u003e#496\u003c/a\u003e from docker/dependabot/npm_and_yarn/fast-xml-parser-5...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/setup-buildx-action/commit/9725348367859764880f2f2e688a6b0c353e3f35\"\u003e\u003ccode\u003e9725348\u003c/code\u003e\u003c/a\u003e chore: update generated content\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/docker/setup-buildx-action/compare/v3...v4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `docker/bake-action` from 6 to 7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/docker/bake-action/releases\"\u003edocker/bake-action's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.0.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNode 24 as default runtime (requires \u003ca href=\"https://github.com/actions/runner/releases/tag/v2.327.1\"\u003eActions Runner v2.327.1\u003c/a\u003e or later) by \u003ca href=\"https://github.com/crazy-max\"\u003e\u003ccode\u003e@​crazy-max\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/docker/bake-action/pull/383\"\u003edocker/bake-action#383\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe \u003ccode\u003eworkdir\u003c/code\u003e input is now merged into \u003ccode\u003esource\u003c/code\u003e; use \u003ccode\u003esource\u003c/code\u003e for local and remote (\u003ca href=\"https://github.com/docker/bake-action?tab=readme-ov-file#source-semantics\"\u003edocs\u003c/a\u003e) by \u003ca href=\"https://github.com/crazy-max\"\u003e\u003ccode\u003e@​crazy-max\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/docker/bake-action/pull/365\"\u003edocker/bake-action#365\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemove deprecated \u003ccode\u003eDOCKER_BUILD_NO_SUMMARY\u003c/code\u003e and \u003ccode\u003eDOCKER_BUILD_EXPORT_RETENTION_DAYS\u003c/code\u003e envs by \u003ca href=\"https://github.com/crazy-max\"\u003e\u003ccode\u003e@​crazy-max\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/docker/bake-action/pull/386\"\u003edocker/bake-action#386\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemove legacy export-build tool support for build summary by \u003ca href=\"https://github.com/crazy-max\"\u003e\u003ccode\u003e@​crazy-max\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/docker/bake-action/pull/387\"\u003edocker/bake-action#387\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemove deprecated \u003ccode\u003elist-targets\u003c/code\u003e subaction (use \u003ca href=\"https://github.com/docker/bake-action/tree/master/subaction/matrix\"\u003e\u003ccode\u003ematrix\u003c/code\u003e subaction\u003c/a\u003e instead) by \u003ca href=\"https://github.com/crazy-max\"\u003e\u003ccode\u003e@​crazy-max\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/docker/bake-action/pull/370\"\u003edocker/bake-action#370\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSwitch to ESM and update config/test wiring by \u003ca href=\"https://github.com/crazy-max\"\u003e\u003ccode\u003e@​crazy-max\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/docker/bake-action/pull/380\"\u003edocker/bake-action#380\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​actions/core\u003c/code\u003e from 1.11.1 to 3.0.0 in \u003ca href=\"https://redirect.github.com/docker/bake-action/pull/382\"\u003edocker/bake-action#382\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​docker/actions-toolkit\u003c/code\u003e from 0.68.0 to 0.79.0 in \u003ca href=\"https://redirect.github.com/docker/bake-action/pull/381\"\u003edocker/bake-action#381\u003c/a\u003e \u003ca href=\"https://redirect.github.com/docker/bake-action/pull/384\"\u003edocker/bake-action#384\u003c/a\u003e \u003ca href=\"https://redirect.github.com/docker/bake-action/pull/389\"\u003edocker/bake-action#389\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​isaacs/brace-expansion\u003c/code\u003e from 5.0.0 to 5.0.1 in \u003ca href=\"https://redirect.github.com/docker/bake-action/pull/379\"\u003edocker/bake-action#379\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump lodash from 4.17.21 to 4.17.23 in \u003ca href=\"https://redirect.github.com/docker/bake-action/pull/376\"\u003edocker/bake-action#376\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/docker/bake-action/compare/v6.10.0...v7.0.0\"\u003ehttps://github.com/docker/bake-action/compare/v6.10.0...v7.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.10.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCheck provenance attestation set in bake definition before overriding by \u003ca href=\"https://github.com/crazy-max\"\u003e\u003ccode\u003e@​crazy-max\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/docker/bake-action/pull/359\"\u003edocker/bake-action#359\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​docker/actions-toolkit\u003c/code\u003e from 0.63.0 to 0.68.0 in \u003ca href=\"https://redirect.github.com/docker/bake-action/pull/360\"\u003edocker/bake-action#360\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump js-yaml from 3.14.1 to 3.14.2 in \u003ca href=\"https://redirect.github.com/docker/bake-action/pull/357\"\u003edocker/bake-action#357\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/docker/bake-action/compare/v6.9.0...v6.10.0\"\u003ehttps://github.com/docker/bake-action/compare/v6.9.0...v6.10.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.9.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ca href=\"https://github.com/docker/bake-action/blob/master/subaction/matrix\"\u003e\u003ccode\u003ematrix\u003c/code\u003e\u003c/a\u003e subaction and deprecate \u003ccode\u003elist-targets\u003c/code\u003e by \u003ca href=\"https://github.com/crazy-max\"\u003e\u003ccode\u003e@​crazy-max\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/docker/bake-action/pull/204\"\u003edocker/bake-action#204\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003ecall\u003c/code\u003e input to set method for evaluating build by \u003ca href=\"https://github.com/crazy-max\"\u003e\u003ccode\u003e@​crazy-max\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/docker/bake-action/pull/338\"\u003edocker/bake-action#338\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​docker/actions-toolkit\u003c/code\u003e from 0.62.1 to 0.63.0 in \u003ca href=\"https://redirect.github.com/docker/bake-action/pull/342\"\u003edocker/bake-action#342\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump brace-expansion from 1.1.11 to 1.1.12 in \u003ca href=\"https://redirect.github.com/docker/bake-action/pull/339\"\u003edocker/bake-action#339\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump form-data from 2.5.1 to 2.5.5 in \u003ca href=\"https://redirect.github.com/docker/bake-action/pull/334\"\u003edocker/bake-action#334\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump tmp from 0.2.3 to 0.2.4 in \u003ca href=\"https://redirect.github.com/docker/bake-action/pull/341\"\u003edocker/bake-action#341\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump undici from 5.28.4 to 5.29.0 in \u003ca href=\"https://redirect.github.com/docker/bake-action/pull/340\"\u003edocker/bake-action#340\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!IMPORTANT]\n\u003ca href=\"https://github.com/docker/bake-action/tree/v6.9.0/subaction/list-targets\"\u003e\u003ccode\u003edocker/bake-action/subaction/list-targets\u003c/code\u003e\u003c/a\u003e is deprecated and will be removed in a future release.\nPlease use \u003ca href=\"https://github.com/docker/bake-action/blob/master/subaction/matrix\"\u003e\u003ccode\u003edocker/bake-action/subaction/matrix\u003c/code\u003e\u003c/a\u003e instead.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/docker/bake-action/compare/v6.8.0...v6.9.0\"\u003ehttps://github.com/docker/bake-action/compare/v6.8.0...v6.9.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.8.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBump \u003ccode\u003e@​docker/actions-toolkit\u003c/code\u003e from 0.61.0 to 0.62.1 in \u003ca href=\"https://redirect.github.com/docker/bake-action/pull/331\"\u003edocker/bake-action#331\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!NOTE]\n\u003ca href=\"https://docs.docker.com/build/ci/github-actions/build-summary/\"\u003eBuild summary\u003c/a\u003e is now supported with \u003ca href=\"https://docs.docker.com/build-cloud/\"\u003eDocker Build Cloud\u003c/a\u003e.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/docker/bake-action/compare/v6.7.0...v6.8.0\"\u003ehttps://github.com/docker/bake-action/compare/v6.7.0...v6.8.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.7.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBump \u003ccode\u003e@​docker/actions-toolkit\u003c/code\u003e from 0.59.0 to 0.61.0 by \u003ca href=\"https://github.com/crazy-max\"\u003e\u003ccode\u003e@​crazy-max\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/docker/bake-action/pull/325\"\u003edocker/bake-action#325\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!NOTE]\nBuild record is now exported using the \u003ca href=\"https://docs.docker.com/reference/cli/docker/buildx/history/export/\"\u003e\u003ccode\u003ebuildx history export\u003c/code\u003e\u003c/a\u003e command instead of the legacy export-build tool.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/bake-action/commit/6614cfa25eff9a0b2b2697efb0b6159e7680d584\"\u003e\u003ccode\u003e6614cfa\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/docker/bake-action/issues/425\"\u003e#425\u003c/a\u003e from docker/dependabot/npm_and_yarn/docker/actions-to...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/bake-action/commit/0a925a2f441ed5b98093a5f22bf394d4f7f90fe1\"\u003e\u003ccode\u003e0a925a2\u003c/code\u003e\u003c/a\u003e chore: update generated content\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/bake-action/commit/b9ca7428b9db7ce99fd53cbb841e7fe2e4398e14\"\u003e\u003ccode\u003eb9ca742\u003c/code\u003e\u003c/a\u003e chore(deps): Bump \u003ccode\u003e@​docker/actions-toolkit\u003c/code\u003e from 0.87.0 to 0.90.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/bake-action/commit/48e6359a4a84f8878f508f6b40522cec98458a84\"\u003e\u003ccode\u003e48e6359\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/docker/bake-action/issues/429\"\u003e#429\u003c/a\u003e from docker/dependabot/npm_and_yarn/fast-xml-parser-5...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/bake-action/commit/d1523f495ad477e665fb3791b34ebf03cd94a84a\"\u003e\u003ccode\u003ed1523f4\u003c/code\u003e\u003c/a\u003e chore: update generated content\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/bake-action/commit/a73f293b0b9bee84f5b67dea49ed4df47bcb7ec5\"\u003e\u003ccode\u003ea73f293\u003c/code\u003e\u003c/a\u003e chore(deps): Bump fast-xml-parser from 5.5.9 to 5.8.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/bake-action/commit/bc584acc2abd0dcd4af6aa2d22c8d8fe0c1a1b3e\"\u003e\u003ccode\u003ebc584ac\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/docker/bake-action/issues/430\"\u003e#430\u003c/a\u003e from docker/dependabot/npm_and_yarn/actions/core-3.0.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/bake-action/commit/23050a11b3ba889f5d9d8661ab17ae5bd50ce163\"\u003e\u003ccode\u003e23050a1\u003c/code\u003e\u003c/a\u003e chore: update generated content\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/bake-action/commit/7ae1cf6599093238db3b9873f3591f3c566d9840\"\u003e\u003ccode\u003e7ae1cf6\u003c/code\u003e\u003c/a\u003e chore(deps): Bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/bake-action/commit/e7934f83947a97c36e6e96d97ec3f299d987c7b8\"\u003e\u003ccode\u003ee7934f8\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/docker/bake-action/issues/432\"\u003e#432\u003c/a\u003e from docker/dependabot/npm_and_yarn/postcss-8.5.10\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/docker/bake-action/compare/v6...v7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `google/osv-scanner-action` from 2.2.4 to 2.3.8\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/google/osv-scanner-action/releases\"\u003egoogle/osv-scanner-action's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.3.8\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cp\u003eThis updates OSV-Scanner to v2.3.8.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/google/osv-scanner-action/compare/v2.3.5...v2.3.8\"\u003ehttps://github.com/google/osv-scanner-action/compare/v2.3.5...v2.3.8\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.3.5\u003c/h2\u003e\n\u003cp\u003eThis updates OSV-Scanner to v2.3.5.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate to v2.3.5 by \u003ca href=\"https://github.com/tobyhawker\"\u003e\u003ccode\u003e@​tobyhawker\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/google/osv-scanner-action/pull/124\"\u003egoogle/osv-scanner-action#124\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tobyhawker\"\u003e\u003ccode\u003e@​tobyhawker\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/google/osv-scanner-action/pull/124\"\u003egoogle/osv-scanner-action#124\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/google/osv-scanner-action/compare/v2.3.3...v2.3.5\"\u003ehttps://github.com/google/osv-scanner-action/compare/v2.3.3...v2.3.5\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.3.3\u003c/h2\u003e\n\u003cp\u003eThis updates OSV-Scanner to v2.3.3.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003echore(deps): update github/codeql-action action to v4.31.10 by \u003ca href=\"https://github.com/renovate-bot\"\u003e\u003ccode\u003e@​renovate-bot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/google/osv-scanner-action/pull/115\"\u003egoogle/osv-scanner-action#115\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate to v2.3.3 by \u003ca href=\"https://github.com/Ly-Joey\"\u003e\u003ccode\u003e@​Ly-Joey\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/google/osv-scanner-action/pull/118\"\u003egoogle/osv-scanner-action#118\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Ly-Joey\"\u003e\u003ccode\u003e@​Ly-Joey\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/google/osv-scanner-action/pull/118\"\u003egoogle/osv-scanner-action#118\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/google/osv-scanner-action/compare/v2.3.2...v2.3.3\"\u003ehttps://github.com/google/osv-scanner-action/compare/v2.3.2...v2.3.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.3.2\u003c/h2\u003e\n\u003cp\u003eThis updates OSV-Scanner to v2.3.2\u003c/p\u003e\n\u003cp\u003eThis release includes performance improvements for local scanning, reducing memory usage and avoiding unnecessary advisory loading. It also fixes issues with MCP's get_vulnerability_details tool, git queries in \u003ccode\u003eosv-scanner.json\u003c/code\u003e, and ignore entry tracking, along with documentation updates.\u003c/p\u003e\n\u003ch3\u003eFixes:\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Bug \u003ca href=\"https://redirect.github.com/google/osv-scanner-action/issues/2415\"\u003e#2415\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/google/osv-scanner/pull/2415\"\u003egoogle/osv-scanner#2415\u003c/a\u003e) Add more PURL-to-ecosystem mappings\u003c/li\u003e\n\u003cli\u003e[Bug \u003ca href=\"https://redirect.github.com/google/osv-scanner-action/issues/2422\"\u003e#2422\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/google/osv-scanner/pull/2422\"\u003egoogle/osv-scanner#2422\u003c/a\u003e) MCP error for get_vulnerability_id because type definition is incorrect.\u003c/li\u003e\n\u003cli\u003e[Bug \u003ca href=\"https://redirect.github.com/google/osv-scanner-action/issues/2460\"\u003e#2460\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/google/osv-scanner/pull/2460\"\u003egoogle/osv-scanner#2460\u003c/a\u003e) Enable osv-scanner.json git queries\u003c/li\u003e\n\u003cli\u003e[Bug \u003ca href=\"https://redirect.github.com/google/osv-scanner-action/issues/2456\"\u003e#2456\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/google/osv-scanner/pull/2456\"\u003egoogle/osv-scanner#2456\u003c/a\u003e) Properly track if an ignore entry has been used\u003c/li\u003e\n\u003cli\u003e[Bug \u003ca href=\"https://redirect.github.com/google/osv-scanner-action/issues/2450\"\u003e#2450\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/google/osv-scanner/pull/2450\"\u003egoogle/osv-scanner#2450\u003c/a\u003e) \u003cstrong\u003ePerformance:\u003c/strong\u003e Avoid loading the entire advisory unless it will actually be used\u003c/li\u003e\n\u003cli\u003e[Bug \u003ca href=\"https://redirect.github.com/google/osv-scanner-action/issues/2445\"\u003e#2445\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/google/osv-scanner/pull/2445\"\u003egoogle/osv-scanner#2445\u003c/a\u003e) \u003cstrong\u003ePerformance:\u003c/strong\u003e Don't read the entire zip into memory\u003c/li\u003e\n\u003cli\u003e[Bug \u003ca href=\"https://redirect.github.com/google/osv-scanner-action/issues/2433\"\u003e#2433\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/google/osv-scanner/pull/2433\"\u003egoogle/osv-scanner#2433\u003c/a\u003e) Allow specifying user agent in v2 osvscanner package\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMisc:\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Misc \u003ca href=\"https://redirect.github.com/google/osv-scanner-action/issues/2453\"\u003e#2453\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/google/osv-scanner/pull/2453\"\u003egoogle/osv-scanner#2453\u003c/a\u003e) Switch from gopkg.in/yaml.v3 to go.yaml.in/yaml/v3\u003c/li\u003e\n\u003cli\u003e[Misc \u003ca href=\"https://redirect.github.com/google/osv-scanner-action/issues/2447\"\u003e#2447\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/google/osv-scanner/pull/2447\"\u003egoogle/osv-scanner#2447\u003c/a\u003e) Include \u003ccode\u003ebun.lock\u003c/code\u003e as a supported lockfile\u003c/li\u003e\n\u003cli\u003e[Misc \u003ca href=\"https://redirect.github.com/google/osv-scanner-action/issues/2444\"\u003e#2444\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/google/osv-scanner/pull/2444\"\u003egoogle/osv-scanner#2444\u003c/a\u003e) Document GoVersionOverride in configuration.md\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/osv-scanner-action/commit/9a498708959aeaef5ef730655706c5a1df1edbc2\"\u003e\u003ccode\u003e9a49870\u003c/code\u003e\u003c/a\u003e Update unified workflow example to point to v2.3.8 reusable workflows\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/osv-scanner-action/commit/3adb4b14a2b0623876d18d863a498b785fb3752d\"\u003e\u003ccode\u003e3adb4b1\u003c/code\u003e\u003c/a\u003e Update reusable workflows to point to v2.3.8 actions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/osv-scanner-action/commit/8dc09193bb540e09b23da07ad7e30bd33bf87018\"\u003e\u003ccode\u003e8dc0919\u003c/code\u003e\u003c/a\u003e \u0026quot;Update actions to use v2.3.8 osv-scanner image\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/osv-scanner-action/commit/43f380b8fc43a816831a9f5ee6fc91170809c7e9\"\u003e\u003ccode\u003e43f380b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/google/osv-scanner-action/issues/125\"\u003e#125\u003c/a\u003e from google/update-to-v2.3.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/osv-scanner-action/commit/dcf4ddd504dac1027e5829c1d754e4ec009ded5d\"\u003e\u003ccode\u003edcf4ddd\u003c/code\u003e\u003c/a\u003e Update unified workflow example to point to v2.3.6 reusable workflows\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/osv-scanner-action/commit/b9dbb7ef6f6fb8d0e762912b668d2c4c236090a3\"\u003e\u003ccode\u003eb9dbb7e\u003c/code\u003e\u003c/a\u003e Update reusable workflows to point to v2.3.6 actions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/osv-scanner-action/commit/fe54858b54b6e367472aa1828429dfcf3c95aba6\"\u003e\u003ccode\u003efe54858\u003c/code\u003e\u003c/a\u003e \u0026quot;Update actions to use v2.3.6 osv-scanner image\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/osv-scanner-action/commit/eb5b619bb565d10623076caba5263750fde3c790\"\u003e\u003ccode\u003eeb5b619\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/google/osv-scanner-action/issues/100\"\u003e#100\u003c/a\u003e from thomasleplus/main\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/osv-scanner-action/commit/9517144e5504957104c831530fe605bfdc71f353\"\u003e\u003ccode\u003e9517144\u003c/code\u003e\u003c/a\u003e feat: output results in reusable workflow\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/osv-scanner-action/commit/f17cd09224d6ef8be953fb49371e6bffb2dbf44a\"\u003e\u003ccode\u003ef17cd09\u003c/code\u003e\u003c/a\u003e Merge branch 'main' into main\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/google/osv-scanner-action/compare/v2.2.4...v2.3.8\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github/codeql-action` from 3 to 4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/github/codeql-action/releases\"\u003egithub/codeql-action's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.36.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cem\u003eBreaking change\u003c/em\u003e: Bump the minimum required CodeQL bundle version to 2.19.4. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3894\"\u003e#3894\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd support for SHA-256 Git object IDs. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3893\"\u003e#3893\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.5\"\u003e2.25.5\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3926\"\u003e#3926\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.35.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eWe have improved how the JavaScript bundles for the CodeQL Action are generated to avoid duplication across bundles and reduce the size of the repository by around 70%. This should have no effect on the runtime behaviour of the CodeQL Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3899\"\u003e#3899\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFor performance and accuracy reasons, \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e will now only be enabled on a pull request when diff-informed analysis is also enabled for that run. If diff-informed analysis is unavailable (for example, because the PR diff ranges could not be computed), the action will fall back to a full analysis. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3791\"\u003e#3791\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIf multiple inputs are provided for the GitHub-internal \u003ccode\u003eanalysis-kinds\u003c/code\u003e input, only \u003ccode\u003ecode-scanning\u003c/code\u003e will be enabled. The \u003ccode\u003eanalysis-kinds\u003c/code\u003e input is experimental, for GitHub-internal use only, and may change without notice at any time. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3892\"\u003e#3892\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded an experimental change which, when running a Code Scanning analysis for a PR with \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e enabled, prefers CodeQL CLI versions that have a cached overlay-base database for the configured languages. This speeds up analysis for a repository when there is not yet a cached overlay-base database for the latest CLI version. We expect to roll this change out to everyone in May. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3880\"\u003e#3880\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.35.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.4\"\u003e2.25.4\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3881\"\u003e#3881\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.35.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cem\u003eUpcoming breaking change\u003c/em\u003e: Add a deprecation warning for customers using CodeQL version 2.19.3 and earlier. These versions of CodeQL were discontinued on 9 April 2026 alongside GitHub Enterprise Server 3.15, and will be unsupported by the next minor release of the CodeQL Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3837\"\u003e#3837\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eConfigurations for private registries that use Cloudsmith or GCP OIDC are now accepted. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3850\"\u003e#3850\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBest-effort connection tests for private registries now use \u003ccode\u003eGET\u003c/code\u003e requests instead of \u003ccode\u003eHEAD\u003c/code\u003e for better compatibility with various registry implementations. For NuGet feeds, the test is now always performed against the service index. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3853\"\u003e#3853\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed a bug where two diagnostics produced within the same millisecond could overwrite each other on disk, causing one of them to be lost. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3852\"\u003e#3852\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.3\"\u003e2.25.3\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3865\"\u003e#3865\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.35.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eThe undocumented TRAP cache cleanup feature that could be enabled using the \u003ccode\u003eCODEQL_ACTION_CLEANUP_TRAP_CACHES\u003c/code\u003e environment variable is deprecated and will be removed in May 2026. If you are affected by this, we recommend disabling TRAP caching by passing the \u003ccode\u003etrap-caching: false\u003c/code\u003e input to the \u003ccode\u003einit\u003c/code\u003e Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3795\"\u003e#3795\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe Git version 2.36.0 requirement for improved incremental analysis now only applies to repositories that contain submodules. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3789\"\u003e#3789\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePython analysis on GHES no longer extracts the standard library, relying instead on models of the standard library. This should result in significantly faster extraction and analysis times, while the effect on alerts should be minimal. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3794\"\u003e#3794\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed a bug in the validation of OIDC configurations for private registries that was added in CodeQL Action 4.33.0 / 3.33.0. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3807\"\u003e#3807\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.2\"\u003e2.25.2\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3823\"\u003e#3823\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.35.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix incorrect minimum required Git version for \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e: it should have been 2.36.0, not 2.11.0. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3781\"\u003e#3781\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.35.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReduced the minimum Git version required for \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e from 2.38.0 to 2.11.0. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3767\"\u003e#3767\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.1\"\u003e2.25.1\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3773\"\u003e#3773\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.34.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDowngrade default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.3\"\u003e2.24.3\u003c/a\u003e due to issues with a small percentage of Actions and JavaScript analyses. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3762\"\u003e#3762\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.34.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded an experimental change which disables TRAP caching...\n\n_Description has been truncated_","html_url":"https://github.com/theagenticguy/agent-images/pull/4","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/theagenticguy%2Fagent-images/issues/4","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/4/packages"},{"uuid":"4484053712","node_id":"PR_kwDOA4w8Zc7dZyA2","number":6155,"state":"open","title":"chore(deps): bump DavidAnson/markdownlint-cli2-action from 22.0.0 to 23.2.0","user":"dependabot[bot]","labels":["dependencies","github_actions"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-20T07:13:08.000Z","updated_at":"2026-05-20T07:14:33.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps)","packages":[{"name":"DavidAnson/markdownlint-cli2-action","old_version":"22.0.0","new_version":"23.2.0","repository_url":"https://github.com/davidanson/markdownlint-cli2-action"}],"path":null,"ecosystem":"actions"},"body":"Bumps [DavidAnson/markdownlint-cli2-action](https://github.com/davidanson/markdownlint-cli2-action) from 22.0.0 to 23.2.0.\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/ded1f9488f68a970bc66ea5619e13e9b52e601cd\"\u003e\u003ccode\u003eded1f94\u003c/code\u003e\u003c/a\u003e Update to version 23.2.0.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/dc5dad9f8ba073d9c126e0d851df92a6d37edf73\"\u003e\u003ccode\u003edc5dad9\u003c/code\u003e\u003c/a\u003e Add 10-day cooldown period to Dependabot updates.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/64b1c6ae183a8eb20a1aa3953e30a9dd4d432402\"\u003e\u003ccode\u003e64b1c6a\u003c/code\u003e\u003c/a\u003e Add package-lock.json for reproducible builds (fixes \u003ca href=\"https://redirect.github.com/davidanson/markdownlint-cli2-action/issues/362\"\u003e#362\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/6c62e06b9a7e92ae00b281d5c6794123911021af\"\u003e\u003ccode\u003e6c62e06\u003c/code\u003e\u003c/a\u003e Bump eslint-plugin-n from 17.24.0 to 18.0.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/9b5720cdbb216ebfd0f8ebfcd1b213c83ed1b206\"\u003e\u003ccode\u003e9b5720c\u003c/code\u003e\u003c/a\u003e Bump eslint from 10.2.1 to 10.3.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/6b51ade7a9e4a75a7ad929842dd298a3804ebe8b\"\u003e\u003ccode\u003e6b51ade\u003c/code\u003e\u003c/a\u003e Update to version 23.1.0.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/ea6e0dad81a67897db7632a0a41b3a0e7cc03ca3\"\u003e\u003ccode\u003eea6e0da\u003c/code\u003e\u003c/a\u003e Freshen generated index.js file.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/3c4c2c842cd43c2afe7cb5f2ecfe9e1623fa8d14\"\u003e\u003ccode\u003e3c4c2c8\u003c/code\u003e\u003c/a\u003e Bump markdownlint-cli2 from 0.22.0 to 0.22.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/3a933d45e20b54b80131d0335d61186e63e552bd\"\u003e\u003ccode\u003e3a933d4\u003c/code\u003e\u003c/a\u003e Bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/648042e2afed596b673a8b3f8fc8fbfb48b41f43\"\u003e\u003ccode\u003e648042e\u003c/code\u003e\u003c/a\u003e Freshen generated index.js file.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/davidanson/markdownlint-cli2-action/compare/07035fd053f7be764496c0f8d8f9f41f98305101...ded1f9488f68a970bc66ea5619e13e9b52e601cd\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=DavidAnson/markdownlint-cli2-action\u0026package-manager=github_actions\u0026previous-version=22.0.0\u0026new-version=23.2.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/gruntwork-io/terragrunt/pull/6155","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/gruntwork-io%2Fterragrunt/issues/6155","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/6155/packages"},{"uuid":"4467864471","node_id":"PR_kwDOSZCdHs7cldUP","number":40,"state":"open","title":"ci(deps): bump DavidAnson/markdownlint-cli2-action from 18.0.0 to 23.2.0","user":"dependabot[bot]","labels":[],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-18T09:21:18.000Z","updated_at":"2026-05-18T09:21:19.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"ci(deps)","packages":[{"name":"DavidAnson/markdownlint-cli2-action","old_version":"18.0.0","new_version":"23.2.0","repository_url":"https://github.com/davidanson/markdownlint-cli2-action"}],"path":null,"ecosystem":"actions"},"body":"Bumps [DavidAnson/markdownlint-cli2-action](https://github.com/davidanson/markdownlint-cli2-action) from 18.0.0 to 23.2.0.\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/ded1f9488f68a970bc66ea5619e13e9b52e601cd\"\u003e\u003ccode\u003eded1f94\u003c/code\u003e\u003c/a\u003e Update to version 23.2.0.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/dc5dad9f8ba073d9c126e0d851df92a6d37edf73\"\u003e\u003ccode\u003edc5dad9\u003c/code\u003e\u003c/a\u003e Add 10-day cooldown period to Dependabot updates.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/64b1c6ae183a8eb20a1aa3953e30a9dd4d432402\"\u003e\u003ccode\u003e64b1c6a\u003c/code\u003e\u003c/a\u003e Add package-lock.json for reproducible builds (fixes \u003ca href=\"https://redirect.github.com/davidanson/markdownlint-cli2-action/issues/362\"\u003e#362\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/6c62e06b9a7e92ae00b281d5c6794123911021af\"\u003e\u003ccode\u003e6c62e06\u003c/code\u003e\u003c/a\u003e Bump eslint-plugin-n from 17.24.0 to 18.0.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/9b5720cdbb216ebfd0f8ebfcd1b213c83ed1b206\"\u003e\u003ccode\u003e9b5720c\u003c/code\u003e\u003c/a\u003e Bump eslint from 10.2.1 to 10.3.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/6b51ade7a9e4a75a7ad929842dd298a3804ebe8b\"\u003e\u003ccode\u003e6b51ade\u003c/code\u003e\u003c/a\u003e Update to version 23.1.0.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/ea6e0dad81a67897db7632a0a41b3a0e7cc03ca3\"\u003e\u003ccode\u003eea6e0da\u003c/code\u003e\u003c/a\u003e Freshen generated index.js file.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/3c4c2c842cd43c2afe7cb5f2ecfe9e1623fa8d14\"\u003e\u003ccode\u003e3c4c2c8\u003c/code\u003e\u003c/a\u003e Bump markdownlint-cli2 from 0.22.0 to 0.22.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/3a933d45e20b54b80131d0335d61186e63e552bd\"\u003e\u003ccode\u003e3a933d4\u003c/code\u003e\u003c/a\u003e Bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/648042e2afed596b673a8b3f8fc8fbfb48b41f43\"\u003e\u003ccode\u003e648042e\u003c/code\u003e\u003c/a\u003e Freshen generated index.js file.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/davidanson/markdownlint-cli2-action/compare/eb5ca3ab411449c66620fe7f1b3c9e10547144b0...ded1f9488f68a970bc66ea5619e13e9b52e601cd\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=DavidAnson/markdownlint-cli2-action\u0026package-manager=github_actions\u0026previous-version=18.0.0\u0026new-version=23.2.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/rubennati/ai-project-standard/pull/40","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubennati%2Fai-project-standard/issues/40","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/40/packages"},{"uuid":"4459348025","node_id":"PR_kwDOSewxwc7cLzDW","number":6,"state":"open","title":"chore(deps)(deps): bump the actions group across 1 directory with 8 updates","user":"dependabot[bot]","labels":[],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-16T09:01:47.000Z","updated_at":"2026-05-16T23:27:15.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps)(deps): bump","group_name":"actions","update_count":8,"packages":[{"name":"actions/checkout","old_version":"4","new_version":"6","repository_url":"https://github.com/actions/checkout"},{"name":"pnpm/action-setup","old_version":"d15e628ca66d93ee5f352c71671a7bc6a97af5c9","new_version":"0e279bb959325dab635dd2c09392533439d90093","repository_url":"https://github.com/pnpm/action-setup"},{"name":"actions/setup-node","old_version":"4","new_version":"6","repository_url":"https://github.com/actions/setup-node"},{"name":"github/codeql-action","old_version":"3","new_version":"4","repository_url":"https://github.com/github/codeql-action"},{"name":"actions/cache","old_version":"4","new_version":"5","repository_url":"https://github.com/actions/cache"},{"name":"actions/upload-artifact","old_version":"4","new_version":"7","repository_url":"https://github.com/actions/upload-artifact"},{"name":"DavidAnson/markdownlint-cli2-action","old_version":"fa0cd0f1a052f54da593c83860f2292982f5d142","new_version":"ded1f9488f68a970bc66ea5619e13e9b52e601cd","repository_url":"https://github.com/davidanson/markdownlint-cli2-action"},{"name":"actions/dependency-review-action","old_version":"4","new_version":"5","repository_url":"https://github.com/actions/dependency-review-action"}],"path":null,"ecosystem":"actions"},"body":"Bumps the actions group with 8 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [actions/checkout](https://github.com/actions/checkout) | `4` | `6` |\n| [pnpm/action-setup](https://github.com/pnpm/action-setup) | `d15e628ca66d93ee5f352c71671a7bc6a97af5c9` | `0e279bb959325dab635dd2c09392533439d90093` |\n| [actions/setup-node](https://github.com/actions/setup-node) | `4` | `6` |\n| [github/codeql-action](https://github.com/github/codeql-action) | `3` | `4` |\n| [actions/cache](https://github.com/actions/cache) | `4` | `5` |\n| [actions/upload-artifact](https://github.com/actions/upload-artifact) | `4` | `7` |\n| [DavidAnson/markdownlint-cli2-action](https://github.com/davidanson/markdownlint-cli2-action) | `fa0cd0f1a052f54da593c83860f2292982f5d142` | `ded1f9488f68a970bc66ea5619e13e9b52e601cd` |\n| [actions/dependency-review-action](https://github.com/actions/dependency-review-action) | `4` | `5` |\n\n\nUpdates `actions/checkout` from 4 to 6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/checkout/releases\"\u003eactions/checkout's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.0.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate README to include Node.js 24 support details and requirements by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2248\"\u003eactions/checkout#2248\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePersist creds to a separate file by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2286\"\u003eactions/checkout#2286\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ev6-beta by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2298\"\u003eactions/checkout#2298\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eupdate readme/changelog for v6 by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2311\"\u003eactions/checkout#2311\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/checkout/compare/v5.0.0...v6.0.0\"\u003ehttps://github.com/actions/checkout/compare/v5.0.0...v6.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6-beta\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cp\u003eUpdated persist-credentials to store the credentials under \u003ccode\u003e$RUNNER_TEMP\u003c/code\u003e instead of directly in the local git config.\u003c/p\u003e\n\u003cp\u003eThis requires a minimum Actions Runner version of \u003ca href=\"https://github.com/actions/runner/releases/tag/v2.329.0\"\u003ev2.329.0\u003c/a\u003e to access the persisted credentials for \u003ca href=\"https://docs.github.com/en/actions/tutorials/use-containerized-services/create-a-docker-container-action\"\u003eDocker container action\u003c/a\u003e scenarios.\u003c/p\u003e\n\u003ch2\u003ev5.0.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePort v6 cleanup to v5 by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2301\"\u003eactions/checkout#2301\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/checkout/compare/v5...v5.0.1\"\u003ehttps://github.com/actions/checkout/compare/v5...v5.0.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.0.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate actions checkout to use node 24 by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2226\"\u003eactions/checkout#2226\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePrepare v5.0.0 release by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2238\"\u003eactions/checkout#2238\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e⚠️ Minimum Compatible Runner Version\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003ev2.327.1\u003c/strong\u003e\u003cbr /\u003e\n\u003ca href=\"https://github.com/actions/runner/releases/tag/v2.327.1\"\u003eRelease Notes\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eMake sure your runner is updated to this version or newer to use this release.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/checkout/compare/v4...v5.0.0\"\u003ehttps://github.com/actions/checkout/compare/v4...v5.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.3.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePort v6 cleanup to v4 by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2305\"\u003eactions/checkout#2305\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/checkout/compare/v4...v4.3.1\"\u003ehttps://github.com/actions/checkout/compare/v4...v4.3.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.3.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edocs: update README.md by \u003ca href=\"https://github.com/motss\"\u003e\u003ccode\u003e@​motss\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1971\"\u003eactions/checkout#1971\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd internal repos for checking out multiple repositories by \u003ca href=\"https://github.com/mouismail\"\u003e\u003ccode\u003e@​mouismail\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1977\"\u003eactions/checkout#1977\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDocumentation update - add recommended permissions to Readme by \u003ca href=\"https://github.com/benwells\"\u003e\u003ccode\u003e@​benwells\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2043\"\u003eactions/checkout#2043\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/checkout/blob/main/CHANGELOG.md\"\u003eactions/checkout's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003ch2\u003ev6.0.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix tag handling: preserve annotations and explicit fetch-tags by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2356\"\u003eactions/checkout#2356\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.0.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd worktree support for persist-credentials includeIf by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2327\"\u003eactions/checkout#2327\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.0.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePersist creds to a separate file by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2286\"\u003eactions/checkout#2286\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate README to include Node.js 24 support details and requirements by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2248\"\u003eactions/checkout#2248\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.0.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePort v6 cleanup to v5 by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2301\"\u003eactions/checkout#2301\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.0.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate actions checkout to use node 24 by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2226\"\u003eactions/checkout#2226\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.3.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePort v6 cleanup to v4 by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2305\"\u003eactions/checkout#2305\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.3.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edocs: update README.md by \u003ca href=\"https://github.com/motss\"\u003e\u003ccode\u003e@​motss\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1971\"\u003eactions/checkout#1971\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd internal repos for checking out multiple repositories by \u003ca href=\"https://github.com/mouismail\"\u003e\u003ccode\u003e@​mouismail\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1977\"\u003eactions/checkout#1977\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDocumentation update - add recommended permissions to Readme by \u003ca href=\"https://github.com/benwells\"\u003e\u003ccode\u003e@​benwells\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2043\"\u003eactions/checkout#2043\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdjust positioning of user email note and permissions heading by \u003ca href=\"https://github.com/joshmgross\"\u003e\u003ccode\u003e@​joshmgross\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2044\"\u003eactions/checkout#2044\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate README.md by \u003ca href=\"https://github.com/nebuk89\"\u003e\u003ccode\u003e@​nebuk89\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2194\"\u003eactions/checkout#2194\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate CODEOWNERS for actions by \u003ca href=\"https://github.com/TingluoHuang\"\u003e\u003ccode\u003e@​TingluoHuang\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2224\"\u003eactions/checkout#2224\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate package dependencies by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2236\"\u003eactions/checkout#2236\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.2.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eurl-helper.ts\u003c/code\u003e now leverages well-known environment variables by \u003ca href=\"https://github.com/jww3\"\u003e\u003ccode\u003e@​jww3\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1941\"\u003eactions/checkout#1941\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eExpand unit test coverage for \u003ccode\u003eisGhes\u003c/code\u003e by \u003ca href=\"https://github.com/jww3\"\u003e\u003ccode\u003e@​jww3\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1946\"\u003eactions/checkout#1946\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.2.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCheck out other refs/* by commit if provided, fall back to ref by \u003ca href=\"https://github.com/orhantoy\"\u003e\u003ccode\u003e@​orhantoy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1924\"\u003eactions/checkout#1924\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.2.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd Ref and Commit outputs by \u003ca href=\"https://github.com/lucacome\"\u003e\u003ccode\u003e@​lucacome\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1180\"\u003eactions/checkout#1180\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDependency updates by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e- \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1777\"\u003eactions/checkout#1777\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1872\"\u003eactions/checkout#1872\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.1.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBump the minor-npm-dependencies group across 1 directory with 4 updates by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1739\"\u003eactions/checkout#1739\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump actions/checkout from 3 to 4 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1697\"\u003eactions/checkout#1697\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCheck out other refs/* by commit by \u003ca href=\"https://github.com/orhantoy\"\u003e\u003ccode\u003e@​orhantoy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1774\"\u003eactions/checkout#1774\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePin actions/checkout's own workflows to a known, good, stable version. by \u003ca href=\"https://github.com/jww3\"\u003e\u003ccode\u003e@​jww3\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1776\"\u003eactions/checkout#1776\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.1.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCheck platform to set archive extension appropriately by \u003ca href=\"https://github.com/cory-miller\"\u003e\u003ccode\u003e@​cory-miller\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1732\"\u003eactions/checkout#1732\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/de0fac2e4500dabe0009e67214ff5f5447ce83dd\"\u003e\u003ccode\u003ede0fac2\u003c/code\u003e\u003c/a\u003e Fix tag handling: preserve annotations and explicit fetch-tags (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2356\"\u003e#2356\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/064fe7f3312418007dea2b49a19844a9ee378f49\"\u003e\u003ccode\u003e064fe7f\u003c/code\u003e\u003c/a\u003e Add orchestration_id to git user-agent when ACTIONS_ORCHESTRATION_ID is set (...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/8e8c483db84b4bee98b60c0593521ed34d9990e8\"\u003e\u003ccode\u003e8e8c483\u003c/code\u003e\u003c/a\u003e Clarify v6 README (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2328\"\u003e#2328\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/033fa0dc0b82693d8986f1016a0ec2c5e7d9cbb1\"\u003e\u003ccode\u003e033fa0d\u003c/code\u003e\u003c/a\u003e Add worktree support for persist-credentials includeIf (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2327\"\u003e#2327\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/c2d88d3ecc89a9ef08eebf45d9637801dcee7eb5\"\u003e\u003ccode\u003ec2d88d3\u003c/code\u003e\u003c/a\u003e Update all references from v5 and v4 to v6 (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2314\"\u003e#2314\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/1af3b93b6815bc44a9784bd300feb67ff0d1eeb3\"\u003e\u003ccode\u003e1af3b93\u003c/code\u003e\u003c/a\u003e update readme/changelog for v6 (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2311\"\u003e#2311\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/71cf2267d89c5cb81562390fa70a37fa40b1305e\"\u003e\u003ccode\u003e71cf226\u003c/code\u003e\u003c/a\u003e v6-beta (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2298\"\u003e#2298\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/069c6959146423d11cd0184e6accf28f9d45f06e\"\u003e\u003ccode\u003e069c695\u003c/code\u003e\u003c/a\u003e Persist creds to a separate file (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2286\"\u003e#2286\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/ff7abcd0c3c05ccf6adc123a8cd1fd4fb30fb493\"\u003e\u003ccode\u003eff7abcd\u003c/code\u003e\u003c/a\u003e Update README to include Node.js 24 support details and requirements (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2248\"\u003e#2248\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/08c6903cd8c0fde910a37f88322edcfb5dd907a8\"\u003e\u003ccode\u003e08c6903\u003c/code\u003e\u003c/a\u003e Prepare v5.0.0 release (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2238\"\u003e#2238\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/actions/checkout/compare/v4...v6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `pnpm/action-setup` from d15e628ca66d93ee5f352c71671a7bc6a97af5c9 to 0e279bb959325dab635dd2c09392533439d90093\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/pnpm/action-setup/compare/d15e628ca66d93ee5f352c71671a7bc6a97af5c9...0e279bb959325dab635dd2c09392533439d90093\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `actions/setup-node` from 4 to 6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/setup-node/releases\"\u003eactions/setup-node's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.0.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBreaking Changes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eLimit automatic caching to npm, update workflows and documentation by \u003ca href=\"https://github.com/priyagupta108\"\u003e\u003ccode\u003e@​priyagupta108\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-node/pull/1374\"\u003eactions/setup-node#1374\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDependency Upgrades\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade ts-jest from 29.1.2 to 29.4.1 and document breaking changes in v5 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/setup-node/pull/1336\"\u003e#1336\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade prettier from 2.8.8 to 3.6.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/setup-node/pull/1334\"\u003e#1334\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade actions/publish-action from 0.3.0 to 0.4.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/setup-node/pull/1362\"\u003e#1362\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/setup-node/compare/v5...v6.0.0\"\u003ehttps://github.com/actions/setup-node/compare/v5...v6.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.0.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eEnhance caching in setup-node with automatic package manager detection by \u003ca href=\"https://github.com/priya-kinthali\"\u003e\u003ccode\u003e@​priya-kinthali\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-node/pull/1348\"\u003eactions/setup-node#1348\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThis update, introduces automatic caching when a valid \u003ccode\u003epackageManager\u003c/code\u003e field is present in your \u003ccode\u003epackage.json\u003c/code\u003e. This aims to improve workflow performance and make dependency management more seamless.\nTo disable this automatic caching, set \u003ccode\u003epackage-manager-cache: false\u003c/code\u003e\u003c/p\u003e\n\u003cpre lang=\"yaml\"\u003e\u003ccode\u003esteps:\r\n- uses: actions/checkout@v5\r\n- uses: actions/setup-node@v5\r\n  with:\r\n    package-manager-cache: false\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade action to use node24 by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-node/pull/1325\"\u003eactions/setup-node#1325\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eMake sure your runner is on version v2.327.1 or later to ensure compatibility with this release. \u003ca href=\"https://github.com/actions/runner/releases/tag/v2.327.1\"\u003eSee Release Notes\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eDependency Upgrades\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade \u003ccode\u003e@​octokit/request-error\u003c/code\u003e and \u003ccode\u003e@​actions/github\u003c/code\u003e by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/setup-node/pull/1227\"\u003eactions/setup-node#1227\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade uuid from 9.0.1 to 11.1.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/setup-node/pull/1273\"\u003eactions/setup-node#1273\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade undici from 5.28.5 to 5.29.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/setup-node/pull/1295\"\u003eactions/setup-node#1295\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade form-data to bring in fix for critical vulnerability by \u003ca href=\"https://github.com/gowridurgad\"\u003e\u003ccode\u003e@​gowridurgad\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-node/pull/1332\"\u003eactions/setup-node#1332\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade actions/checkout from 4 to 5 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/setup-node/pull/1345\"\u003eactions/setup-node#1345\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/priya-kinthali\"\u003e\u003ccode\u003e@​priya-kinthali\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/setup-node/pull/1348\"\u003eactions/setup-node#1348\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/setup-node/pull/1325\"\u003eactions/setup-node#1325\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/setup-node/compare/v4...v5.0.0\"\u003ehttps://github.com/actions/setup-node/compare/v4...v5.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.4.0\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/setup-node/commit/48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e\"\u003e\u003ccode\u003e48b55a0\u003c/code\u003e\u003c/a\u003e Update Node.js versions in versions.yml and bump package to v6.4.0 (\u003ca href=\"https://redirect.github.com/actions/setup-node/issues/1533\"\u003e#1533\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/setup-node/commit/ab72c7e7eba0eaa11f8cab0f5679243900c2cac9\"\u003e\u003ccode\u003eab72c7e\u003c/code\u003e\u003c/a\u003e Upgrade \u003ca href=\"https://github.com/actions\"\u003e\u003ccode\u003e@​actions\u003c/code\u003e\u003c/a\u003e dependencies (\u003ca href=\"https://redirect.github.com/actions/setup-node/issues/1525\"\u003e#1525\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/setup-node/commit/53b83947a5a98c8d113130e565377fae1a50d02f\"\u003e\u003ccode\u003e53b8394\u003c/code\u003e\u003c/a\u003e Bump minimatch from 3.1.2 to 3.1.5 (\u003ca href=\"https://redirect.github.com/actions/setup-node/issues/1498\"\u003e#1498\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/setup-node/commit/54045abd5dcd3b0fee9ca02fa24c57545834c9cc\"\u003e\u003ccode\u003e54045ab\u003c/code\u003e\u003c/a\u003e Scope test lockfiles by package manager and update cache tests (\u003ca href=\"https://redirect.github.com/actions/setup-node/issues/1495\"\u003e#1495\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/setup-node/commit/c882bffdbd4df51ace6b940023952e8669c9932a\"\u003e\u003ccode\u003ec882bff\u003c/code\u003e\u003c/a\u003e Replace uuid with crypto.randomUUID() (\u003ca href=\"https://redirect.github.com/actions/setup-node/issues/1378\"\u003e#1378\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/setup-node/commit/774c1d62961e73038a114d59c8847023c003194d\"\u003e\u003ccode\u003e774c1d6\u003c/code\u003e\u003c/a\u003e feat(node-version-file): support parsing \u003ccode\u003edevEngines\u003c/code\u003e field (\u003ca href=\"https://redirect.github.com/actions/setup-node/issues/1283\"\u003e#1283\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/setup-node/commit/efcb663fc60e97218a2b2d6d827f7830f164739e\"\u003e\u003ccode\u003eefcb663\u003c/code\u003e\u003c/a\u003e fix: remove hardcoded bearer (\u003ca href=\"https://redirect.github.com/actions/setup-node/issues/1467\"\u003e#1467\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/setup-node/commit/d02c89dce7e1ba9ef629ce0680989b3a1cc72edb\"\u003e\u003ccode\u003ed02c89d\u003c/code\u003e\u003c/a\u003e Fix npm audit issues (\u003ca href=\"https://redirect.github.com/actions/setup-node/issues/1491\"\u003e#1491\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/setup-node/commit/6044e13b5dc448c55e2357c09f80417699197238\"\u003e\u003ccode\u003e6044e13\u003c/code\u003e\u003c/a\u003e Docs: bump actions/checkout from v5 to v6 (\u003ca href=\"https://redirect.github.com/actions/setup-node/issues/1468\"\u003e#1468\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/setup-node/commit/8e494633d082d609d1e9ff931be32f8a44f1f657\"\u003e\u003ccode\u003e8e49463\u003c/code\u003e\u003c/a\u003e Fix README typo (\u003ca href=\"https://redirect.github.com/actions/setup-node/issues/1226\"\u003e#1226\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/actions/setup-node/compare/v4...v6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github/codeql-action` from 3 to 4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/github/codeql-action/releases\"\u003egithub/codeql-action's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.35.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eWe have improved how the JavaScript bundles for the CodeQL Action are generated to avoid duplication across bundles and reduce the size of the repository by around 70%. This should have no effect on the runtime behaviour of the CodeQL Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3899\"\u003e#3899\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFor performance and accuracy reasons, \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e will now only be enabled on a pull request when diff-informed analysis is also enabled for that run. If diff-informed analysis is unavailable (for example, because the PR diff ranges could not be computed), the action will fall back to a full analysis. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3791\"\u003e#3791\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIf multiple inputs are provided for the GitHub-internal \u003ccode\u003eanalysis-kinds\u003c/code\u003e input, only \u003ccode\u003ecode-scanning\u003c/code\u003e will be enabled. The \u003ccode\u003eanalysis-kinds\u003c/code\u003e input is experimental, for GitHub-internal use only, and may change without notice at any time. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3892\"\u003e#3892\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded an experimental change which, when running a Code Scanning analysis for a PR with \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e enabled, prefers CodeQL CLI versions that have a cached overlay-base database for the configured languages. This speeds up analysis for a repository when there is not yet a cached overlay-base database for the latest CLI version. We expect to roll this change out to everyone in May. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3880\"\u003e#3880\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.35.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.4\"\u003e2.25.4\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3881\"\u003e#3881\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.35.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cem\u003eUpcoming breaking change\u003c/em\u003e: Add a deprecation warning for customers using CodeQL version 2.19.3 and earlier. These versions of CodeQL were discontinued on 9 April 2026 alongside GitHub Enterprise Server 3.15, and will be unsupported by the next minor release of the CodeQL Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3837\"\u003e#3837\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eConfigurations for private registries that use Cloudsmith or GCP OIDC are now accepted. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3850\"\u003e#3850\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBest-effort connection tests for private registries now use \u003ccode\u003eGET\u003c/code\u003e requests instead of \u003ccode\u003eHEAD\u003c/code\u003e for better compatibility with various registry implementations. For NuGet feeds, the test is now always performed against the service index. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3853\"\u003e#3853\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed a bug where two diagnostics produced within the same millisecond could overwrite each other on disk, causing one of them to be lost. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3852\"\u003e#3852\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.3\"\u003e2.25.3\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3865\"\u003e#3865\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.35.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eThe undocumented TRAP cache cleanup feature that could be enabled using the \u003ccode\u003eCODEQL_ACTION_CLEANUP_TRAP_CACHES\u003c/code\u003e environment variable is deprecated and will be removed in May 2026. If you are affected by this, we recommend disabling TRAP caching by passing the \u003ccode\u003etrap-caching: false\u003c/code\u003e input to the \u003ccode\u003einit\u003c/code\u003e Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3795\"\u003e#3795\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe Git version 2.36.0 requirement for improved incremental analysis now only applies to repositories that contain submodules. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3789\"\u003e#3789\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePython analysis on GHES no longer extracts the standard library, relying instead on models of the standard library. This should result in significantly faster extraction and analysis times, while the effect on alerts should be minimal. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3794\"\u003e#3794\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed a bug in the validation of OIDC configurations for private registries that was added in CodeQL Action 4.33.0 / 3.33.0. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3807\"\u003e#3807\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.2\"\u003e2.25.2\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3823\"\u003e#3823\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.35.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix incorrect minimum required Git version for \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e: it should have been 2.36.0, not 2.11.0. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3781\"\u003e#3781\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.35.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReduced the minimum Git version required for \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e from 2.38.0 to 2.11.0. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3767\"\u003e#3767\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.1\"\u003e2.25.1\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3773\"\u003e#3773\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.34.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDowngrade default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.3\"\u003e2.24.3\u003c/a\u003e due to issues with a small percentage of Actions and JavaScript analyses. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3762\"\u003e#3762\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.34.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded an experimental change which disables TRAP caching when \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e is enabled, since improved incremental analysis supersedes TRAP caching. This will improve performance and reduce Actions cache usage. We expect to roll this change out to everyone in March. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3569\"\u003e#3569\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eWe are rolling out improved incremental analysis to C/C++ analyses that use build mode \u003ccode\u003enone\u003c/code\u003e. We expect this rollout to be complete by the end of April 2026. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3584\"\u003e#3584\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.0\"\u003e2.25.0\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3585\"\u003e#3585\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.33.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpcoming change: Starting April 2026, the CodeQL Action will skip collecting file coverage information on pull requests to improve analysis performance. File coverage information will still be computed on non-PR analyses. Pull request analyses will log a warning about this upcoming change. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3562\"\u003e#3562\u003c/a\u003e\nTo opt out of this change:\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eRepositories owned by an organization:\u003c/strong\u003e Create a custom repository property with the name \u003ccode\u003egithub-codeql-file-coverage-on-prs\u003c/code\u003e and the type \u0026quot;True/false\u0026quot;, then set this property to \u003ccode\u003etrue\u003c/code\u003e in the repository's settings. For more information, see \u003ca href=\"https://docs.github.com/en/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization\"\u003eManaging custom properties for repositories in your organization\u003c/a\u003e. Alternatively, if you are using an advanced setup workflow, you can set the \u003ccode\u003eCODEQL_ACTION_FILE_COVERAGE_ON_PRS\u003c/code\u003e environment variable to \u003ccode\u003etrue\u003c/code\u003e in your workflow.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUser-owned repositories using default setup:\u003c/strong\u003e Switch to an advanced setup workflow and set the \u003ccode\u003eCODEQL_ACTION_FILE_COVERAGE_ON_PRS\u003c/code\u003e environment variable to \u003ccode\u003etrue\u003c/code\u003e in your workflow.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUser-owned repositories using advanced setup:\u003c/strong\u003e Set the \u003ccode\u003eCODEQL_ACTION_FILE_COVERAGE_ON_PRS\u003c/code\u003e environment variable to \u003ccode\u003etrue\u003c/code\u003e in your workflow.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eFixed \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3555\"\u003ea bug\u003c/a\u003e which caused the CodeQL Action to fail loading repository properties if a \u0026quot;Multi select\u0026quot; repository property was configured for the repository. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3557\"\u003e#3557\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe CodeQL Action now loads \u003ca href=\"https://docs.github.com/en/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization\"\u003ecustom repository properties\u003c/a\u003e on GitHub Enterprise Server, enabling the customization of features such as \u003ccode\u003egithub-codeql-disable-overlay\u003c/code\u003e that was previously only available on GitHub.com. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3559\"\u003e#3559\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eOnce \u003ca href=\"https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries\"\u003eprivate package registries\u003c/a\u003e can be configured with OIDC-based authentication for organizations, the CodeQL Action will now be able to accept such configurations. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3563\"\u003e#3563\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed the retry mechanism for database uploads. Previously this would fail with the error \u0026quot;Response body object should not be disturbed or locked\u0026quot;. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3564\"\u003e#3564\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eA warning is now emitted if the CodeQL Action detects a repository property whose name suggests that it relates to the CodeQL Action, but which is not one of the properties recognised by the current version of the CodeQL Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3570\"\u003e#3570\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/github/codeql-action/blob/main/CHANGELOG.md\"\u003egithub/codeql-action's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.32.3 - 13 Feb 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded experimental support for testing connections to \u003ca href=\"https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries\"\u003eprivate package registries\u003c/a\u003e. This feature is not currently enabled for any analysis. In the future, it may be enabled by default for Default Setup. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3466\"\u003e#3466\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.32.2 - 05 Feb 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.1\"\u003e2.24.1\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3460\"\u003e#3460\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.32.1 - 02 Feb 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eA warning is now shown in Default Setup workflow logs if a \u003ca href=\"https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries\"\u003eprivate package registry is configured\u003c/a\u003e using a GitHub Personal Access Token (PAT), but no username is configured. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3422\"\u003e#3422\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed a bug which caused the CodeQL Action to fail when repository properties cannot successfully be retrieved. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3421\"\u003e#3421\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.32.0 - 26 Jan 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.0\"\u003e2.24.0\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3425\"\u003e#3425\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.31.11 - 23 Jan 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eWhen running a Default Setup workflow with \u003ca href=\"https://docs.github.com/en/actions/how-tos/monitor-workflows/enable-debug-logging\"\u003eActions debugging enabled\u003c/a\u003e, the CodeQL Action will now use more unique names when uploading logs from the Dependabot authentication proxy as workflow artifacts. This ensures that the artifact names do not clash between multiple jobs in a build matrix. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3409\"\u003e#3409\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImproved error handling throughout the CodeQL Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3415\"\u003e#3415\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded experimental support for automatically excluding \u003ca href=\"https://docs.github.com/en/repositories/working-with-files/managing-files/customizing-how-changed-files-appear-on-github\"\u003egenerated files\u003c/a\u003e from the analysis. This feature is not currently enabled for any analysis. In the future, it may be enabled by default for some GitHub-managed analyses. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3318\"\u003e#3318\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe changelog extracts that are included with releases of the CodeQL Action are now shorter to avoid duplicated information from appearing in Dependabot PRs. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3403\"\u003e#3403\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.31.10 - 12 Jan 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to 2.23.9. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3393\"\u003e#3393\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.31.9 - 16 Dec 2025\u003c/h2\u003e\n\u003cp\u003eNo user facing changes.\u003c/p\u003e\n\u003ch2\u003e4.31.8 - 11 Dec 2025\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to 2.23.8. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3354\"\u003e#3354\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.31.7 - 05 Dec 2025\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to 2.23.7. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3343\"\u003e#3343\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.31.6 - 01 Dec 2025\u003c/h2\u003e\n\u003cp\u003eNo user facing changes.\u003c/p\u003e\n\u003ch2\u003e4.31.5 - 24 Nov 2025\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to 2.23.6. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3321\"\u003e#3321\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.31.4 - 18 Nov 2025\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/4041a11865997c316ce6a07449512369a0e809be\"\u003e\u003ccode\u003e4041a11\u003c/code\u003e\u003c/a\u003e Bump the npm-minor group across 1 directory with 3 updates\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/2a6fe1608c7d5b1e0cb3d8e19d51c4ff1ca47a0d\"\u003e\u003ccode\u003e2a6fe16\u003c/code\u003e\u003c/a\u003e Bump actions/create-github-app-token\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/3d6ea97f262502cf014e0c1a0e525230c8f6ead6\"\u003e\u003ccode\u003e3d6ea97\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3891\"\u003e#3891\u003c/a\u003e from github/navntoft/dep/remove-brace-expansion-over...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/7d25a3e59006641f5f41cc0630404bcbce51230b\"\u003e\u003ccode\u003e7d25a3e\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3892\"\u003e#3892\u003c/a\u003e from github/mbg/analysis-kinds/warn-on-multiple\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/4dc72761a61590d9ee9c33ec107d040a1069f7af\"\u003e\u003ccode\u003e4dc7276\u003c/code\u003e\u003c/a\u003e Merge remote-tracking branch 'origin/main' into mbg/analysis-kinds/warn-on-mu...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/c559992c9e1f26532debd2f8e64b7b5d6ebfc0ec\"\u003e\u003ccode\u003ec559992\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3880\"\u003e#3880\u003c/a\u003e from github/henrymercer/overlay-match-codeql-version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/8d217609b05d7a35904ca7475a82f7bbb1a2b64d\"\u003e\u003ccode\u003e8d21760\u003c/code\u003e\u003c/a\u003e Nit: Tweak JSDoc for \u003ccode\u003egetRawLanguagesNoAutodetect\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/github/codeql-action/compare/v3...v4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `actions/cache` from 4 to 5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/cache/releases\"\u003eactions/cache's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.0.0\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!IMPORTANT]\n\u003cstrong\u003e\u003ccode\u003eactions/cache@v5\u003c/code\u003e runs on the Node.js 24 runtime and requires a minimum Actions Runner version of \u003ccode\u003e2.327.1\u003c/code\u003e.\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eIf you are using self-hosted runners, ensure they are updated before upgrading.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003chr /\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade to use node24 by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/cache/pull/1630\"\u003eactions/cache#1630\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePrepare v5.0.0 release by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/cache/pull/1684\"\u003eactions/cache#1684\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/cache/compare/v4.3.0...v5.0.0\"\u003ehttps://github.com/actions/cache/compare/v4.3.0...v5.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.3.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd note on runner versions by \u003ca href=\"https://github.com/GhadimiR\"\u003e\u003ccode\u003e@​GhadimiR\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/cache/pull/1642\"\u003eactions/cache#1642\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePrepare \u003ccode\u003ev4.3.0\u003c/code\u003e release by \u003ca href=\"https://github.com/Link\"\u003e\u003ccode\u003e@​Link\u003c/code\u003e\u003c/a\u003e- in \u003ca href=\"https://redirect.github.com/actions/cache/pull/1655\"\u003eactions/cache#1655\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/GhadimiR\"\u003e\u003ccode\u003e@​GhadimiR\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/cache/pull/1642\"\u003eactions/cache#1642\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/cache/compare/v4...v4.3.0\"\u003ehttps://github.com/actions/cache/compare/v4...v4.3.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.2.4\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate README.md by \u003ca href=\"https://github.com/nebuk89\"\u003e\u003ccode\u003e@​nebuk89\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/cache/pull/1620\"\u003eactions/cache#1620\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade \u003ccode\u003e@actions/cache\u003c/code\u003e to \u003ccode\u003e4.0.5\u003c/code\u003e and move \u003ccode\u003e@protobuf-ts/plugin\u003c/code\u003e to dev depdencies by \u003ca href=\"https://github.com/Link\"\u003e\u003ccode\u003e@​Link\u003c/code\u003e\u003c/a\u003e- in \u003ca href=\"https://redirect.github.com/actions/cache/pull/1634\"\u003eactions/cache#1634\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePrepare release \u003ccode\u003e4.2.4\u003c/code\u003e by \u003ca href=\"https://github.com/Link\"\u003e\u003ccode\u003e@​Link\u003c/code\u003e\u003c/a\u003e- in \u003ca href=\"https://redirect.github.com/actions/cache/pull/1636\"\u003eactions/cache#1636\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nebuk89\"\u003e\u003ccode\u003e@​nebuk89\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/cache/pull/1620\"\u003eactions/cache#1620\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/cache/compare/v4...v4.2.4\"\u003ehttps://github.com/actions/cache/compare/v4...v4.2.4\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.2.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate to use \u003ccode\u003e@​actions/cache\u003c/code\u003e 4.0.3 package \u0026amp; prepare for new release by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/cache/pull/1577\"\u003eactions/cache#1577\u003c/a\u003e (SAS tokens for cache entries are now masked in debug logs)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/cache/pull/1577\"\u003eactions/cache#1577\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/cache/compare/v4.2.2...v4.2.3\"\u003ehttps://github.com/actions/cache/compare/v4.2.2...v4.2.3\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/cache/blob/main/RELEASES.md\"\u003eactions/cache's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eReleases\u003c/h1\u003e\n\u003ch2\u003eHow to prepare a release\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!NOTE]\u003cbr /\u003e\nRelevant for maintainers with write access only.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003col\u003e\n\u003cli\u003eSwitch to a new branch from \u003ccode\u003emain\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eRun \u003ccode\u003enpm test\u003c/code\u003e to ensure all tests are passing.\u003c/li\u003e\n\u003cli\u003eUpdate the version in \u003ca href=\"https://github.com/actions/cache/blob/main/package.json\"\u003e\u003ccode\u003ehttps://github.com/actions/cache/blob/main/package.json\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eRun \u003ccode\u003enpm run build\u003c/code\u003e to update the compiled files.\u003c/li\u003e\n\u003cli\u003eUpdate this \u003ca href=\"https://github.com/actions/cache/blob/main/RELEASES.md\"\u003e\u003ccode\u003ehttps://github.com/actions/cache/blob/main/RELEASES.md\u003c/code\u003e\u003c/a\u003e with the new version and changes in the \u003ccode\u003e## Changelog\u003c/code\u003e section.\u003c/li\u003e\n\u003cli\u003eRun \u003ccode\u003elicensed cache\u003c/code\u003e to update the license report.\u003c/li\u003e\n\u003cli\u003eRun \u003ccode\u003elicensed status\u003c/code\u003e and resolve any warnings by updating the \u003ca href=\"https://github.com/actions/cache/blob/main/.licensed.yml\"\u003e\u003ccode\u003ehttps://github.com/actions/cache/blob/main/.licensed.yml\u003c/code\u003e\u003c/a\u003e file with the exceptions.\u003c/li\u003e\n\u003cli\u003eCommit your changes and push your branch upstream.\u003c/li\u003e\n\u003cli\u003eOpen a pull request against \u003ccode\u003emain\u003c/code\u003e and get it reviewed and merged.\u003c/li\u003e\n\u003cli\u003eDraft a new release \u003ca href=\"https://github.com/actions/cache/releases\"\u003ehttps://github.com/actions/cache/releases\u003c/a\u003e use the same version number used in \u003ccode\u003epackage.json\u003c/code\u003e\n\u003col\u003e\n\u003cli\u003eCreate a new tag with the version number.\u003c/li\u003e\n\u003cli\u003eAuto generate release notes and update them to match the changes you made in \u003ccode\u003eRELEASES.md\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eToggle the set as the latest release option.\u003c/li\u003e\n\u003cli\u003ePublish the release.\u003c/li\u003e\n\u003c/ol\u003e\n\u003c/li\u003e\n\u003cli\u003eNavigate to \u003ca href=\"https://github.com/actions/cache/actions/workflows/release-new-action-version.yml\"\u003ehttps://github.com/actions/cache/actions/workflows/release-new-action-version.yml\u003c/a\u003e\n\u003col\u003e\n\u003cli\u003eThere should be a workflow run queued with the same version number.\u003c/li\u003e\n\u003cli\u003eApprove the run to publish the new version and update the major tags for this action.\u003c/li\u003e\n\u003c/ol\u003e\n\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2\u003eChangelog\u003c/h2\u003e\n\u003ch3\u003e5.0.4\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBump \u003ccode\u003eminimatch\u003c/code\u003e to v3.1.5 (fixes ReDoS via globstar patterns)\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003eundici\u003c/code\u003e to v6.24.1 (WebSocket decompression bomb protection, header validation fixes)\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003efast-xml-parser\u003c/code\u003e to v5.5.6\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e5.0.3\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBump \u003ccode\u003e@actions/cache\u003c/code\u003e to v5.0.5 (Resolves: \u003ca href=\"https://github.com/actions/cache/security/dependabot/33\"\u003ehttps://github.com/actions/cache/security/dependabot/33\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@actions/core\u003c/code\u003e to v2.0.3\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e5.0.2\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBump \u003ccode\u003e@actions/cache\u003c/code\u003e to v5.0.3 \u003ca href=\"https://redirect.github.com/actions/cache/pull/1692\"\u003e#1692\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e5.0.1\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate \u003ccode\u003e@azure/storage-blob\u003c/code\u003e to \u003ccode\u003e^12.29.1\u003c/code\u003e via \u003ccode\u003e@actions/cache@5.0.1\u003c/code\u003e \u003ca href=\"https://redirect.github.com/actions/cache/pull/1685\"\u003e#1685\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e5.0.0\u003c/h3\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!IMPORTANT]\n\u003ccode\u003eactions/cache@v5\u003c/code\u003e runs on the Node.js 24 runtime and requires a minimum Actions Runner version of \u003ccode\u003e2.327.1\u003c/code\u003e.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/cache/commit/27d5ce7f107fe9357f9df03efb73ab90386fccae\"\u003e\u003ccode\u003e27d5ce7\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/cache/issues/1747\"\u003e#1747\u003c/a\u003e from actions/yacaovsnc/update-dependency\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/cache/commit/f280785d7b6e1884c7d12b9136eb0f4a1574fcfd\"\u003e\u003ccode\u003ef280785\u003c/code\u003e\u003c/a\u003e licensed changes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/cache/commit/619aeb1606e195be0b36fd0ff68dcf1aff6b65a7\"\u003e\u003ccode\u003e619aeb1\u003c/code\u003e\u003c/a\u003e npm run build generated dist files\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/cache/commit/bcf16c2893940a4899761e55c7ac3c1cf88a04f6\"\u003e\u003ccode\u003ebcf16c2\u003c/code\u003e\u003c/a\u003e Update ts-http-runtime to 0.3.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/cache/commit/668228422ae6a00e4ad889ee87cd7109ec5666a7\"\u003e\u003ccode\u003e6682284\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/cache/issues/1738\"\u003e#1738\u003c/a\u003e from actions/prepare-v5.0.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/cache/commit/e34039626f957d3e3e50843d15c1b20547fc90e2\"\u003e\u003ccode\u003ee340396\u003c/code\u003e\u003c/a\u003e Update RELEASES\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/cache/commit/8a671105293e81530f1af99863cdf94550aba1a6\"\u003e\u003ccode\u003e8a67110\u003c/code\u003e\u003c/a\u003e Add licenses\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/cache/commit/1865903e1b0cb750dda9bc5c58be03424cc62830\"\u003e\u003ccode\u003e1865903\u003c/code\u003e\u003c/a\u003e Update dependencies \u0026amp; patch security vulnerabilities\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/cache/commit/565629816435f6c0b50676926c9b05c254113c0c\"\u003e\u003ccode\u003e5656298\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/cache/issues/1722\"\u003e#1722\u003c/a\u003e from RyPeck/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/cache/commit/4e380d19e192ace8e86f23f32ca6fdec98a673c6\"\u003e\u003ccode\u003e4e380d1\u003c/code\u003e\u003c/a\u003e Fix cache key in examples.md for bun.lock\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/actions/cache/compare/v4...v5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `actions/upload-artifact` from 4 to 7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/upload-artifact/releases\"\u003eactions/upload-artifact's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.0.0\u003c/h2\u003e\n\u003ch2\u003ev7 What's new\u003c/h2\u003e\n\u003ch3\u003eDirect Uploads\u003c/h3\u003e\n\u003cp\u003eAdds support for uploading single files directly (unzipped). Callers can set the new \u003ccode\u003earchive\u003c/code\u003e parameter to \u003ccode\u003efalse\u003c/code\u003e to skip zipping the file during upload. Right now, we only support single files. The action will fail if the glob passed resolves to multiple files. The \u003ccode\u003ename\u003c/code\u003e parameter is also ignored with this setting. Instead, the name of the artifact will be the name of the uploaded file.\u003c/p\u003e\n\u003ch3\u003eESM\u003c/h3\u003e\n\u003cp\u003eTo support new versions of the \u003ccode\u003e@actions/*\u003c/code\u003e packages, we've upgraded the package to ESM.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd proxy integration test by \u003ca href=\"https://github.com/Link\"\u003e\u003ccode\u003e@​Link\u003c/code\u003e\u003c/a\u003e- in \u003ca href=\"https://redirect.github.com/actions/upload-artifact/pull/754\"\u003eactions/upload-artifact#754\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade the module to ESM and bump dependencies by \u003ca href=\"https://github.com/danwkennedy\"\u003e\u003ccode\u003e@​danwkennedy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/upload-artifact/pull/762\"\u003eactions/upload-artifact#762\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSupport direct file uploads by \u003ca href=\"https://github.com/danwkennedy\"\u003e\u003ccode\u003e@​danwkennedy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/upload-artifact/pull/764\"\u003eactions/upload-artifact#764\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Link\"\u003e\u003ccode\u003e@​Link\u003c/code\u003e\u003c/a\u003e- made their first contribution in \u003ca href=\"https://redirect.github.com/actions/upload-artifact/pull/754\"\u003eactions/upload-artifact#754\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/upload-artifact/compare/v6...v7.0.0\"\u003ehttps://github.com/actions/upload-artifact/compare/v6...v7.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.0.0\u003c/h2\u003e\n\u003ch2\u003ev6 - What's new\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!IMPORTANT]\nactions/upload-artifact@v6 now runs on Node.js 24 (\u003ccode\u003eruns.using: node24\u003c/code\u003e) and requires a minimum Actions Runner version of 2.327.1. If you are using self-hosted runners, ensure they are updated before upgrading.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003ch3\u003eNode.js 24\u003c/h3\u003e\n\u003cp\u003eThis release updates the runtime to Node.js 24. v5 had preliminary support for Node.js 24, however this action was by default still running on Node.js 20. Now this action by default will run on Node.js 24.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpload Artifact Node 24 support by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/upload-artifact/pull/719\"\u003eactions/upload-artifact#719\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: update \u003ccode\u003e@​actions/artifact\u003c/code\u003e for Node.js 24 punycode deprecation by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/upload-artifact/pull/744\"\u003eactions/upload-artifact#744\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eprepare release v6.0.0 for Node.js 24 support by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/upload-artifact/pull/745\"\u003eactions/upload-artifact#745\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/upload-artifact/compare/v5.0.0...v6.0.0\"\u003ehttps://github.com/actions/upload-artifact/compare/v5.0.0...v6.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.0.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBREAKING CHANGE:\u003c/strong\u003e this update supports Node \u003ccode\u003ev24.x\u003c/code\u003e. This is not a breaking change per-se but we're treating it as such.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate README.md by \u003ca href=\"https://github.com/GhadimiR\"\u003e\u003ccode\u003e@​GhadimiR\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/upload-artifact/pull/681\"\u003eactions/upload-artifact#681\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate README.md by \u003ca href=\"https://github.com/nebuk89\"\u003e\u003ccode\u003e@​nebuk89\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/upload-artifact/pull/712\"\u003eactions/upload-artifact#712\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eReadme: spell out the first use of GHES by \u003ca href=\"https://github.com/danwkennedy\"\u003e\u003ccode\u003e@​danwkennedy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/upload-artifact/pull/727\"\u003eactions/upload-artifact#727\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate GHES guidance to include reference to Node 20 version by \u003ca href=\"https://github.com/patrikpolyak\"\u003e\u003ccode\u003e@​patrikpolyak\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/upload-artifact/pull/725\"\u003eactions/upload-artifact#725\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@actions/artifact\u003c/code\u003e to \u003ccode\u003ev4.0.0\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003ePrepare \u003ccode\u003ev5.0.0\u003c/code\u003e by \u003ca href=\"https://github.com/danwkennedy\"\u003e\u003ccode\u003e@​danwkennedy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/upload-artifact/pull/734\"\u003eactions/upload-artifact#734\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-artifact/commit/043fb46d1a93c77aae656e7c1c64a875d1fc6a0a\"\u003e\u003ccode\u003e043fb46\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/upload-artifact/issues/797\"\u003e#797\u003c/a\u003e from actions/yacaovsnc/update-dependency\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-artifact/commit/634250c1388765ea7ed0f053e636f1f399000b94\"\u003e\u003ccode\u003e634250c\u003c/code\u003e\u003c/a\u003e Include changes in typespec/ts-http-runtime 0.3.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-artifact/commit/e454baaac2be505c9450e11b8f3215c6fc023ce8\"\u003e\u003ccode\u003ee454baa\u003c/code\u003e\u003c/a\u003e Readme: bump all the example versions to v7 (\u003ca href=\"https://redirect.github.com/actions/upload-artifact/issues/796\"\u003e#796\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-artifact/commit/74fad66b98a6d799dc004d3353ccd0e6f6b2530e\"\u003e\u003ccode\u003e74fad66\u003c/code\u003e\u003c/a\u003e Update the readme with direct upload details (\u003ca href=\"https://redirect.github.com/actions/upload-artifact/issues/795\"\u003e#795\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-artifact/commit/bbbca2ddaa5d8feaa63e36b76fdaad77386f024f\"\u003e\u003ccode\u003ebbbca2d\u003c/code\u003e\u003c/a\u003e Support direct file uploads (\u003ca href=\"https://redirect.github.com/actions/upload-artifact/issues/764\"\u003e#764\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-artifact/commit/589182c5a4cec8920b8c1bce3e2fab1c97a02296\"\u003e\u003ccode\u003e589182c\u003c/code\u003e\u003c/a\u003e Upgrade the module to ESM and bump dependencies (\u003ca href=\"https://redirect.github.com/actions/upload-artifact/issues/762\"\u003e#762\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-artifact/commit/47309c993abb98030a35d55ef7ff34b7fa1074b5\"\u003e\u003ccode\u003e47309c9\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/upload-artifact/issues/754\"\u003e#754\u003c/a\u003e from actions/Link-/add-proxy-integration-tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-artifact/commit/02a8460834e70dab0ce194c64360c59dc1475ef0\"\u003e\u003ccode\u003e02a8460\u003c/code\u003e\u003c/a\u003e Add proxy integration test\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-artifact/commit/b7c566a772e6b6bfb58ed0dc250532a479d7789f\"\u003e\u003ccode\u003eb7c566a\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/upload-artifact/issues/745\"\u003e#745\u003c/a\u003e from actions/upload-artifact-v6-release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-artifact/commit/e516bc8500aaf3d07d591fcd4ae6ab5f9c391d5b\"\u003e\u003ccode\u003ee516bc8\u003c/code\u003e\u003c/a\u003e docs: correct description of Node.js 24 support in README\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/actions/upload-artifact/compare/v4...v7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `DavidAnson/markdownlint-cli2-action` from fa0cd0f1a052f54da593c83860f2292982f5d142 to ded1f9488f68a970bc66ea5619e13e9b52e601cd\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/davidanson/markdownlint-cli2-action/compare/fa0cd0f1a052f54da593c83860f2292982f5d142...ded1f9488f68a970bc66ea5619e13e9b52e601cd\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `actions/dependency-review-action` from 4 to 5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/dependency-review-action/releases\"\u003eactions/dependency-review-action's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.0.0\u003c/h2\u003e\n\u003cp\u003eThis is a new major version of the Dependency Review Action which updates the runtime to node24. This requires a minimum Actions Runner version \u003ca href=\"https://github.com/actions/runner/releases/tag/v2.327.1\"\u003ev2.327.1\u003c/a\u003e to run.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd .github/copilot-instructions.md for Copilot coding agent by \u003ca href=\"https://github.com/ahpook\"\u003e\u003ccode\u003e@​ahpook\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1067\"\u003eactions/dependency-review-action#1067\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate Node.js runtime from 20 to 24 by \u003ca href=\"https://github.com/scottschreckengaust\"\u003e\u003ccode\u003e@​scottschreckengaust\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1084\"\u003eactions/dependency-review-action#1084\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump spdx-license-ids from 3.0.20 to 3.0.23 by \u003ca href=\"https://github.com/mongolyy\"\u003e\u003ccode\u003e@​mongolyy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1091\"\u003eactions/dependency-review-action#1091\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: bump actions/checkout from v4 to v6 in workflow examples by \u003ca href=\"https://github.com/Marukome0743\"\u003e\u003ccode\u003e@​Marukome0743\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1077\"\u003eactions/dependency-review-action#1077\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: patched version display for advisories with non-strict semver ranges (e.g. Maven beta versions) by \u003ca href=\"https://github.com/tspascoal\"\u003e\u003ccode\u003e@​tspascoal\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1076\"\u003eactions/dependency-review-action#1076\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eResolve security findings by \u003ca href=\"https://github.com/AshelyTC\"\u003e\u003ccode\u003e@​AshelyTC\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1094\"\u003eactions/dependency-review-action#1094\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ev5.0.0 release branch by \u003ca href=\"https://github.com/ahpook\"\u003e\u003ccode\u003e@​ahpook\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1098\"\u003eactions/dependency-review-action#1098\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/scottschreckengaust\"\u003e\u003ccode\u003e@​scottschreckengaust\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1084\"\u003eactions/dependency-review-action#1084\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mongolyy\"\u003e\u003ccode\u003e@​mongolyy\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1091\"\u003eactions/dependency-review-action#1091\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Marukome0743\"\u003e\u003ccode\u003e@​Marukome0743\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1077\"\u003eactions/dependency-review-action#1077\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/dependency-review-action/compare/v4.9.0...v5.0.0\"\u003ehttps://github.com/actions/dependency-review-action/compare/v4.9.0...v5.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eDependency Review Action 4.9.0\u003c/h2\u003e\n\u003cp\u003eThis feature release contains a couple of notable changes:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThere is a new configuration option \u003ccode\u003eshow_patched_versions\u003c/code\u003e which will add a column to the output, showing the fix version of each vulnerable dependency. Thanks \u003ca href=\"https://github.com/felickz\"\u003e\u003ccode\u003e@​felickz\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eRuns which do not display OpenSSF scorecards no longer fetch scorecard information; previously it was fetched regardless of whether or not it was displayed, causing unneccessary slowness. Great catch \u003ca href=\"https://github.com/jantiebot\"\u003e\u003ccode\u003e@​jantiebot\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eThere are a couple of fixes to purl parsing which should improve match accuracy for \u003ccode\u003eallow-package-dependency\u003c/code\u003e lists, including case (in)sensitivity and url-encoded namespaces Thanks \u003ca href=\"https://github.com/juxtin\"\u003e\u003ccode\u003e@​juxtin\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCompare normalized purls to account for encoding quirks by \u003ca href=\"https://github.com/juxtin\"\u003e\u003ccode\u003e@​juxtin\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1056\"\u003eactions/dependency-review-action#1056\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake purl comparisons case insensitive by \u003ca href=\"https://github.com/juxtin\"\u003e\u003ccode\u003e@​juxtin\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1057\"\u003eactions/dependency-review-action#1057\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFeat: Add \u003ccode\u003ePatched Version\u003c/code\u003e to \u003ccode\u003eVulnerabilities\u003c/code\u003e summary by \u003ca href=\"https://github.com/felickz\"\u003e\u003ccode\u003e@​felickz\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1045\"\u003eactions/dependency-review-action#1045\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: only get scorecard levels if user wants to see the OpenSSF scorecard by \u003ca href=\"https://github.com/jantiebot\"\u003e\u003ccode\u003e@​jantiebot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1060\"\u003eactions/dependency-review-action#1060\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump actions/stale from 10.1.0 to 10.2.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1058\"\u003eactions/dependency-review-action#1058\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump actions/checkout from 4 to 6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1021\"\u003eactions/dependency-review-action#1021\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdates for release 4.9.0 by \u003ca href=\"https://github.com/ahpook\"\u003e\u003ccode\u003e@​ahpook\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1064\"\u003eactions/dependency-review-action#1064\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jantiebot\"\u003e\u003ccode\u003e@​jantiebot\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1060\"\u003eactions/dependency-review-action#1060\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/dependency-review-action/compare/v4.8.3...v4.9.0\"\u003ehttps://github.com/actions/dependency-review-action/compare/v4.8.3...v4.9.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.8.3\u003c/h2\u003e\n\u003ch2\u003eDependency Review Action v4.8.3\u003c/h2\u003e\n\u003cp\u003eThis is a bugfix release that updates a number of upstream dependencies and includes a fix for the earlier feature that detected oversized summaries and upload them as artifacts, which could occasionally crash the action.\u003c/p\u003e\n\u003cp\u003eWe have also updated the release process to use a long-lived \u003ccode\u003ev4\u003c/code\u003e \u003cstrong\u003ebranch\u003c/strong\u003e for the action, instead of a force-pushed tag, which aligns better with git branching strategies; the change should be transparent to end users.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eGitHub Actions can't push to our protected main by \u003ca href=\"https://github.com/dangoor\"\u003e\u003ccode\u003e@​dangoor\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1017\"\u003eactions/dependency-review-action#1017\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump actions/stale from 9.1.0 to 10.1.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/995\"\u003eactions/dependency-review-action#995\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/a1d282b36b6f3519aa1f3fc636f609c47dddb294\"\u003e\u003ccode\u003ea1d282b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/issues/1098\"\u003e#1098\u003c/a\u003e from actions/ahpook/v5-release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/eb6c199c5a85c7387f1f0b02b3ba5c6364740695\"\u003e\u003ccode\u003eeb6c199\u003c/code\u003e\u003c/a\u003e update examples to show \u003ca href=\"https://github.com/v5\"\u003e\u003ccode\u003e@​v5\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/3943c2c5beaaaf1806eb3758273c203dabcbf89c\"\u003e\u003ccode\u003e3943c2c\u003c/code\u003e\u003c/a\u003e v5.0.0 release branch\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/454943c880b147adbfe7de0cdd3ece1c00882033\"\u003e\u003ccode\u003e454943c\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/issues/1094\"\u003e#1094\u003c/a\u003e from actions/ashelytc/security-findings\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/6d92a1228e9e9db334f02c09f84fe9217d2b4463\"\u003e\u003ccode\u003e6d92a12\u003c/code\u003e\u003c/a\u003e revert \u003ccode\u003e@​typescript-eslint/parser\u003c/code\u003e update\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/a8e5a7e93695b41abf6d1083cd220bee39a720f0\"\u003e\u003ccode\u003ea8e5a7e\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/issues/1076\"\u003e#1076\u003c/a\u003e from tspascoal/fix-version-matching-for-non-string-s...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/b6b7079031ef4ed61656c221988f1f3bcbf35101\"\u003e\u003ccode\u003eb6b7079\u003c/code\u003e\u003c/a\u003e update \u003ccode\u003e@​typescript-eslint/parser\u003c/code\u003e to 8.40.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/821a21dd691f162c4c5c2e9754a344accde9a208\"\u003e\u003ccode\u003e821a21d\u003c/code\u003e\u003c/a\u003e update more dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/05aaaae45cf4c420de012addf2a72e3435ddaa63\"\u003e\u003ccode\u003e05aaaae\u003c/code\u003e\u003c/a\u003e run npm audit fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/55d3e754501fc13c84b95637ce51f135012d41ea\"\u003e\u003ccode\u003e55d3e75\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/issues/1077\"\u003e#1077\u003c/a\u003e from Marukome0743/docs/checkout\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/actions/dependency-review-action/compare/v4...v5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n","html_url":"https://github.com/EngineeringMoonBear/AgenticOS/pull/6","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/EngineeringMoonBear%2FAgenticOS/issues/6","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/6/packages"},{"uuid":"4443117786","node_id":"PR_kwDOQOnaz87bYFC2","number":5404,"state":"open","title":"chore(ci)(deps): bump the github-actions group across 1 directory with 4 updates","user":"dependabot[bot]","labels":["ci-cd","dependencies","major"],"assignees":["mvillmow"],"locked":false,"comments_count":5,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-14T04:18:08.000Z","updated_at":"2026-05-14T04:24:30.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(ci)(deps): bump","group_name":"github-actions","update_count":4,"packages":[{"name":"DavidAnson/markdownlint-cli2-action","old_version":"23.1.0","new_version":"23.2.0","repository_url":"https://github.com/davidanson/markdownlint-cli2-action"},{"name":"anthropics/claude-code-action","old_version":"1.0.112","new_version":"1.0.122","repository_url":"https://github.com/anthropics/claude-code-action"},{"name":"github/codeql-action","old_version":"4.35.3","new_version":"4.35.4","repository_url":"https://github.com/github/codeql-action"},{"name":"actions/dependency-review-action","old_version":"4.9.0","new_version":"5.0.0","repository_url":"https://github.com/actions/dependency-review-action"}],"path":null,"ecosystem":"actions"},"body":"Bumps the github-actions group with 4 updates in the / directory: [DavidAnson/markdownlint-cli2-action](https://github.com/davidanson/markdownlint-cli2-action), [anthropics/claude-code-action](https://github.com/anthropics/claude-code-action), [github/codeql-action](https://github.com/github/codeql-action) and [actions/dependency-review-action](https://github.com/actions/dependency-review-action).\n\nUpdates `DavidAnson/markdownlint-cli2-action` from 23.1.0 to 23.2.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/ded1f9488f68a970bc66ea5619e13e9b52e601cd\"\u003e\u003ccode\u003eded1f94\u003c/code\u003e\u003c/a\u003e Update to version 23.2.0.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/dc5dad9f8ba073d9c126e0d851df92a6d37edf73\"\u003e\u003ccode\u003edc5dad9\u003c/code\u003e\u003c/a\u003e Add 10-day cooldown period to Dependabot updates.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/64b1c6ae183a8eb20a1aa3953e30a9dd4d432402\"\u003e\u003ccode\u003e64b1c6a\u003c/code\u003e\u003c/a\u003e Add package-lock.json for reproducible builds (fixes \u003ca href=\"https://redirect.github.com/davidanson/markdownlint-cli2-action/issues/362\"\u003e#362\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/6c62e06b9a7e92ae00b281d5c6794123911021af\"\u003e\u003ccode\u003e6c62e06\u003c/code\u003e\u003c/a\u003e Bump eslint-plugin-n from 17.24.0 to 18.0.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/9b5720cdbb216ebfd0f8ebfcd1b213c83ed1b206\"\u003e\u003ccode\u003e9b5720c\u003c/code\u003e\u003c/a\u003e Bump eslint from 10.2.1 to 10.3.0\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/davidanson/markdownlint-cli2-action/compare/6b51ade7a9e4a75a7ad929842dd298a3804ebe8b...ded1f9488f68a970bc66ea5619e13e9b52e601cd\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `anthropics/claude-code-action` from 1.0.112 to 1.0.122\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/anthropics/claude-code-action/releases\"\u003eanthropics/claude-code-action's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.0.122\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/anthropics/claude-code-action/compare/v1...v1.0.122\"\u003ehttps://github.com/anthropics/claude-code-action/compare/v1...v1.0.122\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.0.121\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/anthropics/claude-code-action/compare/v1...v1.0.121\"\u003ehttps://github.com/anthropics/claude-code-action/compare/v1...v1.0.121\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.0.120\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/anthropics/claude-code-action/compare/v1...v1.0.120\"\u003ehttps://github.com/anthropics/claude-code-action/compare/v1...v1.0.120\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.0.119\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/anthropics/claude-code-action/compare/v1...v1.0.119\"\u003ehttps://github.com/anthropics/claude-code-action/compare/v1...v1.0.119\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.0.118\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/anthropics/claude-code-action/compare/v1...v1.0.118\"\u003ehttps://github.com/anthropics/claude-code-action/compare/v1...v1.0.118\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.0.117\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/anthropics/claude-code-action/compare/v1...v1.0.117\"\u003ehttps://github.com/anthropics/claude-code-action/compare/v1...v1.0.117\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.0.116\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate HackerOne links in SECURITY.md by \u003ca href=\"https://github.com/OctavianGuzu\"\u003e\u003ccode\u003e@​OctavianGuzu\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/anthropics/claude-code-action/pull/1268\"\u003eanthropics/claude-code-action#1268\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/anthropics/claude-code-action/compare/v1...v1.0.116\"\u003ehttps://github.com/anthropics/claude-code-action/compare/v1...v1.0.116\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.0.115\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/anthropics/claude-code-action/compare/v1...v1.0.115\"\u003ehttps://github.com/anthropics/claude-code-action/compare/v1...v1.0.115\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.0.114\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/anthropics/claude-code-action/compare/v1...v1.0.114\"\u003ehttps://github.com/anthropics/claude-code-action/compare/v1...v1.0.114\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.0.113\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/anthropics/claude-code-action/compare/v1...v1.0.113\"\u003ehttps://github.com/anthropics/claude-code-action/compare/v1...v1.0.113\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/anthropics/claude-code-action/commit/86eb26bf0139bdd75acd15ea5f00f45ee0a284c2\"\u003e\u003ccode\u003e86eb26b\u003c/code\u003e\u003c/a\u003e chore: bump Claude Code to 2.1.141 and Agent SDK to 0.2.141\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/anthropics/claude-code-action/commit/f4fb5c6cdccc1ee7af63692f5d08d56efaa64cc8\"\u003e\u003ccode\u003ef4fb5c6\u003c/code\u003e\u003c/a\u003e chore: bump Claude Code to 2.1.140 and Agent SDK to 0.2.140\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/anthropics/claude-code-action/commit/dde2242db6af13460b916652159b6ba19a598f30\"\u003e\u003ccode\u003edde2242\u003c/code\u003e\u003c/a\u003e chore: bump Claude Code to 2.1.139 and Agent SDK to 0.2.139\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/anthropics/claude-code-action/commit/476e359e6203e73dad705c8b322e333fabbd7416\"\u003e\u003ccode\u003e476e359\u003c/code\u003e\u003c/a\u003e chore: bump Claude Code to 2.1.138 and Agent SDK to 0.2.138\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/anthropics/claude-code-action/commit/ad67978e5eb3fc76e3c86855adc19db5673fa818\"\u003e\u003ccode\u003ead67978\u003c/code\u003e\u003c/a\u003e chore: bump Claude Code to 2.1.137 and Agent SDK to 0.2.137\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/anthropics/claude-code-action/commit/034cbdb008291e7eeeac420d315fc3b45fca3781\"\u003e\u003ccode\u003e034cbdb\u003c/code\u003e\u003c/a\u003e chore: bump Claude Code to 2.1.136 and Agent SDK to 0.2.136\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/anthropics/claude-code-action/commit/939ae9c056ecf8a1a01409ddd1c4eadec5f8c77b\"\u003e\u003ccode\u003e939ae9c\u003c/code\u003e\u003c/a\u003e chore: bump Claude Code to 2.1.133 and Agent SDK to 0.2.133\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/anthropics/claude-code-action/commit/e9c374db2307762e2abf6bb188b8be47721993fc\"\u003e\u003ccode\u003ee9c374d\u003c/code\u003e\u003c/a\u003e Update HackerOne links in SECURITY.md (\u003ca href=\"https://redirect.github.com/anthropics/claude-code-action/issues/1268\"\u003e#1268\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/anthropics/claude-code-action/commit/9db782c3a17ef2bfc274cd17411bc3e0a5ba1345\"\u003e\u003ccode\u003e9db782c\u003c/code\u003e\u003c/a\u003e chore: bump Claude Code to 2.1.132 and Agent SDK to 0.2.132\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/anthropics/claude-code-action/commit/62238ddb33772a079b0a6d8665a1ff3043583067\"\u003e\u003ccode\u003e62238dd\u003c/code\u003e\u003c/a\u003e chore: bump Claude Code to 2.1.131 and Agent SDK to 0.2.131\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/anthropics/claude-code-action/compare/2cc1ac1331eac7a6a96d716dd204dd2888d0fcd2...86eb26bf0139bdd75acd15ea5f00f45ee0a284c2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github/codeql-action` from 4.35.3 to 4.35.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/github/codeql-action/releases\"\u003egithub/codeql-action's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.35.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.4\"\u003e2.25.4\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3881\"\u003e#3881\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/github/codeql-action/blob/main/CHANGELOG.md\"\u003egithub/codeql-action's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eCodeQL Action Changelog\u003c/h1\u003e\n\u003cp\u003eSee the \u003ca href=\"https://github.com/github/codeql-action/releases\"\u003ereleases page\u003c/a\u003e for the relevant changes to the CodeQL CLI and language packs.\u003c/p\u003e\n\u003ch2\u003e[UNRELEASED]\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eIf multiple inputs are provided for the GitHub-internal \u003ccode\u003eanalysis-kinds\u003c/code\u003e input, only \u003ccode\u003ecode-scanning\u003c/code\u003e will be enabled. The \u003ccode\u003eanalysis-kinds\u003c/code\u003e input is experimental, for GitHub-internal use only, and may change without notice at any time. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3892\"\u003e#3892\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded an experimental change which, when running a Code Scanning analysis for a PR with \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e enabled, prefers CodeQL CLI versions that have a cached overlay-base database for the configured languages. This speeds up analysis for a repository when there is not yet a cached overlay-base database for the latest CLI version. We expect to roll this change out to everyone in May. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3880\"\u003e#3880\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.4 - 07 May 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.4\"\u003e2.25.4\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3881\"\u003e#3881\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.3 - 01 May 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cem\u003eUpcoming breaking change\u003c/em\u003e: Add a deprecation warning for customers using CodeQL version 2.19.3 and earlier. These versions of CodeQL were discontinued on 9 April 2026 alongside GitHub Enterprise Server 3.15, and will be unsupported by the next minor release of the CodeQL Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3837\"\u003e#3837\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eConfigurations for private registries that use Cloudsmith or GCP OIDC are now accepted. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3850\"\u003e#3850\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBest-effort connection tests for private registries now use \u003ccode\u003eGET\u003c/code\u003e requests instead of \u003ccode\u003eHEAD\u003c/code\u003e for better compatibility with various registry implementations. For NuGet feeds, the test is now always performed against the service index. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3853\"\u003e#3853\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed a bug where two diagnostics produced within the same millisecond could overwrite each other on disk, causing one of them to be lost. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3852\"\u003e#3852\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.3\"\u003e2.25.3\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3865\"\u003e#3865\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.2 - 15 Apr 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eThe undocumented TRAP cache cleanup feature that could be enabled using the \u003ccode\u003eCODEQL_ACTION_CLEANUP_TRAP_CACHES\u003c/code\u003e environment variable is deprecated and will be removed in May 2026. If you are affected by this, we recommend disabling TRAP caching by passing the \u003ccode\u003etrap-caching: false\u003c/code\u003e input to the \u003ccode\u003einit\u003c/code\u003e Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3795\"\u003e#3795\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe Git version 2.36.0 requirement for improved incremental analysis now only applies to repositories that contain submodules. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3789\"\u003e#3789\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePython analysis on GHES no longer extracts the standard library, relying instead on models of the standard library. This should result in significantly faster extraction and analysis times, while the effect on alerts should be minimal. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3794\"\u003e#3794\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed a bug in the validation of OIDC configurations for private registries that was added in CodeQL Action 4.33.0 / 3.33.0. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3807\"\u003e#3807\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.2\"\u003e2.25.2\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3823\"\u003e#3823\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.1 - 27 Mar 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix incorrect minimum required Git version for \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e: it should have been 2.36.0, not 2.11.0. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3781\"\u003e#3781\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.0 - 27 Mar 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReduced the minimum Git version required for \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e from 2.38.0 to 2.11.0. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3767\"\u003e#3767\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.1\"\u003e2.25.1\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3773\"\u003e#3773\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.34.1 - 20 Mar 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDowngrade default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.3\"\u003e2.24.3\u003c/a\u003e due to issues with a small percentage of Actions and JavaScript analyses. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3762\"\u003e#3762\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.34.0 - 20 Mar 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded an experimental change which disables TRAP caching when \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e is enabled, since improved incremental analysis supersedes TRAP caching. This will improve performance and reduce Actions cache usage. We expect to roll this change out to everyone in March. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3569\"\u003e#3569\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eWe are rolling out improved incremental analysis to C/C++ analyses that use build mode \u003ccode\u003enone\u003c/code\u003e. We expect this rollout to be complete by the end of April 2026. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3584\"\u003e#3584\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.0\"\u003e2.25.0\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3585\"\u003e#3585\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.33.0 - 16 Mar 2026\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/68bde559dea0fdcac2102bfdf6230c5f70eb485e\"\u003e\u003ccode\u003e68bde55\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3885\"\u003e#3885\u003c/a\u003e from github/update-v4.35.4-803d9e8c3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/9739ad2d182c072da0d01a6887f7f39620f71b1e\"\u003e\u003ccode\u003e9739ad2\u003c/code\u003e\u003c/a\u003e Update changelog for v4.35.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/803d9e8c3ca8b0dd2029a1da3b541a18b6bfb076\"\u003e\u003ccode\u003e803d9e8\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3883\"\u003e#3883\u003c/a\u003e from github/mbg/test/macro-wrapper\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/0fd9c7d1358a7404e46ed8165f12262f56bd1434\"\u003e\u003ccode\u003e0fd9c7d\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3882\"\u003e#3882\u003c/a\u003e from github/dependabot/github_actions/dot-github/wor...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/922d6fb888d665134eb982b150b8912dbd48e21a\"\u003e\u003ccode\u003e922d6fb\u003c/code\u003e\u003c/a\u003e Use \u003ccode\u003emakeMacro\u003c/code\u003e instead of \u003ccode\u003etest.macro\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/df77e87896689b5c736433984c5df14d86c63d56\"\u003e\u003ccode\u003edf77e87\u003c/code\u003e\u003c/a\u003e Update test macro snippet\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/6e3f985e4fc409a188c7701b68c4dec158c9ced3\"\u003e\u003ccode\u003e6e3f985\u003c/code\u003e\u003c/a\u003e Add wrapper for \u003ccode\u003etest.macro\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/e7a347dfb1bfb7a858347623fcb4f650effca6b5\"\u003e\u003ccode\u003ee7a347d\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3881\"\u003e#3881\u003c/a\u003e from github/update-bundle/codeql-bundle-v2.25.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/17eabb2500031486a71e00ecbcb72c73804a6c9f\"\u003e\u003ccode\u003e17eabb2\u003c/code\u003e\u003c/a\u003e Rebuild\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/aaef09c48db2dd7f0100363de1785963a34cd706\"\u003e\u003ccode\u003eaaef09c\u003c/code\u003e\u003c/a\u003e Bump ruby/setup-ruby\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/github/codeql-action/compare/e46ed2cbd01164d986452f91f178727624ae40d7...68bde559dea0fdcac2102bfdf6230c5f70eb485e\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `actions/dependency-review-action` from 4.9.0 to 5.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/dependency-review-action/releases\"\u003eactions/dependency-review-action's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.0.0\u003c/h2\u003e\n\u003cp\u003eThis is a new major version of the Dependency Review Action which updates the runtime to node24. This requires a minimum Actions Runner version \u003ca href=\"https://github.com/actions/runner/releases/tag/v2.327.1\"\u003ev2.327.1\u003c/a\u003e to run.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd .github/copilot-instructions.md for Copilot coding agent by \u003ca href=\"https://github.com/ahpook\"\u003e\u003ccode\u003e@​ahpook\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1067\"\u003eactions/dependency-review-action#1067\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate Node.js runtime from 20 to 24 by \u003ca href=\"https://github.com/scottschreckengaust\"\u003e\u003ccode\u003e@​scottschreckengaust\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1084\"\u003eactions/dependency-review-action#1084\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump spdx-license-ids from 3.0.20 to 3.0.23 by \u003ca href=\"https://github.com/mongolyy\"\u003e\u003ccode\u003e@​mongolyy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1091\"\u003eactions/dependency-review-action#1091\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: bump actions/checkout from v4 to v6 in workflow examples by \u003ca href=\"https://github.com/Marukome0743\"\u003e\u003ccode\u003e@​Marukome0743\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1077\"\u003eactions/dependency-review-action#1077\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: patched version display for advisories with non-strict semver ranges (e.g. Maven beta versions) by \u003ca href=\"https://github.com/tspascoal\"\u003e\u003ccode\u003e@​tspascoal\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1076\"\u003eactions/dependency-review-action#1076\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eResolve security findings by \u003ca href=\"https://github.com/AshelyTC\"\u003e\u003ccode\u003e@​AshelyTC\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1094\"\u003eactions/dependency-review-action#1094\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ev5.0.0 release branch by \u003ca href=\"https://github.com/ahpook\"\u003e\u003ccode\u003e@​ahpook\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1098\"\u003eactions/dependency-review-action#1098\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/scottschreckengaust\"\u003e\u003ccode\u003e@​scottschreckengaust\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1084\"\u003eactions/dependency-review-action#1084\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mongolyy\"\u003e\u003ccode\u003e@​mongolyy\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1091\"\u003eactions/dependency-review-action#1091\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Marukome0743\"\u003e\u003ccode\u003e@​Marukome0743\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1077\"\u003eactions/dependency-review-action#1077\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/dependency-review-action/compare/v4.9.0...v5.0.0\"\u003ehttps://github.com/actions/dependency-review-action/compare/v4.9.0...v5.0.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/a1d282b36b6f3519aa1f3fc636f609c47dddb294\"\u003e\u003ccode\u003ea1d282b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/issues/1098\"\u003e#1098\u003c/a\u003e from actions/ahpook/v5-release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/eb6c199c5a85c7387f1f0b02b3ba5c6364740695\"\u003e\u003ccode\u003eeb6c199\u003c/code\u003e\u003c/a\u003e update examples to show \u003ca href=\"https://github.com/v5\"\u003e\u003ccode\u003e@​v5\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/3943c2c5beaaaf1806eb3758273c203dabcbf89c\"\u003e\u003ccode\u003e3943c2c\u003c/code\u003e\u003c/a\u003e v5.0.0 release branch\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/454943c880b147adbfe7de0cdd3ece1c00882033\"\u003e\u003ccode\u003e454943c\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/issues/1094\"\u003e#1094\u003c/a\u003e from actions/ashelytc/security-findings\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/6d92a1228e9e9db334f02c09f84fe9217d2b4463\"\u003e\u003ccode\u003e6d92a12\u003c/code\u003e\u003c/a\u003e revert \u003ccode\u003e@​typescript-eslint/parser\u003c/code\u003e update\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/a8e5a7e93695b41abf6d1083cd220bee39a720f0\"\u003e\u003ccode\u003ea8e5a7e\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/issues/1076\"\u003e#1076\u003c/a\u003e from tspascoal/fix-version-matching-for-non-string-s...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/b6b7079031ef4ed61656c221988f1f3bcbf35101\"\u003e\u003ccode\u003eb6b7079\u003c/code\u003e\u003c/a\u003e update \u003ccode\u003e@​typescript-eslint/parser\u003c/code\u003e to 8.40.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/821a21dd691f162c4c5c2e9754a344accde9a208\"\u003e\u003ccode\u003e821a21d\u003c/code\u003e\u003c/a\u003e update more dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/05aaaae45cf4c420de012addf2a72e3435ddaa63\"\u003e\u003ccode\u003e05aaaae\u003c/code\u003e\u003c/a\u003e run npm audit fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/55d3e754501fc13c84b95637ce51f135012d41ea\"\u003e\u003ccode\u003e55d3e75\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/issues/1077\"\u003e#1077\u003c/a\u003e from Marukome0743/docs/checkout\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/actions/dependency-review-action/compare/2031cfc080254a8a887f58cffee85186f0e49e48...a1d282b36b6f3519aa1f3fc636f609c47dddb294\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\n\n\n\u003c/details\u003e","html_url":"https://github.com/HomericIntelligence/ProjectOdyssey/pull/5404","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/HomericIntelligence%2FProjectOdyssey/issues/5404","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/5404/packages"},{"uuid":"4435346193","node_id":"PR_kwDOScDj_s7a--TU","number":2,"state":"open","title":"chore(deps)(deps): bump the actions group with 16 updates","user":"dependabot[bot]","labels":["ci","security"],"assignees":[],"locked":false,"comments_count":3,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-13T06:09:12.000Z","updated_at":"2026-05-13T06:09:30.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps)(deps): bump","group_name":"actions","update_count":16,"packages":[{"name":"actions/checkout","old_version":"4.2.2","new_version":"6.0.2","repository_url":"https://github.com/actions/checkout"},{"name":"github/codeql-action","old_version":"3.27.0","new_version":"4.35.4","repository_url":"https://github.com/github/codeql-action"},{"name":"dependabot/fetch-metadata","old_version":"2.3.0","new_version":"3.1.0","repository_url":"https://github.com/dependabot/fetch-metadata"},{"name":"actions/dependency-review-action","old_version":"4.4.0","new_version":"5.0.0","repository_url":"https://github.com/actions/dependency-review-action"},{"name":"actions/labeler","old_version":"5.0.0","new_version":"6.1.0","repository_url":"https://github.com/actions/labeler"},{"name":"reviewdog/action-actionlint","old_version":"1.65.2","new_version":"1.72.0","repository_url":"https://github.com/reviewdog/action-actionlint"},{"name":"actions/setup-python","old_version":"5.3.0","new_version":"6.2.0","repository_url":"https://github.com/actions/setup-python"},{"name":"DavidAnson/markdownlint-cli2-action","old_version":"20.0.0","new_version":"23.2.0","repository_url":"https://github.com/davidanson/markdownlint-cli2-action"},{"name":"release-drafter/release-drafter","old_version":"6.0.0","new_version":"7.3.0","repository_url":"https://github.com/release-drafter/release-drafter"},{"name":"anchore/sbom-action","old_version":"0.17.6","new_version":"0.24.0","repository_url":"https://github.com/anchore/sbom-action"},{"name":"actions/upload-artifact","old_version":"4.4.3","new_version":"7.0.1","repository_url":"https://github.com/actions/upload-artifact"},{"name":"actions/download-artifact","old_version":"4.1.8","new_version":"8.0.1","repository_url":"https://github.com/actions/download-artifact"},{"name":"sigstore/cosign-installer","old_version":"3.7.0","new_version":"4.1.2","repository_url":"https://github.com/sigstore/cosign-installer"},{"name":"actions/attest-build-provenance","old_version":"1.4.3","new_version":"4.1.0","repository_url":"https://github.com/actions/attest-build-provenance"},{"name":"ossf/scorecard-action","old_version":"2.4.0","new_version":"2.4.3","repository_url":"https://github.com/ossf/scorecard-action"},{"name":"actions/stale","old_version":"9.0.0","new_version":"10.2.0","repository_url":"https://github.com/actions/stale"}],"path":null,"ecosystem":"actions"},"body":"Bumps the actions group with 16 updates:\n\n| Package | From | To |\n| --- | --- | --- |\n| [actions/checkout](https://github.com/actions/checkout) | `4.2.2` | `6.0.2` |\n| [github/codeql-action](https://github.com/github/codeql-action) | `3.27.0` | `4.35.4` |\n| [dependabot/fetch-metadata](https://github.com/dependabot/fetch-metadata) | `2.3.0` | `3.1.0` |\n| [actions/dependency-review-action](https://github.com/actions/dependency-review-action) | `4.4.0` | `5.0.0` |\n| [actions/labeler](https://github.com/actions/labeler) | `5.0.0` | `6.1.0` |\n| [reviewdog/action-actionlint](https://github.com/reviewdog/action-actionlint) | `1.65.2` | `1.72.0` |\n| [actions/setup-python](https://github.com/actions/setup-python) | `5.3.0` | `6.2.0` |\n| [DavidAnson/markdownlint-cli2-action](https://github.com/davidanson/markdownlint-cli2-action) | `20.0.0` | `23.2.0` |\n| [release-drafter/release-drafter](https://github.com/release-drafter/release-drafter) | `6.0.0` | `7.3.0` |\n| [anchore/sbom-action](https://github.com/anchore/sbom-action) | `0.17.6` | `0.24.0` |\n| [actions/upload-artifact](https://github.com/actions/upload-artifact) | `4.4.3` | `7.0.1` |\n| [actions/download-artifact](https://github.com/actions/download-artifact) | `4.1.8` | `8.0.1` |\n| [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) | `3.7.0` | `4.1.2` |\n| [actions/attest-build-provenance](https://github.com/actions/attest-build-provenance) | `1.4.3` | `4.1.0` |\n| [ossf/scorecard-action](https://github.com/ossf/scorecard-action) | `2.4.0` | `2.4.3` |\n| [actions/stale](https://github.com/actions/stale) | `9.0.0` | `10.2.0` |\n\nUpdates `actions/checkout` from 4.2.2 to 6.0.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/checkout/releases\"\u003eactions/checkout's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.0.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd orchestration_id to git user-agent when ACTIONS_ORCHESTRATION_ID is set by \u003ca href=\"https://github.com/TingluoHuang\"\u003e\u003ccode\u003e@​TingluoHuang\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2355\"\u003eactions/checkout#2355\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix tag handling: preserve annotations and explicit fetch-tags by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2356\"\u003eactions/checkout#2356\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/checkout/compare/v6.0.1...v6.0.2\"\u003ehttps://github.com/actions/checkout/compare/v6.0.1...v6.0.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.0.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate all references from v5 and v4 to v6 by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2314\"\u003eactions/checkout#2314\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd worktree support for persist-credentials includeIf by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2327\"\u003eactions/checkout#2327\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eClarify v6 README by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2328\"\u003eactions/checkout#2328\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/checkout/compare/v6...v6.0.1\"\u003ehttps://github.com/actions/checkout/compare/v6...v6.0.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.0.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate README to include Node.js 24 support details and requirements by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2248\"\u003eactions/checkout#2248\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePersist creds to a separate file by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2286\"\u003eactions/checkout#2286\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ev6-beta by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2298\"\u003eactions/checkout#2298\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eupdate readme/changelog for v6 by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2311\"\u003eactions/checkout#2311\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/checkout/compare/v5.0.0...v6.0.0\"\u003ehttps://github.com/actions/checkout/compare/v5.0.0...v6.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6-beta\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cp\u003eUpdated persist-credentials to store the credentials under \u003ccode\u003e$RUNNER_TEMP\u003c/code\u003e instead of directly in the local git config.\u003c/p\u003e\n\u003cp\u003eThis requires a minimum Actions Runner version of \u003ca href=\"https://github.com/actions/runner/releases/tag/v2.329.0\"\u003ev2.329.0\u003c/a\u003e to access the persisted credentials for \u003ca href=\"https://docs.github.com/en/actions/tutorials/use-containerized-services/create-a-docker-container-action\"\u003eDocker container action\u003c/a\u003e scenarios.\u003c/p\u003e\n\u003ch2\u003ev5.0.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePort v6 cleanup to v5 by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2301\"\u003eactions/checkout#2301\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/checkout/compare/v5...v5.0.1\"\u003ehttps://github.com/actions/checkout/compare/v5...v5.0.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.0.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate actions checkout to use node 24 by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2226\"\u003eactions/checkout#2226\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePrepare v5.0.0 release by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2238\"\u003eactions/checkout#2238\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e⚠️ Minimum Compatible Runner Version\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003ev2.327.1\u003c/strong\u003e\u003cbr /\u003e\n\u003ca href=\"https://github.com/actions/runner/releases/tag/v2.327.1\"\u003eRelease Notes\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/checkout/blob/main/CHANGELOG.md\"\u003eactions/checkout's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003ch2\u003ev6.0.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix tag handling: preserve annotations and explicit fetch-tags by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2356\"\u003eactions/checkout#2356\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.0.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd worktree support for persist-credentials includeIf by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2327\"\u003eactions/checkout#2327\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.0.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePersist creds to a separate file by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2286\"\u003eactions/checkout#2286\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate README to include Node.js 24 support details and requirements by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2248\"\u003eactions/checkout#2248\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.0.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePort v6 cleanup to v5 by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2301\"\u003eactions/checkout#2301\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.0.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate actions checkout to use node 24 by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2226\"\u003eactions/checkout#2226\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.3.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePort v6 cleanup to v4 by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2305\"\u003eactions/checkout#2305\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.3.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edocs: update README.md by \u003ca href=\"https://github.com/motss\"\u003e\u003ccode\u003e@​motss\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1971\"\u003eactions/checkout#1971\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd internal repos for checking out multiple repositories by \u003ca href=\"https://github.com/mouismail\"\u003e\u003ccode\u003e@​mouismail\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1977\"\u003eactions/checkout#1977\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDocumentation update - add recommended permissions to Readme by \u003ca href=\"https://github.com/benwells\"\u003e\u003ccode\u003e@​benwells\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2043\"\u003eactions/checkout#2043\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdjust positioning of user email note and permissions heading by \u003ca href=\"https://github.com/joshmgross\"\u003e\u003ccode\u003e@​joshmgross\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2044\"\u003eactions/checkout#2044\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate README.md by \u003ca href=\"https://github.com/nebuk89\"\u003e\u003ccode\u003e@​nebuk89\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2194\"\u003eactions/checkout#2194\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate CODEOWNERS for actions by \u003ca href=\"https://github.com/TingluoHuang\"\u003e\u003ccode\u003e@​TingluoHuang\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2224\"\u003eactions/checkout#2224\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate package dependencies by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2236\"\u003eactions/checkout#2236\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.2.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eurl-helper.ts\u003c/code\u003e now leverages well-known environment variables by \u003ca href=\"https://github.com/jww3\"\u003e\u003ccode\u003e@​jww3\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1941\"\u003eactions/checkout#1941\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eExpand unit test coverage for \u003ccode\u003eisGhes\u003c/code\u003e by \u003ca href=\"https://github.com/jww3\"\u003e\u003ccode\u003e@​jww3\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1946\"\u003eactions/checkout#1946\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.2.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCheck out other refs/* by commit if provided, fall back to ref by \u003ca href=\"https://github.com/orhantoy\"\u003e\u003ccode\u003e@​orhantoy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1924\"\u003eactions/checkout#1924\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.2.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd Ref and Commit outputs by \u003ca href=\"https://github.com/lucacome\"\u003e\u003ccode\u003e@​lucacome\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1180\"\u003eactions/checkout#1180\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDependency updates by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e- \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1777\"\u003eactions/checkout#1777\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1872\"\u003eactions/checkout#1872\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.1.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBump the minor-npm-dependencies group across 1 directory with 4 updates by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1739\"\u003eactions/checkout#1739\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump actions/checkout from 3 to 4 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1697\"\u003eactions/checkout#1697\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCheck out other refs/* by commit by \u003ca href=\"https://github.com/orhantoy\"\u003e\u003ccode\u003e@​orhantoy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1774\"\u003eactions/checkout#1774\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePin actions/checkout's own workflows to a known, good, stable version. by \u003ca href=\"https://github.com/jww3\"\u003e\u003ccode\u003e@​jww3\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1776\"\u003eactions/checkout#1776\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.1.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCheck platform to set archive extension appropriately by \u003ca href=\"https://github.com/cory-miller\"\u003e\u003ccode\u003e@​cory-miller\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1732\"\u003eactions/checkout#1732\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/de0fac2e4500dabe0009e67214ff5f5447ce83dd\"\u003e\u003ccode\u003ede0fac2\u003c/code\u003e\u003c/a\u003e Fix tag handling: preserve annotations and explicit fetch-tags (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2356\"\u003e#2356\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/064fe7f3312418007dea2b49a19844a9ee378f49\"\u003e\u003ccode\u003e064fe7f\u003c/code\u003e\u003c/a\u003e Add orchestration_id to git user-agent when ACTIONS_ORCHESTRATION_ID is set (...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/8e8c483db84b4bee98b60c0593521ed34d9990e8\"\u003e\u003ccode\u003e8e8c483\u003c/code\u003e\u003c/a\u003e Clarify v6 README (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2328\"\u003e#2328\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/033fa0dc0b82693d8986f1016a0ec2c5e7d9cbb1\"\u003e\u003ccode\u003e033fa0d\u003c/code\u003e\u003c/a\u003e Add worktree support for persist-credentials includeIf (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2327\"\u003e#2327\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/c2d88d3ecc89a9ef08eebf45d9637801dcee7eb5\"\u003e\u003ccode\u003ec2d88d3\u003c/code\u003e\u003c/a\u003e Update all references from v5 and v4 to v6 (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2314\"\u003e#2314\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/1af3b93b6815bc44a9784bd300feb67ff0d1eeb3\"\u003e\u003ccode\u003e1af3b93\u003c/code\u003e\u003c/a\u003e update readme/changelog for v6 (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2311\"\u003e#2311\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/71cf2267d89c5cb81562390fa70a37fa40b1305e\"\u003e\u003ccode\u003e71cf226\u003c/code\u003e\u003c/a\u003e v6-beta (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2298\"\u003e#2298\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/069c6959146423d11cd0184e6accf28f9d45f06e\"\u003e\u003ccode\u003e069c695\u003c/code\u003e\u003c/a\u003e Persist creds to a separate file (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2286\"\u003e#2286\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/ff7abcd0c3c05ccf6adc123a8cd1fd4fb30fb493\"\u003e\u003ccode\u003eff7abcd\u003c/code\u003e\u003c/a\u003e Update README to include Node.js 24 support details and requirements (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2248\"\u003e#2248\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/08c6903cd8c0fde910a37f88322edcfb5dd907a8\"\u003e\u003ccode\u003e08c6903\u003c/code\u003e\u003c/a\u003e Prepare v5.0.0 release (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2238\"\u003e#2238\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/actions/checkout/compare/11bd71901bbe5b1630ceea73d27597364c9af683...de0fac2e4500dabe0009e67214ff5f5447ce83dd\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github/codeql-action` from 3.27.0 to 4.35.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/github/codeql-action/releases\"\u003egithub/codeql-action's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.35.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.4\"\u003e2.25.4\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3881\"\u003e#3881\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.35.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cem\u003eUpcoming breaking change\u003c/em\u003e: Add a deprecation warning for customers using CodeQL version 2.19.3 and earlier. These versions of CodeQL were discontinued on 9 April 2026 alongside GitHub Enterprise Server 3.15, and will be unsupported by the next minor release of the CodeQL Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3837\"\u003e#3837\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eConfigurations for private registries that use Cloudsmith or GCP OIDC are now accepted. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3850\"\u003e#3850\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBest-effort connection tests for private registries now use \u003ccode\u003eGET\u003c/code\u003e requests instead of \u003ccode\u003eHEAD\u003c/code\u003e for better compatibility with various registry implementations. For NuGet feeds, the test is now always performed against the service index. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3853\"\u003e#3853\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed a bug where two diagnostics produced within the same millisecond could overwrite each other on disk, causing one of them to be lost. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3852\"\u003e#3852\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.3\"\u003e2.25.3\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3865\"\u003e#3865\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.35.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eThe undocumented TRAP cache cleanup feature that could be enabled using the \u003ccode\u003eCODEQL_ACTION_CLEANUP_TRAP_CACHES\u003c/code\u003e environment variable is deprecated and will be removed in May 2026. If you are affected by this, we recommend disabling TRAP caching by passing the \u003ccode\u003etrap-caching: false\u003c/code\u003e input to the \u003ccode\u003einit\u003c/code\u003e Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3795\"\u003e#3795\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe Git version 2.36.0 requirement for improved incremental analysis now only applies to repositories that contain submodules. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3789\"\u003e#3789\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePython analysis on GHES no longer extracts the standard library, relying instead on models of the standard library. This should result in significantly faster extraction and analysis times, while the effect on alerts should be minimal. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3794\"\u003e#3794\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed a bug in the validation of OIDC configurations for private registries that was added in CodeQL Action 4.33.0 / 3.33.0. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3807\"\u003e#3807\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.2\"\u003e2.25.2\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3823\"\u003e#3823\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.35.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix incorrect minimum required Git version for \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e: it should have been 2.36.0, not 2.11.0. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3781\"\u003e#3781\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.35.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReduced the minimum Git version required for \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e from 2.38.0 to 2.11.0. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3767\"\u003e#3767\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.1\"\u003e2.25.1\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3773\"\u003e#3773\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.34.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDowngrade default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.3\"\u003e2.24.3\u003c/a\u003e due to issues with a small percentage of Actions and JavaScript analyses. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3762\"\u003e#3762\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.34.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded an experimental change which disables TRAP caching when \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e is enabled, since improved incremental analysis supersedes TRAP caching. This will improve performance and reduce Actions cache usage. We expect to roll this change out to everyone in March. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3569\"\u003e#3569\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eWe are rolling out improved incremental analysis to C/C++ analyses that use build mode \u003ccode\u003enone\u003c/code\u003e. We expect this rollout to be complete by the end of April 2026. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3584\"\u003e#3584\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.0\"\u003e2.25.0\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3585\"\u003e#3585\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.33.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eUpcoming change: Starting April 2026, the CodeQL Action will skip collecting file coverage information on pull requests to improve analysis performance. File coverage information will still be computed on non-PR analyses. Pull request analyses will log a warning about this upcoming change. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3562\"\u003e#3562\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eTo opt out of this change:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eRepositories owned by an organization:\u003c/strong\u003e Create a custom repository property with the name \u003ccode\u003egithub-codeql-file-coverage-on-prs\u003c/code\u003e and the type \u0026quot;True/false\u0026quot;, then set this property to \u003ccode\u003etrue\u003c/code\u003e in the repository's settings. For more information, see \u003ca href=\"https://docs.github.com/en/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization\"\u003eManaging custom properties for repositories in your organization\u003c/a\u003e. Alternatively, if you are using an advanced setup workflow, you can set the \u003ccode\u003eCODEQL_ACTION_FILE_COVERAGE_ON_PRS\u003c/code\u003e environment variable to \u003ccode\u003etrue\u003c/code\u003e in your workflow.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUser-owned repositories using default setup:\u003c/strong\u003e Switch to an advanced setup workflow and set the \u003ccode\u003eCODEQL_ACTION_FILE_COVERAGE_ON_PRS\u003c/code\u003e environment variable to \u003ccode\u003etrue\u003c/code\u003e in your workflow.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUser-owned repositories using advanced setup:\u003c/strong\u003e Set the \u003ccode\u003eCODEQL_ACTION_FILE_COVERAGE_ON_PRS\u003c/code\u003e environment variable to \u003ccode\u003etrue\u003c/code\u003e in your workflow.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixed \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3555\"\u003ea bug\u003c/a\u003e which caused the CodeQL Action to fail loading repository properties if a \u0026quot;Multi select\u0026quot; repository property was configured for the repository. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3557\"\u003e#3557\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eThe CodeQL Action now loads \u003ca href=\"https://docs.github.com/en/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization\"\u003ecustom repository properties\u003c/a\u003e on GitHub Enterprise Server, enabling the customization of features such as \u003ccode\u003egithub-codeql-disable-overlay\u003c/code\u003e that was previously only available on GitHub.com. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3559\"\u003e#3559\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eOnce \u003ca href=\"https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries\"\u003eprivate package registries\u003c/a\u003e can be configured with OIDC-based authentication for organizations, the CodeQL Action will now be able to accept such configurations. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3563\"\u003e#3563\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixed the retry mechanism for database uploads. Previously this would fail with the error \u0026quot;Response body object should not be disturbed or locked\u0026quot;. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3564\"\u003e#3564\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eA warning is now emitted if the CodeQL Action detects a repository property whose name suggests that it relates to the CodeQL Action, but which is not one of the properties recognised by the current version of the CodeQL Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3570\"\u003e#3570\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.32.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.3\"\u003e2.24.3\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3548\"\u003e#3548\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.32.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRepositories owned by an organization can now set up the \u003ccode\u003egithub-codeql-disable-overlay\u003c/code\u003e custom repository property to disable \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis for CodeQL\u003c/a\u003e. First, create a custom repository property with the name \u003ccode\u003egithub-codeql-disable-overlay\u003c/code\u003e and the type \u0026quot;True/false\u0026quot; in the organization's settings. Then in the repository's settings, set this property to \u003ccode\u003etrue\u003c/code\u003e to disable improved incremental analysis. For more information, see \u003ca href=\"https://docs.github.com/en/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization\"\u003eManaging custom properties for repositories in your organization\u003c/a\u003e. This feature is not yet available on GitHub Enterprise Server. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3507\"\u003e#3507\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/github/codeql-action/blob/main/CHANGELOG.md\"\u003egithub/codeql-action's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eCodeQL Action Changelog\u003c/h1\u003e\n\u003cp\u003eSee the \u003ca href=\"https://github.com/github/codeql-action/releases\"\u003ereleases page\u003c/a\u003e for the relevant changes to the CodeQL CLI and language packs.\u003c/p\u003e\n\u003ch2\u003e[UNRELEASED]\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded an experimental change which, when running a Code Scanning analysis for a PR with \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e enabled, prefers CodeQL CLI versions that have a cached overlay-base database for the configured languages. This speeds up analysis for a repository when there is not yet a cached overlay-base database for the latest CLI version. We expect to roll this change out to everyone in May. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3880\"\u003e#3880\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.4 - 07 May 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.4\"\u003e2.25.4\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3881\"\u003e#3881\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.3 - 01 May 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cem\u003eUpcoming breaking change\u003c/em\u003e: Add a deprecation warning for customers using CodeQL version 2.19.3 and earlier. These versions of CodeQL were discontinued on 9 April 2026 alongside GitHub Enterprise Server 3.15, and will be unsupported by the next minor release of the CodeQL Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3837\"\u003e#3837\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eConfigurations for private registries that use Cloudsmith or GCP OIDC are now accepted. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3850\"\u003e#3850\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBest-effort connection tests for private registries now use \u003ccode\u003eGET\u003c/code\u003e requests instead of \u003ccode\u003eHEAD\u003c/code\u003e for better compatibility with various registry implementations. For NuGet feeds, the test is now always performed against the service index. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3853\"\u003e#3853\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed a bug where two diagnostics produced within the same millisecond could overwrite each other on disk, causing one of them to be lost. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3852\"\u003e#3852\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.3\"\u003e2.25.3\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3865\"\u003e#3865\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.2 - 15 Apr 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eThe undocumented TRAP cache cleanup feature that could be enabled using the \u003ccode\u003eCODEQL_ACTION_CLEANUP_TRAP_CACHES\u003c/code\u003e environment variable is deprecated and will be removed in May 2026. If you are affected by this, we recommend disabling TRAP caching by passing the \u003ccode\u003etrap-caching: false\u003c/code\u003e input to the \u003ccode\u003einit\u003c/code\u003e Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3795\"\u003e#3795\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe Git version 2.36.0 requirement for improved incremental analysis now only applies to repositories that contain submodules. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3789\"\u003e#3789\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePython analysis on GHES no longer extracts the standard library, relying instead on models of the standard library. This should result in significantly faster extraction and analysis times, while the effect on alerts should be minimal. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3794\"\u003e#3794\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed a bug in the validation of OIDC configurations for private registries that was added in CodeQL Action 4.33.0 / 3.33.0. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3807\"\u003e#3807\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.2\"\u003e2.25.2\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3823\"\u003e#3823\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.1 - 27 Mar 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix incorrect minimum required Git version for \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e: it should have been 2.36.0, not 2.11.0. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3781\"\u003e#3781\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.0 - 27 Mar 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReduced the minimum Git version required for \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e from 2.38.0 to 2.11.0. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3767\"\u003e#3767\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.1\"\u003e2.25.1\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3773\"\u003e#3773\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.34.1 - 20 Mar 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDowngrade default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.3\"\u003e2.24.3\u003c/a\u003e due to issues with a small percentage of Actions and JavaScript analyses. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3762\"\u003e#3762\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.34.0 - 20 Mar 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded an experimental change which disables TRAP caching when \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e is enabled, since improved incremental analysis supersedes TRAP caching. This will improve performance and reduce Actions cache usage. We expect to roll this change out to everyone in March. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3569\"\u003e#3569\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eWe are rolling out improved incremental analysis to C/C++ analyses that use build mode \u003ccode\u003enone\u003c/code\u003e. We expect this rollout to be complete by the end of April 2026. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3584\"\u003e#3584\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.0\"\u003e2.25.0\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3585\"\u003e#3585\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.33.0 - 16 Mar 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpcoming change: Starting April 2026, the CodeQL Action will skip collecting file coverage information on pull requests to improve analysis performance. File coverage information will still be computed on non-PR analyses. Pull request analyses will log a warning about this upcoming change. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3562\"\u003e#3562\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/68bde559dea0fdcac2102bfdf6230c5f70eb485e\"\u003e\u003ccode\u003e68bde55\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3885\"\u003e#3885\u003c/a\u003e from github/update-v4.35.4-803d9e8c3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/9739ad2d182c072da0d01a6887f7f39620f71b1e\"\u003e\u003ccode\u003e9739ad2\u003c/code\u003e\u003c/a\u003e Update changelog for v4.35.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/803d9e8c3ca8b0dd2029a1da3b541a18b6bfb076\"\u003e\u003ccode\u003e803d9e8\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3883\"\u003e#3883\u003c/a\u003e from github/mbg/test/macro-wrapper\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/0fd9c7d1358a7404e46ed8165f12262f56bd1434\"\u003e\u003ccode\u003e0fd9c7d\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3882\"\u003e#3882\u003c/a\u003e from github/dependabot/github_actions/dot-github/wor...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/922d6fb888d665134eb982b150b8912dbd48e21a\"\u003e\u003ccode\u003e922d6fb\u003c/code\u003e\u003c/a\u003e Use \u003ccode\u003emakeMacro\u003c/code\u003e instead of \u003ccode\u003etest.macro\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/df77e87896689b5c736433984c5df14d86c63d56\"\u003e\u003ccode\u003edf77e87\u003c/code\u003e\u003c/a\u003e Update test macro snippet\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/6e3f985e4fc409a188c7701b68c4dec158c9ced3\"\u003e\u003ccode\u003e6e3f985\u003c/code\u003e\u003c/a\u003e Add wrapper for \u003ccode\u003etest.macro\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/e7a347dfb1bfb7a858347623fcb4f650effca6b5\"\u003e\u003ccode\u003ee7a347d\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3881\"\u003e#3881\u003c/a\u003e from github/update-bundle/codeql-bundle-v2.25.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/17eabb2500031486a71e00ecbcb72c73804a6c9f\"\u003e\u003ccode\u003e17eabb2\u003c/code\u003e\u003c/a\u003e Rebuild\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/aaef09c48db2dd7f0100363de1785963a34cd706\"\u003e\u003ccode\u003eaaef09c\u003c/code\u003e\u003c/a\u003e Bump ruby/setup-ruby\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/github/codeql-action/compare/662472033e021d55d94146f66f6058822b0b39fd...68bde559dea0fdcac2102bfdf6230c5f70eb485e\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `dependabot/fetch-metadata` from 2.3.0 to 3.1.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/dependabot/fetch-metadata/releases\"\u003edependabot/fetch-metadata's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.1.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd permissions to all workflows by \u003ca href=\"https://github.com/truggeri\"\u003e\u003ccode\u003e@​truggeri\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/687\"\u003edependabot/fetch-metadata#687\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump globals from 16.0.0 to 17.4.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/690\"\u003edependabot/fetch-metadata#690\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump esbuild from 0.27.4 to 0.28.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/693\"\u003edependabot/fetch-metadata#693\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump \u003ccode\u003e@​hono/node-server\u003c/code\u003e from 1.19.10 to 1.19.13 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/694\"\u003edependabot/fetch-metadata#694\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump hono from 4.12.7 to 4.12.12 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/695\"\u003edependabot/fetch-metadata#695\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDynamically update the tracking tag in action by \u003ca href=\"https://github.com/truggeri\"\u003e\u003ccode\u003e@​truggeri\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/696\"\u003edependabot/fetch-metadata#696\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: handle duplicate dependency names in parseMetadataLinks by \u003ca href=\"https://github.com/devantler\"\u003e\u003ccode\u003e@​devantler\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/700\"\u003edependabot/fetch-metadata#700\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: remove $ anchor from updateFragment regex to handle pip directory suffixes by \u003ca href=\"https://github.com/devantler\"\u003e\u003ccode\u003e@​devantler\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/698\"\u003edependabot/fetch-metadata#698\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdates to README for permissions clarification by \u003ca href=\"https://github.com/truggeri\"\u003e\u003ccode\u003e@​truggeri\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/697\"\u003edependabot/fetch-metadata#697\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: resolve update-type null for Python, Composer, and Terraform PRs by \u003ca href=\"https://github.com/vitorsdcs\"\u003e\u003ccode\u003e@​vitorsdcs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/704\"\u003edependabot/fetch-metadata#704\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump globals from 17.4.0 to 17.5.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/703\"\u003edependabot/fetch-metadata#703\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/create-github-app-token from 3.0.0 to 3.1.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/701\"\u003edependabot/fetch-metadata#701\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump \u003ccode\u003e@​actions/github\u003c/code\u003e from 9.0.0 to 9.1.0 in the dependencies group across 1 directory by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/702\"\u003edependabot/fetch-metadata#702\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump hono from 4.12.12 to 4.12.14 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/705\"\u003edependabot/fetch-metadata#705\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ev3.1.0 by \u003ca href=\"https://github.com/fetch-metadata-action-automation\"\u003e\u003ccode\u003e@​fetch-metadata-action-automation\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/692\"\u003edependabot/fetch-metadata#692\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/devantler\"\u003e\u003ccode\u003e@​devantler\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/700\"\u003edependabot/fetch-metadata#700\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitorsdcs\"\u003e\u003ccode\u003e@​vitorsdcs\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/704\"\u003edependabot/fetch-metadata#704\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/dependabot/fetch-metadata/compare/v3...v3.1.0\"\u003ehttps://github.com/dependabot/fetch-metadata/compare/v3...v3.1.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.0.0\u003c/h2\u003e\n\u003cp\u003eThe breaking change is requiring Node.js version v24 as the Actions runtime.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat: Parse versions from metadata links by \u003ca href=\"https://github.com/ppkarwasz\"\u003e\u003ccode\u003e@​ppkarwasz\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/632\"\u003edependabot/fetch-metadata#632\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade actions core and actions github packages by \u003ca href=\"https://github.com/truggeri\"\u003e\u003ccode\u003e@​truggeri\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/649\"\u003edependabot/fetch-metadata#649\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: Add notes for using \u003ccode\u003ealert-lookup\u003c/code\u003e with App Token by \u003ca href=\"https://github.com/sue445\"\u003e\u003ccode\u003e@​sue445\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/656\"\u003edependabot/fetch-metadata#656\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat!: update Node.js version to v24 by \u003ca href=\"https://github.com/sturman\"\u003e\u003ccode\u003e@​sturman\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/671\"\u003edependabot/fetch-metadata#671\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSwitch build tooling from ncc to esbuild by \u003ca href=\"https://github.com/truggeri\"\u003e\u003ccode\u003e@​truggeri\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/676\"\u003edependabot/fetch-metadata#676\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd --legal-comments=none to esbuild build commands by \u003ca href=\"https://github.com/jeffwidman\"\u003e\u003ccode\u003e@​jeffwidman\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/679\"\u003edependabot/fetch-metadata#679\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump tsconfig target from es2022 to es2024 by \u003ca href=\"https://github.com/jeffwidman\"\u003e\u003ccode\u003e@​jeffwidman\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/680\"\u003edependabot/fetch-metadata#680\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemove vestigial outDir from tsconfig.json by \u003ca href=\"https://github.com/jeffwidman\"\u003e\u003ccode\u003e@​jeffwidman\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/681\"\u003edependabot/fetch-metadata#681\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSwitch tsconfig module resolution to bundler by \u003ca href=\"https://github.com/jeffwidman\"\u003e\u003ccode\u003e@​jeffwidman\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/682\"\u003edependabot/fetch-metadata#682\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemove skipLibCheck from tsconfig.json by \u003ca href=\"https://github.com/jeffwidman\"\u003e\u003ccode\u003e@​jeffwidman\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/683\"\u003edependabot/fetch-metadata#683\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd typecheck step to CI by \u003ca href=\"https://github.com/jeffwidman\"\u003e\u003ccode\u003e@​jeffwidman\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/685\"\u003edependabot/fetch-metadata#685\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eEnable noImplicitAny in tsconfig.json by \u003ca href=\"https://github.com/jeffwidman\"\u003e\u003ccode\u003e@​jeffwidman\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/684\"\u003edependabot/fetch-metadata#684\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade \u003ccode\u003e@​actions/core\u003c/code\u003e to ^3.0.0 by \u003ca href=\"https://github.com/truggeri\"\u003e\u003ccode\u003e@​truggeri\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/677\"\u003edependabot/fetch-metadata#677\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade \u003ccode\u003e@​actions/github\u003c/code\u003e to ^9.0.0 and \u003ccode\u003e@​octokit/request-error\u003c/code\u003e to ^7.1.0 by \u003ca href=\"https://github.com/truggeri\"\u003e\u003ccode\u003e@​truggeri\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/678\"\u003edependabot/fetch-metadata#678\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump qs from 6.14.0 to 6.14.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/651\"\u003edependabot/fetch-metadata#651\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump hono from 4.11.1 to 4.11.4 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/652\"\u003edependabot/fetch-metadata#652\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump hono from 4.11.4 to 4.11.7 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/653\"\u003edependabot/fetch-metadata#653\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump hono from 4.11.7 to 4.12.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/657\"\u003edependabot/fetch-metadata#657\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump qs from 6.14.1 to 6.14.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/655\"\u003edependabot/fetch-metadata#655\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​modelcontextprotocol/sdk\u003c/code\u003e from 1.25.1 to 1.26.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/654\"\u003edependabot/fetch-metadata#654\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​hono/node-server\u003c/code\u003e from 1.19.9 to 1.19.10 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/665\"\u003edependabot/fetch-metadata#665\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump hono from 4.12.2 to 4.12.5 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/664\"\u003edependabot/fetch-metadata#664\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dependabot/fetch-metadata/commit/25dd0e34f4fe68f24cc83900b1fe3fe149efef98\"\u003e\u003ccode\u003e25dd0e3\u003c/code\u003e\u003c/a\u003e v3.1.0 (\u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/issues/692\"\u003e#692\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dependabot/fetch-metadata/commit/e073f50d732cb48d48fb80afedb4fa61361626e9\"\u003e\u003ccode\u003ee073f50\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/issues/705\"\u003e#705\u003c/a\u003e from dependabot/dependabot/npm_and_yarn/hono-4.12.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dependabot/fetch-metadata/commit/0670e167df1fbee1b0d07121de6a182ddebdd674\"\u003e\u003ccode\u003e0670e16\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump hono from 4.12.12 to 4.12.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dependabot/fetch-metadata/commit/7a7fe10a42310e65df80af6c771e9aa5d59842d1\"\u003e\u003ccode\u003e7a7fe10\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/issues/702\"\u003e#702\u003c/a\u003e from dependabot/dependabot/npm_and_yarn/dependencies-...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dependabot/fetch-metadata/commit/5168191cea3d4daa635bff6c796b4f0faeba522d\"\u003e\u003ccode\u003e5168191\u003c/code\u003e\u003c/a\u003e Updating dist build\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dependabot/fetch-metadata/commit/23882e175b2f16bc495c89aa50940399c6a17504\"\u003e\u003ccode\u003e23882e1\u003c/code\u003e\u003c/a\u003e build(deps): bump \u003ccode\u003e@​actions/github\u003c/code\u003e in the dependencies group\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dependabot/fetch-metadata/commit/1072469591c13fda1d8dba1d1ac2e80187e247d7\"\u003e\u003ccode\u003e1072469\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/issues/701\"\u003e#701\u003c/a\u003e from dependabot/dependabot/github_actions/actions/cre...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dependabot/fetch-metadata/commit/43f8a0055c8e32587be67e097dff89a6823c9752\"\u003e\u003ccode\u003e43f8a00\u003c/code\u003e\u003c/a\u003e build(deps): bump actions/create-github-app-token from 3.0.0 to 3.1.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dependabot/fetch-metadata/commit/b4d904a50935c8ebe744da148ea8a18a43fe72e1\"\u003e\u003ccode\u003eb4d904a\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/issues/703\"\u003e#703\u003c/a\u003e from dependabot/dependabot/npm_and_yarn/globals-17.5.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dependabot/fetch-metadata/commit/c8046bb877d9989cc848797de1b944bc3e93ef82\"\u003e\u003ccode\u003ec8046bb\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump globals from 17.4.0 to 17.5.0\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/dependabot/fetch-metadata/compare/d7267f607e9d3fb96fc2fbe83e0af444713e90b7...25dd0e34f4fe68f24cc83900b1fe3fe149efef98\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `actions/dependency-review-action` from 4.4.0 to 5.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/dependency-review-action/releases\"\u003eactions/dependency-review-action's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.0.0\u003c/h2\u003e\n\u003cp\u003eThis is a new major version of the Dependency Review Action which updates the runtime to node24. This requires a minimum Actions Runner version \u003ca href=\"https://github.com/actions/runner/releases/tag/v2.327.1\"\u003ev2.327.1\u003c/a\u003e to run.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd .github/copilot-instructions.md for Copilot coding agent by \u003ca href=\"https://github.com/ahpook\"\u003e\u003ccode\u003e@​ahpook\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1067\"\u003eactions/dependency-review-action#1067\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate Node.js runtime from 20 to 24 by \u003ca href=\"https://github.com/scottschreckengaust\"\u003e\u003ccode\u003e@​scottschreckengaust\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1084\"\u003eactions/dependency-review-action#1084\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump spdx-license-ids from 3.0.20 to 3.0.23 by \u003ca href=\"https://github.com/mongolyy\"\u003e\u003ccode\u003e@​mongolyy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1091\"\u003eactions/dependency-review-action#1091\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: bump actions/checkout from v4 to v6 in workflow examples by \u003ca href=\"https://github.com/Marukome0743\"\u003e\u003ccode\u003e@​Marukome0743\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1077\"\u003eactions/dependency-review-action#1077\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: patched version display for advisories with non-strict semver ranges (e.g. Maven beta versions) by \u003ca href=\"https://github.com/tspascoal\"\u003e\u003ccode\u003e@​tspascoal\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1076\"\u003eactions/dependency-review-action#1076\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eResolve security findings by \u003ca href=\"https://github.com/AshelyTC\"\u003e\u003ccode\u003e@​AshelyTC\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1094\"\u003eactions/dependency-review-action#1094\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ev5.0.0 release branch by \u003ca href=\"https://github.com/ahpook\"\u003e\u003ccode\u003e@​ahpook\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1098\"\u003eactions/dependency-review-action#1098\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/scottschreckengaust\"\u003e\u003ccode\u003e@​scottschreckengaust\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1084\"\u003eactions/dependency-review-action#1084\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mongolyy\"\u003e\u003ccode\u003e@​mongolyy\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1091\"\u003eactions/dependency-review-action#1091\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Marukome0743\"\u003e\u003ccode\u003e@​Marukome0743\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1077\"\u003eactions/dependency-review-action#1077\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/dependency-review-action/compare/v4.9.0...v5.0.0\"\u003ehttps://github.com/actions/dependency-review-action/compare/v4.9.0...v5.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eDependency Review Action 4.9.0\u003c/h2\u003e\n\u003cp\u003eThis feature release contains a couple of notable changes:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThere is a new configuration option \u003ccode\u003eshow_patched_versions\u003c/code\u003e which will add a column to the output, showing the fix version of each vulnerable dependency. Thanks \u003ca href=\"https://github.com/felickz\"\u003e\u003ccode\u003e@​felickz\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eRuns which do not display OpenSSF scorecards no longer fetch scorecard information; previously it was fetched regardless of whether or not it was displayed, causing unneccessary slowness. Great catch \u003ca href=\"https://github.com/jantiebot\"\u003e\u003ccode\u003e@​jantiebot\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eThere are a couple of fixes to purl parsing which should improve match accuracy for \u003ccode\u003eallow-package-dependency\u003c/code\u003e lists, including case (in)sensitivity and url-encoded namespaces Thanks \u003ca href=\"https://github.com/juxtin\"\u003e\u003ccode\u003e@​juxtin\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCompare normalized purls to account for encoding quirks by \u003ca href=\"https://github.com/juxtin\"\u003e\u003ccode\u003e@​juxtin\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1056\"\u003eactions/dependency-review-action#1056\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake purl comparisons case insensitive by \u003ca href=\"https://github.com/juxtin\"\u003e\u003ccode\u003e@​juxtin\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1057\"\u003eactions/dependency-review-action#1057\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFeat: Add \u003ccode\u003ePatched Version\u003c/code\u003e to \u003ccode\u003eVulnerabilities\u003c/code\u003e summary by \u003ca href=\"https://github.com/felickz\"\u003e\u003ccode\u003e@​felickz\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1045\"\u003eactions/dependency-review-action#1045\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: only get scorecard levels if user wants to see the OpenSSF scorecard by \u003ca href=\"https://github.com/jantiebot\"\u003e\u003ccode\u003e@​jantiebot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1060\"\u003eactions/dependency-review-action#1060\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump actions/stale from 10.1.0 to 10.2.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1058\"\u003eactions/dependency-review-action#1058\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump actions/checkout from 4 to 6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1021\"\u003eactions/dependency-review-action#1021\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdates for release 4.9.0 by \u003ca href=\"https://github.com/ahpook\"\u003e\u003ccode\u003e@​ahpook\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1064\"\u003eactions/dependency-review-action#1064\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jantiebot\"\u003e\u003ccode\u003e@​jantiebot\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1060\"\u003eactions/dependency-review-action#1060\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/dependency-review-action/compare/v4.8.3...v4.9.0\"\u003ehttps://github.com/actions/dependency-review-action/compare/v4.8.3...v4.9.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.8.3\u003c/h2\u003e\n\u003ch2\u003eDependency Review Action v4.8.3\u003c/h2\u003e\n\u003cp\u003eThis is a bugfix release that updates a number of upstream dependencies and includes a fix for the earlier feature that detected oversized summaries and upload them as artifacts, which could occasionally crash the action.\u003c/p\u003e\n\u003cp\u003eWe have also updated the release process to use a long-lived \u003ccode\u003ev4\u003c/code\u003e \u003cstrong\u003ebranch\u003c/strong\u003e for the action, instead of a force-pushed tag, which aligns better with git branching strategies; the change should be transparent to end users.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eGitHub Actions can't push to our protected main by \u003ca href=\"https://github.com/dangoor\"\u003e\u003ccode\u003e@​dangoor\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1017\"\u003eactions/dependency-review-action#1017\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump actions/stale from 9.1.0 to 10.1.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/995\"\u003eactions/dependency-review-action#995\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/a1d282b36b6f3519aa1f3fc636f609c47dddb294\"\u003e\u003ccode\u003ea1d282b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/issues/1098\"\u003e#1098\u003c/a\u003e from actions/ahpook/v5-release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/eb6c199c5a85c7387f1f0b02b3ba5c6364740695\"\u003e\u003ccode\u003eeb6c199\u003c/code\u003e\u003c/a\u003e update examples to show \u003ca href=\"https://github.com/v5\"\u003e\u003ccode\u003e@​v5\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/3943c2c5beaaaf1806eb3758273c203dabcbf89c\"\u003e\u003ccode\u003e3943c2c\u003c/code\u003e\u003c/a\u003e v5.0.0 release branch\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/454943c880b147adbfe7de0cdd3ece1c00882033\"\u003e\u003ccode\u003e454943c\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/issues/1094\"\u003e#1094\u003c/a\u003e from actions/ashelytc/security-findings\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/6d92a1228e9e9db334f02c09f84fe9217d2b4463\"\u003e\u003ccode\u003e6d92a12\u003c/code\u003e\u003c/a\u003e revert \u003ccode\u003e@​typescript-eslint/parser\u003c/code\u003e update\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/a8e5a7e93695b41abf6d1083cd220bee39a720f0\"\u003e\u003ccode\u003ea8e5a7e\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/issues/1076\"\u003e#1076\u003c/a\u003e from tspascoal/fix-version-matching-for-non-string-s...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/b6b7079031ef4ed61656c221988f1f3bcbf35101\"\u003e\u003ccode\u003eb6b7079\u003c/code\u003e\u003c/a\u003e update \u003ccode\u003e@​typescript-eslint/parser\u003c/code\u003e to 8.40.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/821a21dd691f162c4c5c2e9754a344accde9a208\"\u003e\u003ccode\u003e821a21d\u003c/code\u003e\u003c/a\u003e update more dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/05aaaae45cf4c420de012addf2a72e3435ddaa63\"\u003e\u003ccode\u003e05aaaae\u003c/code\u003e\u003c/a\u003e run npm audit fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/55d3e754501fc13c84b95637ce51f135012d41ea\"\u003e\u003ccode\u003e55d3e75\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/issues/1077\"\u003e#1077\u003c/a\u003e from Marukome0743/docs/checkout\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/actions/dependency-review-action/compare/4081bf99e2866ebe428fc0477b69eb4fcda7220a...a1d282b36b6f3519aa1f3fc636f609c47dddb294\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `actions/labeler` from 5.0.0 to 6.1.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/labeler/releases\"\u003eactions/labeler's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.1.0\u003c/h2\u003e\n\u003ch2\u003eEnhancements\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd changed-files-labels-limit and max-files-changed configuration options to cap the number of labels added by \u003ca href=\"https://github.com/bluca\"\u003e\u003ccode\u003e@​bluca\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/labeler/pull/923\"\u003eactions/labeler#923\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eBug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eImprove Labeler Action documentation and permission error handling by \u003ca href=\"https://github.com/chiranjib-swain\"\u003e\u003ccode\u003e@​chiranjib-swain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/labeler/pull/897\"\u003eactions/labeler#897\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePreserve manually added labels during workflow runs and refine label synchronization logic by \u003ca href=\"https://github.com/chiranjib-swain\"\u003e\u003ccode\u003e@​chiranjib-swain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/labeler/pull/917\"\u003eactions/labeler#917\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDependency Updates\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade brace-expansion from 1.1.11 to 1.1.12 and document breaking changes in v6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/labeler/pull/877\"\u003eactions/labeler#877\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade minimatch from 10.0.1 to 10.2.3 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/labeler/pull/926\"\u003eactions/labeler#926\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade dependencies (\u003ccode\u003e@​actions/core\u003c/code\u003e, \u003ccode\u003e@​actions/github\u003c/code\u003e, js-yaml, minimatch, \u003ca href=\"https://github.com/typescript-eslint\"\u003e\u003ccode\u003e@​typescript-eslint\u003c/code\u003e\u003c/a\u003e) by \u003ca href=\"https://github.com/Copilot\"\u003e\u003ccode\u003e@​Copilot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/labeler/pull/934\"\u003eactions/labeler#934\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/chiranjib-swain\"\u003e\u003ccode\u003e@​chiranjib-swain\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/labeler/pull/897\"\u003eactions/labeler#897\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bluca\"\u003e\u003ccode\u003e@​bluca\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/labeler/pull/923\"\u003eactions/labeler#923\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Copilot\"\u003e\u003ccode\u003e@​Copilot\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/labeler/pull/934\"\u003eactions/labeler#934\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/labeler/compare/v6...v6.1.0\"\u003ehttps://github.com/actions/labeler/compare/v6...v6.1.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.0.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade publish-action from 0.2.2 to 0.4.0 by \u003ca href=\"https://github.com/aparnajyothi-y\"\u003e\u003ccode\u003e@​aparnajyothi-y\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/labeler/pull/901\"\u003eactions/labeler#901\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aparnajyothi-y\"\u003e\u003ccode\u003e@​aparnajyothi-y\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/labeler/pull/901\"\u003eactions/labeler#901\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/labeler/compare/v6.0.0...v6.0.1\"\u003ehttps://github.com/actions/labeler/compare/v6.0.0...v6.0.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.0.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd workflow file for publishing releases to immutable action package by \u003ca href=\"https://github.com/jcambass\"\u003e\u003ccode\u003e@​jcambass\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/labeler/pull/802\"\u003eactions/labeler#802\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade Node.js version to 24 in action and dependencies \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/labeler/pull/891\"\u003eactions/labeler#891\u003c/a\u003e\nMake sure your runner is on version v2.327.1 or later to ensure compatibility with this release. \u003ca href=\"https://github.com/actions/runner/releases/tag/v2.327.1\"\u003eRelease Notes\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDependency Upgrades\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade eslint-config-prettier from 9.0.0 to 9.1.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/labeler/pull/711\"\u003eactions/labeler#711\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade eslint from 8.52.0 to 8.55.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/labeler/pull/720\"\u003eactions/labeler#720\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade \u003ccode\u003e@​types/jest\u003c/code\u003e from 29.5.6 to 29.5.11 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/labeler/pull/719\"\u003eactions/labeler#719\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade \u003ccode\u003e@​types/js-yaml\u003c/code\u003e from 4.0.8 to 4.0.9 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/labeler/pull/718\"\u003eactions/labeler#718\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade \u003ccode\u003e@​typescript-eslint/parser\u003c/code\u003e from 6.9.0 to 6.14.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/labeler/pull/717\"\u003eactions/labeler#717\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade prettier from 3.0.3 to 3.1.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/labeler/pull/726\"\u003eactions/labeler#726\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade eslint from 8.55.0 to 8.56.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/labeler/pull/725\"\u003eactions/labeler#725\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade \u003ccode\u003e@​typescript-eslint/parser\u003c/code\u003e from 6.14.0 to 6.19.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/labeler/pull/745\"\u003eactions/labeler#745\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade eslint-plugin-jest from 27.4.3 to 27.6.3 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/labeler/pull/744\"\u003eactions/labeler#744\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade \u003ccode\u003e@​typescript-eslint/eslint-plugin\u003c/code\u003e from 6.9.0 to 6.20.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/labeler/pull/750\"\u003eactions/labeler#750\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade prettier from 3.1.1 to 3.2.5 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/labeler/pull/752\"\u003eactions/labeler#752\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade undici from 5.26.5 to 5.28.3 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/labeler/pull/757\"\u003eactions/labeler#757\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/labeler/commit/f27b608878404679385c85cfa523b85ccb86e213\"\u003e\u003ccode\u003ef27b608\u003c/code\u003e\u003c/a\u003e chore: upgrade dependencies (\u003ccode\u003e@​actions/core\u003c/code\u003e, \u003ccode\u003e@​actions/github\u003c/code\u003e, js-yaml, minimat...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/labeler/commit/c5dadc2a45784a4b6adfcd20fea3465da3a5f904\"\u003e\u003ccode\u003ec5dadc2\u003c/code\u003e\u003c/a\u003e Add 'changed-files-labels-limit' and 'max-files-changed' configs to allow cap...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/labeler/commit/e52e4fb63ed5cd0e07abaad9826b2a893ccb921f\"\u003e\u003ccode\u003ee52e4fb\u003c/code\u003e\u003c/a\u003e Bump minimatch from 10.0.1 to 10.2.3 (\u003ca href=\"https://redirect.github.com/actions/labeler/issues/926\"\u003e#926\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/labeler/commit/77a4082b841706ac431479b7e2bb11216ffef250\"\u003e\u003ccode\u003e77a4082\u003c/code\u003e\u003c/a\u003e Fix: Preserve manually added labels during workflow run and refine label sync...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/labeler/commit/25abb3cad4f14b7ac27968a495c37798860a5a1a\"\u003e\u003ccode\u003e25abb3c\u003c/code\u003e\u003c/a\u003e Improve Labeler Action Documentation and Error Handling for Permissions (\u003ca href=\"https://redirect.github.com/actions/labeler/issues/897\"\u003e#897\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/labeler/commit/395c8cfdb1e1e691cc4bad0dd315820af8eb67fd\"\u003e\u003ccode\u003e395c8cf\u003c/code\u003e\u003c/a\u003e Bump brace-expansion from 1.1.11 to 1.1.12 and document breaking changes in v...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/labeler/commit/634933edcd8ababfe52f92936142cc22ac488b1b\"\u003e\u003ccode\u003e634933e\u003c/code\u003e\u003c/a\u003e publish-acti...\n\n_Description has been truncated_","html_url":"https://github.com/arananet/hermes-skills/pull/2","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/arananet%2Fhermes-skills/issues/2","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/2/packages"},{"uuid":"4432739519","node_id":"PR_kwDOSVTKwc7a2wVs","number":103,"state":"open","title":"chore(deps): Bump the github-actions group with 8 updates","user":"dependabot[bot]","labels":["dependencies","github-actions"],"assignees":[],"locked":false,"comments_count":7,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-12T21:22:27.000Z","updated_at":"2026-05-13T06:03:05.027Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): Bump","group_name":"github-actions","update_count":8,"packages":[{"name":"dependabot/fetch-metadata","old_version":"2","new_version":"3","repository_url":"https://github.com/dependabot/fetch-metadata"},{"name":"DavidAnson/markdownlint-cli2-action","old_version":"18","new_version":"23","repository_url":"https://github.com/davidanson/markdownlint-cli2-action"},{"name":"actions/upload-artifact","old_version":"4","new_version":"7","repository_url":"https://github.com/actions/upload-artifact"},{"name":"actions/setup-node","old_version":"4","new_version":"6","repository_url":"https://github.com/actions/setup-node"},{"name":"docker/setup-qemu-action","old_version":"3","new_version":"4","repository_url":"https://github.com/docker/setup-qemu-action"},{"name":"docker/setup-buildx-action","old_version":"3","new_version":"4","repository_url":"https://github.com/docker/setup-buildx-action"},{"name":"docker/login-action","old_version":"3","new_version":"4","repository_url":"https://github.com/docker/login-action"},{"name":"goreleaser/goreleaser-action","old_version":"6","new_version":"7","repository_url":"https://github.com/goreleaser/goreleaser-action"}],"path":null,"ecosystem":"actions"},"body":"Bumps the github-actions group with 8 updates:\n\n| Package | From | To |\n| --- | --- | --- |\n| [dependabot/fetch-metadata](https://github.com/dependabot/fetch-metadata) | `2` | `3` |\n| [DavidAnson/markdownlint-cli2-action](https://github.com/davidanson/markdownlint-cli2-action) | `18` | `23` |\n| [actions/upload-artifact](https://github.com/actions/upload-artifact) | `4` | `7` |\n| [actions/setup-node](https://github.com/actions/setup-node) | `4` | `6` |\n| [docker/setup-qemu-action](https://github.com/docker/setup-qemu-action) | `3` | `4` |\n| [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) | `3` | `4` |\n| [docker/login-action](https://github.com/docker/login-action) | `3` | `4` |\n| [goreleaser/goreleaser-action](https://github.com/goreleaser/goreleaser-action) | `6` | `7` |\n\nUpdates `dependabot/fetch-metadata` from 2 to 3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/dependabot/fetch-metadata/releases\"\u003edependabot/fetch-metadata's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.0.0\u003c/h2\u003e\n\u003cp\u003eThe breaking change is requiring Node.js version v24 as the Actions runtime.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat: Parse versions from metadata links by \u003ca href=\"https://github.com/ppkarwasz\"\u003e\u003ccode\u003e@​ppkarwasz\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/632\"\u003edependabot/fetch-metadata#632\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade actions core and actions github packages by \u003ca href=\"https://github.com/truggeri\"\u003e\u003ccode\u003e@​truggeri\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/649\"\u003edependabot/fetch-metadata#649\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: Add notes for using \u003ccode\u003ealert-lookup\u003c/code\u003e with App Token by \u003ca href=\"https://github.com/sue445\"\u003e\u003ccode\u003e@​sue445\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/656\"\u003edependabot/fetch-metadata#656\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat!: update Node.js version to v24 by \u003ca href=\"https://github.com/sturman\"\u003e\u003ccode\u003e@​sturman\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/671\"\u003edependabot/fetch-metadata#671\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSwitch build tooling from ncc to esbuild by \u003ca href=\"https://github.com/truggeri\"\u003e\u003ccode\u003e@​truggeri\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/676\"\u003edependabot/fetch-metadata#676\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd --legal-comments=none to esbuild build commands by \u003ca href=\"https://github.com/jeffwidman\"\u003e\u003ccode\u003e@​jeffwidman\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/679\"\u003edependabot/fetch-metadata#679\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump tsconfig target from es2022 to es2024 by \u003ca href=\"https://github.com/jeffwidman\"\u003e\u003ccode\u003e@​jeffwidman\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/680\"\u003edependabot/fetch-metadata#680\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemove vestigial outDir from tsconfig.json by \u003ca href=\"https://github.com/jeffwidman\"\u003e\u003ccode\u003e@​jeffwidman\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/681\"\u003edependabot/fetch-metadata#681\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSwitch tsconfig module resolution to bundler by \u003ca href=\"https://github.com/jeffwidman\"\u003e\u003ccode\u003e@​jeffwidman\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/682\"\u003edependabot/fetch-metadata#682\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemove skipLibCheck from tsconfig.json by \u003ca href=\"https://github.com/jeffwidman\"\u003e\u003ccode\u003e@​jeffwidman\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/683\"\u003edependabot/fetch-metadata#683\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd typecheck step to CI by \u003ca href=\"https://github.com/jeffwidman\"\u003e\u003ccode\u003e@​jeffwidman\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/685\"\u003edependabot/fetch-metadata#685\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eEnable noImplicitAny in tsconfig.json by \u003ca href=\"https://github.com/jeffwidman\"\u003e\u003ccode\u003e@​jeffwidman\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/684\"\u003edependabot/fetch-metadata#684\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade \u003ccode\u003e@​actions/core\u003c/code\u003e to ^3.0.0 by \u003ca href=\"https://github.com/truggeri\"\u003e\u003ccode\u003e@​truggeri\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/677\"\u003edependabot/fetch-metadata#677\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade \u003ccode\u003e@​actions/github\u003c/code\u003e to ^9.0.0 and \u003ccode\u003e@​octokit/request-error\u003c/code\u003e to ^7.1.0 by \u003ca href=\"https://github.com/truggeri\"\u003e\u003ccode\u003e@​truggeri\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/678\"\u003edependabot/fetch-metadata#678\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump qs from 6.14.0 to 6.14.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/651\"\u003edependabot/fetch-metadata#651\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump hono from 4.11.1 to 4.11.4 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/652\"\u003edependabot/fetch-metadata#652\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump hono from 4.11.4 to 4.11.7 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/653\"\u003edependabot/fetch-metadata#653\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump hono from 4.11.7 to 4.12.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/657\"\u003edependabot/fetch-metadata#657\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump qs from 6.14.1 to 6.14.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/655\"\u003edependabot/fetch-metadata#655\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​modelcontextprotocol/sdk\u003c/code\u003e from 1.25.1 to 1.26.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/654\"\u003edependabot/fetch-metadata#654\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​hono/node-server\u003c/code\u003e from 1.19.9 to 1.19.10 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/665\"\u003edependabot/fetch-metadata#665\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump hono from 4.12.2 to 4.12.5 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/664\"\u003edependabot/fetch-metadata#664\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump minimatch from 3.1.2 to 3.1.5 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/667\"\u003edependabot/fetch-metadata#667\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump hono from 4.12.5 to 4.12.7 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/668\"\u003edependabot/fetch-metadata#668\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump actions/create-github-app-token from 2.2.1 to 3.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/669\"\u003edependabot/fetch-metadata#669\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump flatted from 3.3.3 to 3.4.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/670\"\u003edependabot/fetch-metadata#670\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump picomatch from 2.3.1 to 2.3.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/674\"\u003edependabot/fetch-metadata#674\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ppkarwasz\"\u003e\u003ccode\u003e@​ppkarwasz\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/632\"\u003edependabot/fetch-metadata#632\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/truggeri\"\u003e\u003ccode\u003e@​truggeri\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/649\"\u003edependabot/fetch-metadata#649\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sue445\"\u003e\u003ccode\u003e@​sue445\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/656\"\u003edependabot/fetch-metadata#656\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sturman\"\u003e\u003ccode\u003e@​sturman\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/671\"\u003edependabot/fetch-metadata#671\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/dependabot/fetch-metadata/compare/v2...v3.0.0\"\u003ehttps://github.com/dependabot/fetch-metadata/compare/v2...v3.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.5.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBump actions/publish-immutable-action from 0.0.3 to 0.0.4 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/628\"\u003edependabot/fetch-metadata#628\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump the dev-dependencies group with 11 updates by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/629\"\u003edependabot/fetch-metadata#629\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump actions/create-github-app-token from 2.0.6 to 2.1.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/635\"\u003edependabot/fetch-metadata#635\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump actions/create-github-app-token from 2.1.1 to 2.1.4 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/638\"\u003edependabot/fetch-metadata#638\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump actions/checkout from 4 to 5 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/636\"\u003edependabot/fetch-metadata#636\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump actions/setup-node from 4 to 5 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/637\"\u003edependabot/fetch-metadata#637\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump actions/setup-node from 5 to 6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/639\"\u003edependabot/fetch-metadata#639\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump actions/create-github-app-token from 2.1.4 to 2.2.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/643\"\u003edependabot/fetch-metadata#643\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dependabot/fetch-metadata/commit/25dd0e34f4fe68f24cc83900b1fe3fe149efef98\"\u003e\u003ccode\u003e25dd0e3\u003c/code\u003e\u003c/a\u003e v3.1.0 (\u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/issues/692\"\u003e#692\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dependabot/fetch-metadata/commit/e073f50d732cb48d48fb80afedb4fa61361626e9\"\u003e\u003ccode\u003ee073f50\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/issues/705\"\u003e#705\u003c/a\u003e from dependabot/dependabot/npm_and_yarn/hono-4.12.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dependabot/fetch-metadata/commit/0670e167df1fbee1b0d07121de6a182ddebdd674\"\u003e\u003ccode\u003e0670e16\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump hono from 4.12.12 to 4.12.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dependabot/fetch-metadata/commit/7a7fe10a42310e65df80af6c771e9aa5d59842d1\"\u003e\u003ccode\u003e7a7fe10\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/issues/702\"\u003e#702\u003c/a\u003e from dependabot/dependabot/npm_and_yarn/dependencies-...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dependabot/fetch-metadata/commit/5168191cea3d4daa635bff6c796b4f0faeba522d\"\u003e\u003ccode\u003e5168191\u003c/code\u003e\u003c/a\u003e Updating dist build\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dependabot/fetch-metadata/commit/23882e175b2f16bc495c89aa50940399c6a17504\"\u003e\u003ccode\u003e23882e1\u003c/code\u003e\u003c/a\u003e build(deps): bump \u003ccode\u003e@​actions/github\u003c/code\u003e in the dependencies group\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dependabot/fetch-metadata/commit/1072469591c13fda1d8dba1d1ac2e80187e247d7\"\u003e\u003ccode\u003e1072469\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/issues/701\"\u003e#701\u003c/a\u003e from dependabot/dependabot/github_actions/actions/cre...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dependabot/fetch-metadata/commit/43f8a0055c8e32587be67e097dff89a6823c9752\"\u003e\u003ccode\u003e43f8a00\u003c/code\u003e\u003c/a\u003e build(deps): bump actions/create-github-app-token from 3.0.0 to 3.1.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dependabot/fetch-metadata/commit/b4d904a50935c8ebe744da148ea8a18a43fe72e1\"\u003e\u003ccode\u003eb4d904a\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/issues/703\"\u003e#703\u003c/a\u003e from dependabot/dependabot/npm_and_yarn/globals-17.5.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dependabot/fetch-metadata/commit/c8046bb877d9989cc848797de1b944bc3e93ef82\"\u003e\u003ccode\u003ec8046bb\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump globals from 17.4.0 to 17.5.0\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/dependabot/fetch-metadata/compare/v2...v3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `DavidAnson/markdownlint-cli2-action` from 18 to 23\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/davidanson/markdownlint-cli2-action/releases\"\u003eDavidAnson/markdownlint-cli2-action's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eUpdate markdownlint-cli2 version (markdownlint-cli2 v0.22.1, markdownlint v0.40.0).\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003eUpdate markdownlint-cli2 version (markdownlint-cli2 v0.22.0, markdownlint v0.40.0), update Node.js dependency to 24.\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003eUpdate markdownlint version (markdownlint-cli2 v0.20.0, markdownlint v0.40.0).\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003eUpdate markdownlint version (markdownlint-cli2 v0.19.0, markdownlint v0.39.0).\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003eUpdate markdownlint version (markdownlint-cli2 v0.18.1, markdownlint v0.38.0).\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003eUpdate markdownlint version (markdownlint-cli2 v0.17.2, markdownlint v0.37.4).\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003eUpdate markdownlint version (markdownlint-cli2 v0.17.0, markdownlint v0.37.0).\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003eUpdate markdownlint version (markdownlint-cli2 v0.15.0, markdownlint v0.36.1).\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003eUpdate markdownlint version (markdownlint-cli2 v0.14.0, markdownlint v0.35.0).\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003eUpdate markdownlint version (markdownlint-cli2 v0.13.0, markdownlint v0.34.0).\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003cp\u003eUpdate markdownlint version (markdownlint-cli2 v0.12.1, markdownlint v0.33.0).\u003c/p\u003e\n\u003ch2\u003eUpdate markdownlint version (markdownlint-cli2 v0.11.0, markdownlint v0.32.1), remove deprecated \u0026quot;command\u0026quot; input.\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003eUpdate markdownlint version (markdownlint-cli2 v0.10.0, markdownlint v0.31.1).\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003eUpdate markdownlint version (markdownlint-cli2 v0.9.2, markdownlint v0.30.0).\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003eUpdate markdownlint version (markdownlint-cli2 v0.8.1, markdownlint v0.29.0), add \u0026quot;config\u0026quot; and \u0026quot;fix\u0026quot; inputs, deprecate \u0026quot;command\u0026quot; input.\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003eUpdate markdownlint version (markdownlint-cli2 v0.7.1, markdownlint v0.28.2).\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003eUpdate markdownlint version (markdownlint-cli2 v0.7.0, markdownlint v0.28.1), include link to rule information in title of annotations (clickable in GitHub).\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/ded1f9488f68a970bc66ea5619e13e9b52e601cd\"\u003e\u003ccode\u003eded1f94\u003c/code\u003e\u003c/a\u003e Update to version 23.2.0.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/dc5dad9f8ba073d9c126e0d851df92a6d37edf73\"\u003e\u003ccode\u003edc5dad9\u003c/code\u003e\u003c/a\u003e Add 10-day cooldown period to Dependabot updates.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/64b1c6ae183a8eb20a1aa3953e30a9dd4d432402\"\u003e\u003ccode\u003e64b1c6a\u003c/code\u003e\u003c/a\u003e Add package-lock.json for reproducible builds (fixes \u003ca href=\"https://redirect.github.com/davidanson/markdownlint-cli2-action/issues/362\"\u003e#362\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/6c62e06b9a7e92ae00b281d5c6794123911021af\"\u003e\u003ccode\u003e6c62e06\u003c/code\u003e\u003c/a\u003e Bump eslint-plugin-n from 17.24.0 to 18.0.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/9b5720cdbb216ebfd0f8ebfcd1b213c83ed1b206\"\u003e\u003ccode\u003e9b5720c\u003c/code\u003e\u003c/a\u003e Bump eslint from 10.2.1 to 10.3.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/6b51ade7a9e4a75a7ad929842dd298a3804ebe8b\"\u003e\u003ccode\u003e6b51ade\u003c/code\u003e\u003c/a\u003e Update to version 23.1.0.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/ea6e0dad81a67897db7632a0a41b3a0e7cc03ca3\"\u003e\u003ccode\u003eea6e0da\u003c/code\u003e\u003c/a\u003e Freshen generated index.js file.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/3c4c2c842cd43c2afe7cb5f2ecfe9e1623fa8d14\"\u003e\u003ccode\u003e3c4c2c8\u003c/code\u003e\u003c/a\u003e Bump markdownlint-cli2 from 0.22.0 to 0.22.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/3a933d45e20b54b80131d0335d61186e63e552bd\"\u003e\u003ccode\u003e3a933d4\u003c/code\u003e\u003c/a\u003e Bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/648042e2afed596b673a8b3f8fc8fbfb48b41f43\"\u003e\u003ccode\u003e648042e\u003c/code\u003e\u003c/a\u003e Freshen generated index.js file.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/davidanson/markdownlint-cli2-action/compare/v18...v23\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `actions/upload-artifact` from 4 to 7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/upload-artifact/releases\"\u003eactions/upload-artifact's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.0.0\u003c/h2\u003e\n\u003ch2\u003ev7 What's new\u003c/h2\u003e\n\u003ch3\u003eDirect Uploads\u003c/h3\u003e\n\u003cp\u003eAdds support for uploading single files directly (unzipped). Callers can set the new \u003ccode\u003earchive\u003c/code\u003e parameter to \u003ccode\u003efalse\u003c/code\u003e to skip zipping the file during upload. Right now, we only support single files. The action will fail if the glob passed resolves to multiple files. The \u003ccode\u003ename\u003c/code\u003e parameter is also ignored with this setting. Instead, the name of the artifact will be the name of the uploaded file.\u003c/p\u003e\n\u003ch3\u003eESM\u003c/h3\u003e\n\u003cp\u003eTo support new versions of the \u003ccode\u003e@actions/*\u003c/code\u003e packages, we've upgraded the package to ESM.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd proxy integration test by \u003ca href=\"https://github.com/Link\"\u003e\u003ccode\u003e@​Link\u003c/code\u003e\u003c/a\u003e- in \u003ca href=\"https://redirect.github.com/actions/upload-artifact/pull/754\"\u003eactions/upload-artifact#754\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade the module to ESM and bump dependencies by \u003ca href=\"https://github.com/danwkennedy\"\u003e\u003ccode\u003e@​danwkennedy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/upload-artifact/pull/762\"\u003eactions/upload-artifact#762\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSupport direct file uploads by \u003ca href=\"https://github.com/danwkennedy\"\u003e\u003ccode\u003e@​danwkennedy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/upload-artifact/pull/764\"\u003eactions/upload-artifact#764\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Link\"\u003e\u003ccode\u003e@​Link\u003c/code\u003e\u003c/a\u003e- made their first contribution in \u003ca href=\"https://redirect.github.com/actions/upload-artifact/pull/754\"\u003eactions/upload-artifact#754\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/upload-artifact/compare/v6...v7.0.0\"\u003ehttps://github.com/actions/upload-artifact/compare/v6...v7.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.0.0\u003c/h2\u003e\n\u003ch2\u003ev6 - What's new\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!IMPORTANT]\nactions/upload-artifact@v6 now runs on Node.js 24 (\u003ccode\u003eruns.using: node24\u003c/code\u003e) and requires a minimum Actions Runner version of 2.327.1. If you are using self-hosted runners, ensure they are updated before upgrading.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003ch3\u003eNode.js 24\u003c/h3\u003e\n\u003cp\u003eThis release updates the runtime to Node.js 24. v5 had preliminary support for Node.js 24, however this action was by default still running on Node.js 20. Now this action by default will run on Node.js 24.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpload Artifact Node 24 support by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/upload-artifact/pull/719\"\u003eactions/upload-artifact#719\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: update \u003ccode\u003e@​actions/artifact\u003c/code\u003e for Node.js 24 punycode deprecation by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/upload-artifact/pull/744\"\u003eactions/upload-artifact#744\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eprepare release v6.0.0 for Node.js 24 support by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/upload-artifact/pull/745\"\u003eactions/upload-artifact#745\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/upload-artifact/compare/v5.0.0...v6.0.0\"\u003ehttps://github.com/actions/upload-artifact/compare/v5.0.0...v6.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.0.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBREAKING CHANGE:\u003c/strong\u003e this update supports Node \u003ccode\u003ev24.x\u003c/code\u003e. This is not a breaking change per-se but we're treating it as such.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate README.md by \u003ca href=\"https://github.com/GhadimiR\"\u003e\u003ccode\u003e@​GhadimiR\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/upload-artifact/pull/681\"\u003eactions/upload-artifact#681\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate README.md by \u003ca href=\"https://github.com/nebuk89\"\u003e\u003ccode\u003e@​nebuk89\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/upload-artifact/pull/712\"\u003eactions/upload-artifact#712\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eReadme: spell out the first use of GHES by \u003ca href=\"https://github.com/danwkennedy\"\u003e\u003ccode\u003e@​danwkennedy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/upload-artifact/pull/727\"\u003eactions/upload-artifact#727\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate GHES guidance to include reference to Node 20 version by \u003ca href=\"https://github.com/patrikpolyak\"\u003e\u003ccode\u003e@​patrikpolyak\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/upload-artifact/pull/725\"\u003eactions/upload-artifact#725\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@actions/artifact\u003c/code\u003e to \u003ccode\u003ev4.0.0\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003ePrepare \u003ccode\u003ev5.0.0\u003c/code\u003e by \u003ca href=\"https://github.com/danwkennedy\"\u003e\u003ccode\u003e@​danwkennedy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/upload-artifact/pull/734\"\u003eactions/upload-artifact#734\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-artifact/commit/043fb46d1a93c77aae656e7c1c64a875d1fc6a0a\"\u003e\u003ccode\u003e043fb46\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/upload-artifact/issues/797\"\u003e#797\u003c/a\u003e from actions/yacaovsnc/update-dependency\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-artifact/commit/634250c1388765ea7ed0f053e636f1f399000b94\"\u003e\u003ccode\u003e634250c\u003c/code\u003e\u003c/a\u003e Include changes in typespec/ts-http-runtime 0.3.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-artifact/commit/e454baaac2be505c9450e11b8f3215c6fc023ce8\"\u003e\u003ccode\u003ee454baa\u003c/code\u003e\u003c/a\u003e Readme: bump all the example versions to v7 (\u003ca href=\"https://redirect.github.com/actions/upload-artifact/issues/796\"\u003e#796\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-artifact/commit/74fad66b98a6d799dc004d3353ccd0e6f6b2530e\"\u003e\u003ccode\u003e74fad66\u003c/code\u003e\u003c/a\u003e Update the readme with direct upload details (\u003ca href=\"https://redirect.github.com/actions/upload-artifact/issues/795\"\u003e#795\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-artifact/commit/bbbca2ddaa5d8feaa63e36b76fdaad77386f024f\"\u003e\u003ccode\u003ebbbca2d\u003c/code\u003e\u003c/a\u003e Support direct file uploads (\u003ca href=\"https://redirect.github.com/actions/upload-artifact/issues/764\"\u003e#764\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-artifact/commit/589182c5a4cec8920b8c1bce3e2fab1c97a02296\"\u003e\u003ccode\u003e589182c\u003c/code\u003e\u003c/a\u003e Upgrade the module to ESM and bump dependencies (\u003ca href=\"https://redirect.github.com/actions/upload-artifact/issues/762\"\u003e#762\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-artifact/commit/47309c993abb98030a35d55ef7ff34b7fa1074b5\"\u003e\u003ccode\u003e47309c9\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/upload-artifact/issues/754\"\u003e#754\u003c/a\u003e from actions/Link-/add-proxy-integration-tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-artifact/commit/02a8460834e70dab0ce194c64360c59dc1475ef0\"\u003e\u003ccode\u003e02a8460\u003c/code\u003e\u003c/a\u003e Add proxy integration test\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-artifact/commit/b7c566a772e6b6bfb58ed0dc250532a479d7789f\"\u003e\u003ccode\u003eb7c566a\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/upload-artifact/issues/745\"\u003e#745\u003c/a\u003e from actions/upload-artifact-v6-release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-artifact/commit/e516bc8500aaf3d07d591fcd4ae6ab5f9c391d5b\"\u003e\u003ccode\u003ee516bc8\u003c/code\u003e\u003c/a\u003e docs: correct description of Node.js 24 support in README\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/actions/upload-artifact/compare/v4...v7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `actions/setup-node` from 4 to 6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/setup-node/releases\"\u003eactions/setup-node's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.0.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBreaking Changes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eLimit automatic caching to npm, update workflows and documentation by \u003ca href=\"https://github.com/priyagupta108\"\u003e\u003ccode\u003e@​priyagupta108\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-node/pull/1374\"\u003eactions/setup-node#1374\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDependency Upgrades\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade ts-jest from 29.1.2 to 29.4.1 and document breaking changes in v5 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/setup-node/pull/1336\"\u003e#1336\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade prettier from 2.8.8 to 3.6.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/setup-node/pull/1334\"\u003e#1334\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade actions/publish-action from 0.3.0 to 0.4.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/setup-node/pull/1362\"\u003e#1362\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/setup-node/compare/v5...v6.0.0\"\u003ehttps://github.com/actions/setup-node/compare/v5...v6.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.0.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eEnhance caching in setup-node with automatic package manager detection by \u003ca href=\"https://github.com/priya-kinthali\"\u003e\u003ccode\u003e@​priya-kinthali\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-node/pull/1348\"\u003eactions/setup-node#1348\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThis update, introduces automatic caching when a valid \u003ccode\u003epackageManager\u003c/code\u003e field is present in your \u003ccode\u003epackage.json\u003c/code\u003e. This aims to improve workflow performance and make dependency management more seamless.\nTo disable this automatic caching, set \u003ccode\u003epackage-manager-cache: false\u003c/code\u003e\u003c/p\u003e\n\u003cpre lang=\"yaml\"\u003e\u003ccode\u003esteps:\r\n- uses: actions/checkout@v5\r\n- uses: actions/setup-node@v5\r\n  with:\r\n    package-manager-cache: false\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade action to use node24 by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-node/pull/1325\"\u003eactions/setup-node#1325\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eMake sure your runner is on version v2.327.1 or later to ensure compatibility with this release. \u003ca href=\"https://github.com/actions/runner/releases/tag/v2.327.1\"\u003eSee Release Notes\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eDependency Upgrades\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade \u003ccode\u003e@​octokit/request-error\u003c/code\u003e and \u003ccode\u003e@​actions/github\u003c/code\u003e by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/setup-node/pull/1227\"\u003eactions/setup-node#1227\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade uuid from 9.0.1 to 11.1.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/setup-node/pull/1273\"\u003eactions/setup-node#1273\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade undici from 5.28.5 to 5.29.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/setup-node/pull/1295\"\u003eactions/setup-node#1295\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade form-data to bring in fix for critical vulnerability by \u003ca href=\"https://github.com/gowridurgad\"\u003e\u003ccode\u003e@​gowridurgad\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-node/pull/1332\"\u003eactions/setup-node#1332\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade actions/checkout from 4 to 5 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/setup-node/pull/1345\"\u003eactions/setup-node#1345\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/priya-kinthali\"\u003e\u003ccode\u003e@​priya-kinthali\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/setup-node/pull/1348\"\u003eactions/setup-node#1348\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/setup-node/pull/1325\"\u003eactions/setup-node#1325\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/setup-node/compare/v4...v5.0.0\"\u003ehttps://github.com/actions/setup-node/compare/v4...v5.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.4.0\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/setup-node/commit/48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e\"\u003e\u003ccode\u003e48b55a0\u003c/code\u003e\u003c/a\u003e Update Node.js versions in versions.yml and bump package to v6.4.0 (\u003ca href=\"https://redirect.github.com/actions/setup-node/issues/1533\"\u003e#1533\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/setup-node/commit/ab72c7e7eba0eaa11f8cab0f5679243900c2cac9\"\u003e\u003ccode\u003eab72c7e\u003c/code\u003e\u003c/a\u003e Upgrade \u003ca href=\"https://github.com/actions\"\u003e\u003ccode\u003e@​actions\u003c/code\u003e\u003c/a\u003e dependencies (\u003ca href=\"https://redirect.github.com/actions/setup-node/issues/1525\"\u003e#1525\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/setup-node/commit/53b83947a5a98c8d113130e565377fae1a50d02f\"\u003e\u003ccode\u003e53b8394\u003c/code\u003e\u003c/a\u003e Bump minimatch from 3.1.2 to 3.1.5 (\u003ca href=\"https://redirect.github.com/actions/setup-node/issues/1498\"\u003e#1498\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/setup-node/commit/54045abd5dcd3b0fee9ca02fa24c57545834c9cc\"\u003e\u003ccode\u003e54045ab\u003c/code\u003e\u003c/a\u003e Scope test lockfiles by package manager and update cache tests (\u003ca href=\"https://redirect.github.com/actions/setup-node/issues/1495\"\u003e#1495\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/setup-node/commit/c882bffdbd4df51ace6b940023952e8669c9932a\"\u003e\u003ccode\u003ec882bff\u003c/code\u003e\u003c/a\u003e Replace uuid with crypto.randomUUID() (\u003ca href=\"https://redirect.github.com/actions/setup-node/issues/1378\"\u003e#1378\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/setup-node/commit/774c1d62961e73038a114d59c8847023c003194d\"\u003e\u003ccode\u003e774c1d6\u003c/code\u003e\u003c/a\u003e feat(node-version-file): support parsing \u003ccode\u003edevEngines\u003c/code\u003e field (\u003ca href=\"https://redirect.github.com/actions/setup-node/issues/1283\"\u003e#1283\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/setup-node/commit/efcb663fc60e97218a2b2d6d827f7830f164739e\"\u003e\u003ccode\u003eefcb663\u003c/code\u003e\u003c/a\u003e fix: remove hardcoded bearer (\u003ca href=\"https://redirect.github.com/actions/setup-node/issues/1467\"\u003e#1467\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/setup-node/commit/d02c89dce7e1ba9ef629ce0680989b3a1cc72edb\"\u003e\u003ccode\u003ed02c89d\u003c/code\u003e\u003c/a\u003e Fix npm audit issues (\u003ca href=\"https://redirect.github.com/actions/setup-node/issues/1491\"\u003e#1491\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/setup-node/commit/6044e13b5dc448c55e2357c09f80417699197238\"\u003e\u003ccode\u003e6044e13\u003c/code\u003e\u003c/a\u003e Docs: bump actions/checkout from v5 to v6 (\u003ca href=\"https://redirect.github.com/actions/setup-node/issues/1468\"\u003e#1468\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/setup-node/commit/8e494633d082d609d1e9ff931be32f8a44f1f657\"\u003e\u003ccode\u003e8e49463\u003c/code\u003e\u003c/a\u003e Fix README typo (\u003ca href=\"https://redirect.github.com/actions/setup-node/issues/1226\"\u003e#1226\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/actions/setup-node/compare/v4...v6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `docker/setup-qemu-action` from 3 to 4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/docker/setup-qemu-action/releases\"\u003edocker/setup-qemu-action's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.0.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNode 24 as default runtime (requires \u003ca href=\"https://github.com/actions/runner/releases/tag/v2.327.1\"\u003eActions Runner v2.327.1\u003c/a\u003e or later) by \u003ca href=\"https://github.com/crazy-max\"\u003e\u003ccode\u003e@​crazy-max\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/docker/setup-qemu-action/pull/245\"\u003edocker/setup-qemu-action#245\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSwitch to ESM and update config/test wiring by \u003ca href=\"https://github.com/crazy-max\"\u003e\u003ccode\u003e@​crazy-max\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/docker/setup-qemu-action/pull/241\"\u003edocker/setup-qemu-action#241\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​actions/core\u003c/code\u003e from 1.11.1 to 3.0.0 in \u003ca href=\"https://redirect.github.com/docker/setup-qemu-action/pull/244\"\u003edocker/setup-qemu-action#244\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​docker/actions-toolkit\u003c/code\u003e from 0.67.0 to 0.77.0 in \u003ca href=\"https://redirect.github.com/docker/setup-qemu-action/pull/243\"\u003edocker/setup-qemu-action#243\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​isaacs/brace-expansion\u003c/code\u003e from 5.0.0 to 5.0.1 in \u003ca href=\"https://redirect.github.com/docker/setup-qemu-action/pull/240\"\u003edocker/setup-qemu-action#240\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump js-yaml from 3.14.1 to 3.14.2 in \u003ca href=\"https://redirect.github.com/docker/setup-qemu-action/pull/231\"\u003edocker/setup-qemu-action#231\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump lodash from 4.17.21 to 4.17.23 in \u003ca href=\"https://redirect.github.com/docker/setup-qemu-action/pull/238\"\u003edocker/setup-qemu-action#238\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/docker/setup-qemu-action/compare/v3.7.0...v4.0.0\"\u003ehttps://github.com/docker/setup-qemu-action/compare/v3.7.0...v4.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.7.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBump \u003ccode\u003e@​docker/actions-toolkit\u003c/code\u003e from 0.56.0 to 0.67.0 in \u003ca href=\"https://redirect.github.com/docker/setup-qemu-action/pull/217\"\u003edocker/setup-qemu-action#217\u003c/a\u003e \u003ca href=\"https://redirect.github.com/docker/setup-qemu-action/pull/230\"\u003edocker/setup-qemu-action#230\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump brace-expansion from 1.1.11 to 1.1.12 in \u003ca href=\"https://redirect.github.com/docker/setup-qemu-action/pull/220\"\u003edocker/setup-qemu-action#220\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump form-data from 2.5.1 to 2.5.5 in \u003ca href=\"https://redirect.github.com/docker/setup-qemu-action/pull/218\"\u003edocker/setup-qemu-action#218\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump tmp from 0.2.3 to 0.2.4 in \u003ca href=\"https://redirect.github.com/docker/setup-qemu-action/pull/221\"\u003edocker/setup-qemu-action#221\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump undici from 5.28.4 to 5.29.0 in \u003ca href=\"https://redirect.github.com/docker/setup-qemu-action/pull/219\"\u003edocker/setup-qemu-action#219\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/docker/setup-qemu-action/compare/v3.6.0...v3.7.0\"\u003ehttps://github.com/docker/setup-qemu-action/compare/v3.6.0...v3.7.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.6.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDisplay binfmt version by \u003ca href=\"https://github.com/crazy-max\"\u003e\u003ccode\u003e@​crazy-max\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/docker/setup-qemu-action/pull/202\"\u003edocker/setup-qemu-action#202\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/docker/setup-qemu-action/compare/v3.5.0...v3.6.0\"\u003ehttps://github.com/docker/setup-qemu-action/compare/v3.5.0...v3.6.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.5.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBump \u003ccode\u003e@​docker/actions-toolkit\u003c/code\u003e from 0.54.0 to 0.56.0 in \u003ca href=\"https://redirect.github.com/docker/setup-qemu-action/pull/205\"\u003edocker/setup-qemu-action#205\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/docker/setup-qemu-action/compare/v3.4.0...v3.5.0\"\u003ehttps://github.com/docker/setup-qemu-action/compare/v3.4.0...v3.5.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.4.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBump \u003ccode\u003e@​docker/actions-toolkit\u003c/code\u003e from 0.49.0 to 0.54.0 in \u003ca href=\"https://redirect.github.com/docker/setup-qemu-action/pull/193\"\u003edocker/setup-qemu-action#193\u003c/a\u003e \u003ca href=\"https://redirect.github.com/docker/setup-qemu-action/pull/197\"\u003edocker/setup-qemu-action#197\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/docker/setup-qemu-action/compare/v3.3.0...v3.4.0\"\u003ehttps://github.com/docker/setup-qemu-action/compare/v3.3.0...v3.4.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.3.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003ecache-image\u003c/code\u003e input to enable/disable caching of binfmt image by \u003ca href=\"https://github.com/crazy-max\"\u003e\u003ccode\u003e@​crazy-max\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/docker/setup-qemu-action/pull/130\"\u003edocker/setup-qemu-action#130\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​actions/core\u003c/code\u003e from 1.10.1 to 1.11.1 in \u003ca href=\"https://redirect.github.com/docker/setup-qemu-action/pull/172\"\u003edocker/setup-qemu-action#172\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​docker/actions-toolkit\u003c/code\u003e from 0.35.0 to 0.49.0 in \u003ca href=\"https://redirect.github.com/docker/setup-qemu-action/pull/187\"\u003edocker/setup-qemu-action#187\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump cross-spawn from 7.0.3 to 7.0.6 in \u003ca href=\"https://redirect.github.com/docker/setup-qemu-action/pull/182\"\u003edocker/setup-qemu-action#182\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump path-to-regexp from 6.2.2 to 6.3.0 in \u003ca href=\"https://redirect.github.com/docker/setup-qemu-action/pull/162\"\u003edocker/setup-qemu-action#162\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/docker/setup-qemu-action/compare/v3.2.0...v3.3.0\"\u003ehttps://github.com/docker/setup-qemu-action/compare/v3.2.0...v3.3.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.2.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBump \u003ccode\u003e@​docker/actions-toolkit\u003c/code\u003e from 0.31.0 to 0.35.0 in \u003ca href=\"https://redirect.github.com/docker/setup-qemu-action/pull/154\"\u003edocker/setup-qemu-action#154\u003c/a\u003e \u003ca href=\"https://redirect.github.com/docker/setup-qemu-action/pull/155\"\u003edocker/setup-qemu-action#155\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/docker/setup-qemu-action/compare/v3.1.0...v3.2.0\"\u003ehttps://github.com/docker/setup-qemu-action/compare/v3.1.0...v3.2.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.1.0\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/setup-qemu-action/commit/ce360397dd3f832beb865e1373c09c0e9f86d70a\"\u003e\u003ccode\u003ece36039\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/docker/setup-qemu-action/issues/245\"\u003e#245\u003c/a\u003e from crazy-max/node24\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/setup-qemu-action/commit/63863443c130689b5b352363f362c820cf73b26d\"\u003e\u003ccode\u003e6386344\u003c/code\u003e\u003c/a\u003e node 24 as default runtime\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/setup-qemu-action/commit/1ea3db7bfb6d247e5e3511955d6e476a8d400ef3\"\u003e\u003ccode\u003e1ea3db7\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/docker/setup-qemu-action/issues/243\"\u003e#243\u003c/a\u003e from docker/dependabot/npm_and_yarn/docker/actions-to...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/setup-qemu-action/commit/b56a0022b9d517f4d4f8f8357e107e587548db78\"\u003e\u003ccode\u003eb56a002\u003c/code\u003e\u003c/a\u003e chore: update generated content\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/setup-qemu-action/commit/c43f02d0c908d30161ad4230a59285d9e442956d\"\u003e\u003ccode\u003ec43f02d\u003c/code\u003e\u003c/a\u003e build(deps): bump \u003ccode\u003e@​docker/actions-toolkit\u003c/code\u003e from 0.67.0 to 0.77.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/setup-qemu-action/commit/ce10c58dd1801e20f2e65c72aff588c6fc5f6609\"\u003e\u003ccode\u003ece10c58\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/docker/setup-qemu-action/issues/244\"\u003e#244\u003c/a\u003e from docker/dependabot/npm_and_yarn/actions/core-3.0.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/setup-qemu-action/commit/429fc9dbdab394ec482946ef7f7b60be3a169336\"\u003e\u003ccode\u003e429fc9d\u003c/code\u003e\u003c/a\u003e chore: update generated content\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/setup-qemu-action/commit/060e5f8b59ae7d2a0e4dcf681f8625f0e54e2024\"\u003e\u003ccode\u003e060e5f8\u003c/code\u003e\u003c/a\u003e build(deps): bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 1.11.1 to 3.0.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/setup-qemu-action/commit/44be13e7d9ba38145b648950e52ac18e2a4efd3a\"\u003e\u003ccode\u003e44be13e\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/docker/setup-qemu-action/issues/231\"\u003e#231\u003c/a\u003e from docker/dependabot/npm_and_yarn/js-yaml-3.14.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/setup-qemu-action/commit/1897438ed3baad455b19c89cda913ca4f31dd079\"\u003e\u003ccode\u003e1897438\u003c/code\u003e\u003c/a\u003e chore: update generated content\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/docker/setup-qemu-action/compare/v3...v4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `docker/setup-buildx-action` from 3 to 4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/docker/setup-buildx-action/releases\"\u003edocker/setup-buildx-action's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.0.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNode 24 as default runtime (requires \u003ca href=\"https://github.com/actions/runner/releases/tag/v2.327.1\"\u003eActions Runner v2.327.1\u003c/a\u003e or later) by \u003ca href=\"https://github.com/crazy-max\"\u003e\u003ccode\u003e@​crazy-max\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/pull/483\"\u003edocker/setup-buildx-action#483\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemove deprecated inputs/outputs by \u003ca href=\"https://github.com/crazy-max\"\u003e\u003ccode\u003e@​crazy-max\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/pull/464\"\u003edocker/setup-buildx-action#464\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSwitch to ESM and update config/test wiring by \u003ca href=\"https://github.com/crazy-max\"\u003e\u003ccode\u003e@​crazy-max\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/pull/481\"\u003edocker/setup-buildx-action#481\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​actions/core\u003c/code\u003e from 1.11.1 to 3.0.0 in \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/pull/475\"\u003edocker/setup-buildx-action#475\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​docker/actions-toolkit\u003c/code\u003e from 0.63.0 to 0.79.0 in \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/pull/482\"\u003edocker/setup-buildx-action#482\u003c/a\u003e \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/pull/485\"\u003edocker/setup-buildx-action#485\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump js-yaml from 4.1.0 to 4.1.1 in \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/pull/452\"\u003edocker/setup-buildx-action#452\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump lodash from 4.17.21 to 4.17.23 in \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/pull/472\"\u003edocker/setup-buildx-action#472\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump minimatch from 3.1.2 to 3.1.5 in \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/pull/480\"\u003edocker/setup-buildx-action#480\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/docker/setup-buildx-action/compare/v3.12.0...v4.0.0\"\u003ehttps://github.com/docker/setup-buildx-action/compare/v3.12.0...v4.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.12.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDeprecate \u003ccode\u003einstall\u003c/code\u003e input by \u003ca href=\"https://github.com/crazy-max\"\u003e\u003ccode\u003e@​crazy-max\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/pull/455\"\u003edocker/setup-buildx-action#455\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​docker/actions-toolkit\u003c/code\u003e from 0.62.1 to 0.63.0 in \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/pull/434\"\u003edocker/setup-buildx-action#434\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump brace-expansion from 1.1.11 to 1.1.12 in \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/pull/436\"\u003edocker/setup-buildx-action#436\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump form-data from 2.5.1 to 2.5.5 in \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/pull/432\"\u003edocker/setup-buildx-action#432\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump undici from 5.28.4 to 5.29.0 in \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/pull/435\"\u003edocker/setup-buildx-action#435\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/docker/setup-buildx-action/compare/v3.11.1...v3.12.0\"\u003ehttps://github.com/docker/setup-buildx-action/compare/v3.11.1...v3.12.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.11.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix \u003ccode\u003ekeep-state\u003c/code\u003e not being respected by \u003ca href=\"https://github.com/crazy-max\"\u003e\u003ccode\u003e@​crazy-max\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/pull/429\"\u003edocker/setup-buildx-action#429\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/docker/setup-buildx-action/compare/v3.11.0...v3.11.1\"\u003ehttps://github.com/docker/setup-buildx-action/compare/v3.11.0...v3.11.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.11.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eKeep BuildKit state support by \u003ca href=\"https://github.com/crazy-max\"\u003e\u003ccode\u003e@​crazy-max\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/pull/427\"\u003edocker/setup-buildx-action#427\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemove aliases created when installing by default by \u003ca href=\"https://github.com/hashhar\"\u003e\u003ccode\u003e@​hashhar\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/pull/139\"\u003edocker/setup-buildx-action#139\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​docker/actions-toolkit\u003c/code\u003e from 0.56.0 to 0.62.1 in \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/pull/422\"\u003edocker/setup-buildx-action#422\u003c/a\u003e \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/pull/425\"\u003edocker/setup-buildx-action#425\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/docker/setup-buildx-action/compare/v3.10.0...v3.11.0\"\u003ehttps://github.com/docker/setup-buildx-action/compare/v3.10.0...v3.11.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.10.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBump \u003ccode\u003e@​docker/actions-toolkit\u003c/code\u003e from 0.54.0 to 0.56.0 in \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/pull/408\"\u003edocker/setup-buildx-action#408\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/docker/setup-buildx-action/compare/v3.9.0...v3.10.0\"\u003ehttps://github.com/docker/setup-buildx-action/compare/v3.9.0...v3.10.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.9.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBump \u003ccode\u003e@​docker/actions-toolkit\u003c/code\u003e from 0.48.0 to 0.54.0 in \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/pull/402\"\u003edocker/setup-buildx-action#402\u003c/a\u003e \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/pull/404\"\u003edocker/setup-buildx-action#404\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/docker/setup-buildx-action/compare/v3.8.0...v3.9.0\"\u003ehttps://github.com/docker/setup-buildx-action/compare/v3.8.0...v3.9.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.8.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMake cloud prefix optional to download buildx if driver is cloud by \u003ca href=\"https://github.com/crazy-max\"\u003e\u003ccode\u003e@​crazy-max\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/pull/390\"\u003edocker/setup-buildx-action#390\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​actions/core\u003c/code\u003e from 1.10.1 to 1.11.1 in \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/pull/370\"\u003edocker/setup-buildx-action#370\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​docker/actions-toolkit\u003c/code\u003e from 0.39.0 to 0.48.0 in \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/pull/389\"\u003edocker/setup-buildx-action#389\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump cross-spawn from 7.0.3 to 7.0.6 in \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/pull/382\"\u003edocker/setup-buildx-action#382\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/docker/setup-buildx-action/compare/v3.7.1...v3.8.0\"\u003ehttps://github.com/docker/setup-buildx-action/compare/v3.7.1...v3.8.0\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/setup-buildx-action/commit/4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd\"\u003e\u003ccode\u003e4d04d5d\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/issues/485\"\u003e#485\u003c/a\u003e from docker/dependabot/npm_and_yarn/docker/actions-to...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/setup-buildx-action/commit/cd74e05d9bae4eeec789f90ba15dc6fb4b60ae5d\"\u003e\u003ccode\u003ecd74e05\u003c/code\u003e\u003c/a\u003e chore: update generated content\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/setup-buildx-action/commit/eee38ec7b3ed034ee896d3e212e5d11c04562b84\"\u003e\u003ccode\u003eeee38ec\u003c/code\u003e\u003c/a\u003e build(deps): bump \u003ccode\u003e@​docker/actions-toolkit\u003c/code\u003e from 0.77.0 to 0.79.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/setup-buildx-action/commit/7a83f65b5a215b3c81b210dafdc20362bd2b4e24\"\u003e\u003ccode\u003e7a83f65\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/issues/484\"\u003e#484\u003c/a\u003e from docker/dependabot/github_actions/docker/setup-qe...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/setup-buildx-action/commit/a5aa96747d67f62520b42af91aeb306e7374b327\"\u003e\u003ccode\u003ea5aa967\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/issues/464\"\u003e#464\u003c/a\u003e from crazy-max/rm-deprecated\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/setup-buildx-action/commit/e73d53fa4ed86ff46faaf2b13a228d6e93c51af3\"\u003e\u003ccode\u003ee73d53f\u003c/code\u003e\u003c/a\u003e build(deps): bump docker/setup-qemu-action from 3 to 4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/setup-buildx-action/commit/28a438e9ed9ef7ae2ebd0bf839039005c9501312\"\u003e\u003ccode\u003e28a438e\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/issues/483\"\u003e#483\u003c/a\u003e from crazy-max/node24\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/setup-buildx-action/commit/034e9d37dd436b56b0167bea5a11ab731413e8cf\"\u003e\u003ccode\u003e034e9d3\u003c/code\u003e\u003c/a\u003e chore: update generated content\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/setup-buildx-action/commit/b4664d8fd0ba15ff14560ab001737c666076d5be\"\u003e\u003ccode\u003eb4664d8\u003c/code\u003e\u003c/a\u003e remove deprecated inputs/outputs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/setup-buildx-action/commit/a8257dec35f244ad06b4ff6c90fdd2ba97f262ba\"\u003e\u003ccode\u003ea8257de\u003c/code\u003e\u003c/a\u003e node 24 as default runtime\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/docker/setup-buildx-action/compare/v3...v4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `docker/login-action` from 3 to 4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/docker/login-action/releases\"\u003edocker/login-action's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.0.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNode 24 as default runtime (requires \u003ca href=\"https://github.com/actions/runner/releases/tag/v2.327.1\"\u003eActions Runner v2.327.1\u003c/a\u003e or later) by \u003ca href=\"https://github.com/crazy-max\"\u003e\u003ccode\u003e@​crazy-max\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/docker/login-action/pull/929\"\u003edocker/login-action#929\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSwitch to ESM and update config/test wiring by \u003ca href=\"https://github.com/crazy-max\"\u003e\u003ccode\u003e@​crazy-max\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/docker/login-action/pull/927\"\u003edocker/login-action#927\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​actions/core\u003c/code\u003e from 1.11.1 to 3.0.0 in \u003ca href=\"https://redirect.github.com/docker/login-action/pull/919\"\u003edocker/login-action#919\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​aws-sdk/client-ecr\u003c/code\u003e from 3.890.0 to 3.1000.0 in \u003ca href=\"https://redirect.github.com/docker/login-action/pull/909\"\u003edocker/login-action#909\u003c/a\u003e \u003ca href=\"https://redirect.github.com/docker/login-action/pull/920\"\u003edocker/login-action#920\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​aws-sdk/client-ecr-public\u003c/code\u003e from 3.890.0 to 3.1000.0 in \u003ca href=\"https://redirect.github.com/docker/login-action/pull/909\"\u003edocker/login-action#909\u003c/a\u003e \u003ca href=\"https://redirect.github.com/docker/login-action/pull/920\"\u003edocker/login-action#920\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​docker/actions-toolkit\u003c/code\u003e from 0.63.0 to 0.77.0 in \u003ca href=\"https://redirect.github.com/docker/login-action/pull/910\"\u003edocker/login-action#910\u003c/a\u003e \u003ca href=\"https://redirect.github.com/docker/login-action/pull/928\"\u003edocker/login-action#928\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​isaacs/brace-expansion\u003c/code\u003e from 5.0.0 to 5.0.1 in \u003ca href=\"https://redirect.github.com/docker/login-action/pull/921\"\u003edocker/login-action#921\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump js-yaml from 4.1.0 to 4.1.1 in \u003ca href=\"https://redirect.github.com/docker/login-action/pull/901\"\u003edocker/login-action#901\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/docker/login-action/compare/v3.7.0...v4.0.0\"\u003ehttps://github.com/docker/login-action/compare/v3.7.0...v4.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.7.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003escope\u003c/code\u003e input to set scopes for the authentication token by \u003ca href=\"https://github.com/crazy-max\"\u003e\u003ccode\u003e@​crazy-max\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/docker/login-action/pull/912\"\u003edocker/login-action#912\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd support for AWS European Sovereign Cloud ECR by \u003ca href=\"https://github.com/dphi\"\u003e\u003ccode\u003e@​dphi\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/docker/login-action/pull/914\"\u003edocker/login-action#914\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eEnsure passwords are redacted with \u003ccode\u003eregistry-auth\u003c/code\u003e input by \u003ca href=\"https://github.com/crazy-max\"\u003e\u003ccode\u003e@​crazy-max\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/docker/login-action/pull/911\"\u003edocker/login-action#911\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump lodash from 4.17.21 to 4.17.23 in \u003ca href=\"https://redirect.github.com/docker/login-action/pull/915\"\u003edocker/login-action#915\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/docker/login-action/compare/v3.6.0...v3.7.0\"\u003ehttps://github.com/docker/login-action/compare/v3.6.0...v3.7.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.6.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003eregistry-auth\u003c/code\u003e input for raw authentication to registries by \u003ca href=\"https://github.com/crazy-max\"\u003e\u003ccode\u003e@​crazy-max\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/docker/login-action/pull/887\"\u003edocker/login-action#887\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​aws-sdk/client-ecr\u003c/code\u003e to 3.890.0 in \u003ca href=\"https://redirect.github.com/docker/login-action/pull/882\"\u003edocker/login-action#882\u003c/a\u003e \u003ca href=\"https://redirect.github.com/docker/login-action/pull/890\"\u003edocker/login-action#890\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​aws-sdk/client-ecr-public\u003c/code\u003e to 3.890.0 in \u003ca href=\"https://redirect.github.com/docker/login-action/pull/882\"\u003edocker/login-action#882\u003c/a\u003e \u003ca href=\"https://redirect.github.com/docker/login-action/pull/890\"\u003edocker/login-action#890\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​docker/actions-toolkit\u003c/code\u003e from 0.62.1 to 0.63.0 in \u003ca href=\"https://redirect.github.com/docker/login-action/pull/883\"\u003edocker/login-action#883\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump brace-expansion from 1.1.11 to 1.1.12 in \u003ca href=\"https://redirect.github.com/docker/login-action/pull/880\"\u003edocker/login-action#880\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump undici from 5.28.4 to 5.29.0 in \u003ca href=\"https://redirect.github.com/docker/login-action/pull/879\"\u003edocker/login-action#879\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump tmp from 0.2.3 to 0.2.4 in \u003ca href=\"https://redirect.github.com/docker/login-action/pull/881\"\u003edocker/login-action#881\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/docker/login-action/compare/v3.5.0...v3.6.0\"\u003ehttps://github.com/docker/login-action/compare/v3.5.0...v3.6.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.5.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSupport dual-stack endpoints for AWS ECR by \u003ca href=\"https://github.com/Spacefish\"\u003e\u003ccode\u003e@​Spacefish\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/crazy-max\"\u003e\u003ccode\u003e@​crazy-max\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/docker/login-action/pull/874\"\u003edocker/login-action#874\u003c/a\u003e \u003ca href=\"https://redirect.github.com/docker/login-action/pull/876\"\u003edocker/login-action#876\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​aws-sdk/client-ecr\u003c/code\u003e to 3.859.0 in \u003ca href=\"https://redirect.github.com/docker/login-action/pull/860\"\u003edocker/login-action#860\u003c/a\u003e \u003ca href=\"https://redirect.github.com/docker/login-action/pull/878\"\u003edocker/login-action#878\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​aws-sdk/client-ecr-public\u003c/code\u003e to 3.859.0 in \u003ca href=\"https://redirect.github.com/docker/login-action/pull/860\"\u003edocker/login-action#860\u003c/a\u003e \u003ca href=\"https://redirect.github.com/docker/login-action/pull/878\"\u003edocker/login-action#878\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​docker/actions-toolkit\u003c/code\u003e from 0.57.0 to 0.62.1 in \u003ca href=\"https://redirect.github.com/docker/login-action/pull/870\"\u003edocker/login-action#870\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump form-data from 2.5.1 to 2.5.5 in \u003ca href=\"https://redirect.github.com/docker/login-action/pull/875\"\u003edocker/login-action#875\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/docker/login-action/compare/v3.4.0...v3.5.0\"\u003ehttps://github.com/docker/login-action/compare/v3.4.0...v3.5.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.4.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBump \u003ccode\u003e@​actions/core\u003c/code\u003e from 1.10.1 to 1.11.1 in \u003ca href=\"https://redirect.github.com/docker/login-action/pull/791\"\u003edocker/login-action#791\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​aws-sdk/client-ecr\u003c/code\u003e to 3.766.0 in \u003ca href=\"https://redirect.github.com/docker/login-action/pull/789\"\u003edocker/login-action#789\u003c/a\u003e \u003ca href=\"https://redirect.github.com/docker/login-action/pull/856\"\u003edocker/login-action#856\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​aws-sdk/client-ecr-public\u003c/code\u003e to 3.758.0 in \u003ca href=\"https://redirect.github.com/docker/login-action/pull/789\"\u003edocker/login-action#789\u003c/a\u003e \u003ca href=\"https://redirect.github.com/docker/login-action/pull/856\"\u003edocker/login-action#856\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​docker/actions-toolkit\u003c/code\u003e from 0.35.0 to 0.57.0 in \u003ca href=\"https://redirect.github.com/docker/login-action/pull/801\"\u003edocker/login-action#801\u003c/a\u003e \u003ca href=\"https://redirect.github.com/docker/login-action/pull/806\"\u003edocker/login-action#806\u003c/a\u003e \u003ca href=\"https://redirect.github.com/docker/login-action/pull/858\"\u003edocker/login-action#858\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump cross-spawn from 7.0.3 to 7.0.6 in \u003ca href=\"https://redirect.github.com/docker/login-action/pull/814\"\u003edocker/login-action#814\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump https-proxy-agent from 7.0.5 to 7.0.6 in \u003ca href=\"https://redirect.github.com/docker/login-action/pull/823\"\u003edocker/login-action#823\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump path-to-regexp from 6.2.2 to 6.3.0 in \u003ca href=\"https://redirect.github.com/docker/login-action/pull/777\"\u003edocker/login-action#777\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/docker/login-action/compare/v3.3.0...v3.4.0\"\u003ehttps://github.com/docker/login-action/compare/v3.3.0...v3.4.0\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/login-action/commit/4907a6ddec9925e35a0a9e82d7399ccc52663121\"\u003e\u003ccode\u003e4907a6d\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/docker/login-action/issues/930\"\u003e#930\u003c/a\u003e from docker/dependabot/npm_and_yarn/aws-sdk-dependenc...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/login-action/commit/1e233e691a8881d7f35ca7c2d5dfaaed80b39636\"\u003e\u003ccode\u003e1e233e6\u003c/code\u003e\u003c/a\u003e chore: update generated content\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/login-action/commit/6c24ead68057f18c30c808a431f0b85dc25663cb\"\u003e\u003ccode\u003e6c24ead\u003c/code\u003e\u003c/a\u003e build(deps): bump the aws-sdk-dependencies group with 2 updates\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/login-action/commit/ee034d70944e3546349cd24295914f139342f1e6\"\u003e\u003ccode\u003eee034d7\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/docker/login-action/issues/958\"\u003e#958\u003c/a\u003e from docker/dependabot/npm_and_yarn/lodash-4.18.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/login-action/commit/1527209db9734bd2352a2dc1a63d79c9aa5358bb\"\u003e\u003ccode\u003e1527209\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/docker/login-action/issues/937\"\u003e#937\u003c/a\u003e from docker/dependabot/npm_and_yarn/proxy-agent-depen...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/login-action/commit/d39362aba4d72f8d9d93e0962119840690133e1b\"\u003e\u003ccode\u003ed39362a\u003c/code\u003e\u003c/a\u003e build(deps): bump lodash from 4.17.23 to 4.18.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/login-action/commit/a6f092b568105cbb6d9deb7e55e0a4c5c1025fce\"\u003e\u003ccode\u003ea6f092b\u003c/code\u003e\u003c/a\u003e chore: update generated content\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/login-action/commit/60953f0bed2120ec69659d271fe18d34bc069779\"\u003e\u003ccode\u003e60953f0\u003c/code\u003e\u003c/a\u003e build(deps): bump the proxy-agent-dependencies group with 2 updates\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/login-action/commit/62c688590fb4ab6c6e89a217ced0a7b2ddcf1340\"\u003e\u003ccode\u003e62c6885\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/docker/login-action/issues/936\"\u003e#936\u003c/a\u003e from docker/dependabot/npm_and_yarn/docker/actions-to...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/login-action/commit/102c0e672992d2e992c89b6f4808d65a353b5a1a\"\u003e\u003ccode\u003e102c0e6\u003c/code\u003e\u003c/a\u003e chore: update generated content\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/docker/login-action/compare/v3...v4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `goreleaser/goreleaser-action` from 6 to 7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/goreleaser/goreleaser-action/releases\"\u003egoreleaser/goreleaser-action's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.0.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat!: node 24, update deps, rm yarn, ESM by \u003ca href=\"https://github.com/caarlos0\"\u003e\u003ccode\u003e@​caarlos0\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/goreleaser/goreleaser-action/pull/533\"\u003egoreleaser/goreleaser-action#533\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003esec: pin github action versions by \u003ca href=\"https://github.com/caarlos0\"\u003e\u003ccode\u003e@​caarlos0\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/goreleaser/goreleaser-action/pull/514\"\u003egoreleaser/goreleaser-action#514\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: Upgrade checkout GitHub Action in README.md by \u003ca href=\"https://github.com/dunglas\"\u003e\u003ccode\u003e@​dunglas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/goreleaser/goreleaser-action/pull/507\"\u003egoreleaser/goreleaser-action#507\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): bump actions/checkout from 4 to 5 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/goreleaser/goreleaser-action/pull/504\"\u003egoreleaser/goreleaser-action#504\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci(deps): bump the actions group with 2 updates by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/goreleaser/goreleaser-action/pull/517\"\u003egoreleaser/goreleaser-action#517\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci(deps): bump the actions group with 2 updates by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/goreleaser/goreleaser-action/pull/523\"\u003egoreleaser/goreleaser-action#523\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci(deps): bump docker/bake-action from 6.9.0 to 6.10.0 in the actions group by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/goreleaser/goreleaser-action/pull/526\"\u003egoreleaser/goreleaser-action#526\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci(deps): bump the actions group across 1 directory with 4 updates by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/goreleaser/goreleaser-action/pull/532\"\u003egoreleaser/goreleaser-action#532\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci(deps): bump actions/checkout from 6.0.1 to 6.0.2 in the actions group by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/goreleaser/goreleaser-action/pull/534\"\u003egoreleaser/goreleaser-action#534\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): bump the npm group across 1 directory with 4 updates by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/goreleaser/goreleaser-action/pull/536\"\u003egoreleaser/goreleaser-action#536\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): bump \u003ccode\u003e@​actions/http-client\u003c/code\u003e from 3.0.2 to 4.0.0 in the npm group by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/goreleaser/goreleaser-action/pull/537\"\u003egoreleaser/goreleaser-action#537\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci(deps): bump docker/setup-buildx-action from 3.10.0 to 3.12.0 in the actions group by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/goreleaser/goreleaser-action/pull/538\"\u003egoreleaser/goreleaser-action#538\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): bump semver from 7.7.3 to 7.7.4 in the npm group by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/goreleaser/goreleaser-action/pull/539\"\u003egoreleaser/goreleaser-action#539\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/goreleaser/goreleaser-action/compare/v6...v7.0.0\"\u003ehttps://github.com/goreleaser/goreleaser-action/compare/v6...v7.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.4.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eci: set contents read as default workflow permissions by \u003ca href=\"https://github.com/crazy-max\"\u003e\u003ccode\u003e@​crazy-max\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/goreleaser/goreleaser-action/pull/494\"\u003egoreleaser/goreleaser-action#494\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: support .config directory for goreleaser config files  by \u003ca href=\"https://github.com/haya14busa\"\u003e\u003ccode\u003e@​haya14busa\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/goreleaser/goreleaser-action/pull/500\"\u003egoreleaser/goreleaser-action#500\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): bump ...\n\n_Description has been truncated_","html_url":"https://github.com/tsouza/cerberus/pull/103","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/tsouza%2Fcerberus/issues/103","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/103/packages"},{"uuid":"4426249250","node_id":"PR_kwDONiw8xc7ahhaX","number":86,"state":"closed","title":"Bump DavidAnson/markdownlint-cli2-action from 23.1.0 to 23.2.0","user":"dependabot[bot]","labels":["dependencies","github_actions"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":"2026-05-12T04:39:31.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-12T04:39:13.000Z","updated_at":"2026-05-12T04:39:45.000Z","time_to_close":18,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"DavidAnson/markdownlint-cli2-action","old_version":"23.1.0","new_version":"23.2.0","repository_url":"https://github.com/davidanson/markdownlint-cli2-action"}],"path":null,"ecosystem":"actions"},"body":"Bumps [DavidAnson/markdownlint-cli2-action](https://github.com/davidanson/markdownlint-cli2-action) from 23.1.0 to 23.2.0.\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/ded1f9488f68a970bc66ea5619e13e9b52e601cd\"\u003e\u003ccode\u003eded1f94\u003c/code\u003e\u003c/a\u003e Update to version 23.2.0.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/dc5dad9f8ba073d9c126e0d851df92a6d37edf73\"\u003e\u003ccode\u003edc5dad9\u003c/code\u003e\u003c/a\u003e Add 10-day cooldown period to Dependabot updates.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/64b1c6ae183a8eb20a1aa3953e30a9dd4d432402\"\u003e\u003ccode\u003e64b1c6a\u003c/code\u003e\u003c/a\u003e Add package-lock.json for reproducible builds (fixes \u003ca href=\"https://redirect.github.com/davidanson/markdownlint-cli2-action/issues/362\"\u003e#362\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/6c62e06b9a7e92ae00b281d5c6794123911021af\"\u003e\u003ccode\u003e6c62e06\u003c/code\u003e\u003c/a\u003e Bump eslint-plugin-n from 17.24.0 to 18.0.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/9b5720cdbb216ebfd0f8ebfcd1b213c83ed1b206\"\u003e\u003ccode\u003e9b5720c\u003c/code\u003e\u003c/a\u003e Bump eslint from 10.2.1 to 10.3.0\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/davidanson/markdownlint-cli2-action/compare/6b51ade7a9e4a75a7ad929842dd298a3804ebe8b...ded1f9488f68a970bc66ea5619e13e9b52e601cd\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=DavidAnson/markdownlint-cli2-action\u0026package-manager=github_actions\u0026previous-version=23.1.0\u0026new-version=23.2.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/gvatsal60/high-level-design-docs/pull/86","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/gvatsal60%2Fhigh-level-design-docs/issues/86","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/86/packages"},{"uuid":"4425461501","node_id":"PR_kwDOKPii7c7afAiv","number":531,"state":"open","title":"github-actions (8.3): bump DavidAnson/markdownlint-cli2-action from 23.1.0 to 23.2.0 in the production-dependencies group","user":"dependabot[bot]","labels":["dependencies"],"assignees":["mimmi20"],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-12T01:23:03.000Z","updated_at":"2026-05-12T01:23:20.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"github-actions (8.3)","packages":[{"name":"DavidAnson/markdownlint-cli2-action","old_version":"23.1.0","new_version":"23.2.0","repository_url":"https://github.com/davidanson/markdownlint-cli2-action"}],"path":"the production-dependencies group","ecosystem":"actions"},"body":"Bumps the production-dependencies group with 1 update: [DavidAnson/markdownlint-cli2-action](https://github.com/davidanson/markdownlint-cli2-action).\n\nUpdates `DavidAnson/markdownlint-cli2-action` from 23.1.0 to 23.2.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/ded1f9488f68a970bc66ea5619e13e9b52e601cd\"\u003e\u003ccode\u003eded1f94\u003c/code\u003e\u003c/a\u003e Update to version 23.2.0.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/dc5dad9f8ba073d9c126e0d851df92a6d37edf73\"\u003e\u003ccode\u003edc5dad9\u003c/code\u003e\u003c/a\u003e Add 10-day cooldown period to Dependabot updates.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/64b1c6ae183a8eb20a1aa3953e30a9dd4d432402\"\u003e\u003ccode\u003e64b1c6a\u003c/code\u003e\u003c/a\u003e Add package-lock.json for reproducible builds (fixes \u003ca href=\"https://redirect.github.com/davidanson/markdownlint-cli2-action/issues/362\"\u003e#362\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/6c62e06b9a7e92ae00b281d5c6794123911021af\"\u003e\u003ccode\u003e6c62e06\u003c/code\u003e\u003c/a\u003e Bump eslint-plugin-n from 17.24.0 to 18.0.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/9b5720cdbb216ebfd0f8ebfcd1b213c83ed1b206\"\u003e\u003ccode\u003e9b5720c\u003c/code\u003e\u003c/a\u003e Bump eslint from 10.2.1 to 10.3.0\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/davidanson/markdownlint-cli2-action/compare/v23.1.0...v23.2.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=DavidAnson/markdownlint-cli2-action\u0026package-manager=github_actions\u0026previous-version=23.1.0\u0026new-version=23.2.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nYou can trigger a rebase of this PR by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\n\n\n\u003c/details\u003e","html_url":"https://github.com/mimmi20/ci/pull/531","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/mimmi20%2Fci/issues/531","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/531/packages"},{"uuid":"4425178172","node_id":"PR_kwDOQ280hM7aeGYp","number":9,"state":"open","title":"ci: bump DavidAnson/markdownlint-cli2-action from 23.0.0 to 23.2.0","user":"dependabot[bot]","labels":[],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-12T00:06:23.000Z","updated_at":"2026-05-12T00:06:23.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"ci","packages":[{"name":"DavidAnson/markdownlint-cli2-action","old_version":"23.0.0","new_version":"23.2.0","repository_url":"https://github.com/davidanson/markdownlint-cli2-action"}],"path":null,"ecosystem":"actions"},"body":"Bumps [DavidAnson/markdownlint-cli2-action](https://github.com/davidanson/markdownlint-cli2-action) from 23.0.0 to 23.2.0.\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/ded1f9488f68a970bc66ea5619e13e9b52e601cd\"\u003e\u003ccode\u003eded1f94\u003c/code\u003e\u003c/a\u003e Update to version 23.2.0.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/dc5dad9f8ba073d9c126e0d851df92a6d37edf73\"\u003e\u003ccode\u003edc5dad9\u003c/code\u003e\u003c/a\u003e Add 10-day cooldown period to Dependabot updates.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/64b1c6ae183a8eb20a1aa3953e30a9dd4d432402\"\u003e\u003ccode\u003e64b1c6a\u003c/code\u003e\u003c/a\u003e Add package-lock.json for reproducible builds (fixes \u003ca href=\"https://redirect.github.com/davidanson/markdownlint-cli2-action/issues/362\"\u003e#362\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/6c62e06b9a7e92ae00b281d5c6794123911021af\"\u003e\u003ccode\u003e6c62e06\u003c/code\u003e\u003c/a\u003e Bump eslint-plugin-n from 17.24.0 to 18.0.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/9b5720cdbb216ebfd0f8ebfcd1b213c83ed1b206\"\u003e\u003ccode\u003e9b5720c\u003c/code\u003e\u003c/a\u003e Bump eslint from 10.2.1 to 10.3.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/6b51ade7a9e4a75a7ad929842dd298a3804ebe8b\"\u003e\u003ccode\u003e6b51ade\u003c/code\u003e\u003c/a\u003e Update to version 23.1.0.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/ea6e0dad81a67897db7632a0a41b3a0e7cc03ca3\"\u003e\u003ccode\u003eea6e0da\u003c/code\u003e\u003c/a\u003e Freshen generated index.js file.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/3c4c2c842cd43c2afe7cb5f2ecfe9e1623fa8d14\"\u003e\u003ccode\u003e3c4c2c8\u003c/code\u003e\u003c/a\u003e Bump markdownlint-cli2 from 0.22.0 to 0.22.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/3a933d45e20b54b80131d0335d61186e63e552bd\"\u003e\u003ccode\u003e3a933d4\u003c/code\u003e\u003c/a\u003e Bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/648042e2afed596b673a8b3f8fc8fbfb48b41f43\"\u003e\u003ccode\u003e648042e\u003c/code\u003e\u003c/a\u003e Freshen generated index.js file.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/davidanson/markdownlint-cli2-action/compare/ce4853d43830c74c1753b39f3cf40f71c2031eb9...ded1f9488f68a970bc66ea5619e13e9b52e601cd\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=DavidAnson/markdownlint-cli2-action\u0026package-manager=github_actions\u0026previous-version=23.0.0\u0026new-version=23.2.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/TheBoscoClub/claude-test-skill/pull/9","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/TheBoscoClub%2Fclaude-test-skill/issues/9","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/9/packages"},{"uuid":"4425070209","node_id":"PR_kwDONjzrUs7adv3U","number":55,"state":"closed","title":"Bump DavidAnson/markdownlint-cli2-action from 23.1.0 to 23.2.0","user":"dependabot[bot]","labels":["dependencies","github_actions"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":"2026-05-11T23:40:46.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-11T23:39:38.000Z","updated_at":"2026-05-11T23:40:47.000Z","time_to_close":68,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"DavidAnson/markdownlint-cli2-action","old_version":"23.1.0","new_version":"23.2.0","repository_url":"https://github.com/davidanson/markdownlint-cli2-action"}],"path":null,"ecosystem":"actions"},"body":"Bumps [DavidAnson/markdownlint-cli2-action](https://github.com/davidanson/markdownlint-cli2-action) from 23.1.0 to 23.2.0.\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/ded1f9488f68a970bc66ea5619e13e9b52e601cd\"\u003e\u003ccode\u003eded1f94\u003c/code\u003e\u003c/a\u003e Update to version 23.2.0.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/dc5dad9f8ba073d9c126e0d851df92a6d37edf73\"\u003e\u003ccode\u003edc5dad9\u003c/code\u003e\u003c/a\u003e Add 10-day cooldown period to Dependabot updates.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/64b1c6ae183a8eb20a1aa3953e30a9dd4d432402\"\u003e\u003ccode\u003e64b1c6a\u003c/code\u003e\u003c/a\u003e Add package-lock.json for reproducible builds (fixes \u003ca href=\"https://redirect.github.com/davidanson/markdownlint-cli2-action/issues/362\"\u003e#362\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/6c62e06b9a7e92ae00b281d5c6794123911021af\"\u003e\u003ccode\u003e6c62e06\u003c/code\u003e\u003c/a\u003e Bump eslint-plugin-n from 17.24.0 to 18.0.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/9b5720cdbb216ebfd0f8ebfcd1b213c83ed1b206\"\u003e\u003ccode\u003e9b5720c\u003c/code\u003e\u003c/a\u003e Bump eslint from 10.2.1 to 10.3.0\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/davidanson/markdownlint-cli2-action/compare/6b51ade7a9e4a75a7ad929842dd298a3804ebe8b...ded1f9488f68a970bc66ea5619e13e9b52e601cd\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=DavidAnson/markdownlint-cli2-action\u0026package-manager=github_actions\u0026previous-version=23.1.0\u0026new-version=23.2.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/gvatsal60/vscode-ext-customize/pull/55","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/gvatsal60%2Fvscode-ext-customize/issues/55","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/55/packages"},{"uuid":"4424973263","node_id":"PR_kwDOD6suU87adbIp","number":58,"state":"open","title":"chore(deps): bump DavidAnson/markdownlint-cli2-action from 23.1.0 to 23.2.0","user":"dependabot[bot]","labels":["dependencies","github_actions","ci"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-11T23:19:13.000Z","updated_at":"2026-05-11T23:19:35.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps)","packages":[{"name":"DavidAnson/markdownlint-cli2-action","old_version":"23.1.0","new_version":"23.2.0","repository_url":"https://github.com/davidanson/markdownlint-cli2-action"}],"path":null,"ecosystem":"actions"},"body":"Bumps [DavidAnson/markdownlint-cli2-action](https://github.com/davidanson/markdownlint-cli2-action) from 23.1.0 to 23.2.0.\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/ded1f9488f68a970bc66ea5619e13e9b52e601cd\"\u003e\u003ccode\u003eded1f94\u003c/code\u003e\u003c/a\u003e Update to version 23.2.0.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/dc5dad9f8ba073d9c126e0d851df92a6d37edf73\"\u003e\u003ccode\u003edc5dad9\u003c/code\u003e\u003c/a\u003e Add 10-day cooldown period to Dependabot updates.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/64b1c6ae183a8eb20a1aa3953e30a9dd4d432402\"\u003e\u003ccode\u003e64b1c6a\u003c/code\u003e\u003c/a\u003e Add package-lock.json for reproducible builds (fixes \u003ca href=\"https://redirect.github.com/davidanson/markdownlint-cli2-action/issues/362\"\u003e#362\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/6c62e06b9a7e92ae00b281d5c6794123911021af\"\u003e\u003ccode\u003e6c62e06\u003c/code\u003e\u003c/a\u003e Bump eslint-plugin-n from 17.24.0 to 18.0.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/9b5720cdbb216ebfd0f8ebfcd1b213c83ed1b206\"\u003e\u003ccode\u003e9b5720c\u003c/code\u003e\u003c/a\u003e Bump eslint from 10.2.1 to 10.3.0\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/davidanson/markdownlint-cli2-action/compare/6b51ade7a9e4a75a7ad929842dd298a3804ebe8b...ded1f9488f68a970bc66ea5619e13e9b52e601cd\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=DavidAnson/markdownlint-cli2-action\u0026package-manager=github_actions\u0026previous-version=23.1.0\u0026new-version=23.2.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/pgodschalk/dotfiles/pull/58","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/pgodschalk%2Fdotfiles/issues/58","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/58/packages"},{"uuid":"4423589137","node_id":"PR_kwDOSPVQFs7aY6hM","number":16,"state":"open","title":"chore(deps)(deps): bump the actions group across 1 directory with 2 updates","user":"dependabot[bot]","labels":["ci","dependencies"],"assignees":[],"locked":false,"comments_count":4,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-11T19:14:06.000Z","updated_at":"2026-05-17T04:05:55.603Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps)(deps): bump","group_name":"actions","update_count":2,"packages":[{"name":"github/codeql-action","old_version":"4.35.2","new_version":"4.35.5","repository_url":"https://github.com/github/codeql-action"},{"name":"DavidAnson/markdownlint-cli2-action","old_version":"23.1.0","new_version":"23.2.0","repository_url":"https://github.com/davidanson/markdownlint-cli2-action"}],"path":null,"ecosystem":"actions"},"body":"Bumps the actions group with 2 updates in the / directory: [github/codeql-action](https://github.com/github/codeql-action) and [DavidAnson/markdownlint-cli2-action](https://github.com/davidanson/markdownlint-cli2-action).\n\nUpdates `github/codeql-action` from 4.35.2 to 4.35.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/github/codeql-action/releases\"\u003egithub/codeql-action's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.35.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eWe have improved how the JavaScript bundles for the CodeQL Action are generated to avoid duplication across bundles and reduce the size of the repository by around 70%. This should have no effect on the runtime behaviour of the CodeQL Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3899\"\u003e#3899\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFor performance and accuracy reasons, \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e will now only be enabled on a pull request when diff-informed analysis is also enabled for that run. If diff-informed analysis is unavailable (for example, because the PR diff ranges could not be computed), the action will fall back to a full analysis. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3791\"\u003e#3791\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIf multiple inputs are provided for the GitHub-internal \u003ccode\u003eanalysis-kinds\u003c/code\u003e input, only \u003ccode\u003ecode-scanning\u003c/code\u003e will be enabled. The \u003ccode\u003eanalysis-kinds\u003c/code\u003e input is experimental, for GitHub-internal use only, and may change without notice at any time. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3892\"\u003e#3892\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded an experimental change which, when running a Code Scanning analysis for a PR with \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e enabled, prefers CodeQL CLI versions that have a cached overlay-base database for the configured languages. This speeds up analysis for a repository when there is not yet a cached overlay-base database for the latest CLI version. We expect to roll this change out to everyone in May. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3880\"\u003e#3880\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.35.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.4\"\u003e2.25.4\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3881\"\u003e#3881\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.35.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cem\u003eUpcoming breaking change\u003c/em\u003e: Add a deprecation warning for customers using CodeQL version 2.19.3 and earlier. These versions of CodeQL were discontinued on 9 April 2026 alongside GitHub Enterprise Server 3.15, and will be unsupported by the next minor release of the CodeQL Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3837\"\u003e#3837\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eConfigurations for private registries that use Cloudsmith or GCP OIDC are now accepted. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3850\"\u003e#3850\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBest-effort connection tests for private registries now use \u003ccode\u003eGET\u003c/code\u003e requests instead of \u003ccode\u003eHEAD\u003c/code\u003e for better compatibility with various registry implementations. For NuGet feeds, the test is now always performed against the service index. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3853\"\u003e#3853\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed a bug where two diagnostics produced within the same millisecond could overwrite each other on disk, causing one of them to be lost. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3852\"\u003e#3852\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.3\"\u003e2.25.3\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3865\"\u003e#3865\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/github/codeql-action/blob/main/CHANGELOG.md\"\u003egithub/codeql-action's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eCodeQL Action Changelog\u003c/h1\u003e\n\u003cp\u003eSee the \u003ca href=\"https://github.com/github/codeql-action/releases\"\u003ereleases page\u003c/a\u003e for the relevant changes to the CodeQL CLI and language packs.\u003c/p\u003e\n\u003ch2\u003e[UNRELEASED]\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for SHA-256 Git object IDs. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3893\"\u003e#3893\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.5 - 15 May 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eWe have improved how the JavaScript bundles for the CodeQL Action are generated to avoid duplication across bundles and reduce the size of the repository by around 70%. This should have no effect on the runtime behaviour of the CodeQL Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3899\"\u003e#3899\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFor performance and accuracy reasons, \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e will now only be enabled on a pull request when diff-informed analysis is also enabled for that run. If diff-informed analysis is unavailable (for example, because the PR diff ranges could not be computed), the action will fall back to a full analysis. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3791\"\u003e#3791\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIf multiple inputs are provided for the GitHub-internal \u003ccode\u003eanalysis-kinds\u003c/code\u003e input, only \u003ccode\u003ecode-scanning\u003c/code\u003e will be enabled. The \u003ccode\u003eanalysis-kinds\u003c/code\u003e input is experimental, for GitHub-internal use only, and may change without notice at any time. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3892\"\u003e#3892\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded an experimental change which, when running a Code Scanning analysis for a PR with \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e enabled, prefers CodeQL CLI versions that have a cached overlay-base database for the configured languages. This speeds up analysis for a repository when there is not yet a cached overlay-base database for the latest CLI version. We expect to roll this change out to everyone in May. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3880\"\u003e#3880\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.4 - 07 May 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.4\"\u003e2.25.4\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3881\"\u003e#3881\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.3 - 01 May 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cem\u003eUpcoming breaking change\u003c/em\u003e: Add a deprecation warning for customers using CodeQL version 2.19.3 and earlier. These versions of CodeQL were discontinued on 9 April 2026 alongside GitHub Enterprise Server 3.15, and will be unsupported by the next minor release of the CodeQL Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3837\"\u003e#3837\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eConfigurations for private registries that use Cloudsmith or GCP OIDC are now accepted. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3850\"\u003e#3850\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBest-effort connection tests for private registries now use \u003ccode\u003eGET\u003c/code\u003e requests instead of \u003ccode\u003eHEAD\u003c/code\u003e for better compatibility with various registry implementations. For NuGet feeds, the test is now always performed against the service index. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3853\"\u003e#3853\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed a bug where two diagnostics produced within the same millisecond could overwrite each other on disk, causing one of them to be lost. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3852\"\u003e#3852\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.3\"\u003e2.25.3\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3865\"\u003e#3865\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.2 - 15 Apr 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eThe undocumented TRAP cache cleanup feature that could be enabled using the \u003ccode\u003eCODEQL_ACTION_CLEANUP_TRAP_CACHES\u003c/code\u003e environment variable is deprecated and will be removed in May 2026. If you are affected by this, we recommend disabling TRAP caching by passing the \u003ccode\u003etrap-caching: false\u003c/code\u003e input to the \u003ccode\u003einit\u003c/code\u003e Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3795\"\u003e#3795\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe Git version 2.36.0 requirement for improved incremental analysis now only applies to repositories that contain submodules. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3789\"\u003e#3789\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePython analysis on GHES no longer extracts the standard library, relying instead on models of the standard library. This should result in significantly faster extraction and analysis times, while the effect on alerts should be minimal. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3794\"\u003e#3794\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed a bug in the validation of OIDC configurations for private registries that was added in CodeQL Action 4.33.0 / 3.33.0. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3807\"\u003e#3807\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.2\"\u003e2.25.2\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3823\"\u003e#3823\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.1 - 27 Mar 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix incorrect minimum required Git version for \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e: it should have been 2.36.0, not 2.11.0. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3781\"\u003e#3781\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.0 - 27 Mar 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReduced the minimum Git version required for \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e from 2.38.0 to 2.11.0. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3767\"\u003e#3767\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.1\"\u003e2.25.1\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3773\"\u003e#3773\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.34.1 - 20 Mar 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDowngrade default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.3\"\u003e2.24.3\u003c/a\u003e due to issues with a small percentage of Actions and JavaScript analyses. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3762\"\u003e#3762\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.34.0 - 20 Mar 2026\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/9e0d7b8d25671d64c341c19c0152d693099fb5ba\"\u003e\u003ccode\u003e9e0d7b8\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3905\"\u003e#3905\u003c/a\u003e from github/update-v4.35.5-d4b485515\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/6d7d59927c0c7336c1d1247c7e159e79edbf7684\"\u003e\u003ccode\u003e6d7d599\u003c/code\u003e\u003c/a\u003e Add changelog entry for \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3899\"\u003e#3899\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/51f7e38c69d3cd7966375fe0ffff19669f22bd14\"\u003e\u003ccode\u003e51f7e38\u003c/code\u003e\u003c/a\u003e Update changelog for v4.35.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/d4b485515e8531d7071a39d526213eb5b2e74a11\"\u003e\u003ccode\u003ed4b4855\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3899\"\u003e#3899\u003c/a\u003e from github/mbg/esbuild/split\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/127de8117f134e8809c127d53e940b3ffc1db8e9\"\u003e\u003ccode\u003e127de81\u003c/code\u003e\u003c/a\u003e Merge remote-tracking branch 'origin/main' into mbg/esbuild/split\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/7fde13f26ad3f7008e8fe6755cb997b54f7a2f3b\"\u003e\u003ccode\u003e7fde13f\u003c/code\u003e\u003c/a\u003e Use src + basename in header to avoid issues on Windows\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/dfa61e7305ed28b74dcc2c68bd665b36751ad933\"\u003e\u003ccode\u003edfa61e7\u003c/code\u003e\u003c/a\u003e Improve pattern matching and error handling\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/52aafec07347933a26e670390c3f894c5c05e64a\"\u003e\u003ccode\u003e52aafec\u003c/code\u003e\u003c/a\u003e Import and call \u003ccode\u003erunWrapper\u003c/code\u003e normally in \u003ccode\u003eanalyze\u003c/code\u003e tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/0d08c01f7874da2f932e4d4e4d42b1c43be88111\"\u003e\u003ccode\u003e0d08c01\u003c/code\u003e\u003c/a\u003e Auto-generate shared bundle\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/14085a675cb6d8cddc805b946cc1d51e3232a204\"\u003e\u003ccode\u003e14085a6\u003c/code\u003e\u003c/a\u003e Auto-generate entry points\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/github/codeql-action/compare/95e58e9a2cdfd71adc6e0353d5c52f41a045d225...9e0d7b8d25671d64c341c19c0152d693099fb5ba\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `DavidAnson/markdownlint-cli2-action` from 23.1.0 to 23.2.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/ded1f9488f68a970bc66ea5619e13e9b52e601cd\"\u003e\u003ccode\u003eded1f94\u003c/code\u003e\u003c/a\u003e Update to version 23.2.0.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/dc5dad9f8ba073d9c126e0d851df92a6d37edf73\"\u003e\u003ccode\u003edc5dad9\u003c/code\u003e\u003c/a\u003e Add 10-day cooldown period to Dependabot updates.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/64b1c6ae183a8eb20a1aa3953e30a9dd4d432402\"\u003e\u003ccode\u003e64b1c6a\u003c/code\u003e\u003c/a\u003e Add package-lock.json for reproducible builds (fixes \u003ca href=\"https://redirect.github.com/davidanson/markdownlint-cli2-action/issues/362\"\u003e#362\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/6c62e06b9a7e92ae00b281d5c6794123911021af\"\u003e\u003ccode\u003e6c62e06\u003c/code\u003e\u003c/a\u003e Bump eslint-plugin-n from 17.24.0 to 18.0.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/9b5720cdbb216ebfd0f8ebfcd1b213c83ed1b206\"\u003e\u003ccode\u003e9b5720c\u003c/code\u003e\u003c/a\u003e Bump eslint from 10.2.1 to 10.3.0\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/davidanson/markdownlint-cli2-action/compare/6b51ade7a9e4a75a7ad929842dd298a3804ebe8b...ded1f9488f68a970bc66ea5619e13e9b52e601cd\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n","html_url":"https://github.com/produtoramaxvision/claude-code-maxvision-orchestration/pull/16","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/produtoramaxvision%2Fclaude-code-maxvision-orchestration/issues/16","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/16/packages"},{"uuid":"4418489291","node_id":"PR_kwDOSaAfVM7aILaD","number":2,"state":"open","title":"chore(deps)(deps): bump the actions group with 16 updates","user":"dependabot[bot]","labels":["ci","security"],"assignees":[],"locked":false,"comments_count":3,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-11T06:15:35.000Z","updated_at":"2026-05-11T06:15:51.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps)(deps): bump","group_name":"actions","update_count":16,"packages":[{"name":"actions/checkout","old_version":"4.2.2","new_version":"6.0.2","repository_url":"https://github.com/actions/checkout"},{"name":"github/codeql-action","old_version":"3.27.0","new_version":"4.35.4","repository_url":"https://github.com/github/codeql-action"},{"name":"dependabot/fetch-metadata","old_version":"2.3.0","new_version":"3.1.0","repository_url":"https://github.com/dependabot/fetch-metadata"},{"name":"actions/dependency-review-action","old_version":"4.4.0","new_version":"5.0.0","repository_url":"https://github.com/actions/dependency-review-action"},{"name":"actions/labeler","old_version":"5.0.0","new_version":"6.1.0","repository_url":"https://github.com/actions/labeler"},{"name":"reviewdog/action-actionlint","old_version":"1.65.2","new_version":"1.72.0","repository_url":"https://github.com/reviewdog/action-actionlint"},{"name":"actions/setup-python","old_version":"5.3.0","new_version":"6.2.0","repository_url":"https://github.com/actions/setup-python"},{"name":"DavidAnson/markdownlint-cli2-action","old_version":"20.0.0","new_version":"23.2.0","repository_url":"https://github.com/davidanson/markdownlint-cli2-action"},{"name":"release-drafter/release-drafter","old_version":"6.0.0","new_version":"7.3.0","repository_url":"https://github.com/release-drafter/release-drafter"},{"name":"anchore/sbom-action","old_version":"0.17.6","new_version":"0.24.0","repository_url":"https://github.com/anchore/sbom-action"},{"name":"actions/upload-artifact","old_version":"4.4.3","new_version":"7.0.1","repository_url":"https://github.com/actions/upload-artifact"},{"name":"actions/download-artifact","old_version":"4.1.8","new_version":"8.0.1","repository_url":"https://github.com/actions/download-artifact"},{"name":"sigstore/cosign-installer","old_version":"3.7.0","new_version":"4.1.2","repository_url":"https://github.com/sigstore/cosign-installer"},{"name":"actions/attest-build-provenance","old_version":"1.4.3","new_version":"4.1.0","repository_url":"https://github.com/actions/attest-build-provenance"},{"name":"ossf/scorecard-action","old_version":"2.4.0","new_version":"2.4.3","repository_url":"https://github.com/ossf/scorecard-action"},{"name":"actions/stale","old_version":"9.0.0","new_version":"10.2.0","repository_url":"https://github.com/actions/stale"}],"path":null,"ecosystem":"actions"},"body":"Bumps the actions group with 16 updates:\n\n| Package | From | To |\n| --- | --- | --- |\n| [actions/checkout](https://github.com/actions/checkout) | `4.2.2` | `6.0.2` |\n| [github/codeql-action](https://github.com/github/codeql-action) | `3.27.0` | `4.35.4` |\n| [dependabot/fetch-metadata](https://github.com/dependabot/fetch-metadata) | `2.3.0` | `3.1.0` |\n| [actions/dependency-review-action](https://github.com/actions/dependency-review-action) | `4.4.0` | `5.0.0` |\n| [actions/labeler](https://github.com/actions/labeler) | `5.0.0` | `6.1.0` |\n| [reviewdog/action-actionlint](https://github.com/reviewdog/action-actionlint) | `1.65.2` | `1.72.0` |\n| [actions/setup-python](https://github.com/actions/setup-python) | `5.3.0` | `6.2.0` |\n| [DavidAnson/markdownlint-cli2-action](https://github.com/davidanson/markdownlint-cli2-action) | `20.0.0` | `23.2.0` |\n| [release-drafter/release-drafter](https://github.com/release-drafter/release-drafter) | `6.0.0` | `7.3.0` |\n| [anchore/sbom-action](https://github.com/anchore/sbom-action) | `0.17.6` | `0.24.0` |\n| [actions/upload-artifact](https://github.com/actions/upload-artifact) | `4.4.3` | `7.0.1` |\n| [actions/download-artifact](https://github.com/actions/download-artifact) | `4.1.8` | `8.0.1` |\n| [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) | `3.7.0` | `4.1.2` |\n| [actions/attest-build-provenance](https://github.com/actions/attest-build-provenance) | `1.4.3` | `4.1.0` |\n| [ossf/scorecard-action](https://github.com/ossf/scorecard-action) | `2.4.0` | `2.4.3` |\n| [actions/stale](https://github.com/actions/stale) | `9.0.0` | `10.2.0` |\n\nUpdates `actions/checkout` from 4.2.2 to 6.0.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/checkout/releases\"\u003eactions/checkout's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.0.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd orchestration_id to git user-agent when ACTIONS_ORCHESTRATION_ID is set by \u003ca href=\"https://github.com/TingluoHuang\"\u003e\u003ccode\u003e@​TingluoHuang\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2355\"\u003eactions/checkout#2355\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix tag handling: preserve annotations and explicit fetch-tags by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2356\"\u003eactions/checkout#2356\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/checkout/compare/v6.0.1...v6.0.2\"\u003ehttps://github.com/actions/checkout/compare/v6.0.1...v6.0.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.0.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate all references from v5 and v4 to v6 by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2314\"\u003eactions/checkout#2314\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd worktree support for persist-credentials includeIf by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2327\"\u003eactions/checkout#2327\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eClarify v6 README by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2328\"\u003eactions/checkout#2328\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/checkout/compare/v6...v6.0.1\"\u003ehttps://github.com/actions/checkout/compare/v6...v6.0.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.0.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate README to include Node.js 24 support details and requirements by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2248\"\u003eactions/checkout#2248\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePersist creds to a separate file by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2286\"\u003eactions/checkout#2286\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ev6-beta by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2298\"\u003eactions/checkout#2298\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eupdate readme/changelog for v6 by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2311\"\u003eactions/checkout#2311\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/checkout/compare/v5.0.0...v6.0.0\"\u003ehttps://github.com/actions/checkout/compare/v5.0.0...v6.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6-beta\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cp\u003eUpdated persist-credentials to store the credentials under \u003ccode\u003e$RUNNER_TEMP\u003c/code\u003e instead of directly in the local git config.\u003c/p\u003e\n\u003cp\u003eThis requires a minimum Actions Runner version of \u003ca href=\"https://github.com/actions/runner/releases/tag/v2.329.0\"\u003ev2.329.0\u003c/a\u003e to access the persisted credentials for \u003ca href=\"https://docs.github.com/en/actions/tutorials/use-containerized-services/create-a-docker-container-action\"\u003eDocker container action\u003c/a\u003e scenarios.\u003c/p\u003e\n\u003ch2\u003ev5.0.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePort v6 cleanup to v5 by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2301\"\u003eactions/checkout#2301\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/checkout/compare/v5...v5.0.1\"\u003ehttps://github.com/actions/checkout/compare/v5...v5.0.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.0.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate actions checkout to use node 24 by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2226\"\u003eactions/checkout#2226\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePrepare v5.0.0 release by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2238\"\u003eactions/checkout#2238\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e⚠️ Minimum Compatible Runner Version\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003ev2.327.1\u003c/strong\u003e\u003cbr /\u003e\n\u003ca href=\"https://github.com/actions/runner/releases/tag/v2.327.1\"\u003eRelease Notes\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/checkout/blob/main/CHANGELOG.md\"\u003eactions/checkout's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003ch2\u003ev6.0.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix tag handling: preserve annotations and explicit fetch-tags by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2356\"\u003eactions/checkout#2356\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.0.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd worktree support for persist-credentials includeIf by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2327\"\u003eactions/checkout#2327\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.0.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePersist creds to a separate file by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2286\"\u003eactions/checkout#2286\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate README to include Node.js 24 support details and requirements by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2248\"\u003eactions/checkout#2248\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.0.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePort v6 cleanup to v5 by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2301\"\u003eactions/checkout#2301\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.0.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate actions checkout to use node 24 by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2226\"\u003eactions/checkout#2226\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.3.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePort v6 cleanup to v4 by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2305\"\u003eactions/checkout#2305\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.3.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edocs: update README.md by \u003ca href=\"https://github.com/motss\"\u003e\u003ccode\u003e@​motss\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1971\"\u003eactions/checkout#1971\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd internal repos for checking out multiple repositories by \u003ca href=\"https://github.com/mouismail\"\u003e\u003ccode\u003e@​mouismail\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1977\"\u003eactions/checkout#1977\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDocumentation update - add recommended permissions to Readme by \u003ca href=\"https://github.com/benwells\"\u003e\u003ccode\u003e@​benwells\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2043\"\u003eactions/checkout#2043\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdjust positioning of user email note and permissions heading by \u003ca href=\"https://github.com/joshmgross\"\u003e\u003ccode\u003e@​joshmgross\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2044\"\u003eactions/checkout#2044\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate README.md by \u003ca href=\"https://github.com/nebuk89\"\u003e\u003ccode\u003e@​nebuk89\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2194\"\u003eactions/checkout#2194\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate CODEOWNERS for actions by \u003ca href=\"https://github.com/TingluoHuang\"\u003e\u003ccode\u003e@​TingluoHuang\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2224\"\u003eactions/checkout#2224\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate package dependencies by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2236\"\u003eactions/checkout#2236\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.2.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eurl-helper.ts\u003c/code\u003e now leverages well-known environment variables by \u003ca href=\"https://github.com/jww3\"\u003e\u003ccode\u003e@​jww3\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1941\"\u003eactions/checkout#1941\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eExpand unit test coverage for \u003ccode\u003eisGhes\u003c/code\u003e by \u003ca href=\"https://github.com/jww3\"\u003e\u003ccode\u003e@​jww3\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1946\"\u003eactions/checkout#1946\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.2.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCheck out other refs/* by commit if provided, fall back to ref by \u003ca href=\"https://github.com/orhantoy\"\u003e\u003ccode\u003e@​orhantoy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1924\"\u003eactions/checkout#1924\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.2.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd Ref and Commit outputs by \u003ca href=\"https://github.com/lucacome\"\u003e\u003ccode\u003e@​lucacome\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1180\"\u003eactions/checkout#1180\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDependency updates by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e- \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1777\"\u003eactions/checkout#1777\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1872\"\u003eactions/checkout#1872\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.1.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBump the minor-npm-dependencies group across 1 directory with 4 updates by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1739\"\u003eactions/checkout#1739\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump actions/checkout from 3 to 4 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1697\"\u003eactions/checkout#1697\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCheck out other refs/* by commit by \u003ca href=\"https://github.com/orhantoy\"\u003e\u003ccode\u003e@​orhantoy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1774\"\u003eactions/checkout#1774\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePin actions/checkout's own workflows to a known, good, stable version. by \u003ca href=\"https://github.com/jww3\"\u003e\u003ccode\u003e@​jww3\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1776\"\u003eactions/checkout#1776\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.1.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCheck platform to set archive extension appropriately by \u003ca href=\"https://github.com/cory-miller\"\u003e\u003ccode\u003e@​cory-miller\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1732\"\u003eactions/checkout#1732\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/de0fac2e4500dabe0009e67214ff5f5447ce83dd\"\u003e\u003ccode\u003ede0fac2\u003c/code\u003e\u003c/a\u003e Fix tag handling: preserve annotations and explicit fetch-tags (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2356\"\u003e#2356\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/064fe7f3312418007dea2b49a19844a9ee378f49\"\u003e\u003ccode\u003e064fe7f\u003c/code\u003e\u003c/a\u003e Add orchestration_id to git user-agent when ACTIONS_ORCHESTRATION_ID is set (...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/8e8c483db84b4bee98b60c0593521ed34d9990e8\"\u003e\u003ccode\u003e8e8c483\u003c/code\u003e\u003c/a\u003e Clarify v6 README (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2328\"\u003e#2328\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/033fa0dc0b82693d8986f1016a0ec2c5e7d9cbb1\"\u003e\u003ccode\u003e033fa0d\u003c/code\u003e\u003c/a\u003e Add worktree support for persist-credentials includeIf (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2327\"\u003e#2327\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/c2d88d3ecc89a9ef08eebf45d9637801dcee7eb5\"\u003e\u003ccode\u003ec2d88d3\u003c/code\u003e\u003c/a\u003e Update all references from v5 and v4 to v6 (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2314\"\u003e#2314\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/1af3b93b6815bc44a9784bd300feb67ff0d1eeb3\"\u003e\u003ccode\u003e1af3b93\u003c/code\u003e\u003c/a\u003e update readme/changelog for v6 (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2311\"\u003e#2311\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/71cf2267d89c5cb81562390fa70a37fa40b1305e\"\u003e\u003ccode\u003e71cf226\u003c/code\u003e\u003c/a\u003e v6-beta (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2298\"\u003e#2298\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/069c6959146423d11cd0184e6accf28f9d45f06e\"\u003e\u003ccode\u003e069c695\u003c/code\u003e\u003c/a\u003e Persist creds to a separate file (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2286\"\u003e#2286\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/ff7abcd0c3c05ccf6adc123a8cd1fd4fb30fb493\"\u003e\u003ccode\u003eff7abcd\u003c/code\u003e\u003c/a\u003e Update README to include Node.js 24 support details and requirements (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2248\"\u003e#2248\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/08c6903cd8c0fde910a37f88322edcfb5dd907a8\"\u003e\u003ccode\u003e08c6903\u003c/code\u003e\u003c/a\u003e Prepare v5.0.0 release (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2238\"\u003e#2238\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/actions/checkout/compare/11bd71901bbe5b1630ceea73d27597364c9af683...de0fac2e4500dabe0009e67214ff5f5447ce83dd\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github/codeql-action` from 3.27.0 to 4.35.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/github/codeql-action/releases\"\u003egithub/codeql-action's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.35.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.4\"\u003e2.25.4\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3881\"\u003e#3881\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.35.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cem\u003eUpcoming breaking change\u003c/em\u003e: Add a deprecation warning for customers using CodeQL version 2.19.3 and earlier. These versions of CodeQL were discontinued on 9 April 2026 alongside GitHub Enterprise Server 3.15, and will be unsupported by the next minor release of the CodeQL Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3837\"\u003e#3837\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eConfigurations for private registries that use Cloudsmith or GCP OIDC are now accepted. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3850\"\u003e#3850\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBest-effort connection tests for private registries now use \u003ccode\u003eGET\u003c/code\u003e requests instead of \u003ccode\u003eHEAD\u003c/code\u003e for better compatibility with various registry implementations. For NuGet feeds, the test is now always performed against the service index. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3853\"\u003e#3853\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed a bug where two diagnostics produced within the same millisecond could overwrite each other on disk, causing one of them to be lost. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3852\"\u003e#3852\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.3\"\u003e2.25.3\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3865\"\u003e#3865\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.35.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eThe undocumented TRAP cache cleanup feature that could be enabled using the \u003ccode\u003eCODEQL_ACTION_CLEANUP_TRAP_CACHES\u003c/code\u003e environment variable is deprecated and will be removed in May 2026. If you are affected by this, we recommend disabling TRAP caching by passing the \u003ccode\u003etrap-caching: false\u003c/code\u003e input to the \u003ccode\u003einit\u003c/code\u003e Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3795\"\u003e#3795\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe Git version 2.36.0 requirement for improved incremental analysis now only applies to repositories that contain submodules. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3789\"\u003e#3789\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePython analysis on GHES no longer extracts the standard library, relying instead on models of the standard library. This should result in significantly faster extraction and analysis times, while the effect on alerts should be minimal. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3794\"\u003e#3794\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed a bug in the validation of OIDC configurations for private registries that was added in CodeQL Action 4.33.0 / 3.33.0. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3807\"\u003e#3807\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.2\"\u003e2.25.2\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3823\"\u003e#3823\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.35.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix incorrect minimum required Git version for \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e: it should have been 2.36.0, not 2.11.0. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3781\"\u003e#3781\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.35.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReduced the minimum Git version required for \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e from 2.38.0 to 2.11.0. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3767\"\u003e#3767\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.1\"\u003e2.25.1\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3773\"\u003e#3773\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.34.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDowngrade default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.3\"\u003e2.24.3\u003c/a\u003e due to issues with a small percentage of Actions and JavaScript analyses. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3762\"\u003e#3762\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.34.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded an experimental change which disables TRAP caching when \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e is enabled, since improved incremental analysis supersedes TRAP caching. This will improve performance and reduce Actions cache usage. We expect to roll this change out to everyone in March. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3569\"\u003e#3569\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eWe are rolling out improved incremental analysis to C/C++ analyses that use build mode \u003ccode\u003enone\u003c/code\u003e. We expect this rollout to be complete by the end of April 2026. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3584\"\u003e#3584\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.0\"\u003e2.25.0\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3585\"\u003e#3585\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.33.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eUpcoming change: Starting April 2026, the CodeQL Action will skip collecting file coverage information on pull requests to improve analysis performance. File coverage information will still be computed on non-PR analyses. Pull request analyses will log a warning about this upcoming change. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3562\"\u003e#3562\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eTo opt out of this change:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eRepositories owned by an organization:\u003c/strong\u003e Create a custom repository property with the name \u003ccode\u003egithub-codeql-file-coverage-on-prs\u003c/code\u003e and the type \u0026quot;True/false\u0026quot;, then set this property to \u003ccode\u003etrue\u003c/code\u003e in the repository's settings. For more information, see \u003ca href=\"https://docs.github.com/en/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization\"\u003eManaging custom properties for repositories in your organization\u003c/a\u003e. Alternatively, if you are using an advanced setup workflow, you can set the \u003ccode\u003eCODEQL_ACTION_FILE_COVERAGE_ON_PRS\u003c/code\u003e environment variable to \u003ccode\u003etrue\u003c/code\u003e in your workflow.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUser-owned repositories using default setup:\u003c/strong\u003e Switch to an advanced setup workflow and set the \u003ccode\u003eCODEQL_ACTION_FILE_COVERAGE_ON_PRS\u003c/code\u003e environment variable to \u003ccode\u003etrue\u003c/code\u003e in your workflow.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUser-owned repositories using advanced setup:\u003c/strong\u003e Set the \u003ccode\u003eCODEQL_ACTION_FILE_COVERAGE_ON_PRS\u003c/code\u003e environment variable to \u003ccode\u003etrue\u003c/code\u003e in your workflow.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixed \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3555\"\u003ea bug\u003c/a\u003e which caused the CodeQL Action to fail loading repository properties if a \u0026quot;Multi select\u0026quot; repository property was configured for the repository. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3557\"\u003e#3557\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eThe CodeQL Action now loads \u003ca href=\"https://docs.github.com/en/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization\"\u003ecustom repository properties\u003c/a\u003e on GitHub Enterprise Server, enabling the customization of features such as \u003ccode\u003egithub-codeql-disable-overlay\u003c/code\u003e that was previously only available on GitHub.com. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3559\"\u003e#3559\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eOnce \u003ca href=\"https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries\"\u003eprivate package registries\u003c/a\u003e can be configured with OIDC-based authentication for organizations, the CodeQL Action will now be able to accept such configurations. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3563\"\u003e#3563\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixed the retry mechanism for database uploads. Previously this would fail with the error \u0026quot;Response body object should not be disturbed or locked\u0026quot;. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3564\"\u003e#3564\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eA warning is now emitted if the CodeQL Action detects a repository property whose name suggests that it relates to the CodeQL Action, but which is not one of the properties recognised by the current version of the CodeQL Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3570\"\u003e#3570\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.32.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.3\"\u003e2.24.3\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3548\"\u003e#3548\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.32.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRepositories owned by an organization can now set up the \u003ccode\u003egithub-codeql-disable-overlay\u003c/code\u003e custom repository property to disable \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis for CodeQL\u003c/a\u003e. First, create a custom repository property with the name \u003ccode\u003egithub-codeql-disable-overlay\u003c/code\u003e and the type \u0026quot;True/false\u0026quot; in the organization's settings. Then in the repository's settings, set this property to \u003ccode\u003etrue\u003c/code\u003e to disable improved incremental analysis. For more information, see \u003ca href=\"https://docs.github.com/en/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization\"\u003eManaging custom properties for repositories in your organization\u003c/a\u003e. This feature is not yet available on GitHub Enterprise Server. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3507\"\u003e#3507\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/github/codeql-action/blob/main/CHANGELOG.md\"\u003egithub/codeql-action's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eCodeQL Action Changelog\u003c/h1\u003e\n\u003cp\u003eSee the \u003ca href=\"https://github.com/github/codeql-action/releases\"\u003ereleases page\u003c/a\u003e for the relevant changes to the CodeQL CLI and language packs.\u003c/p\u003e\n\u003ch2\u003e[UNRELEASED]\u003c/h2\u003e\n\u003cp\u003eNo user facing changes.\u003c/p\u003e\n\u003ch2\u003e4.35.4 - 07 May 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.4\"\u003e2.25.4\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3881\"\u003e#3881\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.3 - 01 May 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cem\u003eUpcoming breaking change\u003c/em\u003e: Add a deprecation warning for customers using CodeQL version 2.19.3 and earlier. These versions of CodeQL were discontinued on 9 April 2026 alongside GitHub Enterprise Server 3.15, and will be unsupported by the next minor release of the CodeQL Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3837\"\u003e#3837\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eConfigurations for private registries that use Cloudsmith or GCP OIDC are now accepted. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3850\"\u003e#3850\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBest-effort connection tests for private registries now use \u003ccode\u003eGET\u003c/code\u003e requests instead of \u003ccode\u003eHEAD\u003c/code\u003e for better compatibility with various registry implementations. For NuGet feeds, the test is now always performed against the service index. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3853\"\u003e#3853\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed a bug where two diagnostics produced within the same millisecond could overwrite each other on disk, causing one of them to be lost. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3852\"\u003e#3852\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.3\"\u003e2.25.3\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3865\"\u003e#3865\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.2 - 15 Apr 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eThe undocumented TRAP cache cleanup feature that could be enabled using the \u003ccode\u003eCODEQL_ACTION_CLEANUP_TRAP_CACHES\u003c/code\u003e environment variable is deprecated and will be removed in May 2026. If you are affected by this, we recommend disabling TRAP caching by passing the \u003ccode\u003etrap-caching: false\u003c/code\u003e input to the \u003ccode\u003einit\u003c/code\u003e Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3795\"\u003e#3795\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe Git version 2.36.0 requirement for improved incremental analysis now only applies to repositories that contain submodules. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3789\"\u003e#3789\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePython analysis on GHES no longer extracts the standard library, relying instead on models of the standard library. This should result in significantly faster extraction and analysis times, while the effect on alerts should be minimal. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3794\"\u003e#3794\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed a bug in the validation of OIDC configurations for private registries that was added in CodeQL Action 4.33.0 / 3.33.0. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3807\"\u003e#3807\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.2\"\u003e2.25.2\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3823\"\u003e#3823\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.1 - 27 Mar 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix incorrect minimum required Git version for \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e: it should have been 2.36.0, not 2.11.0. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3781\"\u003e#3781\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.0 - 27 Mar 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReduced the minimum Git version required for \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e from 2.38.0 to 2.11.0. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3767\"\u003e#3767\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.1\"\u003e2.25.1\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3773\"\u003e#3773\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.34.1 - 20 Mar 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDowngrade default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.3\"\u003e2.24.3\u003c/a\u003e due to issues with a small percentage of Actions and JavaScript analyses. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3762\"\u003e#3762\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.34.0 - 20 Mar 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded an experimental change which disables TRAP caching when \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e is enabled, since improved incremental analysis supersedes TRAP caching. This will improve performance and reduce Actions cache usage. We expect to roll this change out to everyone in March. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3569\"\u003e#3569\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eWe are rolling out improved incremental analysis to C/C++ analyses that use build mode \u003ccode\u003enone\u003c/code\u003e. We expect this rollout to be complete by the end of April 2026. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3584\"\u003e#3584\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.0\"\u003e2.25.0\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3585\"\u003e#3585\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.33.0 - 16 Mar 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpcoming change: Starting April 2026, the CodeQL Action will skip collecting file coverage information on pull requests to improve analysis performance. File coverage information will still be computed on non-PR analyses. Pull request analyses will log a warning about this upcoming change. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3562\"\u003e#3562\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/68bde559dea0fdcac2102bfdf6230c5f70eb485e\"\u003e\u003ccode\u003e68bde55\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3885\"\u003e#3885\u003c/a\u003e from github/update-v4.35.4-803d9e8c3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/9739ad2d182c072da0d01a6887f7f39620f71b1e\"\u003e\u003ccode\u003e9739ad2\u003c/code\u003e\u003c/a\u003e Update changelog for v4.35.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/803d9e8c3ca8b0dd2029a1da3b541a18b6bfb076\"\u003e\u003ccode\u003e803d9e8\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3883\"\u003e#3883\u003c/a\u003e from github/mbg/test/macro-wrapper\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/0fd9c7d1358a7404e46ed8165f12262f56bd1434\"\u003e\u003ccode\u003e0fd9c7d\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3882\"\u003e#3882\u003c/a\u003e from github/dependabot/github_actions/dot-github/wor...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/922d6fb888d665134eb982b150b8912dbd48e21a\"\u003e\u003ccode\u003e922d6fb\u003c/code\u003e\u003c/a\u003e Use \u003ccode\u003emakeMacro\u003c/code\u003e instead of \u003ccode\u003etest.macro\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/df77e87896689b5c736433984c5df14d86c63d56\"\u003e\u003ccode\u003edf77e87\u003c/code\u003e\u003c/a\u003e Update test macro snippet\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/6e3f985e4fc409a188c7701b68c4dec158c9ced3\"\u003e\u003ccode\u003e6e3f985\u003c/code\u003e\u003c/a\u003e Add wrapper for \u003ccode\u003etest.macro\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/e7a347dfb1bfb7a858347623fcb4f650effca6b5\"\u003e\u003ccode\u003ee7a347d\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3881\"\u003e#3881\u003c/a\u003e from github/update-bundle/codeql-bundle-v2.25.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/17eabb2500031486a71e00ecbcb72c73804a6c9f\"\u003e\u003ccode\u003e17eabb2\u003c/code\u003e\u003c/a\u003e Rebuild\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/aaef09c48db2dd7f0100363de1785963a34cd706\"\u003e\u003ccode\u003eaaef09c\u003c/code\u003e\u003c/a\u003e Bump ruby/setup-ruby\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/github/codeql-action/compare/662472033e021d55d94146f66f6058822b0b39fd...68bde559dea0fdcac2102bfdf6230c5f70eb485e\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `dependabot/fetch-metadata` from 2.3.0 to 3.1.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/dependabot/fetch-metadata/releases\"\u003edependabot/fetch-metadata's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.1.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd permissions to all workflows by \u003ca href=\"https://github.com/truggeri\"\u003e\u003ccode\u003e@​truggeri\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/687\"\u003edependabot/fetch-metadata#687\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump globals from 16.0.0 to 17.4.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/690\"\u003edependabot/fetch-metadata#690\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump esbuild from 0.27.4 to 0.28.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/693\"\u003edependabot/fetch-metadata#693\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump \u003ccode\u003e@​hono/node-server\u003c/code\u003e from 1.19.10 to 1.19.13 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/694\"\u003edependabot/fetch-metadata#694\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump hono from 4.12.7 to 4.12.12 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/695\"\u003edependabot/fetch-metadata#695\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDynamically update the tracking tag in action by \u003ca href=\"https://github.com/truggeri\"\u003e\u003ccode\u003e@​truggeri\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/696\"\u003edependabot/fetch-metadata#696\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: handle duplicate dependency names in parseMetadataLinks by \u003ca href=\"https://github.com/devantler\"\u003e\u003ccode\u003e@​devantler\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/700\"\u003edependabot/fetch-metadata#700\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: remove $ anchor from updateFragment regex to handle pip directory suffixes by \u003ca href=\"https://github.com/devantler\"\u003e\u003ccode\u003e@​devantler\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/698\"\u003edependabot/fetch-metadata#698\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdates to README for permissions clarification by \u003ca href=\"https://github.com/truggeri\"\u003e\u003ccode\u003e@​truggeri\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/697\"\u003edependabot/fetch-metadata#697\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: resolve update-type null for Python, Composer, and Terraform PRs by \u003ca href=\"https://github.com/vitorsdcs\"\u003e\u003ccode\u003e@​vitorsdcs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/704\"\u003edependabot/fetch-metadata#704\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump globals from 17.4.0 to 17.5.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/703\"\u003edependabot/fetch-metadata#703\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/create-github-app-token from 3.0.0 to 3.1.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/701\"\u003edependabot/fetch-metadata#701\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump \u003ccode\u003e@​actions/github\u003c/code\u003e from 9.0.0 to 9.1.0 in the dependencies group across 1 directory by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/702\"\u003edependabot/fetch-metadata#702\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump hono from 4.12.12 to 4.12.14 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/705\"\u003edependabot/fetch-metadata#705\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ev3.1.0 by \u003ca href=\"https://github.com/fetch-metadata-action-automation\"\u003e\u003ccode\u003e@​fetch-metadata-action-automation\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/692\"\u003edependabot/fetch-metadata#692\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/devantler\"\u003e\u003ccode\u003e@​devantler\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/700\"\u003edependabot/fetch-metadata#700\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitorsdcs\"\u003e\u003ccode\u003e@​vitorsdcs\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/704\"\u003edependabot/fetch-metadata#704\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/dependabot/fetch-metadata/compare/v3...v3.1.0\"\u003ehttps://github.com/dependabot/fetch-metadata/compare/v3...v3.1.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.0.0\u003c/h2\u003e\n\u003cp\u003eThe breaking change is requiring Node.js version v24 as the Actions runtime.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat: Parse versions from metadata links by \u003ca href=\"https://github.com/ppkarwasz\"\u003e\u003ccode\u003e@​ppkarwasz\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/632\"\u003edependabot/fetch-metadata#632\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade actions core and actions github packages by \u003ca href=\"https://github.com/truggeri\"\u003e\u003ccode\u003e@​truggeri\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/649\"\u003edependabot/fetch-metadata#649\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: Add notes for using \u003ccode\u003ealert-lookup\u003c/code\u003e with App Token by \u003ca href=\"https://github.com/sue445\"\u003e\u003ccode\u003e@​sue445\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/656\"\u003edependabot/fetch-metadata#656\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat!: update Node.js version to v24 by \u003ca href=\"https://github.com/sturman\"\u003e\u003ccode\u003e@​sturman\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/671\"\u003edependabot/fetch-metadata#671\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSwitch build tooling from ncc to esbuild by \u003ca href=\"https://github.com/truggeri\"\u003e\u003ccode\u003e@​truggeri\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/676\"\u003edependabot/fetch-metadata#676\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd --legal-comments=none to esbuild build commands by \u003ca href=\"https://github.com/jeffwidman\"\u003e\u003ccode\u003e@​jeffwidman\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/679\"\u003edependabot/fetch-metadata#679\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump tsconfig target from es2022 to es2024 by \u003ca href=\"https://github.com/jeffwidman\"\u003e\u003ccode\u003e@​jeffwidman\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/680\"\u003edependabot/fetch-metadata#680\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemove vestigial outDir from tsconfig.json by \u003ca href=\"https://github.com/jeffwidman\"\u003e\u003ccode\u003e@​jeffwidman\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/681\"\u003edependabot/fetch-metadata#681\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSwitch tsconfig module resolution to bundler by \u003ca href=\"https://github.com/jeffwidman\"\u003e\u003ccode\u003e@​jeffwidman\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/682\"\u003edependabot/fetch-metadata#682\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemove skipLibCheck from tsconfig.json by \u003ca href=\"https://github.com/jeffwidman\"\u003e\u003ccode\u003e@​jeffwidman\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/683\"\u003edependabot/fetch-metadata#683\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd typecheck step to CI by \u003ca href=\"https://github.com/jeffwidman\"\u003e\u003ccode\u003e@​jeffwidman\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/685\"\u003edependabot/fetch-metadata#685\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eEnable noImplicitAny in tsconfig.json by \u003ca href=\"https://github.com/jeffwidman\"\u003e\u003ccode\u003e@​jeffwidman\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/684\"\u003edependabot/fetch-metadata#684\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade \u003ccode\u003e@​actions/core\u003c/code\u003e to ^3.0.0 by \u003ca href=\"https://github.com/truggeri\"\u003e\u003ccode\u003e@​truggeri\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/677\"\u003edependabot/fetch-metadata#677\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade \u003ccode\u003e@​actions/github\u003c/code\u003e to ^9.0.0 and \u003ccode\u003e@​octokit/request-error\u003c/code\u003e to ^7.1.0 by \u003ca href=\"https://github.com/truggeri\"\u003e\u003ccode\u003e@​truggeri\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/678\"\u003edependabot/fetch-metadata#678\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump qs from 6.14.0 to 6.14.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/651\"\u003edependabot/fetch-metadata#651\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump hono from 4.11.1 to 4.11.4 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/652\"\u003edependabot/fetch-metadata#652\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump hono from 4.11.4 to 4.11.7 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/653\"\u003edependabot/fetch-metadata#653\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump hono from 4.11.7 to 4.12.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/657\"\u003edependabot/fetch-metadata#657\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump qs from 6.14.1 to 6.14.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/655\"\u003edependabot/fetch-metadata#655\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​modelcontextprotocol/sdk\u003c/code\u003e from 1.25.1 to 1.26.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/654\"\u003edependabot/fetch-metadata#654\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​hono/node-server\u003c/code\u003e from 1.19.9 to 1.19.10 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/665\"\u003edependabot/fetch-metadata#665\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump hono from 4.12.2 to 4.12.5 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/664\"\u003edependabot/fetch-metadata#664\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dependabot/fetch-metadata/commit/25dd0e34f4fe68f24cc83900b1fe3fe149efef98\"\u003e\u003ccode\u003e25dd0e3\u003c/code\u003e\u003c/a\u003e v3.1.0 (\u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/issues/692\"\u003e#692\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dependabot/fetch-metadata/commit/e073f50d732cb48d48fb80afedb4fa61361626e9\"\u003e\u003ccode\u003ee073f50\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/issues/705\"\u003e#705\u003c/a\u003e from dependabot/dependabot/npm_and_yarn/hono-4.12.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dependabot/fetch-metadata/commit/0670e167df1fbee1b0d07121de6a182ddebdd674\"\u003e\u003ccode\u003e0670e16\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump hono from 4.12.12 to 4.12.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dependabot/fetch-metadata/commit/7a7fe10a42310e65df80af6c771e9aa5d59842d1\"\u003e\u003ccode\u003e7a7fe10\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/issues/702\"\u003e#702\u003c/a\u003e from dependabot/dependabot/npm_and_yarn/dependencies-...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dependabot/fetch-metadata/commit/5168191cea3d4daa635bff6c796b4f0faeba522d\"\u003e\u003ccode\u003e5168191\u003c/code\u003e\u003c/a\u003e Updating dist build\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dependabot/fetch-metadata/commit/23882e175b2f16bc495c89aa50940399c6a17504\"\u003e\u003ccode\u003e23882e1\u003c/code\u003e\u003c/a\u003e build(deps): bump \u003ccode\u003e@​actions/github\u003c/code\u003e in the dependencies group\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dependabot/fetch-metadata/commit/1072469591c13fda1d8dba1d1ac2e80187e247d7\"\u003e\u003ccode\u003e1072469\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/issues/701\"\u003e#701\u003c/a\u003e from dependabot/dependabot/github_actions/actions/cre...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dependabot/fetch-metadata/commit/43f8a0055c8e32587be67e097dff89a6823c9752\"\u003e\u003ccode\u003e43f8a00\u003c/code\u003e\u003c/a\u003e build(deps): bump actions/create-github-app-token from 3.0.0 to 3.1.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dependabot/fetch-metadata/commit/b4d904a50935c8ebe744da148ea8a18a43fe72e1\"\u003e\u003ccode\u003eb4d904a\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/issues/703\"\u003e#703\u003c/a\u003e from dependabot/dependabot/npm_and_yarn/globals-17.5.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dependabot/fetch-metadata/commit/c8046bb877d9989cc848797de1b944bc3e93ef82\"\u003e\u003ccode\u003ec8046bb\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump globals from 17.4.0 to 17.5.0\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/dependabot/fetch-metadata/compare/d7267f607e9d3fb96fc2fbe83e0af444713e90b7...25dd0e34f4fe68f24cc83900b1fe3fe149efef98\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `actions/dependency-review-action` from 4.4.0 to 5.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/dependency-review-action/releases\"\u003eactions/dependency-review-action's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.0.0\u003c/h2\u003e\n\u003cp\u003eThis is a new major version of the Dependency Review Action which updates the runtime to node24. This requires a minimum Actions Runner version \u003ca href=\"https://github.com/actions/runner/releases/tag/v2.327.1\"\u003ev2.327.1\u003c/a\u003e to run.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd .github/copilot-instructions.md for Copilot coding agent by \u003ca href=\"https://github.com/ahpook\"\u003e\u003ccode\u003e@​ahpook\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1067\"\u003eactions/dependency-review-action#1067\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate Node.js runtime from 20 to 24 by \u003ca href=\"https://github.com/scottschreckengaust\"\u003e\u003ccode\u003e@​scottschreckengaust\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1084\"\u003eactions/dependency-review-action#1084\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump spdx-license-ids from 3.0.20 to 3.0.23 by \u003ca href=\"https://github.com/mongolyy\"\u003e\u003ccode\u003e@​mongolyy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1091\"\u003eactions/dependency-review-action#1091\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: bump actions/checkout from v4 to v6 in workflow examples by \u003ca href=\"https://github.com/Marukome0743\"\u003e\u003ccode\u003e@​Marukome0743\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1077\"\u003eactions/dependency-review-action#1077\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: patched version display for advisories with non-strict semver ranges (e.g. Maven beta versions) by \u003ca href=\"https://github.com/tspascoal\"\u003e\u003ccode\u003e@​tspascoal\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1076\"\u003eactions/dependency-review-action#1076\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eResolve security findings by \u003ca href=\"https://github.com/AshelyTC\"\u003e\u003ccode\u003e@​AshelyTC\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1094\"\u003eactions/dependency-review-action#1094\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ev5.0.0 release branch by \u003ca href=\"https://github.com/ahpook\"\u003e\u003ccode\u003e@​ahpook\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1098\"\u003eactions/dependency-review-action#1098\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/scottschreckengaust\"\u003e\u003ccode\u003e@​scottschreckengaust\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1084\"\u003eactions/dependency-review-action#1084\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mongolyy\"\u003e\u003ccode\u003e@​mongolyy\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1091\"\u003eactions/dependency-review-action#1091\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Marukome0743\"\u003e\u003ccode\u003e@​Marukome0743\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1077\"\u003eactions/dependency-review-action#1077\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/dependency-review-action/compare/v4.9.0...v5.0.0\"\u003ehttps://github.com/actions/dependency-review-action/compare/v4.9.0...v5.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eDependency Review Action 4.9.0\u003c/h2\u003e\n\u003cp\u003eThis feature release contains a couple of notable changes:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThere is a new configuration option \u003ccode\u003eshow_patched_versions\u003c/code\u003e which will add a column to the output, showing the fix version of each vulnerable dependency. Thanks \u003ca href=\"https://github.com/felickz\"\u003e\u003ccode\u003e@​felickz\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eRuns which do not display OpenSSF scorecards no longer fetch scorecard information; previously it was fetched regardless of whether or not it was displayed, causing unneccessary slowness. Great catch \u003ca href=\"https://github.com/jantiebot\"\u003e\u003ccode\u003e@​jantiebot\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eThere are a couple of fixes to purl parsing which should improve match accuracy for \u003ccode\u003eallow-package-dependency\u003c/code\u003e lists, including case (in)sensitivity and url-encoded namespaces Thanks \u003ca href=\"https://github.com/juxtin\"\u003e\u003ccode\u003e@​juxtin\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCompare normalized purls to account for encoding quirks by \u003ca href=\"https://github.com/juxtin\"\u003e\u003ccode\u003e@​juxtin\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1056\"\u003eactions/dependency-review-action#1056\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake purl comparisons case insensitive by \u003ca href=\"https://github.com/juxtin\"\u003e\u003ccode\u003e@​juxtin\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1057\"\u003eactions/dependency-review-action#1057\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFeat: Add \u003ccode\u003ePatched Version\u003c/code\u003e to \u003ccode\u003eVulnerabilities\u003c/code\u003e summary by \u003ca href=\"https://github.com/felickz\"\u003e\u003ccode\u003e@​felickz\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1045\"\u003eactions/dependency-review-action#1045\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: only get scorecard levels if user wants to see the OpenSSF scorecard by \u003ca href=\"https://github.com/jantiebot\"\u003e\u003ccode\u003e@​jantiebot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1060\"\u003eactions/dependency-review-action#1060\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump actions/stale from 10.1.0 to 10.2.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1058\"\u003eactions/dependency-review-action#1058\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump actions/checkout from 4 to 6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1021\"\u003eactions/dependency-review-action#1021\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdates for release 4.9.0 by \u003ca href=\"https://github.com/ahpook\"\u003e\u003ccode\u003e@​ahpook\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1064\"\u003eactions/dependency-review-action#1064\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jantiebot\"\u003e\u003ccode\u003e@​jantiebot\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1060\"\u003eactions/dependency-review-action#1060\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/dependency-review-action/compare/v4.8.3...v4.9.0\"\u003ehttps://github.com/actions/dependency-review-action/compare/v4.8.3...v4.9.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.8.3\u003c/h2\u003e\n\u003ch2\u003eDependency Review Action v4.8.3\u003c/h2\u003e\n\u003cp\u003eThis is a bugfix release that updates a number of upstream dependencies and includes a fix for the earlier feature that detected oversized summaries and upload them as artifacts, which could occasionally crash the action.\u003c/p\u003e\n\u003cp\u003eWe have also updated the release process to use a long-lived \u003ccode\u003ev4\u003c/code\u003e \u003cstrong\u003ebranch\u003c/strong\u003e for the action, instead of a force-pushed tag, which aligns better with git branching strategies; the change should be transparent to end users.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eGitHub Actions can't push to our protected main by \u003ca href=\"https://github.com/dangoor\"\u003e\u003ccode\u003e@​dangoor\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1017\"\u003eactions/dependency-review-action#1017\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump actions/stale from 9.1.0 to 10.1.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/995\"\u003eactions/dependency-review-action#995\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/a1d282b36b6f3519aa1f3fc636f609c47dddb294\"\u003e\u003ccode\u003ea1d282b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/issues/1098\"\u003e#1098\u003c/a\u003e from actions/ahpook/v5-release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/eb6c199c5a85c7387f1f0b02b3ba5c6364740695\"\u003e\u003ccode\u003eeb6c199\u003c/code\u003e\u003c/a\u003e update examples to show \u003ca href=\"https://github.com/v5\"\u003e\u003ccode\u003e@​v5\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/3943c2c5beaaaf1806eb3758273c203dabcbf89c\"\u003e\u003ccode\u003e3943c2c\u003c/code\u003e\u003c/a\u003e v5.0.0 release branch\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/454943c880b147adbfe7de0cdd3ece1c00882033\"\u003e\u003ccode\u003e454943c\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/issues/1094\"\u003e#1094\u003c/a\u003e from actions/ashelytc/security-findings\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/6d92a1228e9e9db334f02c09f84fe9217d2b4463\"\u003e\u003ccode\u003e6d92a12\u003c/code\u003e\u003c/a\u003e revert \u003ccode\u003e@​typescript-eslint/parser\u003c/code\u003e update\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/a8e5a7e93695b41abf6d1083cd220bee39a720f0\"\u003e\u003ccode\u003ea8e5a7e\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/issues/1076\"\u003e#1076\u003c/a\u003e from tspascoal/fix-version-matching-for-non-string-s...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/b6b7079031ef4ed61656c221988f1f3bcbf35101\"\u003e\u003ccode\u003eb6b7079\u003c/code\u003e\u003c/a\u003e update \u003ccode\u003e@​typescript-eslint/parser\u003c/code\u003e to 8.40.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/821a21dd691f162c4c5c2e9754a344accde9a208\"\u003e\u003ccode\u003e821a21d\u003c/code\u003e\u003c/a\u003e update more dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/05aaaae45cf4c420de012addf2a72e3435ddaa63\"\u003e\u003ccode\u003e05aaaae\u003c/code\u003e\u003c/a\u003e run npm audit fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/55d3e754501fc13c84b95637ce51f135012d41ea\"\u003e\u003ccode\u003e55d3e75\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/issues/1077\"\u003e#1077\u003c/a\u003e from Marukome0743/docs/checkout\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/actions/dependency-review-action/compare/4081bf99e2866ebe428fc0477b69eb4fcda7220a...a1d282b36b6f3519aa1f3fc636f609c47dddb294\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `actions/labeler` from 5.0.0 to 6.1.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/labeler/releases\"\u003eactions/labeler's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.1.0\u003c/h2\u003e\n\u003ch2\u003eEnhancements\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd changed-files-labels-limit and max-files-changed configuration options to cap the number of labels added by \u003ca href=\"https://github.com/bluca\"\u003e\u003ccode\u003e@​bluca\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/labeler/pull/923\"\u003eactions/labeler#923\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eBug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eImprove Labeler Action documentation and permission error handling by \u003ca href=\"https://github.com/chiranjib-swain\"\u003e\u003ccode\u003e@​chiranjib-swain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/labeler/pull/897\"\u003eactions/labeler#897\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePreserve manually added labels during workflow runs and refine label synchronization logic by \u003ca href=\"https://github.com/chiranjib-swain\"\u003e\u003ccode\u003e@​chiranjib-swain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/labeler/pull/917\"\u003eactions/labeler#917\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDependency Updates\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade brace-expansion from 1.1.11 to 1.1.12 and document breaking changes in v6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/labeler/pull/877\"\u003eactions/labeler#877\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade minimatch from 10.0.1 to 10.2.3 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/labeler/pull/926\"\u003eactions/labeler#926\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade dependencies (\u003ccode\u003e@​actions/core\u003c/code\u003e, \u003ccode\u003e@​actions/github\u003c/code\u003e, js-yaml, minimatch, \u003ca href=\"https://github.com/typescript-eslint\"\u003e\u003ccode\u003e@​typescript-eslint\u003c/code\u003e\u003c/a\u003e) by \u003ca href=\"https://github.com/Copilot\"\u003e\u003ccode\u003e@​Copilot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/labeler/pull/934\"\u003eactions/labeler#934\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/chiranjib-swain\"\u003e\u003ccode\u003e@​chiranjib-swain\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/labeler/pull/897\"\u003eactions/labeler#897\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bluca\"\u003e\u003ccode\u003e@​bluca\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/labeler/pull/923\"\u003eactions/labeler#923\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Copilot\"\u003e\u003ccode\u003e@​Copilot\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/labeler/pull/934\"\u003eactions/labeler#934\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/labeler/compare/v6...v6.1.0\"\u003ehttps://github.com/actions/labeler/compare/v6...v6.1.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.0.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade publish-action from 0.2.2 to 0.4.0 by \u003ca href=\"https://github.com/aparnajyothi-y\"\u003e\u003ccode\u003e@​aparnajyothi-y\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/labeler/pull/901\"\u003eactions/labeler#901\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aparnajyothi-y\"\u003e\u003ccode\u003e@​aparnajyothi-y\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/labeler/pull/901\"\u003eactions/labeler#901\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/labeler/compare/v6.0.0...v6.0.1\"\u003ehttps://github.com/actions/labeler/compare/v6.0.0...v6.0.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.0.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd workflow file for publishing releases to immutable action package by \u003ca href=\"https://github.com/jcambass\"\u003e\u003ccode\u003e@​jcambass\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/labeler/pull/802\"\u003eactions/labeler#802\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade Node.js version to 24 in action and dependencies \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/labeler/pull/891\"\u003eactions/labeler#891\u003c/a\u003e\nMake sure your runner is on version v2.327.1 or later to ensure compatibility with this release. \u003ca href=\"https://github.com/actions/runner/releases/tag/v2.327.1\"\u003eRelease Notes\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDependency Upgrades\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade eslint-config-prettier from 9.0.0 to 9.1.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/labeler/pull/711\"\u003eactions/labeler#711\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade eslint from 8.52.0 to 8.55.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/labeler/pull/720\"\u003eactions/labeler#720\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade \u003ccode\u003e@​types/jest\u003c/code\u003e from 29.5.6 to 29.5.11 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/labeler/pull/719\"\u003eactions/labeler#719\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade \u003ccode\u003e@​types/js-yaml\u003c/code\u003e from 4.0.8 to 4.0.9 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/labeler/pull/718\"\u003eactions/labeler#718\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade \u003ccode\u003e@​typescript-eslint/parser\u003c/code\u003e from 6.9.0 to 6.14.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/labeler/pull/717\"\u003eactions/labeler#717\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade prettier from 3.0.3 to 3.1.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/labeler/pull/726\"\u003eactions/labeler#726\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade eslint from 8.55.0 to 8.56.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/labeler/pull/725\"\u003eactions/labeler#725\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade \u003ccode\u003e@​typescript-eslint/parser\u003c/code\u003e from 6.14.0 to 6.19.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/labeler/pull/745\"\u003eactions/labeler#745\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade eslint-plugin-jest from 27.4.3 to 27.6.3 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/labeler/pull/744\"\u003eactions/labeler#744\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade \u003ccode\u003e@​typescript-eslint/eslint-plugin\u003c/code\u003e from 6.9.0 to 6.20.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/labeler/pull/750\"\u003eactions/labeler#750\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade prettier from 3.1.1 to 3.2.5 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/labeler/pull/752\"\u003eactions/labeler#752\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade undici from 5.26.5 to 5.28.3 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/labeler/pull/757\"\u003eactions/labeler#757\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/labeler/commit/f27b608878404679385c85cfa523b85ccb86e213\"\u003e\u003ccode\u003ef27b608\u003c/code\u003e\u003c/a\u003e chore: upgrade dependencies (\u003ccode\u003e@​actions/core\u003c/code\u003e, \u003ccode\u003e@​actions/github\u003c/code\u003e, js-yaml, minimat...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/labeler/commit/c5dadc2a45784a4b6adfcd20fea3465da3a5f904\"\u003e\u003ccode\u003ec5dadc2\u003c/code\u003e\u003c/a\u003e Add 'changed-files-labels-limit' and 'max-files-changed' configs to allow cap...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/labeler/commit/e52e4fb63ed5cd0e07abaad9826b2a893ccb921f\"\u003e\u003ccode\u003ee52e4fb\u003c/code\u003e\u003c/a\u003e Bump minimatch from 10.0.1 to 10.2.3 (\u003ca href=\"https://redirect.github.com/actions/labeler/issues/926\"\u003e#926\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/labeler/commit/77a4082b841706ac431479b7e2bb11216ffef250\"\u003e\u003ccode\u003e77a4082\u003c/code\u003e\u003c/a\u003e Fix: Preserve manually added labels during workflow run and refine label sync...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/labeler/commit/25abb3cad4f14b7ac27968a495c37798860a5a1a\"\u003e\u003ccode\u003e25abb3c\u003c/code\u003e\u003c/a\u003e Improve Labeler Action Documentation and Error Handling for Permissions (\u003ca href=\"https://redirect.github.com/actions/labeler/issues/897\"\u003e#897\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/labeler/commit/395c8cfdb1e1e691cc4bad0dd315820af8eb67fd\"\u003e\u003ccode\u003e395c8cf\u003c/code\u003e\u003c/a\u003e Bump brace-expansion from 1.1.11 to 1.1.12 and document breaking changes in v...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/labeler/commit/634933edcd8ababfe52f92936142cc22ac488b1b\"\u003e\u003ccode\u003e634933e\u003c/code\u003e\u003c/a\u003e publish-action upgrade to 0.4.0 from 0.2.2 (\u003ca href=\"https://redirect.github.com/actions/labeler/issues/901\"\u003e#901\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/labeler/commit/f1a63e87db0c6baf19c5713083f8d00d789ca184\"\u003e\u003ccode\u003ef1a63e8\u003c/code\u003e\u003c/a\u003e Update Node.js version to 24 in action and dependencies (\u003ca href=\"https://redirect.github.com/actions/labeler/issues/891\"\u003e#891\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/labeler/commit/b0a1180683c9f17424de4d71c044bea4c7b9bc7c\"\u003e\u003ccode\u003eb0a1180\u003c/code\u003e\u003c/a\u003e Bump \u003ccode\u003e@​octokit/request-error\u003c/code\u003e from...\n\n_Description has been truncated_","html_url":"https://github.com/arananet/foveal-forge/pull/2","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/arananet%2Ffoveal-forge/issues/2","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/2/packages"},{"uuid":"4418386673","node_id":"PR_kwDOQFVQU87aH2mJ","number":180,"state":"open","title":"chore: bump the actions group across 1 directory with 2 updates","user":"dependabot[bot]","labels":["dependencies","github_actions"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-11T05:52:55.000Z","updated_at":"2026-05-11T06:47:08.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore: bump","group_name":"actions","update_count":2,"packages":[{"name":"DavidAnson/markdownlint-cli2-action","old_version":"23.0.0","new_version":"23.1.0","repository_url":"https://github.com/davidanson/markdownlint-cli2-action"},{"name":"crate-ci/typos","old_version":"1.45.2","new_version":"1.46.0","repository_url":"https://github.com/crate-ci/typos"}],"path":null,"ecosystem":"actions"},"body":"Bumps the actions group with 2 updates in the / directory: [DavidAnson/markdownlint-cli2-action](https://github.com/davidanson/markdownlint-cli2-action) and [crate-ci/typos](https://github.com/crate-ci/typos).\n\nUpdates `DavidAnson/markdownlint-cli2-action` from 23.0.0 to 23.1.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/6b51ade7a9e4a75a7ad929842dd298a3804ebe8b\"\u003e\u003ccode\u003e6b51ade\u003c/code\u003e\u003c/a\u003e Update to version 23.1.0.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/ea6e0dad81a67897db7632a0a41b3a0e7cc03ca3\"\u003e\u003ccode\u003eea6e0da\u003c/code\u003e\u003c/a\u003e Freshen generated index.js file.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/3c4c2c842cd43c2afe7cb5f2ecfe9e1623fa8d14\"\u003e\u003ccode\u003e3c4c2c8\u003c/code\u003e\u003c/a\u003e Bump markdownlint-cli2 from 0.22.0 to 0.22.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/3a933d45e20b54b80131d0335d61186e63e552bd\"\u003e\u003ccode\u003e3a933d4\u003c/code\u003e\u003c/a\u003e Bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/648042e2afed596b673a8b3f8fc8fbfb48b41f43\"\u003e\u003ccode\u003e648042e\u003c/code\u003e\u003c/a\u003e Freshen generated index.js file.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/d1cf9823136435fde87731435bcd66fefea442e7\"\u003e\u003ccode\u003ed1cf982\u003c/code\u003e\u003c/a\u003e Bump eslint from 10.2.0 to 10.2.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/4db3dfc2cb719a5a152cb38efef6e2e50db98973\"\u003e\u003ccode\u003e4db3dfc\u003c/code\u003e\u003c/a\u003e Bump eslint from 10.1.0 to 10.2.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/70dbff992f5cf6124a6fc5bb4b56aef6f8daa232\"\u003e\u003ccode\u003e70dbff9\u003c/code\u003e\u003c/a\u003e Bump eslint-plugin-unicorn from 63.0.0 to 64.0.0\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/davidanson/markdownlint-cli2-action/compare/ce4853d43830c74c1753b39f3cf40f71c2031eb9...6b51ade7a9e4a75a7ad929842dd298a3804ebe8b\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `crate-ci/typos` from 1.45.2 to 1.46.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/crate-ci/typos/releases\"\u003ecrate-ci/typos's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.46.0\u003c/h2\u003e\n\u003ch2\u003e[1.46.0] - 2026-04-30\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated the dictionary with the \u003ca href=\"https://redirect.github.com/crate-ci/typos/issues/1531\"\u003eApril 2026\u003c/a\u003e changes\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/crate-ci/typos/blob/master/CHANGELOG.md\"\u003ecrate-ci/typos's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChange Log\u003c/h1\u003e\n\u003cp\u003eAll notable changes to this project will be documented in this file.\u003c/p\u003e\n\u003cp\u003eThe format is based on \u003ca href=\"https://keepachangelog.com/\"\u003eKeep a Changelog\u003c/a\u003e\nand this project adheres to \u003ca href=\"https://semver.org/\"\u003eSemantic Versioning\u003c/a\u003e.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003e[Unreleased] - ReleaseDate\u003c/h2\u003e\n\u003ch2\u003e[1.46.1] - 2026-05-08\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDon't correct to \u003ccode\u003econfidentials\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[1.46.0] - 2026-04-30\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated the dictionary with the \u003ca href=\"https://redirect.github.com/crate-ci/typos/issues/1531\"\u003eApril 2026\u003c/a\u003e changes\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[1.45.2] - 2026-04-27\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eIgnore ssh ed25519 public keys\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[1.45.1] - 2026-04-13\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cem\u003e(action)\u003c/em\u003e Use a temp dir for caching\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[1.45.0] - 2026-04-01\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated the dictionary with the \u003ca href=\"https://redirect.github.com/crate-ci/typos/issues/1509\"\u003eMarch 2026\u003c/a\u003e changes\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[1.44.0] - 2026-02-27\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated the dictionary with the \u003ca href=\"https://redirect.github.com/crate-ci/typos/issues/1488\"\u003eFebruary 2026\u003c/a\u003e changes\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[1.43.5] - 2026-02-16\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cem\u003e(pypi)\u003c/em\u003e Hopefully fix the sdist build\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/crate-ci/typos/commit/bbaefadf97b0ec5fdc942684b647f1a6ab250274\"\u003e\u003ccode\u003ebbaefad\u003c/code\u003e\u003c/a\u003e chore: Release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/crate-ci/typos/commit/c19f54c37f6d3dc392c3424e1fd2b932d6bdac33\"\u003e\u003ccode\u003ec19f54c\u003c/code\u003e\u003c/a\u003e chore: Release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/crate-ci/typos/commit/d65608bb75a732976ed0132999033d5ffcbf481b\"\u003e\u003ccode\u003ed65608b\u003c/code\u003e\u003c/a\u003e docs: Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/crate-ci/typos/commit/c6f8f5e852706f7e07d37f6671ef423f8b54cda9\"\u003e\u003ccode\u003ec6f8f5e\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/crate-ci/typos/issues/1546\"\u003e#1546\u003c/a\u003e from epage/april\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/crate-ci/typos/commit/da5e97ecb29a853e1a1bb7ad4640b2871803cbb9\"\u003e\u003ccode\u003eda5e97e\u003c/code\u003e\u003c/a\u003e feat(dict): April updates\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/crate-ci/typos/compare/7c572958218557a3272c2d6719629443b5cc26fd...bbaefadf97b0ec5fdc942684b647f1a6ab250274\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n","html_url":"https://github.com/vbvictor/acp/pull/180","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/vbvictor%2Facp/issues/180","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/180/packages"},{"uuid":"4418132387","node_id":"PR_kwDOQozsCM7aHDYW","number":9,"state":"closed","title":"build(deps): bump the all group across 1 directory with 4 updates","user":"dependabot[bot]","labels":["dependencies","github-actions"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-05-25T05:16:13.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-11T04:46:33.000Z","updated_at":"2026-05-25T05:16:15.000Z","time_to_close":1211380,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"build(deps): bump","group_name":"all","update_count":4,"packages":[{"name":"pnpm/action-setup","old_version":"6.0.2","new_version":"6.0.6","repository_url":"https://github.com/pnpm/action-setup"},{"name":"github/codeql-action","old_version":"4.35.2","new_version":"4.35.4","repository_url":"https://github.com/github/codeql-action"},{"name":"actions/dependency-review-action","old_version":"4.9.0","new_version":"5.0.0","repository_url":"https://github.com/actions/dependency-review-action"},{"name":"DavidAnson/markdownlint-cli2-action","old_version":"23.0.0","new_version":"23.2.0","repository_url":"https://github.com/davidanson/markdownlint-cli2-action"}],"path":null,"ecosystem":"actions"},"body":"Bumps the all group with 4 updates in the / directory: [pnpm/action-setup](https://github.com/pnpm/action-setup), [github/codeql-action](https://github.com/github/codeql-action), [actions/dependency-review-action](https://github.com/actions/dependency-review-action) and [DavidAnson/markdownlint-cli2-action](https://github.com/davidanson/markdownlint-cli2-action).\n\nUpdates `pnpm/action-setup` from 6.0.2 to 6.0.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pnpm/action-setup/releases\"\u003epnpm/action-setup's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.0.6\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: bin_dest output points to self-updated pnpm, not bootstrap by \u003ca href=\"https://github.com/zkochan\"\u003e\u003ccode\u003e@​zkochan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pnpm/action-setup/pull/249\"\u003epnpm/action-setup#249\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pnpm/action-setup/compare/v6.0.5...v6.0.6\"\u003ehttps://github.com/pnpm/action-setup/compare/v6.0.5...v6.0.6\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.0.5\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: append (not prepend) action node dir to PATH for npm bootstrap by \u003ca href=\"https://github.com/zkochan\"\u003e\u003ccode\u003e@​zkochan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pnpm/action-setup/pull/241\"\u003epnpm/action-setup#241\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pnpm/action-setup/compare/v6.0.4...v6.0.5\"\u003ehttps://github.com/pnpm/action-setup/compare/v6.0.4...v6.0.5\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.0.4\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: use npm co-located with the action node binary by \u003ca href=\"https://github.com/benquarmby\"\u003e\u003ccode\u003e@​benquarmby\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pnpm/action-setup/pull/239\"\u003epnpm/action-setup#239\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/benquarmby\"\u003e\u003ccode\u003e@​benquarmby\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/pnpm/action-setup/pull/239\"\u003epnpm/action-setup#239\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pnpm/action-setup/compare/v6.0.3...v6.0.4\"\u003ehttps://github.com/pnpm/action-setup/compare/v6.0.3...v6.0.4\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.0.3\u003c/h2\u003e\n\u003cp\u003eUpdated pnpm to v11.0.0-rc.5\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pnpm/action-setup/compare/v6.0.2...v6.0.3\"\u003ehttps://github.com/pnpm/action-setup/compare/v6.0.2...v6.0.3\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pnpm/action-setup/commit/91ab88e2619ed1f46221f0ba42d1492c02baf788\"\u003e\u003ccode\u003e91ab88e\u003c/code\u003e\u003c/a\u003e fix: bin_dest output points to self-updated pnpm, not bootstrap (\u003ca href=\"https://redirect.github.com/pnpm/action-setup/issues/249\"\u003e#249\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pnpm/action-setup/commit/e578e19d19d31b011b841ba2aca34731a5f706a5\"\u003e\u003ccode\u003ee578e19\u003c/code\u003e\u003c/a\u003e fix: update pnpm to 11.0.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pnpm/action-setup/commit/8912a9102ac27614460f54aedde9e1e7f9aec20d\"\u003e\u003ccode\u003e8912a91\u003c/code\u003e\u003c/a\u003e fix: append (not prepend) action node dir to PATH for npm bootstrap (\u003ca href=\"https://redirect.github.com/pnpm/action-setup/issues/241\"\u003e#241\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pnpm/action-setup/commit/26f6d4f2c533a43e6b5da0b4a5dd983f98f7b49a\"\u003e\u003ccode\u003e26f6d4f\u003c/code\u003e\u003c/a\u003e fix: use npm co-located with the action node binary (\u003ca href=\"https://redirect.github.com/pnpm/action-setup/issues/239\"\u003e#239\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pnpm/action-setup/commit/903f9c1a6ebcba6cf41d87230be49611ac97822e\"\u003e\u003ccode\u003e903f9c1\u003c/code\u003e\u003c/a\u003e fix: update pnpm to 11.0.0-rc.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pnpm/action-setup/commit/bdf0af2a9d539c0fd91f655344d2934bfd5a2cdd\"\u003e\u003ccode\u003ebdf0af2\u003c/code\u003e\u003c/a\u003e test: add strict version-match jobs to reproduce \u003ca href=\"https://redirect.github.com/pnpm/action-setup/issues/225\"\u003e#225\u003c/a\u003e / \u003ca href=\"https://redirect.github.com/pnpm/action-setup/issues/227\"\u003e#227\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/pnpm/action-setup/compare/71c92474e7e4f5bca283fb17ef80fba9cdb2b4b1...91ab88e2619ed1f46221f0ba42d1492c02baf788\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github/codeql-action` from 4.35.2 to 4.35.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/github/codeql-action/releases\"\u003egithub/codeql-action's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.35.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.4\"\u003e2.25.4\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3881\"\u003e#3881\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.35.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cem\u003eUpcoming breaking change\u003c/em\u003e: Add a deprecation warning for customers using CodeQL version 2.19.3 and earlier. These versions of CodeQL were discontinued on 9 April 2026 alongside GitHub Enterprise Server 3.15, and will be unsupported by the next minor release of the CodeQL Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3837\"\u003e#3837\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eConfigurations for private registries that use Cloudsmith or GCP OIDC are now accepted. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3850\"\u003e#3850\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBest-effort connection tests for private registries now use \u003ccode\u003eGET\u003c/code\u003e requests instead of \u003ccode\u003eHEAD\u003c/code\u003e for better compatibility with various registry implementations. For NuGet feeds, the test is now always performed against the service index. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3853\"\u003e#3853\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed a bug where two diagnostics produced within the same millisecond could overwrite each other on disk, causing one of them to be lost. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3852\"\u003e#3852\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.3\"\u003e2.25.3\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3865\"\u003e#3865\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/github/codeql-action/blob/main/CHANGELOG.md\"\u003egithub/codeql-action's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eCodeQL Action Changelog\u003c/h1\u003e\n\u003cp\u003eSee the \u003ca href=\"https://github.com/github/codeql-action/releases\"\u003ereleases page\u003c/a\u003e for the relevant changes to the CodeQL CLI and language packs.\u003c/p\u003e\n\u003ch2\u003e[UNRELEASED]\u003c/h2\u003e\n\u003cp\u003eNo user facing changes.\u003c/p\u003e\n\u003ch2\u003e4.35.4 - 07 May 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.4\"\u003e2.25.4\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3881\"\u003e#3881\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.3 - 01 May 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cem\u003eUpcoming breaking change\u003c/em\u003e: Add a deprecation warning for customers using CodeQL version 2.19.3 and earlier. These versions of CodeQL were discontinued on 9 April 2026 alongside GitHub Enterprise Server 3.15, and will be unsupported by the next minor release of the CodeQL Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3837\"\u003e#3837\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eConfigurations for private registries that use Cloudsmith or GCP OIDC are now accepted. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3850\"\u003e#3850\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBest-effort connection tests for private registries now use \u003ccode\u003eGET\u003c/code\u003e requests instead of \u003ccode\u003eHEAD\u003c/code\u003e for better compatibility with various registry implementations. For NuGet feeds, the test is now always performed against the service index. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3853\"\u003e#3853\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed a bug where two diagnostics produced within the same millisecond could overwrite each other on disk, causing one of them to be lost. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3852\"\u003e#3852\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.3\"\u003e2.25.3\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3865\"\u003e#3865\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.2 - 15 Apr 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eThe undocumented TRAP cache cleanup feature that could be enabled using the \u003ccode\u003eCODEQL_ACTION_CLEANUP_TRAP_CACHES\u003c/code\u003e environment variable is deprecated and will be removed in May 2026. If you are affected by this, we recommend disabling TRAP caching by passing the \u003ccode\u003etrap-caching: false\u003c/code\u003e input to the \u003ccode\u003einit\u003c/code\u003e Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3795\"\u003e#3795\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe Git version 2.36.0 requirement for improved incremental analysis now only applies to repositories that contain submodules. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3789\"\u003e#3789\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePython analysis on GHES no longer extracts the standard library, relying instead on models of the standard library. This should result in significantly faster extraction and analysis times, while the effect on alerts should be minimal. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3794\"\u003e#3794\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed a bug in the validation of OIDC configurations for private registries that was added in CodeQL Action 4.33.0 / 3.33.0. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3807\"\u003e#3807\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.2\"\u003e2.25.2\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3823\"\u003e#3823\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.1 - 27 Mar 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix incorrect minimum required Git version for \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e: it should have been 2.36.0, not 2.11.0. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3781\"\u003e#3781\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.0 - 27 Mar 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReduced the minimum Git version required for \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e from 2.38.0 to 2.11.0. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3767\"\u003e#3767\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.1\"\u003e2.25.1\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3773\"\u003e#3773\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.34.1 - 20 Mar 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDowngrade default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.3\"\u003e2.24.3\u003c/a\u003e due to issues with a small percentage of Actions and JavaScript analyses. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3762\"\u003e#3762\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.34.0 - 20 Mar 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded an experimental change which disables TRAP caching when \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e is enabled, since improved incremental analysis supersedes TRAP caching. This will improve performance and reduce Actions cache usage. We expect to roll this change out to everyone in March. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3569\"\u003e#3569\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eWe are rolling out improved incremental analysis to C/C++ analyses that use build mode \u003ccode\u003enone\u003c/code\u003e. We expect this rollout to be complete by the end of April 2026. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3584\"\u003e#3584\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.0\"\u003e2.25.0\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3585\"\u003e#3585\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.33.0 - 16 Mar 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpcoming change: Starting April 2026, the CodeQL Action will skip collecting file coverage information on pull requests to improve analysis performance. File coverage information will still be computed on non-PR analyses. Pull request analyses will log a warning about this upcoming change. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3562\"\u003e#3562\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/68bde559dea0fdcac2102bfdf6230c5f70eb485e\"\u003e\u003ccode\u003e68bde55\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3885\"\u003e#3885\u003c/a\u003e from github/update-v4.35.4-803d9e8c3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/9739ad2d182c072da0d01a6887f7f39620f71b1e\"\u003e\u003ccode\u003e9739ad2\u003c/code\u003e\u003c/a\u003e Update changelog for v4.35.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/803d9e8c3ca8b0dd2029a1da3b541a18b6bfb076\"\u003e\u003ccode\u003e803d9e8\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3883\"\u003e#3883\u003c/a\u003e from github/mbg/test/macro-wrapper\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/0fd9c7d1358a7404e46ed8165f12262f56bd1434\"\u003e\u003ccode\u003e0fd9c7d\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3882\"\u003e#3882\u003c/a\u003e from github/dependabot/github_actions/dot-github/wor...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/922d6fb888d665134eb982b150b8912dbd48e21a\"\u003e\u003ccode\u003e922d6fb\u003c/code\u003e\u003c/a\u003e Use \u003ccode\u003emakeMacro\u003c/code\u003e instead of \u003ccode\u003etest.macro\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/df77e87896689b5c736433984c5df14d86c63d56\"\u003e\u003ccode\u003edf77e87\u003c/code\u003e\u003c/a\u003e Update test macro snippet\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/6e3f985e4fc409a188c7701b68c4dec158c9ced3\"\u003e\u003ccode\u003e6e3f985\u003c/code\u003e\u003c/a\u003e Add wrapper for \u003ccode\u003etest.macro\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/e7a347dfb1bfb7a858347623fcb4f650effca6b5\"\u003e\u003ccode\u003ee7a347d\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3881\"\u003e#3881\u003c/a\u003e from github/update-bundle/codeql-bundle-v2.25.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/17eabb2500031486a71e00ecbcb72c73804a6c9f\"\u003e\u003ccode\u003e17eabb2\u003c/code\u003e\u003c/a\u003e Rebuild\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/aaef09c48db2dd7f0100363de1785963a34cd706\"\u003e\u003ccode\u003eaaef09c\u003c/code\u003e\u003c/a\u003e Bump ruby/setup-ruby\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/github/codeql-action/compare/95e58e9a2cdfd71adc6e0353d5c52f41a045d225...68bde559dea0fdcac2102bfdf6230c5f70eb485e\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `actions/dependency-review-action` from 4.9.0 to 5.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/dependency-review-action/releases\"\u003eactions/dependency-review-action's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.0.0\u003c/h2\u003e\n\u003cp\u003eThis is a new major version of the Dependency Review Action which updates the runtime to node24. This requires a minimum Actions Runner version \u003ca href=\"https://github.com/actions/runner/releases/tag/v2.327.1\"\u003ev2.327.1\u003c/a\u003e to run.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd .github/copilot-instructions.md for Copilot coding agent by \u003ca href=\"https://github.com/ahpook\"\u003e\u003ccode\u003e@​ahpook\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1067\"\u003eactions/dependency-review-action#1067\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate Node.js runtime from 20 to 24 by \u003ca href=\"https://github.com/scottschreckengaust\"\u003e\u003ccode\u003e@​scottschreckengaust\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1084\"\u003eactions/dependency-review-action#1084\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump spdx-license-ids from 3.0.20 to 3.0.23 by \u003ca href=\"https://github.com/mongolyy\"\u003e\u003ccode\u003e@​mongolyy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1091\"\u003eactions/dependency-review-action#1091\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: bump actions/checkout from v4 to v6 in workflow examples by \u003ca href=\"https://github.com/Marukome0743\"\u003e\u003ccode\u003e@​Marukome0743\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1077\"\u003eactions/dependency-review-action#1077\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: patched version display for advisories with non-strict semver ranges (e.g. Maven beta versions) by \u003ca href=\"https://github.com/tspascoal\"\u003e\u003ccode\u003e@​tspascoal\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1076\"\u003eactions/dependency-review-action#1076\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eResolve security findings by \u003ca href=\"https://github.com/AshelyTC\"\u003e\u003ccode\u003e@​AshelyTC\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1094\"\u003eactions/dependency-review-action#1094\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ev5.0.0 release branch by \u003ca href=\"https://github.com/ahpook\"\u003e\u003ccode\u003e@​ahpook\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1098\"\u003eactions/dependency-review-action#1098\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/scottschreckengaust\"\u003e\u003ccode\u003e@​scottschreckengaust\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1084\"\u003eactions/dependency-review-action#1084\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mongolyy\"\u003e\u003ccode\u003e@​mongolyy\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1091\"\u003eactions/dependency-review-action#1091\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Marukome0743\"\u003e\u003ccode\u003e@​Marukome0743\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1077\"\u003eactions/dependency-review-action#1077\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/dependency-review-action/compare/v4.9.0...v5.0.0\"\u003ehttps://github.com/actions/dependency-review-action/compare/v4.9.0...v5.0.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/a1d282b36b6f3519aa1f3fc636f609c47dddb294\"\u003e\u003ccode\u003ea1d282b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/issues/1098\"\u003e#1098\u003c/a\u003e from actions/ahpook/v5-release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/eb6c199c5a85c7387f1f0b02b3ba5c6364740695\"\u003e\u003ccode\u003eeb6c199\u003c/code\u003e\u003c/a\u003e update examples to show \u003ca href=\"https://github.com/v5\"\u003e\u003ccode\u003e@​v5\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/3943c2c5beaaaf1806eb3758273c203dabcbf89c\"\u003e\u003ccode\u003e3943c2c\u003c/code\u003e\u003c/a\u003e v5.0.0 release branch\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/454943c880b147adbfe7de0cdd3ece1c00882033\"\u003e\u003ccode\u003e454943c\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/issues/1094\"\u003e#1094\u003c/a\u003e from actions/ashelytc/security-findings\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/6d92a1228e9e9db334f02c09f84fe9217d2b4463\"\u003e\u003ccode\u003e6d92a12\u003c/code\u003e\u003c/a\u003e revert \u003ccode\u003e@​typescript-eslint/parser\u003c/code\u003e update\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/a8e5a7e93695b41abf6d1083cd220bee39a720f0\"\u003e\u003ccode\u003ea8e5a7e\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/issues/1076\"\u003e#1076\u003c/a\u003e from tspascoal/fix-version-matching-for-non-string-s...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/b6b7079031ef4ed61656c221988f1f3bcbf35101\"\u003e\u003ccode\u003eb6b7079\u003c/code\u003e\u003c/a\u003e update \u003ccode\u003e@​typescript-eslint/parser\u003c/code\u003e to 8.40.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/821a21dd691f162c4c5c2e9754a344accde9a208\"\u003e\u003ccode\u003e821a21d\u003c/code\u003e\u003c/a\u003e update more dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/05aaaae45cf4c420de012addf2a72e3435ddaa63\"\u003e\u003ccode\u003e05aaaae\u003c/code\u003e\u003c/a\u003e run npm audit fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/55d3e754501fc13c84b95637ce51f135012d41ea\"\u003e\u003ccode\u003e55d3e75\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/issues/1077\"\u003e#1077\u003c/a\u003e from Marukome0743/docs/checkout\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/actions/dependency-review-action/compare/2031cfc080254a8a887f58cffee85186f0e49e48...a1d282b36b6f3519aa1f3fc636f609c47dddb294\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `DavidAnson/markdownlint-cli2-action` from 23.0.0 to 23.2.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/ded1f9488f68a970bc66ea5619e13e9b52e601cd\"\u003e\u003ccode\u003eded1f94\u003c/code\u003e\u003c/a\u003e Update to version 23.2.0.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/dc5dad9f8ba073d9c126e0d851df92a6d37edf73\"\u003e\u003ccode\u003edc5dad9\u003c/code\u003e\u003c/a\u003e Add 10-day cooldown period to Dependabot updates.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/64b1c6ae183a8eb20a1aa3953e30a9dd4d432402\"\u003e\u003ccode\u003e64b1c6a\u003c/code\u003e\u003c/a\u003e Add package-lock.json for reproducible builds (fixes \u003ca href=\"https://redirect.github.com/davidanson/markdownlint-cli2-action/issues/362\"\u003e#362\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/6c62e06b9a7e92ae00b281d5c6794123911021af\"\u003e\u003ccode\u003e6c62e06\u003c/code\u003e\u003c/a\u003e Bump eslint-plugin-n from 17.24.0 to 18.0.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/9b5720cdbb216ebfd0f8ebfcd1b213c83ed1b206\"\u003e\u003ccode\u003e9b5720c\u003c/code\u003e\u003c/a\u003e Bump eslint from 10.2.1 to 10.3.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/6b51ade7a9e4a75a7ad929842dd298a3804ebe8b\"\u003e\u003ccode\u003e6b51ade\u003c/code\u003e\u003c/a\u003e Update to version 23.1.0.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/ea6e0dad81a67897db7632a0a41b3a0e7cc03ca3\"\u003e\u003ccode\u003eea6e0da\u003c/code\u003e\u003c/a\u003e Freshen generated index.js file.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/3c4c2c842cd43c2afe7cb5f2ecfe9e1623fa8d14\"\u003e\u003ccode\u003e3c4c2c8\u003c/code\u003e\u003c/a\u003e Bump markdownlint-cli2 from 0.22.0 to 0.22.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/3a933d45e20b54b80131d0335d61186e63e552bd\"\u003e\u003ccode\u003e3a933d4\u003c/code\u003e\u003c/a\u003e Bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/648042e2afed596b673a8b3f8fc8fbfb48b41f43\"\u003e\u003ccode\u003e648042e\u003c/code\u003e\u003c/a\u003e Freshen generated index.js file.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/davidanson/markdownlint-cli2-action/compare/ce4853d43830c74c1753b39f3cf40f71c2031eb9...ded1f9488f68a970bc66ea5619e13e9b52e601cd\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\n\n\n\u003c/details\u003e","html_url":"https://github.com/nyuchi/.github/pull/9","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/nyuchi%2F.github/issues/9","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/9/packages"},{"uuid":"4418085538","node_id":"PR_kwDOOEcEAM7aG558","number":612,"state":"closed","title":"build(deps): bump DavidAnson/markdownlint-cli2-action from 23.1.0 to 23.2.0","user":"dependabot[bot]","labels":["dependencies","github-actions"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":"2026-05-11T04:38:52.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-11T04:33:10.000Z","updated_at":"2026-05-11T04:38:53.000Z","time_to_close":342,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"build(deps)","packages":[{"name":"DavidAnson/markdownlint-cli2-action","old_version":"23.1.0","new_version":"23.2.0","repository_url":"https://github.com/davidanson/markdownlint-cli2-action"}],"path":null,"ecosystem":"actions"},"body":"Bumps [DavidAnson/markdownlint-cli2-action](https://github.com/davidanson/markdownlint-cli2-action) from 23.1.0 to 23.2.0.\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/ded1f9488f68a970bc66ea5619e13e9b52e601cd\"\u003e\u003ccode\u003eded1f94\u003c/code\u003e\u003c/a\u003e Update to version 23.2.0.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/dc5dad9f8ba073d9c126e0d851df92a6d37edf73\"\u003e\u003ccode\u003edc5dad9\u003c/code\u003e\u003c/a\u003e Add 10-day cooldown period to Dependabot updates.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/64b1c6ae183a8eb20a1aa3953e30a9dd4d432402\"\u003e\u003ccode\u003e64b1c6a\u003c/code\u003e\u003c/a\u003e Add package-lock.json for reproducible builds (fixes \u003ca href=\"https://redirect.github.com/davidanson/markdownlint-cli2-action/issues/362\"\u003e#362\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/6c62e06b9a7e92ae00b281d5c6794123911021af\"\u003e\u003ccode\u003e6c62e06\u003c/code\u003e\u003c/a\u003e Bump eslint-plugin-n from 17.24.0 to 18.0.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/9b5720cdbb216ebfd0f8ebfcd1b213c83ed1b206\"\u003e\u003ccode\u003e9b5720c\u003c/code\u003e\u003c/a\u003e Bump eslint from 10.2.1 to 10.3.0\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/davidanson/markdownlint-cli2-action/compare/6b51ade7a9e4a75a7ad929842dd298a3804ebe8b...ded1f9488f68a970bc66ea5619e13e9b52e601cd\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=DavidAnson/markdownlint-cli2-action\u0026package-manager=github_actions\u0026previous-version=23.1.0\u0026new-version=23.2.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/pamburus/termframe/pull/612","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/pamburus%2Ftermframe/issues/612","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/612/packages"},{"uuid":"4417461120","node_id":"PR_kwDOSHcGI87aE9dG","number":14,"state":"open","title":"ci(deps): bump DavidAnson/markdownlint-cli2-action from 23.0.0 to 23.1.0 in the actions group","user":"dependabot[bot]","labels":["dependencies","github_actions"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-11T01:27:17.000Z","updated_at":"2026-05-11T01:28:50.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"ci(deps)","packages":[{"name":"DavidAnson/markdownlint-cli2-action","old_version":"23.0.0","new_version":"23.1.0","repository_url":"https://github.com/davidanson/markdownlint-cli2-action"}],"path":"the actions group","ecosystem":"actions"},"body":"Bumps the actions group with 1 update: [DavidAnson/markdownlint-cli2-action](https://github.com/davidanson/markdownlint-cli2-action).\n\nUpdates `DavidAnson/markdownlint-cli2-action` from 23.0.0 to 23.1.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/6b51ade7a9e4a75a7ad929842dd298a3804ebe8b\"\u003e\u003ccode\u003e6b51ade\u003c/code\u003e\u003c/a\u003e Update to version 23.1.0.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/ea6e0dad81a67897db7632a0a41b3a0e7cc03ca3\"\u003e\u003ccode\u003eea6e0da\u003c/code\u003e\u003c/a\u003e Freshen generated index.js file.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/3c4c2c842cd43c2afe7cb5f2ecfe9e1623fa8d14\"\u003e\u003ccode\u003e3c4c2c8\u003c/code\u003e\u003c/a\u003e Bump markdownlint-cli2 from 0.22.0 to 0.22.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/3a933d45e20b54b80131d0335d61186e63e552bd\"\u003e\u003ccode\u003e3a933d4\u003c/code\u003e\u003c/a\u003e Bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/648042e2afed596b673a8b3f8fc8fbfb48b41f43\"\u003e\u003ccode\u003e648042e\u003c/code\u003e\u003c/a\u003e Freshen generated index.js file.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/d1cf9823136435fde87731435bcd66fefea442e7\"\u003e\u003ccode\u003ed1cf982\u003c/code\u003e\u003c/a\u003e Bump eslint from 10.2.0 to 10.2.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/4db3dfc2cb719a5a152cb38efef6e2e50db98973\"\u003e\u003ccode\u003e4db3dfc\u003c/code\u003e\u003c/a\u003e Bump eslint from 10.1.0 to 10.2.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/70dbff992f5cf6124a6fc5bb4b56aef6f8daa232\"\u003e\u003ccode\u003e70dbff9\u003c/code\u003e\u003c/a\u003e Bump eslint-plugin-unicorn from 63.0.0 to 64.0.0\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/davidanson/markdownlint-cli2-action/compare/ce4853d43830c74c1753b39f3cf40f71c2031eb9...6b51ade7a9e4a75a7ad929842dd298a3804ebe8b\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=DavidAnson/markdownlint-cli2-action\u0026package-manager=github_actions\u0026previous-version=23.0.0\u0026new-version=23.1.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\n\n\n\u003c/details\u003e","html_url":"https://github.com/sgerrand/ex_plain/pull/14","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/sgerrand%2Fex_plain/issues/14","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/14/packages"},{"uuid":"4417429599","node_id":"PR_kwDORYnWis7aE3Hj","number":23,"state":"open","title":"chore(ci): bump DavidAnson/markdownlint-cli2-action from 23.0.0 to 23.2.0","user":"dependabot[bot]","labels":[],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-11T01:17:53.000Z","updated_at":"2026-05-11T01:20:25.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(ci)","packages":[{"name":"DavidAnson/markdownlint-cli2-action","old_version":"23.0.0","new_version":"23.2.0","repository_url":"https://github.com/davidanson/markdownlint-cli2-action"}],"path":null,"ecosystem":"actions"},"body":"Bumps [DavidAnson/markdownlint-cli2-action](https://github.com/davidanson/markdownlint-cli2-action) from 23.0.0 to 23.2.0.\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/ded1f9488f68a970bc66ea5619e13e9b52e601cd\"\u003e\u003ccode\u003eded1f94\u003c/code\u003e\u003c/a\u003e Update to version 23.2.0.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/dc5dad9f8ba073d9c126e0d851df92a6d37edf73\"\u003e\u003ccode\u003edc5dad9\u003c/code\u003e\u003c/a\u003e Add 10-day cooldown period to Dependabot updates.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/64b1c6ae183a8eb20a1aa3953e30a9dd4d432402\"\u003e\u003ccode\u003e64b1c6a\u003c/code\u003e\u003c/a\u003e Add package-lock.json for reproducible builds (fixes \u003ca href=\"https://redirect.github.com/davidanson/markdownlint-cli2-action/issues/362\"\u003e#362\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/6c62e06b9a7e92ae00b281d5c6794123911021af\"\u003e\u003ccode\u003e6c62e06\u003c/code\u003e\u003c/a\u003e Bump eslint-plugin-n from 17.24.0 to 18.0.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/9b5720cdbb216ebfd0f8ebfcd1b213c83ed1b206\"\u003e\u003ccode\u003e9b5720c\u003c/code\u003e\u003c/a\u003e Bump eslint from 10.2.1 to 10.3.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/6b51ade7a9e4a75a7ad929842dd298a3804ebe8b\"\u003e\u003ccode\u003e6b51ade\u003c/code\u003e\u003c/a\u003e Update to version 23.1.0.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/ea6e0dad81a67897db7632a0a41b3a0e7cc03ca3\"\u003e\u003ccode\u003eea6e0da\u003c/code\u003e\u003c/a\u003e Freshen generated index.js file.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/3c4c2c842cd43c2afe7cb5f2ecfe9e1623fa8d14\"\u003e\u003ccode\u003e3c4c2c8\u003c/code\u003e\u003c/a\u003e Bump markdownlint-cli2 from 0.22.0 to 0.22.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/3a933d45e20b54b80131d0335d61186e63e552bd\"\u003e\u003ccode\u003e3a933d4\u003c/code\u003e\u003c/a\u003e Bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/648042e2afed596b673a8b3f8fc8fbfb48b41f43\"\u003e\u003ccode\u003e648042e\u003c/code\u003e\u003c/a\u003e Freshen generated index.js file.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/davidanson/markdownlint-cli2-action/compare/ce4853d43830c74c1753b39f3cf40f71c2031eb9...ded1f9488f68a970bc66ea5619e13e9b52e601cd\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=DavidAnson/markdownlint-cli2-action\u0026package-manager=github_actions\u0026previous-version=23.0.0\u0026new-version=23.2.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/Musonius-dev/praxis/pull/23","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Musonius-dev%2Fpraxis/issues/23","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/23/packages"}],"issue_packages":[{"old_version":"16","new_version":"23","update_type":null,"path":null,"pr_created_at":"2026-05-31T11:33:52.000Z","version_change":"16 → 23","issue":{"uuid":"4557410748","node_id":"PR_kwDOSmuxdc7hFO9h","number":2,"state":"open","title":"Bump DavidAnson/markdownlint-cli2-action from 16 to 23","user":"dependabot[bot]","labels":[],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-31T11:33:52.000Z","updated_at":"2026-05-31T11:33:52.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"DavidAnson/markdownlint-cli2-action","old_version":"16","new_version":"23","repository_url":"https://github.com/davidanson/markdownlint-cli2-action"}],"path":null,"ecosystem":"actions"},"body":"Bumps [DavidAnson/markdownlint-cli2-action](https://github.com/davidanson/markdownlint-cli2-action) from 16 to 23.\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/davidanson/markdownlint-cli2-action/releases\"\u003eDavidAnson/markdownlint-cli2-action's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eUpdate markdownlint-cli2 version (markdownlint-cli2 v0.22.1, markdownlint v0.40.0).\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003eUpdate markdownlint-cli2 version (markdownlint-cli2 v0.22.0, markdownlint v0.40.0), update Node.js dependency to 24.\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003eUpdate markdownlint version (markdownlint-cli2 v0.20.0, markdownlint v0.40.0).\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003eUpdate markdownlint version (markdownlint-cli2 v0.19.0, markdownlint v0.39.0).\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003eUpdate markdownlint version (markdownlint-cli2 v0.18.1, markdownlint v0.38.0).\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003eUpdate markdownlint version (markdownlint-cli2 v0.17.2, markdownlint v0.37.4).\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003eUpdate markdownlint version (markdownlint-cli2 v0.17.0, markdownlint v0.37.0).\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003eUpdate markdownlint version (markdownlint-cli2 v0.15.0, markdownlint v0.36.1).\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003eUpdate markdownlint version (markdownlint-cli2 v0.14.0, markdownlint v0.35.0).\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003eUpdate markdownlint version (markdownlint-cli2 v0.13.0, markdownlint v0.34.0).\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003cp\u003eUpdate markdownlint version (markdownlint-cli2 v0.12.1, markdownlint v0.33.0).\u003c/p\u003e\n\u003ch2\u003eUpdate markdownlint version (markdownlint-cli2 v0.11.0, markdownlint v0.32.1), remove deprecated \u0026quot;command\u0026quot; input.\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003eUpdate markdownlint version (markdownlint-cli2 v0.10.0, markdownlint v0.31.1).\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003eUpdate markdownlint version (markdownlint-cli2 v0.9.2, markdownlint v0.30.0).\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003eUpdate markdownlint version (markdownlint-cli2 v0.8.1, markdownlint v0.29.0), add \u0026quot;config\u0026quot; and \u0026quot;fix\u0026quot; inputs, deprecate \u0026quot;command\u0026quot; input.\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003eUpdate markdownlint version (markdownlint-cli2 v0.7.1, markdownlint v0.28.2).\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003eUpdate markdownlint version (markdownlint-cli2 v0.7.0, markdownlint v0.28.1), include link to rule information in title of annotations (clickable in GitHub).\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/ded1f9488f68a970bc66ea5619e13e9b52e601cd\"\u003e\u003ccode\u003eded1f94\u003c/code\u003e\u003c/a\u003e Update to version 23.2.0.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/dc5dad9f8ba073d9c126e0d851df92a6d37edf73\"\u003e\u003ccode\u003edc5dad9\u003c/code\u003e\u003c/a\u003e Add 10-day cooldown period to Dependabot updates.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/64b1c6ae183a8eb20a1aa3953e30a9dd4d432402\"\u003e\u003ccode\u003e64b1c6a\u003c/code\u003e\u003c/a\u003e Add package-lock.json for reproducible builds (fixes \u003ca href=\"https://redirect.github.com/davidanson/markdownlint-cli2-action/issues/362\"\u003e#362\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/6c62e06b9a7e92ae00b281d5c6794123911021af\"\u003e\u003ccode\u003e6c62e06\u003c/code\u003e\u003c/a\u003e Bump eslint-plugin-n from 17.24.0 to 18.0.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/9b5720cdbb216ebfd0f8ebfcd1b213c83ed1b206\"\u003e\u003ccode\u003e9b5720c\u003c/code\u003e\u003c/a\u003e Bump eslint from 10.2.1 to 10.3.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/6b51ade7a9e4a75a7ad929842dd298a3804ebe8b\"\u003e\u003ccode\u003e6b51ade\u003c/code\u003e\u003c/a\u003e Update to version 23.1.0.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/ea6e0dad81a67897db7632a0a41b3a0e7cc03ca3\"\u003e\u003ccode\u003eea6e0da\u003c/code\u003e\u003c/a\u003e Freshen generated index.js file.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/3c4c2c842cd43c2afe7cb5f2ecfe9e1623fa8d14\"\u003e\u003ccode\u003e3c4c2c8\u003c/code\u003e\u003c/a\u003e Bump markdownlint-cli2 from 0.22.0 to 0.22.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/3a933d45e20b54b80131d0335d61186e63e552bd\"\u003e\u003ccode\u003e3a933d4\u003c/code\u003e\u003c/a\u003e Bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/648042e2afed596b673a8b3f8fc8fbfb48b41f43\"\u003e\u003ccode\u003e648042e\u003c/code\u003e\u003c/a\u003e Freshen generated index.js file.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/davidanson/markdownlint-cli2-action/compare/v16...v23\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=DavidAnson/markdownlint-cli2-action\u0026package-manager=github_actions\u0026previous-version=16\u0026new-version=23)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/pol4rfuchs/Thermalguard-hwinfo64/pull/2","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/pol4rfuchs%2FThermalguard-hwinfo64/issues/2","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/2/packages"}},{"old_version":"17","new_version":"23","update_type":null,"path":null,"pr_created_at":"2026-05-30T19:29:21.000Z","version_change":"17 → 23","issue":{"uuid":"4555447739","node_id":"PR_kwDOSsdUbs7g_cEb","number":4,"state":"closed","title":"ci: bump the actions group across 1 directory with 9 updates","user":"dependabot[bot]","labels":["dependencies","github_actions"],"assignees":[],"locked":false,"comments_count":5,"pull_request":true,"closed_at":"2026-05-31T01:16:58.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-30T19:29:21.000Z","updated_at":"2026-05-31T01:17:07.000Z","time_to_close":20857,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"ci: bump","group_name":"actions","update_count":9,"packages":[{"name":"actions/checkout","old_version":"4","new_version":"6","repository_url":"https://github.com/actions/checkout"},{"name":"jdx/mise-action","old_version":"2","new_version":"4","repository_url":"https://github.com/jdx/mise-action"},{"name":"actions/upload-artifact","old_version":"4","new_version":"7","repository_url":"https://github.com/actions/upload-artifact"},{"name":"DavidAnson/markdownlint-cli2-action","old_version":"17","new_version":"23","repository_url":"https://github.com/davidanson/markdownlint-cli2-action"},{"name":"docker/setup-buildx-action","old_version":"3","new_version":"4","repository_url":"https://github.com/docker/setup-buildx-action"},{"name":"docker/bake-action","old_version":"6","new_version":"7","repository_url":"https://github.com/docker/bake-action"},{"name":"google/osv-scanner-action","old_version":"2.2.4","new_version":"2.3.8","repository_url":"https://github.com/google/osv-scanner-action"},{"name":"github/codeql-action","old_version":"3","new_version":"4","repository_url":"https://github.com/github/codeql-action"},{"name":"ossf/scorecard-action","old_version":"2.4.2","new_version":"2.4.3","repository_url":"https://github.com/ossf/scorecard-action"}],"path":null,"ecosystem":"actions"},"body":"Bumps the actions group with 9 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [actions/checkout](https://github.com/actions/checkout) | `4` | `6` |\n| [jdx/mise-action](https://github.com/jdx/mise-action) | `2` | `4` |\n| [actions/upload-artifact](https://github.com/actions/upload-artifact) | `4` | `7` |\n| [DavidAnson/markdownlint-cli2-action](https://github.com/davidanson/markdownlint-cli2-action) | `17` | `23` |\n| [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) | `3` | `4` |\n| [docker/bake-action](https://github.com/docker/bake-action) | `6` | `7` |\n| [google/osv-scanner-action](https://github.com/google/osv-scanner-action) | `2.2.4` | `2.3.8` |\n| [github/codeql-action](https://github.com/github/codeql-action) | `3` | `4` |\n| [ossf/scorecard-action](https://github.com/ossf/scorecard-action) | `2.4.2` | `2.4.3` |\n\n\nUpdates `actions/checkout` from 4 to 6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/checkout/releases\"\u003eactions/checkout's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.0.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate README to include Node.js 24 support details and requirements by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2248\"\u003eactions/checkout#2248\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePersist creds to a separate file by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2286\"\u003eactions/checkout#2286\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ev6-beta by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2298\"\u003eactions/checkout#2298\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eupdate readme/changelog for v6 by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2311\"\u003eactions/checkout#2311\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/checkout/compare/v5.0.0...v6.0.0\"\u003ehttps://github.com/actions/checkout/compare/v5.0.0...v6.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6-beta\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cp\u003eUpdated persist-credentials to store the credentials under \u003ccode\u003e$RUNNER_TEMP\u003c/code\u003e instead of directly in the local git config.\u003c/p\u003e\n\u003cp\u003eThis requires a minimum Actions Runner version of \u003ca href=\"https://github.com/actions/runner/releases/tag/v2.329.0\"\u003ev2.329.0\u003c/a\u003e to access the persisted credentials for \u003ca href=\"https://docs.github.com/en/actions/tutorials/use-containerized-services/create-a-docker-container-action\"\u003eDocker container action\u003c/a\u003e scenarios.\u003c/p\u003e\n\u003ch2\u003ev5.0.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePort v6 cleanup to v5 by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2301\"\u003eactions/checkout#2301\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/checkout/compare/v5...v5.0.1\"\u003ehttps://github.com/actions/checkout/compare/v5...v5.0.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.0.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate actions checkout to use node 24 by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2226\"\u003eactions/checkout#2226\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePrepare v5.0.0 release by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2238\"\u003eactions/checkout#2238\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e⚠️ Minimum Compatible Runner Version\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003ev2.327.1\u003c/strong\u003e\u003cbr /\u003e\n\u003ca href=\"https://github.com/actions/runner/releases/tag/v2.327.1\"\u003eRelease Notes\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eMake sure your runner is updated to this version or newer to use this release.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/checkout/compare/v4...v5.0.0\"\u003ehttps://github.com/actions/checkout/compare/v4...v5.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.3.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePort v6 cleanup to v4 by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2305\"\u003eactions/checkout#2305\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/checkout/compare/v4...v4.3.1\"\u003ehttps://github.com/actions/checkout/compare/v4...v4.3.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.3.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edocs: update README.md by \u003ca href=\"https://github.com/motss\"\u003e\u003ccode\u003e@​motss\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1971\"\u003eactions/checkout#1971\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd internal repos for checking out multiple repositories by \u003ca href=\"https://github.com/mouismail\"\u003e\u003ccode\u003e@​mouismail\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1977\"\u003eactions/checkout#1977\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDocumentation update - add recommended permissions to Readme by \u003ca href=\"https://github.com/benwells\"\u003e\u003ccode\u003e@​benwells\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2043\"\u003eactions/checkout#2043\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/de0fac2e4500dabe0009e67214ff5f5447ce83dd\"\u003e\u003ccode\u003ede0fac2\u003c/code\u003e\u003c/a\u003e Fix tag handling: preserve annotations and explicit fetch-tags (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2356\"\u003e#2356\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/064fe7f3312418007dea2b49a19844a9ee378f49\"\u003e\u003ccode\u003e064fe7f\u003c/code\u003e\u003c/a\u003e Add orchestration_id to git user-agent when ACTIONS_ORCHESTRATION_ID is set (...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/8e8c483db84b4bee98b60c0593521ed34d9990e8\"\u003e\u003ccode\u003e8e8c483\u003c/code\u003e\u003c/a\u003e Clarify v6 README (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2328\"\u003e#2328\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/033fa0dc0b82693d8986f1016a0ec2c5e7d9cbb1\"\u003e\u003ccode\u003e033fa0d\u003c/code\u003e\u003c/a\u003e Add worktree support for persist-credentials includeIf (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2327\"\u003e#2327\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/c2d88d3ecc89a9ef08eebf45d9637801dcee7eb5\"\u003e\u003ccode\u003ec2d88d3\u003c/code\u003e\u003c/a\u003e Update all references from v5 and v4 to v6 (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2314\"\u003e#2314\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/1af3b93b6815bc44a9784bd300feb67ff0d1eeb3\"\u003e\u003ccode\u003e1af3b93\u003c/code\u003e\u003c/a\u003e update readme/changelog for v6 (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2311\"\u003e#2311\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/71cf2267d89c5cb81562390fa70a37fa40b1305e\"\u003e\u003ccode\u003e71cf226\u003c/code\u003e\u003c/a\u003e v6-beta (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2298\"\u003e#2298\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/069c6959146423d11cd0184e6accf28f9d45f06e\"\u003e\u003ccode\u003e069c695\u003c/code\u003e\u003c/a\u003e Persist creds to a separate file (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2286\"\u003e#2286\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/ff7abcd0c3c05ccf6adc123a8cd1fd4fb30fb493\"\u003e\u003ccode\u003eff7abcd\u003c/code\u003e\u003c/a\u003e Update README to include Node.js 24 support details and requirements (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2248\"\u003e#2248\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/08c6903cd8c0fde910a37f88322edcfb5dd907a8\"\u003e\u003ccode\u003e08c6903\u003c/code\u003e\u003c/a\u003e Prepare v5.0.0 release (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2238\"\u003e#2238\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/actions/checkout/compare/v4...v6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `jdx/mise-action` from 2 to 4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jdx/mise-action/releases\"\u003ejdx/mise-action's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.0.0: Node.js 24 Runtime\u003c/h2\u003e\n\u003cp\u003eA major version bump that updates the action's runtime from Node.js 20 to Node.js 24. GitHub has deprecated Node.js 20 for Actions and will force Node.js 24 as the default starting June 2, 2026. This release proactively adopts the new runtime to eliminate deprecation warnings and ensure continued compatibility.\u003c/p\u003e\n\u003ch2\u003eBreaking Changes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eThe action now runs on the \u003cstrong\u003eNode.js 24\u003c/strong\u003e runtime instead of Node.js 20. If your workflow pins \u003ccode\u003ejdx/mise-action@v3\u003c/code\u003e, you will continue to see deprecation warnings. Update to \u003ccode\u003ejdx/mise-action@v4\u003c/code\u003e to resolve them:\u003c/p\u003e\n\u003cpre lang=\"yaml\"\u003e\u003ccode\u003e- uses: jdx/mise-action@v4\n\u003c/code\u003e\u003c/pre\u003e\n\u003cp\u003eThis should be a seamless upgrade for the vast majority of users — no configuration changes are needed beyond updating the version reference.\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eChanged\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated GitHub Actions runtime from Node.js 20 to Node.js 24 by \u003ca href=\"https://github.com/tumerorkun\"\u003e\u003ccode\u003e@​tumerorkun\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jdx/mise-action/pull/395\"\u003e#395\u003c/a\u003e (fixes \u003ca href=\"https://redirect.github.com/jdx/mise-action/issues/394\"\u003e#394\u003c/a\u003e)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tumerorkun\"\u003e\u003ccode\u003e@​tumerorkun\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/jdx/mise-action/pull/395\"\u003e#395\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/jdx/mise-action/compare/v3...v4.0.0\"\u003ehttps://github.com/jdx/mise-action/compare/v3...v4.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.6.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: pass cwd to all exec calls in exportMiseEnv() by \u003ca href=\"https://github.com/andrewthauer\"\u003e\u003ccode\u003e@​andrewthauer\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jdx/mise-action/pull/390\"\u003ejdx/mise-action#390\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: release v3.6.3 by \u003ca href=\"https://github.com/mise-en-dev\"\u003e\u003ccode\u003e@​mise-en-dev\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jdx/mise-action/pull/391\"\u003ejdx/mise-action#391\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/andrewthauer\"\u003e\u003ccode\u003e@​andrewthauer\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/jdx/mise-action/pull/390\"\u003ejdx/mise-action#390\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/jdx/mise-action/compare/v3.6.2...v3.6.3\"\u003ehttps://github.com/jdx/mise-action/compare/v3.6.2...v3.6.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.6.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003echore(deps): update dependency prettier to v3.8.1 by \u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/jdx/mise-action/pull/368\"\u003ejdx/mise-action#368\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): update dependency \u003ccode\u003e@​types/node\u003c/code\u003e to v24.10.9 by \u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/jdx/mise-action/pull/367\"\u003ejdx/mise-action#367\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): update github/codeql-action digest to 439137e by \u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/jdx/mise-action/pull/370\"\u003ejdx/mise-action#370\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): lock file maintenance by \u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/jdx/mise-action/pull/372\"\u003ejdx/mise-action#372\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): update autofix-ci/action digest to 7a166d7 by \u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/jdx/mise-action/pull/375\"\u003ejdx/mise-action#375\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): update actions/checkout digest to de0fac2 by \u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/jdx/mise-action/pull/374\"\u003ejdx/mise-action#374\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): lock file maintenance by \u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/jdx/mise-action/pull/377\"\u003ejdx/mise-action#377\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): update github/codeql-action digest to b5ebac6 by \u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/jdx/mise-action/pull/378\"\u003ejdx/mise-action#378\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): update dependency \u003ccode\u003e@​types/node\u003c/code\u003e to v24.10.13 by \u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/jdx/mise-action/pull/379\"\u003ejdx/mise-action#379\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): update github/codeql-action digest to f5c2471 by \u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/jdx/mise-action/pull/380\"\u003ejdx/mise-action#380\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: move file_hash to end of cache key template to prevent prefix matching by \u003ca href=\"https://github.com/altendky\"\u003e\u003ccode\u003e@​altendky\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jdx/mise-action/pull/384\"\u003ejdx/mise-action#384\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): update dependency \u003ccode\u003e@​types/handlebars\u003c/code\u003e to v4.1.0 by \u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/jdx/mise-action/pull/381\"\u003ejdx/mise-action#381\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): lock file maintenance by \u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/jdx/mise-action/pull/386\"\u003ejdx/mise-action#386\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): update github/codeql-action digest to 4558047 by \u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/jdx/mise-action/pull/387\"\u003ejdx/mise-action#387\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): lock file maintenance by \u003ca href=\"https://github.com/renovate\"\u003e\u003ccode\u003e@​renovate\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/jdx/mise-action/pull/389\"\u003ejdx/mise-action#389\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore: release v3.6.2 by \u003ca href=\"https://github.com/mise-en-dev\"\u003e\u003ccode\u003e@​mise-en-dev\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jdx/mise-action/pull/385\"\u003ejdx/mise-action#385\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/jdx/mise-action/blob/main/CHANGELOG.md\"\u003ejdx/mise-action's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/jdx/mise-action/compare/v4.0.0..v4.0.1\"\u003e4.0.1\u003c/a\u003e - 2026-03-22\u003c/h2\u003e\n\u003ch3\u003e🐛 Bug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003erun npm install in pre-commit hook before build (\u003ca href=\"https://redirect.github.com/jdx/mise-action/issues/410\"\u003e#410\u003c/a\u003e) by \u003ca href=\"https://github.com/jdx\"\u003e\u003ccode\u003e@​jdx\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jdx/mise-action/pull/410\"\u003e#410\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e🚜 Refactor\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eextract getCwd() helper to deduplicate working directory resolution (\u003ca href=\"https://redirect.github.com/jdx/mise-action/issues/403\"\u003e#403\u003c/a\u003e) by \u003ca href=\"https://github.com/altendky\"\u003e\u003ccode\u003e@​altendky\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jdx/mise-action/pull/403\"\u003e#403\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e📚 Documentation\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003ebump versions listed im README.md (\u003ca href=\"https://redirect.github.com/jdx/mise-action/issues/407\"\u003e#407\u003c/a\u003e) by \u003ca href=\"https://github.com/deining\"\u003e\u003ccode\u003e@​deining\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jdx/mise-action/pull/407\"\u003e#407\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebump more versions listed in README.md (\u003ca href=\"https://redirect.github.com/jdx/mise-action/issues/408\"\u003e#408\u003c/a\u003e) by \u003ca href=\"https://github.com/deining\"\u003e\u003ccode\u003e@​deining\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jdx/mise-action/pull/408\"\u003e#408\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e⚙️ Miscellaneous Tasks\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eadd workflow to auto-close stale PRs (\u003ca href=\"https://redirect.github.com/jdx/mise-action/issues/409\"\u003e#409\u003c/a\u003e) by \u003ca href=\"https://github.com/jdx\"\u003e\u003ccode\u003e@​jdx\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jdx/mise-action/pull/409\"\u003e#409\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eNew Contributors\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/deining\"\u003e\u003ccode\u003e@​deining\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/jdx/mise-action/pull/408\"\u003e#408\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/jdx/mise-action/compare/v3.6.3..v4.0.0\"\u003e4.0.0\u003c/a\u003e - 2026-03-13\u003c/h2\u003e\n\u003ch3\u003e🚀 Features\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003ebreaking\u003c/strong\u003e Update Node.js version from 20 to 24 (\u003ca href=\"https://redirect.github.com/jdx/mise-action/issues/395\"\u003e#395\u003c/a\u003e) by \u003ca href=\"https://github.com/tumerorkun\"\u003e\u003ccode\u003e@​tumerorkun\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jdx/mise-action/pull/395\"\u003e#395\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eNew Contributors\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tumerorkun\"\u003e\u003ccode\u003e@​tumerorkun\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/jdx/mise-action/pull/395\"\u003e#395\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/jdx/mise-action/compare/v3.6.2..v3.6.3\"\u003e3.6.3\u003c/a\u003e - 2026-03-06\u003c/h2\u003e\n\u003ch3\u003e🐛 Bug Fixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003epass cwd to all exec calls in exportMiseEnv() (\u003ca href=\"https://redirect.github.com/jdx/mise-action/issues/390\"\u003e#390\u003c/a\u003e) by \u003ca href=\"https://github.com/andrewthauer\"\u003e\u003ccode\u003e@​andrewthauer\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/jdx/mise-action/pull/390\"\u003e#390\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eNew Contributors\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/andrewthauer\"\u003e\u003ccode\u003e@​andrewthauer\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/jdx/mise-action/pull/390\"\u003e#390\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003chr /\u003e\n\u003ch2\u003e\u003ca href=\"https://github.com/jdx/mise-action/compare/v3.6.1..v3.6.2\"\u003e3.6.2\u003c/a\u003e - 2026-03-02\u003c/h2\u003e\n\u003ch3\u003e🐛 Bug Fixes\u003c/h3\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jdx/mise-action/commit/1648a7812b9aeae629881980618f079932869151\"\u003e\u003ccode\u003e1648a78\u003c/code\u003e\u003c/a\u003e chore: release v4.0.1 (\u003ca href=\"https://redirect.github.com/jdx/mise-action/issues/406\"\u003e#406\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jdx/mise-action/commit/e2d499cca69a193bf3a0996426c5b3ccb94b2c97\"\u003e\u003ccode\u003ee2d499c\u003c/code\u003e\u003c/a\u003e ci: add workflow to auto-close stale PRs (\u003ca href=\"https://redirect.github.com/jdx/mise-action/issues/409\"\u003e#409\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jdx/mise-action/commit/0cc0f1903615c9dac89b7dea8a31a86bfd9dab51\"\u003e\u003ccode\u003e0cc0f19\u003c/code\u003e\u003c/a\u003e fix: run npm install in pre-commit hook before build (\u003ca href=\"https://redirect.github.com/jdx/mise-action/issues/410\"\u003e#410\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jdx/mise-action/commit/89c67a39ab4d727fde43e3f8f0f810d8202d34e8\"\u003e\u003ccode\u003e89c67a3\u003c/code\u003e\u003c/a\u003e docs: bump more versions listed in README.md (\u003ca href=\"https://redirect.github.com/jdx/mise-action/issues/408\"\u003e#408\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jdx/mise-action/commit/0409dde834f41cd7d184340824f5557970508db8\"\u003e\u003ccode\u003e0409dde\u003c/code\u003e\u003c/a\u003e docs: bump versions listed im README.md (\u003ca href=\"https://redirect.github.com/jdx/mise-action/issues/407\"\u003e#407\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jdx/mise-action/commit/abadabdb1fdc80cf6563f9bd749bf473c860bb5e\"\u003e\u003ccode\u003eabadabd\u003c/code\u003e\u003c/a\u003e refactor: extract getCwd() helper to deduplicate working directory resolution...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jdx/mise-action/commit/c5b2043e51040594ce6979ffd7d682ebbcada18c\"\u003e\u003ccode\u003ec5b2043\u003c/code\u003e\u003c/a\u003e chore(deps): update github/codeql-action digest to 603b797 (\u003ca href=\"https://redirect.github.com/jdx/mise-action/issues/404\"\u003e#404\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jdx/mise-action/commit/71c0f0ac17abbafcd73c2c637b6f7a5c2c8162c1\"\u003e\u003ccode\u003e71c0f0a\u003c/code\u003e\u003c/a\u003e chore(deps): lock file maintenance (\u003ca href=\"https://redirect.github.com/jdx/mise-action/issues/400\"\u003e#400\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jdx/mise-action/commit/c1ecc8f748cd28cdeabf76dab3cccde4ce692fe4\"\u003e\u003ccode\u003ec1ecc8f\u003c/code\u003e\u003c/a\u003e chore: release v4.0.0 (\u003ca href=\"https://redirect.github.com/jdx/mise-action/issues/398\"\u003e#398\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jdx/mise-action/commit/1cbe8c560f203f9ab4eaaf8a3064a85ee965298b\"\u003e\u003ccode\u003e1cbe8c5\u003c/code\u003e\u003c/a\u003e chore(deps): update github/codeql-action digest to 820e316 (\u003ca href=\"https://redirect.github.com/jdx/mise-action/issues/397\"\u003e#397\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/jdx/mise-action/compare/v2...v4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `actions/upload-artifact` from 4 to 7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/upload-artifact/releases\"\u003eactions/upload-artifact's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.0.0\u003c/h2\u003e\n\u003ch2\u003ev7 What's new\u003c/h2\u003e\n\u003ch3\u003eDirect Uploads\u003c/h3\u003e\n\u003cp\u003eAdds support for uploading single files directly (unzipped). Callers can set the new \u003ccode\u003earchive\u003c/code\u003e parameter to \u003ccode\u003efalse\u003c/code\u003e to skip zipping the file during upload. Right now, we only support single files. The action will fail if the glob passed resolves to multiple files. The \u003ccode\u003ename\u003c/code\u003e parameter is also ignored with this setting. Instead, the name of the artifact will be the name of the uploaded file.\u003c/p\u003e\n\u003ch3\u003eESM\u003c/h3\u003e\n\u003cp\u003eTo support new versions of the \u003ccode\u003e@actions/*\u003c/code\u003e packages, we've upgraded the package to ESM.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd proxy integration test by \u003ca href=\"https://github.com/Link\"\u003e\u003ccode\u003e@​Link\u003c/code\u003e\u003c/a\u003e- in \u003ca href=\"https://redirect.github.com/actions/upload-artifact/pull/754\"\u003eactions/upload-artifact#754\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade the module to ESM and bump dependencies by \u003ca href=\"https://github.com/danwkennedy\"\u003e\u003ccode\u003e@​danwkennedy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/upload-artifact/pull/762\"\u003eactions/upload-artifact#762\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSupport direct file uploads by \u003ca href=\"https://github.com/danwkennedy\"\u003e\u003ccode\u003e@​danwkennedy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/upload-artifact/pull/764\"\u003eactions/upload-artifact#764\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Link\"\u003e\u003ccode\u003e@​Link\u003c/code\u003e\u003c/a\u003e- made their first contribution in \u003ca href=\"https://redirect.github.com/actions/upload-artifact/pull/754\"\u003eactions/upload-artifact#754\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/upload-artifact/compare/v6...v7.0.0\"\u003ehttps://github.com/actions/upload-artifact/compare/v6...v7.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.0.0\u003c/h2\u003e\n\u003ch2\u003ev6 - What's new\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!IMPORTANT]\nactions/upload-artifact@v6 now runs on Node.js 24 (\u003ccode\u003eruns.using: node24\u003c/code\u003e) and requires a minimum Actions Runner version of 2.327.1. If you are using self-hosted runners, ensure they are updated before upgrading.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003ch3\u003eNode.js 24\u003c/h3\u003e\n\u003cp\u003eThis release updates the runtime to Node.js 24. v5 had preliminary support for Node.js 24, however this action was by default still running on Node.js 20. Now this action by default will run on Node.js 24.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpload Artifact Node 24 support by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/upload-artifact/pull/719\"\u003eactions/upload-artifact#719\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: update \u003ccode\u003e@​actions/artifact\u003c/code\u003e for Node.js 24 punycode deprecation by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/upload-artifact/pull/744\"\u003eactions/upload-artifact#744\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eprepare release v6.0.0 for Node.js 24 support by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/upload-artifact/pull/745\"\u003eactions/upload-artifact#745\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/upload-artifact/compare/v5.0.0...v6.0.0\"\u003ehttps://github.com/actions/upload-artifact/compare/v5.0.0...v6.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.0.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBREAKING CHANGE:\u003c/strong\u003e this update supports Node \u003ccode\u003ev24.x\u003c/code\u003e. This is not a breaking change per-se but we're treating it as such.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate README.md by \u003ca href=\"https://github.com/GhadimiR\"\u003e\u003ccode\u003e@​GhadimiR\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/upload-artifact/pull/681\"\u003eactions/upload-artifact#681\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate README.md by \u003ca href=\"https://github.com/nebuk89\"\u003e\u003ccode\u003e@​nebuk89\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/upload-artifact/pull/712\"\u003eactions/upload-artifact#712\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eReadme: spell out the first use of GHES by \u003ca href=\"https://github.com/danwkennedy\"\u003e\u003ccode\u003e@​danwkennedy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/upload-artifact/pull/727\"\u003eactions/upload-artifact#727\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate GHES guidance to include reference to Node 20 version by \u003ca href=\"https://github.com/patrikpolyak\"\u003e\u003ccode\u003e@​patrikpolyak\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/upload-artifact/pull/725\"\u003eactions/upload-artifact#725\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@actions/artifact\u003c/code\u003e to \u003ccode\u003ev4.0.0\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003ePrepare \u003ccode\u003ev5.0.0\u003c/code\u003e by \u003ca href=\"https://github.com/danwkennedy\"\u003e\u003ccode\u003e@​danwkennedy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/upload-artifact/pull/734\"\u003eactions/upload-artifact#734\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-artifact/commit/043fb46d1a93c77aae656e7c1c64a875d1fc6a0a\"\u003e\u003ccode\u003e043fb46\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/upload-artifact/issues/797\"\u003e#797\u003c/a\u003e from actions/yacaovsnc/update-dependency\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-artifact/commit/634250c1388765ea7ed0f053e636f1f399000b94\"\u003e\u003ccode\u003e634250c\u003c/code\u003e\u003c/a\u003e Include changes in typespec/ts-http-runtime 0.3.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-artifact/commit/e454baaac2be505c9450e11b8f3215c6fc023ce8\"\u003e\u003ccode\u003ee454baa\u003c/code\u003e\u003c/a\u003e Readme: bump all the example versions to v7 (\u003ca href=\"https://redirect.github.com/actions/upload-artifact/issues/796\"\u003e#796\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-artifact/commit/74fad66b98a6d799dc004d3353ccd0e6f6b2530e\"\u003e\u003ccode\u003e74fad66\u003c/code\u003e\u003c/a\u003e Update the readme with direct upload details (\u003ca href=\"https://redirect.github.com/actions/upload-artifact/issues/795\"\u003e#795\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-artifact/commit/bbbca2ddaa5d8feaa63e36b76fdaad77386f024f\"\u003e\u003ccode\u003ebbbca2d\u003c/code\u003e\u003c/a\u003e Support direct file uploads (\u003ca href=\"https://redirect.github.com/actions/upload-artifact/issues/764\"\u003e#764\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-artifact/commit/589182c5a4cec8920b8c1bce3e2fab1c97a02296\"\u003e\u003ccode\u003e589182c\u003c/code\u003e\u003c/a\u003e Upgrade the module to ESM and bump dependencies (\u003ca href=\"https://redirect.github.com/actions/upload-artifact/issues/762\"\u003e#762\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-artifact/commit/47309c993abb98030a35d55ef7ff34b7fa1074b5\"\u003e\u003ccode\u003e47309c9\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/upload-artifact/issues/754\"\u003e#754\u003c/a\u003e from actions/Link-/add-proxy-integration-tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-artifact/commit/02a8460834e70dab0ce194c64360c59dc1475ef0\"\u003e\u003ccode\u003e02a8460\u003c/code\u003e\u003c/a\u003e Add proxy integration test\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-artifact/commit/b7c566a772e6b6bfb58ed0dc250532a479d7789f\"\u003e\u003ccode\u003eb7c566a\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/upload-artifact/issues/745\"\u003e#745\u003c/a\u003e from actions/upload-artifact-v6-release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-artifact/commit/e516bc8500aaf3d07d591fcd4ae6ab5f9c391d5b\"\u003e\u003ccode\u003ee516bc8\u003c/code\u003e\u003c/a\u003e docs: correct description of Node.js 24 support in README\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/actions/upload-artifact/compare/v4...v7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `DavidAnson/markdownlint-cli2-action` from 17 to 23\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/davidanson/markdownlint-cli2-action/releases\"\u003eDavidAnson/markdownlint-cli2-action's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eUpdate markdownlint-cli2 version (markdownlint-cli2 v0.22.1, markdownlint v0.40.0).\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003eUpdate markdownlint-cli2 version (markdownlint-cli2 v0.22.0, markdownlint v0.40.0), update Node.js dependency to 24.\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003eUpdate markdownlint version (markdownlint-cli2 v0.20.0, markdownlint v0.40.0).\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003eUpdate markdownlint version (markdownlint-cli2 v0.19.0, markdownlint v0.39.0).\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003eUpdate markdownlint version (markdownlint-cli2 v0.18.1, markdownlint v0.38.0).\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003eUpdate markdownlint version (markdownlint-cli2 v0.17.2, markdownlint v0.37.4).\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003eUpdate markdownlint version (markdownlint-cli2 v0.17.0, markdownlint v0.37.0).\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003eUpdate markdownlint version (markdownlint-cli2 v0.15.0, markdownlint v0.36.1).\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003eUpdate markdownlint version (markdownlint-cli2 v0.14.0, markdownlint v0.35.0).\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003eUpdate markdownlint version (markdownlint-cli2 v0.13.0, markdownlint v0.34.0).\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003cp\u003eUpdate markdownlint version (markdownlint-cli2 v0.12.1, markdownlint v0.33.0).\u003c/p\u003e\n\u003ch2\u003eUpdate markdownlint version (markdownlint-cli2 v0.11.0, markdownlint v0.32.1), remove deprecated \u0026quot;command\u0026quot; input.\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003eUpdate markdownlint version (markdownlint-cli2 v0.10.0, markdownlint v0.31.1).\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003eUpdate markdownlint version (markdownlint-cli2 v0.9.2, markdownlint v0.30.0).\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003eUpdate markdownlint version (markdownlint-cli2 v0.8.1, markdownlint v0.29.0), add \u0026quot;config\u0026quot; and \u0026quot;fix\u0026quot; inputs, deprecate \u0026quot;command\u0026quot; input.\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003eUpdate markdownlint version (markdownlint-cli2 v0.7.1, markdownlint v0.28.2).\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003eUpdate markdownlint version (markdownlint-cli2 v0.7.0, markdownlint v0.28.1), include link to rule information in title of annotations (clickable in GitHub).\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/ded1f9488f68a970bc66ea5619e13e9b52e601cd\"\u003e\u003ccode\u003eded1f94\u003c/code\u003e\u003c/a\u003e Update to version 23.2.0.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/dc5dad9f8ba073d9c126e0d851df92a6d37edf73\"\u003e\u003ccode\u003edc5dad9\u003c/code\u003e\u003c/a\u003e Add 10-day cooldown period to Dependabot updates.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/64b1c6ae183a8eb20a1aa3953e30a9dd4d432402\"\u003e\u003ccode\u003e64b1c6a\u003c/code\u003e\u003c/a\u003e Add package-lock.json for reproducible builds (fixes \u003ca href=\"https://redirect.github.com/davidanson/markdownlint-cli2-action/issues/362\"\u003e#362\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/6c62e06b9a7e92ae00b281d5c6794123911021af\"\u003e\u003ccode\u003e6c62e06\u003c/code\u003e\u003c/a\u003e Bump eslint-plugin-n from 17.24.0 to 18.0.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/9b5720cdbb216ebfd0f8ebfcd1b213c83ed1b206\"\u003e\u003ccode\u003e9b5720c\u003c/code\u003e\u003c/a\u003e Bump eslint from 10.2.1 to 10.3.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/6b51ade7a9e4a75a7ad929842dd298a3804ebe8b\"\u003e\u003ccode\u003e6b51ade\u003c/code\u003e\u003c/a\u003e Update to version 23.1.0.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/ea6e0dad81a67897db7632a0a41b3a0e7cc03ca3\"\u003e\u003ccode\u003eea6e0da\u003c/code\u003e\u003c/a\u003e Freshen generated index.js file.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/3c4c2c842cd43c2afe7cb5f2ecfe9e1623fa8d14\"\u003e\u003ccode\u003e3c4c2c8\u003c/code\u003e\u003c/a\u003e Bump markdownlint-cli2 from 0.22.0 to 0.22.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/3a933d45e20b54b80131d0335d61186e63e552bd\"\u003e\u003ccode\u003e3a933d4\u003c/code\u003e\u003c/a\u003e Bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/648042e2afed596b673a8b3f8fc8fbfb48b41f43\"\u003e\u003ccode\u003e648042e\u003c/code\u003e\u003c/a\u003e Freshen generated index.js file.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/davidanson/markdownlint-cli2-action/compare/v17...v23\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `docker/setup-buildx-action` from 3 to 4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/docker/setup-buildx-action/releases\"\u003edocker/setup-buildx-action's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.0.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNode 24 as default runtime (requires \u003ca href=\"https://github.com/actions/runner/releases/tag/v2.327.1\"\u003eActions Runner v2.327.1\u003c/a\u003e or later) by \u003ca href=\"https://github.com/crazy-max\"\u003e\u003ccode\u003e@​crazy-max\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/pull/483\"\u003edocker/setup-buildx-action#483\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemove deprecated inputs/outputs by \u003ca href=\"https://github.com/crazy-max\"\u003e\u003ccode\u003e@​crazy-max\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/pull/464\"\u003edocker/setup-buildx-action#464\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSwitch to ESM and update config/test wiring by \u003ca href=\"https://github.com/crazy-max\"\u003e\u003ccode\u003e@​crazy-max\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/pull/481\"\u003edocker/setup-buildx-action#481\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​actions/core\u003c/code\u003e from 1.11.1 to 3.0.0 in \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/pull/475\"\u003edocker/setup-buildx-action#475\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​docker/actions-toolkit\u003c/code\u003e from 0.63.0 to 0.79.0 in \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/pull/482\"\u003edocker/setup-buildx-action#482\u003c/a\u003e \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/pull/485\"\u003edocker/setup-buildx-action#485\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump js-yaml from 4.1.0 to 4.1.1 in \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/pull/452\"\u003edocker/setup-buildx-action#452\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump lodash from 4.17.21 to 4.17.23 in \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/pull/472\"\u003edocker/setup-buildx-action#472\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump minimatch from 3.1.2 to 3.1.5 in \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/pull/480\"\u003edocker/setup-buildx-action#480\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/docker/setup-buildx-action/compare/v3.12.0...v4.0.0\"\u003ehttps://github.com/docker/setup-buildx-action/compare/v3.12.0...v4.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.12.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDeprecate \u003ccode\u003einstall\u003c/code\u003e input by \u003ca href=\"https://github.com/crazy-max\"\u003e\u003ccode\u003e@​crazy-max\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/pull/455\"\u003edocker/setup-buildx-action#455\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​docker/actions-toolkit\u003c/code\u003e from 0.62.1 to 0.63.0 in \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/pull/434\"\u003edocker/setup-buildx-action#434\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump brace-expansion from 1.1.11 to 1.1.12 in \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/pull/436\"\u003edocker/setup-buildx-action#436\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump form-data from 2.5.1 to 2.5.5 in \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/pull/432\"\u003edocker/setup-buildx-action#432\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump undici from 5.28.4 to 5.29.0 in \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/pull/435\"\u003edocker/setup-buildx-action#435\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/docker/setup-buildx-action/compare/v3.11.1...v3.12.0\"\u003ehttps://github.com/docker/setup-buildx-action/compare/v3.11.1...v3.12.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.11.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix \u003ccode\u003ekeep-state\u003c/code\u003e not being respected by \u003ca href=\"https://github.com/crazy-max\"\u003e\u003ccode\u003e@​crazy-max\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/pull/429\"\u003edocker/setup-buildx-action#429\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/docker/setup-buildx-action/compare/v3.11.0...v3.11.1\"\u003ehttps://github.com/docker/setup-buildx-action/compare/v3.11.0...v3.11.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.11.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eKeep BuildKit state support by \u003ca href=\"https://github.com/crazy-max\"\u003e\u003ccode\u003e@​crazy-max\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/pull/427\"\u003edocker/setup-buildx-action#427\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemove aliases created when installing by default by \u003ca href=\"https://github.com/hashhar\"\u003e\u003ccode\u003e@​hashhar\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/pull/139\"\u003edocker/setup-buildx-action#139\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​docker/actions-toolkit\u003c/code\u003e from 0.56.0 to 0.62.1 in \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/pull/422\"\u003edocker/setup-buildx-action#422\u003c/a\u003e \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/pull/425\"\u003edocker/setup-buildx-action#425\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/docker/setup-buildx-action/compare/v3.10.0...v3.11.0\"\u003ehttps://github.com/docker/setup-buildx-action/compare/v3.10.0...v3.11.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.10.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBump \u003ccode\u003e@​docker/actions-toolkit\u003c/code\u003e from 0.54.0 to 0.56.0 in \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/pull/408\"\u003edocker/setup-buildx-action#408\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/docker/setup-buildx-action/compare/v3.9.0...v3.10.0\"\u003ehttps://github.com/docker/setup-buildx-action/compare/v3.9.0...v3.10.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.9.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBump \u003ccode\u003e@​docker/actions-toolkit\u003c/code\u003e from 0.48.0 to 0.54.0 in \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/pull/402\"\u003edocker/setup-buildx-action#402\u003c/a\u003e \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/pull/404\"\u003edocker/setup-buildx-action#404\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/docker/setup-buildx-action/compare/v3.8.0...v3.9.0\"\u003ehttps://github.com/docker/setup-buildx-action/compare/v3.8.0...v3.9.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.8.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMake cloud prefix optional to download buildx if driver is cloud by \u003ca href=\"https://github.com/crazy-max\"\u003e\u003ccode\u003e@​crazy-max\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/pull/390\"\u003edocker/setup-buildx-action#390\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​actions/core\u003c/code\u003e from 1.10.1 to 1.11.1 in \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/pull/370\"\u003edocker/setup-buildx-action#370\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​docker/actions-toolkit\u003c/code\u003e from 0.39.0 to 0.48.0 in \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/pull/389\"\u003edocker/setup-buildx-action#389\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump cross-spawn from 7.0.3 to 7.0.6 in \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/pull/382\"\u003edocker/setup-buildx-action#382\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/docker/setup-buildx-action/compare/v3.7.1...v3.8.0\"\u003ehttps://github.com/docker/setup-buildx-action/compare/v3.7.1...v3.8.0\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/setup-buildx-action/commit/d7f5e7f509e45cec5c76c4d5afdd7de93d0b3df5\"\u003e\u003ccode\u003ed7f5e7f\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/issues/489\"\u003e#489\u003c/a\u003e from docker/dependabot/npm_and_yarn/docker/actions-to...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/setup-buildx-action/commit/92bc5c9777806d0a73d9d668ba2114fa1177f164\"\u003e\u003ccode\u003e92bc5c9\u003c/code\u003e\u003c/a\u003e chore: update generated content\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/setup-buildx-action/commit/da11e35abee0f20cb4f1c1b7c461d37c29be52f5\"\u003e\u003ccode\u003eda11e35\u003c/code\u003e\u003c/a\u003e build(deps): bump \u003ccode\u003e@​docker/actions-toolkit\u003c/code\u003e from 0.79.0 to 0.90.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/setup-buildx-action/commit/f021e162ef95b6fba51af1c6674f537f25bce851\"\u003e\u003ccode\u003ef021e16\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/issues/492\"\u003e#492\u003c/a\u003e from docker/dependabot/npm_and_yarn/undici-6.24.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/setup-buildx-action/commit/b5af94fab700aee0c64d6077e0e34ae987815b67\"\u003e\u003ccode\u003eb5af94f\u003c/code\u003e\u003c/a\u003e chore: update generated content\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/setup-buildx-action/commit/16ad9776a801d0c47f0a05f007b88a3789aa8ab6\"\u003e\u003ccode\u003e16ad977\u003c/code\u003e\u003c/a\u003e build(deps): bump undici from 6.23.0 to 6.25.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/setup-buildx-action/commit/d7a12d7df895b33bd02a9b4bf62a12f2b9a24458\"\u003e\u003ccode\u003ed7a12d7\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/issues/495\"\u003e#495\u003c/a\u003e from docker/dependabot/npm_and_yarn/glob-10.5.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/setup-buildx-action/commit/28ff27de4eed7518d361591f2cd1dfb69c34a7cb\"\u003e\u003ccode\u003e28ff27d\u003c/code\u003e\u003c/a\u003e build(deps): bump glob from 10.3.12 to 13.0.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/setup-buildx-action/commit/daf436b50e13d9053b9730cbc16516891878b019\"\u003e\u003ccode\u003edaf436b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/issues/496\"\u003e#496\u003c/a\u003e from docker/dependabot/npm_and_yarn/fast-xml-parser-5...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/setup-buildx-action/commit/9725348367859764880f2f2e688a6b0c353e3f35\"\u003e\u003ccode\u003e9725348\u003c/code\u003e\u003c/a\u003e chore: update generated content\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/docker/setup-buildx-action/compare/v3...v4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `docker/bake-action` from 6 to 7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/docker/bake-action/releases\"\u003edocker/bake-action's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.0.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNode 24 as default runtime (requires \u003ca href=\"https://github.com/actions/runner/releases/tag/v2.327.1\"\u003eActions Runner v2.327.1\u003c/a\u003e or later) by \u003ca href=\"https://github.com/crazy-max\"\u003e\u003ccode\u003e@​crazy-max\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/docker/bake-action/pull/383\"\u003edocker/bake-action#383\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe \u003ccode\u003eworkdir\u003c/code\u003e input is now merged into \u003ccode\u003esource\u003c/code\u003e; use \u003ccode\u003esource\u003c/code\u003e for local and remote (\u003ca href=\"https://github.com/docker/bake-action?tab=readme-ov-file#source-semantics\"\u003edocs\u003c/a\u003e) by \u003ca href=\"https://github.com/crazy-max\"\u003e\u003ccode\u003e@​crazy-max\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/docker/bake-action/pull/365\"\u003edocker/bake-action#365\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemove deprecated \u003ccode\u003eDOCKER_BUILD_NO_SUMMARY\u003c/code\u003e and \u003ccode\u003eDOCKER_BUILD_EXPORT_RETENTION_DAYS\u003c/code\u003e envs by \u003ca href=\"https://github.com/crazy-max\"\u003e\u003ccode\u003e@​crazy-max\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/docker/bake-action/pull/386\"\u003edocker/bake-action#386\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemove legacy export-build tool support for build summary by \u003ca href=\"https://github.com/crazy-max\"\u003e\u003ccode\u003e@​crazy-max\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/docker/bake-action/pull/387\"\u003edocker/bake-action#387\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemove deprecated \u003ccode\u003elist-targets\u003c/code\u003e subaction (use \u003ca href=\"https://github.com/docker/bake-action/tree/master/subaction/matrix\"\u003e\u003ccode\u003ematrix\u003c/code\u003e subaction\u003c/a\u003e instead) by \u003ca href=\"https://github.com/crazy-max\"\u003e\u003ccode\u003e@​crazy-max\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/docker/bake-action/pull/370\"\u003edocker/bake-action#370\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSwitch to ESM and update config/test wiring by \u003ca href=\"https://github.com/crazy-max\"\u003e\u003ccode\u003e@​crazy-max\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/docker/bake-action/pull/380\"\u003edocker/bake-action#380\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​actions/core\u003c/code\u003e from 1.11.1 to 3.0.0 in \u003ca href=\"https://redirect.github.com/docker/bake-action/pull/382\"\u003edocker/bake-action#382\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​docker/actions-toolkit\u003c/code\u003e from 0.68.0 to 0.79.0 in \u003ca href=\"https://redirect.github.com/docker/bake-action/pull/381\"\u003edocker/bake-action#381\u003c/a\u003e \u003ca href=\"https://redirect.github.com/docker/bake-action/pull/384\"\u003edocker/bake-action#384\u003c/a\u003e \u003ca href=\"https://redirect.github.com/docker/bake-action/pull/389\"\u003edocker/bake-action#389\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​isaacs/brace-expansion\u003c/code\u003e from 5.0.0 to 5.0.1 in \u003ca href=\"https://redirect.github.com/docker/bake-action/pull/379\"\u003edocker/bake-action#379\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump lodash from 4.17.21 to 4.17.23 in \u003ca href=\"https://redirect.github.com/docker/bake-action/pull/376\"\u003edocker/bake-action#376\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/docker/bake-action/compare/v6.10.0...v7.0.0\"\u003ehttps://github.com/docker/bake-action/compare/v6.10.0...v7.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.10.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCheck provenance attestation set in bake definition before overriding by \u003ca href=\"https://github.com/crazy-max\"\u003e\u003ccode\u003e@​crazy-max\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/docker/bake-action/pull/359\"\u003edocker/bake-action#359\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​docker/actions-toolkit\u003c/code\u003e from 0.63.0 to 0.68.0 in \u003ca href=\"https://redirect.github.com/docker/bake-action/pull/360\"\u003edocker/bake-action#360\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump js-yaml from 3.14.1 to 3.14.2 in \u003ca href=\"https://redirect.github.com/docker/bake-action/pull/357\"\u003edocker/bake-action#357\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/docker/bake-action/compare/v6.9.0...v6.10.0\"\u003ehttps://github.com/docker/bake-action/compare/v6.9.0...v6.10.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.9.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ca href=\"https://github.com/docker/bake-action/blob/master/subaction/matrix\"\u003e\u003ccode\u003ematrix\u003c/code\u003e\u003c/a\u003e subaction and deprecate \u003ccode\u003elist-targets\u003c/code\u003e by \u003ca href=\"https://github.com/crazy-max\"\u003e\u003ccode\u003e@​crazy-max\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/docker/bake-action/pull/204\"\u003edocker/bake-action#204\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd \u003ccode\u003ecall\u003c/code\u003e input to set method for evaluating build by \u003ca href=\"https://github.com/crazy-max\"\u003e\u003ccode\u003e@​crazy-max\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/docker/bake-action/pull/338\"\u003edocker/bake-action#338\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​docker/actions-toolkit\u003c/code\u003e from 0.62.1 to 0.63.0 in \u003ca href=\"https://redirect.github.com/docker/bake-action/pull/342\"\u003edocker/bake-action#342\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump brace-expansion from 1.1.11 to 1.1.12 in \u003ca href=\"https://redirect.github.com/docker/bake-action/pull/339\"\u003edocker/bake-action#339\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump form-data from 2.5.1 to 2.5.5 in \u003ca href=\"https://redirect.github.com/docker/bake-action/pull/334\"\u003edocker/bake-action#334\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump tmp from 0.2.3 to 0.2.4 in \u003ca href=\"https://redirect.github.com/docker/bake-action/pull/341\"\u003edocker/bake-action#341\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump undici from 5.28.4 to 5.29.0 in \u003ca href=\"https://redirect.github.com/docker/bake-action/pull/340\"\u003edocker/bake-action#340\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!IMPORTANT]\n\u003ca href=\"https://github.com/docker/bake-action/tree/v6.9.0/subaction/list-targets\"\u003e\u003ccode\u003edocker/bake-action/subaction/list-targets\u003c/code\u003e\u003c/a\u003e is deprecated and will be removed in a future release.\nPlease use \u003ca href=\"https://github.com/docker/bake-action/blob/master/subaction/matrix\"\u003e\u003ccode\u003edocker/bake-action/subaction/matrix\u003c/code\u003e\u003c/a\u003e instead.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/docker/bake-action/compare/v6.8.0...v6.9.0\"\u003ehttps://github.com/docker/bake-action/compare/v6.8.0...v6.9.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.8.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBump \u003ccode\u003e@​docker/actions-toolkit\u003c/code\u003e from 0.61.0 to 0.62.1 in \u003ca href=\"https://redirect.github.com/docker/bake-action/pull/331\"\u003edocker/bake-action#331\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!NOTE]\n\u003ca href=\"https://docs.docker.com/build/ci/github-actions/build-summary/\"\u003eBuild summary\u003c/a\u003e is now supported with \u003ca href=\"https://docs.docker.com/build-cloud/\"\u003eDocker Build Cloud\u003c/a\u003e.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/docker/bake-action/compare/v6.7.0...v6.8.0\"\u003ehttps://github.com/docker/bake-action/compare/v6.7.0...v6.8.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.7.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBump \u003ccode\u003e@​docker/actions-toolkit\u003c/code\u003e from 0.59.0 to 0.61.0 by \u003ca href=\"https://github.com/crazy-max\"\u003e\u003ccode\u003e@​crazy-max\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/docker/bake-action/pull/325\"\u003edocker/bake-action#325\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!NOTE]\nBuild record is now exported using the \u003ca href=\"https://docs.docker.com/reference/cli/docker/buildx/history/export/\"\u003e\u003ccode\u003ebuildx history export\u003c/code\u003e\u003c/a\u003e command instead of the legacy export-build tool.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/bake-action/commit/6614cfa25eff9a0b2b2697efb0b6159e7680d584\"\u003e\u003ccode\u003e6614cfa\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/docker/bake-action/issues/425\"\u003e#425\u003c/a\u003e from docker/dependabot/npm_and_yarn/docker/actions-to...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/bake-action/commit/0a925a2f441ed5b98093a5f22bf394d4f7f90fe1\"\u003e\u003ccode\u003e0a925a2\u003c/code\u003e\u003c/a\u003e chore: update generated content\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/bake-action/commit/b9ca7428b9db7ce99fd53cbb841e7fe2e4398e14\"\u003e\u003ccode\u003eb9ca742\u003c/code\u003e\u003c/a\u003e chore(deps): Bump \u003ccode\u003e@​docker/actions-toolkit\u003c/code\u003e from 0.87.0 to 0.90.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/bake-action/commit/48e6359a4a84f8878f508f6b40522cec98458a84\"\u003e\u003ccode\u003e48e6359\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/docker/bake-action/issues/429\"\u003e#429\u003c/a\u003e from docker/dependabot/npm_and_yarn/fast-xml-parser-5...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/bake-action/commit/d1523f495ad477e665fb3791b34ebf03cd94a84a\"\u003e\u003ccode\u003ed1523f4\u003c/code\u003e\u003c/a\u003e chore: update generated content\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/bake-action/commit/a73f293b0b9bee84f5b67dea49ed4df47bcb7ec5\"\u003e\u003ccode\u003ea73f293\u003c/code\u003e\u003c/a\u003e chore(deps): Bump fast-xml-parser from 5.5.9 to 5.8.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/bake-action/commit/bc584acc2abd0dcd4af6aa2d22c8d8fe0c1a1b3e\"\u003e\u003ccode\u003ebc584ac\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/docker/bake-action/issues/430\"\u003e#430\u003c/a\u003e from docker/dependabot/npm_and_yarn/actions/core-3.0.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/bake-action/commit/23050a11b3ba889f5d9d8661ab17ae5bd50ce163\"\u003e\u003ccode\u003e23050a1\u003c/code\u003e\u003c/a\u003e chore: update generated content\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/bake-action/commit/7ae1cf6599093238db3b9873f3591f3c566d9840\"\u003e\u003ccode\u003e7ae1cf6\u003c/code\u003e\u003c/a\u003e chore(deps): Bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/bake-action/commit/e7934f83947a97c36e6e96d97ec3f299d987c7b8\"\u003e\u003ccode\u003ee7934f8\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/docker/bake-action/issues/432\"\u003e#432\u003c/a\u003e from docker/dependabot/npm_and_yarn/postcss-8.5.10\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/docker/bake-action/compare/v6...v7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `google/osv-scanner-action` from 2.2.4 to 2.3.8\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/google/osv-scanner-action/releases\"\u003egoogle/osv-scanner-action's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev2.3.8\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cp\u003eThis updates OSV-Scanner to v2.3.8.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/google/osv-scanner-action/compare/v2.3.5...v2.3.8\"\u003ehttps://github.com/google/osv-scanner-action/compare/v2.3.5...v2.3.8\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.3.5\u003c/h2\u003e\n\u003cp\u003eThis updates OSV-Scanner to v2.3.5.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate to v2.3.5 by \u003ca href=\"https://github.com/tobyhawker\"\u003e\u003ccode\u003e@​tobyhawker\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/google/osv-scanner-action/pull/124\"\u003egoogle/osv-scanner-action#124\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/tobyhawker\"\u003e\u003ccode\u003e@​tobyhawker\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/google/osv-scanner-action/pull/124\"\u003egoogle/osv-scanner-action#124\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/google/osv-scanner-action/compare/v2.3.3...v2.3.5\"\u003ehttps://github.com/google/osv-scanner-action/compare/v2.3.3...v2.3.5\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.3.3\u003c/h2\u003e\n\u003cp\u003eThis updates OSV-Scanner to v2.3.3.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003echore(deps): update github/codeql-action action to v4.31.10 by \u003ca href=\"https://github.com/renovate-bot\"\u003e\u003ccode\u003e@​renovate-bot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/google/osv-scanner-action/pull/115\"\u003egoogle/osv-scanner-action#115\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate to v2.3.3 by \u003ca href=\"https://github.com/Ly-Joey\"\u003e\u003ccode\u003e@​Ly-Joey\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/google/osv-scanner-action/pull/118\"\u003egoogle/osv-scanner-action#118\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Ly-Joey\"\u003e\u003ccode\u003e@​Ly-Joey\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/google/osv-scanner-action/pull/118\"\u003egoogle/osv-scanner-action#118\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/google/osv-scanner-action/compare/v2.3.2...v2.3.3\"\u003ehttps://github.com/google/osv-scanner-action/compare/v2.3.2...v2.3.3\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.3.2\u003c/h2\u003e\n\u003cp\u003eThis updates OSV-Scanner to v2.3.2\u003c/p\u003e\n\u003cp\u003eThis release includes performance improvements for local scanning, reducing memory usage and avoiding unnecessary advisory loading. It also fixes issues with MCP's get_vulnerability_details tool, git queries in \u003ccode\u003eosv-scanner.json\u003c/code\u003e, and ignore entry tracking, along with documentation updates.\u003c/p\u003e\n\u003ch3\u003eFixes:\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Bug \u003ca href=\"https://redirect.github.com/google/osv-scanner-action/issues/2415\"\u003e#2415\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/google/osv-scanner/pull/2415\"\u003egoogle/osv-scanner#2415\u003c/a\u003e) Add more PURL-to-ecosystem mappings\u003c/li\u003e\n\u003cli\u003e[Bug \u003ca href=\"https://redirect.github.com/google/osv-scanner-action/issues/2422\"\u003e#2422\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/google/osv-scanner/pull/2422\"\u003egoogle/osv-scanner#2422\u003c/a\u003e) MCP error for get_vulnerability_id because type definition is incorrect.\u003c/li\u003e\n\u003cli\u003e[Bug \u003ca href=\"https://redirect.github.com/google/osv-scanner-action/issues/2460\"\u003e#2460\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/google/osv-scanner/pull/2460\"\u003egoogle/osv-scanner#2460\u003c/a\u003e) Enable osv-scanner.json git queries\u003c/li\u003e\n\u003cli\u003e[Bug \u003ca href=\"https://redirect.github.com/google/osv-scanner-action/issues/2456\"\u003e#2456\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/google/osv-scanner/pull/2456\"\u003egoogle/osv-scanner#2456\u003c/a\u003e) Properly track if an ignore entry has been used\u003c/li\u003e\n\u003cli\u003e[Bug \u003ca href=\"https://redirect.github.com/google/osv-scanner-action/issues/2450\"\u003e#2450\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/google/osv-scanner/pull/2450\"\u003egoogle/osv-scanner#2450\u003c/a\u003e) \u003cstrong\u003ePerformance:\u003c/strong\u003e Avoid loading the entire advisory unless it will actually be used\u003c/li\u003e\n\u003cli\u003e[Bug \u003ca href=\"https://redirect.github.com/google/osv-scanner-action/issues/2445\"\u003e#2445\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/google/osv-scanner/pull/2445\"\u003egoogle/osv-scanner#2445\u003c/a\u003e) \u003cstrong\u003ePerformance:\u003c/strong\u003e Don't read the entire zip into memory\u003c/li\u003e\n\u003cli\u003e[Bug \u003ca href=\"https://redirect.github.com/google/osv-scanner-action/issues/2433\"\u003e#2433\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/google/osv-scanner/pull/2433\"\u003egoogle/osv-scanner#2433\u003c/a\u003e) Allow specifying user agent in v2 osvscanner package\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eMisc:\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e[Misc \u003ca href=\"https://redirect.github.com/google/osv-scanner-action/issues/2453\"\u003e#2453\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/google/osv-scanner/pull/2453\"\u003egoogle/osv-scanner#2453\u003c/a\u003e) Switch from gopkg.in/yaml.v3 to go.yaml.in/yaml/v3\u003c/li\u003e\n\u003cli\u003e[Misc \u003ca href=\"https://redirect.github.com/google/osv-scanner-action/issues/2447\"\u003e#2447\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/google/osv-scanner/pull/2447\"\u003egoogle/osv-scanner#2447\u003c/a\u003e) Include \u003ccode\u003ebun.lock\u003c/code\u003e as a supported lockfile\u003c/li\u003e\n\u003cli\u003e[Misc \u003ca href=\"https://redirect.github.com/google/osv-scanner-action/issues/2444\"\u003e#2444\u003c/a\u003e](\u003ca href=\"https://redirect.github.com/google/osv-scanner/pull/2444\"\u003egoogle/osv-scanner#2444\u003c/a\u003e) Document GoVersionOverride in configuration.md\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/osv-scanner-action/commit/9a498708959aeaef5ef730655706c5a1df1edbc2\"\u003e\u003ccode\u003e9a49870\u003c/code\u003e\u003c/a\u003e Update unified workflow example to point to v2.3.8 reusable workflows\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/osv-scanner-action/commit/3adb4b14a2b0623876d18d863a498b785fb3752d\"\u003e\u003ccode\u003e3adb4b1\u003c/code\u003e\u003c/a\u003e Update reusable workflows to point to v2.3.8 actions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/osv-scanner-action/commit/8dc09193bb540e09b23da07ad7e30bd33bf87018\"\u003e\u003ccode\u003e8dc0919\u003c/code\u003e\u003c/a\u003e \u0026quot;Update actions to use v2.3.8 osv-scanner image\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/osv-scanner-action/commit/43f380b8fc43a816831a9f5ee6fc91170809c7e9\"\u003e\u003ccode\u003e43f380b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/google/osv-scanner-action/issues/125\"\u003e#125\u003c/a\u003e from google/update-to-v2.3.6\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/osv-scanner-action/commit/dcf4ddd504dac1027e5829c1d754e4ec009ded5d\"\u003e\u003ccode\u003edcf4ddd\u003c/code\u003e\u003c/a\u003e Update unified workflow example to point to v2.3.6 reusable workflows\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/osv-scanner-action/commit/b9dbb7ef6f6fb8d0e762912b668d2c4c236090a3\"\u003e\u003ccode\u003eb9dbb7e\u003c/code\u003e\u003c/a\u003e Update reusable workflows to point to v2.3.6 actions\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/osv-scanner-action/commit/fe54858b54b6e367472aa1828429dfcf3c95aba6\"\u003e\u003ccode\u003efe54858\u003c/code\u003e\u003c/a\u003e \u0026quot;Update actions to use v2.3.6 osv-scanner image\u0026quot;\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/osv-scanner-action/commit/eb5b619bb565d10623076caba5263750fde3c790\"\u003e\u003ccode\u003eeb5b619\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/google/osv-scanner-action/issues/100\"\u003e#100\u003c/a\u003e from thomasleplus/main\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/osv-scanner-action/commit/9517144e5504957104c831530fe605bfdc71f353\"\u003e\u003ccode\u003e9517144\u003c/code\u003e\u003c/a\u003e feat: output results in reusable workflow\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/google/osv-scanner-action/commit/f17cd09224d6ef8be953fb49371e6bffb2dbf44a\"\u003e\u003ccode\u003ef17cd09\u003c/code\u003e\u003c/a\u003e Merge branch 'main' into main\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/google/osv-scanner-action/compare/v2.2.4...v2.3.8\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github/codeql-action` from 3 to 4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/github/codeql-action/releases\"\u003egithub/codeql-action's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.36.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cem\u003eBreaking change\u003c/em\u003e: Bump the minimum required CodeQL bundle version to 2.19.4. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3894\"\u003e#3894\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd support for SHA-256 Git object IDs. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3893\"\u003e#3893\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.5\"\u003e2.25.5\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3926\"\u003e#3926\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.35.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eWe have improved how the JavaScript bundles for the CodeQL Action are generated to avoid duplication across bundles and reduce the size of the repository by around 70%. This should have no effect on the runtime behaviour of the CodeQL Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3899\"\u003e#3899\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFor performance and accuracy reasons, \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e will now only be enabled on a pull request when diff-informed analysis is also enabled for that run. If diff-informed analysis is unavailable (for example, because the PR diff ranges could not be computed), the action will fall back to a full analysis. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3791\"\u003e#3791\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIf multiple inputs are provided for the GitHub-internal \u003ccode\u003eanalysis-kinds\u003c/code\u003e input, only \u003ccode\u003ecode-scanning\u003c/code\u003e will be enabled. The \u003ccode\u003eanalysis-kinds\u003c/code\u003e input is experimental, for GitHub-internal use only, and may change without notice at any time. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3892\"\u003e#3892\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded an experimental change which, when running a Code Scanning analysis for a PR with \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e enabled, prefers CodeQL CLI versions that have a cached overlay-base database for the configured languages. This speeds up analysis for a repository when there is not yet a cached overlay-base database for the latest CLI version. We expect to roll this change out to everyone in May. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3880\"\u003e#3880\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.35.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.4\"\u003e2.25.4\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3881\"\u003e#3881\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.35.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cem\u003eUpcoming breaking change\u003c/em\u003e: Add a deprecation warning for customers using CodeQL version 2.19.3 and earlier. These versions of CodeQL were discontinued on 9 April 2026 alongside GitHub Enterprise Server 3.15, and will be unsupported by the next minor release of the CodeQL Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3837\"\u003e#3837\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eConfigurations for private registries that use Cloudsmith or GCP OIDC are now accepted. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3850\"\u003e#3850\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBest-effort connection tests for private registries now use \u003ccode\u003eGET\u003c/code\u003e requests instead of \u003ccode\u003eHEAD\u003c/code\u003e for better compatibility with various registry implementations. For NuGet feeds, the test is now always performed against the service index. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3853\"\u003e#3853\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed a bug where two diagnostics produced within the same millisecond could overwrite each other on disk, causing one of them to be lost. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3852\"\u003e#3852\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.3\"\u003e2.25.3\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3865\"\u003e#3865\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.35.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eThe undocumented TRAP cache cleanup feature that could be enabled using the \u003ccode\u003eCODEQL_ACTION_CLEANUP_TRAP_CACHES\u003c/code\u003e environment variable is deprecated and will be removed in May 2026. If you are affected by this, we recommend disabling TRAP caching by passing the \u003ccode\u003etrap-caching: false\u003c/code\u003e input to the \u003ccode\u003einit\u003c/code\u003e Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3795\"\u003e#3795\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe Git version 2.36.0 requirement for improved incremental analysis now only applies to repositories that contain submodules. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3789\"\u003e#3789\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePython analysis on GHES no longer extracts the standard library, relying instead on models of the standard library. This should result in significantly faster extraction and analysis times, while the effect on alerts should be minimal. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3794\"\u003e#3794\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed a bug in the validation of OIDC configurations for private registries that was added in CodeQL Action 4.33.0 / 3.33.0. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3807\"\u003e#3807\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.2\"\u003e2.25.2\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3823\"\u003e#3823\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.35.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix incorrect minimum required Git version for \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e: it should have been 2.36.0, not 2.11.0. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3781\"\u003e#3781\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.35.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReduced the minimum Git version required for \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e from 2.38.0 to 2.11.0. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3767\"\u003e#3767\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.1\"\u003e2.25.1\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3773\"\u003e#3773\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.34.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDowngrade default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.3\"\u003e2.24.3\u003c/a\u003e due to issues with a small percentage of Actions and JavaScript analyses. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3762\"\u003e#3762\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.34.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded an experimental change which disables TRAP caching...\n\n_Description has been truncated_","html_url":"https://github.com/theagenticguy/agent-images/pull/4","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/theagenticguy%2Fagent-images/issues/4","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/4/packages"}},{"old_version":"22.0.0","new_version":"23.2.0","update_type":"major","path":null,"pr_created_at":"2026-05-20T07:13:08.000Z","version_change":"22.0.0 → 23.2.0","issue":{"uuid":"4484053712","node_id":"PR_kwDOA4w8Zc7dZyA2","number":6155,"state":"open","title":"chore(deps): bump DavidAnson/markdownlint-cli2-action from 22.0.0 to 23.2.0","user":"dependabot[bot]","labels":["dependencies","github_actions"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-20T07:13:08.000Z","updated_at":"2026-05-20T07:14:33.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps)","packages":[{"name":"DavidAnson/markdownlint-cli2-action","old_version":"22.0.0","new_version":"23.2.0","repository_url":"https://github.com/davidanson/markdownlint-cli2-action"}],"path":null,"ecosystem":"actions"},"body":"Bumps [DavidAnson/markdownlint-cli2-action](https://github.com/davidanson/markdownlint-cli2-action) from 22.0.0 to 23.2.0.\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/ded1f9488f68a970bc66ea5619e13e9b52e601cd\"\u003e\u003ccode\u003eded1f94\u003c/code\u003e\u003c/a\u003e Update to version 23.2.0.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/dc5dad9f8ba073d9c126e0d851df92a6d37edf73\"\u003e\u003ccode\u003edc5dad9\u003c/code\u003e\u003c/a\u003e Add 10-day cooldown period to Dependabot updates.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/64b1c6ae183a8eb20a1aa3953e30a9dd4d432402\"\u003e\u003ccode\u003e64b1c6a\u003c/code\u003e\u003c/a\u003e Add package-lock.json for reproducible builds (fixes \u003ca href=\"https://redirect.github.com/davidanson/markdownlint-cli2-action/issues/362\"\u003e#362\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/6c62e06b9a7e92ae00b281d5c6794123911021af\"\u003e\u003ccode\u003e6c62e06\u003c/code\u003e\u003c/a\u003e Bump eslint-plugin-n from 17.24.0 to 18.0.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/9b5720cdbb216ebfd0f8ebfcd1b213c83ed1b206\"\u003e\u003ccode\u003e9b5720c\u003c/code\u003e\u003c/a\u003e Bump eslint from 10.2.1 to 10.3.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/6b51ade7a9e4a75a7ad929842dd298a3804ebe8b\"\u003e\u003ccode\u003e6b51ade\u003c/code\u003e\u003c/a\u003e Update to version 23.1.0.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/ea6e0dad81a67897db7632a0a41b3a0e7cc03ca3\"\u003e\u003ccode\u003eea6e0da\u003c/code\u003e\u003c/a\u003e Freshen generated index.js file.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/3c4c2c842cd43c2afe7cb5f2ecfe9e1623fa8d14\"\u003e\u003ccode\u003e3c4c2c8\u003c/code\u003e\u003c/a\u003e Bump markdownlint-cli2 from 0.22.0 to 0.22.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/3a933d45e20b54b80131d0335d61186e63e552bd\"\u003e\u003ccode\u003e3a933d4\u003c/code\u003e\u003c/a\u003e Bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/648042e2afed596b673a8b3f8fc8fbfb48b41f43\"\u003e\u003ccode\u003e648042e\u003c/code\u003e\u003c/a\u003e Freshen generated index.js file.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/davidanson/markdownlint-cli2-action/compare/07035fd053f7be764496c0f8d8f9f41f98305101...ded1f9488f68a970bc66ea5619e13e9b52e601cd\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=DavidAnson/markdownlint-cli2-action\u0026package-manager=github_actions\u0026previous-version=22.0.0\u0026new-version=23.2.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/gruntwork-io/terragrunt/pull/6155","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/gruntwork-io%2Fterragrunt/issues/6155","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/6155/packages"}},{"old_version":"18.0.0","new_version":"23.2.0","update_type":"major","path":null,"pr_created_at":"2026-05-18T09:21:18.000Z","version_change":"18.0.0 → 23.2.0","issue":{"uuid":"4467864471","node_id":"PR_kwDOSZCdHs7cldUP","number":40,"state":"open","title":"ci(deps): bump DavidAnson/markdownlint-cli2-action from 18.0.0 to 23.2.0","user":"dependabot[bot]","labels":[],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-18T09:21:18.000Z","updated_at":"2026-05-18T09:21:19.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"ci(deps)","packages":[{"name":"DavidAnson/markdownlint-cli2-action","old_version":"18.0.0","new_version":"23.2.0","repository_url":"https://github.com/davidanson/markdownlint-cli2-action"}],"path":null,"ecosystem":"actions"},"body":"Bumps [DavidAnson/markdownlint-cli2-action](https://github.com/davidanson/markdownlint-cli2-action) from 18.0.0 to 23.2.0.\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/ded1f9488f68a970bc66ea5619e13e9b52e601cd\"\u003e\u003ccode\u003eded1f94\u003c/code\u003e\u003c/a\u003e Update to version 23.2.0.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/dc5dad9f8ba073d9c126e0d851df92a6d37edf73\"\u003e\u003ccode\u003edc5dad9\u003c/code\u003e\u003c/a\u003e Add 10-day cooldown period to Dependabot updates.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/64b1c6ae183a8eb20a1aa3953e30a9dd4d432402\"\u003e\u003ccode\u003e64b1c6a\u003c/code\u003e\u003c/a\u003e Add package-lock.json for reproducible builds (fixes \u003ca href=\"https://redirect.github.com/davidanson/markdownlint-cli2-action/issues/362\"\u003e#362\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/6c62e06b9a7e92ae00b281d5c6794123911021af\"\u003e\u003ccode\u003e6c62e06\u003c/code\u003e\u003c/a\u003e Bump eslint-plugin-n from 17.24.0 to 18.0.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/9b5720cdbb216ebfd0f8ebfcd1b213c83ed1b206\"\u003e\u003ccode\u003e9b5720c\u003c/code\u003e\u003c/a\u003e Bump eslint from 10.2.1 to 10.3.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/6b51ade7a9e4a75a7ad929842dd298a3804ebe8b\"\u003e\u003ccode\u003e6b51ade\u003c/code\u003e\u003c/a\u003e Update to version 23.1.0.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/ea6e0dad81a67897db7632a0a41b3a0e7cc03ca3\"\u003e\u003ccode\u003eea6e0da\u003c/code\u003e\u003c/a\u003e Freshen generated index.js file.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/3c4c2c842cd43c2afe7cb5f2ecfe9e1623fa8d14\"\u003e\u003ccode\u003e3c4c2c8\u003c/code\u003e\u003c/a\u003e Bump markdownlint-cli2 from 0.22.0 to 0.22.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/3a933d45e20b54b80131d0335d61186e63e552bd\"\u003e\u003ccode\u003e3a933d4\u003c/code\u003e\u003c/a\u003e Bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/648042e2afed596b673a8b3f8fc8fbfb48b41f43\"\u003e\u003ccode\u003e648042e\u003c/code\u003e\u003c/a\u003e Freshen generated index.js file.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/davidanson/markdownlint-cli2-action/compare/eb5ca3ab411449c66620fe7f1b3c9e10547144b0...ded1f9488f68a970bc66ea5619e13e9b52e601cd\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=DavidAnson/markdownlint-cli2-action\u0026package-manager=github_actions\u0026previous-version=18.0.0\u0026new-version=23.2.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/rubennati/ai-project-standard/pull/40","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/rubennati%2Fai-project-standard/issues/40","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/40/packages"}},{"old_version":"fa0cd0f1a052f54da593c83860f2292982f5d142","new_version":"ded1f9488f68a970bc66ea5619e13e9b52e601cd","update_type":null,"path":null,"pr_created_at":"2026-05-16T09:01:47.000Z","version_change":"fa0cd0f1a052f54da593c83860f2292982f5d142 → ded1f9488f68a970bc66ea5619e13e9b52e601cd","issue":{"uuid":"4459348025","node_id":"PR_kwDOSewxwc7cLzDW","number":6,"state":"open","title":"chore(deps)(deps): bump the actions group across 1 directory with 8 updates","user":"dependabot[bot]","labels":[],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-16T09:01:47.000Z","updated_at":"2026-05-16T23:27:15.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps)(deps): bump","group_name":"actions","update_count":8,"packages":[{"name":"actions/checkout","old_version":"4","new_version":"6","repository_url":"https://github.com/actions/checkout"},{"name":"pnpm/action-setup","old_version":"d15e628ca66d93ee5f352c71671a7bc6a97af5c9","new_version":"0e279bb959325dab635dd2c09392533439d90093","repository_url":"https://github.com/pnpm/action-setup"},{"name":"actions/setup-node","old_version":"4","new_version":"6","repository_url":"https://github.com/actions/setup-node"},{"name":"github/codeql-action","old_version":"3","new_version":"4","repository_url":"https://github.com/github/codeql-action"},{"name":"actions/cache","old_version":"4","new_version":"5","repository_url":"https://github.com/actions/cache"},{"name":"actions/upload-artifact","old_version":"4","new_version":"7","repository_url":"https://github.com/actions/upload-artifact"},{"name":"DavidAnson/markdownlint-cli2-action","old_version":"fa0cd0f1a052f54da593c83860f2292982f5d142","new_version":"ded1f9488f68a970bc66ea5619e13e9b52e601cd","repository_url":"https://github.com/davidanson/markdownlint-cli2-action"},{"name":"actions/dependency-review-action","old_version":"4","new_version":"5","repository_url":"https://github.com/actions/dependency-review-action"}],"path":null,"ecosystem":"actions"},"body":"Bumps the actions group with 8 updates in the / directory:\n\n| Package | From | To |\n| --- | --- | --- |\n| [actions/checkout](https://github.com/actions/checkout) | `4` | `6` |\n| [pnpm/action-setup](https://github.com/pnpm/action-setup) | `d15e628ca66d93ee5f352c71671a7bc6a97af5c9` | `0e279bb959325dab635dd2c09392533439d90093` |\n| [actions/setup-node](https://github.com/actions/setup-node) | `4` | `6` |\n| [github/codeql-action](https://github.com/github/codeql-action) | `3` | `4` |\n| [actions/cache](https://github.com/actions/cache) | `4` | `5` |\n| [actions/upload-artifact](https://github.com/actions/upload-artifact) | `4` | `7` |\n| [DavidAnson/markdownlint-cli2-action](https://github.com/davidanson/markdownlint-cli2-action) | `fa0cd0f1a052f54da593c83860f2292982f5d142` | `ded1f9488f68a970bc66ea5619e13e9b52e601cd` |\n| [actions/dependency-review-action](https://github.com/actions/dependency-review-action) | `4` | `5` |\n\n\nUpdates `actions/checkout` from 4 to 6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/checkout/releases\"\u003eactions/checkout's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.0.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate README to include Node.js 24 support details and requirements by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2248\"\u003eactions/checkout#2248\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePersist creds to a separate file by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2286\"\u003eactions/checkout#2286\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ev6-beta by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2298\"\u003eactions/checkout#2298\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eupdate readme/changelog for v6 by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2311\"\u003eactions/checkout#2311\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/checkout/compare/v5.0.0...v6.0.0\"\u003ehttps://github.com/actions/checkout/compare/v5.0.0...v6.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6-beta\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cp\u003eUpdated persist-credentials to store the credentials under \u003ccode\u003e$RUNNER_TEMP\u003c/code\u003e instead of directly in the local git config.\u003c/p\u003e\n\u003cp\u003eThis requires a minimum Actions Runner version of \u003ca href=\"https://github.com/actions/runner/releases/tag/v2.329.0\"\u003ev2.329.0\u003c/a\u003e to access the persisted credentials for \u003ca href=\"https://docs.github.com/en/actions/tutorials/use-containerized-services/create-a-docker-container-action\"\u003eDocker container action\u003c/a\u003e scenarios.\u003c/p\u003e\n\u003ch2\u003ev5.0.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePort v6 cleanup to v5 by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2301\"\u003eactions/checkout#2301\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/checkout/compare/v5...v5.0.1\"\u003ehttps://github.com/actions/checkout/compare/v5...v5.0.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.0.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate actions checkout to use node 24 by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2226\"\u003eactions/checkout#2226\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePrepare v5.0.0 release by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2238\"\u003eactions/checkout#2238\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e⚠️ Minimum Compatible Runner Version\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003ev2.327.1\u003c/strong\u003e\u003cbr /\u003e\n\u003ca href=\"https://github.com/actions/runner/releases/tag/v2.327.1\"\u003eRelease Notes\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eMake sure your runner is updated to this version or newer to use this release.\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/checkout/compare/v4...v5.0.0\"\u003ehttps://github.com/actions/checkout/compare/v4...v5.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.3.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePort v6 cleanup to v4 by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2305\"\u003eactions/checkout#2305\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/checkout/compare/v4...v4.3.1\"\u003ehttps://github.com/actions/checkout/compare/v4...v4.3.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.3.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edocs: update README.md by \u003ca href=\"https://github.com/motss\"\u003e\u003ccode\u003e@​motss\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1971\"\u003eactions/checkout#1971\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd internal repos for checking out multiple repositories by \u003ca href=\"https://github.com/mouismail\"\u003e\u003ccode\u003e@​mouismail\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1977\"\u003eactions/checkout#1977\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDocumentation update - add recommended permissions to Readme by \u003ca href=\"https://github.com/benwells\"\u003e\u003ccode\u003e@​benwells\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2043\"\u003eactions/checkout#2043\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/checkout/blob/main/CHANGELOG.md\"\u003eactions/checkout's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003ch2\u003ev6.0.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix tag handling: preserve annotations and explicit fetch-tags by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2356\"\u003eactions/checkout#2356\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.0.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd worktree support for persist-credentials includeIf by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2327\"\u003eactions/checkout#2327\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.0.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePersist creds to a separate file by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2286\"\u003eactions/checkout#2286\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate README to include Node.js 24 support details and requirements by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2248\"\u003eactions/checkout#2248\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.0.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePort v6 cleanup to v5 by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2301\"\u003eactions/checkout#2301\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.0.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate actions checkout to use node 24 by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2226\"\u003eactions/checkout#2226\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.3.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePort v6 cleanup to v4 by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2305\"\u003eactions/checkout#2305\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.3.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edocs: update README.md by \u003ca href=\"https://github.com/motss\"\u003e\u003ccode\u003e@​motss\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1971\"\u003eactions/checkout#1971\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd internal repos for checking out multiple repositories by \u003ca href=\"https://github.com/mouismail\"\u003e\u003ccode\u003e@​mouismail\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1977\"\u003eactions/checkout#1977\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDocumentation update - add recommended permissions to Readme by \u003ca href=\"https://github.com/benwells\"\u003e\u003ccode\u003e@​benwells\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2043\"\u003eactions/checkout#2043\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdjust positioning of user email note and permissions heading by \u003ca href=\"https://github.com/joshmgross\"\u003e\u003ccode\u003e@​joshmgross\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2044\"\u003eactions/checkout#2044\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate README.md by \u003ca href=\"https://github.com/nebuk89\"\u003e\u003ccode\u003e@​nebuk89\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2194\"\u003eactions/checkout#2194\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate CODEOWNERS for actions by \u003ca href=\"https://github.com/TingluoHuang\"\u003e\u003ccode\u003e@​TingluoHuang\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2224\"\u003eactions/checkout#2224\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate package dependencies by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2236\"\u003eactions/checkout#2236\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.2.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eurl-helper.ts\u003c/code\u003e now leverages well-known environment variables by \u003ca href=\"https://github.com/jww3\"\u003e\u003ccode\u003e@​jww3\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1941\"\u003eactions/checkout#1941\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eExpand unit test coverage for \u003ccode\u003eisGhes\u003c/code\u003e by \u003ca href=\"https://github.com/jww3\"\u003e\u003ccode\u003e@​jww3\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1946\"\u003eactions/checkout#1946\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.2.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCheck out other refs/* by commit if provided, fall back to ref by \u003ca href=\"https://github.com/orhantoy\"\u003e\u003ccode\u003e@​orhantoy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1924\"\u003eactions/checkout#1924\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.2.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd Ref and Commit outputs by \u003ca href=\"https://github.com/lucacome\"\u003e\u003ccode\u003e@​lucacome\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1180\"\u003eactions/checkout#1180\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDependency updates by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e- \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1777\"\u003eactions/checkout#1777\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1872\"\u003eactions/checkout#1872\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.1.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBump the minor-npm-dependencies group across 1 directory with 4 updates by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1739\"\u003eactions/checkout#1739\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump actions/checkout from 3 to 4 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1697\"\u003eactions/checkout#1697\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCheck out other refs/* by commit by \u003ca href=\"https://github.com/orhantoy\"\u003e\u003ccode\u003e@​orhantoy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1774\"\u003eactions/checkout#1774\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePin actions/checkout's own workflows to a known, good, stable version. by \u003ca href=\"https://github.com/jww3\"\u003e\u003ccode\u003e@​jww3\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1776\"\u003eactions/checkout#1776\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.1.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCheck platform to set archive extension appropriately by \u003ca href=\"https://github.com/cory-miller\"\u003e\u003ccode\u003e@​cory-miller\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1732\"\u003eactions/checkout#1732\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/de0fac2e4500dabe0009e67214ff5f5447ce83dd\"\u003e\u003ccode\u003ede0fac2\u003c/code\u003e\u003c/a\u003e Fix tag handling: preserve annotations and explicit fetch-tags (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2356\"\u003e#2356\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/064fe7f3312418007dea2b49a19844a9ee378f49\"\u003e\u003ccode\u003e064fe7f\u003c/code\u003e\u003c/a\u003e Add orchestration_id to git user-agent when ACTIONS_ORCHESTRATION_ID is set (...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/8e8c483db84b4bee98b60c0593521ed34d9990e8\"\u003e\u003ccode\u003e8e8c483\u003c/code\u003e\u003c/a\u003e Clarify v6 README (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2328\"\u003e#2328\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/033fa0dc0b82693d8986f1016a0ec2c5e7d9cbb1\"\u003e\u003ccode\u003e033fa0d\u003c/code\u003e\u003c/a\u003e Add worktree support for persist-credentials includeIf (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2327\"\u003e#2327\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/c2d88d3ecc89a9ef08eebf45d9637801dcee7eb5\"\u003e\u003ccode\u003ec2d88d3\u003c/code\u003e\u003c/a\u003e Update all references from v5 and v4 to v6 (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2314\"\u003e#2314\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/1af3b93b6815bc44a9784bd300feb67ff0d1eeb3\"\u003e\u003ccode\u003e1af3b93\u003c/code\u003e\u003c/a\u003e update readme/changelog for v6 (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2311\"\u003e#2311\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/71cf2267d89c5cb81562390fa70a37fa40b1305e\"\u003e\u003ccode\u003e71cf226\u003c/code\u003e\u003c/a\u003e v6-beta (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2298\"\u003e#2298\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/069c6959146423d11cd0184e6accf28f9d45f06e\"\u003e\u003ccode\u003e069c695\u003c/code\u003e\u003c/a\u003e Persist creds to a separate file (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2286\"\u003e#2286\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/ff7abcd0c3c05ccf6adc123a8cd1fd4fb30fb493\"\u003e\u003ccode\u003eff7abcd\u003c/code\u003e\u003c/a\u003e Update README to include Node.js 24 support details and requirements (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2248\"\u003e#2248\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/08c6903cd8c0fde910a37f88322edcfb5dd907a8\"\u003e\u003ccode\u003e08c6903\u003c/code\u003e\u003c/a\u003e Prepare v5.0.0 release (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2238\"\u003e#2238\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/actions/checkout/compare/v4...v6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `pnpm/action-setup` from d15e628ca66d93ee5f352c71671a7bc6a97af5c9 to 0e279bb959325dab635dd2c09392533439d90093\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/pnpm/action-setup/compare/d15e628ca66d93ee5f352c71671a7bc6a97af5c9...0e279bb959325dab635dd2c09392533439d90093\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `actions/setup-node` from 4 to 6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/setup-node/releases\"\u003eactions/setup-node's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.0.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBreaking Changes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eLimit automatic caching to npm, update workflows and documentation by \u003ca href=\"https://github.com/priyagupta108\"\u003e\u003ccode\u003e@​priyagupta108\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-node/pull/1374\"\u003eactions/setup-node#1374\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDependency Upgrades\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade ts-jest from 29.1.2 to 29.4.1 and document breaking changes in v5 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/setup-node/pull/1336\"\u003e#1336\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade prettier from 2.8.8 to 3.6.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/setup-node/pull/1334\"\u003e#1334\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade actions/publish-action from 0.3.0 to 0.4.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/setup-node/pull/1362\"\u003e#1362\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/setup-node/compare/v5...v6.0.0\"\u003ehttps://github.com/actions/setup-node/compare/v5...v6.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.0.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eEnhance caching in setup-node with automatic package manager detection by \u003ca href=\"https://github.com/priya-kinthali\"\u003e\u003ccode\u003e@​priya-kinthali\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-node/pull/1348\"\u003eactions/setup-node#1348\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThis update, introduces automatic caching when a valid \u003ccode\u003epackageManager\u003c/code\u003e field is present in your \u003ccode\u003epackage.json\u003c/code\u003e. This aims to improve workflow performance and make dependency management more seamless.\nTo disable this automatic caching, set \u003ccode\u003epackage-manager-cache: false\u003c/code\u003e\u003c/p\u003e\n\u003cpre lang=\"yaml\"\u003e\u003ccode\u003esteps:\r\n- uses: actions/checkout@v5\r\n- uses: actions/setup-node@v5\r\n  with:\r\n    package-manager-cache: false\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade action to use node24 by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-node/pull/1325\"\u003eactions/setup-node#1325\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eMake sure your runner is on version v2.327.1 or later to ensure compatibility with this release. \u003ca href=\"https://github.com/actions/runner/releases/tag/v2.327.1\"\u003eSee Release Notes\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eDependency Upgrades\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade \u003ccode\u003e@​octokit/request-error\u003c/code\u003e and \u003ccode\u003e@​actions/github\u003c/code\u003e by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/setup-node/pull/1227\"\u003eactions/setup-node#1227\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade uuid from 9.0.1 to 11.1.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/setup-node/pull/1273\"\u003eactions/setup-node#1273\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade undici from 5.28.5 to 5.29.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/setup-node/pull/1295\"\u003eactions/setup-node#1295\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade form-data to bring in fix for critical vulnerability by \u003ca href=\"https://github.com/gowridurgad\"\u003e\u003ccode\u003e@​gowridurgad\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-node/pull/1332\"\u003eactions/setup-node#1332\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade actions/checkout from 4 to 5 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/setup-node/pull/1345\"\u003eactions/setup-node#1345\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/priya-kinthali\"\u003e\u003ccode\u003e@​priya-kinthali\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/setup-node/pull/1348\"\u003eactions/setup-node#1348\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/setup-node/pull/1325\"\u003eactions/setup-node#1325\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/setup-node/compare/v4...v5.0.0\"\u003ehttps://github.com/actions/setup-node/compare/v4...v5.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.4.0\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/setup-node/commit/48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e\"\u003e\u003ccode\u003e48b55a0\u003c/code\u003e\u003c/a\u003e Update Node.js versions in versions.yml and bump package to v6.4.0 (\u003ca href=\"https://redirect.github.com/actions/setup-node/issues/1533\"\u003e#1533\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/setup-node/commit/ab72c7e7eba0eaa11f8cab0f5679243900c2cac9\"\u003e\u003ccode\u003eab72c7e\u003c/code\u003e\u003c/a\u003e Upgrade \u003ca href=\"https://github.com/actions\"\u003e\u003ccode\u003e@​actions\u003c/code\u003e\u003c/a\u003e dependencies (\u003ca href=\"https://redirect.github.com/actions/setup-node/issues/1525\"\u003e#1525\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/setup-node/commit/53b83947a5a98c8d113130e565377fae1a50d02f\"\u003e\u003ccode\u003e53b8394\u003c/code\u003e\u003c/a\u003e Bump minimatch from 3.1.2 to 3.1.5 (\u003ca href=\"https://redirect.github.com/actions/setup-node/issues/1498\"\u003e#1498\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/setup-node/commit/54045abd5dcd3b0fee9ca02fa24c57545834c9cc\"\u003e\u003ccode\u003e54045ab\u003c/code\u003e\u003c/a\u003e Scope test lockfiles by package manager and update cache tests (\u003ca href=\"https://redirect.github.com/actions/setup-node/issues/1495\"\u003e#1495\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/setup-node/commit/c882bffdbd4df51ace6b940023952e8669c9932a\"\u003e\u003ccode\u003ec882bff\u003c/code\u003e\u003c/a\u003e Replace uuid with crypto.randomUUID() (\u003ca href=\"https://redirect.github.com/actions/setup-node/issues/1378\"\u003e#1378\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/setup-node/commit/774c1d62961e73038a114d59c8847023c003194d\"\u003e\u003ccode\u003e774c1d6\u003c/code\u003e\u003c/a\u003e feat(node-version-file): support parsing \u003ccode\u003edevEngines\u003c/code\u003e field (\u003ca href=\"https://redirect.github.com/actions/setup-node/issues/1283\"\u003e#1283\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/setup-node/commit/efcb663fc60e97218a2b2d6d827f7830f164739e\"\u003e\u003ccode\u003eefcb663\u003c/code\u003e\u003c/a\u003e fix: remove hardcoded bearer (\u003ca href=\"https://redirect.github.com/actions/setup-node/issues/1467\"\u003e#1467\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/setup-node/commit/d02c89dce7e1ba9ef629ce0680989b3a1cc72edb\"\u003e\u003ccode\u003ed02c89d\u003c/code\u003e\u003c/a\u003e Fix npm audit issues (\u003ca href=\"https://redirect.github.com/actions/setup-node/issues/1491\"\u003e#1491\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/setup-node/commit/6044e13b5dc448c55e2357c09f80417699197238\"\u003e\u003ccode\u003e6044e13\u003c/code\u003e\u003c/a\u003e Docs: bump actions/checkout from v5 to v6 (\u003ca href=\"https://redirect.github.com/actions/setup-node/issues/1468\"\u003e#1468\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/setup-node/commit/8e494633d082d609d1e9ff931be32f8a44f1f657\"\u003e\u003ccode\u003e8e49463\u003c/code\u003e\u003c/a\u003e Fix README typo (\u003ca href=\"https://redirect.github.com/actions/setup-node/issues/1226\"\u003e#1226\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/actions/setup-node/compare/v4...v6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github/codeql-action` from 3 to 4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/github/codeql-action/releases\"\u003egithub/codeql-action's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.35.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eWe have improved how the JavaScript bundles for the CodeQL Action are generated to avoid duplication across bundles and reduce the size of the repository by around 70%. This should have no effect on the runtime behaviour of the CodeQL Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3899\"\u003e#3899\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFor performance and accuracy reasons, \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e will now only be enabled on a pull request when diff-informed analysis is also enabled for that run. If diff-informed analysis is unavailable (for example, because the PR diff ranges could not be computed), the action will fall back to a full analysis. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3791\"\u003e#3791\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIf multiple inputs are provided for the GitHub-internal \u003ccode\u003eanalysis-kinds\u003c/code\u003e input, only \u003ccode\u003ecode-scanning\u003c/code\u003e will be enabled. The \u003ccode\u003eanalysis-kinds\u003c/code\u003e input is experimental, for GitHub-internal use only, and may change without notice at any time. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3892\"\u003e#3892\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded an experimental change which, when running a Code Scanning analysis for a PR with \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e enabled, prefers CodeQL CLI versions that have a cached overlay-base database for the configured languages. This speeds up analysis for a repository when there is not yet a cached overlay-base database for the latest CLI version. We expect to roll this change out to everyone in May. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3880\"\u003e#3880\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.35.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.4\"\u003e2.25.4\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3881\"\u003e#3881\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.35.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cem\u003eUpcoming breaking change\u003c/em\u003e: Add a deprecation warning for customers using CodeQL version 2.19.3 and earlier. These versions of CodeQL were discontinued on 9 April 2026 alongside GitHub Enterprise Server 3.15, and will be unsupported by the next minor release of the CodeQL Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3837\"\u003e#3837\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eConfigurations for private registries that use Cloudsmith or GCP OIDC are now accepted. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3850\"\u003e#3850\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBest-effort connection tests for private registries now use \u003ccode\u003eGET\u003c/code\u003e requests instead of \u003ccode\u003eHEAD\u003c/code\u003e for better compatibility with various registry implementations. For NuGet feeds, the test is now always performed against the service index. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3853\"\u003e#3853\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed a bug where two diagnostics produced within the same millisecond could overwrite each other on disk, causing one of them to be lost. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3852\"\u003e#3852\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.3\"\u003e2.25.3\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3865\"\u003e#3865\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.35.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eThe undocumented TRAP cache cleanup feature that could be enabled using the \u003ccode\u003eCODEQL_ACTION_CLEANUP_TRAP_CACHES\u003c/code\u003e environment variable is deprecated and will be removed in May 2026. If you are affected by this, we recommend disabling TRAP caching by passing the \u003ccode\u003etrap-caching: false\u003c/code\u003e input to the \u003ccode\u003einit\u003c/code\u003e Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3795\"\u003e#3795\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe Git version 2.36.0 requirement for improved incremental analysis now only applies to repositories that contain submodules. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3789\"\u003e#3789\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePython analysis on GHES no longer extracts the standard library, relying instead on models of the standard library. This should result in significantly faster extraction and analysis times, while the effect on alerts should be minimal. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3794\"\u003e#3794\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed a bug in the validation of OIDC configurations for private registries that was added in CodeQL Action 4.33.0 / 3.33.0. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3807\"\u003e#3807\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.2\"\u003e2.25.2\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3823\"\u003e#3823\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.35.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix incorrect minimum required Git version for \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e: it should have been 2.36.0, not 2.11.0. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3781\"\u003e#3781\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.35.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReduced the minimum Git version required for \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e from 2.38.0 to 2.11.0. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3767\"\u003e#3767\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.1\"\u003e2.25.1\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3773\"\u003e#3773\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.34.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDowngrade default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.3\"\u003e2.24.3\u003c/a\u003e due to issues with a small percentage of Actions and JavaScript analyses. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3762\"\u003e#3762\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.34.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded an experimental change which disables TRAP caching when \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e is enabled, since improved incremental analysis supersedes TRAP caching. This will improve performance and reduce Actions cache usage. We expect to roll this change out to everyone in March. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3569\"\u003e#3569\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eWe are rolling out improved incremental analysis to C/C++ analyses that use build mode \u003ccode\u003enone\u003c/code\u003e. We expect this rollout to be complete by the end of April 2026. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3584\"\u003e#3584\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.0\"\u003e2.25.0\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3585\"\u003e#3585\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev3.33.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpcoming change: Starting April 2026, the CodeQL Action will skip collecting file coverage information on pull requests to improve analysis performance. File coverage information will still be computed on non-PR analyses. Pull request analyses will log a warning about this upcoming change. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3562\"\u003e#3562\u003c/a\u003e\nTo opt out of this change:\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eRepositories owned by an organization:\u003c/strong\u003e Create a custom repository property with the name \u003ccode\u003egithub-codeql-file-coverage-on-prs\u003c/code\u003e and the type \u0026quot;True/false\u0026quot;, then set this property to \u003ccode\u003etrue\u003c/code\u003e in the repository's settings. For more information, see \u003ca href=\"https://docs.github.com/en/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization\"\u003eManaging custom properties for repositories in your organization\u003c/a\u003e. Alternatively, if you are using an advanced setup workflow, you can set the \u003ccode\u003eCODEQL_ACTION_FILE_COVERAGE_ON_PRS\u003c/code\u003e environment variable to \u003ccode\u003etrue\u003c/code\u003e in your workflow.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUser-owned repositories using default setup:\u003c/strong\u003e Switch to an advanced setup workflow and set the \u003ccode\u003eCODEQL_ACTION_FILE_COVERAGE_ON_PRS\u003c/code\u003e environment variable to \u003ccode\u003etrue\u003c/code\u003e in your workflow.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUser-owned repositories using advanced setup:\u003c/strong\u003e Set the \u003ccode\u003eCODEQL_ACTION_FILE_COVERAGE_ON_PRS\u003c/code\u003e environment variable to \u003ccode\u003etrue\u003c/code\u003e in your workflow.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003eFixed \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3555\"\u003ea bug\u003c/a\u003e which caused the CodeQL Action to fail loading repository properties if a \u0026quot;Multi select\u0026quot; repository property was configured for the repository. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3557\"\u003e#3557\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe CodeQL Action now loads \u003ca href=\"https://docs.github.com/en/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization\"\u003ecustom repository properties\u003c/a\u003e on GitHub Enterprise Server, enabling the customization of features such as \u003ccode\u003egithub-codeql-disable-overlay\u003c/code\u003e that was previously only available on GitHub.com. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3559\"\u003e#3559\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eOnce \u003ca href=\"https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries\"\u003eprivate package registries\u003c/a\u003e can be configured with OIDC-based authentication for organizations, the CodeQL Action will now be able to accept such configurations. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3563\"\u003e#3563\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed the retry mechanism for database uploads. Previously this would fail with the error \u0026quot;Response body object should not be disturbed or locked\u0026quot;. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3564\"\u003e#3564\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eA warning is now emitted if the CodeQL Action detects a repository property whose name suggests that it relates to the CodeQL Action, but which is not one of the properties recognised by the current version of the CodeQL Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3570\"\u003e#3570\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/github/codeql-action/blob/main/CHANGELOG.md\"\u003egithub/codeql-action's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e4.32.3 - 13 Feb 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded experimental support for testing connections to \u003ca href=\"https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries\"\u003eprivate package registries\u003c/a\u003e. This feature is not currently enabled for any analysis. In the future, it may be enabled by default for Default Setup. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3466\"\u003e#3466\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.32.2 - 05 Feb 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.1\"\u003e2.24.1\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3460\"\u003e#3460\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.32.1 - 02 Feb 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eA warning is now shown in Default Setup workflow logs if a \u003ca href=\"https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries\"\u003eprivate package registry is configured\u003c/a\u003e using a GitHub Personal Access Token (PAT), but no username is configured. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3422\"\u003e#3422\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed a bug which caused the CodeQL Action to fail when repository properties cannot successfully be retrieved. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3421\"\u003e#3421\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.32.0 - 26 Jan 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.0\"\u003e2.24.0\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3425\"\u003e#3425\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.31.11 - 23 Jan 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eWhen running a Default Setup workflow with \u003ca href=\"https://docs.github.com/en/actions/how-tos/monitor-workflows/enable-debug-logging\"\u003eActions debugging enabled\u003c/a\u003e, the CodeQL Action will now use more unique names when uploading logs from the Dependabot authentication proxy as workflow artifacts. This ensures that the artifact names do not clash between multiple jobs in a build matrix. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3409\"\u003e#3409\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eImproved error handling throughout the CodeQL Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3415\"\u003e#3415\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded experimental support for automatically excluding \u003ca href=\"https://docs.github.com/en/repositories/working-with-files/managing-files/customizing-how-changed-files-appear-on-github\"\u003egenerated files\u003c/a\u003e from the analysis. This feature is not currently enabled for any analysis. In the future, it may be enabled by default for some GitHub-managed analyses. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3318\"\u003e#3318\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe changelog extracts that are included with releases of the CodeQL Action are now shorter to avoid duplicated information from appearing in Dependabot PRs. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3403\"\u003e#3403\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.31.10 - 12 Jan 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to 2.23.9. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3393\"\u003e#3393\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.31.9 - 16 Dec 2025\u003c/h2\u003e\n\u003cp\u003eNo user facing changes.\u003c/p\u003e\n\u003ch2\u003e4.31.8 - 11 Dec 2025\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to 2.23.8. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3354\"\u003e#3354\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.31.7 - 05 Dec 2025\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to 2.23.7. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3343\"\u003e#3343\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.31.6 - 01 Dec 2025\u003c/h2\u003e\n\u003cp\u003eNo user facing changes.\u003c/p\u003e\n\u003ch2\u003e4.31.5 - 24 Nov 2025\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to 2.23.6. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3321\"\u003e#3321\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.31.4 - 18 Nov 2025\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/4041a11865997c316ce6a07449512369a0e809be\"\u003e\u003ccode\u003e4041a11\u003c/code\u003e\u003c/a\u003e Bump the npm-minor group across 1 directory with 3 updates\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/2a6fe1608c7d5b1e0cb3d8e19d51c4ff1ca47a0d\"\u003e\u003ccode\u003e2a6fe16\u003c/code\u003e\u003c/a\u003e Bump actions/create-github-app-token\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/3d6ea97f262502cf014e0c1a0e525230c8f6ead6\"\u003e\u003ccode\u003e3d6ea97\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3891\"\u003e#3891\u003c/a\u003e from github/navntoft/dep/remove-brace-expansion-over...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/7d25a3e59006641f5f41cc0630404bcbce51230b\"\u003e\u003ccode\u003e7d25a3e\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3892\"\u003e#3892\u003c/a\u003e from github/mbg/analysis-kinds/warn-on-multiple\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/4dc72761a61590d9ee9c33ec107d040a1069f7af\"\u003e\u003ccode\u003e4dc7276\u003c/code\u003e\u003c/a\u003e Merge remote-tracking branch 'origin/main' into mbg/analysis-kinds/warn-on-mu...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/c559992c9e1f26532debd2f8e64b7b5d6ebfc0ec\"\u003e\u003ccode\u003ec559992\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3880\"\u003e#3880\u003c/a\u003e from github/henrymercer/overlay-match-codeql-version\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/8d217609b05d7a35904ca7475a82f7bbb1a2b64d\"\u003e\u003ccode\u003e8d21760\u003c/code\u003e\u003c/a\u003e Nit: Tweak JSDoc for \u003ccode\u003egetRawLanguagesNoAutodetect\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/github/codeql-action/compare/v3...v4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `actions/cache` from 4 to 5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/cache/releases\"\u003eactions/cache's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev5.0.0\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!IMPORTANT]\n\u003cstrong\u003e\u003ccode\u003eactions/cache@v5\u003c/code\u003e runs on the Node.js 24 runtime and requires a minimum Actions Runner version of \u003ccode\u003e2.327.1\u003c/code\u003e.\u003c/strong\u003e\u003c/p\u003e\n\u003cp\u003eIf you are using self-hosted runners, ensure they are updated before upgrading.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003chr /\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade to use node24 by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/cache/pull/1630\"\u003eactions/cache#1630\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePrepare v5.0.0 release by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/cache/pull/1684\"\u003eactions/cache#1684\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/cache/compare/v4.3.0...v5.0.0\"\u003ehttps://github.com/actions/cache/compare/v4.3.0...v5.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.3.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd note on runner versions by \u003ca href=\"https://github.com/GhadimiR\"\u003e\u003ccode\u003e@​GhadimiR\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/cache/pull/1642\"\u003eactions/cache#1642\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePrepare \u003ccode\u003ev4.3.0\u003c/code\u003e release by \u003ca href=\"https://github.com/Link\"\u003e\u003ccode\u003e@​Link\u003c/code\u003e\u003c/a\u003e- in \u003ca href=\"https://redirect.github.com/actions/cache/pull/1655\"\u003eactions/cache#1655\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/GhadimiR\"\u003e\u003ccode\u003e@​GhadimiR\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/cache/pull/1642\"\u003eactions/cache#1642\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/cache/compare/v4...v4.3.0\"\u003ehttps://github.com/actions/cache/compare/v4...v4.3.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.2.4\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate README.md by \u003ca href=\"https://github.com/nebuk89\"\u003e\u003ccode\u003e@​nebuk89\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/cache/pull/1620\"\u003eactions/cache#1620\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade \u003ccode\u003e@actions/cache\u003c/code\u003e to \u003ccode\u003e4.0.5\u003c/code\u003e and move \u003ccode\u003e@protobuf-ts/plugin\u003c/code\u003e to dev depdencies by \u003ca href=\"https://github.com/Link\"\u003e\u003ccode\u003e@​Link\u003c/code\u003e\u003c/a\u003e- in \u003ca href=\"https://redirect.github.com/actions/cache/pull/1634\"\u003eactions/cache#1634\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePrepare release \u003ccode\u003e4.2.4\u003c/code\u003e by \u003ca href=\"https://github.com/Link\"\u003e\u003ccode\u003e@​Link\u003c/code\u003e\u003c/a\u003e- in \u003ca href=\"https://redirect.github.com/actions/cache/pull/1636\"\u003eactions/cache#1636\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/nebuk89\"\u003e\u003ccode\u003e@​nebuk89\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/cache/pull/1620\"\u003eactions/cache#1620\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/cache/compare/v4...v4.2.4\"\u003ehttps://github.com/actions/cache/compare/v4...v4.2.4\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.2.3\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate to use \u003ccode\u003e@​actions/cache\u003c/code\u003e 4.0.3 package \u0026amp; prepare for new release by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/cache/pull/1577\"\u003eactions/cache#1577\u003c/a\u003e (SAS tokens for cache entries are now masked in debug logs)\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/cache/pull/1577\"\u003eactions/cache#1577\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/cache/compare/v4.2.2...v4.2.3\"\u003ehttps://github.com/actions/cache/compare/v4.2.2...v4.2.3\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/cache/blob/main/RELEASES.md\"\u003eactions/cache's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eReleases\u003c/h1\u003e\n\u003ch2\u003eHow to prepare a release\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!NOTE]\u003cbr /\u003e\nRelevant for maintainers with write access only.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003col\u003e\n\u003cli\u003eSwitch to a new branch from \u003ccode\u003emain\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eRun \u003ccode\u003enpm test\u003c/code\u003e to ensure all tests are passing.\u003c/li\u003e\n\u003cli\u003eUpdate the version in \u003ca href=\"https://github.com/actions/cache/blob/main/package.json\"\u003e\u003ccode\u003ehttps://github.com/actions/cache/blob/main/package.json\u003c/code\u003e\u003c/a\u003e.\u003c/li\u003e\n\u003cli\u003eRun \u003ccode\u003enpm run build\u003c/code\u003e to update the compiled files.\u003c/li\u003e\n\u003cli\u003eUpdate this \u003ca href=\"https://github.com/actions/cache/blob/main/RELEASES.md\"\u003e\u003ccode\u003ehttps://github.com/actions/cache/blob/main/RELEASES.md\u003c/code\u003e\u003c/a\u003e with the new version and changes in the \u003ccode\u003e## Changelog\u003c/code\u003e section.\u003c/li\u003e\n\u003cli\u003eRun \u003ccode\u003elicensed cache\u003c/code\u003e to update the license report.\u003c/li\u003e\n\u003cli\u003eRun \u003ccode\u003elicensed status\u003c/code\u003e and resolve any warnings by updating the \u003ca href=\"https://github.com/actions/cache/blob/main/.licensed.yml\"\u003e\u003ccode\u003ehttps://github.com/actions/cache/blob/main/.licensed.yml\u003c/code\u003e\u003c/a\u003e file with the exceptions.\u003c/li\u003e\n\u003cli\u003eCommit your changes and push your branch upstream.\u003c/li\u003e\n\u003cli\u003eOpen a pull request against \u003ccode\u003emain\u003c/code\u003e and get it reviewed and merged.\u003c/li\u003e\n\u003cli\u003eDraft a new release \u003ca href=\"https://github.com/actions/cache/releases\"\u003ehttps://github.com/actions/cache/releases\u003c/a\u003e use the same version number used in \u003ccode\u003epackage.json\u003c/code\u003e\n\u003col\u003e\n\u003cli\u003eCreate a new tag with the version number.\u003c/li\u003e\n\u003cli\u003eAuto generate release notes and update them to match the changes you made in \u003ccode\u003eRELEASES.md\u003c/code\u003e.\u003c/li\u003e\n\u003cli\u003eToggle the set as the latest release option.\u003c/li\u003e\n\u003cli\u003ePublish the release.\u003c/li\u003e\n\u003c/ol\u003e\n\u003c/li\u003e\n\u003cli\u003eNavigate to \u003ca href=\"https://github.com/actions/cache/actions/workflows/release-new-action-version.yml\"\u003ehttps://github.com/actions/cache/actions/workflows/release-new-action-version.yml\u003c/a\u003e\n\u003col\u003e\n\u003cli\u003eThere should be a workflow run queued with the same version number.\u003c/li\u003e\n\u003cli\u003eApprove the run to publish the new version and update the major tags for this action.\u003c/li\u003e\n\u003c/ol\u003e\n\u003c/li\u003e\n\u003c/ol\u003e\n\u003ch2\u003eChangelog\u003c/h2\u003e\n\u003ch3\u003e5.0.4\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBump \u003ccode\u003eminimatch\u003c/code\u003e to v3.1.5 (fixes ReDoS via globstar patterns)\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003eundici\u003c/code\u003e to v6.24.1 (WebSocket decompression bomb protection, header validation fixes)\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003efast-xml-parser\u003c/code\u003e to v5.5.6\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e5.0.3\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBump \u003ccode\u003e@actions/cache\u003c/code\u003e to v5.0.5 (Resolves: \u003ca href=\"https://github.com/actions/cache/security/dependabot/33\"\u003ehttps://github.com/actions/cache/security/dependabot/33\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@actions/core\u003c/code\u003e to v2.0.3\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e5.0.2\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eBump \u003ccode\u003e@actions/cache\u003c/code\u003e to v5.0.3 \u003ca href=\"https://redirect.github.com/actions/cache/pull/1692\"\u003e#1692\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e5.0.1\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate \u003ccode\u003e@azure/storage-blob\u003c/code\u003e to \u003ccode\u003e^12.29.1\u003c/code\u003e via \u003ccode\u003e@actions/cache@5.0.1\u003c/code\u003e \u003ca href=\"https://redirect.github.com/actions/cache/pull/1685\"\u003e#1685\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003e5.0.0\u003c/h3\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!IMPORTANT]\n\u003ccode\u003eactions/cache@v5\u003c/code\u003e runs on the Node.js 24 runtime and requires a minimum Actions Runner version of \u003ccode\u003e2.327.1\u003c/code\u003e.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/cache/commit/27d5ce7f107fe9357f9df03efb73ab90386fccae\"\u003e\u003ccode\u003e27d5ce7\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/cache/issues/1747\"\u003e#1747\u003c/a\u003e from actions/yacaovsnc/update-dependency\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/cache/commit/f280785d7b6e1884c7d12b9136eb0f4a1574fcfd\"\u003e\u003ccode\u003ef280785\u003c/code\u003e\u003c/a\u003e licensed changes\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/cache/commit/619aeb1606e195be0b36fd0ff68dcf1aff6b65a7\"\u003e\u003ccode\u003e619aeb1\u003c/code\u003e\u003c/a\u003e npm run build generated dist files\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/cache/commit/bcf16c2893940a4899761e55c7ac3c1cf88a04f6\"\u003e\u003ccode\u003ebcf16c2\u003c/code\u003e\u003c/a\u003e Update ts-http-runtime to 0.3.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/cache/commit/668228422ae6a00e4ad889ee87cd7109ec5666a7\"\u003e\u003ccode\u003e6682284\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/cache/issues/1738\"\u003e#1738\u003c/a\u003e from actions/prepare-v5.0.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/cache/commit/e34039626f957d3e3e50843d15c1b20547fc90e2\"\u003e\u003ccode\u003ee340396\u003c/code\u003e\u003c/a\u003e Update RELEASES\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/cache/commit/8a671105293e81530f1af99863cdf94550aba1a6\"\u003e\u003ccode\u003e8a67110\u003c/code\u003e\u003c/a\u003e Add licenses\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/cache/commit/1865903e1b0cb750dda9bc5c58be03424cc62830\"\u003e\u003ccode\u003e1865903\u003c/code\u003e\u003c/a\u003e Update dependencies \u0026amp; patch security vulnerabilities\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/cache/commit/565629816435f6c0b50676926c9b05c254113c0c\"\u003e\u003ccode\u003e5656298\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/cache/issues/1722\"\u003e#1722\u003c/a\u003e from RyPeck/patch-1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/cache/commit/4e380d19e192ace8e86f23f32ca6fdec98a673c6\"\u003e\u003ccode\u003e4e380d1\u003c/code\u003e\u003c/a\u003e Fix cache key in examples.md for bun.lock\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/actions/cache/compare/v4...v5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `actions/upload-artifact` from 4 to 7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/upload-artifact/releases\"\u003eactions/upload-artifact's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.0.0\u003c/h2\u003e\n\u003ch2\u003ev7 What's new\u003c/h2\u003e\n\u003ch3\u003eDirect Uploads\u003c/h3\u003e\n\u003cp\u003eAdds support for uploading single files directly (unzipped). Callers can set the new \u003ccode\u003earchive\u003c/code\u003e parameter to \u003ccode\u003efalse\u003c/code\u003e to skip zipping the file during upload. Right now, we only support single files. The action will fail if the glob passed resolves to multiple files. The \u003ccode\u003ename\u003c/code\u003e parameter is also ignored with this setting. Instead, the name of the artifact will be the name of the uploaded file.\u003c/p\u003e\n\u003ch3\u003eESM\u003c/h3\u003e\n\u003cp\u003eTo support new versions of the \u003ccode\u003e@actions/*\u003c/code\u003e packages, we've upgraded the package to ESM.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd proxy integration test by \u003ca href=\"https://github.com/Link\"\u003e\u003ccode\u003e@​Link\u003c/code\u003e\u003c/a\u003e- in \u003ca href=\"https://redirect.github.com/actions/upload-artifact/pull/754\"\u003eactions/upload-artifact#754\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade the module to ESM and bump dependencies by \u003ca href=\"https://github.com/danwkennedy\"\u003e\u003ccode\u003e@​danwkennedy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/upload-artifact/pull/762\"\u003eactions/upload-artifact#762\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSupport direct file uploads by \u003ca href=\"https://github.com/danwkennedy\"\u003e\u003ccode\u003e@​danwkennedy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/upload-artifact/pull/764\"\u003eactions/upload-artifact#764\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Link\"\u003e\u003ccode\u003e@​Link\u003c/code\u003e\u003c/a\u003e- made their first contribution in \u003ca href=\"https://redirect.github.com/actions/upload-artifact/pull/754\"\u003eactions/upload-artifact#754\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/upload-artifact/compare/v6...v7.0.0\"\u003ehttps://github.com/actions/upload-artifact/compare/v6...v7.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.0.0\u003c/h2\u003e\n\u003ch2\u003ev6 - What's new\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!IMPORTANT]\nactions/upload-artifact@v6 now runs on Node.js 24 (\u003ccode\u003eruns.using: node24\u003c/code\u003e) and requires a minimum Actions Runner version of 2.327.1. If you are using self-hosted runners, ensure they are updated before upgrading.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003ch3\u003eNode.js 24\u003c/h3\u003e\n\u003cp\u003eThis release updates the runtime to Node.js 24. v5 had preliminary support for Node.js 24, however this action was by default still running on Node.js 20. Now this action by default will run on Node.js 24.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpload Artifact Node 24 support by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/upload-artifact/pull/719\"\u003eactions/upload-artifact#719\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: update \u003ccode\u003e@​actions/artifact\u003c/code\u003e for Node.js 24 punycode deprecation by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/upload-artifact/pull/744\"\u003eactions/upload-artifact#744\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eprepare release v6.0.0 for Node.js 24 support by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/upload-artifact/pull/745\"\u003eactions/upload-artifact#745\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/upload-artifact/compare/v5.0.0...v6.0.0\"\u003ehttps://github.com/actions/upload-artifact/compare/v5.0.0...v6.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.0.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBREAKING CHANGE:\u003c/strong\u003e this update supports Node \u003ccode\u003ev24.x\u003c/code\u003e. This is not a breaking change per-se but we're treating it as such.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate README.md by \u003ca href=\"https://github.com/GhadimiR\"\u003e\u003ccode\u003e@​GhadimiR\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/upload-artifact/pull/681\"\u003eactions/upload-artifact#681\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate README.md by \u003ca href=\"https://github.com/nebuk89\"\u003e\u003ccode\u003e@​nebuk89\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/upload-artifact/pull/712\"\u003eactions/upload-artifact#712\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eReadme: spell out the first use of GHES by \u003ca href=\"https://github.com/danwkennedy\"\u003e\u003ccode\u003e@​danwkennedy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/upload-artifact/pull/727\"\u003eactions/upload-artifact#727\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate GHES guidance to include reference to Node 20 version by \u003ca href=\"https://github.com/patrikpolyak\"\u003e\u003ccode\u003e@​patrikpolyak\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/upload-artifact/pull/725\"\u003eactions/upload-artifact#725\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@actions/artifact\u003c/code\u003e to \u003ccode\u003ev4.0.0\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003ePrepare \u003ccode\u003ev5.0.0\u003c/code\u003e by \u003ca href=\"https://github.com/danwkennedy\"\u003e\u003ccode\u003e@​danwkennedy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/upload-artifact/pull/734\"\u003eactions/upload-artifact#734\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-artifact/commit/043fb46d1a93c77aae656e7c1c64a875d1fc6a0a\"\u003e\u003ccode\u003e043fb46\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/upload-artifact/issues/797\"\u003e#797\u003c/a\u003e from actions/yacaovsnc/update-dependency\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-artifact/commit/634250c1388765ea7ed0f053e636f1f399000b94\"\u003e\u003ccode\u003e634250c\u003c/code\u003e\u003c/a\u003e Include changes in typespec/ts-http-runtime 0.3.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-artifact/commit/e454baaac2be505c9450e11b8f3215c6fc023ce8\"\u003e\u003ccode\u003ee454baa\u003c/code\u003e\u003c/a\u003e Readme: bump all the example versions to v7 (\u003ca href=\"https://redirect.github.com/actions/upload-artifact/issues/796\"\u003e#796\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-artifact/commit/74fad66b98a6d799dc004d3353ccd0e6f6b2530e\"\u003e\u003ccode\u003e74fad66\u003c/code\u003e\u003c/a\u003e Update the readme with direct upload details (\u003ca href=\"https://redirect.github.com/actions/upload-artifact/issues/795\"\u003e#795\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-artifact/commit/bbbca2ddaa5d8feaa63e36b76fdaad77386f024f\"\u003e\u003ccode\u003ebbbca2d\u003c/code\u003e\u003c/a\u003e Support direct file uploads (\u003ca href=\"https://redirect.github.com/actions/upload-artifact/issues/764\"\u003e#764\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-artifact/commit/589182c5a4cec8920b8c1bce3e2fab1c97a02296\"\u003e\u003ccode\u003e589182c\u003c/code\u003e\u003c/a\u003e Upgrade the module to ESM and bump dependencies (\u003ca href=\"https://redirect.github.com/actions/upload-artifact/issues/762\"\u003e#762\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-artifact/commit/47309c993abb98030a35d55ef7ff34b7fa1074b5\"\u003e\u003ccode\u003e47309c9\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/upload-artifact/issues/754\"\u003e#754\u003c/a\u003e from actions/Link-/add-proxy-integration-tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-artifact/commit/02a8460834e70dab0ce194c64360c59dc1475ef0\"\u003e\u003ccode\u003e02a8460\u003c/code\u003e\u003c/a\u003e Add proxy integration test\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-artifact/commit/b7c566a772e6b6bfb58ed0dc250532a479d7789f\"\u003e\u003ccode\u003eb7c566a\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/upload-artifact/issues/745\"\u003e#745\u003c/a\u003e from actions/upload-artifact-v6-release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-artifact/commit/e516bc8500aaf3d07d591fcd4ae6ab5f9c391d5b\"\u003e\u003ccode\u003ee516bc8\u003c/code\u003e\u003c/a\u003e docs: correct description of Node.js 24 support in README\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/actions/upload-artifact/compare/v4...v7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `DavidAnson/markdownlint-cli2-action` from fa0cd0f1a052f54da593c83860f2292982f5d142 to ded1f9488f68a970bc66ea5619e13e9b52e601cd\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/davidanson/markdownlint-cli2-action/compare/fa0cd0f1a052f54da593c83860f2292982f5d142...ded1f9488f68a970bc66ea5619e13e9b52e601cd\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `actions/dependency-review-action` from 4 to 5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/dependency-review-action/releases\"\u003eactions/dependency-review-action's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.0.0\u003c/h2\u003e\n\u003cp\u003eThis is a new major version of the Dependency Review Action which updates the runtime to node24. This requires a minimum Actions Runner version \u003ca href=\"https://github.com/actions/runner/releases/tag/v2.327.1\"\u003ev2.327.1\u003c/a\u003e to run.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd .github/copilot-instructions.md for Copilot coding agent by \u003ca href=\"https://github.com/ahpook\"\u003e\u003ccode\u003e@​ahpook\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1067\"\u003eactions/dependency-review-action#1067\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate Node.js runtime from 20 to 24 by \u003ca href=\"https://github.com/scottschreckengaust\"\u003e\u003ccode\u003e@​scottschreckengaust\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1084\"\u003eactions/dependency-review-action#1084\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump spdx-license-ids from 3.0.20 to 3.0.23 by \u003ca href=\"https://github.com/mongolyy\"\u003e\u003ccode\u003e@​mongolyy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1091\"\u003eactions/dependency-review-action#1091\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: bump actions/checkout from v4 to v6 in workflow examples by \u003ca href=\"https://github.com/Marukome0743\"\u003e\u003ccode\u003e@​Marukome0743\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1077\"\u003eactions/dependency-review-action#1077\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: patched version display for advisories with non-strict semver ranges (e.g. Maven beta versions) by \u003ca href=\"https://github.com/tspascoal\"\u003e\u003ccode\u003e@​tspascoal\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1076\"\u003eactions/dependency-review-action#1076\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eResolve security findings by \u003ca href=\"https://github.com/AshelyTC\"\u003e\u003ccode\u003e@​AshelyTC\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1094\"\u003eactions/dependency-review-action#1094\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ev5.0.0 release branch by \u003ca href=\"https://github.com/ahpook\"\u003e\u003ccode\u003e@​ahpook\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1098\"\u003eactions/dependency-review-action#1098\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/scottschreckengaust\"\u003e\u003ccode\u003e@​scottschreckengaust\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1084\"\u003eactions/dependency-review-action#1084\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mongolyy\"\u003e\u003ccode\u003e@​mongolyy\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1091\"\u003eactions/dependency-review-action#1091\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Marukome0743\"\u003e\u003ccode\u003e@​Marukome0743\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1077\"\u003eactions/dependency-review-action#1077\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/dependency-review-action/compare/v4.9.0...v5.0.0\"\u003ehttps://github.com/actions/dependency-review-action/compare/v4.9.0...v5.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eDependency Review Action 4.9.0\u003c/h2\u003e\n\u003cp\u003eThis feature release contains a couple of notable changes:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThere is a new configuration option \u003ccode\u003eshow_patched_versions\u003c/code\u003e which will add a column to the output, showing the fix version of each vulnerable dependency. Thanks \u003ca href=\"https://github.com/felickz\"\u003e\u003ccode\u003e@​felickz\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eRuns which do not display OpenSSF scorecards no longer fetch scorecard information; previously it was fetched regardless of whether or not it was displayed, causing unneccessary slowness. Great catch \u003ca href=\"https://github.com/jantiebot\"\u003e\u003ccode\u003e@​jantiebot\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eThere are a couple of fixes to purl parsing which should improve match accuracy for \u003ccode\u003eallow-package-dependency\u003c/code\u003e lists, including case (in)sensitivity and url-encoded namespaces Thanks \u003ca href=\"https://github.com/juxtin\"\u003e\u003ccode\u003e@​juxtin\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCompare normalized purls to account for encoding quirks by \u003ca href=\"https://github.com/juxtin\"\u003e\u003ccode\u003e@​juxtin\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1056\"\u003eactions/dependency-review-action#1056\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake purl comparisons case insensitive by \u003ca href=\"https://github.com/juxtin\"\u003e\u003ccode\u003e@​juxtin\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1057\"\u003eactions/dependency-review-action#1057\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFeat: Add \u003ccode\u003ePatched Version\u003c/code\u003e to \u003ccode\u003eVulnerabilities\u003c/code\u003e summary by \u003ca href=\"https://github.com/felickz\"\u003e\u003ccode\u003e@​felickz\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1045\"\u003eactions/dependency-review-action#1045\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: only get scorecard levels if user wants to see the OpenSSF scorecard by \u003ca href=\"https://github.com/jantiebot\"\u003e\u003ccode\u003e@​jantiebot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1060\"\u003eactions/dependency-review-action#1060\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump actions/stale from 10.1.0 to 10.2.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1058\"\u003eactions/dependency-review-action#1058\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump actions/checkout from 4 to 6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1021\"\u003eactions/dependency-review-action#1021\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdates for release 4.9.0 by \u003ca href=\"https://github.com/ahpook\"\u003e\u003ccode\u003e@​ahpook\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1064\"\u003eactions/dependency-review-action#1064\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jantiebot\"\u003e\u003ccode\u003e@​jantiebot\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1060\"\u003eactions/dependency-review-action#1060\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/dependency-review-action/compare/v4.8.3...v4.9.0\"\u003ehttps://github.com/actions/dependency-review-action/compare/v4.8.3...v4.9.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.8.3\u003c/h2\u003e\n\u003ch2\u003eDependency Review Action v4.8.3\u003c/h2\u003e\n\u003cp\u003eThis is a bugfix release that updates a number of upstream dependencies and includes a fix for the earlier feature that detected oversized summaries and upload them as artifacts, which could occasionally crash the action.\u003c/p\u003e\n\u003cp\u003eWe have also updated the release process to use a long-lived \u003ccode\u003ev4\u003c/code\u003e \u003cstrong\u003ebranch\u003c/strong\u003e for the action, instead of a force-pushed tag, which aligns better with git branching strategies; the change should be transparent to end users.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eGitHub Actions can't push to our protected main by \u003ca href=\"https://github.com/dangoor\"\u003e\u003ccode\u003e@​dangoor\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1017\"\u003eactions/dependency-review-action#1017\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump actions/stale from 9.1.0 to 10.1.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/995\"\u003eactions/dependency-review-action#995\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/a1d282b36b6f3519aa1f3fc636f609c47dddb294\"\u003e\u003ccode\u003ea1d282b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/issues/1098\"\u003e#1098\u003c/a\u003e from actions/ahpook/v5-release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/eb6c199c5a85c7387f1f0b02b3ba5c6364740695\"\u003e\u003ccode\u003eeb6c199\u003c/code\u003e\u003c/a\u003e update examples to show \u003ca href=\"https://github.com/v5\"\u003e\u003ccode\u003e@​v5\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/3943c2c5beaaaf1806eb3758273c203dabcbf89c\"\u003e\u003ccode\u003e3943c2c\u003c/code\u003e\u003c/a\u003e v5.0.0 release branch\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/454943c880b147adbfe7de0cdd3ece1c00882033\"\u003e\u003ccode\u003e454943c\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/issues/1094\"\u003e#1094\u003c/a\u003e from actions/ashelytc/security-findings\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/6d92a1228e9e9db334f02c09f84fe9217d2b4463\"\u003e\u003ccode\u003e6d92a12\u003c/code\u003e\u003c/a\u003e revert \u003ccode\u003e@​typescript-eslint/parser\u003c/code\u003e update\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/a8e5a7e93695b41abf6d1083cd220bee39a720f0\"\u003e\u003ccode\u003ea8e5a7e\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/issues/1076\"\u003e#1076\u003c/a\u003e from tspascoal/fix-version-matching-for-non-string-s...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/b6b7079031ef4ed61656c221988f1f3bcbf35101\"\u003e\u003ccode\u003eb6b7079\u003c/code\u003e\u003c/a\u003e update \u003ccode\u003e@​typescript-eslint/parser\u003c/code\u003e to 8.40.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/821a21dd691f162c4c5c2e9754a344accde9a208\"\u003e\u003ccode\u003e821a21d\u003c/code\u003e\u003c/a\u003e update more dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/05aaaae45cf4c420de012addf2a72e3435ddaa63\"\u003e\u003ccode\u003e05aaaae\u003c/code\u003e\u003c/a\u003e run npm audit fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/55d3e754501fc13c84b95637ce51f135012d41ea\"\u003e\u003ccode\u003e55d3e75\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/issues/1077\"\u003e#1077\u003c/a\u003e from Marukome0743/docs/checkout\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/actions/dependency-review-action/compare/v4...v5\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n","html_url":"https://github.com/EngineeringMoonBear/AgenticOS/pull/6","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/EngineeringMoonBear%2FAgenticOS/issues/6","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/6/packages"}},{"old_version":"23.1.0","new_version":"23.2.0","update_type":"minor","path":null,"pr_created_at":"2026-05-14T04:18:08.000Z","version_change":"23.1.0 → 23.2.0","issue":{"uuid":"4443117786","node_id":"PR_kwDOQOnaz87bYFC2","number":5404,"state":"open","title":"chore(ci)(deps): bump the github-actions group across 1 directory with 4 updates","user":"dependabot[bot]","labels":["ci-cd","dependencies","major"],"assignees":["mvillmow"],"locked":false,"comments_count":5,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-14T04:18:08.000Z","updated_at":"2026-05-14T04:24:30.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(ci)(deps): bump","group_name":"github-actions","update_count":4,"packages":[{"name":"DavidAnson/markdownlint-cli2-action","old_version":"23.1.0","new_version":"23.2.0","repository_url":"https://github.com/davidanson/markdownlint-cli2-action"},{"name":"anthropics/claude-code-action","old_version":"1.0.112","new_version":"1.0.122","repository_url":"https://github.com/anthropics/claude-code-action"},{"name":"github/codeql-action","old_version":"4.35.3","new_version":"4.35.4","repository_url":"https://github.com/github/codeql-action"},{"name":"actions/dependency-review-action","old_version":"4.9.0","new_version":"5.0.0","repository_url":"https://github.com/actions/dependency-review-action"}],"path":null,"ecosystem":"actions"},"body":"Bumps the github-actions group with 4 updates in the / directory: [DavidAnson/markdownlint-cli2-action](https://github.com/davidanson/markdownlint-cli2-action), [anthropics/claude-code-action](https://github.com/anthropics/claude-code-action), [github/codeql-action](https://github.com/github/codeql-action) and [actions/dependency-review-action](https://github.com/actions/dependency-review-action).\n\nUpdates `DavidAnson/markdownlint-cli2-action` from 23.1.0 to 23.2.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/ded1f9488f68a970bc66ea5619e13e9b52e601cd\"\u003e\u003ccode\u003eded1f94\u003c/code\u003e\u003c/a\u003e Update to version 23.2.0.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/dc5dad9f8ba073d9c126e0d851df92a6d37edf73\"\u003e\u003ccode\u003edc5dad9\u003c/code\u003e\u003c/a\u003e Add 10-day cooldown period to Dependabot updates.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/64b1c6ae183a8eb20a1aa3953e30a9dd4d432402\"\u003e\u003ccode\u003e64b1c6a\u003c/code\u003e\u003c/a\u003e Add package-lock.json for reproducible builds (fixes \u003ca href=\"https://redirect.github.com/davidanson/markdownlint-cli2-action/issues/362\"\u003e#362\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/6c62e06b9a7e92ae00b281d5c6794123911021af\"\u003e\u003ccode\u003e6c62e06\u003c/code\u003e\u003c/a\u003e Bump eslint-plugin-n from 17.24.0 to 18.0.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/9b5720cdbb216ebfd0f8ebfcd1b213c83ed1b206\"\u003e\u003ccode\u003e9b5720c\u003c/code\u003e\u003c/a\u003e Bump eslint from 10.2.1 to 10.3.0\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/davidanson/markdownlint-cli2-action/compare/6b51ade7a9e4a75a7ad929842dd298a3804ebe8b...ded1f9488f68a970bc66ea5619e13e9b52e601cd\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `anthropics/claude-code-action` from 1.0.112 to 1.0.122\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/anthropics/claude-code-action/releases\"\u003eanthropics/claude-code-action's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.0.122\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/anthropics/claude-code-action/compare/v1...v1.0.122\"\u003ehttps://github.com/anthropics/claude-code-action/compare/v1...v1.0.122\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.0.121\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/anthropics/claude-code-action/compare/v1...v1.0.121\"\u003ehttps://github.com/anthropics/claude-code-action/compare/v1...v1.0.121\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.0.120\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/anthropics/claude-code-action/compare/v1...v1.0.120\"\u003ehttps://github.com/anthropics/claude-code-action/compare/v1...v1.0.120\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.0.119\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/anthropics/claude-code-action/compare/v1...v1.0.119\"\u003ehttps://github.com/anthropics/claude-code-action/compare/v1...v1.0.119\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.0.118\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/anthropics/claude-code-action/compare/v1...v1.0.118\"\u003ehttps://github.com/anthropics/claude-code-action/compare/v1...v1.0.118\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.0.117\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/anthropics/claude-code-action/compare/v1...v1.0.117\"\u003ehttps://github.com/anthropics/claude-code-action/compare/v1...v1.0.117\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.0.116\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate HackerOne links in SECURITY.md by \u003ca href=\"https://github.com/OctavianGuzu\"\u003e\u003ccode\u003e@​OctavianGuzu\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/anthropics/claude-code-action/pull/1268\"\u003eanthropics/claude-code-action#1268\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/anthropics/claude-code-action/compare/v1...v1.0.116\"\u003ehttps://github.com/anthropics/claude-code-action/compare/v1...v1.0.116\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.0.115\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/anthropics/claude-code-action/compare/v1...v1.0.115\"\u003ehttps://github.com/anthropics/claude-code-action/compare/v1...v1.0.115\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.0.114\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/anthropics/claude-code-action/compare/v1...v1.0.114\"\u003ehttps://github.com/anthropics/claude-code-action/compare/v1...v1.0.114\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev1.0.113\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/anthropics/claude-code-action/compare/v1...v1.0.113\"\u003ehttps://github.com/anthropics/claude-code-action/compare/v1...v1.0.113\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/anthropics/claude-code-action/commit/86eb26bf0139bdd75acd15ea5f00f45ee0a284c2\"\u003e\u003ccode\u003e86eb26b\u003c/code\u003e\u003c/a\u003e chore: bump Claude Code to 2.1.141 and Agent SDK to 0.2.141\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/anthropics/claude-code-action/commit/f4fb5c6cdccc1ee7af63692f5d08d56efaa64cc8\"\u003e\u003ccode\u003ef4fb5c6\u003c/code\u003e\u003c/a\u003e chore: bump Claude Code to 2.1.140 and Agent SDK to 0.2.140\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/anthropics/claude-code-action/commit/dde2242db6af13460b916652159b6ba19a598f30\"\u003e\u003ccode\u003edde2242\u003c/code\u003e\u003c/a\u003e chore: bump Claude Code to 2.1.139 and Agent SDK to 0.2.139\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/anthropics/claude-code-action/commit/476e359e6203e73dad705c8b322e333fabbd7416\"\u003e\u003ccode\u003e476e359\u003c/code\u003e\u003c/a\u003e chore: bump Claude Code to 2.1.138 and Agent SDK to 0.2.138\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/anthropics/claude-code-action/commit/ad67978e5eb3fc76e3c86855adc19db5673fa818\"\u003e\u003ccode\u003ead67978\u003c/code\u003e\u003c/a\u003e chore: bump Claude Code to 2.1.137 and Agent SDK to 0.2.137\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/anthropics/claude-code-action/commit/034cbdb008291e7eeeac420d315fc3b45fca3781\"\u003e\u003ccode\u003e034cbdb\u003c/code\u003e\u003c/a\u003e chore: bump Claude Code to 2.1.136 and Agent SDK to 0.2.136\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/anthropics/claude-code-action/commit/939ae9c056ecf8a1a01409ddd1c4eadec5f8c77b\"\u003e\u003ccode\u003e939ae9c\u003c/code\u003e\u003c/a\u003e chore: bump Claude Code to 2.1.133 and Agent SDK to 0.2.133\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/anthropics/claude-code-action/commit/e9c374db2307762e2abf6bb188b8be47721993fc\"\u003e\u003ccode\u003ee9c374d\u003c/code\u003e\u003c/a\u003e Update HackerOne links in SECURITY.md (\u003ca href=\"https://redirect.github.com/anthropics/claude-code-action/issues/1268\"\u003e#1268\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/anthropics/claude-code-action/commit/9db782c3a17ef2bfc274cd17411bc3e0a5ba1345\"\u003e\u003ccode\u003e9db782c\u003c/code\u003e\u003c/a\u003e chore: bump Claude Code to 2.1.132 and Agent SDK to 0.2.132\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/anthropics/claude-code-action/commit/62238ddb33772a079b0a6d8665a1ff3043583067\"\u003e\u003ccode\u003e62238dd\u003c/code\u003e\u003c/a\u003e chore: bump Claude Code to 2.1.131 and Agent SDK to 0.2.131\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/anthropics/claude-code-action/compare/2cc1ac1331eac7a6a96d716dd204dd2888d0fcd2...86eb26bf0139bdd75acd15ea5f00f45ee0a284c2\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github/codeql-action` from 4.35.3 to 4.35.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/github/codeql-action/releases\"\u003egithub/codeql-action's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.35.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.4\"\u003e2.25.4\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3881\"\u003e#3881\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/github/codeql-action/blob/main/CHANGELOG.md\"\u003egithub/codeql-action's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eCodeQL Action Changelog\u003c/h1\u003e\n\u003cp\u003eSee the \u003ca href=\"https://github.com/github/codeql-action/releases\"\u003ereleases page\u003c/a\u003e for the relevant changes to the CodeQL CLI and language packs.\u003c/p\u003e\n\u003ch2\u003e[UNRELEASED]\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eIf multiple inputs are provided for the GitHub-internal \u003ccode\u003eanalysis-kinds\u003c/code\u003e input, only \u003ccode\u003ecode-scanning\u003c/code\u003e will be enabled. The \u003ccode\u003eanalysis-kinds\u003c/code\u003e input is experimental, for GitHub-internal use only, and may change without notice at any time. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3892\"\u003e#3892\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded an experimental change which, when running a Code Scanning analysis for a PR with \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e enabled, prefers CodeQL CLI versions that have a cached overlay-base database for the configured languages. This speeds up analysis for a repository when there is not yet a cached overlay-base database for the latest CLI version. We expect to roll this change out to everyone in May. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3880\"\u003e#3880\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.4 - 07 May 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.4\"\u003e2.25.4\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3881\"\u003e#3881\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.3 - 01 May 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cem\u003eUpcoming breaking change\u003c/em\u003e: Add a deprecation warning for customers using CodeQL version 2.19.3 and earlier. These versions of CodeQL were discontinued on 9 April 2026 alongside GitHub Enterprise Server 3.15, and will be unsupported by the next minor release of the CodeQL Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3837\"\u003e#3837\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eConfigurations for private registries that use Cloudsmith or GCP OIDC are now accepted. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3850\"\u003e#3850\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBest-effort connection tests for private registries now use \u003ccode\u003eGET\u003c/code\u003e requests instead of \u003ccode\u003eHEAD\u003c/code\u003e for better compatibility with various registry implementations. For NuGet feeds, the test is now always performed against the service index. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3853\"\u003e#3853\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed a bug where two diagnostics produced within the same millisecond could overwrite each other on disk, causing one of them to be lost. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3852\"\u003e#3852\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.3\"\u003e2.25.3\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3865\"\u003e#3865\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.2 - 15 Apr 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eThe undocumented TRAP cache cleanup feature that could be enabled using the \u003ccode\u003eCODEQL_ACTION_CLEANUP_TRAP_CACHES\u003c/code\u003e environment variable is deprecated and will be removed in May 2026. If you are affected by this, we recommend disabling TRAP caching by passing the \u003ccode\u003etrap-caching: false\u003c/code\u003e input to the \u003ccode\u003einit\u003c/code\u003e Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3795\"\u003e#3795\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe Git version 2.36.0 requirement for improved incremental analysis now only applies to repositories that contain submodules. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3789\"\u003e#3789\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePython analysis on GHES no longer extracts the standard library, relying instead on models of the standard library. This should result in significantly faster extraction and analysis times, while the effect on alerts should be minimal. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3794\"\u003e#3794\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed a bug in the validation of OIDC configurations for private registries that was added in CodeQL Action 4.33.0 / 3.33.0. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3807\"\u003e#3807\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.2\"\u003e2.25.2\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3823\"\u003e#3823\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.1 - 27 Mar 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix incorrect minimum required Git version for \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e: it should have been 2.36.0, not 2.11.0. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3781\"\u003e#3781\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.0 - 27 Mar 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReduced the minimum Git version required for \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e from 2.38.0 to 2.11.0. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3767\"\u003e#3767\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.1\"\u003e2.25.1\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3773\"\u003e#3773\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.34.1 - 20 Mar 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDowngrade default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.3\"\u003e2.24.3\u003c/a\u003e due to issues with a small percentage of Actions and JavaScript analyses. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3762\"\u003e#3762\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.34.0 - 20 Mar 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded an experimental change which disables TRAP caching when \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e is enabled, since improved incremental analysis supersedes TRAP caching. This will improve performance and reduce Actions cache usage. We expect to roll this change out to everyone in March. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3569\"\u003e#3569\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eWe are rolling out improved incremental analysis to C/C++ analyses that use build mode \u003ccode\u003enone\u003c/code\u003e. We expect this rollout to be complete by the end of April 2026. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3584\"\u003e#3584\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.0\"\u003e2.25.0\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3585\"\u003e#3585\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.33.0 - 16 Mar 2026\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/68bde559dea0fdcac2102bfdf6230c5f70eb485e\"\u003e\u003ccode\u003e68bde55\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3885\"\u003e#3885\u003c/a\u003e from github/update-v4.35.4-803d9e8c3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/9739ad2d182c072da0d01a6887f7f39620f71b1e\"\u003e\u003ccode\u003e9739ad2\u003c/code\u003e\u003c/a\u003e Update changelog for v4.35.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/803d9e8c3ca8b0dd2029a1da3b541a18b6bfb076\"\u003e\u003ccode\u003e803d9e8\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3883\"\u003e#3883\u003c/a\u003e from github/mbg/test/macro-wrapper\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/0fd9c7d1358a7404e46ed8165f12262f56bd1434\"\u003e\u003ccode\u003e0fd9c7d\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3882\"\u003e#3882\u003c/a\u003e from github/dependabot/github_actions/dot-github/wor...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/922d6fb888d665134eb982b150b8912dbd48e21a\"\u003e\u003ccode\u003e922d6fb\u003c/code\u003e\u003c/a\u003e Use \u003ccode\u003emakeMacro\u003c/code\u003e instead of \u003ccode\u003etest.macro\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/df77e87896689b5c736433984c5df14d86c63d56\"\u003e\u003ccode\u003edf77e87\u003c/code\u003e\u003c/a\u003e Update test macro snippet\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/6e3f985e4fc409a188c7701b68c4dec158c9ced3\"\u003e\u003ccode\u003e6e3f985\u003c/code\u003e\u003c/a\u003e Add wrapper for \u003ccode\u003etest.macro\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/e7a347dfb1bfb7a858347623fcb4f650effca6b5\"\u003e\u003ccode\u003ee7a347d\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3881\"\u003e#3881\u003c/a\u003e from github/update-bundle/codeql-bundle-v2.25.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/17eabb2500031486a71e00ecbcb72c73804a6c9f\"\u003e\u003ccode\u003e17eabb2\u003c/code\u003e\u003c/a\u003e Rebuild\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/aaef09c48db2dd7f0100363de1785963a34cd706\"\u003e\u003ccode\u003eaaef09c\u003c/code\u003e\u003c/a\u003e Bump ruby/setup-ruby\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/github/codeql-action/compare/e46ed2cbd01164d986452f91f178727624ae40d7...68bde559dea0fdcac2102bfdf6230c5f70eb485e\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `actions/dependency-review-action` from 4.9.0 to 5.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/dependency-review-action/releases\"\u003eactions/dependency-review-action's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.0.0\u003c/h2\u003e\n\u003cp\u003eThis is a new major version of the Dependency Review Action which updates the runtime to node24. This requires a minimum Actions Runner version \u003ca href=\"https://github.com/actions/runner/releases/tag/v2.327.1\"\u003ev2.327.1\u003c/a\u003e to run.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd .github/copilot-instructions.md for Copilot coding agent by \u003ca href=\"https://github.com/ahpook\"\u003e\u003ccode\u003e@​ahpook\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1067\"\u003eactions/dependency-review-action#1067\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate Node.js runtime from 20 to 24 by \u003ca href=\"https://github.com/scottschreckengaust\"\u003e\u003ccode\u003e@​scottschreckengaust\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1084\"\u003eactions/dependency-review-action#1084\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump spdx-license-ids from 3.0.20 to 3.0.23 by \u003ca href=\"https://github.com/mongolyy\"\u003e\u003ccode\u003e@​mongolyy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1091\"\u003eactions/dependency-review-action#1091\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: bump actions/checkout from v4 to v6 in workflow examples by \u003ca href=\"https://github.com/Marukome0743\"\u003e\u003ccode\u003e@​Marukome0743\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1077\"\u003eactions/dependency-review-action#1077\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: patched version display for advisories with non-strict semver ranges (e.g. Maven beta versions) by \u003ca href=\"https://github.com/tspascoal\"\u003e\u003ccode\u003e@​tspascoal\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1076\"\u003eactions/dependency-review-action#1076\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eResolve security findings by \u003ca href=\"https://github.com/AshelyTC\"\u003e\u003ccode\u003e@​AshelyTC\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1094\"\u003eactions/dependency-review-action#1094\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ev5.0.0 release branch by \u003ca href=\"https://github.com/ahpook\"\u003e\u003ccode\u003e@​ahpook\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1098\"\u003eactions/dependency-review-action#1098\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/scottschreckengaust\"\u003e\u003ccode\u003e@​scottschreckengaust\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1084\"\u003eactions/dependency-review-action#1084\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mongolyy\"\u003e\u003ccode\u003e@​mongolyy\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1091\"\u003eactions/dependency-review-action#1091\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Marukome0743\"\u003e\u003ccode\u003e@​Marukome0743\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1077\"\u003eactions/dependency-review-action#1077\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/dependency-review-action/compare/v4.9.0...v5.0.0\"\u003ehttps://github.com/actions/dependency-review-action/compare/v4.9.0...v5.0.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/a1d282b36b6f3519aa1f3fc636f609c47dddb294\"\u003e\u003ccode\u003ea1d282b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/issues/1098\"\u003e#1098\u003c/a\u003e from actions/ahpook/v5-release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/eb6c199c5a85c7387f1f0b02b3ba5c6364740695\"\u003e\u003ccode\u003eeb6c199\u003c/code\u003e\u003c/a\u003e update examples to show \u003ca href=\"https://github.com/v5\"\u003e\u003ccode\u003e@​v5\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/3943c2c5beaaaf1806eb3758273c203dabcbf89c\"\u003e\u003ccode\u003e3943c2c\u003c/code\u003e\u003c/a\u003e v5.0.0 release branch\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/454943c880b147adbfe7de0cdd3ece1c00882033\"\u003e\u003ccode\u003e454943c\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/issues/1094\"\u003e#1094\u003c/a\u003e from actions/ashelytc/security-findings\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/6d92a1228e9e9db334f02c09f84fe9217d2b4463\"\u003e\u003ccode\u003e6d92a12\u003c/code\u003e\u003c/a\u003e revert \u003ccode\u003e@​typescript-eslint/parser\u003c/code\u003e update\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/a8e5a7e93695b41abf6d1083cd220bee39a720f0\"\u003e\u003ccode\u003ea8e5a7e\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/issues/1076\"\u003e#1076\u003c/a\u003e from tspascoal/fix-version-matching-for-non-string-s...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/b6b7079031ef4ed61656c221988f1f3bcbf35101\"\u003e\u003ccode\u003eb6b7079\u003c/code\u003e\u003c/a\u003e update \u003ccode\u003e@​typescript-eslint/parser\u003c/code\u003e to 8.40.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/821a21dd691f162c4c5c2e9754a344accde9a208\"\u003e\u003ccode\u003e821a21d\u003c/code\u003e\u003c/a\u003e update more dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/05aaaae45cf4c420de012addf2a72e3435ddaa63\"\u003e\u003ccode\u003e05aaaae\u003c/code\u003e\u003c/a\u003e run npm audit fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/55d3e754501fc13c84b95637ce51f135012d41ea\"\u003e\u003ccode\u003e55d3e75\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/issues/1077\"\u003e#1077\u003c/a\u003e from Marukome0743/docs/checkout\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/actions/dependency-review-action/compare/2031cfc080254a8a887f58cffee85186f0e49e48...a1d282b36b6f3519aa1f3fc636f609c47dddb294\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\n\n\n\u003c/details\u003e","html_url":"https://github.com/HomericIntelligence/ProjectOdyssey/pull/5404","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/HomericIntelligence%2FProjectOdyssey/issues/5404","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/5404/packages"}},{"old_version":"20.0.0","new_version":"23.2.0","update_type":"major","path":null,"pr_created_at":"2026-05-13T06:09:12.000Z","version_change":"20.0.0 → 23.2.0","issue":{"uuid":"4435346193","node_id":"PR_kwDOScDj_s7a--TU","number":2,"state":"open","title":"chore(deps)(deps): bump the actions group with 16 updates","user":"dependabot[bot]","labels":["ci","security"],"assignees":[],"locked":false,"comments_count":3,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-13T06:09:12.000Z","updated_at":"2026-05-13T06:09:30.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps)(deps): bump","group_name":"actions","update_count":16,"packages":[{"name":"actions/checkout","old_version":"4.2.2","new_version":"6.0.2","repository_url":"https://github.com/actions/checkout"},{"name":"github/codeql-action","old_version":"3.27.0","new_version":"4.35.4","repository_url":"https://github.com/github/codeql-action"},{"name":"dependabot/fetch-metadata","old_version":"2.3.0","new_version":"3.1.0","repository_url":"https://github.com/dependabot/fetch-metadata"},{"name":"actions/dependency-review-action","old_version":"4.4.0","new_version":"5.0.0","repository_url":"https://github.com/actions/dependency-review-action"},{"name":"actions/labeler","old_version":"5.0.0","new_version":"6.1.0","repository_url":"https://github.com/actions/labeler"},{"name":"reviewdog/action-actionlint","old_version":"1.65.2","new_version":"1.72.0","repository_url":"https://github.com/reviewdog/action-actionlint"},{"name":"actions/setup-python","old_version":"5.3.0","new_version":"6.2.0","repository_url":"https://github.com/actions/setup-python"},{"name":"DavidAnson/markdownlint-cli2-action","old_version":"20.0.0","new_version":"23.2.0","repository_url":"https://github.com/davidanson/markdownlint-cli2-action"},{"name":"release-drafter/release-drafter","old_version":"6.0.0","new_version":"7.3.0","repository_url":"https://github.com/release-drafter/release-drafter"},{"name":"anchore/sbom-action","old_version":"0.17.6","new_version":"0.24.0","repository_url":"https://github.com/anchore/sbom-action"},{"name":"actions/upload-artifact","old_version":"4.4.3","new_version":"7.0.1","repository_url":"https://github.com/actions/upload-artifact"},{"name":"actions/download-artifact","old_version":"4.1.8","new_version":"8.0.1","repository_url":"https://github.com/actions/download-artifact"},{"name":"sigstore/cosign-installer","old_version":"3.7.0","new_version":"4.1.2","repository_url":"https://github.com/sigstore/cosign-installer"},{"name":"actions/attest-build-provenance","old_version":"1.4.3","new_version":"4.1.0","repository_url":"https://github.com/actions/attest-build-provenance"},{"name":"ossf/scorecard-action","old_version":"2.4.0","new_version":"2.4.3","repository_url":"https://github.com/ossf/scorecard-action"},{"name":"actions/stale","old_version":"9.0.0","new_version":"10.2.0","repository_url":"https://github.com/actions/stale"}],"path":null,"ecosystem":"actions"},"body":"Bumps the actions group with 16 updates:\n\n| Package | From | To |\n| --- | --- | --- |\n| [actions/checkout](https://github.com/actions/checkout) | `4.2.2` | `6.0.2` |\n| [github/codeql-action](https://github.com/github/codeql-action) | `3.27.0` | `4.35.4` |\n| [dependabot/fetch-metadata](https://github.com/dependabot/fetch-metadata) | `2.3.0` | `3.1.0` |\n| [actions/dependency-review-action](https://github.com/actions/dependency-review-action) | `4.4.0` | `5.0.0` |\n| [actions/labeler](https://github.com/actions/labeler) | `5.0.0` | `6.1.0` |\n| [reviewdog/action-actionlint](https://github.com/reviewdog/action-actionlint) | `1.65.2` | `1.72.0` |\n| [actions/setup-python](https://github.com/actions/setup-python) | `5.3.0` | `6.2.0` |\n| [DavidAnson/markdownlint-cli2-action](https://github.com/davidanson/markdownlint-cli2-action) | `20.0.0` | `23.2.0` |\n| [release-drafter/release-drafter](https://github.com/release-drafter/release-drafter) | `6.0.0` | `7.3.0` |\n| [anchore/sbom-action](https://github.com/anchore/sbom-action) | `0.17.6` | `0.24.0` |\n| [actions/upload-artifact](https://github.com/actions/upload-artifact) | `4.4.3` | `7.0.1` |\n| [actions/download-artifact](https://github.com/actions/download-artifact) | `4.1.8` | `8.0.1` |\n| [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) | `3.7.0` | `4.1.2` |\n| [actions/attest-build-provenance](https://github.com/actions/attest-build-provenance) | `1.4.3` | `4.1.0` |\n| [ossf/scorecard-action](https://github.com/ossf/scorecard-action) | `2.4.0` | `2.4.3` |\n| [actions/stale](https://github.com/actions/stale) | `9.0.0` | `10.2.0` |\n\nUpdates `actions/checkout` from 4.2.2 to 6.0.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/checkout/releases\"\u003eactions/checkout's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.0.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd orchestration_id to git user-agent when ACTIONS_ORCHESTRATION_ID is set by \u003ca href=\"https://github.com/TingluoHuang\"\u003e\u003ccode\u003e@​TingluoHuang\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2355\"\u003eactions/checkout#2355\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix tag handling: preserve annotations and explicit fetch-tags by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2356\"\u003eactions/checkout#2356\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/checkout/compare/v6.0.1...v6.0.2\"\u003ehttps://github.com/actions/checkout/compare/v6.0.1...v6.0.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.0.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate all references from v5 and v4 to v6 by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2314\"\u003eactions/checkout#2314\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd worktree support for persist-credentials includeIf by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2327\"\u003eactions/checkout#2327\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eClarify v6 README by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2328\"\u003eactions/checkout#2328\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/checkout/compare/v6...v6.0.1\"\u003ehttps://github.com/actions/checkout/compare/v6...v6.0.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.0.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate README to include Node.js 24 support details and requirements by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2248\"\u003eactions/checkout#2248\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePersist creds to a separate file by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2286\"\u003eactions/checkout#2286\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ev6-beta by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2298\"\u003eactions/checkout#2298\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eupdate readme/changelog for v6 by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2311\"\u003eactions/checkout#2311\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/checkout/compare/v5.0.0...v6.0.0\"\u003ehttps://github.com/actions/checkout/compare/v5.0.0...v6.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6-beta\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cp\u003eUpdated persist-credentials to store the credentials under \u003ccode\u003e$RUNNER_TEMP\u003c/code\u003e instead of directly in the local git config.\u003c/p\u003e\n\u003cp\u003eThis requires a minimum Actions Runner version of \u003ca href=\"https://github.com/actions/runner/releases/tag/v2.329.0\"\u003ev2.329.0\u003c/a\u003e to access the persisted credentials for \u003ca href=\"https://docs.github.com/en/actions/tutorials/use-containerized-services/create-a-docker-container-action\"\u003eDocker container action\u003c/a\u003e scenarios.\u003c/p\u003e\n\u003ch2\u003ev5.0.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePort v6 cleanup to v5 by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2301\"\u003eactions/checkout#2301\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/checkout/compare/v5...v5.0.1\"\u003ehttps://github.com/actions/checkout/compare/v5...v5.0.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.0.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate actions checkout to use node 24 by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2226\"\u003eactions/checkout#2226\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePrepare v5.0.0 release by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2238\"\u003eactions/checkout#2238\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e⚠️ Minimum Compatible Runner Version\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003ev2.327.1\u003c/strong\u003e\u003cbr /\u003e\n\u003ca href=\"https://github.com/actions/runner/releases/tag/v2.327.1\"\u003eRelease Notes\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/checkout/blob/main/CHANGELOG.md\"\u003eactions/checkout's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003ch2\u003ev6.0.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix tag handling: preserve annotations and explicit fetch-tags by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2356\"\u003eactions/checkout#2356\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.0.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd worktree support for persist-credentials includeIf by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2327\"\u003eactions/checkout#2327\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.0.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePersist creds to a separate file by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2286\"\u003eactions/checkout#2286\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate README to include Node.js 24 support details and requirements by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2248\"\u003eactions/checkout#2248\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.0.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePort v6 cleanup to v5 by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2301\"\u003eactions/checkout#2301\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.0.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate actions checkout to use node 24 by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2226\"\u003eactions/checkout#2226\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.3.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePort v6 cleanup to v4 by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2305\"\u003eactions/checkout#2305\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.3.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edocs: update README.md by \u003ca href=\"https://github.com/motss\"\u003e\u003ccode\u003e@​motss\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1971\"\u003eactions/checkout#1971\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd internal repos for checking out multiple repositories by \u003ca href=\"https://github.com/mouismail\"\u003e\u003ccode\u003e@​mouismail\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1977\"\u003eactions/checkout#1977\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDocumentation update - add recommended permissions to Readme by \u003ca href=\"https://github.com/benwells\"\u003e\u003ccode\u003e@​benwells\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2043\"\u003eactions/checkout#2043\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdjust positioning of user email note and permissions heading by \u003ca href=\"https://github.com/joshmgross\"\u003e\u003ccode\u003e@​joshmgross\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2044\"\u003eactions/checkout#2044\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate README.md by \u003ca href=\"https://github.com/nebuk89\"\u003e\u003ccode\u003e@​nebuk89\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2194\"\u003eactions/checkout#2194\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate CODEOWNERS for actions by \u003ca href=\"https://github.com/TingluoHuang\"\u003e\u003ccode\u003e@​TingluoHuang\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2224\"\u003eactions/checkout#2224\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate package dependencies by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2236\"\u003eactions/checkout#2236\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.2.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eurl-helper.ts\u003c/code\u003e now leverages well-known environment variables by \u003ca href=\"https://github.com/jww3\"\u003e\u003ccode\u003e@​jww3\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1941\"\u003eactions/checkout#1941\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eExpand unit test coverage for \u003ccode\u003eisGhes\u003c/code\u003e by \u003ca href=\"https://github.com/jww3\"\u003e\u003ccode\u003e@​jww3\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1946\"\u003eactions/checkout#1946\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.2.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCheck out other refs/* by commit if provided, fall back to ref by \u003ca href=\"https://github.com/orhantoy\"\u003e\u003ccode\u003e@​orhantoy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1924\"\u003eactions/checkout#1924\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.2.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd Ref and Commit outputs by \u003ca href=\"https://github.com/lucacome\"\u003e\u003ccode\u003e@​lucacome\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1180\"\u003eactions/checkout#1180\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDependency updates by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e- \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1777\"\u003eactions/checkout#1777\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1872\"\u003eactions/checkout#1872\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.1.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBump the minor-npm-dependencies group across 1 directory with 4 updates by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1739\"\u003eactions/checkout#1739\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump actions/checkout from 3 to 4 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1697\"\u003eactions/checkout#1697\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCheck out other refs/* by commit by \u003ca href=\"https://github.com/orhantoy\"\u003e\u003ccode\u003e@​orhantoy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1774\"\u003eactions/checkout#1774\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePin actions/checkout's own workflows to a known, good, stable version. by \u003ca href=\"https://github.com/jww3\"\u003e\u003ccode\u003e@​jww3\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1776\"\u003eactions/checkout#1776\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.1.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCheck platform to set archive extension appropriately by \u003ca href=\"https://github.com/cory-miller\"\u003e\u003ccode\u003e@​cory-miller\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1732\"\u003eactions/checkout#1732\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/de0fac2e4500dabe0009e67214ff5f5447ce83dd\"\u003e\u003ccode\u003ede0fac2\u003c/code\u003e\u003c/a\u003e Fix tag handling: preserve annotations and explicit fetch-tags (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2356\"\u003e#2356\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/064fe7f3312418007dea2b49a19844a9ee378f49\"\u003e\u003ccode\u003e064fe7f\u003c/code\u003e\u003c/a\u003e Add orchestration_id to git user-agent when ACTIONS_ORCHESTRATION_ID is set (...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/8e8c483db84b4bee98b60c0593521ed34d9990e8\"\u003e\u003ccode\u003e8e8c483\u003c/code\u003e\u003c/a\u003e Clarify v6 README (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2328\"\u003e#2328\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/033fa0dc0b82693d8986f1016a0ec2c5e7d9cbb1\"\u003e\u003ccode\u003e033fa0d\u003c/code\u003e\u003c/a\u003e Add worktree support for persist-credentials includeIf (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2327\"\u003e#2327\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/c2d88d3ecc89a9ef08eebf45d9637801dcee7eb5\"\u003e\u003ccode\u003ec2d88d3\u003c/code\u003e\u003c/a\u003e Update all references from v5 and v4 to v6 (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2314\"\u003e#2314\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/1af3b93b6815bc44a9784bd300feb67ff0d1eeb3\"\u003e\u003ccode\u003e1af3b93\u003c/code\u003e\u003c/a\u003e update readme/changelog for v6 (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2311\"\u003e#2311\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/71cf2267d89c5cb81562390fa70a37fa40b1305e\"\u003e\u003ccode\u003e71cf226\u003c/code\u003e\u003c/a\u003e v6-beta (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2298\"\u003e#2298\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/069c6959146423d11cd0184e6accf28f9d45f06e\"\u003e\u003ccode\u003e069c695\u003c/code\u003e\u003c/a\u003e Persist creds to a separate file (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2286\"\u003e#2286\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/ff7abcd0c3c05ccf6adc123a8cd1fd4fb30fb493\"\u003e\u003ccode\u003eff7abcd\u003c/code\u003e\u003c/a\u003e Update README to include Node.js 24 support details and requirements (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2248\"\u003e#2248\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/08c6903cd8c0fde910a37f88322edcfb5dd907a8\"\u003e\u003ccode\u003e08c6903\u003c/code\u003e\u003c/a\u003e Prepare v5.0.0 release (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2238\"\u003e#2238\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/actions/checkout/compare/11bd71901bbe5b1630ceea73d27597364c9af683...de0fac2e4500dabe0009e67214ff5f5447ce83dd\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github/codeql-action` from 3.27.0 to 4.35.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/github/codeql-action/releases\"\u003egithub/codeql-action's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.35.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.4\"\u003e2.25.4\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3881\"\u003e#3881\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.35.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cem\u003eUpcoming breaking change\u003c/em\u003e: Add a deprecation warning for customers using CodeQL version 2.19.3 and earlier. These versions of CodeQL were discontinued on 9 April 2026 alongside GitHub Enterprise Server 3.15, and will be unsupported by the next minor release of the CodeQL Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3837\"\u003e#3837\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eConfigurations for private registries that use Cloudsmith or GCP OIDC are now accepted. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3850\"\u003e#3850\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBest-effort connection tests for private registries now use \u003ccode\u003eGET\u003c/code\u003e requests instead of \u003ccode\u003eHEAD\u003c/code\u003e for better compatibility with various registry implementations. For NuGet feeds, the test is now always performed against the service index. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3853\"\u003e#3853\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed a bug where two diagnostics produced within the same millisecond could overwrite each other on disk, causing one of them to be lost. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3852\"\u003e#3852\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.3\"\u003e2.25.3\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3865\"\u003e#3865\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.35.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eThe undocumented TRAP cache cleanup feature that could be enabled using the \u003ccode\u003eCODEQL_ACTION_CLEANUP_TRAP_CACHES\u003c/code\u003e environment variable is deprecated and will be removed in May 2026. If you are affected by this, we recommend disabling TRAP caching by passing the \u003ccode\u003etrap-caching: false\u003c/code\u003e input to the \u003ccode\u003einit\u003c/code\u003e Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3795\"\u003e#3795\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe Git version 2.36.0 requirement for improved incremental analysis now only applies to repositories that contain submodules. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3789\"\u003e#3789\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePython analysis on GHES no longer extracts the standard library, relying instead on models of the standard library. This should result in significantly faster extraction and analysis times, while the effect on alerts should be minimal. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3794\"\u003e#3794\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed a bug in the validation of OIDC configurations for private registries that was added in CodeQL Action 4.33.0 / 3.33.0. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3807\"\u003e#3807\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.2\"\u003e2.25.2\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3823\"\u003e#3823\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.35.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix incorrect minimum required Git version for \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e: it should have been 2.36.0, not 2.11.0. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3781\"\u003e#3781\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.35.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReduced the minimum Git version required for \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e from 2.38.0 to 2.11.0. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3767\"\u003e#3767\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.1\"\u003e2.25.1\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3773\"\u003e#3773\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.34.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDowngrade default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.3\"\u003e2.24.3\u003c/a\u003e due to issues with a small percentage of Actions and JavaScript analyses. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3762\"\u003e#3762\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.34.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded an experimental change which disables TRAP caching when \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e is enabled, since improved incremental analysis supersedes TRAP caching. This will improve performance and reduce Actions cache usage. We expect to roll this change out to everyone in March. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3569\"\u003e#3569\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eWe are rolling out improved incremental analysis to C/C++ analyses that use build mode \u003ccode\u003enone\u003c/code\u003e. We expect this rollout to be complete by the end of April 2026. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3584\"\u003e#3584\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.0\"\u003e2.25.0\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3585\"\u003e#3585\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.33.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eUpcoming change: Starting April 2026, the CodeQL Action will skip collecting file coverage information on pull requests to improve analysis performance. File coverage information will still be computed on non-PR analyses. Pull request analyses will log a warning about this upcoming change. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3562\"\u003e#3562\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eTo opt out of this change:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eRepositories owned by an organization:\u003c/strong\u003e Create a custom repository property with the name \u003ccode\u003egithub-codeql-file-coverage-on-prs\u003c/code\u003e and the type \u0026quot;True/false\u0026quot;, then set this property to \u003ccode\u003etrue\u003c/code\u003e in the repository's settings. For more information, see \u003ca href=\"https://docs.github.com/en/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization\"\u003eManaging custom properties for repositories in your organization\u003c/a\u003e. Alternatively, if you are using an advanced setup workflow, you can set the \u003ccode\u003eCODEQL_ACTION_FILE_COVERAGE_ON_PRS\u003c/code\u003e environment variable to \u003ccode\u003etrue\u003c/code\u003e in your workflow.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUser-owned repositories using default setup:\u003c/strong\u003e Switch to an advanced setup workflow and set the \u003ccode\u003eCODEQL_ACTION_FILE_COVERAGE_ON_PRS\u003c/code\u003e environment variable to \u003ccode\u003etrue\u003c/code\u003e in your workflow.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUser-owned repositories using advanced setup:\u003c/strong\u003e Set the \u003ccode\u003eCODEQL_ACTION_FILE_COVERAGE_ON_PRS\u003c/code\u003e environment variable to \u003ccode\u003etrue\u003c/code\u003e in your workflow.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixed \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3555\"\u003ea bug\u003c/a\u003e which caused the CodeQL Action to fail loading repository properties if a \u0026quot;Multi select\u0026quot; repository property was configured for the repository. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3557\"\u003e#3557\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eThe CodeQL Action now loads \u003ca href=\"https://docs.github.com/en/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization\"\u003ecustom repository properties\u003c/a\u003e on GitHub Enterprise Server, enabling the customization of features such as \u003ccode\u003egithub-codeql-disable-overlay\u003c/code\u003e that was previously only available on GitHub.com. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3559\"\u003e#3559\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eOnce \u003ca href=\"https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries\"\u003eprivate package registries\u003c/a\u003e can be configured with OIDC-based authentication for organizations, the CodeQL Action will now be able to accept such configurations. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3563\"\u003e#3563\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixed the retry mechanism for database uploads. Previously this would fail with the error \u0026quot;Response body object should not be disturbed or locked\u0026quot;. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3564\"\u003e#3564\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eA warning is now emitted if the CodeQL Action detects a repository property whose name suggests that it relates to the CodeQL Action, but which is not one of the properties recognised by the current version of the CodeQL Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3570\"\u003e#3570\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.32.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.3\"\u003e2.24.3\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3548\"\u003e#3548\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.32.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRepositories owned by an organization can now set up the \u003ccode\u003egithub-codeql-disable-overlay\u003c/code\u003e custom repository property to disable \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis for CodeQL\u003c/a\u003e. First, create a custom repository property with the name \u003ccode\u003egithub-codeql-disable-overlay\u003c/code\u003e and the type \u0026quot;True/false\u0026quot; in the organization's settings. Then in the repository's settings, set this property to \u003ccode\u003etrue\u003c/code\u003e to disable improved incremental analysis. For more information, see \u003ca href=\"https://docs.github.com/en/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization\"\u003eManaging custom properties for repositories in your organization\u003c/a\u003e. This feature is not yet available on GitHub Enterprise Server. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3507\"\u003e#3507\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/github/codeql-action/blob/main/CHANGELOG.md\"\u003egithub/codeql-action's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eCodeQL Action Changelog\u003c/h1\u003e\n\u003cp\u003eSee the \u003ca href=\"https://github.com/github/codeql-action/releases\"\u003ereleases page\u003c/a\u003e for the relevant changes to the CodeQL CLI and language packs.\u003c/p\u003e\n\u003ch2\u003e[UNRELEASED]\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded an experimental change which, when running a Code Scanning analysis for a PR with \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e enabled, prefers CodeQL CLI versions that have a cached overlay-base database for the configured languages. This speeds up analysis for a repository when there is not yet a cached overlay-base database for the latest CLI version. We expect to roll this change out to everyone in May. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3880\"\u003e#3880\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.4 - 07 May 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.4\"\u003e2.25.4\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3881\"\u003e#3881\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.3 - 01 May 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cem\u003eUpcoming breaking change\u003c/em\u003e: Add a deprecation warning for customers using CodeQL version 2.19.3 and earlier. These versions of CodeQL were discontinued on 9 April 2026 alongside GitHub Enterprise Server 3.15, and will be unsupported by the next minor release of the CodeQL Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3837\"\u003e#3837\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eConfigurations for private registries that use Cloudsmith or GCP OIDC are now accepted. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3850\"\u003e#3850\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBest-effort connection tests for private registries now use \u003ccode\u003eGET\u003c/code\u003e requests instead of \u003ccode\u003eHEAD\u003c/code\u003e for better compatibility with various registry implementations. For NuGet feeds, the test is now always performed against the service index. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3853\"\u003e#3853\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed a bug where two diagnostics produced within the same millisecond could overwrite each other on disk, causing one of them to be lost. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3852\"\u003e#3852\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.3\"\u003e2.25.3\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3865\"\u003e#3865\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.2 - 15 Apr 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eThe undocumented TRAP cache cleanup feature that could be enabled using the \u003ccode\u003eCODEQL_ACTION_CLEANUP_TRAP_CACHES\u003c/code\u003e environment variable is deprecated and will be removed in May 2026. If you are affected by this, we recommend disabling TRAP caching by passing the \u003ccode\u003etrap-caching: false\u003c/code\u003e input to the \u003ccode\u003einit\u003c/code\u003e Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3795\"\u003e#3795\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe Git version 2.36.0 requirement for improved incremental analysis now only applies to repositories that contain submodules. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3789\"\u003e#3789\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePython analysis on GHES no longer extracts the standard library, relying instead on models of the standard library. This should result in significantly faster extraction and analysis times, while the effect on alerts should be minimal. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3794\"\u003e#3794\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed a bug in the validation of OIDC configurations for private registries that was added in CodeQL Action 4.33.0 / 3.33.0. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3807\"\u003e#3807\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.2\"\u003e2.25.2\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3823\"\u003e#3823\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.1 - 27 Mar 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix incorrect minimum required Git version for \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e: it should have been 2.36.0, not 2.11.0. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3781\"\u003e#3781\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.0 - 27 Mar 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReduced the minimum Git version required for \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e from 2.38.0 to 2.11.0. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3767\"\u003e#3767\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.1\"\u003e2.25.1\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3773\"\u003e#3773\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.34.1 - 20 Mar 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDowngrade default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.3\"\u003e2.24.3\u003c/a\u003e due to issues with a small percentage of Actions and JavaScript analyses. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3762\"\u003e#3762\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.34.0 - 20 Mar 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded an experimental change which disables TRAP caching when \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e is enabled, since improved incremental analysis supersedes TRAP caching. This will improve performance and reduce Actions cache usage. We expect to roll this change out to everyone in March. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3569\"\u003e#3569\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eWe are rolling out improved incremental analysis to C/C++ analyses that use build mode \u003ccode\u003enone\u003c/code\u003e. We expect this rollout to be complete by the end of April 2026. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3584\"\u003e#3584\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.0\"\u003e2.25.0\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3585\"\u003e#3585\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.33.0 - 16 Mar 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpcoming change: Starting April 2026, the CodeQL Action will skip collecting file coverage information on pull requests to improve analysis performance. File coverage information will still be computed on non-PR analyses. Pull request analyses will log a warning about this upcoming change. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3562\"\u003e#3562\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/68bde559dea0fdcac2102bfdf6230c5f70eb485e\"\u003e\u003ccode\u003e68bde55\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3885\"\u003e#3885\u003c/a\u003e from github/update-v4.35.4-803d9e8c3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/9739ad2d182c072da0d01a6887f7f39620f71b1e\"\u003e\u003ccode\u003e9739ad2\u003c/code\u003e\u003c/a\u003e Update changelog for v4.35.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/803d9e8c3ca8b0dd2029a1da3b541a18b6bfb076\"\u003e\u003ccode\u003e803d9e8\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3883\"\u003e#3883\u003c/a\u003e from github/mbg/test/macro-wrapper\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/0fd9c7d1358a7404e46ed8165f12262f56bd1434\"\u003e\u003ccode\u003e0fd9c7d\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3882\"\u003e#3882\u003c/a\u003e from github/dependabot/github_actions/dot-github/wor...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/922d6fb888d665134eb982b150b8912dbd48e21a\"\u003e\u003ccode\u003e922d6fb\u003c/code\u003e\u003c/a\u003e Use \u003ccode\u003emakeMacro\u003c/code\u003e instead of \u003ccode\u003etest.macro\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/df77e87896689b5c736433984c5df14d86c63d56\"\u003e\u003ccode\u003edf77e87\u003c/code\u003e\u003c/a\u003e Update test macro snippet\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/6e3f985e4fc409a188c7701b68c4dec158c9ced3\"\u003e\u003ccode\u003e6e3f985\u003c/code\u003e\u003c/a\u003e Add wrapper for \u003ccode\u003etest.macro\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/e7a347dfb1bfb7a858347623fcb4f650effca6b5\"\u003e\u003ccode\u003ee7a347d\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3881\"\u003e#3881\u003c/a\u003e from github/update-bundle/codeql-bundle-v2.25.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/17eabb2500031486a71e00ecbcb72c73804a6c9f\"\u003e\u003ccode\u003e17eabb2\u003c/code\u003e\u003c/a\u003e Rebuild\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/aaef09c48db2dd7f0100363de1785963a34cd706\"\u003e\u003ccode\u003eaaef09c\u003c/code\u003e\u003c/a\u003e Bump ruby/setup-ruby\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/github/codeql-action/compare/662472033e021d55d94146f66f6058822b0b39fd...68bde559dea0fdcac2102bfdf6230c5f70eb485e\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `dependabot/fetch-metadata` from 2.3.0 to 3.1.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/dependabot/fetch-metadata/releases\"\u003edependabot/fetch-metadata's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.1.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd permissions to all workflows by \u003ca href=\"https://github.com/truggeri\"\u003e\u003ccode\u003e@​truggeri\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/687\"\u003edependabot/fetch-metadata#687\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump globals from 16.0.0 to 17.4.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/690\"\u003edependabot/fetch-metadata#690\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump esbuild from 0.27.4 to 0.28.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/693\"\u003edependabot/fetch-metadata#693\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump \u003ccode\u003e@​hono/node-server\u003c/code\u003e from 1.19.10 to 1.19.13 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/694\"\u003edependabot/fetch-metadata#694\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump hono from 4.12.7 to 4.12.12 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/695\"\u003edependabot/fetch-metadata#695\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDynamically update the tracking tag in action by \u003ca href=\"https://github.com/truggeri\"\u003e\u003ccode\u003e@​truggeri\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/696\"\u003edependabot/fetch-metadata#696\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: handle duplicate dependency names in parseMetadataLinks by \u003ca href=\"https://github.com/devantler\"\u003e\u003ccode\u003e@​devantler\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/700\"\u003edependabot/fetch-metadata#700\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: remove $ anchor from updateFragment regex to handle pip directory suffixes by \u003ca href=\"https://github.com/devantler\"\u003e\u003ccode\u003e@​devantler\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/698\"\u003edependabot/fetch-metadata#698\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdates to README for permissions clarification by \u003ca href=\"https://github.com/truggeri\"\u003e\u003ccode\u003e@​truggeri\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/697\"\u003edependabot/fetch-metadata#697\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: resolve update-type null for Python, Composer, and Terraform PRs by \u003ca href=\"https://github.com/vitorsdcs\"\u003e\u003ccode\u003e@​vitorsdcs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/704\"\u003edependabot/fetch-metadata#704\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump globals from 17.4.0 to 17.5.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/703\"\u003edependabot/fetch-metadata#703\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/create-github-app-token from 3.0.0 to 3.1.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/701\"\u003edependabot/fetch-metadata#701\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump \u003ccode\u003e@​actions/github\u003c/code\u003e from 9.0.0 to 9.1.0 in the dependencies group across 1 directory by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/702\"\u003edependabot/fetch-metadata#702\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump hono from 4.12.12 to 4.12.14 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/705\"\u003edependabot/fetch-metadata#705\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ev3.1.0 by \u003ca href=\"https://github.com/fetch-metadata-action-automation\"\u003e\u003ccode\u003e@​fetch-metadata-action-automation\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/692\"\u003edependabot/fetch-metadata#692\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/devantler\"\u003e\u003ccode\u003e@​devantler\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/700\"\u003edependabot/fetch-metadata#700\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitorsdcs\"\u003e\u003ccode\u003e@​vitorsdcs\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/704\"\u003edependabot/fetch-metadata#704\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/dependabot/fetch-metadata/compare/v3...v3.1.0\"\u003ehttps://github.com/dependabot/fetch-metadata/compare/v3...v3.1.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.0.0\u003c/h2\u003e\n\u003cp\u003eThe breaking change is requiring Node.js version v24 as the Actions runtime.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat: Parse versions from metadata links by \u003ca href=\"https://github.com/ppkarwasz\"\u003e\u003ccode\u003e@​ppkarwasz\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/632\"\u003edependabot/fetch-metadata#632\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade actions core and actions github packages by \u003ca href=\"https://github.com/truggeri\"\u003e\u003ccode\u003e@​truggeri\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/649\"\u003edependabot/fetch-metadata#649\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: Add notes for using \u003ccode\u003ealert-lookup\u003c/code\u003e with App Token by \u003ca href=\"https://github.com/sue445\"\u003e\u003ccode\u003e@​sue445\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/656\"\u003edependabot/fetch-metadata#656\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat!: update Node.js version to v24 by \u003ca href=\"https://github.com/sturman\"\u003e\u003ccode\u003e@​sturman\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/671\"\u003edependabot/fetch-metadata#671\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSwitch build tooling from ncc to esbuild by \u003ca href=\"https://github.com/truggeri\"\u003e\u003ccode\u003e@​truggeri\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/676\"\u003edependabot/fetch-metadata#676\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd --legal-comments=none to esbuild build commands by \u003ca href=\"https://github.com/jeffwidman\"\u003e\u003ccode\u003e@​jeffwidman\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/679\"\u003edependabot/fetch-metadata#679\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump tsconfig target from es2022 to es2024 by \u003ca href=\"https://github.com/jeffwidman\"\u003e\u003ccode\u003e@​jeffwidman\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/680\"\u003edependabot/fetch-metadata#680\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemove vestigial outDir from tsconfig.json by \u003ca href=\"https://github.com/jeffwidman\"\u003e\u003ccode\u003e@​jeffwidman\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/681\"\u003edependabot/fetch-metadata#681\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSwitch tsconfig module resolution to bundler by \u003ca href=\"https://github.com/jeffwidman\"\u003e\u003ccode\u003e@​jeffwidman\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/682\"\u003edependabot/fetch-metadata#682\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemove skipLibCheck from tsconfig.json by \u003ca href=\"https://github.com/jeffwidman\"\u003e\u003ccode\u003e@​jeffwidman\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/683\"\u003edependabot/fetch-metadata#683\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd typecheck step to CI by \u003ca href=\"https://github.com/jeffwidman\"\u003e\u003ccode\u003e@​jeffwidman\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/685\"\u003edependabot/fetch-metadata#685\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eEnable noImplicitAny in tsconfig.json by \u003ca href=\"https://github.com/jeffwidman\"\u003e\u003ccode\u003e@​jeffwidman\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/684\"\u003edependabot/fetch-metadata#684\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade \u003ccode\u003e@​actions/core\u003c/code\u003e to ^3.0.0 by \u003ca href=\"https://github.com/truggeri\"\u003e\u003ccode\u003e@​truggeri\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/677\"\u003edependabot/fetch-metadata#677\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade \u003ccode\u003e@​actions/github\u003c/code\u003e to ^9.0.0 and \u003ccode\u003e@​octokit/request-error\u003c/code\u003e to ^7.1.0 by \u003ca href=\"https://github.com/truggeri\"\u003e\u003ccode\u003e@​truggeri\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/678\"\u003edependabot/fetch-metadata#678\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump qs from 6.14.0 to 6.14.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/651\"\u003edependabot/fetch-metadata#651\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump hono from 4.11.1 to 4.11.4 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/652\"\u003edependabot/fetch-metadata#652\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump hono from 4.11.4 to 4.11.7 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/653\"\u003edependabot/fetch-metadata#653\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump hono from 4.11.7 to 4.12.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/657\"\u003edependabot/fetch-metadata#657\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump qs from 6.14.1 to 6.14.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/655\"\u003edependabot/fetch-metadata#655\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​modelcontextprotocol/sdk\u003c/code\u003e from 1.25.1 to 1.26.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/654\"\u003edependabot/fetch-metadata#654\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​hono/node-server\u003c/code\u003e from 1.19.9 to 1.19.10 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/665\"\u003edependabot/fetch-metadata#665\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump hono from 4.12.2 to 4.12.5 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/664\"\u003edependabot/fetch-metadata#664\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dependabot/fetch-metadata/commit/25dd0e34f4fe68f24cc83900b1fe3fe149efef98\"\u003e\u003ccode\u003e25dd0e3\u003c/code\u003e\u003c/a\u003e v3.1.0 (\u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/issues/692\"\u003e#692\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dependabot/fetch-metadata/commit/e073f50d732cb48d48fb80afedb4fa61361626e9\"\u003e\u003ccode\u003ee073f50\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/issues/705\"\u003e#705\u003c/a\u003e from dependabot/dependabot/npm_and_yarn/hono-4.12.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dependabot/fetch-metadata/commit/0670e167df1fbee1b0d07121de6a182ddebdd674\"\u003e\u003ccode\u003e0670e16\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump hono from 4.12.12 to 4.12.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dependabot/fetch-metadata/commit/7a7fe10a42310e65df80af6c771e9aa5d59842d1\"\u003e\u003ccode\u003e7a7fe10\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/issues/702\"\u003e#702\u003c/a\u003e from dependabot/dependabot/npm_and_yarn/dependencies-...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dependabot/fetch-metadata/commit/5168191cea3d4daa635bff6c796b4f0faeba522d\"\u003e\u003ccode\u003e5168191\u003c/code\u003e\u003c/a\u003e Updating dist build\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dependabot/fetch-metadata/commit/23882e175b2f16bc495c89aa50940399c6a17504\"\u003e\u003ccode\u003e23882e1\u003c/code\u003e\u003c/a\u003e build(deps): bump \u003ccode\u003e@​actions/github\u003c/code\u003e in the dependencies group\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dependabot/fetch-metadata/commit/1072469591c13fda1d8dba1d1ac2e80187e247d7\"\u003e\u003ccode\u003e1072469\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/issues/701\"\u003e#701\u003c/a\u003e from dependabot/dependabot/github_actions/actions/cre...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dependabot/fetch-metadata/commit/43f8a0055c8e32587be67e097dff89a6823c9752\"\u003e\u003ccode\u003e43f8a00\u003c/code\u003e\u003c/a\u003e build(deps): bump actions/create-github-app-token from 3.0.0 to 3.1.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dependabot/fetch-metadata/commit/b4d904a50935c8ebe744da148ea8a18a43fe72e1\"\u003e\u003ccode\u003eb4d904a\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/issues/703\"\u003e#703\u003c/a\u003e from dependabot/dependabot/npm_and_yarn/globals-17.5.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dependabot/fetch-metadata/commit/c8046bb877d9989cc848797de1b944bc3e93ef82\"\u003e\u003ccode\u003ec8046bb\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump globals from 17.4.0 to 17.5.0\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/dependabot/fetch-metadata/compare/d7267f607e9d3fb96fc2fbe83e0af444713e90b7...25dd0e34f4fe68f24cc83900b1fe3fe149efef98\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `actions/dependency-review-action` from 4.4.0 to 5.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/dependency-review-action/releases\"\u003eactions/dependency-review-action's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.0.0\u003c/h2\u003e\n\u003cp\u003eThis is a new major version of the Dependency Review Action which updates the runtime to node24. This requires a minimum Actions Runner version \u003ca href=\"https://github.com/actions/runner/releases/tag/v2.327.1\"\u003ev2.327.1\u003c/a\u003e to run.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd .github/copilot-instructions.md for Copilot coding agent by \u003ca href=\"https://github.com/ahpook\"\u003e\u003ccode\u003e@​ahpook\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1067\"\u003eactions/dependency-review-action#1067\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate Node.js runtime from 20 to 24 by \u003ca href=\"https://github.com/scottschreckengaust\"\u003e\u003ccode\u003e@​scottschreckengaust\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1084\"\u003eactions/dependency-review-action#1084\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump spdx-license-ids from 3.0.20 to 3.0.23 by \u003ca href=\"https://github.com/mongolyy\"\u003e\u003ccode\u003e@​mongolyy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1091\"\u003eactions/dependency-review-action#1091\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: bump actions/checkout from v4 to v6 in workflow examples by \u003ca href=\"https://github.com/Marukome0743\"\u003e\u003ccode\u003e@​Marukome0743\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1077\"\u003eactions/dependency-review-action#1077\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: patched version display for advisories with non-strict semver ranges (e.g. Maven beta versions) by \u003ca href=\"https://github.com/tspascoal\"\u003e\u003ccode\u003e@​tspascoal\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1076\"\u003eactions/dependency-review-action#1076\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eResolve security findings by \u003ca href=\"https://github.com/AshelyTC\"\u003e\u003ccode\u003e@​AshelyTC\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1094\"\u003eactions/dependency-review-action#1094\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ev5.0.0 release branch by \u003ca href=\"https://github.com/ahpook\"\u003e\u003ccode\u003e@​ahpook\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1098\"\u003eactions/dependency-review-action#1098\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/scottschreckengaust\"\u003e\u003ccode\u003e@​scottschreckengaust\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1084\"\u003eactions/dependency-review-action#1084\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mongolyy\"\u003e\u003ccode\u003e@​mongolyy\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1091\"\u003eactions/dependency-review-action#1091\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Marukome0743\"\u003e\u003ccode\u003e@​Marukome0743\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1077\"\u003eactions/dependency-review-action#1077\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/dependency-review-action/compare/v4.9.0...v5.0.0\"\u003ehttps://github.com/actions/dependency-review-action/compare/v4.9.0...v5.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eDependency Review Action 4.9.0\u003c/h2\u003e\n\u003cp\u003eThis feature release contains a couple of notable changes:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThere is a new configuration option \u003ccode\u003eshow_patched_versions\u003c/code\u003e which will add a column to the output, showing the fix version of each vulnerable dependency. Thanks \u003ca href=\"https://github.com/felickz\"\u003e\u003ccode\u003e@​felickz\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eRuns which do not display OpenSSF scorecards no longer fetch scorecard information; previously it was fetched regardless of whether or not it was displayed, causing unneccessary slowness. Great catch \u003ca href=\"https://github.com/jantiebot\"\u003e\u003ccode\u003e@​jantiebot\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eThere are a couple of fixes to purl parsing which should improve match accuracy for \u003ccode\u003eallow-package-dependency\u003c/code\u003e lists, including case (in)sensitivity and url-encoded namespaces Thanks \u003ca href=\"https://github.com/juxtin\"\u003e\u003ccode\u003e@​juxtin\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCompare normalized purls to account for encoding quirks by \u003ca href=\"https://github.com/juxtin\"\u003e\u003ccode\u003e@​juxtin\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1056\"\u003eactions/dependency-review-action#1056\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake purl comparisons case insensitive by \u003ca href=\"https://github.com/juxtin\"\u003e\u003ccode\u003e@​juxtin\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1057\"\u003eactions/dependency-review-action#1057\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFeat: Add \u003ccode\u003ePatched Version\u003c/code\u003e to \u003ccode\u003eVulnerabilities\u003c/code\u003e summary by \u003ca href=\"https://github.com/felickz\"\u003e\u003ccode\u003e@​felickz\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1045\"\u003eactions/dependency-review-action#1045\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: only get scorecard levels if user wants to see the OpenSSF scorecard by \u003ca href=\"https://github.com/jantiebot\"\u003e\u003ccode\u003e@​jantiebot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1060\"\u003eactions/dependency-review-action#1060\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump actions/stale from 10.1.0 to 10.2.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1058\"\u003eactions/dependency-review-action#1058\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump actions/checkout from 4 to 6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1021\"\u003eactions/dependency-review-action#1021\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdates for release 4.9.0 by \u003ca href=\"https://github.com/ahpook\"\u003e\u003ccode\u003e@​ahpook\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1064\"\u003eactions/dependency-review-action#1064\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jantiebot\"\u003e\u003ccode\u003e@​jantiebot\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1060\"\u003eactions/dependency-review-action#1060\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/dependency-review-action/compare/v4.8.3...v4.9.0\"\u003ehttps://github.com/actions/dependency-review-action/compare/v4.8.3...v4.9.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.8.3\u003c/h2\u003e\n\u003ch2\u003eDependency Review Action v4.8.3\u003c/h2\u003e\n\u003cp\u003eThis is a bugfix release that updates a number of upstream dependencies and includes a fix for the earlier feature that detected oversized summaries and upload them as artifacts, which could occasionally crash the action.\u003c/p\u003e\n\u003cp\u003eWe have also updated the release process to use a long-lived \u003ccode\u003ev4\u003c/code\u003e \u003cstrong\u003ebranch\u003c/strong\u003e for the action, instead of a force-pushed tag, which aligns better with git branching strategies; the change should be transparent to end users.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eGitHub Actions can't push to our protected main by \u003ca href=\"https://github.com/dangoor\"\u003e\u003ccode\u003e@​dangoor\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1017\"\u003eactions/dependency-review-action#1017\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump actions/stale from 9.1.0 to 10.1.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/995\"\u003eactions/dependency-review-action#995\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/a1d282b36b6f3519aa1f3fc636f609c47dddb294\"\u003e\u003ccode\u003ea1d282b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/issues/1098\"\u003e#1098\u003c/a\u003e from actions/ahpook/v5-release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/eb6c199c5a85c7387f1f0b02b3ba5c6364740695\"\u003e\u003ccode\u003eeb6c199\u003c/code\u003e\u003c/a\u003e update examples to show \u003ca href=\"https://github.com/v5\"\u003e\u003ccode\u003e@​v5\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/3943c2c5beaaaf1806eb3758273c203dabcbf89c\"\u003e\u003ccode\u003e3943c2c\u003c/code\u003e\u003c/a\u003e v5.0.0 release branch\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/454943c880b147adbfe7de0cdd3ece1c00882033\"\u003e\u003ccode\u003e454943c\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/issues/1094\"\u003e#1094\u003c/a\u003e from actions/ashelytc/security-findings\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/6d92a1228e9e9db334f02c09f84fe9217d2b4463\"\u003e\u003ccode\u003e6d92a12\u003c/code\u003e\u003c/a\u003e revert \u003ccode\u003e@​typescript-eslint/parser\u003c/code\u003e update\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/a8e5a7e93695b41abf6d1083cd220bee39a720f0\"\u003e\u003ccode\u003ea8e5a7e\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/issues/1076\"\u003e#1076\u003c/a\u003e from tspascoal/fix-version-matching-for-non-string-s...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/b6b7079031ef4ed61656c221988f1f3bcbf35101\"\u003e\u003ccode\u003eb6b7079\u003c/code\u003e\u003c/a\u003e update \u003ccode\u003e@​typescript-eslint/parser\u003c/code\u003e to 8.40.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/821a21dd691f162c4c5c2e9754a344accde9a208\"\u003e\u003ccode\u003e821a21d\u003c/code\u003e\u003c/a\u003e update more dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/05aaaae45cf4c420de012addf2a72e3435ddaa63\"\u003e\u003ccode\u003e05aaaae\u003c/code\u003e\u003c/a\u003e run npm audit fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/55d3e754501fc13c84b95637ce51f135012d41ea\"\u003e\u003ccode\u003e55d3e75\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/issues/1077\"\u003e#1077\u003c/a\u003e from Marukome0743/docs/checkout\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/actions/dependency-review-action/compare/4081bf99e2866ebe428fc0477b69eb4fcda7220a...a1d282b36b6f3519aa1f3fc636f609c47dddb294\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `actions/labeler` from 5.0.0 to 6.1.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/labeler/releases\"\u003eactions/labeler's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.1.0\u003c/h2\u003e\n\u003ch2\u003eEnhancements\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd changed-files-labels-limit and max-files-changed configuration options to cap the number of labels added by \u003ca href=\"https://github.com/bluca\"\u003e\u003ccode\u003e@​bluca\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/labeler/pull/923\"\u003eactions/labeler#923\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eBug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eImprove Labeler Action documentation and permission error handling by \u003ca href=\"https://github.com/chiranjib-swain\"\u003e\u003ccode\u003e@​chiranjib-swain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/labeler/pull/897\"\u003eactions/labeler#897\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePreserve manually added labels during workflow runs and refine label synchronization logic by \u003ca href=\"https://github.com/chiranjib-swain\"\u003e\u003ccode\u003e@​chiranjib-swain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/labeler/pull/917\"\u003eactions/labeler#917\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDependency Updates\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade brace-expansion from 1.1.11 to 1.1.12 and document breaking changes in v6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/labeler/pull/877\"\u003eactions/labeler#877\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade minimatch from 10.0.1 to 10.2.3 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/labeler/pull/926\"\u003eactions/labeler#926\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade dependencies (\u003ccode\u003e@​actions/core\u003c/code\u003e, \u003ccode\u003e@​actions/github\u003c/code\u003e, js-yaml, minimatch, \u003ca href=\"https://github.com/typescript-eslint\"\u003e\u003ccode\u003e@​typescript-eslint\u003c/code\u003e\u003c/a\u003e) by \u003ca href=\"https://github.com/Copilot\"\u003e\u003ccode\u003e@​Copilot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/labeler/pull/934\"\u003eactions/labeler#934\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/chiranjib-swain\"\u003e\u003ccode\u003e@​chiranjib-swain\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/labeler/pull/897\"\u003eactions/labeler#897\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bluca\"\u003e\u003ccode\u003e@​bluca\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/labeler/pull/923\"\u003eactions/labeler#923\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Copilot\"\u003e\u003ccode\u003e@​Copilot\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/labeler/pull/934\"\u003eactions/labeler#934\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/labeler/compare/v6...v6.1.0\"\u003ehttps://github.com/actions/labeler/compare/v6...v6.1.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.0.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade publish-action from 0.2.2 to 0.4.0 by \u003ca href=\"https://github.com/aparnajyothi-y\"\u003e\u003ccode\u003e@​aparnajyothi-y\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/labeler/pull/901\"\u003eactions/labeler#901\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aparnajyothi-y\"\u003e\u003ccode\u003e@​aparnajyothi-y\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/labeler/pull/901\"\u003eactions/labeler#901\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/labeler/compare/v6.0.0...v6.0.1\"\u003ehttps://github.com/actions/labeler/compare/v6.0.0...v6.0.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.0.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd workflow file for publishing releases to immutable action package by \u003ca href=\"https://github.com/jcambass\"\u003e\u003ccode\u003e@​jcambass\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/labeler/pull/802\"\u003eactions/labeler#802\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade Node.js version to 24 in action and dependencies \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/labeler/pull/891\"\u003eactions/labeler#891\u003c/a\u003e\nMake sure your runner is on version v2.327.1 or later to ensure compatibility with this release. \u003ca href=\"https://github.com/actions/runner/releases/tag/v2.327.1\"\u003eRelease Notes\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDependency Upgrades\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade eslint-config-prettier from 9.0.0 to 9.1.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/labeler/pull/711\"\u003eactions/labeler#711\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade eslint from 8.52.0 to 8.55.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/labeler/pull/720\"\u003eactions/labeler#720\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade \u003ccode\u003e@​types/jest\u003c/code\u003e from 29.5.6 to 29.5.11 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/labeler/pull/719\"\u003eactions/labeler#719\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade \u003ccode\u003e@​types/js-yaml\u003c/code\u003e from 4.0.8 to 4.0.9 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/labeler/pull/718\"\u003eactions/labeler#718\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade \u003ccode\u003e@​typescript-eslint/parser\u003c/code\u003e from 6.9.0 to 6.14.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/labeler/pull/717\"\u003eactions/labeler#717\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade prettier from 3.0.3 to 3.1.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/labeler/pull/726\"\u003eactions/labeler#726\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade eslint from 8.55.0 to 8.56.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/labeler/pull/725\"\u003eactions/labeler#725\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade \u003ccode\u003e@​typescript-eslint/parser\u003c/code\u003e from 6.14.0 to 6.19.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/labeler/pull/745\"\u003eactions/labeler#745\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade eslint-plugin-jest from 27.4.3 to 27.6.3 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/labeler/pull/744\"\u003eactions/labeler#744\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade \u003ccode\u003e@​typescript-eslint/eslint-plugin\u003c/code\u003e from 6.9.0 to 6.20.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/labeler/pull/750\"\u003eactions/labeler#750\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade prettier from 3.1.1 to 3.2.5 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/labeler/pull/752\"\u003eactions/labeler#752\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade undici from 5.26.5 to 5.28.3 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/labeler/pull/757\"\u003eactions/labeler#757\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/labeler/commit/f27b608878404679385c85cfa523b85ccb86e213\"\u003e\u003ccode\u003ef27b608\u003c/code\u003e\u003c/a\u003e chore: upgrade dependencies (\u003ccode\u003e@​actions/core\u003c/code\u003e, \u003ccode\u003e@​actions/github\u003c/code\u003e, js-yaml, minimat...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/labeler/commit/c5dadc2a45784a4b6adfcd20fea3465da3a5f904\"\u003e\u003ccode\u003ec5dadc2\u003c/code\u003e\u003c/a\u003e Add 'changed-files-labels-limit' and 'max-files-changed' configs to allow cap...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/labeler/commit/e52e4fb63ed5cd0e07abaad9826b2a893ccb921f\"\u003e\u003ccode\u003ee52e4fb\u003c/code\u003e\u003c/a\u003e Bump minimatch from 10.0.1 to 10.2.3 (\u003ca href=\"https://redirect.github.com/actions/labeler/issues/926\"\u003e#926\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/labeler/commit/77a4082b841706ac431479b7e2bb11216ffef250\"\u003e\u003ccode\u003e77a4082\u003c/code\u003e\u003c/a\u003e Fix: Preserve manually added labels during workflow run and refine label sync...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/labeler/commit/25abb3cad4f14b7ac27968a495c37798860a5a1a\"\u003e\u003ccode\u003e25abb3c\u003c/code\u003e\u003c/a\u003e Improve Labeler Action Documentation and Error Handling for Permissions (\u003ca href=\"https://redirect.github.com/actions/labeler/issues/897\"\u003e#897\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/labeler/commit/395c8cfdb1e1e691cc4bad0dd315820af8eb67fd\"\u003e\u003ccode\u003e395c8cf\u003c/code\u003e\u003c/a\u003e Bump brace-expansion from 1.1.11 to 1.1.12 and document breaking changes in v...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/labeler/commit/634933edcd8ababfe52f92936142cc22ac488b1b\"\u003e\u003ccode\u003e634933e\u003c/code\u003e\u003c/a\u003e publish-acti...\n\n_Description has been truncated_","html_url":"https://github.com/arananet/hermes-skills/pull/2","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/arananet%2Fhermes-skills/issues/2","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/2/packages"}},{"old_version":"18","new_version":"23","update_type":null,"path":null,"pr_created_at":"2026-05-12T21:22:27.000Z","version_change":"18 → 23","issue":{"uuid":"4432739519","node_id":"PR_kwDOSVTKwc7a2wVs","number":103,"state":"open","title":"chore(deps): Bump the github-actions group with 8 updates","user":"dependabot[bot]","labels":["dependencies","github-actions"],"assignees":[],"locked":false,"comments_count":7,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-12T21:22:27.000Z","updated_at":"2026-05-13T06:03:05.027Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps): Bump","group_name":"github-actions","update_count":8,"packages":[{"name":"dependabot/fetch-metadata","old_version":"2","new_version":"3","repository_url":"https://github.com/dependabot/fetch-metadata"},{"name":"DavidAnson/markdownlint-cli2-action","old_version":"18","new_version":"23","repository_url":"https://github.com/davidanson/markdownlint-cli2-action"},{"name":"actions/upload-artifact","old_version":"4","new_version":"7","repository_url":"https://github.com/actions/upload-artifact"},{"name":"actions/setup-node","old_version":"4","new_version":"6","repository_url":"https://github.com/actions/setup-node"},{"name":"docker/setup-qemu-action","old_version":"3","new_version":"4","repository_url":"https://github.com/docker/setup-qemu-action"},{"name":"docker/setup-buildx-action","old_version":"3","new_version":"4","repository_url":"https://github.com/docker/setup-buildx-action"},{"name":"docker/login-action","old_version":"3","new_version":"4","repository_url":"https://github.com/docker/login-action"},{"name":"goreleaser/goreleaser-action","old_version":"6","new_version":"7","repository_url":"https://github.com/goreleaser/goreleaser-action"}],"path":null,"ecosystem":"actions"},"body":"Bumps the github-actions group with 8 updates:\n\n| Package | From | To |\n| --- | --- | --- |\n| [dependabot/fetch-metadata](https://github.com/dependabot/fetch-metadata) | `2` | `3` |\n| [DavidAnson/markdownlint-cli2-action](https://github.com/davidanson/markdownlint-cli2-action) | `18` | `23` |\n| [actions/upload-artifact](https://github.com/actions/upload-artifact) | `4` | `7` |\n| [actions/setup-node](https://github.com/actions/setup-node) | `4` | `6` |\n| [docker/setup-qemu-action](https://github.com/docker/setup-qemu-action) | `3` | `4` |\n| [docker/setup-buildx-action](https://github.com/docker/setup-buildx-action) | `3` | `4` |\n| [docker/login-action](https://github.com/docker/login-action) | `3` | `4` |\n| [goreleaser/goreleaser-action](https://github.com/goreleaser/goreleaser-action) | `6` | `7` |\n\nUpdates `dependabot/fetch-metadata` from 2 to 3\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/dependabot/fetch-metadata/releases\"\u003edependabot/fetch-metadata's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.0.0\u003c/h2\u003e\n\u003cp\u003eThe breaking change is requiring Node.js version v24 as the Actions runtime.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat: Parse versions from metadata links by \u003ca href=\"https://github.com/ppkarwasz\"\u003e\u003ccode\u003e@​ppkarwasz\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/632\"\u003edependabot/fetch-metadata#632\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade actions core and actions github packages by \u003ca href=\"https://github.com/truggeri\"\u003e\u003ccode\u003e@​truggeri\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/649\"\u003edependabot/fetch-metadata#649\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: Add notes for using \u003ccode\u003ealert-lookup\u003c/code\u003e with App Token by \u003ca href=\"https://github.com/sue445\"\u003e\u003ccode\u003e@​sue445\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/656\"\u003edependabot/fetch-metadata#656\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat!: update Node.js version to v24 by \u003ca href=\"https://github.com/sturman\"\u003e\u003ccode\u003e@​sturman\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/671\"\u003edependabot/fetch-metadata#671\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSwitch build tooling from ncc to esbuild by \u003ca href=\"https://github.com/truggeri\"\u003e\u003ccode\u003e@​truggeri\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/676\"\u003edependabot/fetch-metadata#676\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd --legal-comments=none to esbuild build commands by \u003ca href=\"https://github.com/jeffwidman\"\u003e\u003ccode\u003e@​jeffwidman\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/679\"\u003edependabot/fetch-metadata#679\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump tsconfig target from es2022 to es2024 by \u003ca href=\"https://github.com/jeffwidman\"\u003e\u003ccode\u003e@​jeffwidman\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/680\"\u003edependabot/fetch-metadata#680\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemove vestigial outDir from tsconfig.json by \u003ca href=\"https://github.com/jeffwidman\"\u003e\u003ccode\u003e@​jeffwidman\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/681\"\u003edependabot/fetch-metadata#681\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSwitch tsconfig module resolution to bundler by \u003ca href=\"https://github.com/jeffwidman\"\u003e\u003ccode\u003e@​jeffwidman\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/682\"\u003edependabot/fetch-metadata#682\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemove skipLibCheck from tsconfig.json by \u003ca href=\"https://github.com/jeffwidman\"\u003e\u003ccode\u003e@​jeffwidman\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/683\"\u003edependabot/fetch-metadata#683\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd typecheck step to CI by \u003ca href=\"https://github.com/jeffwidman\"\u003e\u003ccode\u003e@​jeffwidman\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/685\"\u003edependabot/fetch-metadata#685\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eEnable noImplicitAny in tsconfig.json by \u003ca href=\"https://github.com/jeffwidman\"\u003e\u003ccode\u003e@​jeffwidman\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/684\"\u003edependabot/fetch-metadata#684\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade \u003ccode\u003e@​actions/core\u003c/code\u003e to ^3.0.0 by \u003ca href=\"https://github.com/truggeri\"\u003e\u003ccode\u003e@​truggeri\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/677\"\u003edependabot/fetch-metadata#677\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade \u003ccode\u003e@​actions/github\u003c/code\u003e to ^9.0.0 and \u003ccode\u003e@​octokit/request-error\u003c/code\u003e to ^7.1.0 by \u003ca href=\"https://github.com/truggeri\"\u003e\u003ccode\u003e@​truggeri\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/678\"\u003edependabot/fetch-metadata#678\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump qs from 6.14.0 to 6.14.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/651\"\u003edependabot/fetch-metadata#651\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump hono from 4.11.1 to 4.11.4 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/652\"\u003edependabot/fetch-metadata#652\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump hono from 4.11.4 to 4.11.7 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/653\"\u003edependabot/fetch-metadata#653\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump hono from 4.11.7 to 4.12.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/657\"\u003edependabot/fetch-metadata#657\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump qs from 6.14.1 to 6.14.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/655\"\u003edependabot/fetch-metadata#655\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​modelcontextprotocol/sdk\u003c/code\u003e from 1.25.1 to 1.26.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/654\"\u003edependabot/fetch-metadata#654\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​hono/node-server\u003c/code\u003e from 1.19.9 to 1.19.10 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/665\"\u003edependabot/fetch-metadata#665\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump hono from 4.12.2 to 4.12.5 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/664\"\u003edependabot/fetch-metadata#664\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump minimatch from 3.1.2 to 3.1.5 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/667\"\u003edependabot/fetch-metadata#667\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump hono from 4.12.5 to 4.12.7 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/668\"\u003edependabot/fetch-metadata#668\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump actions/create-github-app-token from 2.2.1 to 3.0.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/669\"\u003edependabot/fetch-metadata#669\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump flatted from 3.3.3 to 3.4.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/670\"\u003edependabot/fetch-metadata#670\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump picomatch from 2.3.1 to 2.3.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/674\"\u003edependabot/fetch-metadata#674\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/ppkarwasz\"\u003e\u003ccode\u003e@​ppkarwasz\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/632\"\u003edependabot/fetch-metadata#632\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/truggeri\"\u003e\u003ccode\u003e@​truggeri\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/649\"\u003edependabot/fetch-metadata#649\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sue445\"\u003e\u003ccode\u003e@​sue445\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/656\"\u003edependabot/fetch-metadata#656\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/sturman\"\u003e\u003ccode\u003e@​sturman\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/671\"\u003edependabot/fetch-metadata#671\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/dependabot/fetch-metadata/compare/v2...v3.0.0\"\u003ehttps://github.com/dependabot/fetch-metadata/compare/v2...v3.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev2.5.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBump actions/publish-immutable-action from 0.0.3 to 0.0.4 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/628\"\u003edependabot/fetch-metadata#628\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump the dev-dependencies group with 11 updates by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/629\"\u003edependabot/fetch-metadata#629\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump actions/create-github-app-token from 2.0.6 to 2.1.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/635\"\u003edependabot/fetch-metadata#635\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump actions/create-github-app-token from 2.1.1 to 2.1.4 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/638\"\u003edependabot/fetch-metadata#638\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump actions/checkout from 4 to 5 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/636\"\u003edependabot/fetch-metadata#636\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump actions/setup-node from 4 to 5 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/637\"\u003edependabot/fetch-metadata#637\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump actions/setup-node from 5 to 6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/639\"\u003edependabot/fetch-metadata#639\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump actions/create-github-app-token from 2.1.4 to 2.2.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/643\"\u003edependabot/fetch-metadata#643\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dependabot/fetch-metadata/commit/25dd0e34f4fe68f24cc83900b1fe3fe149efef98\"\u003e\u003ccode\u003e25dd0e3\u003c/code\u003e\u003c/a\u003e v3.1.0 (\u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/issues/692\"\u003e#692\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dependabot/fetch-metadata/commit/e073f50d732cb48d48fb80afedb4fa61361626e9\"\u003e\u003ccode\u003ee073f50\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/issues/705\"\u003e#705\u003c/a\u003e from dependabot/dependabot/npm_and_yarn/hono-4.12.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dependabot/fetch-metadata/commit/0670e167df1fbee1b0d07121de6a182ddebdd674\"\u003e\u003ccode\u003e0670e16\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump hono from 4.12.12 to 4.12.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dependabot/fetch-metadata/commit/7a7fe10a42310e65df80af6c771e9aa5d59842d1\"\u003e\u003ccode\u003e7a7fe10\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/issues/702\"\u003e#702\u003c/a\u003e from dependabot/dependabot/npm_and_yarn/dependencies-...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dependabot/fetch-metadata/commit/5168191cea3d4daa635bff6c796b4f0faeba522d\"\u003e\u003ccode\u003e5168191\u003c/code\u003e\u003c/a\u003e Updating dist build\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dependabot/fetch-metadata/commit/23882e175b2f16bc495c89aa50940399c6a17504\"\u003e\u003ccode\u003e23882e1\u003c/code\u003e\u003c/a\u003e build(deps): bump \u003ccode\u003e@​actions/github\u003c/code\u003e in the dependencies group\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dependabot/fetch-metadata/commit/1072469591c13fda1d8dba1d1ac2e80187e247d7\"\u003e\u003ccode\u003e1072469\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/issues/701\"\u003e#701\u003c/a\u003e from dependabot/dependabot/github_actions/actions/cre...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dependabot/fetch-metadata/commit/43f8a0055c8e32587be67e097dff89a6823c9752\"\u003e\u003ccode\u003e43f8a00\u003c/code\u003e\u003c/a\u003e build(deps): bump actions/create-github-app-token from 3.0.0 to 3.1.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dependabot/fetch-metadata/commit/b4d904a50935c8ebe744da148ea8a18a43fe72e1\"\u003e\u003ccode\u003eb4d904a\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/issues/703\"\u003e#703\u003c/a\u003e from dependabot/dependabot/npm_and_yarn/globals-17.5.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dependabot/fetch-metadata/commit/c8046bb877d9989cc848797de1b944bc3e93ef82\"\u003e\u003ccode\u003ec8046bb\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump globals from 17.4.0 to 17.5.0\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/dependabot/fetch-metadata/compare/v2...v3\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `DavidAnson/markdownlint-cli2-action` from 18 to 23\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/davidanson/markdownlint-cli2-action/releases\"\u003eDavidAnson/markdownlint-cli2-action's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003eUpdate markdownlint-cli2 version (markdownlint-cli2 v0.22.1, markdownlint v0.40.0).\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003eUpdate markdownlint-cli2 version (markdownlint-cli2 v0.22.0, markdownlint v0.40.0), update Node.js dependency to 24.\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003eUpdate markdownlint version (markdownlint-cli2 v0.20.0, markdownlint v0.40.0).\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003eUpdate markdownlint version (markdownlint-cli2 v0.19.0, markdownlint v0.39.0).\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003eUpdate markdownlint version (markdownlint-cli2 v0.18.1, markdownlint v0.38.0).\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003eUpdate markdownlint version (markdownlint-cli2 v0.17.2, markdownlint v0.37.4).\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003eUpdate markdownlint version (markdownlint-cli2 v0.17.0, markdownlint v0.37.0).\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003eUpdate markdownlint version (markdownlint-cli2 v0.15.0, markdownlint v0.36.1).\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003eUpdate markdownlint version (markdownlint-cli2 v0.14.0, markdownlint v0.35.0).\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003eUpdate markdownlint version (markdownlint-cli2 v0.13.0, markdownlint v0.34.0).\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003cp\u003eUpdate markdownlint version (markdownlint-cli2 v0.12.1, markdownlint v0.33.0).\u003c/p\u003e\n\u003ch2\u003eUpdate markdownlint version (markdownlint-cli2 v0.11.0, markdownlint v0.32.1), remove deprecated \u0026quot;command\u0026quot; input.\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003eUpdate markdownlint version (markdownlint-cli2 v0.10.0, markdownlint v0.31.1).\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003eUpdate markdownlint version (markdownlint-cli2 v0.9.2, markdownlint v0.30.0).\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003eUpdate markdownlint version (markdownlint-cli2 v0.8.1, markdownlint v0.29.0), add \u0026quot;config\u0026quot; and \u0026quot;fix\u0026quot; inputs, deprecate \u0026quot;command\u0026quot; input.\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003eUpdate markdownlint version (markdownlint-cli2 v0.7.1, markdownlint v0.28.2).\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003ch2\u003eUpdate markdownlint version (markdownlint-cli2 v0.7.0, markdownlint v0.28.1), include link to rule information in title of annotations (clickable in GitHub).\u003c/h2\u003e\n\u003cp\u003eNo release notes provided.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/ded1f9488f68a970bc66ea5619e13e9b52e601cd\"\u003e\u003ccode\u003eded1f94\u003c/code\u003e\u003c/a\u003e Update to version 23.2.0.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/dc5dad9f8ba073d9c126e0d851df92a6d37edf73\"\u003e\u003ccode\u003edc5dad9\u003c/code\u003e\u003c/a\u003e Add 10-day cooldown period to Dependabot updates.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/64b1c6ae183a8eb20a1aa3953e30a9dd4d432402\"\u003e\u003ccode\u003e64b1c6a\u003c/code\u003e\u003c/a\u003e Add package-lock.json for reproducible builds (fixes \u003ca href=\"https://redirect.github.com/davidanson/markdownlint-cli2-action/issues/362\"\u003e#362\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/6c62e06b9a7e92ae00b281d5c6794123911021af\"\u003e\u003ccode\u003e6c62e06\u003c/code\u003e\u003c/a\u003e Bump eslint-plugin-n from 17.24.0 to 18.0.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/9b5720cdbb216ebfd0f8ebfcd1b213c83ed1b206\"\u003e\u003ccode\u003e9b5720c\u003c/code\u003e\u003c/a\u003e Bump eslint from 10.2.1 to 10.3.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/6b51ade7a9e4a75a7ad929842dd298a3804ebe8b\"\u003e\u003ccode\u003e6b51ade\u003c/code\u003e\u003c/a\u003e Update to version 23.1.0.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/ea6e0dad81a67897db7632a0a41b3a0e7cc03ca3\"\u003e\u003ccode\u003eea6e0da\u003c/code\u003e\u003c/a\u003e Freshen generated index.js file.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/3c4c2c842cd43c2afe7cb5f2ecfe9e1623fa8d14\"\u003e\u003ccode\u003e3c4c2c8\u003c/code\u003e\u003c/a\u003e Bump markdownlint-cli2 from 0.22.0 to 0.22.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/3a933d45e20b54b80131d0335d61186e63e552bd\"\u003e\u003ccode\u003e3a933d4\u003c/code\u003e\u003c/a\u003e Bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/648042e2afed596b673a8b3f8fc8fbfb48b41f43\"\u003e\u003ccode\u003e648042e\u003c/code\u003e\u003c/a\u003e Freshen generated index.js file.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/davidanson/markdownlint-cli2-action/compare/v18...v23\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `actions/upload-artifact` from 4 to 7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/upload-artifact/releases\"\u003eactions/upload-artifact's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.0.0\u003c/h2\u003e\n\u003ch2\u003ev7 What's new\u003c/h2\u003e\n\u003ch3\u003eDirect Uploads\u003c/h3\u003e\n\u003cp\u003eAdds support for uploading single files directly (unzipped). Callers can set the new \u003ccode\u003earchive\u003c/code\u003e parameter to \u003ccode\u003efalse\u003c/code\u003e to skip zipping the file during upload. Right now, we only support single files. The action will fail if the glob passed resolves to multiple files. The \u003ccode\u003ename\u003c/code\u003e parameter is also ignored with this setting. Instead, the name of the artifact will be the name of the uploaded file.\u003c/p\u003e\n\u003ch3\u003eESM\u003c/h3\u003e\n\u003cp\u003eTo support new versions of the \u003ccode\u003e@actions/*\u003c/code\u003e packages, we've upgraded the package to ESM.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd proxy integration test by \u003ca href=\"https://github.com/Link\"\u003e\u003ccode\u003e@​Link\u003c/code\u003e\u003c/a\u003e- in \u003ca href=\"https://redirect.github.com/actions/upload-artifact/pull/754\"\u003eactions/upload-artifact#754\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade the module to ESM and bump dependencies by \u003ca href=\"https://github.com/danwkennedy\"\u003e\u003ccode\u003e@​danwkennedy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/upload-artifact/pull/762\"\u003eactions/upload-artifact#762\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSupport direct file uploads by \u003ca href=\"https://github.com/danwkennedy\"\u003e\u003ccode\u003e@​danwkennedy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/upload-artifact/pull/764\"\u003eactions/upload-artifact#764\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Link\"\u003e\u003ccode\u003e@​Link\u003c/code\u003e\u003c/a\u003e- made their first contribution in \u003ca href=\"https://redirect.github.com/actions/upload-artifact/pull/754\"\u003eactions/upload-artifact#754\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/upload-artifact/compare/v6...v7.0.0\"\u003ehttps://github.com/actions/upload-artifact/compare/v6...v7.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.0.0\u003c/h2\u003e\n\u003ch2\u003ev6 - What's new\u003c/h2\u003e\n\u003cblockquote\u003e\n\u003cp\u003e[!IMPORTANT]\nactions/upload-artifact@v6 now runs on Node.js 24 (\u003ccode\u003eruns.using: node24\u003c/code\u003e) and requires a minimum Actions Runner version of 2.327.1. If you are using self-hosted runners, ensure they are updated before upgrading.\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003ch3\u003eNode.js 24\u003c/h3\u003e\n\u003cp\u003eThis release updates the runtime to Node.js 24. v5 had preliminary support for Node.js 24, however this action was by default still running on Node.js 20. Now this action by default will run on Node.js 24.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpload Artifact Node 24 support by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/upload-artifact/pull/719\"\u003eactions/upload-artifact#719\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: update \u003ccode\u003e@​actions/artifact\u003c/code\u003e for Node.js 24 punycode deprecation by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/upload-artifact/pull/744\"\u003eactions/upload-artifact#744\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eprepare release v6.0.0 for Node.js 24 support by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/upload-artifact/pull/745\"\u003eactions/upload-artifact#745\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/upload-artifact/compare/v5.0.0...v6.0.0\"\u003ehttps://github.com/actions/upload-artifact/compare/v5.0.0...v6.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.0.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBREAKING CHANGE:\u003c/strong\u003e this update supports Node \u003ccode\u003ev24.x\u003c/code\u003e. This is not a breaking change per-se but we're treating it as such.\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate README.md by \u003ca href=\"https://github.com/GhadimiR\"\u003e\u003ccode\u003e@​GhadimiR\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/upload-artifact/pull/681\"\u003eactions/upload-artifact#681\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate README.md by \u003ca href=\"https://github.com/nebuk89\"\u003e\u003ccode\u003e@​nebuk89\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/upload-artifact/pull/712\"\u003eactions/upload-artifact#712\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eReadme: spell out the first use of GHES by \u003ca href=\"https://github.com/danwkennedy\"\u003e\u003ccode\u003e@​danwkennedy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/upload-artifact/pull/727\"\u003eactions/upload-artifact#727\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate GHES guidance to include reference to Node 20 version by \u003ca href=\"https://github.com/patrikpolyak\"\u003e\u003ccode\u003e@​patrikpolyak\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/upload-artifact/pull/725\"\u003eactions/upload-artifact#725\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@actions/artifact\u003c/code\u003e to \u003ccode\u003ev4.0.0\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003ePrepare \u003ccode\u003ev5.0.0\u003c/code\u003e by \u003ca href=\"https://github.com/danwkennedy\"\u003e\u003ccode\u003e@​danwkennedy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/upload-artifact/pull/734\"\u003eactions/upload-artifact#734\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-artifact/commit/043fb46d1a93c77aae656e7c1c64a875d1fc6a0a\"\u003e\u003ccode\u003e043fb46\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/upload-artifact/issues/797\"\u003e#797\u003c/a\u003e from actions/yacaovsnc/update-dependency\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-artifact/commit/634250c1388765ea7ed0f053e636f1f399000b94\"\u003e\u003ccode\u003e634250c\u003c/code\u003e\u003c/a\u003e Include changes in typespec/ts-http-runtime 0.3.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-artifact/commit/e454baaac2be505c9450e11b8f3215c6fc023ce8\"\u003e\u003ccode\u003ee454baa\u003c/code\u003e\u003c/a\u003e Readme: bump all the example versions to v7 (\u003ca href=\"https://redirect.github.com/actions/upload-artifact/issues/796\"\u003e#796\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-artifact/commit/74fad66b98a6d799dc004d3353ccd0e6f6b2530e\"\u003e\u003ccode\u003e74fad66\u003c/code\u003e\u003c/a\u003e Update the readme with direct upload details (\u003ca href=\"https://redirect.github.com/actions/upload-artifact/issues/795\"\u003e#795\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-artifact/commit/bbbca2ddaa5d8feaa63e36b76fdaad77386f024f\"\u003e\u003ccode\u003ebbbca2d\u003c/code\u003e\u003c/a\u003e Support direct file uploads (\u003ca href=\"https://redirect.github.com/actions/upload-artifact/issues/764\"\u003e#764\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-artifact/commit/589182c5a4cec8920b8c1bce3e2fab1c97a02296\"\u003e\u003ccode\u003e589182c\u003c/code\u003e\u003c/a\u003e Upgrade the module to ESM and bump dependencies (\u003ca href=\"https://redirect.github.com/actions/upload-artifact/issues/762\"\u003e#762\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-artifact/commit/47309c993abb98030a35d55ef7ff34b7fa1074b5\"\u003e\u003ccode\u003e47309c9\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/upload-artifact/issues/754\"\u003e#754\u003c/a\u003e from actions/Link-/add-proxy-integration-tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-artifact/commit/02a8460834e70dab0ce194c64360c59dc1475ef0\"\u003e\u003ccode\u003e02a8460\u003c/code\u003e\u003c/a\u003e Add proxy integration test\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-artifact/commit/b7c566a772e6b6bfb58ed0dc250532a479d7789f\"\u003e\u003ccode\u003eb7c566a\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/upload-artifact/issues/745\"\u003e#745\u003c/a\u003e from actions/upload-artifact-v6-release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/upload-artifact/commit/e516bc8500aaf3d07d591fcd4ae6ab5f9c391d5b\"\u003e\u003ccode\u003ee516bc8\u003c/code\u003e\u003c/a\u003e docs: correct description of Node.js 24 support in README\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/actions/upload-artifact/compare/v4...v7\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `actions/setup-node` from 4 to 6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/setup-node/releases\"\u003eactions/setup-node's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.0.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003eBreaking Changes\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eLimit automatic caching to npm, update workflows and documentation by \u003ca href=\"https://github.com/priyagupta108\"\u003e\u003ccode\u003e@​priyagupta108\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-node/pull/1374\"\u003eactions/setup-node#1374\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eDependency Upgrades\u003c/strong\u003e\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade ts-jest from 29.1.2 to 29.4.1 and document breaking changes in v5 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/setup-node/pull/1336\"\u003e#1336\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade prettier from 2.8.8 to 3.6.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/setup-node/pull/1334\"\u003e#1334\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade actions/publish-action from 0.3.0 to 0.4.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/setup-node/pull/1362\"\u003e#1362\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/setup-node/compare/v5...v6.0.0\"\u003ehttps://github.com/actions/setup-node/compare/v5...v6.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.0.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eEnhance caching in setup-node with automatic package manager detection by \u003ca href=\"https://github.com/priya-kinthali\"\u003e\u003ccode\u003e@​priya-kinthali\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-node/pull/1348\"\u003eactions/setup-node#1348\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eThis update, introduces automatic caching when a valid \u003ccode\u003epackageManager\u003c/code\u003e field is present in your \u003ccode\u003epackage.json\u003c/code\u003e. This aims to improve workflow performance and make dependency management more seamless.\nTo disable this automatic caching, set \u003ccode\u003epackage-manager-cache: false\u003c/code\u003e\u003c/p\u003e\n\u003cpre lang=\"yaml\"\u003e\u003ccode\u003esteps:\r\n- uses: actions/checkout@v5\r\n- uses: actions/setup-node@v5\r\n  with:\r\n    package-manager-cache: false\r\n\u003c/code\u003e\u003c/pre\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade action to use node24 by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-node/pull/1325\"\u003eactions/setup-node#1325\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003eMake sure your runner is on version v2.327.1 or later to ensure compatibility with this release. \u003ca href=\"https://github.com/actions/runner/releases/tag/v2.327.1\"\u003eSee Release Notes\u003c/a\u003e\u003c/p\u003e\n\u003ch3\u003eDependency Upgrades\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade \u003ccode\u003e@​octokit/request-error\u003c/code\u003e and \u003ccode\u003e@​actions/github\u003c/code\u003e by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/setup-node/pull/1227\"\u003eactions/setup-node#1227\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade uuid from 9.0.1 to 11.1.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/setup-node/pull/1273\"\u003eactions/setup-node#1273\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade undici from 5.28.5 to 5.29.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/setup-node/pull/1295\"\u003eactions/setup-node#1295\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade form-data to bring in fix for critical vulnerability by \u003ca href=\"https://github.com/gowridurgad\"\u003e\u003ccode\u003e@​gowridurgad\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/setup-node/pull/1332\"\u003eactions/setup-node#1332\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade actions/checkout from 4 to 5 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/setup-node/pull/1345\"\u003eactions/setup-node#1345\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/priya-kinthali\"\u003e\u003ccode\u003e@​priya-kinthali\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/setup-node/pull/1348\"\u003eactions/setup-node#1348\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/setup-node/pull/1325\"\u003eactions/setup-node#1325\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/setup-node/compare/v4...v5.0.0\"\u003ehttps://github.com/actions/setup-node/compare/v4...v5.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev4.4.0\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/setup-node/commit/48b55a011bda9f5d6aeb4c2d9c7362e8dae4041e\"\u003e\u003ccode\u003e48b55a0\u003c/code\u003e\u003c/a\u003e Update Node.js versions in versions.yml and bump package to v6.4.0 (\u003ca href=\"https://redirect.github.com/actions/setup-node/issues/1533\"\u003e#1533\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/setup-node/commit/ab72c7e7eba0eaa11f8cab0f5679243900c2cac9\"\u003e\u003ccode\u003eab72c7e\u003c/code\u003e\u003c/a\u003e Upgrade \u003ca href=\"https://github.com/actions\"\u003e\u003ccode\u003e@​actions\u003c/code\u003e\u003c/a\u003e dependencies (\u003ca href=\"https://redirect.github.com/actions/setup-node/issues/1525\"\u003e#1525\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/setup-node/commit/53b83947a5a98c8d113130e565377fae1a50d02f\"\u003e\u003ccode\u003e53b8394\u003c/code\u003e\u003c/a\u003e Bump minimatch from 3.1.2 to 3.1.5 (\u003ca href=\"https://redirect.github.com/actions/setup-node/issues/1498\"\u003e#1498\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/setup-node/commit/54045abd5dcd3b0fee9ca02fa24c57545834c9cc\"\u003e\u003ccode\u003e54045ab\u003c/code\u003e\u003c/a\u003e Scope test lockfiles by package manager and update cache tests (\u003ca href=\"https://redirect.github.com/actions/setup-node/issues/1495\"\u003e#1495\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/setup-node/commit/c882bffdbd4df51ace6b940023952e8669c9932a\"\u003e\u003ccode\u003ec882bff\u003c/code\u003e\u003c/a\u003e Replace uuid with crypto.randomUUID() (\u003ca href=\"https://redirect.github.com/actions/setup-node/issues/1378\"\u003e#1378\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/setup-node/commit/774c1d62961e73038a114d59c8847023c003194d\"\u003e\u003ccode\u003e774c1d6\u003c/code\u003e\u003c/a\u003e feat(node-version-file): support parsing \u003ccode\u003edevEngines\u003c/code\u003e field (\u003ca href=\"https://redirect.github.com/actions/setup-node/issues/1283\"\u003e#1283\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/setup-node/commit/efcb663fc60e97218a2b2d6d827f7830f164739e\"\u003e\u003ccode\u003eefcb663\u003c/code\u003e\u003c/a\u003e fix: remove hardcoded bearer (\u003ca href=\"https://redirect.github.com/actions/setup-node/issues/1467\"\u003e#1467\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/setup-node/commit/d02c89dce7e1ba9ef629ce0680989b3a1cc72edb\"\u003e\u003ccode\u003ed02c89d\u003c/code\u003e\u003c/a\u003e Fix npm audit issues (\u003ca href=\"https://redirect.github.com/actions/setup-node/issues/1491\"\u003e#1491\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/setup-node/commit/6044e13b5dc448c55e2357c09f80417699197238\"\u003e\u003ccode\u003e6044e13\u003c/code\u003e\u003c/a\u003e Docs: bump actions/checkout from v5 to v6 (\u003ca href=\"https://redirect.github.com/actions/setup-node/issues/1468\"\u003e#1468\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/setup-node/commit/8e494633d082d609d1e9ff931be32f8a44f1f657\"\u003e\u003ccode\u003e8e49463\u003c/code\u003e\u003c/a\u003e Fix README typo (\u003ca href=\"https://redirect.github.com/actions/setup-node/issues/1226\"\u003e#1226\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/actions/setup-node/compare/v4...v6\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `docker/setup-qemu-action` from 3 to 4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/docker/setup-qemu-action/releases\"\u003edocker/setup-qemu-action's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.0.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNode 24 as default runtime (requires \u003ca href=\"https://github.com/actions/runner/releases/tag/v2.327.1\"\u003eActions Runner v2.327.1\u003c/a\u003e or later) by \u003ca href=\"https://github.com/crazy-max\"\u003e\u003ccode\u003e@​crazy-max\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/docker/setup-qemu-action/pull/245\"\u003edocker/setup-qemu-action#245\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSwitch to ESM and update config/test wiring by \u003ca href=\"https://github.com/crazy-max\"\u003e\u003ccode\u003e@​crazy-max\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/docker/setup-qemu-action/pull/241\"\u003edocker/setup-qemu-action#241\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​actions/core\u003c/code\u003e from 1.11.1 to 3.0.0 in \u003ca href=\"https://redirect.github.com/docker/setup-qemu-action/pull/244\"\u003edocker/setup-qemu-action#244\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​docker/actions-toolkit\u003c/code\u003e from 0.67.0 to 0.77.0 in \u003ca href=\"https://redirect.github.com/docker/setup-qemu-action/pull/243\"\u003edocker/setup-qemu-action#243\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​isaacs/brace-expansion\u003c/code\u003e from 5.0.0 to 5.0.1 in \u003ca href=\"https://redirect.github.com/docker/setup-qemu-action/pull/240\"\u003edocker/setup-qemu-action#240\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump js-yaml from 3.14.1 to 3.14.2 in \u003ca href=\"https://redirect.github.com/docker/setup-qemu-action/pull/231\"\u003edocker/setup-qemu-action#231\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump lodash from 4.17.21 to 4.17.23 in \u003ca href=\"https://redirect.github.com/docker/setup-qemu-action/pull/238\"\u003edocker/setup-qemu-action#238\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/docker/setup-qemu-action/compare/v3.7.0...v4.0.0\"\u003ehttps://github.com/docker/setup-qemu-action/compare/v3.7.0...v4.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.7.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBump \u003ccode\u003e@​docker/actions-toolkit\u003c/code\u003e from 0.56.0 to 0.67.0 in \u003ca href=\"https://redirect.github.com/docker/setup-qemu-action/pull/217\"\u003edocker/setup-qemu-action#217\u003c/a\u003e \u003ca href=\"https://redirect.github.com/docker/setup-qemu-action/pull/230\"\u003edocker/setup-qemu-action#230\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump brace-expansion from 1.1.11 to 1.1.12 in \u003ca href=\"https://redirect.github.com/docker/setup-qemu-action/pull/220\"\u003edocker/setup-qemu-action#220\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump form-data from 2.5.1 to 2.5.5 in \u003ca href=\"https://redirect.github.com/docker/setup-qemu-action/pull/218\"\u003edocker/setup-qemu-action#218\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump tmp from 0.2.3 to 0.2.4 in \u003ca href=\"https://redirect.github.com/docker/setup-qemu-action/pull/221\"\u003edocker/setup-qemu-action#221\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump undici from 5.28.4 to 5.29.0 in \u003ca href=\"https://redirect.github.com/docker/setup-qemu-action/pull/219\"\u003edocker/setup-qemu-action#219\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/docker/setup-qemu-action/compare/v3.6.0...v3.7.0\"\u003ehttps://github.com/docker/setup-qemu-action/compare/v3.6.0...v3.7.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.6.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDisplay binfmt version by \u003ca href=\"https://github.com/crazy-max\"\u003e\u003ccode\u003e@​crazy-max\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/docker/setup-qemu-action/pull/202\"\u003edocker/setup-qemu-action#202\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/docker/setup-qemu-action/compare/v3.5.0...v3.6.0\"\u003ehttps://github.com/docker/setup-qemu-action/compare/v3.5.0...v3.6.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.5.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBump \u003ccode\u003e@​docker/actions-toolkit\u003c/code\u003e from 0.54.0 to 0.56.0 in \u003ca href=\"https://redirect.github.com/docker/setup-qemu-action/pull/205\"\u003edocker/setup-qemu-action#205\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/docker/setup-qemu-action/compare/v3.4.0...v3.5.0\"\u003ehttps://github.com/docker/setup-qemu-action/compare/v3.4.0...v3.5.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.4.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBump \u003ccode\u003e@​docker/actions-toolkit\u003c/code\u003e from 0.49.0 to 0.54.0 in \u003ca href=\"https://redirect.github.com/docker/setup-qemu-action/pull/193\"\u003edocker/setup-qemu-action#193\u003c/a\u003e \u003ca href=\"https://redirect.github.com/docker/setup-qemu-action/pull/197\"\u003edocker/setup-qemu-action#197\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/docker/setup-qemu-action/compare/v3.3.0...v3.4.0\"\u003ehttps://github.com/docker/setup-qemu-action/compare/v3.3.0...v3.4.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.3.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003ecache-image\u003c/code\u003e input to enable/disable caching of binfmt image by \u003ca href=\"https://github.com/crazy-max\"\u003e\u003ccode\u003e@​crazy-max\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/docker/setup-qemu-action/pull/130\"\u003edocker/setup-qemu-action#130\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​actions/core\u003c/code\u003e from 1.10.1 to 1.11.1 in \u003ca href=\"https://redirect.github.com/docker/setup-qemu-action/pull/172\"\u003edocker/setup-qemu-action#172\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​docker/actions-toolkit\u003c/code\u003e from 0.35.0 to 0.49.0 in \u003ca href=\"https://redirect.github.com/docker/setup-qemu-action/pull/187\"\u003edocker/setup-qemu-action#187\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump cross-spawn from 7.0.3 to 7.0.6 in \u003ca href=\"https://redirect.github.com/docker/setup-qemu-action/pull/182\"\u003edocker/setup-qemu-action#182\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump path-to-regexp from 6.2.2 to 6.3.0 in \u003ca href=\"https://redirect.github.com/docker/setup-qemu-action/pull/162\"\u003edocker/setup-qemu-action#162\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/docker/setup-qemu-action/compare/v3.2.0...v3.3.0\"\u003ehttps://github.com/docker/setup-qemu-action/compare/v3.2.0...v3.3.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.2.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBump \u003ccode\u003e@​docker/actions-toolkit\u003c/code\u003e from 0.31.0 to 0.35.0 in \u003ca href=\"https://redirect.github.com/docker/setup-qemu-action/pull/154\"\u003edocker/setup-qemu-action#154\u003c/a\u003e \u003ca href=\"https://redirect.github.com/docker/setup-qemu-action/pull/155\"\u003edocker/setup-qemu-action#155\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/docker/setup-qemu-action/compare/v3.1.0...v3.2.0\"\u003ehttps://github.com/docker/setup-qemu-action/compare/v3.1.0...v3.2.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.1.0\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/setup-qemu-action/commit/ce360397dd3f832beb865e1373c09c0e9f86d70a\"\u003e\u003ccode\u003ece36039\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/docker/setup-qemu-action/issues/245\"\u003e#245\u003c/a\u003e from crazy-max/node24\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/setup-qemu-action/commit/63863443c130689b5b352363f362c820cf73b26d\"\u003e\u003ccode\u003e6386344\u003c/code\u003e\u003c/a\u003e node 24 as default runtime\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/setup-qemu-action/commit/1ea3db7bfb6d247e5e3511955d6e476a8d400ef3\"\u003e\u003ccode\u003e1ea3db7\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/docker/setup-qemu-action/issues/243\"\u003e#243\u003c/a\u003e from docker/dependabot/npm_and_yarn/docker/actions-to...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/setup-qemu-action/commit/b56a0022b9d517f4d4f8f8357e107e587548db78\"\u003e\u003ccode\u003eb56a002\u003c/code\u003e\u003c/a\u003e chore: update generated content\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/setup-qemu-action/commit/c43f02d0c908d30161ad4230a59285d9e442956d\"\u003e\u003ccode\u003ec43f02d\u003c/code\u003e\u003c/a\u003e build(deps): bump \u003ccode\u003e@​docker/actions-toolkit\u003c/code\u003e from 0.67.0 to 0.77.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/setup-qemu-action/commit/ce10c58dd1801e20f2e65c72aff588c6fc5f6609\"\u003e\u003ccode\u003ece10c58\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/docker/setup-qemu-action/issues/244\"\u003e#244\u003c/a\u003e from docker/dependabot/npm_and_yarn/actions/core-3.0.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/setup-qemu-action/commit/429fc9dbdab394ec482946ef7f7b60be3a169336\"\u003e\u003ccode\u003e429fc9d\u003c/code\u003e\u003c/a\u003e chore: update generated content\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/setup-qemu-action/commit/060e5f8b59ae7d2a0e4dcf681f8625f0e54e2024\"\u003e\u003ccode\u003e060e5f8\u003c/code\u003e\u003c/a\u003e build(deps): bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 1.11.1 to 3.0.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/setup-qemu-action/commit/44be13e7d9ba38145b648950e52ac18e2a4efd3a\"\u003e\u003ccode\u003e44be13e\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/docker/setup-qemu-action/issues/231\"\u003e#231\u003c/a\u003e from docker/dependabot/npm_and_yarn/js-yaml-3.14.2\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/setup-qemu-action/commit/1897438ed3baad455b19c89cda913ca4f31dd079\"\u003e\u003ccode\u003e1897438\u003c/code\u003e\u003c/a\u003e chore: update generated content\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/docker/setup-qemu-action/compare/v3...v4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `docker/setup-buildx-action` from 3 to 4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/docker/setup-buildx-action/releases\"\u003edocker/setup-buildx-action's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.0.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNode 24 as default runtime (requires \u003ca href=\"https://github.com/actions/runner/releases/tag/v2.327.1\"\u003eActions Runner v2.327.1\u003c/a\u003e or later) by \u003ca href=\"https://github.com/crazy-max\"\u003e\u003ccode\u003e@​crazy-max\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/pull/483\"\u003edocker/setup-buildx-action#483\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemove deprecated inputs/outputs by \u003ca href=\"https://github.com/crazy-max\"\u003e\u003ccode\u003e@​crazy-max\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/pull/464\"\u003edocker/setup-buildx-action#464\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSwitch to ESM and update config/test wiring by \u003ca href=\"https://github.com/crazy-max\"\u003e\u003ccode\u003e@​crazy-max\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/pull/481\"\u003edocker/setup-buildx-action#481\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​actions/core\u003c/code\u003e from 1.11.1 to 3.0.0 in \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/pull/475\"\u003edocker/setup-buildx-action#475\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​docker/actions-toolkit\u003c/code\u003e from 0.63.0 to 0.79.0 in \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/pull/482\"\u003edocker/setup-buildx-action#482\u003c/a\u003e \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/pull/485\"\u003edocker/setup-buildx-action#485\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump js-yaml from 4.1.0 to 4.1.1 in \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/pull/452\"\u003edocker/setup-buildx-action#452\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump lodash from 4.17.21 to 4.17.23 in \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/pull/472\"\u003edocker/setup-buildx-action#472\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump minimatch from 3.1.2 to 3.1.5 in \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/pull/480\"\u003edocker/setup-buildx-action#480\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/docker/setup-buildx-action/compare/v3.12.0...v4.0.0\"\u003ehttps://github.com/docker/setup-buildx-action/compare/v3.12.0...v4.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.12.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDeprecate \u003ccode\u003einstall\u003c/code\u003e input by \u003ca href=\"https://github.com/crazy-max\"\u003e\u003ccode\u003e@​crazy-max\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/pull/455\"\u003edocker/setup-buildx-action#455\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​docker/actions-toolkit\u003c/code\u003e from 0.62.1 to 0.63.0 in \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/pull/434\"\u003edocker/setup-buildx-action#434\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump brace-expansion from 1.1.11 to 1.1.12 in \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/pull/436\"\u003edocker/setup-buildx-action#436\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump form-data from 2.5.1 to 2.5.5 in \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/pull/432\"\u003edocker/setup-buildx-action#432\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump undici from 5.28.4 to 5.29.0 in \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/pull/435\"\u003edocker/setup-buildx-action#435\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/docker/setup-buildx-action/compare/v3.11.1...v3.12.0\"\u003ehttps://github.com/docker/setup-buildx-action/compare/v3.11.1...v3.12.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.11.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix \u003ccode\u003ekeep-state\u003c/code\u003e not being respected by \u003ca href=\"https://github.com/crazy-max\"\u003e\u003ccode\u003e@​crazy-max\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/pull/429\"\u003edocker/setup-buildx-action#429\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/docker/setup-buildx-action/compare/v3.11.0...v3.11.1\"\u003ehttps://github.com/docker/setup-buildx-action/compare/v3.11.0...v3.11.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.11.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eKeep BuildKit state support by \u003ca href=\"https://github.com/crazy-max\"\u003e\u003ccode\u003e@​crazy-max\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/pull/427\"\u003edocker/setup-buildx-action#427\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemove aliases created when installing by default by \u003ca href=\"https://github.com/hashhar\"\u003e\u003ccode\u003e@​hashhar\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/pull/139\"\u003edocker/setup-buildx-action#139\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​docker/actions-toolkit\u003c/code\u003e from 0.56.0 to 0.62.1 in \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/pull/422\"\u003edocker/setup-buildx-action#422\u003c/a\u003e \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/pull/425\"\u003edocker/setup-buildx-action#425\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/docker/setup-buildx-action/compare/v3.10.0...v3.11.0\"\u003ehttps://github.com/docker/setup-buildx-action/compare/v3.10.0...v3.11.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.10.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBump \u003ccode\u003e@​docker/actions-toolkit\u003c/code\u003e from 0.54.0 to 0.56.0 in \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/pull/408\"\u003edocker/setup-buildx-action#408\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/docker/setup-buildx-action/compare/v3.9.0...v3.10.0\"\u003ehttps://github.com/docker/setup-buildx-action/compare/v3.9.0...v3.10.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.9.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBump \u003ccode\u003e@​docker/actions-toolkit\u003c/code\u003e from 0.48.0 to 0.54.0 in \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/pull/402\"\u003edocker/setup-buildx-action#402\u003c/a\u003e \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/pull/404\"\u003edocker/setup-buildx-action#404\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/docker/setup-buildx-action/compare/v3.8.0...v3.9.0\"\u003ehttps://github.com/docker/setup-buildx-action/compare/v3.8.0...v3.9.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.8.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eMake cloud prefix optional to download buildx if driver is cloud by \u003ca href=\"https://github.com/crazy-max\"\u003e\u003ccode\u003e@​crazy-max\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/pull/390\"\u003edocker/setup-buildx-action#390\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​actions/core\u003c/code\u003e from 1.10.1 to 1.11.1 in \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/pull/370\"\u003edocker/setup-buildx-action#370\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​docker/actions-toolkit\u003c/code\u003e from 0.39.0 to 0.48.0 in \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/pull/389\"\u003edocker/setup-buildx-action#389\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump cross-spawn from 7.0.3 to 7.0.6 in \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/pull/382\"\u003edocker/setup-buildx-action#382\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/docker/setup-buildx-action/compare/v3.7.1...v3.8.0\"\u003ehttps://github.com/docker/setup-buildx-action/compare/v3.7.1...v3.8.0\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/setup-buildx-action/commit/4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd\"\u003e\u003ccode\u003e4d04d5d\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/issues/485\"\u003e#485\u003c/a\u003e from docker/dependabot/npm_and_yarn/docker/actions-to...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/setup-buildx-action/commit/cd74e05d9bae4eeec789f90ba15dc6fb4b60ae5d\"\u003e\u003ccode\u003ecd74e05\u003c/code\u003e\u003c/a\u003e chore: update generated content\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/setup-buildx-action/commit/eee38ec7b3ed034ee896d3e212e5d11c04562b84\"\u003e\u003ccode\u003eeee38ec\u003c/code\u003e\u003c/a\u003e build(deps): bump \u003ccode\u003e@​docker/actions-toolkit\u003c/code\u003e from 0.77.0 to 0.79.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/setup-buildx-action/commit/7a83f65b5a215b3c81b210dafdc20362bd2b4e24\"\u003e\u003ccode\u003e7a83f65\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/issues/484\"\u003e#484\u003c/a\u003e from docker/dependabot/github_actions/docker/setup-qe...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/setup-buildx-action/commit/a5aa96747d67f62520b42af91aeb306e7374b327\"\u003e\u003ccode\u003ea5aa967\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/issues/464\"\u003e#464\u003c/a\u003e from crazy-max/rm-deprecated\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/setup-buildx-action/commit/e73d53fa4ed86ff46faaf2b13a228d6e93c51af3\"\u003e\u003ccode\u003ee73d53f\u003c/code\u003e\u003c/a\u003e build(deps): bump docker/setup-qemu-action from 3 to 4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/setup-buildx-action/commit/28a438e9ed9ef7ae2ebd0bf839039005c9501312\"\u003e\u003ccode\u003e28a438e\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/docker/setup-buildx-action/issues/483\"\u003e#483\u003c/a\u003e from crazy-max/node24\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/setup-buildx-action/commit/034e9d37dd436b56b0167bea5a11ab731413e8cf\"\u003e\u003ccode\u003e034e9d3\u003c/code\u003e\u003c/a\u003e chore: update generated content\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/setup-buildx-action/commit/b4664d8fd0ba15ff14560ab001737c666076d5be\"\u003e\u003ccode\u003eb4664d8\u003c/code\u003e\u003c/a\u003e remove deprecated inputs/outputs\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/setup-buildx-action/commit/a8257dec35f244ad06b4ff6c90fdd2ba97f262ba\"\u003e\u003ccode\u003ea8257de\u003c/code\u003e\u003c/a\u003e node 24 as default runtime\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/docker/setup-buildx-action/compare/v3...v4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `docker/login-action` from 3 to 4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/docker/login-action/releases\"\u003edocker/login-action's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.0.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eNode 24 as default runtime (requires \u003ca href=\"https://github.com/actions/runner/releases/tag/v2.327.1\"\u003eActions Runner v2.327.1\u003c/a\u003e or later) by \u003ca href=\"https://github.com/crazy-max\"\u003e\u003ccode\u003e@​crazy-max\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/docker/login-action/pull/929\"\u003edocker/login-action#929\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSwitch to ESM and update config/test wiring by \u003ca href=\"https://github.com/crazy-max\"\u003e\u003ccode\u003e@​crazy-max\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/docker/login-action/pull/927\"\u003edocker/login-action#927\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​actions/core\u003c/code\u003e from 1.11.1 to 3.0.0 in \u003ca href=\"https://redirect.github.com/docker/login-action/pull/919\"\u003edocker/login-action#919\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​aws-sdk/client-ecr\u003c/code\u003e from 3.890.0 to 3.1000.0 in \u003ca href=\"https://redirect.github.com/docker/login-action/pull/909\"\u003edocker/login-action#909\u003c/a\u003e \u003ca href=\"https://redirect.github.com/docker/login-action/pull/920\"\u003edocker/login-action#920\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​aws-sdk/client-ecr-public\u003c/code\u003e from 3.890.0 to 3.1000.0 in \u003ca href=\"https://redirect.github.com/docker/login-action/pull/909\"\u003edocker/login-action#909\u003c/a\u003e \u003ca href=\"https://redirect.github.com/docker/login-action/pull/920\"\u003edocker/login-action#920\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​docker/actions-toolkit\u003c/code\u003e from 0.63.0 to 0.77.0 in \u003ca href=\"https://redirect.github.com/docker/login-action/pull/910\"\u003edocker/login-action#910\u003c/a\u003e \u003ca href=\"https://redirect.github.com/docker/login-action/pull/928\"\u003edocker/login-action#928\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​isaacs/brace-expansion\u003c/code\u003e from 5.0.0 to 5.0.1 in \u003ca href=\"https://redirect.github.com/docker/login-action/pull/921\"\u003edocker/login-action#921\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump js-yaml from 4.1.0 to 4.1.1 in \u003ca href=\"https://redirect.github.com/docker/login-action/pull/901\"\u003edocker/login-action#901\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/docker/login-action/compare/v3.7.0...v4.0.0\"\u003ehttps://github.com/docker/login-action/compare/v3.7.0...v4.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.7.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003escope\u003c/code\u003e input to set scopes for the authentication token by \u003ca href=\"https://github.com/crazy-max\"\u003e\u003ccode\u003e@​crazy-max\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/docker/login-action/pull/912\"\u003edocker/login-action#912\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd support for AWS European Sovereign Cloud ECR by \u003ca href=\"https://github.com/dphi\"\u003e\u003ccode\u003e@​dphi\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/docker/login-action/pull/914\"\u003edocker/login-action#914\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eEnsure passwords are redacted with \u003ccode\u003eregistry-auth\u003c/code\u003e input by \u003ca href=\"https://github.com/crazy-max\"\u003e\u003ccode\u003e@​crazy-max\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/docker/login-action/pull/911\"\u003edocker/login-action#911\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump lodash from 4.17.21 to 4.17.23 in \u003ca href=\"https://redirect.github.com/docker/login-action/pull/915\"\u003edocker/login-action#915\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/docker/login-action/compare/v3.6.0...v3.7.0\"\u003ehttps://github.com/docker/login-action/compare/v3.6.0...v3.7.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.6.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd \u003ccode\u003eregistry-auth\u003c/code\u003e input for raw authentication to registries by \u003ca href=\"https://github.com/crazy-max\"\u003e\u003ccode\u003e@​crazy-max\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/docker/login-action/pull/887\"\u003edocker/login-action#887\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​aws-sdk/client-ecr\u003c/code\u003e to 3.890.0 in \u003ca href=\"https://redirect.github.com/docker/login-action/pull/882\"\u003edocker/login-action#882\u003c/a\u003e \u003ca href=\"https://redirect.github.com/docker/login-action/pull/890\"\u003edocker/login-action#890\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​aws-sdk/client-ecr-public\u003c/code\u003e to 3.890.0 in \u003ca href=\"https://redirect.github.com/docker/login-action/pull/882\"\u003edocker/login-action#882\u003c/a\u003e \u003ca href=\"https://redirect.github.com/docker/login-action/pull/890\"\u003edocker/login-action#890\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​docker/actions-toolkit\u003c/code\u003e from 0.62.1 to 0.63.0 in \u003ca href=\"https://redirect.github.com/docker/login-action/pull/883\"\u003edocker/login-action#883\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump brace-expansion from 1.1.11 to 1.1.12 in \u003ca href=\"https://redirect.github.com/docker/login-action/pull/880\"\u003edocker/login-action#880\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump undici from 5.28.4 to 5.29.0 in \u003ca href=\"https://redirect.github.com/docker/login-action/pull/879\"\u003edocker/login-action#879\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump tmp from 0.2.3 to 0.2.4 in \u003ca href=\"https://redirect.github.com/docker/login-action/pull/881\"\u003edocker/login-action#881\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/docker/login-action/compare/v3.5.0...v3.6.0\"\u003ehttps://github.com/docker/login-action/compare/v3.5.0...v3.6.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.5.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eSupport dual-stack endpoints for AWS ECR by \u003ca href=\"https://github.com/Spacefish\"\u003e\u003ccode\u003e@​Spacefish\u003c/code\u003e\u003c/a\u003e \u003ca href=\"https://github.com/crazy-max\"\u003e\u003ccode\u003e@​crazy-max\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/docker/login-action/pull/874\"\u003edocker/login-action#874\u003c/a\u003e \u003ca href=\"https://redirect.github.com/docker/login-action/pull/876\"\u003edocker/login-action#876\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​aws-sdk/client-ecr\u003c/code\u003e to 3.859.0 in \u003ca href=\"https://redirect.github.com/docker/login-action/pull/860\"\u003edocker/login-action#860\u003c/a\u003e \u003ca href=\"https://redirect.github.com/docker/login-action/pull/878\"\u003edocker/login-action#878\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​aws-sdk/client-ecr-public\u003c/code\u003e to 3.859.0 in \u003ca href=\"https://redirect.github.com/docker/login-action/pull/860\"\u003edocker/login-action#860\u003c/a\u003e \u003ca href=\"https://redirect.github.com/docker/login-action/pull/878\"\u003edocker/login-action#878\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​docker/actions-toolkit\u003c/code\u003e from 0.57.0 to 0.62.1 in \u003ca href=\"https://redirect.github.com/docker/login-action/pull/870\"\u003edocker/login-action#870\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump form-data from 2.5.1 to 2.5.5 in \u003ca href=\"https://redirect.github.com/docker/login-action/pull/875\"\u003edocker/login-action#875\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/docker/login-action/compare/v3.4.0...v3.5.0\"\u003ehttps://github.com/docker/login-action/compare/v3.4.0...v3.5.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.4.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBump \u003ccode\u003e@​actions/core\u003c/code\u003e from 1.10.1 to 1.11.1 in \u003ca href=\"https://redirect.github.com/docker/login-action/pull/791\"\u003edocker/login-action#791\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​aws-sdk/client-ecr\u003c/code\u003e to 3.766.0 in \u003ca href=\"https://redirect.github.com/docker/login-action/pull/789\"\u003edocker/login-action#789\u003c/a\u003e \u003ca href=\"https://redirect.github.com/docker/login-action/pull/856\"\u003edocker/login-action#856\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​aws-sdk/client-ecr-public\u003c/code\u003e to 3.758.0 in \u003ca href=\"https://redirect.github.com/docker/login-action/pull/789\"\u003edocker/login-action#789\u003c/a\u003e \u003ca href=\"https://redirect.github.com/docker/login-action/pull/856\"\u003edocker/login-action#856\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​docker/actions-toolkit\u003c/code\u003e from 0.35.0 to 0.57.0 in \u003ca href=\"https://redirect.github.com/docker/login-action/pull/801\"\u003edocker/login-action#801\u003c/a\u003e \u003ca href=\"https://redirect.github.com/docker/login-action/pull/806\"\u003edocker/login-action#806\u003c/a\u003e \u003ca href=\"https://redirect.github.com/docker/login-action/pull/858\"\u003edocker/login-action#858\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump cross-spawn from 7.0.3 to 7.0.6 in \u003ca href=\"https://redirect.github.com/docker/login-action/pull/814\"\u003edocker/login-action#814\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump https-proxy-agent from 7.0.5 to 7.0.6 in \u003ca href=\"https://redirect.github.com/docker/login-action/pull/823\"\u003edocker/login-action#823\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump path-to-regexp from 6.2.2 to 6.3.0 in \u003ca href=\"https://redirect.github.com/docker/login-action/pull/777\"\u003edocker/login-action#777\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/docker/login-action/compare/v3.3.0...v3.4.0\"\u003ehttps://github.com/docker/login-action/compare/v3.3.0...v3.4.0\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/login-action/commit/4907a6ddec9925e35a0a9e82d7399ccc52663121\"\u003e\u003ccode\u003e4907a6d\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/docker/login-action/issues/930\"\u003e#930\u003c/a\u003e from docker/dependabot/npm_and_yarn/aws-sdk-dependenc...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/login-action/commit/1e233e691a8881d7f35ca7c2d5dfaaed80b39636\"\u003e\u003ccode\u003e1e233e6\u003c/code\u003e\u003c/a\u003e chore: update generated content\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/login-action/commit/6c24ead68057f18c30c808a431f0b85dc25663cb\"\u003e\u003ccode\u003e6c24ead\u003c/code\u003e\u003c/a\u003e build(deps): bump the aws-sdk-dependencies group with 2 updates\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/login-action/commit/ee034d70944e3546349cd24295914f139342f1e6\"\u003e\u003ccode\u003eee034d7\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/docker/login-action/issues/958\"\u003e#958\u003c/a\u003e from docker/dependabot/npm_and_yarn/lodash-4.18.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/login-action/commit/1527209db9734bd2352a2dc1a63d79c9aa5358bb\"\u003e\u003ccode\u003e1527209\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/docker/login-action/issues/937\"\u003e#937\u003c/a\u003e from docker/dependabot/npm_and_yarn/proxy-agent-depen...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/login-action/commit/d39362aba4d72f8d9d93e0962119840690133e1b\"\u003e\u003ccode\u003ed39362a\u003c/code\u003e\u003c/a\u003e build(deps): bump lodash from 4.17.23 to 4.18.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/login-action/commit/a6f092b568105cbb6d9deb7e55e0a4c5c1025fce\"\u003e\u003ccode\u003ea6f092b\u003c/code\u003e\u003c/a\u003e chore: update generated content\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/login-action/commit/60953f0bed2120ec69659d271fe18d34bc069779\"\u003e\u003ccode\u003e60953f0\u003c/code\u003e\u003c/a\u003e build(deps): bump the proxy-agent-dependencies group with 2 updates\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/login-action/commit/62c688590fb4ab6c6e89a217ced0a7b2ddcf1340\"\u003e\u003ccode\u003e62c6885\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/docker/login-action/issues/936\"\u003e#936\u003c/a\u003e from docker/dependabot/npm_and_yarn/docker/actions-to...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/docker/login-action/commit/102c0e672992d2e992c89b6f4808d65a353b5a1a\"\u003e\u003ccode\u003e102c0e6\u003c/code\u003e\u003c/a\u003e chore: update generated content\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/docker/login-action/compare/v3...v4\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `goreleaser/goreleaser-action` from 6 to 7\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/goreleaser/goreleaser-action/releases\"\u003egoreleaser/goreleaser-action's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev7.0.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat!: node 24, update deps, rm yarn, ESM by \u003ca href=\"https://github.com/caarlos0\"\u003e\u003ccode\u003e@​caarlos0\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/goreleaser/goreleaser-action/pull/533\"\u003egoreleaser/goreleaser-action#533\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003esec: pin github action versions by \u003ca href=\"https://github.com/caarlos0\"\u003e\u003ccode\u003e@​caarlos0\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/goreleaser/goreleaser-action/pull/514\"\u003egoreleaser/goreleaser-action#514\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: Upgrade checkout GitHub Action in README.md by \u003ca href=\"https://github.com/dunglas\"\u003e\u003ccode\u003e@​dunglas\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/goreleaser/goreleaser-action/pull/507\"\u003egoreleaser/goreleaser-action#507\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): bump actions/checkout from 4 to 5 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/goreleaser/goreleaser-action/pull/504\"\u003egoreleaser/goreleaser-action#504\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci(deps): bump the actions group with 2 updates by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/goreleaser/goreleaser-action/pull/517\"\u003egoreleaser/goreleaser-action#517\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci(deps): bump the actions group with 2 updates by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/goreleaser/goreleaser-action/pull/523\"\u003egoreleaser/goreleaser-action#523\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci(deps): bump docker/bake-action from 6.9.0 to 6.10.0 in the actions group by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/goreleaser/goreleaser-action/pull/526\"\u003egoreleaser/goreleaser-action#526\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci(deps): bump the actions group across 1 directory with 4 updates by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/goreleaser/goreleaser-action/pull/532\"\u003egoreleaser/goreleaser-action#532\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci(deps): bump actions/checkout from 6.0.1 to 6.0.2 in the actions group by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/goreleaser/goreleaser-action/pull/534\"\u003egoreleaser/goreleaser-action#534\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): bump the npm group across 1 directory with 4 updates by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/goreleaser/goreleaser-action/pull/536\"\u003egoreleaser/goreleaser-action#536\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): bump \u003ccode\u003e@​actions/http-client\u003c/code\u003e from 3.0.2 to 4.0.0 in the npm group by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/goreleaser/goreleaser-action/pull/537\"\u003egoreleaser/goreleaser-action#537\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eci(deps): bump docker/setup-buildx-action from 3.10.0 to 3.12.0 in the actions group by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/goreleaser/goreleaser-action/pull/538\"\u003egoreleaser/goreleaser-action#538\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): bump semver from 7.7.3 to 7.7.4 in the npm group by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/goreleaser/goreleaser-action/pull/539\"\u003egoreleaser/goreleaser-action#539\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/goreleaser/goreleaser-action/compare/v6...v7.0.0\"\u003ehttps://github.com/goreleaser/goreleaser-action/compare/v6...v7.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.4.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eci: set contents read as default workflow permissions by \u003ca href=\"https://github.com/crazy-max\"\u003e\u003ccode\u003e@​crazy-max\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/goreleaser/goreleaser-action/pull/494\"\u003egoreleaser/goreleaser-action#494\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: support .config directory for goreleaser config files  by \u003ca href=\"https://github.com/haya14busa\"\u003e\u003ccode\u003e@​haya14busa\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/goreleaser/goreleaser-action/pull/500\"\u003egoreleaser/goreleaser-action#500\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003echore(deps): bump ...\n\n_Description has been truncated_","html_url":"https://github.com/tsouza/cerberus/pull/103","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/tsouza%2Fcerberus/issues/103","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/103/packages"}},{"old_version":"23.1.0","new_version":"23.2.0","update_type":"minor","path":null,"pr_created_at":"2026-05-12T04:39:13.000Z","version_change":"23.1.0 → 23.2.0","issue":{"uuid":"4426249250","node_id":"PR_kwDONiw8xc7ahhaX","number":86,"state":"closed","title":"Bump DavidAnson/markdownlint-cli2-action from 23.1.0 to 23.2.0","user":"dependabot[bot]","labels":["dependencies","github_actions"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":"2026-05-12T04:39:31.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-12T04:39:13.000Z","updated_at":"2026-05-12T04:39:45.000Z","time_to_close":18,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"DavidAnson/markdownlint-cli2-action","old_version":"23.1.0","new_version":"23.2.0","repository_url":"https://github.com/davidanson/markdownlint-cli2-action"}],"path":null,"ecosystem":"actions"},"body":"Bumps [DavidAnson/markdownlint-cli2-action](https://github.com/davidanson/markdownlint-cli2-action) from 23.1.0 to 23.2.0.\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/ded1f9488f68a970bc66ea5619e13e9b52e601cd\"\u003e\u003ccode\u003eded1f94\u003c/code\u003e\u003c/a\u003e Update to version 23.2.0.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/dc5dad9f8ba073d9c126e0d851df92a6d37edf73\"\u003e\u003ccode\u003edc5dad9\u003c/code\u003e\u003c/a\u003e Add 10-day cooldown period to Dependabot updates.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/64b1c6ae183a8eb20a1aa3953e30a9dd4d432402\"\u003e\u003ccode\u003e64b1c6a\u003c/code\u003e\u003c/a\u003e Add package-lock.json for reproducible builds (fixes \u003ca href=\"https://redirect.github.com/davidanson/markdownlint-cli2-action/issues/362\"\u003e#362\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/6c62e06b9a7e92ae00b281d5c6794123911021af\"\u003e\u003ccode\u003e6c62e06\u003c/code\u003e\u003c/a\u003e Bump eslint-plugin-n from 17.24.0 to 18.0.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/9b5720cdbb216ebfd0f8ebfcd1b213c83ed1b206\"\u003e\u003ccode\u003e9b5720c\u003c/code\u003e\u003c/a\u003e Bump eslint from 10.2.1 to 10.3.0\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/davidanson/markdownlint-cli2-action/compare/6b51ade7a9e4a75a7ad929842dd298a3804ebe8b...ded1f9488f68a970bc66ea5619e13e9b52e601cd\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=DavidAnson/markdownlint-cli2-action\u0026package-manager=github_actions\u0026previous-version=23.1.0\u0026new-version=23.2.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/gvatsal60/high-level-design-docs/pull/86","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/gvatsal60%2Fhigh-level-design-docs/issues/86","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/86/packages"}},{"old_version":"23.1.0","new_version":"23.2.0","update_type":"minor","path":"the production-dependencies group","pr_created_at":"2026-05-12T01:23:03.000Z","version_change":"23.1.0 → 23.2.0","issue":{"uuid":"4425461501","node_id":"PR_kwDOKPii7c7afAiv","number":531,"state":"open","title":"github-actions (8.3): bump DavidAnson/markdownlint-cli2-action from 23.1.0 to 23.2.0 in the production-dependencies group","user":"dependabot[bot]","labels":["dependencies"],"assignees":["mimmi20"],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-12T01:23:03.000Z","updated_at":"2026-05-12T01:23:20.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"github-actions (8.3)","packages":[{"name":"DavidAnson/markdownlint-cli2-action","old_version":"23.1.0","new_version":"23.2.0","repository_url":"https://github.com/davidanson/markdownlint-cli2-action"}],"path":"the production-dependencies group","ecosystem":"actions"},"body":"Bumps the production-dependencies group with 1 update: [DavidAnson/markdownlint-cli2-action](https://github.com/davidanson/markdownlint-cli2-action).\n\nUpdates `DavidAnson/markdownlint-cli2-action` from 23.1.0 to 23.2.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/ded1f9488f68a970bc66ea5619e13e9b52e601cd\"\u003e\u003ccode\u003eded1f94\u003c/code\u003e\u003c/a\u003e Update to version 23.2.0.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/dc5dad9f8ba073d9c126e0d851df92a6d37edf73\"\u003e\u003ccode\u003edc5dad9\u003c/code\u003e\u003c/a\u003e Add 10-day cooldown period to Dependabot updates.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/64b1c6ae183a8eb20a1aa3953e30a9dd4d432402\"\u003e\u003ccode\u003e64b1c6a\u003c/code\u003e\u003c/a\u003e Add package-lock.json for reproducible builds (fixes \u003ca href=\"https://redirect.github.com/davidanson/markdownlint-cli2-action/issues/362\"\u003e#362\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/6c62e06b9a7e92ae00b281d5c6794123911021af\"\u003e\u003ccode\u003e6c62e06\u003c/code\u003e\u003c/a\u003e Bump eslint-plugin-n from 17.24.0 to 18.0.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/9b5720cdbb216ebfd0f8ebfcd1b213c83ed1b206\"\u003e\u003ccode\u003e9b5720c\u003c/code\u003e\u003c/a\u003e Bump eslint from 10.2.1 to 10.3.0\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/davidanson/markdownlint-cli2-action/compare/v23.1.0...v23.2.0\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=DavidAnson/markdownlint-cli2-action\u0026package-manager=github_actions\u0026previous-version=23.1.0\u0026new-version=23.2.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nYou can trigger a rebase of this PR by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\n\n\n\u003c/details\u003e","html_url":"https://github.com/mimmi20/ci/pull/531","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/mimmi20%2Fci/issues/531","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/531/packages"}},{"old_version":"23.0.0","new_version":"23.2.0","update_type":"minor","path":null,"pr_created_at":"2026-05-12T00:06:23.000Z","version_change":"23.0.0 → 23.2.0","issue":{"uuid":"4425178172","node_id":"PR_kwDOQ280hM7aeGYp","number":9,"state":"open","title":"ci: bump DavidAnson/markdownlint-cli2-action from 23.0.0 to 23.2.0","user":"dependabot[bot]","labels":[],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-12T00:06:23.000Z","updated_at":"2026-05-12T00:06:23.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"ci","packages":[{"name":"DavidAnson/markdownlint-cli2-action","old_version":"23.0.0","new_version":"23.2.0","repository_url":"https://github.com/davidanson/markdownlint-cli2-action"}],"path":null,"ecosystem":"actions"},"body":"Bumps [DavidAnson/markdownlint-cli2-action](https://github.com/davidanson/markdownlint-cli2-action) from 23.0.0 to 23.2.0.\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/ded1f9488f68a970bc66ea5619e13e9b52e601cd\"\u003e\u003ccode\u003eded1f94\u003c/code\u003e\u003c/a\u003e Update to version 23.2.0.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/dc5dad9f8ba073d9c126e0d851df92a6d37edf73\"\u003e\u003ccode\u003edc5dad9\u003c/code\u003e\u003c/a\u003e Add 10-day cooldown period to Dependabot updates.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/64b1c6ae183a8eb20a1aa3953e30a9dd4d432402\"\u003e\u003ccode\u003e64b1c6a\u003c/code\u003e\u003c/a\u003e Add package-lock.json for reproducible builds (fixes \u003ca href=\"https://redirect.github.com/davidanson/markdownlint-cli2-action/issues/362\"\u003e#362\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/6c62e06b9a7e92ae00b281d5c6794123911021af\"\u003e\u003ccode\u003e6c62e06\u003c/code\u003e\u003c/a\u003e Bump eslint-plugin-n from 17.24.0 to 18.0.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/9b5720cdbb216ebfd0f8ebfcd1b213c83ed1b206\"\u003e\u003ccode\u003e9b5720c\u003c/code\u003e\u003c/a\u003e Bump eslint from 10.2.1 to 10.3.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/6b51ade7a9e4a75a7ad929842dd298a3804ebe8b\"\u003e\u003ccode\u003e6b51ade\u003c/code\u003e\u003c/a\u003e Update to version 23.1.0.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/ea6e0dad81a67897db7632a0a41b3a0e7cc03ca3\"\u003e\u003ccode\u003eea6e0da\u003c/code\u003e\u003c/a\u003e Freshen generated index.js file.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/3c4c2c842cd43c2afe7cb5f2ecfe9e1623fa8d14\"\u003e\u003ccode\u003e3c4c2c8\u003c/code\u003e\u003c/a\u003e Bump markdownlint-cli2 from 0.22.0 to 0.22.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/3a933d45e20b54b80131d0335d61186e63e552bd\"\u003e\u003ccode\u003e3a933d4\u003c/code\u003e\u003c/a\u003e Bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/648042e2afed596b673a8b3f8fc8fbfb48b41f43\"\u003e\u003ccode\u003e648042e\u003c/code\u003e\u003c/a\u003e Freshen generated index.js file.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/davidanson/markdownlint-cli2-action/compare/ce4853d43830c74c1753b39f3cf40f71c2031eb9...ded1f9488f68a970bc66ea5619e13e9b52e601cd\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=DavidAnson/markdownlint-cli2-action\u0026package-manager=github_actions\u0026previous-version=23.0.0\u0026new-version=23.2.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/TheBoscoClub/claude-test-skill/pull/9","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/TheBoscoClub%2Fclaude-test-skill/issues/9","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/9/packages"}},{"old_version":"23.1.0","new_version":"23.2.0","update_type":"minor","path":null,"pr_created_at":"2026-05-11T23:39:38.000Z","version_change":"23.1.0 → 23.2.0","issue":{"uuid":"4425070209","node_id":"PR_kwDONjzrUs7adv3U","number":55,"state":"closed","title":"Bump DavidAnson/markdownlint-cli2-action from 23.1.0 to 23.2.0","user":"dependabot[bot]","labels":["dependencies","github_actions"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":"2026-05-11T23:40:46.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-11T23:39:38.000Z","updated_at":"2026-05-11T23:40:47.000Z","time_to_close":68,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"Bump","packages":[{"name":"DavidAnson/markdownlint-cli2-action","old_version":"23.1.0","new_version":"23.2.0","repository_url":"https://github.com/davidanson/markdownlint-cli2-action"}],"path":null,"ecosystem":"actions"},"body":"Bumps [DavidAnson/markdownlint-cli2-action](https://github.com/davidanson/markdownlint-cli2-action) from 23.1.0 to 23.2.0.\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/ded1f9488f68a970bc66ea5619e13e9b52e601cd\"\u003e\u003ccode\u003eded1f94\u003c/code\u003e\u003c/a\u003e Update to version 23.2.0.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/dc5dad9f8ba073d9c126e0d851df92a6d37edf73\"\u003e\u003ccode\u003edc5dad9\u003c/code\u003e\u003c/a\u003e Add 10-day cooldown period to Dependabot updates.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/64b1c6ae183a8eb20a1aa3953e30a9dd4d432402\"\u003e\u003ccode\u003e64b1c6a\u003c/code\u003e\u003c/a\u003e Add package-lock.json for reproducible builds (fixes \u003ca href=\"https://redirect.github.com/davidanson/markdownlint-cli2-action/issues/362\"\u003e#362\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/6c62e06b9a7e92ae00b281d5c6794123911021af\"\u003e\u003ccode\u003e6c62e06\u003c/code\u003e\u003c/a\u003e Bump eslint-plugin-n from 17.24.0 to 18.0.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/9b5720cdbb216ebfd0f8ebfcd1b213c83ed1b206\"\u003e\u003ccode\u003e9b5720c\u003c/code\u003e\u003c/a\u003e Bump eslint from 10.2.1 to 10.3.0\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/davidanson/markdownlint-cli2-action/compare/6b51ade7a9e4a75a7ad929842dd298a3804ebe8b...ded1f9488f68a970bc66ea5619e13e9b52e601cd\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=DavidAnson/markdownlint-cli2-action\u0026package-manager=github_actions\u0026previous-version=23.1.0\u0026new-version=23.2.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/gvatsal60/vscode-ext-customize/pull/55","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/gvatsal60%2Fvscode-ext-customize/issues/55","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/55/packages"}},{"old_version":"23.1.0","new_version":"23.2.0","update_type":"minor","path":null,"pr_created_at":"2026-05-11T23:19:13.000Z","version_change":"23.1.0 → 23.2.0","issue":{"uuid":"4424973263","node_id":"PR_kwDOD6suU87adbIp","number":58,"state":"open","title":"chore(deps): bump DavidAnson/markdownlint-cli2-action from 23.1.0 to 23.2.0","user":"dependabot[bot]","labels":["dependencies","github_actions","ci"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-11T23:19:13.000Z","updated_at":"2026-05-11T23:19:35.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps)","packages":[{"name":"DavidAnson/markdownlint-cli2-action","old_version":"23.1.0","new_version":"23.2.0","repository_url":"https://github.com/davidanson/markdownlint-cli2-action"}],"path":null,"ecosystem":"actions"},"body":"Bumps [DavidAnson/markdownlint-cli2-action](https://github.com/davidanson/markdownlint-cli2-action) from 23.1.0 to 23.2.0.\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/ded1f9488f68a970bc66ea5619e13e9b52e601cd\"\u003e\u003ccode\u003eded1f94\u003c/code\u003e\u003c/a\u003e Update to version 23.2.0.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/dc5dad9f8ba073d9c126e0d851df92a6d37edf73\"\u003e\u003ccode\u003edc5dad9\u003c/code\u003e\u003c/a\u003e Add 10-day cooldown period to Dependabot updates.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/64b1c6ae183a8eb20a1aa3953e30a9dd4d432402\"\u003e\u003ccode\u003e64b1c6a\u003c/code\u003e\u003c/a\u003e Add package-lock.json for reproducible builds (fixes \u003ca href=\"https://redirect.github.com/davidanson/markdownlint-cli2-action/issues/362\"\u003e#362\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/6c62e06b9a7e92ae00b281d5c6794123911021af\"\u003e\u003ccode\u003e6c62e06\u003c/code\u003e\u003c/a\u003e Bump eslint-plugin-n from 17.24.0 to 18.0.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/9b5720cdbb216ebfd0f8ebfcd1b213c83ed1b206\"\u003e\u003ccode\u003e9b5720c\u003c/code\u003e\u003c/a\u003e Bump eslint from 10.2.1 to 10.3.0\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/davidanson/markdownlint-cli2-action/compare/6b51ade7a9e4a75a7ad929842dd298a3804ebe8b...ded1f9488f68a970bc66ea5619e13e9b52e601cd\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=DavidAnson/markdownlint-cli2-action\u0026package-manager=github_actions\u0026previous-version=23.1.0\u0026new-version=23.2.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/pgodschalk/dotfiles/pull/58","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/pgodschalk%2Fdotfiles/issues/58","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/58/packages"}},{"old_version":"23.1.0","new_version":"23.2.0","update_type":"minor","path":null,"pr_created_at":"2026-05-11T19:14:06.000Z","version_change":"23.1.0 → 23.2.0","issue":{"uuid":"4423589137","node_id":"PR_kwDOSPVQFs7aY6hM","number":16,"state":"open","title":"chore(deps)(deps): bump the actions group across 1 directory with 2 updates","user":"dependabot[bot]","labels":["ci","dependencies"],"assignees":[],"locked":false,"comments_count":4,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-11T19:14:06.000Z","updated_at":"2026-05-17T04:05:55.603Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps)(deps): bump","group_name":"actions","update_count":2,"packages":[{"name":"github/codeql-action","old_version":"4.35.2","new_version":"4.35.5","repository_url":"https://github.com/github/codeql-action"},{"name":"DavidAnson/markdownlint-cli2-action","old_version":"23.1.0","new_version":"23.2.0","repository_url":"https://github.com/davidanson/markdownlint-cli2-action"}],"path":null,"ecosystem":"actions"},"body":"Bumps the actions group with 2 updates in the / directory: [github/codeql-action](https://github.com/github/codeql-action) and [DavidAnson/markdownlint-cli2-action](https://github.com/davidanson/markdownlint-cli2-action).\n\nUpdates `github/codeql-action` from 4.35.2 to 4.35.5\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/github/codeql-action/releases\"\u003egithub/codeql-action's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.35.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eWe have improved how the JavaScript bundles for the CodeQL Action are generated to avoid duplication across bundles and reduce the size of the repository by around 70%. This should have no effect on the runtime behaviour of the CodeQL Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3899\"\u003e#3899\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFor performance and accuracy reasons, \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e will now only be enabled on a pull request when diff-informed analysis is also enabled for that run. If diff-informed analysis is unavailable (for example, because the PR diff ranges could not be computed), the action will fall back to a full analysis. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3791\"\u003e#3791\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIf multiple inputs are provided for the GitHub-internal \u003ccode\u003eanalysis-kinds\u003c/code\u003e input, only \u003ccode\u003ecode-scanning\u003c/code\u003e will be enabled. The \u003ccode\u003eanalysis-kinds\u003c/code\u003e input is experimental, for GitHub-internal use only, and may change without notice at any time. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3892\"\u003e#3892\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded an experimental change which, when running a Code Scanning analysis for a PR with \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e enabled, prefers CodeQL CLI versions that have a cached overlay-base database for the configured languages. This speeds up analysis for a repository when there is not yet a cached overlay-base database for the latest CLI version. We expect to roll this change out to everyone in May. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3880\"\u003e#3880\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.35.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.4\"\u003e2.25.4\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3881\"\u003e#3881\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.35.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cem\u003eUpcoming breaking change\u003c/em\u003e: Add a deprecation warning for customers using CodeQL version 2.19.3 and earlier. These versions of CodeQL were discontinued on 9 April 2026 alongside GitHub Enterprise Server 3.15, and will be unsupported by the next minor release of the CodeQL Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3837\"\u003e#3837\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eConfigurations for private registries that use Cloudsmith or GCP OIDC are now accepted. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3850\"\u003e#3850\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBest-effort connection tests for private registries now use \u003ccode\u003eGET\u003c/code\u003e requests instead of \u003ccode\u003eHEAD\u003c/code\u003e for better compatibility with various registry implementations. For NuGet feeds, the test is now always performed against the service index. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3853\"\u003e#3853\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed a bug where two diagnostics produced within the same millisecond could overwrite each other on disk, causing one of them to be lost. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3852\"\u003e#3852\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.3\"\u003e2.25.3\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3865\"\u003e#3865\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/github/codeql-action/blob/main/CHANGELOG.md\"\u003egithub/codeql-action's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eCodeQL Action Changelog\u003c/h1\u003e\n\u003cp\u003eSee the \u003ca href=\"https://github.com/github/codeql-action/releases\"\u003ereleases page\u003c/a\u003e for the relevant changes to the CodeQL CLI and language packs.\u003c/p\u003e\n\u003ch2\u003e[UNRELEASED]\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd support for SHA-256 Git object IDs. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3893\"\u003e#3893\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.5 - 15 May 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eWe have improved how the JavaScript bundles for the CodeQL Action are generated to avoid duplication across bundles and reduce the size of the repository by around 70%. This should have no effect on the runtime behaviour of the CodeQL Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3899\"\u003e#3899\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFor performance and accuracy reasons, \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e will now only be enabled on a pull request when diff-informed analysis is also enabled for that run. If diff-informed analysis is unavailable (for example, because the PR diff ranges could not be computed), the action will fall back to a full analysis. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3791\"\u003e#3791\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eIf multiple inputs are provided for the GitHub-internal \u003ccode\u003eanalysis-kinds\u003c/code\u003e input, only \u003ccode\u003ecode-scanning\u003c/code\u003e will be enabled. The \u003ccode\u003eanalysis-kinds\u003c/code\u003e input is experimental, for GitHub-internal use only, and may change without notice at any time. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3892\"\u003e#3892\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdded an experimental change which, when running a Code Scanning analysis for a PR with \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e enabled, prefers CodeQL CLI versions that have a cached overlay-base database for the configured languages. This speeds up analysis for a repository when there is not yet a cached overlay-base database for the latest CLI version. We expect to roll this change out to everyone in May. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3880\"\u003e#3880\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.4 - 07 May 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.4\"\u003e2.25.4\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3881\"\u003e#3881\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.3 - 01 May 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cem\u003eUpcoming breaking change\u003c/em\u003e: Add a deprecation warning for customers using CodeQL version 2.19.3 and earlier. These versions of CodeQL were discontinued on 9 April 2026 alongside GitHub Enterprise Server 3.15, and will be unsupported by the next minor release of the CodeQL Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3837\"\u003e#3837\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eConfigurations for private registries that use Cloudsmith or GCP OIDC are now accepted. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3850\"\u003e#3850\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBest-effort connection tests for private registries now use \u003ccode\u003eGET\u003c/code\u003e requests instead of \u003ccode\u003eHEAD\u003c/code\u003e for better compatibility with various registry implementations. For NuGet feeds, the test is now always performed against the service index. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3853\"\u003e#3853\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed a bug where two diagnostics produced within the same millisecond could overwrite each other on disk, causing one of them to be lost. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3852\"\u003e#3852\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.3\"\u003e2.25.3\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3865\"\u003e#3865\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.2 - 15 Apr 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eThe undocumented TRAP cache cleanup feature that could be enabled using the \u003ccode\u003eCODEQL_ACTION_CLEANUP_TRAP_CACHES\u003c/code\u003e environment variable is deprecated and will be removed in May 2026. If you are affected by this, we recommend disabling TRAP caching by passing the \u003ccode\u003etrap-caching: false\u003c/code\u003e input to the \u003ccode\u003einit\u003c/code\u003e Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3795\"\u003e#3795\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe Git version 2.36.0 requirement for improved incremental analysis now only applies to repositories that contain submodules. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3789\"\u003e#3789\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePython analysis on GHES no longer extracts the standard library, relying instead on models of the standard library. This should result in significantly faster extraction and analysis times, while the effect on alerts should be minimal. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3794\"\u003e#3794\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed a bug in the validation of OIDC configurations for private registries that was added in CodeQL Action 4.33.0 / 3.33.0. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3807\"\u003e#3807\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.2\"\u003e2.25.2\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3823\"\u003e#3823\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.1 - 27 Mar 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix incorrect minimum required Git version for \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e: it should have been 2.36.0, not 2.11.0. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3781\"\u003e#3781\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.0 - 27 Mar 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReduced the minimum Git version required for \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e from 2.38.0 to 2.11.0. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3767\"\u003e#3767\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.1\"\u003e2.25.1\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3773\"\u003e#3773\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.34.1 - 20 Mar 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDowngrade default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.3\"\u003e2.24.3\u003c/a\u003e due to issues with a small percentage of Actions and JavaScript analyses. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3762\"\u003e#3762\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.34.0 - 20 Mar 2026\u003c/h2\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/9e0d7b8d25671d64c341c19c0152d693099fb5ba\"\u003e\u003ccode\u003e9e0d7b8\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3905\"\u003e#3905\u003c/a\u003e from github/update-v4.35.5-d4b485515\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/6d7d59927c0c7336c1d1247c7e159e79edbf7684\"\u003e\u003ccode\u003e6d7d599\u003c/code\u003e\u003c/a\u003e Add changelog entry for \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3899\"\u003e#3899\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/51f7e38c69d3cd7966375fe0ffff19669f22bd14\"\u003e\u003ccode\u003e51f7e38\u003c/code\u003e\u003c/a\u003e Update changelog for v4.35.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/d4b485515e8531d7071a39d526213eb5b2e74a11\"\u003e\u003ccode\u003ed4b4855\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3899\"\u003e#3899\u003c/a\u003e from github/mbg/esbuild/split\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/127de8117f134e8809c127d53e940b3ffc1db8e9\"\u003e\u003ccode\u003e127de81\u003c/code\u003e\u003c/a\u003e Merge remote-tracking branch 'origin/main' into mbg/esbuild/split\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/7fde13f26ad3f7008e8fe6755cb997b54f7a2f3b\"\u003e\u003ccode\u003e7fde13f\u003c/code\u003e\u003c/a\u003e Use src + basename in header to avoid issues on Windows\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/dfa61e7305ed28b74dcc2c68bd665b36751ad933\"\u003e\u003ccode\u003edfa61e7\u003c/code\u003e\u003c/a\u003e Improve pattern matching and error handling\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/52aafec07347933a26e670390c3f894c5c05e64a\"\u003e\u003ccode\u003e52aafec\u003c/code\u003e\u003c/a\u003e Import and call \u003ccode\u003erunWrapper\u003c/code\u003e normally in \u003ccode\u003eanalyze\u003c/code\u003e tests\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/0d08c01f7874da2f932e4d4e4d42b1c43be88111\"\u003e\u003ccode\u003e0d08c01\u003c/code\u003e\u003c/a\u003e Auto-generate shared bundle\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/14085a675cb6d8cddc805b946cc1d51e3232a204\"\u003e\u003ccode\u003e14085a6\u003c/code\u003e\u003c/a\u003e Auto-generate entry points\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/github/codeql-action/compare/95e58e9a2cdfd71adc6e0353d5c52f41a045d225...9e0d7b8d25671d64c341c19c0152d693099fb5ba\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `DavidAnson/markdownlint-cli2-action` from 23.1.0 to 23.2.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/ded1f9488f68a970bc66ea5619e13e9b52e601cd\"\u003e\u003ccode\u003eded1f94\u003c/code\u003e\u003c/a\u003e Update to version 23.2.0.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/dc5dad9f8ba073d9c126e0d851df92a6d37edf73\"\u003e\u003ccode\u003edc5dad9\u003c/code\u003e\u003c/a\u003e Add 10-day cooldown period to Dependabot updates.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/64b1c6ae183a8eb20a1aa3953e30a9dd4d432402\"\u003e\u003ccode\u003e64b1c6a\u003c/code\u003e\u003c/a\u003e Add package-lock.json for reproducible builds (fixes \u003ca href=\"https://redirect.github.com/davidanson/markdownlint-cli2-action/issues/362\"\u003e#362\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/6c62e06b9a7e92ae00b281d5c6794123911021af\"\u003e\u003ccode\u003e6c62e06\u003c/code\u003e\u003c/a\u003e Bump eslint-plugin-n from 17.24.0 to 18.0.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/9b5720cdbb216ebfd0f8ebfcd1b213c83ed1b206\"\u003e\u003ccode\u003e9b5720c\u003c/code\u003e\u003c/a\u003e Bump eslint from 10.2.1 to 10.3.0\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/davidanson/markdownlint-cli2-action/compare/6b51ade7a9e4a75a7ad929842dd298a3804ebe8b...ded1f9488f68a970bc66ea5619e13e9b52e601cd\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n","html_url":"https://github.com/produtoramaxvision/claude-code-maxvision-orchestration/pull/16","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/produtoramaxvision%2Fclaude-code-maxvision-orchestration/issues/16","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/16/packages"}},{"old_version":"20.0.0","new_version":"23.2.0","update_type":"major","path":null,"pr_created_at":"2026-05-11T06:15:35.000Z","version_change":"20.0.0 → 23.2.0","issue":{"uuid":"4418489291","node_id":"PR_kwDOSaAfVM7aILaD","number":2,"state":"open","title":"chore(deps)(deps): bump the actions group with 16 updates","user":"dependabot[bot]","labels":["ci","security"],"assignees":[],"locked":false,"comments_count":3,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-11T06:15:35.000Z","updated_at":"2026-05-11T06:15:51.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(deps)(deps): bump","group_name":"actions","update_count":16,"packages":[{"name":"actions/checkout","old_version":"4.2.2","new_version":"6.0.2","repository_url":"https://github.com/actions/checkout"},{"name":"github/codeql-action","old_version":"3.27.0","new_version":"4.35.4","repository_url":"https://github.com/github/codeql-action"},{"name":"dependabot/fetch-metadata","old_version":"2.3.0","new_version":"3.1.0","repository_url":"https://github.com/dependabot/fetch-metadata"},{"name":"actions/dependency-review-action","old_version":"4.4.0","new_version":"5.0.0","repository_url":"https://github.com/actions/dependency-review-action"},{"name":"actions/labeler","old_version":"5.0.0","new_version":"6.1.0","repository_url":"https://github.com/actions/labeler"},{"name":"reviewdog/action-actionlint","old_version":"1.65.2","new_version":"1.72.0","repository_url":"https://github.com/reviewdog/action-actionlint"},{"name":"actions/setup-python","old_version":"5.3.0","new_version":"6.2.0","repository_url":"https://github.com/actions/setup-python"},{"name":"DavidAnson/markdownlint-cli2-action","old_version":"20.0.0","new_version":"23.2.0","repository_url":"https://github.com/davidanson/markdownlint-cli2-action"},{"name":"release-drafter/release-drafter","old_version":"6.0.0","new_version":"7.3.0","repository_url":"https://github.com/release-drafter/release-drafter"},{"name":"anchore/sbom-action","old_version":"0.17.6","new_version":"0.24.0","repository_url":"https://github.com/anchore/sbom-action"},{"name":"actions/upload-artifact","old_version":"4.4.3","new_version":"7.0.1","repository_url":"https://github.com/actions/upload-artifact"},{"name":"actions/download-artifact","old_version":"4.1.8","new_version":"8.0.1","repository_url":"https://github.com/actions/download-artifact"},{"name":"sigstore/cosign-installer","old_version":"3.7.0","new_version":"4.1.2","repository_url":"https://github.com/sigstore/cosign-installer"},{"name":"actions/attest-build-provenance","old_version":"1.4.3","new_version":"4.1.0","repository_url":"https://github.com/actions/attest-build-provenance"},{"name":"ossf/scorecard-action","old_version":"2.4.0","new_version":"2.4.3","repository_url":"https://github.com/ossf/scorecard-action"},{"name":"actions/stale","old_version":"9.0.0","new_version":"10.2.0","repository_url":"https://github.com/actions/stale"}],"path":null,"ecosystem":"actions"},"body":"Bumps the actions group with 16 updates:\n\n| Package | From | To |\n| --- | --- | --- |\n| [actions/checkout](https://github.com/actions/checkout) | `4.2.2` | `6.0.2` |\n| [github/codeql-action](https://github.com/github/codeql-action) | `3.27.0` | `4.35.4` |\n| [dependabot/fetch-metadata](https://github.com/dependabot/fetch-metadata) | `2.3.0` | `3.1.0` |\n| [actions/dependency-review-action](https://github.com/actions/dependency-review-action) | `4.4.0` | `5.0.0` |\n| [actions/labeler](https://github.com/actions/labeler) | `5.0.0` | `6.1.0` |\n| [reviewdog/action-actionlint](https://github.com/reviewdog/action-actionlint) | `1.65.2` | `1.72.0` |\n| [actions/setup-python](https://github.com/actions/setup-python) | `5.3.0` | `6.2.0` |\n| [DavidAnson/markdownlint-cli2-action](https://github.com/davidanson/markdownlint-cli2-action) | `20.0.0` | `23.2.0` |\n| [release-drafter/release-drafter](https://github.com/release-drafter/release-drafter) | `6.0.0` | `7.3.0` |\n| [anchore/sbom-action](https://github.com/anchore/sbom-action) | `0.17.6` | `0.24.0` |\n| [actions/upload-artifact](https://github.com/actions/upload-artifact) | `4.4.3` | `7.0.1` |\n| [actions/download-artifact](https://github.com/actions/download-artifact) | `4.1.8` | `8.0.1` |\n| [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) | `3.7.0` | `4.1.2` |\n| [actions/attest-build-provenance](https://github.com/actions/attest-build-provenance) | `1.4.3` | `4.1.0` |\n| [ossf/scorecard-action](https://github.com/ossf/scorecard-action) | `2.4.0` | `2.4.3` |\n| [actions/stale](https://github.com/actions/stale) | `9.0.0` | `10.2.0` |\n\nUpdates `actions/checkout` from 4.2.2 to 6.0.2\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/checkout/releases\"\u003eactions/checkout's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.0.2\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd orchestration_id to git user-agent when ACTIONS_ORCHESTRATION_ID is set by \u003ca href=\"https://github.com/TingluoHuang\"\u003e\u003ccode\u003e@​TingluoHuang\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2355\"\u003eactions/checkout#2355\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFix tag handling: preserve annotations and explicit fetch-tags by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2356\"\u003eactions/checkout#2356\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/checkout/compare/v6.0.1...v6.0.2\"\u003ehttps://github.com/actions/checkout/compare/v6.0.1...v6.0.2\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.0.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate all references from v5 and v4 to v6 by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2314\"\u003eactions/checkout#2314\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd worktree support for persist-credentials includeIf by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2327\"\u003eactions/checkout#2327\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eClarify v6 README by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2328\"\u003eactions/checkout#2328\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/checkout/compare/v6...v6.0.1\"\u003ehttps://github.com/actions/checkout/compare/v6...v6.0.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.0.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate README to include Node.js 24 support details and requirements by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2248\"\u003eactions/checkout#2248\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePersist creds to a separate file by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2286\"\u003eactions/checkout#2286\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ev6-beta by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2298\"\u003eactions/checkout#2298\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eupdate readme/changelog for v6 by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2311\"\u003eactions/checkout#2311\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/checkout/compare/v5.0.0...v6.0.0\"\u003ehttps://github.com/actions/checkout/compare/v5.0.0...v6.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6-beta\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cp\u003eUpdated persist-credentials to store the credentials under \u003ccode\u003e$RUNNER_TEMP\u003c/code\u003e instead of directly in the local git config.\u003c/p\u003e\n\u003cp\u003eThis requires a minimum Actions Runner version of \u003ca href=\"https://github.com/actions/runner/releases/tag/v2.329.0\"\u003ev2.329.0\u003c/a\u003e to access the persisted credentials for \u003ca href=\"https://docs.github.com/en/actions/tutorials/use-containerized-services/create-a-docker-container-action\"\u003eDocker container action\u003c/a\u003e scenarios.\u003c/p\u003e\n\u003ch2\u003ev5.0.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePort v6 cleanup to v5 by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2301\"\u003eactions/checkout#2301\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/checkout/compare/v5...v5.0.1\"\u003ehttps://github.com/actions/checkout/compare/v5...v5.0.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev5.0.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate actions checkout to use node 24 by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2226\"\u003eactions/checkout#2226\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePrepare v5.0.0 release by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2238\"\u003eactions/checkout#2238\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e⚠️ Minimum Compatible Runner Version\u003c/h2\u003e\n\u003cp\u003e\u003cstrong\u003ev2.327.1\u003c/strong\u003e\u003cbr /\u003e\n\u003ca href=\"https://github.com/actions/runner/releases/tag/v2.327.1\"\u003eRelease Notes\u003c/a\u003e\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/checkout/blob/main/CHANGELOG.md\"\u003eactions/checkout's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChangelog\u003c/h1\u003e\n\u003ch2\u003ev6.0.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix tag handling: preserve annotations and explicit fetch-tags by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2356\"\u003eactions/checkout#2356\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.0.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd worktree support for persist-credentials includeIf by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2327\"\u003eactions/checkout#2327\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev6.0.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePersist creds to a separate file by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2286\"\u003eactions/checkout#2286\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate README to include Node.js 24 support details and requirements by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2248\"\u003eactions/checkout#2248\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.0.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePort v6 cleanup to v5 by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2301\"\u003eactions/checkout#2301\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev5.0.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate actions checkout to use node 24 by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2226\"\u003eactions/checkout#2226\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.3.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003ePort v6 cleanup to v4 by \u003ca href=\"https://github.com/ericsciple\"\u003e\u003ccode\u003e@​ericsciple\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2305\"\u003eactions/checkout#2305\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.3.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003edocs: update README.md by \u003ca href=\"https://github.com/motss\"\u003e\u003ccode\u003e@​motss\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1971\"\u003eactions/checkout#1971\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd internal repos for checking out multiple repositories by \u003ca href=\"https://github.com/mouismail\"\u003e\u003ccode\u003e@​mouismail\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1977\"\u003eactions/checkout#1977\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDocumentation update - add recommended permissions to Readme by \u003ca href=\"https://github.com/benwells\"\u003e\u003ccode\u003e@​benwells\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2043\"\u003eactions/checkout#2043\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdjust positioning of user email note and permissions heading by \u003ca href=\"https://github.com/joshmgross\"\u003e\u003ccode\u003e@​joshmgross\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2044\"\u003eactions/checkout#2044\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate README.md by \u003ca href=\"https://github.com/nebuk89\"\u003e\u003ccode\u003e@​nebuk89\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2194\"\u003eactions/checkout#2194\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate CODEOWNERS for actions by \u003ca href=\"https://github.com/TingluoHuang\"\u003e\u003ccode\u003e@​TingluoHuang\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2224\"\u003eactions/checkout#2224\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate package dependencies by \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/2236\"\u003eactions/checkout#2236\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.2.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ccode\u003eurl-helper.ts\u003c/code\u003e now leverages well-known environment variables by \u003ca href=\"https://github.com/jww3\"\u003e\u003ccode\u003e@​jww3\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1941\"\u003eactions/checkout#1941\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eExpand unit test coverage for \u003ccode\u003eisGhes\u003c/code\u003e by \u003ca href=\"https://github.com/jww3\"\u003e\u003ccode\u003e@​jww3\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1946\"\u003eactions/checkout#1946\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.2.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCheck out other refs/* by commit if provided, fall back to ref by \u003ca href=\"https://github.com/orhantoy\"\u003e\u003ccode\u003e@​orhantoy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1924\"\u003eactions/checkout#1924\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.2.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd Ref and Commit outputs by \u003ca href=\"https://github.com/lucacome\"\u003e\u003ccode\u003e@​lucacome\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1180\"\u003eactions/checkout#1180\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDependency updates by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e- \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1777\"\u003eactions/checkout#1777\u003c/a\u003e, \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1872\"\u003eactions/checkout#1872\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.1.7\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eBump the minor-npm-dependencies group across 1 directory with 4 updates by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1739\"\u003eactions/checkout#1739\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump actions/checkout from 3 to 4 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1697\"\u003eactions/checkout#1697\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eCheck out other refs/* by commit by \u003ca href=\"https://github.com/orhantoy\"\u003e\u003ccode\u003e@​orhantoy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1774\"\u003eactions/checkout#1774\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePin actions/checkout's own workflows to a known, good, stable version. by \u003ca href=\"https://github.com/jww3\"\u003e\u003ccode\u003e@​jww3\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1776\"\u003eactions/checkout#1776\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.1.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCheck platform to set archive extension appropriately by \u003ca href=\"https://github.com/cory-miller\"\u003e\u003ccode\u003e@​cory-miller\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/checkout/pull/1732\"\u003eactions/checkout#1732\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/de0fac2e4500dabe0009e67214ff5f5447ce83dd\"\u003e\u003ccode\u003ede0fac2\u003c/code\u003e\u003c/a\u003e Fix tag handling: preserve annotations and explicit fetch-tags (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2356\"\u003e#2356\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/064fe7f3312418007dea2b49a19844a9ee378f49\"\u003e\u003ccode\u003e064fe7f\u003c/code\u003e\u003c/a\u003e Add orchestration_id to git user-agent when ACTIONS_ORCHESTRATION_ID is set (...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/8e8c483db84b4bee98b60c0593521ed34d9990e8\"\u003e\u003ccode\u003e8e8c483\u003c/code\u003e\u003c/a\u003e Clarify v6 README (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2328\"\u003e#2328\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/033fa0dc0b82693d8986f1016a0ec2c5e7d9cbb1\"\u003e\u003ccode\u003e033fa0d\u003c/code\u003e\u003c/a\u003e Add worktree support for persist-credentials includeIf (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2327\"\u003e#2327\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/c2d88d3ecc89a9ef08eebf45d9637801dcee7eb5\"\u003e\u003ccode\u003ec2d88d3\u003c/code\u003e\u003c/a\u003e Update all references from v5 and v4 to v6 (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2314\"\u003e#2314\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/1af3b93b6815bc44a9784bd300feb67ff0d1eeb3\"\u003e\u003ccode\u003e1af3b93\u003c/code\u003e\u003c/a\u003e update readme/changelog for v6 (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2311\"\u003e#2311\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/71cf2267d89c5cb81562390fa70a37fa40b1305e\"\u003e\u003ccode\u003e71cf226\u003c/code\u003e\u003c/a\u003e v6-beta (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2298\"\u003e#2298\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/069c6959146423d11cd0184e6accf28f9d45f06e\"\u003e\u003ccode\u003e069c695\u003c/code\u003e\u003c/a\u003e Persist creds to a separate file (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2286\"\u003e#2286\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/ff7abcd0c3c05ccf6adc123a8cd1fd4fb30fb493\"\u003e\u003ccode\u003eff7abcd\u003c/code\u003e\u003c/a\u003e Update README to include Node.js 24 support details and requirements (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2248\"\u003e#2248\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/checkout/commit/08c6903cd8c0fde910a37f88322edcfb5dd907a8\"\u003e\u003ccode\u003e08c6903\u003c/code\u003e\u003c/a\u003e Prepare v5.0.0 release (\u003ca href=\"https://redirect.github.com/actions/checkout/issues/2238\"\u003e#2238\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/actions/checkout/compare/11bd71901bbe5b1630ceea73d27597364c9af683...de0fac2e4500dabe0009e67214ff5f5447ce83dd\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github/codeql-action` from 3.27.0 to 4.35.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/github/codeql-action/releases\"\u003egithub/codeql-action's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.35.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.4\"\u003e2.25.4\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3881\"\u003e#3881\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.35.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cem\u003eUpcoming breaking change\u003c/em\u003e: Add a deprecation warning for customers using CodeQL version 2.19.3 and earlier. These versions of CodeQL were discontinued on 9 April 2026 alongside GitHub Enterprise Server 3.15, and will be unsupported by the next minor release of the CodeQL Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3837\"\u003e#3837\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eConfigurations for private registries that use Cloudsmith or GCP OIDC are now accepted. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3850\"\u003e#3850\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBest-effort connection tests for private registries now use \u003ccode\u003eGET\u003c/code\u003e requests instead of \u003ccode\u003eHEAD\u003c/code\u003e for better compatibility with various registry implementations. For NuGet feeds, the test is now always performed against the service index. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3853\"\u003e#3853\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed a bug where two diagnostics produced within the same millisecond could overwrite each other on disk, causing one of them to be lost. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3852\"\u003e#3852\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.3\"\u003e2.25.3\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3865\"\u003e#3865\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.35.2\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eThe undocumented TRAP cache cleanup feature that could be enabled using the \u003ccode\u003eCODEQL_ACTION_CLEANUP_TRAP_CACHES\u003c/code\u003e environment variable is deprecated and will be removed in May 2026. If you are affected by this, we recommend disabling TRAP caching by passing the \u003ccode\u003etrap-caching: false\u003c/code\u003e input to the \u003ccode\u003einit\u003c/code\u003e Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3795\"\u003e#3795\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe Git version 2.36.0 requirement for improved incremental analysis now only applies to repositories that contain submodules. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3789\"\u003e#3789\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePython analysis on GHES no longer extracts the standard library, relying instead on models of the standard library. This should result in significantly faster extraction and analysis times, while the effect on alerts should be minimal. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3794\"\u003e#3794\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed a bug in the validation of OIDC configurations for private registries that was added in CodeQL Action 4.33.0 / 3.33.0. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3807\"\u003e#3807\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.2\"\u003e2.25.2\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3823\"\u003e#3823\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.35.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix incorrect minimum required Git version for \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e: it should have been 2.36.0, not 2.11.0. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3781\"\u003e#3781\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.35.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReduced the minimum Git version required for \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e from 2.38.0 to 2.11.0. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3767\"\u003e#3767\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.1\"\u003e2.25.1\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3773\"\u003e#3773\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.34.1\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDowngrade default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.3\"\u003e2.24.3\u003c/a\u003e due to issues with a small percentage of Actions and JavaScript analyses. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3762\"\u003e#3762\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.34.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded an experimental change which disables TRAP caching when \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e is enabled, since improved incremental analysis supersedes TRAP caching. This will improve performance and reduce Actions cache usage. We expect to roll this change out to everyone in March. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3569\"\u003e#3569\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eWe are rolling out improved incremental analysis to C/C++ analyses that use build mode \u003ccode\u003enone\u003c/code\u003e. We expect this rollout to be complete by the end of April 2026. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3584\"\u003e#3584\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.0\"\u003e2.25.0\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3585\"\u003e#3585\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.33.0\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\n\u003cp\u003eUpcoming change: Starting April 2026, the CodeQL Action will skip collecting file coverage information on pull requests to improve analysis performance. File coverage information will still be computed on non-PR analyses. Pull request analyses will log a warning about this upcoming change. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3562\"\u003e#3562\u003c/a\u003e\u003c/p\u003e\n\u003cp\u003eTo opt out of this change:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cstrong\u003eRepositories owned by an organization:\u003c/strong\u003e Create a custom repository property with the name \u003ccode\u003egithub-codeql-file-coverage-on-prs\u003c/code\u003e and the type \u0026quot;True/false\u0026quot;, then set this property to \u003ccode\u003etrue\u003c/code\u003e in the repository's settings. For more information, see \u003ca href=\"https://docs.github.com/en/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization\"\u003eManaging custom properties for repositories in your organization\u003c/a\u003e. Alternatively, if you are using an advanced setup workflow, you can set the \u003ccode\u003eCODEQL_ACTION_FILE_COVERAGE_ON_PRS\u003c/code\u003e environment variable to \u003ccode\u003etrue\u003c/code\u003e in your workflow.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUser-owned repositories using default setup:\u003c/strong\u003e Switch to an advanced setup workflow and set the \u003ccode\u003eCODEQL_ACTION_FILE_COVERAGE_ON_PRS\u003c/code\u003e environment variable to \u003ccode\u003etrue\u003c/code\u003e in your workflow.\u003c/li\u003e\n\u003cli\u003e\u003cstrong\u003eUser-owned repositories using advanced setup:\u003c/strong\u003e Set the \u003ccode\u003eCODEQL_ACTION_FILE_COVERAGE_ON_PRS\u003c/code\u003e environment variable to \u003ccode\u003etrue\u003c/code\u003e in your workflow.\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixed \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3555\"\u003ea bug\u003c/a\u003e which caused the CodeQL Action to fail loading repository properties if a \u0026quot;Multi select\u0026quot; repository property was configured for the repository. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3557\"\u003e#3557\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eThe CodeQL Action now loads \u003ca href=\"https://docs.github.com/en/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization\"\u003ecustom repository properties\u003c/a\u003e on GitHub Enterprise Server, enabling the customization of features such as \u003ccode\u003egithub-codeql-disable-overlay\u003c/code\u003e that was previously only available on GitHub.com. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3559\"\u003e#3559\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eOnce \u003ca href=\"https://docs.github.com/en/code-security/how-tos/secure-at-scale/configure-organization-security/manage-usage-and-access/giving-org-access-private-registries\"\u003eprivate package registries\u003c/a\u003e can be configured with OIDC-based authentication for organizations, the CodeQL Action will now be able to accept such configurations. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3563\"\u003e#3563\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eFixed the retry mechanism for database uploads. Previously this would fail with the error \u0026quot;Response body object should not be disturbed or locked\u0026quot;. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3564\"\u003e#3564\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003cli\u003e\n\u003cp\u003eA warning is now emitted if the CodeQL Action detects a repository property whose name suggests that it relates to the CodeQL Action, but which is not one of the properties recognised by the current version of the CodeQL Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3570\"\u003e#3570\u003c/a\u003e\u003c/p\u003e\n\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.32.6\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.3\"\u003e2.24.3\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3548\"\u003e#3548\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.32.5\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eRepositories owned by an organization can now set up the \u003ccode\u003egithub-codeql-disable-overlay\u003c/code\u003e custom repository property to disable \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis for CodeQL\u003c/a\u003e. First, create a custom repository property with the name \u003ccode\u003egithub-codeql-disable-overlay\u003c/code\u003e and the type \u0026quot;True/false\u0026quot; in the organization's settings. Then in the repository's settings, set this property to \u003ccode\u003etrue\u003c/code\u003e to disable improved incremental analysis. For more information, see \u003ca href=\"https://docs.github.com/en/organizations/managing-organization-settings/managing-custom-properties-for-repositories-in-your-organization\"\u003eManaging custom properties for repositories in your organization\u003c/a\u003e. This feature is not yet available on GitHub Enterprise Server. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3507\"\u003e#3507\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/github/codeql-action/blob/main/CHANGELOG.md\"\u003egithub/codeql-action's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eCodeQL Action Changelog\u003c/h1\u003e\n\u003cp\u003eSee the \u003ca href=\"https://github.com/github/codeql-action/releases\"\u003ereleases page\u003c/a\u003e for the relevant changes to the CodeQL CLI and language packs.\u003c/p\u003e\n\u003ch2\u003e[UNRELEASED]\u003c/h2\u003e\n\u003cp\u003eNo user facing changes.\u003c/p\u003e\n\u003ch2\u003e4.35.4 - 07 May 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.4\"\u003e2.25.4\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3881\"\u003e#3881\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.3 - 01 May 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cem\u003eUpcoming breaking change\u003c/em\u003e: Add a deprecation warning for customers using CodeQL version 2.19.3 and earlier. These versions of CodeQL were discontinued on 9 April 2026 alongside GitHub Enterprise Server 3.15, and will be unsupported by the next minor release of the CodeQL Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3837\"\u003e#3837\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eConfigurations for private registries that use Cloudsmith or GCP OIDC are now accepted. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3850\"\u003e#3850\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBest-effort connection tests for private registries now use \u003ccode\u003eGET\u003c/code\u003e requests instead of \u003ccode\u003eHEAD\u003c/code\u003e for better compatibility with various registry implementations. For NuGet feeds, the test is now always performed against the service index. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3853\"\u003e#3853\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed a bug where two diagnostics produced within the same millisecond could overwrite each other on disk, causing one of them to be lost. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3852\"\u003e#3852\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.3\"\u003e2.25.3\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3865\"\u003e#3865\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.2 - 15 Apr 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eThe undocumented TRAP cache cleanup feature that could be enabled using the \u003ccode\u003eCODEQL_ACTION_CLEANUP_TRAP_CACHES\u003c/code\u003e environment variable is deprecated and will be removed in May 2026. If you are affected by this, we recommend disabling TRAP caching by passing the \u003ccode\u003etrap-caching: false\u003c/code\u003e input to the \u003ccode\u003einit\u003c/code\u003e Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3795\"\u003e#3795\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe Git version 2.36.0 requirement for improved incremental analysis now only applies to repositories that contain submodules. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3789\"\u003e#3789\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePython analysis on GHES no longer extracts the standard library, relying instead on models of the standard library. This should result in significantly faster extraction and analysis times, while the effect on alerts should be minimal. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3794\"\u003e#3794\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed a bug in the validation of OIDC configurations for private registries that was added in CodeQL Action 4.33.0 / 3.33.0. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3807\"\u003e#3807\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.2\"\u003e2.25.2\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3823\"\u003e#3823\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.1 - 27 Mar 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix incorrect minimum required Git version for \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e: it should have been 2.36.0, not 2.11.0. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3781\"\u003e#3781\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.0 - 27 Mar 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReduced the minimum Git version required for \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e from 2.38.0 to 2.11.0. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3767\"\u003e#3767\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.1\"\u003e2.25.1\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3773\"\u003e#3773\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.34.1 - 20 Mar 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDowngrade default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.3\"\u003e2.24.3\u003c/a\u003e due to issues with a small percentage of Actions and JavaScript analyses. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3762\"\u003e#3762\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.34.0 - 20 Mar 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded an experimental change which disables TRAP caching when \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e is enabled, since improved incremental analysis supersedes TRAP caching. This will improve performance and reduce Actions cache usage. We expect to roll this change out to everyone in March. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3569\"\u003e#3569\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eWe are rolling out improved incremental analysis to C/C++ analyses that use build mode \u003ccode\u003enone\u003c/code\u003e. We expect this rollout to be complete by the end of April 2026. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3584\"\u003e#3584\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.0\"\u003e2.25.0\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3585\"\u003e#3585\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.33.0 - 16 Mar 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpcoming change: Starting April 2026, the CodeQL Action will skip collecting file coverage information on pull requests to improve analysis performance. File coverage information will still be computed on non-PR analyses. Pull request analyses will log a warning about this upcoming change. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3562\"\u003e#3562\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/68bde559dea0fdcac2102bfdf6230c5f70eb485e\"\u003e\u003ccode\u003e68bde55\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3885\"\u003e#3885\u003c/a\u003e from github/update-v4.35.4-803d9e8c3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/9739ad2d182c072da0d01a6887f7f39620f71b1e\"\u003e\u003ccode\u003e9739ad2\u003c/code\u003e\u003c/a\u003e Update changelog for v4.35.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/803d9e8c3ca8b0dd2029a1da3b541a18b6bfb076\"\u003e\u003ccode\u003e803d9e8\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3883\"\u003e#3883\u003c/a\u003e from github/mbg/test/macro-wrapper\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/0fd9c7d1358a7404e46ed8165f12262f56bd1434\"\u003e\u003ccode\u003e0fd9c7d\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3882\"\u003e#3882\u003c/a\u003e from github/dependabot/github_actions/dot-github/wor...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/922d6fb888d665134eb982b150b8912dbd48e21a\"\u003e\u003ccode\u003e922d6fb\u003c/code\u003e\u003c/a\u003e Use \u003ccode\u003emakeMacro\u003c/code\u003e instead of \u003ccode\u003etest.macro\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/df77e87896689b5c736433984c5df14d86c63d56\"\u003e\u003ccode\u003edf77e87\u003c/code\u003e\u003c/a\u003e Update test macro snippet\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/6e3f985e4fc409a188c7701b68c4dec158c9ced3\"\u003e\u003ccode\u003e6e3f985\u003c/code\u003e\u003c/a\u003e Add wrapper for \u003ccode\u003etest.macro\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/e7a347dfb1bfb7a858347623fcb4f650effca6b5\"\u003e\u003ccode\u003ee7a347d\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3881\"\u003e#3881\u003c/a\u003e from github/update-bundle/codeql-bundle-v2.25.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/17eabb2500031486a71e00ecbcb72c73804a6c9f\"\u003e\u003ccode\u003e17eabb2\u003c/code\u003e\u003c/a\u003e Rebuild\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/aaef09c48db2dd7f0100363de1785963a34cd706\"\u003e\u003ccode\u003eaaef09c\u003c/code\u003e\u003c/a\u003e Bump ruby/setup-ruby\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/github/codeql-action/compare/662472033e021d55d94146f66f6058822b0b39fd...68bde559dea0fdcac2102bfdf6230c5f70eb485e\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `dependabot/fetch-metadata` from 2.3.0 to 3.1.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/dependabot/fetch-metadata/releases\"\u003edependabot/fetch-metadata's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev3.1.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd permissions to all workflows by \u003ca href=\"https://github.com/truggeri\"\u003e\u003ccode\u003e@​truggeri\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/687\"\u003edependabot/fetch-metadata#687\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump globals from 16.0.0 to 17.4.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/690\"\u003edependabot/fetch-metadata#690\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump esbuild from 0.27.4 to 0.28.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/693\"\u003edependabot/fetch-metadata#693\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump \u003ccode\u003e@​hono/node-server\u003c/code\u003e from 1.19.10 to 1.19.13 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/694\"\u003edependabot/fetch-metadata#694\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump hono from 4.12.7 to 4.12.12 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/695\"\u003edependabot/fetch-metadata#695\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eDynamically update the tracking tag in action by \u003ca href=\"https://github.com/truggeri\"\u003e\u003ccode\u003e@​truggeri\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/696\"\u003edependabot/fetch-metadata#696\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: handle duplicate dependency names in parseMetadataLinks by \u003ca href=\"https://github.com/devantler\"\u003e\u003ccode\u003e@​devantler\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/700\"\u003edependabot/fetch-metadata#700\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: remove $ anchor from updateFragment regex to handle pip directory suffixes by \u003ca href=\"https://github.com/devantler\"\u003e\u003ccode\u003e@​devantler\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/698\"\u003edependabot/fetch-metadata#698\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdates to README for permissions clarification by \u003ca href=\"https://github.com/truggeri\"\u003e\u003ccode\u003e@​truggeri\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/697\"\u003edependabot/fetch-metadata#697\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: resolve update-type null for Python, Composer, and Terraform PRs by \u003ca href=\"https://github.com/vitorsdcs\"\u003e\u003ccode\u003e@​vitorsdcs\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/704\"\u003edependabot/fetch-metadata#704\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump globals from 17.4.0 to 17.5.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/703\"\u003edependabot/fetch-metadata#703\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump actions/create-github-app-token from 3.0.0 to 3.1.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/701\"\u003edependabot/fetch-metadata#701\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps): bump \u003ccode\u003e@​actions/github\u003c/code\u003e from 9.0.0 to 9.1.0 in the dependencies group across 1 directory by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/702\"\u003edependabot/fetch-metadata#702\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ebuild(deps-dev): bump hono from 4.12.12 to 4.12.14 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/705\"\u003edependabot/fetch-metadata#705\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ev3.1.0 by \u003ca href=\"https://github.com/fetch-metadata-action-automation\"\u003e\u003ccode\u003e@​fetch-metadata-action-automation\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/692\"\u003edependabot/fetch-metadata#692\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/devantler\"\u003e\u003ccode\u003e@​devantler\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/700\"\u003edependabot/fetch-metadata#700\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/vitorsdcs\"\u003e\u003ccode\u003e@​vitorsdcs\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/704\"\u003edependabot/fetch-metadata#704\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/dependabot/fetch-metadata/compare/v3...v3.1.0\"\u003ehttps://github.com/dependabot/fetch-metadata/compare/v3...v3.1.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev3.0.0\u003c/h2\u003e\n\u003cp\u003eThe breaking change is requiring Node.js version v24 as the Actions runtime.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efeat: Parse versions from metadata links by \u003ca href=\"https://github.com/ppkarwasz\"\u003e\u003ccode\u003e@​ppkarwasz\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/632\"\u003edependabot/fetch-metadata#632\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade actions core and actions github packages by \u003ca href=\"https://github.com/truggeri\"\u003e\u003ccode\u003e@​truggeri\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/649\"\u003edependabot/fetch-metadata#649\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: Add notes for using \u003ccode\u003ealert-lookup\u003c/code\u003e with App Token by \u003ca href=\"https://github.com/sue445\"\u003e\u003ccode\u003e@​sue445\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/656\"\u003edependabot/fetch-metadata#656\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efeat!: update Node.js version to v24 by \u003ca href=\"https://github.com/sturman\"\u003e\u003ccode\u003e@​sturman\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/671\"\u003edependabot/fetch-metadata#671\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSwitch build tooling from ncc to esbuild by \u003ca href=\"https://github.com/truggeri\"\u003e\u003ccode\u003e@​truggeri\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/676\"\u003edependabot/fetch-metadata#676\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd --legal-comments=none to esbuild build commands by \u003ca href=\"https://github.com/jeffwidman\"\u003e\u003ccode\u003e@​jeffwidman\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/679\"\u003edependabot/fetch-metadata#679\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump tsconfig target from es2022 to es2024 by \u003ca href=\"https://github.com/jeffwidman\"\u003e\u003ccode\u003e@​jeffwidman\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/680\"\u003edependabot/fetch-metadata#680\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemove vestigial outDir from tsconfig.json by \u003ca href=\"https://github.com/jeffwidman\"\u003e\u003ccode\u003e@​jeffwidman\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/681\"\u003edependabot/fetch-metadata#681\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSwitch tsconfig module resolution to bundler by \u003ca href=\"https://github.com/jeffwidman\"\u003e\u003ccode\u003e@​jeffwidman\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/682\"\u003edependabot/fetch-metadata#682\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eRemove skipLibCheck from tsconfig.json by \u003ca href=\"https://github.com/jeffwidman\"\u003e\u003ccode\u003e@​jeffwidman\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/683\"\u003edependabot/fetch-metadata#683\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eAdd typecheck step to CI by \u003ca href=\"https://github.com/jeffwidman\"\u003e\u003ccode\u003e@​jeffwidman\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/685\"\u003edependabot/fetch-metadata#685\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eEnable noImplicitAny in tsconfig.json by \u003ca href=\"https://github.com/jeffwidman\"\u003e\u003ccode\u003e@​jeffwidman\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/684\"\u003edependabot/fetch-metadata#684\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade \u003ccode\u003e@​actions/core\u003c/code\u003e to ^3.0.0 by \u003ca href=\"https://github.com/truggeri\"\u003e\u003ccode\u003e@​truggeri\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/677\"\u003edependabot/fetch-metadata#677\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade \u003ccode\u003e@​actions/github\u003c/code\u003e to ^9.0.0 and \u003ccode\u003e@​octokit/request-error\u003c/code\u003e to ^7.1.0 by \u003ca href=\"https://github.com/truggeri\"\u003e\u003ccode\u003e@​truggeri\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/678\"\u003edependabot/fetch-metadata#678\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump qs from 6.14.0 to 6.14.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/651\"\u003edependabot/fetch-metadata#651\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump hono from 4.11.1 to 4.11.4 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/652\"\u003edependabot/fetch-metadata#652\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump hono from 4.11.4 to 4.11.7 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/653\"\u003edependabot/fetch-metadata#653\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump hono from 4.11.7 to 4.12.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/657\"\u003edependabot/fetch-metadata#657\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump qs from 6.14.1 to 6.14.2 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/655\"\u003edependabot/fetch-metadata#655\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​modelcontextprotocol/sdk\u003c/code\u003e from 1.25.1 to 1.26.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/654\"\u003edependabot/fetch-metadata#654\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump \u003ccode\u003e@​hono/node-server\u003c/code\u003e from 1.19.9 to 1.19.10 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/665\"\u003edependabot/fetch-metadata#665\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump hono from 4.12.2 to 4.12.5 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/pull/664\"\u003edependabot/fetch-metadata#664\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dependabot/fetch-metadata/commit/25dd0e34f4fe68f24cc83900b1fe3fe149efef98\"\u003e\u003ccode\u003e25dd0e3\u003c/code\u003e\u003c/a\u003e v3.1.0 (\u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/issues/692\"\u003e#692\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dependabot/fetch-metadata/commit/e073f50d732cb48d48fb80afedb4fa61361626e9\"\u003e\u003ccode\u003ee073f50\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/issues/705\"\u003e#705\u003c/a\u003e from dependabot/dependabot/npm_and_yarn/hono-4.12.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dependabot/fetch-metadata/commit/0670e167df1fbee1b0d07121de6a182ddebdd674\"\u003e\u003ccode\u003e0670e16\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump hono from 4.12.12 to 4.12.14\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dependabot/fetch-metadata/commit/7a7fe10a42310e65df80af6c771e9aa5d59842d1\"\u003e\u003ccode\u003e7a7fe10\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/issues/702\"\u003e#702\u003c/a\u003e from dependabot/dependabot/npm_and_yarn/dependencies-...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dependabot/fetch-metadata/commit/5168191cea3d4daa635bff6c796b4f0faeba522d\"\u003e\u003ccode\u003e5168191\u003c/code\u003e\u003c/a\u003e Updating dist build\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dependabot/fetch-metadata/commit/23882e175b2f16bc495c89aa50940399c6a17504\"\u003e\u003ccode\u003e23882e1\u003c/code\u003e\u003c/a\u003e build(deps): bump \u003ccode\u003e@​actions/github\u003c/code\u003e in the dependencies group\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dependabot/fetch-metadata/commit/1072469591c13fda1d8dba1d1ac2e80187e247d7\"\u003e\u003ccode\u003e1072469\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/issues/701\"\u003e#701\u003c/a\u003e from dependabot/dependabot/github_actions/actions/cre...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dependabot/fetch-metadata/commit/43f8a0055c8e32587be67e097dff89a6823c9752\"\u003e\u003ccode\u003e43f8a00\u003c/code\u003e\u003c/a\u003e build(deps): bump actions/create-github-app-token from 3.0.0 to 3.1.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dependabot/fetch-metadata/commit/b4d904a50935c8ebe744da148ea8a18a43fe72e1\"\u003e\u003ccode\u003eb4d904a\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/dependabot/fetch-metadata/issues/703\"\u003e#703\u003c/a\u003e from dependabot/dependabot/npm_and_yarn/globals-17.5.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/dependabot/fetch-metadata/commit/c8046bb877d9989cc848797de1b944bc3e93ef82\"\u003e\u003ccode\u003ec8046bb\u003c/code\u003e\u003c/a\u003e build(deps-dev): bump globals from 17.4.0 to 17.5.0\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/dependabot/fetch-metadata/compare/d7267f607e9d3fb96fc2fbe83e0af444713e90b7...25dd0e34f4fe68f24cc83900b1fe3fe149efef98\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `actions/dependency-review-action` from 4.4.0 to 5.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/dependency-review-action/releases\"\u003eactions/dependency-review-action's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.0.0\u003c/h2\u003e\n\u003cp\u003eThis is a new major version of the Dependency Review Action which updates the runtime to node24. This requires a minimum Actions Runner version \u003ca href=\"https://github.com/actions/runner/releases/tag/v2.327.1\"\u003ev2.327.1\u003c/a\u003e to run.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd .github/copilot-instructions.md for Copilot coding agent by \u003ca href=\"https://github.com/ahpook\"\u003e\u003ccode\u003e@​ahpook\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1067\"\u003eactions/dependency-review-action#1067\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate Node.js runtime from 20 to 24 by \u003ca href=\"https://github.com/scottschreckengaust\"\u003e\u003ccode\u003e@​scottschreckengaust\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1084\"\u003eactions/dependency-review-action#1084\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump spdx-license-ids from 3.0.20 to 3.0.23 by \u003ca href=\"https://github.com/mongolyy\"\u003e\u003ccode\u003e@​mongolyy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1091\"\u003eactions/dependency-review-action#1091\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: bump actions/checkout from v4 to v6 in workflow examples by \u003ca href=\"https://github.com/Marukome0743\"\u003e\u003ccode\u003e@​Marukome0743\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1077\"\u003eactions/dependency-review-action#1077\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: patched version display for advisories with non-strict semver ranges (e.g. Maven beta versions) by \u003ca href=\"https://github.com/tspascoal\"\u003e\u003ccode\u003e@​tspascoal\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1076\"\u003eactions/dependency-review-action#1076\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eResolve security findings by \u003ca href=\"https://github.com/AshelyTC\"\u003e\u003ccode\u003e@​AshelyTC\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1094\"\u003eactions/dependency-review-action#1094\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ev5.0.0 release branch by \u003ca href=\"https://github.com/ahpook\"\u003e\u003ccode\u003e@​ahpook\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1098\"\u003eactions/dependency-review-action#1098\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/scottschreckengaust\"\u003e\u003ccode\u003e@​scottschreckengaust\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1084\"\u003eactions/dependency-review-action#1084\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mongolyy\"\u003e\u003ccode\u003e@​mongolyy\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1091\"\u003eactions/dependency-review-action#1091\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Marukome0743\"\u003e\u003ccode\u003e@​Marukome0743\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1077\"\u003eactions/dependency-review-action#1077\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/dependency-review-action/compare/v4.9.0...v5.0.0\"\u003ehttps://github.com/actions/dependency-review-action/compare/v4.9.0...v5.0.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003eDependency Review Action 4.9.0\u003c/h2\u003e\n\u003cp\u003eThis feature release contains a couple of notable changes:\u003c/p\u003e\n\u003cul\u003e\n\u003cli\u003eThere is a new configuration option \u003ccode\u003eshow_patched_versions\u003c/code\u003e which will add a column to the output, showing the fix version of each vulnerable dependency. Thanks \u003ca href=\"https://github.com/felickz\"\u003e\u003ccode\u003e@​felickz\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eRuns which do not display OpenSSF scorecards no longer fetch scorecard information; previously it was fetched regardless of whether or not it was displayed, causing unneccessary slowness. Great catch \u003ca href=\"https://github.com/jantiebot\"\u003e\u003ccode\u003e@​jantiebot\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003cli\u003eThere are a couple of fixes to purl parsing which should improve match accuracy for \u003ccode\u003eallow-package-dependency\u003c/code\u003e lists, including case (in)sensitivity and url-encoded namespaces Thanks \u003ca href=\"https://github.com/juxtin\"\u003e\u003ccode\u003e@​juxtin\u003c/code\u003e\u003c/a\u003e!\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eCompare normalized purls to account for encoding quirks by \u003ca href=\"https://github.com/juxtin\"\u003e\u003ccode\u003e@​juxtin\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1056\"\u003eactions/dependency-review-action#1056\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eMake purl comparisons case insensitive by \u003ca href=\"https://github.com/juxtin\"\u003e\u003ccode\u003e@​juxtin\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1057\"\u003eactions/dependency-review-action#1057\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFeat: Add \u003ccode\u003ePatched Version\u003c/code\u003e to \u003ccode\u003eVulnerabilities\u003c/code\u003e summary by \u003ca href=\"https://github.com/felickz\"\u003e\u003ccode\u003e@​felickz\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1045\"\u003eactions/dependency-review-action#1045\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: only get scorecard levels if user wants to see the OpenSSF scorecard by \u003ca href=\"https://github.com/jantiebot\"\u003e\u003ccode\u003e@​jantiebot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1060\"\u003eactions/dependency-review-action#1060\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump actions/stale from 10.1.0 to 10.2.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1058\"\u003eactions/dependency-review-action#1058\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump actions/checkout from 4 to 6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1021\"\u003eactions/dependency-review-action#1021\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdates for release 4.9.0 by \u003ca href=\"https://github.com/ahpook\"\u003e\u003ccode\u003e@​ahpook\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1064\"\u003eactions/dependency-review-action#1064\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/jantiebot\"\u003e\u003ccode\u003e@​jantiebot\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1060\"\u003eactions/dependency-review-action#1060\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/dependency-review-action/compare/v4.8.3...v4.9.0\"\u003ehttps://github.com/actions/dependency-review-action/compare/v4.8.3...v4.9.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003e4.8.3\u003c/h2\u003e\n\u003ch2\u003eDependency Review Action v4.8.3\u003c/h2\u003e\n\u003cp\u003eThis is a bugfix release that updates a number of upstream dependencies and includes a fix for the earlier feature that detected oversized summaries and upload them as artifacts, which could occasionally crash the action.\u003c/p\u003e\n\u003cp\u003eWe have also updated the release process to use a long-lived \u003ccode\u003ev4\u003c/code\u003e \u003cstrong\u003ebranch\u003c/strong\u003e for the action, instead of a force-pushed tag, which aligns better with git branching strategies; the change should be transparent to end users.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eGitHub Actions can't push to our protected main by \u003ca href=\"https://github.com/dangoor\"\u003e\u003ccode\u003e@​dangoor\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1017\"\u003eactions/dependency-review-action#1017\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump actions/stale from 9.1.0 to 10.1.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/995\"\u003eactions/dependency-review-action#995\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/a1d282b36b6f3519aa1f3fc636f609c47dddb294\"\u003e\u003ccode\u003ea1d282b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/issues/1098\"\u003e#1098\u003c/a\u003e from actions/ahpook/v5-release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/eb6c199c5a85c7387f1f0b02b3ba5c6364740695\"\u003e\u003ccode\u003eeb6c199\u003c/code\u003e\u003c/a\u003e update examples to show \u003ca href=\"https://github.com/v5\"\u003e\u003ccode\u003e@​v5\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/3943c2c5beaaaf1806eb3758273c203dabcbf89c\"\u003e\u003ccode\u003e3943c2c\u003c/code\u003e\u003c/a\u003e v5.0.0 release branch\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/454943c880b147adbfe7de0cdd3ece1c00882033\"\u003e\u003ccode\u003e454943c\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/issues/1094\"\u003e#1094\u003c/a\u003e from actions/ashelytc/security-findings\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/6d92a1228e9e9db334f02c09f84fe9217d2b4463\"\u003e\u003ccode\u003e6d92a12\u003c/code\u003e\u003c/a\u003e revert \u003ccode\u003e@​typescript-eslint/parser\u003c/code\u003e update\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/a8e5a7e93695b41abf6d1083cd220bee39a720f0\"\u003e\u003ccode\u003ea8e5a7e\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/issues/1076\"\u003e#1076\u003c/a\u003e from tspascoal/fix-version-matching-for-non-string-s...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/b6b7079031ef4ed61656c221988f1f3bcbf35101\"\u003e\u003ccode\u003eb6b7079\u003c/code\u003e\u003c/a\u003e update \u003ccode\u003e@​typescript-eslint/parser\u003c/code\u003e to 8.40.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/821a21dd691f162c4c5c2e9754a344accde9a208\"\u003e\u003ccode\u003e821a21d\u003c/code\u003e\u003c/a\u003e update more dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/05aaaae45cf4c420de012addf2a72e3435ddaa63\"\u003e\u003ccode\u003e05aaaae\u003c/code\u003e\u003c/a\u003e run npm audit fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/55d3e754501fc13c84b95637ce51f135012d41ea\"\u003e\u003ccode\u003e55d3e75\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/issues/1077\"\u003e#1077\u003c/a\u003e from Marukome0743/docs/checkout\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/actions/dependency-review-action/compare/4081bf99e2866ebe428fc0477b69eb4fcda7220a...a1d282b36b6f3519aa1f3fc636f609c47dddb294\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `actions/labeler` from 5.0.0 to 6.1.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/labeler/releases\"\u003eactions/labeler's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.1.0\u003c/h2\u003e\n\u003ch2\u003eEnhancements\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd changed-files-labels-limit and max-files-changed configuration options to cap the number of labels added by \u003ca href=\"https://github.com/bluca\"\u003e\u003ccode\u003e@​bluca\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/labeler/pull/923\"\u003eactions/labeler#923\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eBug Fixes\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eImprove Labeler Action documentation and permission error handling by \u003ca href=\"https://github.com/chiranjib-swain\"\u003e\u003ccode\u003e@​chiranjib-swain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/labeler/pull/897\"\u003eactions/labeler#897\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePreserve manually added labels during workflow runs and refine label synchronization logic by \u003ca href=\"https://github.com/chiranjib-swain\"\u003e\u003ccode\u003e@​chiranjib-swain\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/labeler/pull/917\"\u003eactions/labeler#917\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eDependency Updates\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade brace-expansion from 1.1.11 to 1.1.12 and document breaking changes in v6 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/labeler/pull/877\"\u003eactions/labeler#877\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade minimatch from 10.0.1 to 10.2.3 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/labeler/pull/926\"\u003eactions/labeler#926\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade dependencies (\u003ccode\u003e@​actions/core\u003c/code\u003e, \u003ccode\u003e@​actions/github\u003c/code\u003e, js-yaml, minimatch, \u003ca href=\"https://github.com/typescript-eslint\"\u003e\u003ccode\u003e@​typescript-eslint\u003c/code\u003e\u003c/a\u003e) by \u003ca href=\"https://github.com/Copilot\"\u003e\u003ccode\u003e@​Copilot\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/labeler/pull/934\"\u003eactions/labeler#934\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/chiranjib-swain\"\u003e\u003ccode\u003e@​chiranjib-swain\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/labeler/pull/897\"\u003eactions/labeler#897\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/bluca\"\u003e\u003ccode\u003e@​bluca\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/labeler/pull/923\"\u003eactions/labeler#923\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Copilot\"\u003e\u003ccode\u003e@​Copilot\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/labeler/pull/934\"\u003eactions/labeler#934\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/labeler/compare/v6...v6.1.0\"\u003ehttps://github.com/actions/labeler/compare/v6...v6.1.0\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.0.1\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade publish-action from 0.2.2 to 0.4.0 by \u003ca href=\"https://github.com/aparnajyothi-y\"\u003e\u003ccode\u003e@​aparnajyothi-y\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/labeler/pull/901\"\u003eactions/labeler#901\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/aparnajyothi-y\"\u003e\u003ccode\u003e@​aparnajyothi-y\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/labeler/pull/901\"\u003eactions/labeler#901\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/labeler/compare/v6.0.0...v6.0.1\"\u003ehttps://github.com/actions/labeler/compare/v6.0.0...v6.0.1\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.0.0\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd workflow file for publishing releases to immutable action package by \u003ca href=\"https://github.com/jcambass\"\u003e\u003ccode\u003e@​jcambass\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/labeler/pull/802\"\u003eactions/labeler#802\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eBreaking Changes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade Node.js version to 24 in action and dependencies \u003ca href=\"https://github.com/salmanmkc\"\u003e\u003ccode\u003e@​salmanmkc\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/labeler/pull/891\"\u003eactions/labeler#891\u003c/a\u003e\nMake sure your runner is on version v2.327.1 or later to ensure compatibility with this release. \u003ca href=\"https://github.com/actions/runner/releases/tag/v2.327.1\"\u003eRelease Notes\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch3\u003eDependency Upgrades\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpgrade eslint-config-prettier from 9.0.0 to 9.1.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/labeler/pull/711\"\u003eactions/labeler#711\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade eslint from 8.52.0 to 8.55.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/labeler/pull/720\"\u003eactions/labeler#720\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade \u003ccode\u003e@​types/jest\u003c/code\u003e from 29.5.6 to 29.5.11 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/labeler/pull/719\"\u003eactions/labeler#719\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade \u003ccode\u003e@​types/js-yaml\u003c/code\u003e from 4.0.8 to 4.0.9 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/labeler/pull/718\"\u003eactions/labeler#718\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade \u003ccode\u003e@​typescript-eslint/parser\u003c/code\u003e from 6.9.0 to 6.14.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/labeler/pull/717\"\u003eactions/labeler#717\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade prettier from 3.0.3 to 3.1.1 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/labeler/pull/726\"\u003eactions/labeler#726\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade eslint from 8.55.0 to 8.56.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/labeler/pull/725\"\u003eactions/labeler#725\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade \u003ccode\u003e@​typescript-eslint/parser\u003c/code\u003e from 6.14.0 to 6.19.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/labeler/pull/745\"\u003eactions/labeler#745\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade eslint-plugin-jest from 27.4.3 to 27.6.3 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/labeler/pull/744\"\u003eactions/labeler#744\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade \u003ccode\u003e@​typescript-eslint/eslint-plugin\u003c/code\u003e from 6.9.0 to 6.20.0 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/labeler/pull/750\"\u003eactions/labeler#750\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade prettier from 3.1.1 to 3.2.5 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/labeler/pull/752\"\u003eactions/labeler#752\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpgrade undici from 5.26.5 to 5.28.3 by \u003ca href=\"https://github.com/dependabot\"\u003e\u003ccode\u003e@​dependabot\u003c/code\u003e\u003c/a\u003e[bot] in \u003ca href=\"https://redirect.github.com/actions/labeler/pull/757\"\u003eactions/labeler#757\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/labeler/commit/f27b608878404679385c85cfa523b85ccb86e213\"\u003e\u003ccode\u003ef27b608\u003c/code\u003e\u003c/a\u003e chore: upgrade dependencies (\u003ccode\u003e@​actions/core\u003c/code\u003e, \u003ccode\u003e@​actions/github\u003c/code\u003e, js-yaml, minimat...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/labeler/commit/c5dadc2a45784a4b6adfcd20fea3465da3a5f904\"\u003e\u003ccode\u003ec5dadc2\u003c/code\u003e\u003c/a\u003e Add 'changed-files-labels-limit' and 'max-files-changed' configs to allow cap...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/labeler/commit/e52e4fb63ed5cd0e07abaad9826b2a893ccb921f\"\u003e\u003ccode\u003ee52e4fb\u003c/code\u003e\u003c/a\u003e Bump minimatch from 10.0.1 to 10.2.3 (\u003ca href=\"https://redirect.github.com/actions/labeler/issues/926\"\u003e#926\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/labeler/commit/77a4082b841706ac431479b7e2bb11216ffef250\"\u003e\u003ccode\u003e77a4082\u003c/code\u003e\u003c/a\u003e Fix: Preserve manually added labels during workflow run and refine label sync...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/labeler/commit/25abb3cad4f14b7ac27968a495c37798860a5a1a\"\u003e\u003ccode\u003e25abb3c\u003c/code\u003e\u003c/a\u003e Improve Labeler Action Documentation and Error Handling for Permissions (\u003ca href=\"https://redirect.github.com/actions/labeler/issues/897\"\u003e#897\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/labeler/commit/395c8cfdb1e1e691cc4bad0dd315820af8eb67fd\"\u003e\u003ccode\u003e395c8cf\u003c/code\u003e\u003c/a\u003e Bump brace-expansion from 1.1.11 to 1.1.12 and document breaking changes in v...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/labeler/commit/634933edcd8ababfe52f92936142cc22ac488b1b\"\u003e\u003ccode\u003e634933e\u003c/code\u003e\u003c/a\u003e publish-action upgrade to 0.4.0 from 0.2.2 (\u003ca href=\"https://redirect.github.com/actions/labeler/issues/901\"\u003e#901\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/labeler/commit/f1a63e87db0c6baf19c5713083f8d00d789ca184\"\u003e\u003ccode\u003ef1a63e8\u003c/code\u003e\u003c/a\u003e Update Node.js version to 24 in action and dependencies (\u003ca href=\"https://redirect.github.com/actions/labeler/issues/891\"\u003e#891\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/labeler/commit/b0a1180683c9f17424de4d71c044bea4c7b9bc7c\"\u003e\u003ccode\u003eb0a1180\u003c/code\u003e\u003c/a\u003e Bump \u003ccode\u003e@​octokit/request-error\u003c/code\u003e from...\n\n_Description has been truncated_","html_url":"https://github.com/arananet/foveal-forge/pull/2","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/arananet%2Ffoveal-forge/issues/2","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/2/packages"}},{"old_version":"23.0.0","new_version":"23.1.0","update_type":"minor","path":null,"pr_created_at":"2026-05-11T05:52:55.000Z","version_change":"23.0.0 → 23.1.0","issue":{"uuid":"4418386673","node_id":"PR_kwDOQFVQU87aH2mJ","number":180,"state":"open","title":"chore: bump the actions group across 1 directory with 2 updates","user":"dependabot[bot]","labels":["dependencies","github_actions"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-11T05:52:55.000Z","updated_at":"2026-05-11T06:47:08.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore: bump","group_name":"actions","update_count":2,"packages":[{"name":"DavidAnson/markdownlint-cli2-action","old_version":"23.0.0","new_version":"23.1.0","repository_url":"https://github.com/davidanson/markdownlint-cli2-action"},{"name":"crate-ci/typos","old_version":"1.45.2","new_version":"1.46.0","repository_url":"https://github.com/crate-ci/typos"}],"path":null,"ecosystem":"actions"},"body":"Bumps the actions group with 2 updates in the / directory: [DavidAnson/markdownlint-cli2-action](https://github.com/davidanson/markdownlint-cli2-action) and [crate-ci/typos](https://github.com/crate-ci/typos).\n\nUpdates `DavidAnson/markdownlint-cli2-action` from 23.0.0 to 23.1.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/6b51ade7a9e4a75a7ad929842dd298a3804ebe8b\"\u003e\u003ccode\u003e6b51ade\u003c/code\u003e\u003c/a\u003e Update to version 23.1.0.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/ea6e0dad81a67897db7632a0a41b3a0e7cc03ca3\"\u003e\u003ccode\u003eea6e0da\u003c/code\u003e\u003c/a\u003e Freshen generated index.js file.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/3c4c2c842cd43c2afe7cb5f2ecfe9e1623fa8d14\"\u003e\u003ccode\u003e3c4c2c8\u003c/code\u003e\u003c/a\u003e Bump markdownlint-cli2 from 0.22.0 to 0.22.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/3a933d45e20b54b80131d0335d61186e63e552bd\"\u003e\u003ccode\u003e3a933d4\u003c/code\u003e\u003c/a\u003e Bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/648042e2afed596b673a8b3f8fc8fbfb48b41f43\"\u003e\u003ccode\u003e648042e\u003c/code\u003e\u003c/a\u003e Freshen generated index.js file.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/d1cf9823136435fde87731435bcd66fefea442e7\"\u003e\u003ccode\u003ed1cf982\u003c/code\u003e\u003c/a\u003e Bump eslint from 10.2.0 to 10.2.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/4db3dfc2cb719a5a152cb38efef6e2e50db98973\"\u003e\u003ccode\u003e4db3dfc\u003c/code\u003e\u003c/a\u003e Bump eslint from 10.1.0 to 10.2.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/70dbff992f5cf6124a6fc5bb4b56aef6f8daa232\"\u003e\u003ccode\u003e70dbff9\u003c/code\u003e\u003c/a\u003e Bump eslint-plugin-unicorn from 63.0.0 to 64.0.0\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/davidanson/markdownlint-cli2-action/compare/ce4853d43830c74c1753b39f3cf40f71c2031eb9...6b51ade7a9e4a75a7ad929842dd298a3804ebe8b\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `crate-ci/typos` from 1.45.2 to 1.46.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/crate-ci/typos/releases\"\u003ecrate-ci/typos's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev1.46.0\u003c/h2\u003e\n\u003ch2\u003e[1.46.0] - 2026-04-30\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated the dictionary with the \u003ca href=\"https://redirect.github.com/crate-ci/typos/issues/1531\"\u003eApril 2026\u003c/a\u003e changes\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/crate-ci/typos/blob/master/CHANGELOG.md\"\u003ecrate-ci/typos's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eChange Log\u003c/h1\u003e\n\u003cp\u003eAll notable changes to this project will be documented in this file.\u003c/p\u003e\n\u003cp\u003eThe format is based on \u003ca href=\"https://keepachangelog.com/\"\u003eKeep a Changelog\u003c/a\u003e\nand this project adheres to \u003ca href=\"https://semver.org/\"\u003eSemantic Versioning\u003c/a\u003e.\u003c/p\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003ch2\u003e[Unreleased] - ReleaseDate\u003c/h2\u003e\n\u003ch2\u003e[1.46.1] - 2026-05-08\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eDon't correct to \u003ccode\u003econfidentials\u003c/code\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[1.46.0] - 2026-04-30\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated the dictionary with the \u003ca href=\"https://redirect.github.com/crate-ci/typos/issues/1531\"\u003eApril 2026\u003c/a\u003e changes\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[1.45.2] - 2026-04-27\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eIgnore ssh ed25519 public keys\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[1.45.1] - 2026-04-13\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cem\u003e(action)\u003c/em\u003e Use a temp dir for caching\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[1.45.0] - 2026-04-01\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated the dictionary with the \u003ca href=\"https://redirect.github.com/crate-ci/typos/issues/1509\"\u003eMarch 2026\u003c/a\u003e changes\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[1.44.0] - 2026-02-27\u003c/h2\u003e\n\u003ch3\u003eFeatures\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003eUpdated the dictionary with the \u003ca href=\"https://redirect.github.com/crate-ci/typos/issues/1488\"\u003eFebruary 2026\u003c/a\u003e changes\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e[1.43.5] - 2026-02-16\u003c/h2\u003e\n\u003ch3\u003eFixes\u003c/h3\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cem\u003e(pypi)\u003c/em\u003e Hopefully fix the sdist build\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/crate-ci/typos/commit/bbaefadf97b0ec5fdc942684b647f1a6ab250274\"\u003e\u003ccode\u003ebbaefad\u003c/code\u003e\u003c/a\u003e chore: Release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/crate-ci/typos/commit/c19f54c37f6d3dc392c3424e1fd2b932d6bdac33\"\u003e\u003ccode\u003ec19f54c\u003c/code\u003e\u003c/a\u003e chore: Release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/crate-ci/typos/commit/d65608bb75a732976ed0132999033d5ffcbf481b\"\u003e\u003ccode\u003ed65608b\u003c/code\u003e\u003c/a\u003e docs: Update changelog\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/crate-ci/typos/commit/c6f8f5e852706f7e07d37f6671ef423f8b54cda9\"\u003e\u003ccode\u003ec6f8f5e\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/crate-ci/typos/issues/1546\"\u003e#1546\u003c/a\u003e from epage/april\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/crate-ci/typos/commit/da5e97ecb29a853e1a1bb7ad4640b2871803cbb9\"\u003e\u003ccode\u003eda5e97e\u003c/code\u003e\u003c/a\u003e feat(dict): April updates\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/crate-ci/typos/compare/7c572958218557a3272c2d6719629443b5cc26fd...bbaefadf97b0ec5fdc942684b647f1a6ab250274\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n","html_url":"https://github.com/vbvictor/acp/pull/180","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/vbvictor%2Facp/issues/180","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/180/packages"}},{"old_version":"23.0.0","new_version":"23.2.0","update_type":"minor","path":null,"pr_created_at":"2026-05-11T04:46:33.000Z","version_change":"23.0.0 → 23.2.0","issue":{"uuid":"4418132387","node_id":"PR_kwDOQozsCM7aHDYW","number":9,"state":"closed","title":"build(deps): bump the all group across 1 directory with 4 updates","user":"dependabot[bot]","labels":["dependencies","github-actions"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":"2026-05-25T05:16:13.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-11T04:46:33.000Z","updated_at":"2026-05-25T05:16:15.000Z","time_to_close":1211380,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"build(deps): bump","group_name":"all","update_count":4,"packages":[{"name":"pnpm/action-setup","old_version":"6.0.2","new_version":"6.0.6","repository_url":"https://github.com/pnpm/action-setup"},{"name":"github/codeql-action","old_version":"4.35.2","new_version":"4.35.4","repository_url":"https://github.com/github/codeql-action"},{"name":"actions/dependency-review-action","old_version":"4.9.0","new_version":"5.0.0","repository_url":"https://github.com/actions/dependency-review-action"},{"name":"DavidAnson/markdownlint-cli2-action","old_version":"23.0.0","new_version":"23.2.0","repository_url":"https://github.com/davidanson/markdownlint-cli2-action"}],"path":null,"ecosystem":"actions"},"body":"Bumps the all group with 4 updates in the / directory: [pnpm/action-setup](https://github.com/pnpm/action-setup), [github/codeql-action](https://github.com/github/codeql-action), [actions/dependency-review-action](https://github.com/actions/dependency-review-action) and [DavidAnson/markdownlint-cli2-action](https://github.com/davidanson/markdownlint-cli2-action).\n\nUpdates `pnpm/action-setup` from 6.0.2 to 6.0.6\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/pnpm/action-setup/releases\"\u003epnpm/action-setup's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev6.0.6\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: bin_dest output points to self-updated pnpm, not bootstrap by \u003ca href=\"https://github.com/zkochan\"\u003e\u003ccode\u003e@​zkochan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pnpm/action-setup/pull/249\"\u003epnpm/action-setup#249\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pnpm/action-setup/compare/v6.0.5...v6.0.6\"\u003ehttps://github.com/pnpm/action-setup/compare/v6.0.5...v6.0.6\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.0.5\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: append (not prepend) action node dir to PATH for npm bootstrap by \u003ca href=\"https://github.com/zkochan\"\u003e\u003ccode\u003e@​zkochan\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pnpm/action-setup/pull/241\"\u003epnpm/action-setup#241\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pnpm/action-setup/compare/v6.0.4...v6.0.5\"\u003ehttps://github.com/pnpm/action-setup/compare/v6.0.4...v6.0.5\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.0.4\u003c/h2\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003efix: use npm co-located with the action node binary by \u003ca href=\"https://github.com/benquarmby\"\u003e\u003ccode\u003e@​benquarmby\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/pnpm/action-setup/pull/239\"\u003epnpm/action-setup#239\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/benquarmby\"\u003e\u003ccode\u003e@​benquarmby\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/pnpm/action-setup/pull/239\"\u003epnpm/action-setup#239\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pnpm/action-setup/compare/v6.0.3...v6.0.4\"\u003ehttps://github.com/pnpm/action-setup/compare/v6.0.3...v6.0.4\u003c/a\u003e\u003c/p\u003e\n\u003ch2\u003ev6.0.3\u003c/h2\u003e\n\u003cp\u003eUpdated pnpm to v11.0.0-rc.5\u003c/p\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/pnpm/action-setup/compare/v6.0.2...v6.0.3\"\u003ehttps://github.com/pnpm/action-setup/compare/v6.0.2...v6.0.3\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pnpm/action-setup/commit/91ab88e2619ed1f46221f0ba42d1492c02baf788\"\u003e\u003ccode\u003e91ab88e\u003c/code\u003e\u003c/a\u003e fix: bin_dest output points to self-updated pnpm, not bootstrap (\u003ca href=\"https://redirect.github.com/pnpm/action-setup/issues/249\"\u003e#249\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pnpm/action-setup/commit/e578e19d19d31b011b841ba2aca34731a5f706a5\"\u003e\u003ccode\u003ee578e19\u003c/code\u003e\u003c/a\u003e fix: update pnpm to 11.0.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pnpm/action-setup/commit/8912a9102ac27614460f54aedde9e1e7f9aec20d\"\u003e\u003ccode\u003e8912a91\u003c/code\u003e\u003c/a\u003e fix: append (not prepend) action node dir to PATH for npm bootstrap (\u003ca href=\"https://redirect.github.com/pnpm/action-setup/issues/241\"\u003e#241\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pnpm/action-setup/commit/26f6d4f2c533a43e6b5da0b4a5dd983f98f7b49a\"\u003e\u003ccode\u003e26f6d4f\u003c/code\u003e\u003c/a\u003e fix: use npm co-located with the action node binary (\u003ca href=\"https://redirect.github.com/pnpm/action-setup/issues/239\"\u003e#239\u003c/a\u003e)\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pnpm/action-setup/commit/903f9c1a6ebcba6cf41d87230be49611ac97822e\"\u003e\u003ccode\u003e903f9c1\u003c/code\u003e\u003c/a\u003e fix: update pnpm to 11.0.0-rc.5\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/pnpm/action-setup/commit/bdf0af2a9d539c0fd91f655344d2934bfd5a2cdd\"\u003e\u003ccode\u003ebdf0af2\u003c/code\u003e\u003c/a\u003e test: add strict version-match jobs to reproduce \u003ca href=\"https://redirect.github.com/pnpm/action-setup/issues/225\"\u003e#225\u003c/a\u003e / \u003ca href=\"https://redirect.github.com/pnpm/action-setup/issues/227\"\u003e#227\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/pnpm/action-setup/compare/71c92474e7e4f5bca283fb17ef80fba9cdb2b4b1...91ab88e2619ed1f46221f0ba42d1492c02baf788\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `github/codeql-action` from 4.35.2 to 4.35.4\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/github/codeql-action/releases\"\u003egithub/codeql-action's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003ev4.35.4\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.4\"\u003e2.25.4\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3881\"\u003e#3881\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003ev4.35.3\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cem\u003eUpcoming breaking change\u003c/em\u003e: Add a deprecation warning for customers using CodeQL version 2.19.3 and earlier. These versions of CodeQL were discontinued on 9 April 2026 alongside GitHub Enterprise Server 3.15, and will be unsupported by the next minor release of the CodeQL Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3837\"\u003e#3837\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eConfigurations for private registries that use Cloudsmith or GCP OIDC are now accepted. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3850\"\u003e#3850\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBest-effort connection tests for private registries now use \u003ccode\u003eGET\u003c/code\u003e requests instead of \u003ccode\u003eHEAD\u003c/code\u003e for better compatibility with various registry implementations. For NuGet feeds, the test is now always performed against the service index. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3853\"\u003e#3853\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed a bug where two diagnostics produced within the same millisecond could overwrite each other on disk, causing one of them to be lost. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3852\"\u003e#3852\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.3\"\u003e2.25.3\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3865\"\u003e#3865\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eChangelog\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/github/codeql-action/blob/main/CHANGELOG.md\"\u003egithub/codeql-action's changelog\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch1\u003eCodeQL Action Changelog\u003c/h1\u003e\n\u003cp\u003eSee the \u003ca href=\"https://github.com/github/codeql-action/releases\"\u003ereleases page\u003c/a\u003e for the relevant changes to the CodeQL CLI and language packs.\u003c/p\u003e\n\u003ch2\u003e[UNRELEASED]\u003c/h2\u003e\n\u003cp\u003eNo user facing changes.\u003c/p\u003e\n\u003ch2\u003e4.35.4 - 07 May 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.4\"\u003e2.25.4\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3881\"\u003e#3881\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.3 - 01 May 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003cem\u003eUpcoming breaking change\u003c/em\u003e: Add a deprecation warning for customers using CodeQL version 2.19.3 and earlier. These versions of CodeQL were discontinued on 9 April 2026 alongside GitHub Enterprise Server 3.15, and will be unsupported by the next minor release of the CodeQL Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3837\"\u003e#3837\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eConfigurations for private registries that use Cloudsmith or GCP OIDC are now accepted. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3850\"\u003e#3850\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBest-effort connection tests for private registries now use \u003ccode\u003eGET\u003c/code\u003e requests instead of \u003ccode\u003eHEAD\u003c/code\u003e for better compatibility with various registry implementations. For NuGet feeds, the test is now always performed against the service index. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3853\"\u003e#3853\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed a bug where two diagnostics produced within the same millisecond could overwrite each other on disk, causing one of them to be lost. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3852\"\u003e#3852\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.3\"\u003e2.25.3\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3865\"\u003e#3865\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.2 - 15 Apr 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eThe undocumented TRAP cache cleanup feature that could be enabled using the \u003ccode\u003eCODEQL_ACTION_CLEANUP_TRAP_CACHES\u003c/code\u003e environment variable is deprecated and will be removed in May 2026. If you are affected by this, we recommend disabling TRAP caching by passing the \u003ccode\u003etrap-caching: false\u003c/code\u003e input to the \u003ccode\u003einit\u003c/code\u003e Action. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3795\"\u003e#3795\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eThe Git version 2.36.0 requirement for improved incremental analysis now only applies to repositories that contain submodules. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3789\"\u003e#3789\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ePython analysis on GHES no longer extracts the standard library, relying instead on models of the standard library. This should result in significantly faster extraction and analysis times, while the effect on alerts should be minimal. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3794\"\u003e#3794\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eFixed a bug in the validation of OIDC configurations for private registries that was added in CodeQL Action 4.33.0 / 3.33.0. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3807\"\u003e#3807\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.2\"\u003e2.25.2\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3823\"\u003e#3823\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.1 - 27 Mar 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eFix incorrect minimum required Git version for \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e: it should have been 2.36.0, not 2.11.0. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3781\"\u003e#3781\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.35.0 - 27 Mar 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eReduced the minimum Git version required for \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e from 2.38.0 to 2.11.0. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3767\"\u003e#3767\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.1\"\u003e2.25.1\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3773\"\u003e#3773\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.34.1 - 20 Mar 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eDowngrade default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.24.3\"\u003e2.24.3\u003c/a\u003e due to issues with a small percentage of Actions and JavaScript analyses. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3762\"\u003e#3762\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.34.0 - 20 Mar 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdded an experimental change which disables TRAP caching when \u003ca href=\"https://redirect.github.com/github/roadmap/issues/1158\"\u003eimproved incremental analysis\u003c/a\u003e is enabled, since improved incremental analysis supersedes TRAP caching. This will improve performance and reduce Actions cache usage. We expect to roll this change out to everyone in March. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3569\"\u003e#3569\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eWe are rolling out improved incremental analysis to C/C++ analyses that use build mode \u003ccode\u003enone\u003c/code\u003e. We expect this rollout to be complete by the end of April 2026. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3584\"\u003e#3584\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate default CodeQL bundle version to \u003ca href=\"https://github.com/github/codeql-action/releases/tag/codeql-bundle-v2.25.0\"\u003e2.25.0\u003c/a\u003e. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3585\"\u003e#3585\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003e4.33.0 - 16 Mar 2026\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eUpcoming change: Starting April 2026, the CodeQL Action will skip collecting file coverage information on pull requests to improve analysis performance. File coverage information will still be computed on non-PR analyses. Pull request analyses will log a warning about this upcoming change. \u003ca href=\"https://redirect.github.com/github/codeql-action/pull/3562\"\u003e#3562\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c!-- raw HTML omitted --\u003e\n\u003c/blockquote\u003e\n\u003cp\u003e... (truncated)\u003c/p\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/68bde559dea0fdcac2102bfdf6230c5f70eb485e\"\u003e\u003ccode\u003e68bde55\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3885\"\u003e#3885\u003c/a\u003e from github/update-v4.35.4-803d9e8c3\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/9739ad2d182c072da0d01a6887f7f39620f71b1e\"\u003e\u003ccode\u003e9739ad2\u003c/code\u003e\u003c/a\u003e Update changelog for v4.35.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/803d9e8c3ca8b0dd2029a1da3b541a18b6bfb076\"\u003e\u003ccode\u003e803d9e8\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3883\"\u003e#3883\u003c/a\u003e from github/mbg/test/macro-wrapper\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/0fd9c7d1358a7404e46ed8165f12262f56bd1434\"\u003e\u003ccode\u003e0fd9c7d\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3882\"\u003e#3882\u003c/a\u003e from github/dependabot/github_actions/dot-github/wor...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/922d6fb888d665134eb982b150b8912dbd48e21a\"\u003e\u003ccode\u003e922d6fb\u003c/code\u003e\u003c/a\u003e Use \u003ccode\u003emakeMacro\u003c/code\u003e instead of \u003ccode\u003etest.macro\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/df77e87896689b5c736433984c5df14d86c63d56\"\u003e\u003ccode\u003edf77e87\u003c/code\u003e\u003c/a\u003e Update test macro snippet\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/6e3f985e4fc409a188c7701b68c4dec158c9ced3\"\u003e\u003ccode\u003e6e3f985\u003c/code\u003e\u003c/a\u003e Add wrapper for \u003ccode\u003etest.macro\u003c/code\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/e7a347dfb1bfb7a858347623fcb4f650effca6b5\"\u003e\u003ccode\u003ee7a347d\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/github/codeql-action/issues/3881\"\u003e#3881\u003c/a\u003e from github/update-bundle/codeql-bundle-v2.25.4\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/17eabb2500031486a71e00ecbcb72c73804a6c9f\"\u003e\u003ccode\u003e17eabb2\u003c/code\u003e\u003c/a\u003e Rebuild\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/github/codeql-action/commit/aaef09c48db2dd7f0100363de1785963a34cd706\"\u003e\u003ccode\u003eaaef09c\u003c/code\u003e\u003c/a\u003e Bump ruby/setup-ruby\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/github/codeql-action/compare/95e58e9a2cdfd71adc6e0353d5c52f41a045d225...68bde559dea0fdcac2102bfdf6230c5f70eb485e\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `actions/dependency-review-action` from 4.9.0 to 5.0.0\n\u003cdetails\u003e\n\u003csummary\u003eRelease notes\u003c/summary\u003e\n\u003cp\u003e\u003cem\u003eSourced from \u003ca href=\"https://github.com/actions/dependency-review-action/releases\"\u003eactions/dependency-review-action's releases\u003c/a\u003e.\u003c/em\u003e\u003c/p\u003e\n\u003cblockquote\u003e\n\u003ch2\u003e5.0.0\u003c/h2\u003e\n\u003cp\u003eThis is a new major version of the Dependency Review Action which updates the runtime to node24. This requires a minimum Actions Runner version \u003ca href=\"https://github.com/actions/runner/releases/tag/v2.327.1\"\u003ev2.327.1\u003c/a\u003e to run.\u003c/p\u003e\n\u003ch2\u003eWhat's Changed\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003eAdd .github/copilot-instructions.md for Copilot coding agent by \u003ca href=\"https://github.com/ahpook\"\u003e\u003ccode\u003e@​ahpook\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1067\"\u003eactions/dependency-review-action#1067\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eUpdate Node.js runtime from 20 to 24 by \u003ca href=\"https://github.com/scottschreckengaust\"\u003e\u003ccode\u003e@​scottschreckengaust\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1084\"\u003eactions/dependency-review-action#1084\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eBump spdx-license-ids from 3.0.20 to 3.0.23 by \u003ca href=\"https://github.com/mongolyy\"\u003e\u003ccode\u003e@​mongolyy\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1091\"\u003eactions/dependency-review-action#1091\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003edocs: bump actions/checkout from v4 to v6 in workflow examples by \u003ca href=\"https://github.com/Marukome0743\"\u003e\u003ccode\u003e@​Marukome0743\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1077\"\u003eactions/dependency-review-action#1077\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003efix: patched version display for advisories with non-strict semver ranges (e.g. Maven beta versions) by \u003ca href=\"https://github.com/tspascoal\"\u003e\u003ccode\u003e@​tspascoal\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1076\"\u003eactions/dependency-review-action#1076\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003eResolve security findings by \u003ca href=\"https://github.com/AshelyTC\"\u003e\u003ccode\u003e@​AshelyTC\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1094\"\u003eactions/dependency-review-action#1094\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003ev5.0.0 release branch by \u003ca href=\"https://github.com/ahpook\"\u003e\u003ccode\u003e@​ahpook\u003c/code\u003e\u003c/a\u003e in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1098\"\u003eactions/dependency-review-action#1098\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003ch2\u003eNew Contributors\u003c/h2\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/scottschreckengaust\"\u003e\u003ccode\u003e@​scottschreckengaust\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1084\"\u003eactions/dependency-review-action#1084\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/mongolyy\"\u003e\u003ccode\u003e@​mongolyy\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1091\"\u003eactions/dependency-review-action#1091\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/Marukome0743\"\u003e\u003ccode\u003e@​Marukome0743\u003c/code\u003e\u003c/a\u003e made their first contribution in \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/pull/1077\"\u003eactions/dependency-review-action#1077\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003cp\u003e\u003cstrong\u003eFull Changelog\u003c/strong\u003e: \u003ca href=\"https://github.com/actions/dependency-review-action/compare/v4.9.0...v5.0.0\"\u003ehttps://github.com/actions/dependency-review-action/compare/v4.9.0...v5.0.0\u003c/a\u003e\u003c/p\u003e\n\u003c/blockquote\u003e\n\u003c/details\u003e\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/a1d282b36b6f3519aa1f3fc636f609c47dddb294\"\u003e\u003ccode\u003ea1d282b\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/issues/1098\"\u003e#1098\u003c/a\u003e from actions/ahpook/v5-release\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/eb6c199c5a85c7387f1f0b02b3ba5c6364740695\"\u003e\u003ccode\u003eeb6c199\u003c/code\u003e\u003c/a\u003e update examples to show \u003ca href=\"https://github.com/v5\"\u003e\u003ccode\u003e@​v5\u003c/code\u003e\u003c/a\u003e\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/3943c2c5beaaaf1806eb3758273c203dabcbf89c\"\u003e\u003ccode\u003e3943c2c\u003c/code\u003e\u003c/a\u003e v5.0.0 release branch\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/454943c880b147adbfe7de0cdd3ece1c00882033\"\u003e\u003ccode\u003e454943c\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/issues/1094\"\u003e#1094\u003c/a\u003e from actions/ashelytc/security-findings\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/6d92a1228e9e9db334f02c09f84fe9217d2b4463\"\u003e\u003ccode\u003e6d92a12\u003c/code\u003e\u003c/a\u003e revert \u003ccode\u003e@​typescript-eslint/parser\u003c/code\u003e update\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/a8e5a7e93695b41abf6d1083cd220bee39a720f0\"\u003e\u003ccode\u003ea8e5a7e\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/issues/1076\"\u003e#1076\u003c/a\u003e from tspascoal/fix-version-matching-for-non-string-s...\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/b6b7079031ef4ed61656c221988f1f3bcbf35101\"\u003e\u003ccode\u003eb6b7079\u003c/code\u003e\u003c/a\u003e update \u003ccode\u003e@​typescript-eslint/parser\u003c/code\u003e to 8.40.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/821a21dd691f162c4c5c2e9754a344accde9a208\"\u003e\u003ccode\u003e821a21d\u003c/code\u003e\u003c/a\u003e update more dependencies\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/05aaaae45cf4c420de012addf2a72e3435ddaa63\"\u003e\u003ccode\u003e05aaaae\u003c/code\u003e\u003c/a\u003e run npm audit fix\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/actions/dependency-review-action/commit/55d3e754501fc13c84b95637ce51f135012d41ea\"\u003e\u003ccode\u003e55d3e75\u003c/code\u003e\u003c/a\u003e Merge pull request \u003ca href=\"https://redirect.github.com/actions/dependency-review-action/issues/1077\"\u003e#1077\u003c/a\u003e from Marukome0743/docs/checkout\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/actions/dependency-review-action/compare/2031cfc080254a8a887f58cffee85186f0e49e48...a1d282b36b6f3519aa1f3fc636f609c47dddb294\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\nUpdates `DavidAnson/markdownlint-cli2-action` from 23.0.0 to 23.2.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/ded1f9488f68a970bc66ea5619e13e9b52e601cd\"\u003e\u003ccode\u003eded1f94\u003c/code\u003e\u003c/a\u003e Update to version 23.2.0.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/dc5dad9f8ba073d9c126e0d851df92a6d37edf73\"\u003e\u003ccode\u003edc5dad9\u003c/code\u003e\u003c/a\u003e Add 10-day cooldown period to Dependabot updates.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/64b1c6ae183a8eb20a1aa3953e30a9dd4d432402\"\u003e\u003ccode\u003e64b1c6a\u003c/code\u003e\u003c/a\u003e Add package-lock.json for reproducible builds (fixes \u003ca href=\"https://redirect.github.com/davidanson/markdownlint-cli2-action/issues/362\"\u003e#362\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/6c62e06b9a7e92ae00b281d5c6794123911021af\"\u003e\u003ccode\u003e6c62e06\u003c/code\u003e\u003c/a\u003e Bump eslint-plugin-n from 17.24.0 to 18.0.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/9b5720cdbb216ebfd0f8ebfcd1b213c83ed1b206\"\u003e\u003ccode\u003e9b5720c\u003c/code\u003e\u003c/a\u003e Bump eslint from 10.2.1 to 10.3.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/6b51ade7a9e4a75a7ad929842dd298a3804ebe8b\"\u003e\u003ccode\u003e6b51ade\u003c/code\u003e\u003c/a\u003e Update to version 23.1.0.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/ea6e0dad81a67897db7632a0a41b3a0e7cc03ca3\"\u003e\u003ccode\u003eea6e0da\u003c/code\u003e\u003c/a\u003e Freshen generated index.js file.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/3c4c2c842cd43c2afe7cb5f2ecfe9e1623fa8d14\"\u003e\u003ccode\u003e3c4c2c8\u003c/code\u003e\u003c/a\u003e Bump markdownlint-cli2 from 0.22.0 to 0.22.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/3a933d45e20b54b80131d0335d61186e63e552bd\"\u003e\u003ccode\u003e3a933d4\u003c/code\u003e\u003c/a\u003e Bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/648042e2afed596b673a8b3f8fc8fbfb48b41f43\"\u003e\u003ccode\u003e648042e\u003c/code\u003e\u003c/a\u003e Freshen generated index.js file.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/davidanson/markdownlint-cli2-action/compare/ce4853d43830c74c1753b39f3cf40f71c2031eb9...ded1f9488f68a970bc66ea5619e13e9b52e601cd\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\n\n\n\u003c/details\u003e","html_url":"https://github.com/nyuchi/.github/pull/9","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/nyuchi%2F.github/issues/9","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/9/packages"}},{"old_version":"23.1.0","new_version":"23.2.0","update_type":"minor","path":null,"pr_created_at":"2026-05-11T04:33:10.000Z","version_change":"23.1.0 → 23.2.0","issue":{"uuid":"4418085538","node_id":"PR_kwDOOEcEAM7aG558","number":612,"state":"closed","title":"build(deps): bump DavidAnson/markdownlint-cli2-action from 23.1.0 to 23.2.0","user":"dependabot[bot]","labels":["dependencies","github-actions"],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":"2026-05-11T04:38:52.000Z","author_association":null,"state_reason":null,"created_at":"2026-05-11T04:33:10.000Z","updated_at":"2026-05-11T04:38:53.000Z","time_to_close":342,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"build(deps)","packages":[{"name":"DavidAnson/markdownlint-cli2-action","old_version":"23.1.0","new_version":"23.2.0","repository_url":"https://github.com/davidanson/markdownlint-cli2-action"}],"path":null,"ecosystem":"actions"},"body":"Bumps [DavidAnson/markdownlint-cli2-action](https://github.com/davidanson/markdownlint-cli2-action) from 23.1.0 to 23.2.0.\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/ded1f9488f68a970bc66ea5619e13e9b52e601cd\"\u003e\u003ccode\u003eded1f94\u003c/code\u003e\u003c/a\u003e Update to version 23.2.0.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/dc5dad9f8ba073d9c126e0d851df92a6d37edf73\"\u003e\u003ccode\u003edc5dad9\u003c/code\u003e\u003c/a\u003e Add 10-day cooldown period to Dependabot updates.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/64b1c6ae183a8eb20a1aa3953e30a9dd4d432402\"\u003e\u003ccode\u003e64b1c6a\u003c/code\u003e\u003c/a\u003e Add package-lock.json for reproducible builds (fixes \u003ca href=\"https://redirect.github.com/davidanson/markdownlint-cli2-action/issues/362\"\u003e#362\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/6c62e06b9a7e92ae00b281d5c6794123911021af\"\u003e\u003ccode\u003e6c62e06\u003c/code\u003e\u003c/a\u003e Bump eslint-plugin-n from 17.24.0 to 18.0.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/9b5720cdbb216ebfd0f8ebfcd1b213c83ed1b206\"\u003e\u003ccode\u003e9b5720c\u003c/code\u003e\u003c/a\u003e Bump eslint from 10.2.1 to 10.3.0\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/davidanson/markdownlint-cli2-action/compare/6b51ade7a9e4a75a7ad929842dd298a3804ebe8b...ded1f9488f68a970bc66ea5619e13e9b52e601cd\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=DavidAnson/markdownlint-cli2-action\u0026package-manager=github_actions\u0026previous-version=23.1.0\u0026new-version=23.2.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/pamburus/termframe/pull/612","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/pamburus%2Ftermframe/issues/612","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/612/packages"}},{"old_version":"23.0.0","new_version":"23.1.0","update_type":"minor","path":"the actions group","pr_created_at":"2026-05-11T01:27:17.000Z","version_change":"23.0.0 → 23.1.0","issue":{"uuid":"4417461120","node_id":"PR_kwDOSHcGI87aE9dG","number":14,"state":"open","title":"ci(deps): bump DavidAnson/markdownlint-cli2-action from 23.0.0 to 23.1.0 in the actions group","user":"dependabot[bot]","labels":["dependencies","github_actions"],"assignees":[],"locked":false,"comments_count":1,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-11T01:27:17.000Z","updated_at":"2026-05-11T01:28:50.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"ci(deps)","packages":[{"name":"DavidAnson/markdownlint-cli2-action","old_version":"23.0.0","new_version":"23.1.0","repository_url":"https://github.com/davidanson/markdownlint-cli2-action"}],"path":"the actions group","ecosystem":"actions"},"body":"Bumps the actions group with 1 update: [DavidAnson/markdownlint-cli2-action](https://github.com/davidanson/markdownlint-cli2-action).\n\nUpdates `DavidAnson/markdownlint-cli2-action` from 23.0.0 to 23.1.0\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/6b51ade7a9e4a75a7ad929842dd298a3804ebe8b\"\u003e\u003ccode\u003e6b51ade\u003c/code\u003e\u003c/a\u003e Update to version 23.1.0.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/ea6e0dad81a67897db7632a0a41b3a0e7cc03ca3\"\u003e\u003ccode\u003eea6e0da\u003c/code\u003e\u003c/a\u003e Freshen generated index.js file.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/3c4c2c842cd43c2afe7cb5f2ecfe9e1623fa8d14\"\u003e\u003ccode\u003e3c4c2c8\u003c/code\u003e\u003c/a\u003e Bump markdownlint-cli2 from 0.22.0 to 0.22.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/3a933d45e20b54b80131d0335d61186e63e552bd\"\u003e\u003ccode\u003e3a933d4\u003c/code\u003e\u003c/a\u003e Bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/648042e2afed596b673a8b3f8fc8fbfb48b41f43\"\u003e\u003ccode\u003e648042e\u003c/code\u003e\u003c/a\u003e Freshen generated index.js file.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/d1cf9823136435fde87731435bcd66fefea442e7\"\u003e\u003ccode\u003ed1cf982\u003c/code\u003e\u003c/a\u003e Bump eslint from 10.2.0 to 10.2.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/4db3dfc2cb719a5a152cb38efef6e2e50db98973\"\u003e\u003ccode\u003e4db3dfc\u003c/code\u003e\u003c/a\u003e Bump eslint from 10.1.0 to 10.2.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/70dbff992f5cf6124a6fc5bb4b56aef6f8daa232\"\u003e\u003ccode\u003e70dbff9\u003c/code\u003e\u003c/a\u003e Bump eslint-plugin-unicorn from 63.0.0 to 64.0.0\u003c/li\u003e\n\u003cli\u003eSee full diff in \u003ca href=\"https://github.com/davidanson/markdownlint-cli2-action/compare/ce4853d43830c74c1753b39f3cf40f71c2031eb9...6b51ade7a9e4a75a7ad929842dd298a3804ebe8b\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=DavidAnson/markdownlint-cli2-action\u0026package-manager=github_actions\u0026previous-version=23.0.0\u0026new-version=23.1.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore \u003cdependency name\u003e major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)\n- `@dependabot ignore \u003cdependency name\u003e` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)\n- `@dependabot unignore \u003cdependency name\u003e` will remove all of the ignore conditions of the specified dependency\n- `@dependabot unignore \u003cdependency name\u003e \u003cignore condition\u003e` will remove the ignore condition of the specified dependency and ignore conditions\n\n\n\u003c/details\u003e","html_url":"https://github.com/sgerrand/ex_plain/pull/14","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/sgerrand%2Fex_plain/issues/14","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/14/packages"}},{"old_version":"23.0.0","new_version":"23.2.0","update_type":"minor","path":null,"pr_created_at":"2026-05-11T01:17:53.000Z","version_change":"23.0.0 → 23.2.0","issue":{"uuid":"4417429599","node_id":"PR_kwDORYnWis7aE3Hj","number":23,"state":"open","title":"chore(ci): bump DavidAnson/markdownlint-cli2-action from 23.0.0 to 23.2.0","user":"dependabot[bot]","labels":[],"assignees":[],"locked":false,"comments_count":2,"pull_request":true,"closed_at":null,"author_association":null,"state_reason":null,"created_at":"2026-05-11T01:17:53.000Z","updated_at":"2026-05-11T01:20:25.000Z","time_to_close":null,"merged_at":null,"merged_by":null,"closed_by":null,"dependency_metadata":{"prefix":"chore(ci)","packages":[{"name":"DavidAnson/markdownlint-cli2-action","old_version":"23.0.0","new_version":"23.2.0","repository_url":"https://github.com/davidanson/markdownlint-cli2-action"}],"path":null,"ecosystem":"actions"},"body":"Bumps [DavidAnson/markdownlint-cli2-action](https://github.com/davidanson/markdownlint-cli2-action) from 23.0.0 to 23.2.0.\n\u003cdetails\u003e\n\u003csummary\u003eCommits\u003c/summary\u003e\n\u003cul\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/ded1f9488f68a970bc66ea5619e13e9b52e601cd\"\u003e\u003ccode\u003eded1f94\u003c/code\u003e\u003c/a\u003e Update to version 23.2.0.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/dc5dad9f8ba073d9c126e0d851df92a6d37edf73\"\u003e\u003ccode\u003edc5dad9\u003c/code\u003e\u003c/a\u003e Add 10-day cooldown period to Dependabot updates.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/64b1c6ae183a8eb20a1aa3953e30a9dd4d432402\"\u003e\u003ccode\u003e64b1c6a\u003c/code\u003e\u003c/a\u003e Add package-lock.json for reproducible builds (fixes \u003ca href=\"https://redirect.github.com/davidanson/markdownlint-cli2-action/issues/362\"\u003e#362\u003c/a\u003e).\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/6c62e06b9a7e92ae00b281d5c6794123911021af\"\u003e\u003ccode\u003e6c62e06\u003c/code\u003e\u003c/a\u003e Bump eslint-plugin-n from 17.24.0 to 18.0.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/9b5720cdbb216ebfd0f8ebfcd1b213c83ed1b206\"\u003e\u003ccode\u003e9b5720c\u003c/code\u003e\u003c/a\u003e Bump eslint from 10.2.1 to 10.3.0\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/6b51ade7a9e4a75a7ad929842dd298a3804ebe8b\"\u003e\u003ccode\u003e6b51ade\u003c/code\u003e\u003c/a\u003e Update to version 23.1.0.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/ea6e0dad81a67897db7632a0a41b3a0e7cc03ca3\"\u003e\u003ccode\u003eea6e0da\u003c/code\u003e\u003c/a\u003e Freshen generated index.js file.\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/3c4c2c842cd43c2afe7cb5f2ecfe9e1623fa8d14\"\u003e\u003ccode\u003e3c4c2c8\u003c/code\u003e\u003c/a\u003e Bump markdownlint-cli2 from 0.22.0 to 0.22.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/3a933d45e20b54b80131d0335d61186e63e552bd\"\u003e\u003ccode\u003e3a933d4\u003c/code\u003e\u003c/a\u003e Bump \u003ccode\u003e@​actions/core\u003c/code\u003e from 3.0.0 to 3.0.1\u003c/li\u003e\n\u003cli\u003e\u003ca href=\"https://github.com/DavidAnson/markdownlint-cli2-action/commit/648042e2afed596b673a8b3f8fc8fbfb48b41f43\"\u003e\u003ccode\u003e648042e\u003c/code\u003e\u003c/a\u003e Freshen generated index.js file.\u003c/li\u003e\n\u003cli\u003eAdditional commits viewable in \u003ca href=\"https://github.com/davidanson/markdownlint-cli2-action/compare/ce4853d43830c74c1753b39f3cf40f71c2031eb9...ded1f9488f68a970bc66ea5619e13e9b52e601cd\"\u003ecompare view\u003c/a\u003e\u003c/li\u003e\n\u003c/ul\u003e\n\u003c/details\u003e\n\u003cbr /\u003e\n\n\n[![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=DavidAnson/markdownlint-cli2-action\u0026package-manager=github_actions\u0026previous-version=23.0.0\u0026new-version=23.2.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)\n\nDependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`.\n\n[//]: # (dependabot-automerge-start)\n[//]: # (dependabot-automerge-end)\n\n---\n\n\u003cdetails\u003e\n\u003csummary\u003eDependabot commands and options\u003c/summary\u003e\n\u003cbr /\u003e\n\nYou can trigger Dependabot actions by commenting on this PR:\n- `@dependabot rebase` will rebase this PR\n- `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it\n- `@dependabot show \u003cdependency name\u003e ignore conditions` will show all of the ignore conditions of the specified dependency\n- `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)\n- `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)\n\n\n\u003c/details\u003e","html_url":"https://github.com/Musonius-dev/praxis/pull/23","url":"https://dependabot.ecosyste.ms/api/v1/hosts/GitHub/repositories/Musonius-dev%2Fpraxis/issues/23","packages_url":"https://dependabot.ecosyste.ms/api/v1/issues/23/packages"}}]}